webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-23 09:22:59 +02:00
Code Issues Packages Projects Releases Wiki Activity
9,703 Commits 2 Branches 1 Tag
aacab139dc272d9c1b42340100cccb15cd7a302f
Commit Graph

9703 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Tremer
aacab139dc stunnel: Bump release version 
The version on the server seems to be still linked against
the older 0.9.8 series of openssl and needs to be updated
on all systems.

I manually pushed this update for the 2.17 branch on i586.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-02-23 09:43:25 -08:00
Arne Fitzenreiter
829b0ba851 core98: fix typo 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-02-18 04:31:28 +01:00
Arne Fitzenreiter
8c065b268d Merge branch 'core98' of git.ipfire.org:/pub/git/ipfire-2.x into core98 2016-02-17 22:01:56 +01:00
Arne Fitzenreiter
2e51e8607e core98: remove wrong grub.cfg only if it was empty. 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-02-17 21:57:00 +01:00
Arne Fitzenreiter
1ffbca6e4f glibc: disable patches that break build on arm. 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-02-17 18:49:38 +01:00
Arne Fitzenreiter
5a9039f132 core98: new update with glibc security fixes. 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-02-17 14:05:15 +01:00
Arne Fitzenreiter
bb330e25e9 glibc: new RHEL6 patches / fix CVE-2015-7547 and more 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-02-17 12:46:11 +01:00
Arne Fitzenreiter
a439a239bc core97: remove some core98 files from update filelist. 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-01-28 19:29:02 +01:00
Arne Fitzenreiter
7f4c06e7a4 finish core97 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-01-28 16:26:32 +01:00
Arne Fitzenreiter
2f221a50e3 openssl: security update to 1.0.2f 
changes:
* DH small subgroups - CVE-2016-0701
* SSLv2 doesn't block disabled ciphers - CVE-2015-3197
* Reject DH handshakes with parameters shorter than 1024 bits

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-01-28 16:22:21 +01:00
Arne Fitzenreiter
44ec3a759a hwdate: update databases 
pci.ids: 2016.01.28
usb.ids: 2015.12.17

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-01-28 13:40:54 +01:00
Arne Fitzenreiter
d3228e2c6c core97: prepare new core97 with openssl and openssh update. 
the update itself has to be done...

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-01-28 13:40:31 +01:00
Arne Fitzenreiter
d3fbc392a7 vdr_eepg: fix source download. 
the external server has changed the compression so the md5 has changed.
Always use the IPFire server as primary download source.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-01-28 13:39:09 +01:00
Matthias Fischer
1b8c3e2362 openssh: Update to 7.1p2 
Fixes CVE-2016-0777

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-01-28 13:38:18 +01:00
Arne Fitzenreiter
23c6a8d710 core96: don't overwrite grub defaults. 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-01-23 15:19:58 +01:00
Arne Fitzenreiter
c26171b4b4 core96: remove rrd ramdisk entry from fstab 2015-12-23 11:32:53 +01:00
Michael Tremer
32dd84e817 core96: Regenerate language cache 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-22 15:10:31 +00:00
Michael Tremer
1a781c8a29 core96: Correctly call qosctrl 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-22 10:27:26 +00:00
Michael Tremer
ff441e4d3f core96: Fix deleting the old ramdisk directory 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-22 10:26:27 +00:00
Arne Fitzenreiter
df00a3f1cd core96: set pakfire version to 96. 2015-12-20 20:19:43 +01:00
Michael Tremer
54206b6e35 curl: Fix certificate validation 
curl did not find the certificate bundle so that server
certificates could not be verified.

Fixes #10995

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-19 14:12:29 +00:00
Michael Tremer
4d7f9a81ac strongswan: Update to 5.3.5 
Also ships a fix for #853 upstream.

Fixes #10998

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-19 14:09:10 +00:00
Michael Tremer
b84a9b078d core96: Ship updated grub 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-18 23:42:15 +00:00
Matthias Fischer
44fb4620ee grub 2.00: Bugfix for CVE-2015-8370 
See: http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html

"A vulnerability in Grub2 has been found. Versions from 1.98 (December, 2009)
to 2.02 (December, 2015) are affected. The vulnerability can be exploited
under certain circumstances, allowing local attackers to bypass any kind of
authentication (plain or hashed passwords). And so, the attacker may take
control of the computer."

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-18 23:40:00 +00:00
Matthias Fischer
1e1b03d581 dnsmasq 2.75: latest upstream patches ;-) 
The neverending story continues...

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-18 15:02:30 +00:00
Matthias Fischer
fbcc3cb784 dnsmasq 2.75: latest upstream patches 
Since 'Makefile' was affected, I had to rewrite
'dnsmasq-Add-support-to-read-ISC-DHCP-lease-file.patch', too.

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-18 15:02:26 +00:00
Alexander Marx
78af2f67bb Squid-Accounting: Bugfix & clean up data 
There was a Bug in the addon so that no data was displayed because of a
typo. Additionally the computeraccounts are now filtered out of
trafficdata collection.
Only Proxy/AD/LDAP Accounts and IP adresses are collected.

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-17 11:35:53 +00:00
Michael Tremer
b42a7ec1a6 Rootfile update 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-15 18:32:55 +00:00
Matthias Fischer
d9ef106e5c Midnight Commander 4.8.15: Update for rootfile 
There was a syntax file which I overlooked...

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-15 13:54:33 +00:00
Michael Tremer
a8d24cee43 core96: Ship rules.pl 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-15 13:54:04 +00:00
Alexander Marx
306098a498 BUG10994: SNAT rules are missing the outgoing interface 
When creating SNAT rules, the outgoing interface is not set. As a side
effect, traffic that should be send unnatted to a vpn tunnel can be
natted which is a BUG.
With this patch the SNAT rules are getting a outgoing interface
according to the configuration. When selecting the RED Target network,
all SNAT rules will be configured with "-o red0". Otherwise if "all" is
selected, there is no interface in the rule, which matches all networks.

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-15 13:53:03 +00:00
Michael Tremer
08729f79fb ramdisk: Backup ramdisks once a night 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-15 13:47:52 +00:00
Michael Tremer
429524c040 ntp: Prefer local clock 
For some reason, ntp won't use a local clock even if it is
there and up and running. Therefore we need to "prefer" our
only source of time.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Tested-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
 2015-12-15 12:49:27 +00:00
Matthias Fischer
73a000f9d1 ntp 4.2.8p4: Update for rootfile 
'/usr/share/ntp/lib/NTP/Util.pm' is needed for 'ntptrace'
to run correctly

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-15 12:39:53 +00:00
Michael Tremer
93d6eed9a4 ntp: Fix syncing with local clock 
This is a bug that was introduced with the latest release
from upstream

Fixes #10997
Upstream: http://bugs.ntp.org/show_bug.cgi?id=2965

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-15 12:39:19 +00:00
Matthias Fischer
50923742ba nano: Update to 2.5.0 
Changelog: http://www.nano-editor.org/dist/v2.5/ChangeLog

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-13 22:28:31 +00:00
Matthias Fischer
c4b28466d1 arping 2.15: Update for rootfile 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-13 22:28:15 +00:00
Michael Tremer
1b169a72da Speed up rootfile generation 
The old usage of find walked through the entire filesystem tree
and excluded some paths from being printed. The more efficient
solution is to skip walking through excluded directories entirely.

This is a slight speedup of the build process by a few minutes.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-12 17:06:10 +00:00
Matthias Fischer
ca762aaf6e arping: Update to 2.15 
arping: Update to 2.15

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-12 13:11:45 +00:00
Michael Tremer
0909a0a1d8 Update rootfiles 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-12 11:52:18 +00:00
Michael Tremer
b5e1360eb9 ramdisk: Remove temporary directory recursively 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-12 12:46:02 +01:00
root
24f2144dd2 ramdisk: Fix copying files 
The shell expansion wasn't used because of the quotation marks.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-12 12:36:17 +01:00
Michael Tremer
ffeaaef618 connections.cgi: Fix page crash with IPsec connections with one subnet only 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-12 09:50:19 +00:00
Michael Tremer
ea6fa9de5a core96: Ship missing libnet 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-11 18:48:19 +00:00
Matthias Fischer
600ac5c657 libnet 1.1.6: Fix for rootfile 
libnet 1.1.6: Fix for rootfile

See: https://forum.ipfire.org/viewtopic.php?f=27&t=15377, "error with
arping and libnet.so.1"
Should fix: Bug #10996 / https://bugzilla.ipfire.org/show_bug.cgi?id=10996

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-11 18:47:20 +00:00
Matthias Fischer
db1404051f clamav: Update to 0.99 
clamav: Update to 0.99

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-11 18:46:02 +00:00
Michael Tremer
b7488afd89 core96: Ship updated rrdtool 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-11 18:43:39 +00:00
Matthias Fischer
4955d7239b rrdtool: Update to 1.5.5 
rrdtool: Update to 1.5.5

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-11 18:43:24 +00:00
Matthias Fischer
db7d2b1312 Midnight Commander: Update to 4.8.15 
Removed uncognized option: --with-samba

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-10 17:45:30 +00:00
Michael Tremer
e0eb23de56 core96: Ship routing.cgi 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-10 16:38:36 +00:00