For details (9.1.2 => 9.1.3 => 9.1.4) see:
https://roy.marples.name/blog/dhcpcd-9-1-3-released.html
"configure: Fix fallout with disabling embedded config
inet6: Add support for reporting Mobile IPv6 RA's
inet6: Report RA Proxy flag if set
BSD: Allow non NetBSD and OpenBSD to set IN6_IFF_AUTOCONF
privsep: Don't handle any signals meant for the main process
eloop: Try and survive a signal storm
configure: add --with-eghook=foo
dhcpcd: Add an option to poll the interface carrier state
script: Make visible some link level parameters to lease dumping
Linux: ignore unsupported interfaces by default, such as sit0
Linux: support aarch64 for reading cpu info
Linux: keep the generic netlink socket around to get ssid with privsep
Linux: restore fix when no address is returned by getifaddrs(3)
inet6: Don't regen temp addresses we didn't add
privsep: Don't limit file writes if logging to a file
DHCP6: Fix lease timings with nodelay option"
https://roy.marples.name/blog/dhcpcd-9-1-4-released.html
"Fix SMALL builds
Ensure DBDIR exists at startup"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
>>> https://ezix.org/project/wiki/HardwareLiSter <<<
lshw (Hardware Lister) is a small tool to provide detailed information on
the hardware configuration of the machine.
It can report exact memory configuration, firmware version,
mainboard configuration, CPU version and speed,
cache configuration, bus speed, etc.
Signed-off-by: Marcel Follert (Smooky) <smooky@16.de>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
>>> https://dev.yorhel.nl/ncdu <<<
Ncdu is a disk usage analyzer with an ncurses interface.
It is designed to find space hogs on a remote server where you don't
have an entire graphical setup available,
but it is a useful tool even on regular desktop systems.
Ncdu aims to be fast, simple and easy to use,
and should be able to run in any minimal POSIX-like environment
with ncurses installed.
Signed-off-by: Marcel Follert (Smooky) <smooky@16.de>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
gcc-7 not support -fcf-protection so filter it from CFLAGS.
also filter -mtune in first pass because it should optimized for the
actual host.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update postfix from version 3.5.6 to 3.5.7
see ftp://ftp.cs.uu.nl/mirror/postfix/postfix-release/official/postfix-3.5.7.RELEASE_NOTES
Supporting request from Peter Müller
Signed-off-by: Adolf Belka<ahb@ipfire@gmail.com
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- added pid_file=/var/run to the configure statement
to give the required pid directory in the default nrpe.cfg file
Signed-off-by: Adolf Belka <ahb.ipfire@gmail.com>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
the configure.ac has a bug that detects gcc-10 as gcc-1 and so not use
some quirks. Also there is a bug with FORTIFY-SOURCE=2 that crash
if the matchparen plugin is used (enabled by default).
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
For details see:
http://www.squid-cache.org/Versions/v4/changesets/
and
http://lists.squid-cache.org/pipermail/squid-users/2020-August/022566.html
Fixes (excerpt):
"* SQUID-2020:8 HTTP(S) Request Splitting
(CVE-2020-15811)
This problem is serious because it allows any client, including
browser scripts, to bypass local security and poison the browser
cache and any downstream caches with content from an arbitrary
source.
* SQUID-2020:9 Denial of Service processing Cache Digest Response
(CVE pending allocation)
This problem allows a trusted peer to deliver to perform Denial
of Service by consuming all available CPU cycles on the machine
running Squid when handling a crafted Cache Digest response
message.
* SQUID-2020:10 HTTP(S) Request Smuggling
(CVE-2020-15810)
This problem is serious because it allows any client, including
browser scripts, to bypass local security and poison the proxy
cache and any downstream caches with content from an arbitrary
source.
* Bug 5051: Some collapsed revalidation responses never expire
* SSL-Bump: Support parsing GREASEd (and future) TLS handshakes
* Honor on_unsupported_protocol for intercepted https_port"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The version jump from 3.2.3 to 3.2.6 includes several changes.
3.2.4 includes only bugfixes.
3.2.5 includes bugfixes and updated protocols.
3.2.6 includes also bugfixes and updated protocols.
For a full overview, the release notes can be found in here -->
https://www.wireshark.org/docs/relnotes/ .
Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
For details see:
https://downloads.isc.org/isc/bind9/9.11.21/RELEASE-NOTES-bind-9.11.21.html
"Bug Fixes
named could crash when cleaning dead nodes in lib/dns/rbtdb.c that
were being reused. [GL #1968]
Properly handle missing kyua command so that make check does not
fail unexpectedly when CMocka is installed, but Kyua is not. [GL
#1950]
The validator could fail to accept a properly signed RRset if an
unsupported algorithm appeared earlier in the DNSKEY RRset than
a supported algorithm. It could also stop if it detected a malformed
public key. [GL #1689]"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
