Michael Tremer
b59da37ee2
core90: Ship updated fireinfo
2015-05-04 16:18:24 +02:00
Michael Tremer
afa91a4df5
fireinfo: Fix SEGV on QEMU without KVM
2015-05-04 16:02:39 +02:00
Arne Fitzenreiter
11e2e672e8
squid: rootfile update.
2015-05-04 07:40:30 +02:00
Arne Fitzenreiter
2c97e77300
Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next
2015-05-03 13:03:25 +02:00
Arne Fitzenreiter
9666a34d0e
toolchain: set version to 9.
2015-05-03 13:02:30 +02:00
Alexander Marx
a8e3b15d77
squid-accounting: fix monthly dbmove funktion to put values in history table
2015-05-03 12:54:05 +02:00
Michael Tremer
57e86b5593
core90: Add updated netovpnsrv.cgi to update
2015-05-03 12:53:28 +02:00
Michael Tremer
61e19f97aa
Merge remote-tracking branch 'amarx/core90' into next
2015-05-03 12:52:50 +02:00
Alexander Marx
382ffe320c
Core90: make N2N Graphs higher to them correctly
...
Graphs in core 89 where not heigh enough so that they where zoomed which
looked bad
2015-05-03 05:12:13 +02:00
Michael Tremer
0ee35ce0ca
core90: Also regenerate IPsec configuration during the update
2015-05-02 14:29:46 +02:00
Michael Tremer
88b1e637ac
squid: Disable SSL support
...
The SSL support parts of squid are a great security
risk. The majority of all security issues has been
in this area. As we are not using any of that in
production we can as well disable SSL support.
This won't affect squid's possibility to forward
SSL connections with the CONNECT method.
2015-05-02 12:56:09 +02:00
Michael Tremer
49c3105cc3
squid: Update to 3.4.13
2015-05-02 11:21:14 +02:00
Michael Tremer
2c531c2132
vpnmain.cgi: Fix ECP regex again for Brainpool curves
...
The regular expression did not take into account that
there could be characters like "bp" in case of the Brainpool
curves (ecp512bp).
2015-05-01 16:57:13 +02:00
Arne Fitzenreiter
8d1e36cca5
clamav: update to 0.98.7
2015-04-30 06:50:15 +02:00
Arne Fitzenreiter
f0dba37096
xz: update to 5.2.1
2015-04-29 19:47:44 +02:00
Arne Fitzenreiter
57e527c84a
kernel: update to 3.14.40
2015-04-29 19:42:06 +02:00
Michael Tremer
6caea1086d
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
2015-04-29 11:26:35 +02:00
Michael Tremer
85a6f39c39
Merge remote-tracking branch 'stevee/core-90-ddnsctrl' into next
2015-04-29 11:26:20 +02:00
Michael Tremer
5f20677864
dnsmasq: Import more upstream fixes
...
Fixes : #10786
Fixes DNSSEC validation when falling back to TCP.
2015-04-29 11:24:23 +02:00
Stefan Schantl
e798fee78d
Core90: Regenerate ddns config file.
2015-04-28 21:16:54 +02:00
Stefan Schantl
2bcd81934d
ddns: Add more upstream patches.
2015-04-28 21:06:19 +02:00
Arne Fitzenreiter
0e2f9b011b
openssl: disable ssse3 on amd cpu's
...
amd with ssse3 (bulldozer and fusion) has serious performance problems
with the vpaes code. (-evp is 40% slower)
2015-04-28 20:51:03 +02:00
Michael Tremer
3bcb59ab21
vpnmain.cgi: Fix prefix for elliptic curve algorithms
2015-04-28 13:22:00 +02:00
Jochen Kauz
a24062d12b
vpnmain.cgi: dpd_delay/dpd_timeout wrong entry in ipsec.conf
...
Fixes #10636
2015-04-28 11:30:05 +02:00
Michael Tremer
cbdee67e06
openssl: Don't ship an SSE-optimised version of libssl
...
This one does not benefit at all from any optimisations
of this kind. Only libcrypto.so.10 which holds the implementation
of ciphers and hashes gains better performance by using SSE2.
2015-04-28 11:15:38 +02:00
Michael Tremer
1cbc5ca0a4
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
2015-04-28 11:14:45 +02:00
Michael Tremer
eb7e5ec69f
tzdata: Update to version 2015d
2015-04-28 11:13:03 +02:00
Arne Fitzenreiter
f68ae02d39
openssl: auto enable padlock engine.
2015-04-27 22:15:20 +02:00
Michael Tremer
30ca037fb3
glibc: Fix CVE-2013-7423 and CVE-2015-1781
...
CVE-2013-7423: Fix invalid file descriptor reuse while sending DNS query
CVE-2015-1781: Fix buffer overflow in gethostbyname_r with misaligned buffer
2015-04-27 21:20:46 +02:00
Arne Fitzenreiter
7fe5669502
openssl: change sse2 optimization to i686.
2015-04-27 21:19:46 +02:00
Michael Tremer
ffe32bf7ae
strongswan: Increase stroke buffer size to 8k
2015-04-27 20:58:45 +02:00
Michael Tremer
6ac0a1a38f
dnsmasq: Import latest fixes from upstream
2015-04-27 18:10:34 +02:00
Stefan Schantl
0596fb2d1d
Add patched ddns to core 90.
2015-04-26 17:17:36 +02:00
Stefan Schantl
1b1401b9df
Drop obsolete ddns patches.
2015-04-26 17:14:36 +02:00
Stefan Schantl
b0b8729a32
ddns: Add upstream patch for fixing bug 10815.
2015-04-26 17:12:55 +02:00
Stefan Schantl
942299ebeb
Add ddns related files to core 90.
2015-04-26 16:56:24 +02:00
Stefan Schantl
023919034a
ddns.cgi: Use ddnsctrl for instant update.
2015-04-26 16:52:52 +02:00
Stefan Schantl
1a8999b3d6
ddnsctrl: New binary.
...
This helper binary is used to grand the ddns update client super user rights,
when launched out of the webinterface.
2015-04-26 16:48:45 +02:00
Arne Fitzenreiter
e0c923f424
Add rootfile check for hardcoded machine type.
2015-04-25 13:23:34 +02:00
Arne Fitzenreiter
7f16c66647
libsrtp: update rootfile.
2015-04-25 09:49:37 +02:00
Arne Fitzenreiter
0594323b79
core90: remove missing file from openssl-0.9.8-files.
2015-04-24 20:06:13 +02:00
Arne Fitzenreiter
f3c7938540
openssl: fix ssl2 rootfile handling.
...
KCFG will added to the lfs filename at determine the filename in config/rootfiles folder.
2015-04-24 20:03:45 +02:00
Dirk Wagner
67a0c5180d
asterisk addon: upate to 11.17.1
2015-04-24 10:22:14 +02:00
Dirk Wagner
d0b47c7a8f
libsrtp: upgrade to 1.5.2
2015-04-24 10:21:39 +02:00
Arne Fitzenreiter
432bc116fb
openssl: fix typo on arm config.
2015-04-23 23:31:58 +02:00
Arne Fitzenreiter
991082e936
core90: ship backupiso withupdate.
...
this file was missing in core87.
2015-04-23 21:18:42 +02:00
Michael Tremer
45ff420ec7
Drop openssl-compat package
2015-04-23 14:28:41 +02:00
Michael Tremer
37de68c965
openssl: Enable all assembly optimisations build SSE2 optimised version
...
Fixes #10814
2015-04-23 13:33:35 +02:00
Alexander Marx
69a419b19a
BUG10812: fix missing slash in path
2015-04-23 10:53:05 +02:00
Arne Fitzenreiter
4ad384c68d
rootfiles: fix build on arm.
...
i586 -> MACHINE
2015-04-22 22:15:27 +02:00
