webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-25 10:22:59 +02:00
Code Issues Packages Projects Releases Wiki Activity
13,541 Commits 2 Branches 1 Tag
c6e032e13d5d1eff16189c50229f00522835aae5
Commit Graph

5258 Commits

Author SHA1 Message Date
Michael Tremer
92f6c5ed86 core134: Ship updated firewall initscript 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-21 01:39:18 +01:00
Michael Tremer
7866fa2513 core134: Ship updated bind 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-21 01:39:18 +01:00
Matthias Fischer
f3959d13e8 bind: Update to 9.11.8 
For Details see:
https://downloads.isc.org/isc/bind9/9.11.8/RELEASE-NOTES-bind-9.11.8.html

"Security Fixes
    A race condition could trigger an assertion failure when a large number
    of incoming packets were being rejected.
    This flaw is disclosed in CVE-2019-6471. [GL #942]"

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-21 01:39:18 +01:00
Arne Fitzenreiter
744f16e45a core134: ship core133 late fixes again 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-06-21 11:58:58 +02:00
Arne Fitzenreiter
70590cef48 Kernel: update to 4.14.128 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-06-19 21:01:29 +02:00
Michael Tremer
4b64da2914 core134: Ship updated vim 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-18 22:35:23 +01:00
Matthias Fischer
beac384541 Remove old vim 7.4 data 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-18 22:35:07 +01:00
Matthias Fischer
98f55e136f vim: Update to 8.1 
Please note:
If this gets merged, the update process must deal with the otherwise remaining
files in '/usr/share/vim74' (~16 MB).

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-18 22:34:55 +01:00
Arne Fitzenreiter
a04eedfe7d core134: add kernel to updater 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-06-18 18:55:11 +02:00
Arne Fitzenreiter
15ca18a3d9 Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next 2019-06-18 18:42:02 +02:00
Arne Fitzenreiter
82c279a518 kernel: update to 4.14.127 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-06-18 18:41:19 +02:00
Michael Tremer
7516e8b7f1 core134: Ship changed general-functions.pl 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-18 09:13:21 +01:00
Michael Tremer
82899ad1ce core134: Ship updated unbound 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-18 09:11:18 +01:00
Matthias Fischer
2f278de868 unbound: Update to 1.9.2 
For details see:
https://nlnetlabs.nl/pipermail/unbound-users/2019-June/011632.html

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-17 17:39:37 +01:00
Michael Tremer
527078e439 core134: Ship updated OpenSSL 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-12 17:25:13 +01:00
Michael Tremer
ce46df9b83 Start Core Update 134 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-12 17:18:23 +01:00
Michael Tremer
5d65813aa3 core133: Ship updated wpa_supplicant 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-11 07:00:38 +01:00
Peter Müller
8e101c0bda ship language files in Core Update 133 
These were missing in Core Update 132, and some strings
(especially on the "CPU vulnerabilities" page) missed translations.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-10 19:44:59 +01:00
Michael Tremer
35f12f2998 Rootfile update 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-10 09:58:15 +01:00
Michael Tremer
28093c8376 Rootfile update 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-08 11:34:37 +01:00
Michael Tremer
09b9910696 Rootfile update 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-07 11:14:11 +01:00
Michael Tremer
c0fc25861f core133: Ship updated knot package 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-07 11:13:01 +01:00
Michael Tremer
e1f8f870ea core133: Ship snort configuration converter 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-05 12:42:53 +01:00
Michael Tremer
a40bcbb02c core133: Ship IPS changes 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-05 12:41:37 +01:00
Tim FitzGeorge
a5ba473c15 suricata: correct rule actions in IPS mode 
In IPS mode rule actions need to be have the action 'drop' for the
protection to work, however this is not appropriate for all rules.
Modify the generator for oinkmaster-modify-sids.conf to leave
rules with the action 'alert' here this is appropriate.  Also add
a script to be run on update to correct existing downloaded rules.

Fixes #12086

Signed-off-by: Tim FitzGeorge <ipfr@tfitzgeorge.me.uk>
Tested-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-05 12:39:57 +01:00
Michael Tremer
9734a58faf core133: Ship IDS ruleset updater 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-05 12:34:44 +01:00
Michael Tremer
dc9ac30c8d core133: Ship updated vpnmain.cgi file and regenerate configuration 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-05 05:08:31 +01:00
Michael Tremer
c899be2fd0 core133: Ship updated dhcp.cgi 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-05 00:33:36 +01:00
Michael Tremer
0bb25a4f61 SMT: Disable when system is vulnerable to L1TF (Foreshadow) 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-04 23:55:17 +01:00
Michael Tremer
cfbb61a74d Rootfile update for ARM kernels 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-04 23:44:49 +01:00
Michael Tremer
236831c0f9 Rootfile update for gcc on i586 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-04 23:41:59 +01:00
Michael Tremer
d62925de4f core133: Ship updated PAM 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-04 23:32:35 +01:00
Michael Tremer
ba329dce8f core133: Ship updated rrdtool 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-04 23:31:51 +01:00
Matthias Fischer
83d4264eba rrdtool: Update to 1.7.2 
For details see:
https://oss.oetiker.ch/rrdtool/pub/CHANGES

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-04 23:31:11 +01:00
Michael Tremer
c7def60649 Rootfile update 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-03 09:20:05 +01:00
Michael Tremer
f748c79450 core133: Ship updated ovpnmain.cgi 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-02 22:49:42 +01:00
Michael Tremer
b0ec4158f3 miau: Drop package 
This is not maintained since 2010

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-29 15:24:29 +01:00
Michael Tremer
f62f432a27 openssl: Update to 1.1.1c 
Fixes CVE-2019-1543

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-29 13:51:48 +01:00
Michael Tremer
7b6d2972e3 strongswan: Update to 5.8.0 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-28 13:05:50 +01:00
Erik Kapfer
3c8aa8d75b tshark: Update to 3.0.2 
Incl. one vulnerability and several bug fixes. For full overview --> https://www.wireshark.org/docs/relnotes/wireshark-3.0.2.html .

- Disabled geoip support since libmaxminddb is not presant.
- Added dictionary in ROOTFILE to prevent "radius: Could not open file: '/usr/share/wireshark/radius/dictionary' " .
- Added CMAKE build type
- Removed profile examples and htmls completly from ROOTFILE.

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-28 12:29:36 +01:00
Michael Tremer
992fdd3d07 core133: Ship toolchain changes 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-28 11:44:32 +01:00
Michael Tremer
71ff23c765 Rootfile update 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-28 11:41:46 +01:00
Michael Tremer
fe9dbfa124 core133: Ship updated IPS ruleset sources 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-27 15:48:44 +01:00
Michael Tremer
f6104aa1e0 core133: Drop metadata for jansson package 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-27 15:42:50 +01:00
Michael Tremer
86efc510f9 core133: Ship hyperscan 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-27 15:40:31 +01:00
Michael Tremer
81544f8884 hyperscan: Move rootfiles to arch directories 
This package is only compiled on x86_64 and i586 and cannot
be packaged in any of the other architectures.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-27 15:38:42 +01:00
Stefan Schantl
52ebc66bba hyperscan: New package 
This package adds hyperscan support to suricata

Fixes #12053.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-27 14:40:14 +01:00
Stefan Schantl
2348cfffcf ragel: New package 
This is a build dependency of hyperscan

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-27 14:40:03 +01:00
Stefan Schantl
1a5f064916 colm: New package 
This is a build dependency of ragel, which is a build dependency of
hyperscan.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-27 14:39:32 +01:00
Stefan Schantl
616395f37c jansson: Move to core system and update to 2.12 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-27 14:39:00 +01:00