webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-13 12:32:59 +02:00
Code Issues Packages Projects Releases Wiki Activity
8,115 Commits 2 Branches 1 Tag
df6649b0feb13d5a08bdcff7bb1eb65b538b23ca
Commit Graph

8115 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Tremer
df6649b0fe Merge remote-tracking branch 'amarx/firewall-dnat' into next 
Conflicts:
	config/firewall/rules.pl
 2014-09-26 12:55:55 +02:00
Michael Tremer
b30890aa06 bash: Import upstream patches for CVE-2014-6271 and CVE-2014-7169 2014-09-26 12:42:27 +02:00
Michael Tremer
b7784e38bd core84: Add dnsmasq update 2014-09-26 12:25:48 +02:00
Michael Tremer
2a3506f349 Create core update 84 2014-09-26 12:25:30 +02:00
Michael Tremer
d6796d144a Merge branch 'master' into next 2014-09-26 12:21:18 +02:00
Michael Tremer
7a35d102cb dnsmasq: Update to 2.72 2014-09-25 21:16:01 +02:00
Arne Fitzenreiter
61466ab18d core83: set version to core83. 2014-09-25 20:37:55 +02:00
Arne Fitzenreiter
cea3c8cf53 core83: reload init at update because glibc changes. 2014-09-25 20:36:06 +02:00
Michael Tremer
e86c70a99f bash: Import fix for CVE-2014-7169 
http://www.openwall.com/lists/oss-security/2014/09/25/10
 2014-09-25 19:38:23 +02:00
Michael Tremer
a4c895e569 Merge branch 'master' into next 2014-09-24 20:39:43 +02:00
Michael Tremer
5aa856ce1c core83: add changed files 2014-09-24 20:38:59 +02:00
Michael Tremer
5f17f9f341 Create core update 83 2014-09-24 20:31:55 +02:00
Michael Tremer
6cda6f906e bash: Fix for CVE-2014-6271 
A flaw was found in the way Bash evaluated certain specially crafted
environment variables. An attacker could use this flaw to override
or bypass environment restrictions to execute shell commands.
Certain services and applications allow remote unauthenticated
attackers to provide environment variables, allowing them to exploit
this issue.
 2014-09-24 18:48:35 +02:00
Stefan Schantl
34ebab463b urlfilter.cgi: Fix path to squidGuard binary when converting custom blacklists. 
Fixes #10626.
 2014-09-20 11:49:39 +02:00
Stefan Schantl
9cc46b56ad logs.cgi/ids.dat: Change url for snort sid details. 
Fixes #10578.
 2014-09-16 20:37:16 +02:00
Arne Fitzenreiter
cce37f04af openssl-compat: update to 0.9.8zb. 2014-09-09 19:20:54 +02:00
Arne Fitzenreiter
7b0afb50d3 Merge remote-tracking branch 'origin/master' into core82 2014-09-09 17:57:27 +02:00
Arne Fitzenreiter
51d8e33093 xen-image: add xz-aware xen version hint to README. 2014-09-09 17:54:27 +02:00
Michael Tremer
499e7fc33f general-functions.pl: Fix perl coding error 2014-09-06 18:45:43 +02:00
Michael Tremer
7bfaaa0d35 general-functions.pl: Fix syntax error 2014-09-06 18:45:39 +02:00
Michael Tremer
9f64c06d94 general-functions.pl: Subroutine getnetworkip() accepted multiple arguments 2014-09-06 18:45:35 +02:00
Michael Tremer
c14203248c general-functions.pl: Fix perl coding error 2014-09-06 18:44:50 +02:00
Arne Fitzenreiter
35880220b0 rsync: update to 3.1.1. 2014-09-05 21:56:01 +02:00
Michael Tremer
da05e07629 general-functions.pl: Fix syntax error 2014-09-04 11:13:41 +02:00
Michael Tremer
6a2a62cf25 general-functions.pl: Subroutine getnetworkip() accepted multiple arguments 2014-09-03 22:23:04 +02:00
Michael Tremer
bd76bcb8b4 glibc: Import several fixes from RHEL. 
Fixes #10611, CVE-2014-5119 among other bug fixes.
 2014-09-03 21:49:01 +02:00
Alexander Marx
67bda607ca Squid-accounting: revert setlocale because thevalues are not correctly with this setting 2014-09-01 19:39:35 +02:00
Michael Tremer
8fbcf730ae proxy.cgi: Move ACL definitions up 
ACl definitions could not be used in some other directives
unless they are defined earlier.
 2014-08-28 17:01:44 +02:00
Michael Tremer
94b3d7d2f2 squid: Update to 3.4.7 
Solves a DoS issue "Ignore Range headers with unidentifiable byte-range values"
filed under security advisory SQUID-2014:2 and CVE-2014-3609.
 2014-08-28 16:09:31 +02:00
Michael Tremer
d79fbce44e findutils: Cannot use exec here or the lockfile won't be removed 2014-08-24 15:22:04 +02:00
Michael Tremer
ff6d34ab8b minidlna: Update to 1.1.3 
Fixes #10573
 2014-08-24 15:14:25 +02:00
Michael Tremer
bfea8d7d2f findutils: Run updatedb once a week 
As suggested in bug #10303
 2014-08-24 14:46:06 +02:00
Arne Fitzenreiter
d18925c39a Merge branch 'core82' of ssh://git.ipfire.org/pub/git/ipfire-2.x into core82 2014-08-23 17:06:40 +02:00
Arne Fitzenreiter
38ffd2d641 perl-PDF-API2: rootfile fix for arm. 2014-08-23 09:36:01 +02:00
Arne Fitzenreiter
d2ff1cc455 samba: bump PAK_VER. 2014-08-22 17:03:19 +02:00
Arne Fitzenreiter
d49a04c939 sane: depends on cups libs. 2014-08-22 12:05:39 +02:00
Arne Fitzenreiter
48f989de15 core82: add iputils to update. 2014-08-22 09:27:18 +02:00
Arne Fitzenreiter
9bd0bfd233 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 
Conflicts:
	lfs/iputils
 2014-08-22 09:17:27 +02:00
Arne Fitzenreiter
05370b30da core82: finish update 2014-08-21 23:38:30 +02:00
Michael Tremer
e7204c2d95 firewall: Fix initialization when RED has not been brought up yet 2014-08-21 16:12:43 +02:00
Michael Tremer
6de2306a6a Rootfile update 2014-08-21 10:47:47 +02:00
Michael Tremer
f204a2e649 initscripts: Remove old firewall-reload symlink 2014-08-21 10:47:41 +02:00
Arne Fitzenreiter
6b271ee283 iputils: Ship tracepath 2014-08-20 21:56:35 +02:00
Arne Fitzenreiter
d2a08170b9 ppp: update to 2.4.7. 
Fix for ms-chap-v2.
fixes #10575.
 2014-08-19 16:17:44 +02:00
Michael Tremer
d82668d553 core82: Add changed files 2014-08-14 12:45:37 +02:00
Michael Tremer
072f4c10cc Move core updates 80 and 81 to oldcore. 2014-08-14 12:27:56 +02:00
Michael Tremer
c45c2a1561 Create empty core update 82. 2014-08-14 12:27:15 +02:00
Michael Tremer
2fc5124b7e proxy: Allow HTTP Basic authentication against Active Directory servers 
Some clients may not support NTLMv2. Basic authentication can
now be activated. This is dangerous as it sends the credentials
in cleartext to the proxy server.
 2014-08-11 11:49:56 +02:00
Axel Gembe
8ed77b039f general-functions.pl: validdomainname misinterprets RFC1035 
The function validdomainname checks that each part of a domain name is at least
2 characters in length, but RFC1035 only makes a restriction on a "label" being
at most 63 characters in length. This change allows reverse DNS zones like
2.168.192.in-addr.arpa to be added to the DNS forward configuration, which was
incorrectly prevented before.

Signed-off-by: Axel Gembe <ago@multipixs.com>
 2014-08-11 10:51:18 +02:00
Timo Eissler
0eba3dc448 firewall: updated rootfiles 2014-08-08 09:54:38 +02:00