webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-26 19:00:34 +02:00
Code Issues Packages Projects Releases Wiki Activity
15,482 Commits 2 Branches 1 Tag
e1253a4d348f23d0d368ef69bc213b184acb8b56
Commit Graph

6611 Commits

Author SHA1 Message Date
Arne Fitzenreiter
b689391f27 Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next 2020-12-02 23:43:15 +01:00
Arne Fitzenreiter
a11783096e intel-microcode: update to 20201118 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-12-02 23:42:29 +01:00
Arne Fitzenreiter
bb5dcf84b8 kernel: update to 4.14.210 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-12-02 23:42:04 +01:00
Michael Tremer
77b7668c9e aws-cli: Update to 1.18.188 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-12-02 17:55:51 +00:00
Michael Tremer
57a0aedb3e python3-botocore: Update to 1.19.28 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-12-02 17:55:22 +00:00
Michael Tremer
05be1c642a python3-urllib3: New package 
Required by botocore

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-12-02 17:54:56 +00:00
Stefan Schantl
6dc6de4c4e ddns: Import upstream patch for provider DuckDNS. 
Fixes #12415.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-12-02 14:56:46 +00:00
Stefan Schantl
882db5cd03 ddns: Import upstream patch for provider DDNSS. 
Fixes #12328.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-12-02 14:56:44 +00:00
Stefan Schantl
31098f84ab configroot: Change ownership of "/var/ipfire/red" to nobody. 
Otherwise the WUI is not allowed to put and release the nobeep file in
this folder and the desired functionality does not work.

Fixes #12385.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-12-01 16:14:48 +00:00
Erik Kapfer
820edb2374 OpenVPN: Update to version 2.5.0 
Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>
Tested-by: Adolf Belka <ahb.ipfire@gmail.com>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-12-01 16:10:32 +00:00
Matthias Fischer
e8ecc81a70 logwatch: Disable iptables output in summary.dat, fixes #12533 
This patch disables the output of 'iptables' in 'summary.dat' by
modifying '/usr/share/conf/logwatch.conf'.

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-27 15:54:27 +00:00
Matthias Fischer
1e036ee90d knot: Update to 3.0.2 
for details see:
https://www.knot-dns.cz/2020-11-11-version-302.html

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-27 15:50:29 +00:00
Matthias Fischer
c2773f2371 ghostscript: Update to 9.53.3 
For details see:
https://www.ghostscript.com/doc/current/History9.htm#Version9.53.3

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-27 15:49:50 +00:00
Michael Tremer
4a388bc9f0 libloc: Import changes from upstream 
This fixes the segmentation fault on 32 bit systems.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-27 15:46:39 +00:00
Michael Tremer
8a4495a41f gdb: Build package to be available in the build environment 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-27 15:19:53 +00:00
Arne Fitzenreiter
7adacda04c transmission: update to 3.00 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-26 16:15:48 +00:00
Peter Müller
ef99991370 Tor: update to 0.4.4.6 
Full changelog can be obtained from https://gitweb.torproject.org/tor.git/plain/ChangeLog?h=tor-0.4.4.6 .

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-25 17:17:35 +00:00
Arne Fitzenreiter
3198520570 kernel: update to 4.14.209 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-11-24 20:52:22 +01:00
Arne Fitzenreiter
76da59bba6 strongswan: update to 5.9.1 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-11-24 10:52:45 +01:00
Arne Fitzenreiter
e4f287a268 vdr: update to 2.4.4 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-23 18:15:48 +00:00
Michael Tremer
2cb220fd3c freeradius: Depend on samba again 
The package requires more libraries than libtalloc from
the samba package and therefore we need this dependency
again.

Fixes: #12538
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-23 15:12:54 +00:00
Adolf Belka
d0d63bbbee apcupsd: addition of backup/includes definition 
Added a backup/includes file for apcupsd to backup the
/etc/apcupsd/ directory where all the configuration files
are stored. Currently there is no backup available to
save the state of any changes carried out to the configuration
or action files.
Signed-off-by: Adolf Belka <ahb.ipfire@gmail.com>

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-23 15:12:54 +00:00
Arne Fitzenreiter
17a8437e82 pcengines-firmware: update to 4.12.0.6 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-23 15:12:54 +00:00
Arne Fitzenreiter
9e245967d2 kernel: update to 4.14.208 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-11-23 14:24:15 +01:00
Michael Tremer
6cab8977e0 amazon-ssm-agent: Package /usr/bin/ssm-agent-worker 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-19 18:35:36 +00:00
Arne Fitzenreiter
5929646842 kernel: update to 4.14.207 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-11-19 19:08:33 +01:00
Michael Tremer
05db64d0ea libloc: Import recent patches from upstream 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-18 19:18:40 +00:00
Arne Fitzenreiter
a832b5c2e6 Merge remote-tracking branch 'origin/master' into next 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-11-13 18:21:20 +00:00
Michael Tremer
ff69976021 amazon-ssm-agent: Update to 3.0.356.0 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-13 11:11:47 +00:00
Michael Tremer
64d6b06a6d go: Update to 1.15.4 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-13 11:11:47 +00:00
Arne Fitzenreiter
81e87afb7b intel-microcode: update to 20201112 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-11-13 09:03:00 +01:00
Arne Fitzenreiter
2e1bf458e2 kernel: update to 4.14.206 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-11-12 09:02:02 +01:00
Peter Müller
66c9d821d6 spectre-meltdown-checker: update to 0.44 
Full changelog as per https://github.com/speed47/spectre-meltdown-checker/releases/tag/v0.44 :

    feat: add support for SRBDS related vulnerabilities
    feat: add zstd kernel decompression (#370)
    enh: arm: add experimental support for binary arm images
    enh: rsb filling: no longer need the 'strings' tool to check for kernel support in live mode
    fix: fwdb: remove Intel extract tempdir on exit
    fix: has_vmm: ignore kernel threads when looking for a hypervisor (fixes #278)
    fix: fwdb: use the commit date as the intel fwdb version
    fix: fwdb: update Intel's repository URL
    fix: arm64: cve-2017-5753: kernels 4.19+ use a different nospec macro
    fix: on CPU parse info under FreeBSD
    chore: github: add check run on pull requests
    chore: fwdb: update to v165.20201021+i20200616

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-11 15:50:33 +00:00
Arne Fitzenreiter
1c217406f2 intel-microcode: update to 20201110 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-11 11:50:14 +00:00
Michael Tremer
85c2e400ff git: Bump package version 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-10 11:17:46 +00:00
Michael Tremer
1e2c442c9e samba: Add support for custom configuration changes 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-09 18:43:15 +00:00
Michael Tremer
7b97337afb core153: Ship location changes 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-09 14:11:16 +00:00
Peter Müller
02489761db libseccomp: update to 2.4.4 
Full changelog obtained from: https://github.com/seccomp/libseccomp/releases/tag/v2.4.4

Version 2.4.4 - August 21, 2020

    Update the syscall table for Linux v5.8-rc7
    Fix double free when BPF generation fails
    Add aarch64 support for clone3, getrlimit, and setrlimit

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-05 23:34:22 +00:00
Peter Müller
a30f94ac4a curl: update to 7.73.0 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-05 23:33:29 +00:00
Peter Müller
1cd27f38e6 lynis: update to 3.0.1 
Full changelog obtained from: https://cisofy.com/changelog/lynis/#301

- Detection of Alpine Linux
- Detection of CloudLinux
- Detection of Kali Linux
- Detection of Linux Mint
- Detection of macOS Big Sur (11.0)
- Detection of Pop!_OS
- Detection of PHP 7.4
- Malware detection tool: Microsoft Defender ATP
- New flag: --slow-warning to allow tests more time before showing a
warning
- Test TIME-3185 to check systemd-timesyncd synchronized time
- rsh host file permissions

- AUTH-9229 - Added option for LOCKED accounts and bugfix for older bash
versions
- BOOT-5122 - Presence check for grub.d added
- CRYP-7902 - Added support for certificates in DER format
- CRYP-7931 - Added data to report
- CRYP-7931 - Redirect errors (e.g. when swap is not encrypted)
- FILE-6430 - Don't grep nonexistant modprobe.d files
- FIRE-4535 - Set initial firewall state
- INSE-8312 - Corrected text on screen
- KRNL-5728 - Handle zipped kernel configuration correctly
- KRNL-5830 - Improved version detection for non-symlinked kernel
- MALW-3280 - Extended detection of BitDefender
- TIME-3104 - Find more time synchronization commands
- TIME-3182 - Corrected detection of time peers
- Fix: hostid generation routine would sometimes show too short IDs
- Fix: language detection
- Generic improvements for macOS
- German translation updated
- End-of-life database updated
- Several minor code enhancements

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-05 23:33:14 +00:00
Michael Tremer
60985e75c8 tor: Bump package version 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-05 23:31:26 +00:00
Peter Müller
699c61109a tzdata: update to 2020d 
The pacificnew file has been dropped by IANA. Adding the "factory" file
makes sense to have a reasonable default in case the time zone is
unknown, which, however, should not happen in case of IPFire 2.x - just
trying to be consistent here.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-05 23:30:38 +00:00
Peter Müller
f55a00fea3 file: update to 5.39 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-05 23:29:18 +00:00
Peter Müller
987826deb1 Bash: apply patches 12 through 18 as well 
Those fix some unintentional behaviour regarding autocompletion I
stumbled across the other day. While there seems nothing security
relevant in this, it irons out a few bugs.

The full and up-to-date list of all Bash 5.0 patches can be obtained
from https://ftp.gnu.org/gnu/bash/bash-5.0-patches/ .

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-03 10:38:25 +00:00
Arne Fitzenreiter
58b374c255 samba: remove pid at killproc in initscript 
sometime a stale nmbd or smbd process prevent start of samba.
this change should kill all processes.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-03 10:36:59 +00:00
Arne Fitzenreiter
632075bf57 samba: update to 4.13.1 
This is a security release in order to address
CVE-2020-14318 (Missing handle permissions check in SMB1/2/3 ChangeNotify),
CVE-2020-14323 (Unprivileged user can crash winbind) and
CVE-2020-14383 (An authenticated user can crash the DCE/RPC DNS with easily
crafted records).

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-10-30 17:31:29 +00:00
Ramax Lo
5cbc22ffa6 usb_modeswitch_data: update to 20191128 
Signed-off-by: Ramax Lo <ramaxlo@gmail.com>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-10-30 15:18:04 +00:00
Ramax Lo
588f1223f2 usb_modeswitch: update to 2.6.1 
Signed-off-by: Ramax Lo <ramaxlo@gmail.com>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-10-30 15:18:01 +00:00
Michael Tremer
d941effbcf ntp: Make /etc/ntp owned by root 
This is required for ntpd being able to write its own drift file

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-10-30 15:08:55 +00:00
Michael Tremer
4e49d67990 ntp: Move configuration into an own file 
We should not write files like that in the LFS scripts.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-10-30 15:08:44 +00:00