bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-27 03:07:43 +02:00

Author	SHA1	Message	Date
Arne Fitzenreiter	29abc2d07c	vulnerabilities.cgi: again change colours red - vulnerable blue - mitigated green - not affected because we not really trust the mitigations so they shound not green. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-25 07:39:38 +02:00
Arne Fitzenreiter	e896a9bd3d	vulnerabilities.cgi fix string handling remove lf at the end for correct matching and not strip "Mitigated:" if it was not full working and still vulnerable. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-25 06:54:35 +02:00
Michael Tremer	413f84e988	vulnerabilities.cgi: Regard mitigations that only mitigate something still as vulnerable Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-25 06:51:53 +02:00
Michael Tremer	a96bcf413a	vulnerabilities.cgi: Simplify regexes We can do the split in one. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-25 06:51:06 +02:00
Michael Tremer	333125abf8	Merge branch 'toolchain' into next	2019-05-24 06:55:03 +01:00
Michael Tremer	9f0295a512	Merge remote-tracking branch 'ms/faster-build' into next	2019-05-24 06:54:16 +01:00
Michael Tremer	8feb0db430	core133: Ship updated squid Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-24 06:39:37 +01:00
Matthias Fischer	d2b5f03631	squid: Update to 4.7 For details see: http://www.squid-cache.org/Versions/v4/changesets/ Fixes among other things the old 'filedescriptors' problem, so this patch was deleted. Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-24 06:37:50 +01:00
Michael Tremer	53ef2a0ffe	core133: Ship updated bind Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-24 06:37:21 +01:00
Matthias Fischer	f225f3ee29	bind: Update to 9.11.7 For details see: http://ftp.isc.org/isc/bind9/9.11.7/RELEASE-NOTES-bind-9.11.7.html "Security Fixes The TCP client quota set using the tcp-clients option could be exceeded in some cases. This could lead to exhaustion of file descriptors. This flaw is disclosed in CVE-2018-5743. [GL #615]" Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-24 06:36:55 +01:00
Michael Tremer	79967ee9c4	Start Core Update 133 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-24 06:35:46 +01:00
Michael Tremer	90194d7f7b	.gitignore: Ignore some backup files Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-24 06:30:46 +01:00
Michael Tremer	f8c23b43b7	tor: Depend on libseccomp Suggested-by: Erik Kapfer <erik.kapfer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-23 01:50:29 +01:00
Michael Tremer	f617fd912b	unbound: Safe Search: Enable Restrict-Moderate for YouTube Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-22 15:29:32 +01:00
Michael Tremer	6d653734fb	Update German translations Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-22 15:18:31 +01:00
Michael Tremer	61498b76b6	vulnerabilities.cgi: Regard mitigations that only mitigate something still as vulnerable Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-22 15:18:31 +01:00
Michael Tremer	144ff7605d	vulnerabilities.cgi: Simplify regexes We can do the split in one. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-22 15:17:59 +01:00
Arne Fitzenreiter	2f34103d47	Merge branch 'master' into next	2019-05-22 12:34:41 +02:00
Arne Fitzenreiter	984a6cabe4	vulnerablities: change to logic colours Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-22 12:34:03 +02:00
Arne Fitzenreiter	16e13262d9	Merge branch 'next'	2019-05-22 10:38:02 +02:00
Arne Fitzenreiter	3858a4b5b8	finish: core132 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-22 10:33:20 +02:00
Arne Fitzenreiter	b23db9b97b	vulnerablities.cgi: add colours for vuln,smt and unknown output. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-22 10:30:08 +02:00
Arne Fitzenreiter	716f00b116	kernel: update to 4.14.121 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-21 20:42:51 +02:00
Arne Fitzenreiter	b0d31edbd6	vnstat: fix errormessage at first boot Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-21 20:36:16 +02:00
Arne Fitzenreiter	6d37280f3e	configroot: create main/security settings file Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-21 15:03:21 +02:00
Arne Fitzenreiter	405f69fc9c	web-user-interface: update rootfile Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-21 15:02:54 +02:00
Michael Tremer	a087f4f586	core132: Ship vulnerabilities.cgi Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 21:55:55 +01:00
Michael Tremer	1cbcd044af	SMT: Show status on vulnerabilities.cgi Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 21:54:05 +01:00
Michael Tremer	f238e25172	vulnerabilities.cgi: Disable debugging output Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 21:39:03 +01:00
Michael Tremer	6f626b9ba0	Add the new vulnerabilities CGI file to the System menu Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 21:38:20 +01:00
Michael Tremer	6a83dbb451	SMT: Apply settings according to configuration SMT can be forced on. By default, all systems that are vulnerable to RIDL/Fallout will have SMT disabled by default. Systems that are not vulnerable to that will keep SMT enabled. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 21:30:26 +01:00
Michael Tremer	65871d1a0c	Add new CGI file to show CPU vulnerability status This is supposed to help users to have an idea about the status of the used hardware. Additionally, it allows users to enable/disable SMT. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 21:17:17 +01:00
Michael Tremer	db3451fe72	suricata: Ship updated rule download script Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 19:10:15 +01:00
Stefan Schantl	84227f7a1c	update-ids-ruleset: Release ids_page_lock when the downloader fails. Fixes #12085. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 19:09:47 +01:00
Peter Müller	40407aee99	ids.cgi: Fix upstream proxy validation Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Acked-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 18:50:06 +01:00
Michael Tremer	b06288b74d	spectre-meltdown-checker: Update to 0.41 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 18:04:49 +01:00
Stéphane Pautrel	e6d721a916	Update French translation Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 10:59:12 +01:00
Michael Tremer	23b26ce5e3	zoneconf: Reindent with tabs Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 10:56:13 +01:00
Michael Tremer	4d497f8ea0	Update translations Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 10:55:02 +01:00
Florian Bührle	7478903fb1	Added reboot notice Added a reboot notice and made table rows more distinguishable by alternating their background color. This improves usability. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 10:54:22 +01:00
Florian Bührle	0ec8e31ade	zoneconf: Switch rows/columns This change is necessary because the table can grow larger than the main container if a user has many NICs on their machine. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 10:53:50 +01:00
Michael Tremer	145343d56e	Update contributors Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 10:52:42 +01:00
Michael Tremer	933bfbf305	core132: Ship updated ovpnmain.cgi file Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 10:52:16 +01:00
Erik Kapfer	1338977702	ovpn_reorganize_encryption: Integrate LZO from global to advanced section Fixes: #11819 - Since the Voracle vulnerability, LZO is better placed under advanced section cause under specific circumstances it is exploitable. - Warning/hint has been added in the option defaults description. Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 10:51:26 +01:00
Michael Tremer	88e4e3d3ad	Update translations Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 10:51:09 +01:00
Erik Kapfer	0c4ffc6919	ovpn_reorganize_encryption: Added tls-auth into global section - Since HMAC selection is already in global section, it makes sense to keep the encryption togehter. - Given tls-auth better understandable name. Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 10:50:21 +01:00
Erik Kapfer	86308adb25	ovpn_reorganize_encryption: Integrate HMAC selection to global section Fixes: #12009 and #11824 - Since HMACs will be used in any configuration it is better placed in the global menu. - Adapted global section to advanced and marked sections with a headline for better overview. - Deleted old headline in advanced section cause it is not needed anymore. - Added check if settings do not includes 'DAUTH', if possible SHA512 will be used and written to settings file. Old configurations with SHA1 will be untouched. Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 10:49:30 +01:00
Michael Tremer	715a269aa4	tshark: Drop special package scripts We are not doing anything different from the default here, so we do not need an extra copy of them. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 10:48:25 +01:00
Erik Kapfer	ffcef39d40	tshark: New addon Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 10:44:04 +01:00
Oliver Fuhrer	bf2a1c524b	BUG 11696: VPN Subnets missing from wpad.dat This patch fixes the behavior in 11696 and adds IPSEC and OpenVPN n2n subnets to wpad.dat so they don't pass through the proxy. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 10:38:17 +01:00

... 2 3 4 5 6 ...

13588 Commits