webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-22 17:02:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
14,702 Commits 2 Branches 1 Tag
e694bbd17fc39e2dc4d7cbce8bf990941ed5c360
Commit Graph

2192 Commits

Author SHA1 Message Date
Arne Fitzenreiter
a43b370411 kernel: update to 4.14.183 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-06-04 08:37:00 +02:00
Arne Fitzenreiter
83d5892a86 kernel: drop extra i586-pae kernel 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-06-02 18:34:44 +02:00
Arne Fitzenreiter
76a1dedb4f move perl-DBI and perl-DBD-SQLite to core system 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-20 09:47:25 +00:00
Matthias Fischer
c7e79ba602 bind: Update to 9.11.19 
For details see:
https://downloads.isc.org/isc/bind9/9.11.19/RELEASE-NOTES-bind-9.11.19.html

"Security Fixes

    To prevent exhaustion of server resources by a maliciously
    configured domain, the number of recursive queries that can be
    triggered by a request before aborting recursion has been further
    limited. Root and top-level domain servers are no longer exempt from
    the max-recursion-queries limit. Fetches for missing name server
    address records are limited to 4 for any domain. This issue was
    disclosed in CVE-2020-8616. [GL #1388]

    Replaying a TSIG BADTIME response as a request could trigger
    an assertion failure. This was disclosed in CVE-2020-8617. [GL
    #1703]

Feature Changes

    Message IDs in inbound AXFR transfers are now checked for
    consistency. Log messages are emitted for streams with inconsistent
    message IDs. [GL #1674]

Bug Fixes

    When running on a system with support for Linux capabilities, named
    drops root privileges very soon after system startup. This was
    causing a spurious log message, "unable to set effective uid to 0:
    Operation not permitted", which has now been silenced. [GL #1042]
    [GL #1090]

    When named-checkconf -z was run, it would sometimes incorrectly set
    its exit code. It reflected the status of the last view found;
    if zone-loading errors were found in earlier configured views but
    not in the last one, the exit code indicated success. Thanks
    to Graham Clinch. [GL #1807]

    When built without LMDB support, named failed to restart after
    a zone with a double quote (") in its name was added with rndc
    addzone. Thanks to Alberto Fernández. [GL #1695]"

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-19 19:45:02 +00:00
Matthias Fischer
82d0a71743 unbound: Update to 1.10.1 
For details see:
https://lists.nlnetlabs.nl/pipermail/unbound-users/2020-May/006833.html

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-19 19:36:13 +00:00
Michael Tremer
97b1857ba4 random: Initialise the kernel's PRNG earlier 
Since more processes depend on good randomness, we need to
make sure that the kernel's PRNG is initialized as early as
possible.

For systems without a HWRNG, we will need to fall back to our
noisy loop and wait until we have enough randomness.

This patch also removes saving and restoring the seed. This
is no longer useful because the kernel's PRNG only takes any
input after it has successfully been seeded from other sources.

Hence adding this seed does not increase its randomness.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-17 07:46:32 +00:00
Michael Tremer
65cb935200 random: Launch rngd earlier in the boot process 
We should initialise the kernel's PRNG as early as we can.

Starting rngd very early will seed the random number generator
when RDRAND or other hardware random number generators are available.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-17 07:45:30 +00:00
Arne Fitzenreiter
289a86a320 rootfiles: change MACHINE to xxxMACHINExxx 
berkeley has a file that nane contain MACHINE wich should not
replaced by the build architecture.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-10 17:27:28 +00:00
Arne Fitzenreiter
c6744d67f0 mtools: update rootfile 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-10 07:36:12 +00:00
Michael Tremer
77ed195189 berkeley: Re-add 4.4 as compat package 
We have loads of packages linked against the older
version which is difficult to update.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-09 12:03:42 +00:00
Michael Tremer
a3f1e8ee50 berkeley: Update to 5.3.28 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-09 12:03:23 +00:00
Michael Tremer
3ca0c6783a openldap: Update to 2.4.49 
This patch removes slapd which is unused in IPFire.

Everything linked against the old version needs to
be shipped with this update.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-09 12:03:02 +00:00
Michael Tremer
918292b668 BerkeleyDB: Update to 0.63 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-09 12:02:37 +00:00
Erik Kapfer
b877372d92 hyperscan: Update to version 5.2.1 
Several bugfixes, improvements and extra detection has been added.
For the full changelog, take a look into here -->
https://github.com/intel/hyperscan/blob/master/CHANGELOG.md .

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-09 11:54:34 +00:00
Peter Müller
bcd854f6c9 libevent2: update to 2.1.11-stable 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-09 11:50:35 +00:00
Peter Müller
0f36d304b9 libusb: update to 1.0.23 
Fixes: #11480

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-09 11:48:24 +00:00
Arne Fitzenreiter
7b57e34210 webui: update rootfile 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-02 10:43:20 +00:00
Michael Tremer
708f2b7368 openvpn: Add metrics script 
This script is called when an OpenVPN Roadwarrior client
connects or disconnect and logs the start and duration
of the session.

This can be used to monitor session duration and data transfer.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-01 19:18:00 +00:00
Peter Müller
b347830644 coreutils: update to 8.32 
Cc: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-01 19:08:40 +00:00
Peter Müller
480afae717 automake: update to 1.16.2 
This is required in order to build coreutils 8.32.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-01 19:08:38 +00:00
Arne Fitzenreiter
2d85c1fe86 Revert "libwww-perl: update to 6.43" 
This reverts commit 3bcd393e18.
this has a corrupt rootfile:
Error! '/x86_64' in rootfiles files found!
./config/rootfiles/common/libwww-perl:#usr/lib/perl5/site_perl/5.30.0/x86_64-linux-thread-multi/auto/libwww
./config/rootfiles/common/libwww-perl:#usr/lib/perl5/site_perl/5.30.0/x86_64-linux-thread-multi/auto/libwww/perl
./config/rootfiles/common/libwww-perl:usr/lib/perl5/site_perl/5.30.0/x86_64-linux-thread-multi/auto/libwww/perl/.packlist
Replace by MACHINE !

and if i fix this it break pakfire.
 2020-05-01 13:04:09 +00:00
Arne Fitzenreiter
5e32ee6a30 iproute2: fix rootfile 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-01 00:38:20 +02:00
Peter Müller
3bcd393e18 libwww-perl: update to 6.43 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-04-30 15:14:30 +00:00
Matthias Fischer
8c7446ab08 vnstat 2.6: Fix for rootfile 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-04-30 14:56:49 +00:00
Matthias Fischer
7b1134ea60 vnstat: Update to 2.6 
For details see:
https://humdi[dot]net/vnstat/CHANGES

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-04-30 14:55:22 +00:00
Peter Müller
906a176378 gzip: ship zgrep, zless and zmore 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-04-30 14:52:53 +00:00
Erik Kapfer
b1c761c184 iproute2: Update to version 5.6.0 
Several fixes and new enhancements, including new binaries (devlink, rdma, tipc) has been added.
For all commits, take a look in here --> https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/log/ .

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-04-30 14:51:15 +00:00
Matthias Fischer
6008ea4e2c libpng: Update to 1.6.37 
For details see:
http://www[dot]libpng[dot]org/pub/png/libpng[dot]html

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-04-26 07:29:59 +00:00
Matthias Fischer
6d6b668b0d libjpeg: Update to 2.0.4 
For details see:
https://sourceforge.net/projects/libjpeg-turbo/files/2.0.4/

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-04-25 09:05:28 +00:00
Matthias Fischer
64ac07fabc cmake: Update to 3.17.0 
For details see:
https://cmake.org/cmake/help/v3.17/release/3.17.html

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-04-25 09:05:11 +00:00
Arne Fitzenreiter
1bba20a985 bind: update rootfile 2020-04-22 02:41:49 +02:00
Arne Fitzenreiter
2399b70dc2 openssl: update rootfile 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-04-21 16:51:53 +02:00
Michael Tremer
20253656fc Add /etc/os-release 
This file is being read by some packages to find out on what
distribution they are running on.

This file needs to be included in every Core Update.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-04-20 15:27:50 +00:00
Michael Tremer
6b75121120 gcc: Drop Go on i586 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-04-20 15:25:51 +00:00
Michael Tremer
6d5e9f40f8 gcc: Drop Go on armv5tel 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-04-20 15:25:42 +00:00
Michael Tremer
c22cee9288 gcc: Drop Go on aarch64 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-04-20 15:25:34 +00:00
Michael Tremer
d2315d00c2 Package the official Go compiler 
Since Go has a horrible build system which requires a Go
compiler to build the Go compiler and takes a very long
time to compile, we are following Rust and are using the
"official" pre-compiled release tarball.

We no longer ship the Go runtime, which mitigates the
risk of shipping any malware.

Because we currently only have one package using this
and which is only being compiled for x86_64, we are
only making Go available on this architecture.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-04-20 15:24:51 +00:00
Michael Tremer
eed179acdc gcc: Drop support for Go 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-04-20 15:24:38 +00:00
Matthias Fischer
fb241a29c5 apache: Update to 2.4.43 
For details see:
http://mirror.dkd.de/apache//httpd/CHANGES_2.4.43

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-04-20 15:19:25 +00:00
Arne Fitzenreiter
b3e2c3ce26 dhcpcd: update to 9.00 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-04-12 08:16:28 +02:00
Arne Fitzenreiter
975bd8bc17 Revert "Revert "OpenSSH: update to 8.2p1"" 
This reverts commit e7fcf874e7.
 2020-04-10 16:23:09 +02:00
Arne Fitzenreiter
e7fcf874e7 Revert "OpenSSH: update to 8.2p1" 
ssh skips login before asking for credentials at i586.

This reverts commit 3fd3f4de44.
 2020-04-09 20:26:33 +00:00
Michael Tremer
2ff56df4e0 strongswan: Build sha3 plugin 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-04-01 14:40:39 +00:00
Michael Tremer
e4a0b55881 fcron: Fix reloading crontab 
fcrontab -z fails on a freshly installed system since
/var/spool/cron is now owned by cron:cron and a temporary
file cannot be created.

This will have to be manually changed in the updater by
calling:

  chown cron:cron /var/spool/cron

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-03-30 16:37:38 +00:00
Arne Fitzenreiter
54e6ded417 smartmontools: update rootfile 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-03-29 06:34:18 +00:00
Matthias Fischer
454c77d4c4 bind: Update to 9.11.17 
For details see:
https://downloads.isc.org/isc/bind9/9.11.17/RELEASE-NOTES-bind-9.11.17.html

"Notes for BIND 9.11.17

Feature Changes

The configure option --with-libxml2 now uses pkg-config to detect
libxml2 library availability. You will either have to install pkg-config
or specify the exact path where libxml2 has been installed on your
system. [GL #1635]

Bug Fixes

Fixed re-signing issues with inline zones which resulted in records
being re-signed late or not at all."

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-03-28 18:38:24 +00:00
Arne Fitzenreiter
5562f26f69 vnstat: remove wrong tag file 
fixes #12305

I had created this tag file to ship the folder but vnstat doesn't like empty files.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-03-26 17:56:23 +00:00
Peter Müller
3fd3f4de44 OpenSSH: update to 8.2p1 
Please refer to https://www.openssh.com/txt/release-8.2 for release
announcements. Since glibc < 2.31 is used, no additional patching was
required in order to restore correct login functionality.

Cc: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-03-26 17:40:06 +00:00
Arne Fitzenreiter
a48d35f3ff smartmontools: update rootfile 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-03-26 17:38:32 +00:00
Matthias Fischer
a7e9342c18 ncurses: Update to 6.2 
For details see:
https://invisible-island.net/ncurses/announce.html#h2-release-notes

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-03-26 09:42:12 +00:00