webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-11 19:55:52 +02:00
Code Issues Packages Projects Releases Wiki Activity
9,957 Commits 2 Branches 1 Tag
fc9ea3bc4bb5d58fe3fa952cbe658206d3ce88e9
Commit Graph

9957 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Arne Fitzenreiter
fc9ea3bc4b core101: add changed packages to updater. 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-04-21 17:53:08 +02:00
Arne Fitzenreiter
bb28d8913a Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 2016-04-20 17:45:49 +02:00
Michael Tremer
9fcba2b5df Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 2016-04-20 16:24:12 +01:00
Michael Tremer
32d91ecad8 conntrack: Remove old disable_nf_sip indicator file 
This is not used any more and not needed either.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-20 16:23:22 +01:00
Michael Tremer
977007bfd9 core101: Migrate conntrack settings that broke in 100 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-20 16:22:31 +01:00
Michael Tremer
a3712ff967 core101: Add recent changes on firewall 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-20 16:15:55 +01:00
Michael Tremer
2f662bf058 optionsfw.cgi: Clean up code 
Add translation to radio buttons. No functional changes.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-20 16:14:14 +01:00
Michael Tremer
8e7c5e65ad firewall: Fix connection tracking for PPTP 
GRE connections were not correctly forwarded without the helper
being enabled. Choosing the wrong protocol here did not allow
us to load it properly.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-20 16:04:24 +01:00
Arne Fitzenreiter
23bb683902 firewall: fix nat module load for application layer gateways 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-04-20 10:19:46 +02:00
Arne Fitzenreiter
c485f38c99 Merge remote-tracking branch 'origin/core100' into next 2016-04-19 22:04:24 +02:00
Arne Fitzenreiter
b243767b10 kernel: fix mac80211 build on rpi. 
mac80211 depends on CRYPTO_GCM don't know why this was off before in
rpi config.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-04-19 18:44:13 +02:00
Arne Fitzenreiter
4bee1eb491 kernel: change stackprotector from strong to regular. 
Xen/Paravirt crash with stackprotect in strong mode.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-04-17 23:31:43 +02:00
Arne Fitzenreiter
0c459f8c7e xen-image-maker: fix typos and missing doublequote. 2016-04-17 22:23:11 +02:00
Michael Tremer
f64aae96e4 core101: Ship updated dma 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-17 20:22:44 +01:00
Matthias Fischer
b01d8a6830 dma: Update to 0.11 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-17 20:21:55 +01:00
Matthias Fischer
a2f63d7e2e lcdproc 0.5.7: Fixes for rootfile 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-17 20:08:15 +01:00
Eberhard Beilharz
8f31e52dbc Add missing end-quote to xen-image-maker 
Signed-off-by: Eberhard Beilharz <eb1@sil.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-17 20:05:32 +01:00
Arne Fitzenreiter
0e664ce92f core101: exclude grub.cfg and grubenv from updates. 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-04-15 14:19:19 +02:00
Arne Fitzenreiter
a2c6ae9e15 core100: remove grub.cfg and grubenv from updater. 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-04-15 13:19:25 +02:00
Michael Tremer
d00032e765 lcdproc: Bump release 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-14 11:24:40 +01:00
Sascha Kilian
41a8f7f3cc lcdproc: Update to 0.5.7 
Signed-off-by: Sascha Kilian <sascha@sakisoft.de>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-14 11:20:56 +01:00
Arne Fitzenreiter
77ecb239d3 samba: import RHEL security fixes. 
CVE-2015-7560
CVE-2016-2110
CVE-2016-2111
CVE-2016-2112
CVE-2016-2115
CVE-2016-2118 aka Badlock
CVE-2015-5370

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-04-13 22:25:14 +02:00
Michael Tremer
5208ceedd9 installer: Force overwriting EXT4 FS 
On 64 bit systems, the installation fails if a previous XFS FS
is detected on the partition an EXT4 FS should be formatted.

This does not happen on 32 bit systems.

Fixes: #11091

Reported-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Tested-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
 2016-04-11 10:20:00 +01:00
Arne Fitzenreiter
17d270d5c9 dnsdist: disable parallel build 
on 4 core machines with 2GB ram the parallel build fails
with out of memory.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-04-10 09:41:08 +02:00
Michael Tremer
36ba4ebe99 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 2016-04-08 16:16:57 +01:00
Jonatan Schlag
b395d3289d New package ncat. 
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-08 16:12:19 +01:00
Jonatan Schlag
45b7ed8519 Build nmap without ncat. 
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-08 16:12:16 +01:00
Jonatan Schlag
33a24fccc2 Remove the nc symlink from netcat package and rename to gnu-netcat (gnu-netcat is no longer our standard netcat) 
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-08 16:12:14 +01:00
Michael Tremer
78d49152a8 core101: Ship latest changes in CGI files 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-08 15:56:14 +01:00
Michael Tremer
0aff7b8196 {proxy,chpasswd}.cgi: Fix a remote code execution vulnerability 
Handcrafted requests with shell commands could be sent to these
CGI files and gain shell access as unprivileged user.

References: #11087

Reported-by: Yann Cam <yann.cam@gmail.com>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-08 15:54:53 +01:00
Michael Tremer
f367d5b388 ipinfo.cgi: Remove XSS vulnerability 
References: #11087

Reported-by: Yann Cam <yann.cam@gmail.com>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-08 15:54:53 +01:00
Marcel Lorenz
c954b6acdc bwm-ng: update to 0.6.1 
Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-08 14:59:40 +01:00
Arne Fitzenreiter
31db25e52b dmidecode: fix rootfile. 
symlink is not working at common/arch because the check will seek files.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-04-08 13:38:05 +02:00
Arne Fitzenreiter
fa4ac4f3dd perl-Apache-Htpasswd: fix rootfiles 
Signel-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-04-08 13:32:28 +02:00
Michael Tremer
56f2056c67 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 2016-04-06 21:48:32 +01:00
Michael Tremer
c899b16e2e squid: Update rootfile 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-06 21:48:19 +01:00
Arne Fitzenreiter
9a6be06535 core101: start update. 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-04-06 19:57:46 +02:00
Arne Fitzenreiter
9f19223e4e mcelog: new package 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-04-06 19:44:34 +02:00
Jonatan Schlag
5a9c93964b New package iperf3 
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-05 23:47:36 +01:00
Matthias Fischer
c07053012f pcre 8.38: latest patches from upstream (LFS) 
* Fix auto-callout (?# comment bug.
* Fix negated POSIX class within negated overall class UCP bug.
* Fix bug for isolated \E between an item and its qualifier
when auto callout is set.
* Give error for regexec with pmatch=NULL and REG_STARTEND set.
* Allow for up to 32-bit numbers in the ordin() function in  pcregrep.
* Fix \Q\E before qualifier bug when auto callouts are enabled.
* Fix /x bug when pattern starts with white space and (?-x).
* Fix copy named substring bug.
* Fix (by hacking) another length computation issue.
* Fix get_substring_list() bug when \K is used in an assertion.
* Fix pcretest bad behaviour for callout in lookbehind.
* Fix workspace overflow for (*ACCEPT) with deeply nested parentheses.
* Yet another duplicate name bugfix by overestimating the
memory needed  (i.e. another hack - PCRE2 has this "properly" fixed).
* Fix pcretest loop for global matching with an ovector size less than 2.
* Fix non-diagnosis of missing assertion after (?(?C).

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-05 22:56:33 +01:00
Matthias Fischer
8e6421d78e squid 3.4.14: Bugfix for #4323 (Netfilter broken cross-includes with Linux 4.2) 
For details see: http://bugs.squid-cache.org/show_bug.cgi?id=4323

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-05 22:56:04 +01:00
Michael Tremer
bdb319c0ca squid: Patch SQUID-2016:3/CVE-2016-3947 
http://www.squid-cache.org/Advisories/SQUID-2016_3.txt

 Due to a buffer overrun Squid pinger binary is vulnerable to
 denial of service or information leak attack when processing
 ICMPv6 packets.

 This bug also permits the server response to manipulate other
 ICMP and ICMPv6 queries processing to cause information leak.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-05 22:52:54 +01:00
Michael Tremer
52b08bc1ea perl-Apache-Htpasswd: New module 
Used to change passwords in Apache's htpasswd files

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-04 16:28:09 +01:00
Michael Tremer
6a30a2d4b7 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 2016-04-01 19:13:17 +01:00
Michael Tremer
251cde3dfc dmidecode: Move into core system 
This should not be a package

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-01 19:12:47 +01:00
Michael Tremer
0dbd30710d dmidecode: Only build on x86 
ARM is obviously not supported

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-01 19:11:30 +01:00
Arne Fitzenreiter
b3b5bbb95a Merge branch 'master' into next 2016-04-01 13:29:40 +02:00
Arne Fitzenreiter
b580a05b05 kernel: set pakver to 67 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-04-01 08:30:34 +02:00
Arne Fitzenreiter
c91595a143 e1000e: update to 3.3.3 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-04-01 08:25:08 +02:00
Arne Fitzenreiter
b64110cfd5 igb: fix hung at dev_get_stats() 
without this igb can bring the whole userspace to hung
with "cpu_stuck for more than 22s". I don't understand
why this bug is set to "wont-fix" at the bugtracker.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-04-01 08:20:36 +02:00