bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-13 04:22:58 +02:00

Author	SHA1	Message	Date
Michael Tremer	fe9dbfa124	core133: Ship updated IPS ruleset sources Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 15:48:44 +01:00
Stefan Schantl	79af9f6938	ruleset-sources: Update snort dl urls. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 15:48:15 +01:00
Michael Tremer	21f2107697	tor: Ship updated CGI Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 15:47:02 +01:00
Erik Kapfer	ac2fdbb15e	tor.cgi: Disable debugging output Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 15:46:45 +01:00
Michael Tremer	f6104aa1e0	core133: Drop metadata for jansson package Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 15:42:50 +01:00
Michael Tremer	86efc510f9	core133: Ship hyperscan Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 15:40:31 +01:00
Michael Tremer	81544f8884	hyperscan: Move rootfiles to arch directories This package is only compiled on x86_64 and i586 and cannot be packaged in any of the other architectures. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 15:38:42 +01:00
Stefan Schantl	52ebc66bba	hyperscan: New package This package adds hyperscan support to suricata Fixes #12053. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 14:40:14 +01:00
Stefan Schantl	2348cfffcf	ragel: New package This is a build dependency of hyperscan Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 14:40:03 +01:00
Stefan Schantl	1a5f064916	colm: New package This is a build dependency of ragel, which is a build dependency of hyperscan. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 14:39:32 +01:00
Stefan Schantl	0f75603f23	asterisk: Remove dependency to jansson. The package has become part of the main system. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 14:39:19 +01:00
Stefan Schantl	616395f37c	jansson: Move to core system and update to 2.12 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 14:39:00 +01:00
Michael Tremer	f6e18df542	Rootfile update Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 14:37:23 +01:00
Arne Fitzenreiter	8a104d7f02	core133: readd late core132 changes to core133 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-26 17:27:16 +02:00
Arne Fitzenreiter	83809af1fb	Merge branch 'master' into next	2019-05-26 17:23:54 +02:00
Arne Fitzenreiter	637885839b	core132: security conf should not executable Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-26 16:17:04 +02:00
Michael Tremer	8fad3a5941	tor: Depend on libseccomp Suggested-by: Erik Kapfer <erik.kapfer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-26 16:12:48 +02:00
Stefan Schantl	fefb5173cf	ids-functions.pl: Do not delete the whitelist file on rulesdir cleanup. Fixes #12087. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-26 16:09:21 +02:00
Arne Fitzenreiter	d0db7550ed	core132: set correct permissions of security settings file. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-26 16:05:41 +02:00
Arne Fitzenreiter	29abc2d07c	vulnerabilities.cgi: again change colours red - vulnerable blue - mitigated green - not affected because we not really trust the mitigations so they shound not green. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-25 07:39:38 +02:00
Arne Fitzenreiter	e896a9bd3d	vulnerabilities.cgi fix string handling remove lf at the end for correct matching and not strip "Mitigated:" if it was not full working and still vulnerable. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-25 06:54:35 +02:00
Michael Tremer	413f84e988	vulnerabilities.cgi: Regard mitigations that only mitigate something still as vulnerable Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-25 06:51:53 +02:00
Michael Tremer	a96bcf413a	vulnerabilities.cgi: Simplify regexes We can do the split in one. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-25 06:51:06 +02:00
Michael Tremer	333125abf8	Merge branch 'toolchain' into next	2019-05-24 06:55:03 +01:00
Michael Tremer	9f0295a512	Merge remote-tracking branch 'ms/faster-build' into next	2019-05-24 06:54:16 +01:00
Michael Tremer	8feb0db430	core133: Ship updated squid Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-24 06:39:37 +01:00
Matthias Fischer	d2b5f03631	squid: Update to 4.7 For details see: http://www.squid-cache.org/Versions/v4/changesets/ Fixes among other things the old 'filedescriptors' problem, so this patch was deleted. Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-24 06:37:50 +01:00
Michael Tremer	53ef2a0ffe	core133: Ship updated bind Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-24 06:37:21 +01:00
Matthias Fischer	f225f3ee29	bind: Update to 9.11.7 For details see: http://ftp.isc.org/isc/bind9/9.11.7/RELEASE-NOTES-bind-9.11.7.html "Security Fixes The TCP client quota set using the tcp-clients option could be exceeded in some cases. This could lead to exhaustion of file descriptors. This flaw is disclosed in CVE-2018-5743. [GL #615]" Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-24 06:36:55 +01:00
Michael Tremer	79967ee9c4	Start Core Update 133 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-24 06:35:46 +01:00
Michael Tremer	90194d7f7b	.gitignore: Ignore some backup files Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-24 06:30:46 +01:00
Michael Tremer	f8c23b43b7	tor: Depend on libseccomp Suggested-by: Erik Kapfer <erik.kapfer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-23 01:50:29 +01:00
Michael Tremer	f617fd912b	unbound: Safe Search: Enable Restrict-Moderate for YouTube Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-22 15:29:32 +01:00
Michael Tremer	6d653734fb	Update German translations Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-22 15:18:31 +01:00
Michael Tremer	61498b76b6	vulnerabilities.cgi: Regard mitigations that only mitigate something still as vulnerable Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-22 15:18:31 +01:00
Michael Tremer	144ff7605d	vulnerabilities.cgi: Simplify regexes We can do the split in one. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-22 15:17:59 +01:00
Arne Fitzenreiter	2f34103d47	Merge branch 'master' into next	2019-05-22 12:34:41 +02:00
Arne Fitzenreiter	984a6cabe4	vulnerablities: change to logic colours Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-22 12:34:03 +02:00
Arne Fitzenreiter	16e13262d9	Merge branch 'next'	2019-05-22 10:38:02 +02:00
Arne Fitzenreiter	3858a4b5b8	finish: core132 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-22 10:33:20 +02:00
Arne Fitzenreiter	b23db9b97b	vulnerablities.cgi: add colours for vuln,smt and unknown output. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-22 10:30:08 +02:00
Arne Fitzenreiter	716f00b116	kernel: update to 4.14.121 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-21 20:42:51 +02:00
Arne Fitzenreiter	b0d31edbd6	vnstat: fix errormessage at first boot Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-21 20:36:16 +02:00
Arne Fitzenreiter	6d37280f3e	configroot: create main/security settings file Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-21 15:03:21 +02:00
Arne Fitzenreiter	405f69fc9c	web-user-interface: update rootfile Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-21 15:02:54 +02:00
Michael Tremer	a087f4f586	core132: Ship vulnerabilities.cgi Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 21:55:55 +01:00
Michael Tremer	1cbcd044af	SMT: Show status on vulnerabilities.cgi Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 21:54:05 +01:00
Michael Tremer	f238e25172	vulnerabilities.cgi: Disable debugging output Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 21:39:03 +01:00
Michael Tremer	6f626b9ba0	Add the new vulnerabilities CGI file to the System menu Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 21:38:20 +01:00
Michael Tremer	6a83dbb451	SMT: Apply settings according to configuration SMT can be forced on. By default, all systems that are vulnerable to RIDL/Fallout will have SMT disabled by default. Systems that are not vulnerable to that will keep SMT enabled. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 21:30:26 +01:00

1 2 3 4 5 ...

13457 Commits