Commit Graph

1364 Commits

Author SHA1 Message Date
Michael Tremer
37fe3658a0 samba: Add helper script to pipe password
It is complicated to set the password in the C helper binary.

Therefore it is being set by a helper script.

This is still not an optimal solution since the password might be
exposed to the shell environment, but has the advantage that shell
command injection is no longer possible.

Fixes: #12562
Reported-by: Albert Schwarzkopf <ipfire@quitesimple.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2021-01-27 21:06:57 +00:00
Adolf Belka
2abcb7ee5f bacula: Update to 9.6.7
- Update bacula from 9.6.6 to 9.6.7
	This is a minor bug release
	See https://sourceforge.net/projects/bacula/files/bacula/9.6.7/ReleaseNotes/
- This is the last of the version 9 series. The next update will be the version 11 series.
- Update of lfs and rootfiles

Signed-off-by: Adolf Belka <ahb.ipfire@gmail.com>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-12-28 13:15:29 +00:00
Adolf Belka
9cea690a93 htop: Update to 3.0.3
- Update htop from 3.0.2 to 3.0.3
	See the Change Log for details of changes
	https://github.com/htop-dev/htop/blob/master/ChangeLog
- Rootfiles updated

Signed-off-by: Adolf Belka <ahb.ipfire@gmail.com>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-12-21 16:35:10 +00:00
Adolf Belka
9ee802c508 hplip: Update to 3.20.11
- Update from 3.18.6 to 3.20.11 (16 updates)
- See Release notes for bug fixes and support for additional printers
	https://sourceforge.net/p/hplip/news/
- Update of rootfile :-)

Signed-off-by: Adolf Belka <ahb.ipfire@gmail.com>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-12-20 09:47:04 +00:00
ummeegge
50752f1b61 kerberos: Update to version 1.18.3
Since version 1.15.2 several fixes and enhancements has been introduced.
For a full overview the release notes can be found in the next lines.

https://web.mit.edu/kerberos/krb5-1.16/
https://web.mit.edu/kerberos/krb5-1.17/
https://web.mit.edu/kerberos/krb5-1.18/

Signed-off-by: ummeegge <erik.kapfer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-12-10 12:32:11 +00:00
ummeegge
14baf8472a tshark: Update to version 3.4.0
- Since tshark uses since 3.4.0 an always enabled asynchronous DNS
resolution, c-ares is a needed dependency.
- Since the current actual version 3.2.6 a lot of bug fixes, fixed
vulnerabilities, updated features, new protocols but also updated
protocols has been integrated.
A full overview of all changes can be found in here -->
Update to version 3.2.7:
https://www.wireshark.org/docs/relnotes/wireshark-3.2.7.html
Update to version 3.2.8:
https://www.wireshark.org/docs/relnotes/wireshark-3.2.8.html
Update to version 3.4.0
https://www.wireshark.org/docs/relnotes/wireshark-3.4.0.html

Signed-off-by: ummeegge <erik.kapfer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-12-10 12:31:15 +00:00
ummeegge
d44ce7d4c2 c-ares: New package. Needed as tshark Dependency
- Since tshark uses with version 3.4.0 an always enabled asynchronous DNS
resolution c-ares is a needed dependency.
- Since curl can also use c-ares --> https://c-ares.haxx.se/ it has been
placed in make.sh before curl even no compiletime options has been set
to enable this. c-ares has also been placed in packages and not in common
which would be needed if it should be used for curl too.

Signed-off-by: ummeegge <erik.kapfer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-12-10 12:30:24 +00:00
Adolf Belka
c2f02d9d59 bacula: Update to use IPFire initscript
Bacula install used the bacula initscript for starting and stopping bacula.
This works fine but results in no pid or memory input in the addons table
under services.
Using the IPFire initscript also successfully starts and stops bacula with
no problems but also provides the pid and memory information in the services
addons table.
- rootfiles adjusted to remove the reference to bacula-ctl-fd
- lfs/bacula adjusted to remove the init.d/bacula link generation
             remove the "rm -f /root/.rnd" command. This file is not present
             and I have not seen this command in any other lfs file that I
             have looked at.
- new bacula initscript created

Signed-off-by: Adolf Belka <ahb.ipfire@gmail.com>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-12-10 12:28:58 +00:00
Arne Fitzenreiter
8372d89000 vdr: version 2.4.4 still use plugin API 2.4.3
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
2020-12-05 10:09:03 +00:00
Michael Tremer
77b7668c9e aws-cli: Update to 1.18.188
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-12-02 17:55:51 +00:00
Michael Tremer
57a0aedb3e python3-botocore: Update to 1.19.28
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-12-02 17:55:22 +00:00
Michael Tremer
05be1c642a python3-urllib3: New package
Required by botocore

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-12-02 17:54:56 +00:00
Matthias Fischer
c2773f2371 ghostscript: Update to 9.53.3
For details see:
https://www.ghostscript.com/doc/current/History9.htm#Version9.53.3

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-11-27 15:49:50 +00:00
Arne Fitzenreiter
7adacda04c transmission: update to 3.00
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-11-26 16:15:48 +00:00
Arne Fitzenreiter
27023de931 vdr-dvbapi: fix rootfile
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
2020-11-24 08:18:09 +01:00
Arne Fitzenreiter
e4f287a268 vdr: update to 2.4.4
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-11-23 18:15:48 +00:00
Adolf Belka
d0d63bbbee apcupsd: addition of backup/includes definition
Added a backup/includes file for apcupsd to backup the
/etc/apcupsd/ directory where all the configuration files
are stored. Currently there is no backup available to
save the state of any changes carried out to the configuration
or action files.
Signed-off-by: Adolf Belka <ahb.ipfire@gmail.com>

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-11-23 15:12:54 +00:00
Arne Fitzenreiter
17a8437e82 pcengines-firmware: update to 4.12.0.6
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-11-23 15:12:54 +00:00
Michael Tremer
6cab8977e0 amazon-ssm-agent: Package /usr/bin/ssm-agent-worker
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-11-19 18:35:36 +00:00
ummeegge
e23b3b08a8 git: Add missing Error.pm and LoadCPAN submodules
Fixes #12511

Signed-off-by: ummeegge <erik.kapfer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-11-10 11:17:29 +00:00
Peter Müller
02489761db libseccomp: update to 2.4.4
Full changelog obtained from: https://github.com/seccomp/libseccomp/releases/tag/v2.4.4

Version 2.4.4 - August 21, 2020

    Update the syscall table for Linux v5.8-rc7
    Fix double free when BPF generation fails
    Add aarch64 support for clone3, getrlimit, and setrlimit

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-11-05 23:34:22 +00:00
Peter Müller
1cd27f38e6 lynis: update to 3.0.1
Full changelog obtained from: https://cisofy.com/changelog/lynis/#301

- Detection of Alpine Linux
- Detection of CloudLinux
- Detection of Kali Linux
- Detection of Linux Mint
- Detection of macOS Big Sur (11.0)
- Detection of Pop!_OS
- Detection of PHP 7.4
- Malware detection tool: Microsoft Defender ATP
- New flag: --slow-warning to allow tests more time before showing a
warning
- Test TIME-3185 to check systemd-timesyncd synchronized time
- rsh host file permissions

- AUTH-9229 - Added option for LOCKED accounts and bugfix for older bash
versions
- BOOT-5122 - Presence check for grub.d added
- CRYP-7902 - Added support for certificates in DER format
- CRYP-7931 - Added data to report
- CRYP-7931 - Redirect errors (e.g. when swap is not encrypted)
- FILE-6430 - Don't grep nonexistant modprobe.d files
- FIRE-4535 - Set initial firewall state
- INSE-8312 - Corrected text on screen
- KRNL-5728 - Handle zipped kernel configuration correctly
- KRNL-5830 - Improved version detection for non-symlinked kernel
- MALW-3280 - Extended detection of BitDefender
- TIME-3104 - Find more time synchronization commands
- TIME-3182 - Corrected detection of time peers
- Fix: hostid generation routine would sometimes show too short IDs
- Fix: language detection
- Generic improvements for macOS
- German translation updated
- End-of-life database updated
- Several minor code enhancements

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-11-05 23:33:14 +00:00
Peter Müller
3e19f681a1 drop SpamAssassin add-on
This package has not been maintained well and is thereof outdated. At
the time of writing, we neither
(a) have a maintainer for this nor
(b) believe it is wise to run a full-featured content scanner on a
    firewall for security purposes. (We can make do with Postfix, as it
    is known for being a very robust MTA and providess less attack
    surface than something actually inspecting transferred messages.)

Thereof, this patch drops the SpamAssassin add-on. In case it is desired
in future versions of IPFire, it can be easily reverted, restoring the
functionality and behaviour before.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-27 11:58:35 +00:00
Peter Müller
6483ec30b9 drop Amavis add-on
This package has not been maintained well and is thereof outdated. At
the time of writing, we neither
(a) have a maintainer for this nor
(b) believe it is wise to run a full-featured content scanner on a
    firewall for security purposes. (We can make do with Postfix, as it
    is known for being a very robust MTA and providess less attack
    surface than something actually inspecting transferred messages.)

Thereof, this patch drops the Amavis add-on. In case it is desired in
future versions of IPFire, it can be easily reverted, restoring the
functionality and behaviour before.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-27 11:58:20 +00:00
Michael Tremer
64c8811dee samba: Update rootfiles
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-14 09:53:30 +00:00
Michael Tremer
7dea42ae84 samba: Drop PDC default configuration
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-13 17:06:17 +01:00
Michael Tremer
be1554336d samba: Export all printers from CUPS
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-13 17:06:16 +01:00
Michael Tremer
97722ab69d samba: Remove printer management
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-13 17:06:16 +01:00
Michael Tremer
a88ea3463c samba: Remove help popup
This is outdated and should be put into the wiki.

It is also some very ugly JS.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-13 17:06:16 +01:00
Michael Tremer
5aa5f6777a samba: Remove reset options
This only requires that we have to change multiple files with
the same settings.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-13 17:06:16 +01:00
Michael Tremer
13e455aec7 samba: Log to syslog
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-13 17:06:16 +01:00
Matthias Fischer
add03100a5 nano: Update to 5.3
For details see:
https://www.nano-editor.org/news.php

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-12 10:07:42 +00:00
Jonatan Schlag
bd78dec95b Borgbackup: Ship testsuite also for i586 and armv5tel
Fixes: #12438

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-10 11:42:09 +00:00
Michael Tremer
ffd8eafa52 libtalloc: Move to /usr and drop Python module
We do not use the Python module and can therefore
only have one rootfile for all architectures.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-06 16:35:26 +00:00
Arne Fitzenreiter
42fca29033 libtalloc: add new package because samba4 not provide this anymore
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-06 12:20:09 +00:00
Arne Fitzenreiter
1dd31d858e samba: update to 4.13.0
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-06 12:19:04 +00:00
Arne Fitzenreiter
bbcaca5662 perl-Parse-Yapp: add package
samba4 depends on this perl module

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-06 12:18:58 +00:00
Peter Müller
3c73b7fbf0 python3-botocore: update to 1.16.1
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-06 12:13:06 +00:00
Peter Müller
33e86e2d4e python3-colorama: update to 0.4.3
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-06 12:12:59 +00:00
Peter Müller
a1e3c67cad python3-dateutil: update to 2.8.1
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-06 12:12:54 +00:00
Peter Müller
85bf02ab09 python3-docutils: update to 0.16
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-06 12:12:45 +00:00
Peter Müller
7597a209ea python3-jmespath: update to 0.9.5
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-06 12:12:36 +00:00
Peter Müller
a4de7e7b0a python3-pyasn1: update to 0.4.8
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-06 12:10:26 +00:00
Peter Müller
1be989f46d python3-rsa: update to 4.0
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-06 12:10:18 +00:00
Peter Müller
9a2f6c5d8a python3-s3transfer: update to 0.3.3
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-06 12:09:57 +00:00
Peter Müller
06c3032442 python3-six: update to 1.14.0
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-06 12:09:37 +00:00
Erik Kapfer
22a6277fc9 freeradius: Update to version 3.0.21
Update includes several fixes (incl. CVE-2019-17185) and feature improvements.
A full overview of all changes can be found in here --> https://raw.githubusercontent.com/FreeRADIUS/freeradius-server/v3.0.x/doc/ChangeLog .

The freeradius-no-buildtime-cert-gen patch applies also with this version.

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-02 14:59:23 +00:00
Erik Kapfer
b789edf973 lynis: Update to version 3.0.0
Several Fixes (incl. CVE-2019-13033 and CVE-2020-13882) and features has been added since the last version 2.6.4 .
For a full overview of the changes take a look in here --> https://cisofy.com/changelog/lynis/ .

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-02 14:59:09 +00:00
Erik Kapfer
44bbc60696 libsolv: Update to version 0.7.14
Several fixes and features has been added.
A full overview of all changes can be found in here --> https://github.com/openSUSE/libsolv/blob/master/package/libsolv.changes .

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-10-02 14:54:18 +00:00
Michael Tremer
a839e63f74 stunnel: Package /var/lib/stunnel
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2020-09-30 17:10:39 +00:00