webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
7caecf45fbaab7f681d0aa3d5ea87ca660ff4f3d
bpfire/config
History
Peter Müller 7caecf45fb linux: Give CONFIG_RANDOMIZE_BASE on aarch64 another try 
Quoted from https://capsule8.com/blog/kernel-configuration-glossary/:

> Significance: Critical
>
> In support of Kernel Address Space Layout Randomization (KASLR) this randomizes
> the physical address at which the kernel image is decompressed and the virtual
> address where the kernel image is mapped as a security feature that deters
> exploit attempts relying on knowledge of the location of kernel code internals.

We tried to enable this back in 2020, and failed. Since then, things
may have been improved, so let's give this low-hanging fruit another
try.

Fixes: #12363
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
2022-08-01 10:20:20 +00:00
..
acpid
avahi
backup
Merge branch 'temp-stevee-ipblocklist-final' into next
2022-07-10 08:20:15 +00:00
bash
bind
ca-certificates
ca-certificates: Update root CA certificates bundle
2022-07-06 06:29:58 +00:00
calamaris
cdrom
README: Update installation URL
2021-07-19 18:27:26 +00:00
cfgroot
ipblocklist: Add "v4" as extension to the ipset set names.
2022-07-07 17:27:14 +02:00
clamav
client175
collectd
collectd: Do not keep track of entropy any more
2022-07-14 09:40:53 +00:00
cron
fcron: Try to update ipblocklists every 15 min.
2022-07-07 17:28:01 +02:00
cups
cyrus-sasl
dehydrated
dhcpc
dhcpcd: Remove old MTU setting script
2022-02-23 15:46:45 +00:00
dma
dracut
dracut: Install an IPFire system configuration file
2022-03-14 15:18:21 +00:00
elinks
config/elinks/elinks.conf does not have to be executable
2021-05-20 10:01:50 +00:00
etc
sysctl: Permit ptrace usage for processes with CAP_SYS_PTRACE
2022-06-29 19:43:08 +00:00
etc-aarch64
Install sysctl.conf only on those architectures where needed
2021-04-11 12:12:56 +00:00
etc-armv6l
switch arm 32 bit arch from armv5tel to armv6l
2021-07-05 07:42:39 +02:00
etc-x86_64
Install sysctl.conf only on those architectures where needed
2021-04-11 12:12:56 +00:00
extrahd
findutils
firewall
rules.pl: Do not check private networks against ipblocklists.
2022-07-07 17:27:14 +02:00
flash-images/grub
flash-images: Label serial console option as "serial"
2021-08-01 13:24:01 +00:00
freeradius
fstrim
fwhosts
icmp-types file does not have to be executable
2021-05-04 15:51:15 +00:00
gnump3d
gnump3d: Update plugin path
2021-04-02 16:24:09 +00:00
grub2
dracut: Enable automatic assembly of any RAID/LVM devices
2022-05-16 18:31:12 +00:00
guardian
Bought a 'd' - fixed an old typo
2021-10-13 12:22:49 +00:00
haproxy
haproxy: update config file
2020-04-14 15:30:51 +00:00
hostapd
hostapd: Re-add accidentially removed CONFIG_SAE
2021-01-27 18:56:07 +00:00
httpd
OpenVPN: Add support for 2FA / One-Time Password
2022-06-17 10:20:17 +00:00
icinga
include
initrd/dhcpc
ipblocklist
ipblocklist: Fixed typo in 'sources'
2022-07-19 07:50:01 +00:00
iptraf-ng
iptraf-ng: Update to version 1.2.1
2020-09-30 09:58:51 +00:00
kernel
linux: Give CONFIG_RANDOMIZE_BASE on aarch64 another try
2022-08-01 10:20:20 +00:00
lcdproc
lib/firmware/brcm
libid3tag
libid3tag: Addition of pkgconfig file
2021-04-12 09:35:29 +00:00
libvirt
logwatch
ipblocklist: Add neccessary files for logwatch.
2022-07-07 17:28:05 +02:00
lua
lua: Update to version 5.4.4
2022-02-06 10:50:43 +00:00
menu
Menu: Add ipblocklist entry to firewall menu.
2022-07-07 17:26:14 +02:00
minidlna
monit
mpfire
netpbm
netpbm: remove WANT_SSE = Y from config.mk
2020-04-25 16:03:04 +02:00
netsnmpd
nginx
ntp
Ship NTP changes
2022-06-20 20:43:34 +00:00
ovpn
openvpn-authenticator: Always return general connection data
2022-06-17 10:20:19 +00:00
pmacct
pmacct: New addon
2021-05-11 16:44:46 +00:00
profile.d
proxy
qemu
Drop support for i586
2021-12-04 23:27:26 +01:00
qos
QoS: Add CAKE profile to commmand line
2022-01-16 15:17:50 +00:00
rootfiles
linux: Give CONFIG_RANDOMIZE_BASE on aarch64 another try
2022-08-01 10:20:20 +00:00
rpi-firmware
rpi-firmware: update to 20211127
2021-11-27 14:21:31 +00:00
samba
samba: Add helper script to pipe password
2021-01-27 21:06:57 +00:00
sarg
shadow
shadow: Update to version 4.11.1 and fix bug 12762
2022-01-18 21:23:42 +00:00
squidclamav
ssh
SSH: do not send spoofable TCP keep alive messages
2022-04-23 14:27:56 +00:00
ssl
strongswan
stunnel
suricata
ruleset-sources: Update download URL for Talos rulesets.
2022-06-23 13:24:10 +00:00
syslinux
cdrom: Drop menu option for HDT
2022-06-04 08:36:58 +00:00
sysstat
time
tor
transmission
u-boot
u-boot: bootscript try to use also devnum instead of dev_num
2021-10-04 06:13:18 +00:00
udev
networking: Correctly set MTU on all bridges
2022-03-30 13:58:02 +00:00
unbound
unbound.conf: Aggressive NSEC is enabled by default since Unbound 1.15.0
2022-06-13 15:50:10 +00:00
updxlrator
urlfilter
urlfilter: Download University of Toulouse list via HTTPS
2022-07-09 15:03:12 +00:00
vdr
vdradmin
vim
w_scan
w_scan: fix country and satalite selection menu
2020-02-21 22:33:23 +01:00
wpa_supplicant
wpa_supplicant: Import fresh default configuration
2021-01-12 10:39:14 +00:00
xinetd
xtables-addons
xtables-addons: update to 3.13
2021-07-05 07:42:36 +02:00
zabbix_agentd
zabbix_agentd: Add IPFire specific userparameters
2022-07-06 09:57:40 +00:00