]>
git.ipfire.org Git - ipfire-2.x.git/log
Stefan Schantl [Tue, 18 Dec 2018 14:14:08 +0000 (15:14 +0100)]
ids-functions.pl: Use temporary file in downloader.
Download the requested rules tarball into a temporay file
and if every thing is fine, replace the old by the
downloaded one.
In addition with the previously implemented file size check,
we are saved now from a corrupt rules tarball on disk.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Tue, 18 Dec 2018 13:16:13 +0000 (14:16 +0100)]
ids-functions.pl: Introduce filesize check for downloader
The downloader now requests the html header for the rulestarball
and obtain the size of the file bevore downloading it.
After success the size of the downloaded file will be compared with
the requested one before. If they do not match, an error will be gained.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Tue, 18 Dec 2018 13:12:52 +0000 (14:12 +0100)]
ids-functions.pl: Fix sub _cleanup_rulesdir() function
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Mon, 17 Dec 2018 14:04:48 +0000 (15:04 +0100)]
suricata: Use "2" as repeat-mark and repeat-mask.
The previous used "1" was already used to mark source-natted
packets.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Mon, 17 Dec 2018 14:03:10 +0000 (15:03 +0100)]
suricata: Update to 4.0.6
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Wed, 12 Dec 2018 08:27:59 +0000 (09:27 +0100)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Michael Tremer [Tue, 11 Dec 2018 20:43:24 +0000 (20:43 +0000)]
installer: Intialize part_boot_efi_idx
This variable was not initialized on systems where EFI was not
in use. Therefore the generated parted command line was not
valid and caused the installation to abort.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 11 Dec 2018 19:46:10 +0000 (19:46 +0000)]
core127: Ship updated unbound
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Matthias Fischer [Sat, 8 Dec 2018 17:13:23 +0000 (18:13 +0100)]
unbound: Update to 1.8.2
For details see:
https://nlnetlabs.nl/projects/unbound/download/
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Matthias Fischer [Sat, 8 Dec 2018 17:21:19 +0000 (18:21 +0100)]
clamav: Update to 0.101.0
For details see:
https://blog.clamav.net/
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 11 Dec 2018 19:41:31 +0000 (19:41 +0000)]
core127: Ship updated fireinfo
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 11 Dec 2018 19:41:09 +0000 (19:41 +0000)]
Start Core Update 127
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 11 Dec 2018 19:38:21 +0000 (19:38 +0000)]
fireinfo: Add authentication for upstream proxies
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Arne Fitzenreiter [Tue, 11 Dec 2018 07:01:59 +0000 (08:01 +0100)]
Merge branch 'master' into next
Arne Fitzenreiter [Mon, 10 Dec 2018 19:45:54 +0000 (20:45 +0100)]
kernel: fix dwc2 (usb) dma crashes on RPi1-3
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Michael Tremer [Mon, 10 Dec 2018 00:36:04 +0000 (00:36 +0000)]
haproxy: Create/restore backup when package is installed/uninstalled
Fixes: #11946
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Arne Fitzenreiter [Sat, 8 Dec 2018 16:47:16 +0000 (17:47 +0100)]
core126: finish core126
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Fri, 7 Dec 2018 20:16:43 +0000 (21:16 +0100)]
core126: fix "need reboot display"
The display should displayed always except the linux-pae
packages is planned to be installed after this update.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Fri, 7 Dec 2018 20:06:45 +0000 (21:06 +0100)]
Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Fri, 7 Dec 2018 20:05:50 +0000 (21:05 +0100)]
cpufrequtils: update initskript for xz compressed modules
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Michael Tremer [Fri, 7 Dec 2018 11:36:11 +0000 (11:36 +0000)]
initscripts: Import pakfire keys before importing AWS configuration
This is useful when the user-data script is installing
packages. For that it will need valid keys for course.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Arne Fitzenreiter [Thu, 6 Dec 2018 21:33:05 +0000 (22:33 +0100)]
rngd: update initskript and add hwrngtty support
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Thu, 6 Dec 2018 15:05:31 +0000 (16:05 +0100)]
core126: add kernel files to update
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Thu, 6 Dec 2018 10:27:46 +0000 (11:27 +0100)]
core126: add kernel to updater
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Thu, 6 Dec 2018 10:18:37 +0000 (11:18 +0100)]
kernel: update to 4.14.86
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Michael Tremer [Wed, 5 Dec 2018 14:42:54 +0000 (14:42 +0000)]
AWS: Add a timestamp to user-data.log
This way, multiple (failed) runs of the script won't
overwrite the log file.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 5 Dec 2018 14:38:28 +0000 (14:38 +0000)]
AWS: Write user-data.log to /var/log
This should not be in /root at all.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 2 Dec 2018 10:23:15 +0000 (10:23 +0000)]
make.sh: Build for x86_64 by default
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Arne Fitzenreiter [Sat, 1 Dec 2018 23:01:37 +0000 (00:01 +0100)]
kernel: update to 4.14.85
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Michael Tremer [Sat, 1 Dec 2018 16:12:44 +0000 (16:12 +0000)]
bird: Launch service on install and add symlinks to start at boot time
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sat, 1 Dec 2018 16:08:22 +0000 (16:08 +0000)]
bird: Add initscript
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sat, 1 Dec 2018 15:43:48 +0000 (15:43 +0000)]
bird: Add forgotten file
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sat, 1 Dec 2018 15:43:26 +0000 (15:43 +0000)]
core126: Ship recently updated packages
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Matthias Fischer [Tue, 13 Nov 2018 17:50:48 +0000 (18:50 +0100)]
BUG 11929: Build 'bind'-binaries dynamically and install needed libraries (V2)
Hi,
To save space linking the 'bind 9.11.5'-binaries was changed from statically to dynamically.
Changes to V2:
Removed unnecessary '*.so'-links.
Complete file sizes shrinked from ~4800K to ~1700K. Needs testing and confirmation!
I'm running this version right now under Core 124 - no seen problems so far.
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sat, 1 Dec 2018 15:41:36 +0000 (15:41 +0000)]
bird: Update to 2.0.2
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sat, 1 Dec 2018 15:33:36 +0000 (15:33 +0000)]
bird: Backup configuration file on update
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 30 Nov 2018 20:16:08 +0000 (20:16 +0000)]
docker: Always agree to install all updates
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Arne Fitzenreiter [Fri, 30 Nov 2018 06:35:07 +0000 (07:35 +0100)]
kernel: update arm-multi patchset
now patches for Raspberry Pi 3B+
LAN and WLAN included to patchset.
https://git.ipfire.org/?p=people/arne_f/kernel.git;a=shortlog;h=refs/tags/v4.14.84-multi
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Michael Tremer [Thu, 29 Nov 2018 13:16:37 +0000 (13:16 +0000)]
nfs: Fix build
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Arne Fitzenreiter [Thu, 29 Nov 2018 06:02:25 +0000 (07:02 +0100)]
kernel: update to 4.14.84
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Michael Tremer [Wed, 28 Nov 2018 19:07:10 +0000 (19:07 +0000)]
nfs: Add backup include file
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 28 Nov 2018 19:02:53 +0000 (19:02 +0000)]
nfs: Install configuration in package
This was lost in the last update
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 27 Nov 2018 10:24:29 +0000 (10:24 +0000)]
Update maintainers
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 27 Nov 2018 10:23:46 +0000 (10:23 +0000)]
git: Fix spelling of some contributors with umlauts
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 27 Nov 2018 10:20:09 +0000 (10:20 +0000)]
credits.cgi: Remove old dev section
I do not know why I forgot this. Now it is how it was intended
in the first place.
This commit removes all email addresses because people keep
emailing me for private support. Use the forum guys!
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 27 Nov 2018 10:04:46 +0000 (10:04 +0000)]
libvirt: This package depends on jansson now
Fixes: #11939
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Stéphane Pautrel [Tue, 27 Nov 2018 09:52:14 +0000 (09:52 +0000)]
Update of French translation
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 26 Nov 2018 16:01:29 +0000 (16:01 +0000)]
Update list of contributors
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Stéphane Pautrel [Mon, 26 Nov 2018 15:59:31 +0000 (15:59 +0000)]
Update of French translation
Loads of strings have been translated for the first time
and others have been improved.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Matthias Fischer [Sat, 24 Nov 2018 20:19:56 +0000 (21:19 +0100)]
nano: Update to 3.2
Hi,
Changed archive to 'xz' - this saves about 1.4MB (thanks Marcel ;-))
For further details see:
https://www.nano-editor.org/news.php
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 25 Nov 2018 13:45:11 +0000 (13:45 +0000)]
openssl: Rootfile update
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 23 Nov 2018 22:22:59 +0000 (22:22 +0000)]
docker: Install wget in docker environment
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Arne Fitzenreiter [Fri, 23 Nov 2018 21:05:14 +0000 (22:05 +0100)]
kernel: update to 4.14.83
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Michael Tremer [Fri, 23 Nov 2018 19:47:02 +0000 (19:47 +0000)]
docker: Add Debian image with basic build environment
By running "./make.sh docker" the current build environment
will be mounted into a Debian-based docker container.
This clean build environment can be used to compile the
toolchain or something...
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Arne Fitzenreiter [Wed, 21 Nov 2018 22:55:54 +0000 (23:55 +0100)]
kernel: update to 4.14.82
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Michael Tremer [Wed, 21 Nov 2018 11:21:42 +0000 (11:21 +0000)]
openssl: Update to 1.1.0j
*) Timing vulnerability in DSA signature generation
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a
timing side channel attack. An attacker could use variations in the signing
algorithm to recover the private key.
This issue was reported to OpenSSL on 16th October 2018 by Samuel Weiser.
(CVE-2018-0734)
[Paul Dale]
*) Timing vulnerability in ECDSA signature generation
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a
timing side channel attack. An attacker could use variations in the signing
algorithm to recover the private key.
This issue was reported to OpenSSL on 25th October 2018 by Samuel Weiser.
(CVE-2018-0735)
[Paul Dale]
*) Add coordinate blinding for EC_POINT and implement projective
coordinate blinding for generic prime curves as a countermeasure to
chosen point SCA attacks.
[Sohaib ul Hassan, Nicola Tuveri, Billy Bob Brumley]
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 20 Nov 2018 16:28:52 +0000 (16:28 +0000)]
openssl-compat: Update to 1.0.2q
*) Microarchitecture timing vulnerability in ECC scalar multiplication
OpenSSL ECC scalar multiplication, used in e.g. ECDSA and ECDH, has been
shown to be vulnerable to a microarchitecture timing side channel attack.
An attacker with sufficient access to mount local timing attacks during
ECDSA signature generation could recover the private key.
This issue was reported to OpenSSL on 26th October 2018 by Alejandro
Cabrera Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar Pereida Garcia and
Nicola Tuveri.
(CVE-2018-5407)
[Billy Brumley]
*) Timing vulnerability in DSA signature generation
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a
timing side channel attack. An attacker could use variations in the signing
algorithm to recover the private key.
This issue was reported to OpenSSL on 16th October 2018 by Samuel Weiser.
(CVE-2018-0734)
[Paul Dale]
*) Resolve a compatibility issue in EC_GROUP handling with the FIPS Object
Module, accidentally introduced while backporting security fixes from the
development branch and hindering the use of ECC in FIPS mode.
[Nicola Tuveri]
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 19 Nov 2018 18:58:48 +0000 (18:58 +0000)]
Rootfile update
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Arne Fitzenreiter [Sun, 18 Nov 2018 19:24:43 +0000 (20:24 +0100)]
kernel: arm32 bit fix config and update rootfile
Some drivers was disabled by oldconfig because i had
arm multiarch patchsed. This commit reenable it.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Alexander Rudolf Gruber [Sun, 18 Nov 2018 16:36:44 +0000 (17:36 +0100)]
kernel: enable HW of clearfog
clearfog base need MARVELL Phy and SDHCI Xenon enabled.
Arne Fitzenreiter [Sun, 18 Nov 2018 13:33:45 +0000 (14:33 +0100)]
kernel: disable FW_LOADER_USER_HELPER_FALLBACK
newer (e)udev has dropped the support for this.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Sun, 18 Nov 2018 13:30:14 +0000 (14:30 +0100)]
kernel: compress kernel modules with xz
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Sun, 18 Nov 2018 13:29:44 +0000 (14:29 +0100)]
kernel: update to 4.14.81
Michael Tremer [Tue, 13 Nov 2018 14:28:00 +0000 (14:28 +0000)]
alac: New package
This adds the Apple ALAC audio decoder
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 12 Nov 2018 00:16:23 +0000 (00:16 +0000)]
core126: Ship libconfig
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 12 Nov 2018 00:15:28 +0000 (00:15 +0000)]
Start Core Update 126
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 11 Nov 2018 18:57:55 +0000 (18:57 +0000)]
shairport-sync: Add install/uninstall scripts
These scripts will install symlinks to start the service
at boot time.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 11 Nov 2018 18:55:35 +0000 (18:55 +0000)]
shairport-sync: Add initscript
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 11 Nov 2018 18:52:10 +0000 (18:52 +0000)]
shairport-sync: Explicitely link against soxr
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 11 Nov 2018 17:34:11 +0000 (17:34 +0000)]
shairport-sync: Add backup include file
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 11 Nov 2018 17:26:35 +0000 (17:26 +0000)]
shairport-sync: New package
Shairport Sync is an AirPlay audio player - it plays audio streamed
from iTunes, iOS, Apple TV and macOS devices and AirPlay sources
such as Quicktime Player and ForkedDaapd, among others.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 11 Nov 2018 17:23:20 +0000 (17:23 +0000)]
libconfig: New package
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 11 Nov 2018 16:21:01 +0000 (16:21 +0000)]
soxr: New package (0.1.3)
The SoX Resampler library `libsoxr' performs one-dimensional sample-rate
conversion -- it may be used, for example, to resample PCM-encoded audio.
For higher-dimensional resampling, such as for visual-image processing, you
should look elsewhere.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 11 Nov 2018 15:44:17 +0000 (15:44 +0000)]
mpd: Depends on avahi
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Arne Fitzenreiter [Sat, 10 Nov 2018 10:03:37 +0000 (11:03 +0100)]
xen-image: enlarge partitions and remove extra /var partition
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Fri, 9 Nov 2018 20:12:02 +0000 (21:12 +0100)]
core125: finish update
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Fri, 9 Nov 2018 20:09:06 +0000 (21:09 +0100)]
core125: restart init after glibc uodate
without restart remount of / will fail and may result in
a filesystem corruption at next boot.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Michael Tremer [Fri, 9 Nov 2018 14:58:38 +0000 (14:58 +0000)]
lang: Show the full untranslated string
This will help translators to add missing strings easier
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 9 Nov 2018 14:27:46 +0000 (14:27 +0000)]
dehydrated: New package
This is a light client for Let's Encrypt which is implemented
in bash and does not have any other dependencies apart from
openssl and curl.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 8 Nov 2018 16:46:11 +0000 (16:46 +0000)]
update accelerator: Do not attempt to cache IPFire updates any more
We do not deliver anything via HTTP or FTP any more and therefore
nothing can be cached any more.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 8 Nov 2018 16:45:30 +0000 (16:45 +0000)]
update accelerator: Cache .msp files for Adobe
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 8 Nov 2018 16:42:37 +0000 (16:42 +0000)]
Update list of contributors
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 8 Nov 2018 16:02:17 +0000 (16:02 +0000)]
backupiso: Add support for aarch64
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 8 Nov 2018 15:58:58 +0000 (15:58 +0000)]
backupiso: Fix order of variables
Some values in variables were corrected but used before.
Reported-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 8 Nov 2018 15:07:17 +0000 (15:07 +0000)]
observium-agent: Rootfile update
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 7 Nov 2018 20:27:35 +0000 (20:27 +0000)]
udev: Do not try to change kernel hotplug handler any more
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 7 Nov 2018 20:26:34 +0000 (20:26 +0000)]
udev: Do no try to install any device nodes any more
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 7 Nov 2018 20:17:08 +0000 (20:17 +0000)]
core125: Ship syslog changes
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Mon, 5 Nov 2018 15:44:03 +0000 (16:44 +0100)]
Tor: update to 0.3.4.9
For details and release announcement, see:
https://blog.torproject.org/new-release-tor-0349
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Matthias Fischer [Sun, 4 Nov 2018 07:28:07 +0000 (08:28 +0100)]
bind: Update to 9.11.5
For details see:
http://ftp.isc.org/isc/bind9/9.11.5/RELEASE-NOTES-bind-9.11.5.html
Security fixes:
"named could crash during recursive processing of DNAME records when
deny-answer-aliases was in use. This flaw is disclosed in CVE-2018-5740. [GL #387]
When recursion is enabled but the allow-recursion and allow-query-cache ACLs are
not specified, they should be limited to local networks, but they were
inadvertently set to match the default allow-query, thus allowing
remote queries. This flaw is disclosed in CVE-2018-5738. [GL #309]"
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 7 Nov 2018 13:19:31 +0000 (13:19 +0000)]
observium-agent: New package
This ships the observium agent including a couple of
modules.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 7 Nov 2018 12:30:50 +0000 (12:30 +0000)]
Revert "haproxy: Make /dev/log available in chroot"
This reverts commit
699f0aa710932736d34dabf5a8c17287af29075c .
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 7 Nov 2018 12:29:19 +0000 (12:29 +0000)]
syslog: Listen to network and block access from anywhere but localhost
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Arne Fitzenreiter [Wed, 7 Nov 2018 18:16:57 +0000 (19:16 +0100)]
backupiso: fix boot on EFI
the grub on EFI serch the config on volume "IPFire 2.21 arch"
so the custom "ipfire backup ..." volume name is not working
anymore.
This is now fixed and a backup-version.media tag will added.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Sun, 4 Nov 2018 09:16:26 +0000 (10:16 +0100)]
backup: fix backupiso mastering
fixes: #11916
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Sun, 4 Nov 2018 07:41:43 +0000 (08:41 +0100)]
clamav: fix rootfile
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Sat, 3 Nov 2018 20:08:52 +0000 (21:08 +0100)]
freeradius: rootfile update
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Sat, 3 Nov 2018 20:08:30 +0000 (21:08 +0100)]
clamav: rootfile update
Arne Fitzenreiter [Sat, 3 Nov 2018 11:09:47 +0000 (12:09 +0100)]
glibc: rootfile update armv5tel
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Fri, 2 Nov 2018 15:16:22 +0000 (15:16 +0000)]
Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next