Alexander Koch [Wed, 13 Feb 2019 23:06:19 +0000 (00:06 +0100)]
zabbix_agentd: New addon
New addon for monitoring IPFire by Zabbix Monitoring (https://www.zabbix.com/features).
See https://forum.ipfire.org/viewtopic.php?f=52&t=22039 and https://lists.ipfire.org/pipermail/development/2019-February/005324.html for further details.
Best regards,
Alex
Signed-off-by: Alexander Koch <ipfire@starkstromkonsument.de> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sat, 2 Mar 2019 14:55:04 +0000 (14:55 +0000)]
Unpack intel microcode before initramfs images are being built
Previously, the microcode updates were not packaged in the shipped
initramfs images which causes that Intel processors are still running
on outdated microcode.
This patch moves intel-microcode before we build the initramfs images.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
For details see:
https://roy.marples.name/blog/dhcpcd-7-1-1-released
"A minor update, highlights include:
IPv4LL: Fixed build with this disabled
IPv4LL: Remember last address between carrier resets
BSD: Fixed initial link infos reported as LINK_STATE_UNKNOWN
FreeBSD: Avoid panicing kernel when RTA_IFP is set for IPv6 prefix routes"
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
For details see:
https://curl.haxx.se/changes.html
This came rather unexpected - if I'd known, I'd have waited with 7.63.0.
"Changes:
cookies: leave secure cookies alone
hostip: support wildcard hosts
http: Implement trailing headers for chunked transfers
http: added options for allowing HTTP/0.9 responses
timeval: Use high resolution timestamps on Windows
Bugfixes:
CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
CVE-2019-3823: SMTP end-of-response out-of-bounds read
FAQ: remove mention of sourceforge for github
OS400: handle memory error in list conversion
OS400: upgrade ILE/RPG binding.
README: add codacy code quality badge
Revert http_negotiate: do not close connection
THANKS: added several missing names from year <= 2000
build: make 'tidy' target work for metalink builds
cmake: added checks for variadic macros
cmake: updated check for HAVE_POLL_FINE to match autotools
cmake: use lowercase for function name like the rest of the code
configure: detect xlclang separately from clang
configure: fix recv/send/select detection on Android
configure: rewrite --enable-code-coverage
conncache_unlock: avoid indirection by changing input argument type
cookie: fix comment typo
cookies: allow secure override when done over HTTPS
cookies: extend domain checks to non psl builds
cookies: skip custom cookies when redirecting cross-site
curl --xattr: strip credentials from any URL that is stored
curl -J: refuse to append to the destination file
curl/urlapi.h: include "curl.h" first
curl_multi_remove_handle() don't block terminating c-ares requests
darwinssl: accept setting max-tls with default min-tls
disconnect: separate connections and easy handles better
disconnect: set conn->data for protocol disconnect
docs/version.d: mention MultiSSL
docs: fix the --tls-max description
docs: use $(INSTALL_DATA) to install man page
docs: use meaningless port number in CURLOPT_LOCALPORT example
gopher: always include the entire gopher-path in request
http2: clear pause stream id if it gets closed
if2ip: remove unused function Curl_if_is_interface_name
libssh: do not let libssh create socket
libssh: enable CURLOPT_SSH_KNOWNHOSTS and CURLOPT_SSH_KEYFUNCTION for libssh
libssh: free sftp_canonicalize_path() data correctly
libtest/stub_gssapi: use "real" snprintf
mbedtls: use VERIFYHOST
multi: multiplexing improvements
multi: set the EXPIRE_*TIMEOUT timers at TIMER_STARTSINGLE time
ntlm: fix NTMLv2 compliance
ntlm_sspi: add support for channel binding
openssl: adapt to 3.0.0, OpenSSL_version_num() is deprecated
openssl: fix the SSL_get_tlsext_status_ocsp_resp call
openvms: fix OpenSSL discovery on VAX
openvms: fix typos in documentation
os400: add a missing closing bracket
os400: fix extra parameter syntax error
pingpong: change default response timeout to 120 seconds
pingpong: ignore regular timeout in disconnect phase
printf: fix format specifiers
runtests.pl: Fix perl call to include srcdir
schannel: fix compiler warning
schannel: preserve original certificate path parameter
schannel: stop calling it "winssl"
sigpipe: if mbedTLS is used, ignore SIGPIPE
smb: fix incorrect path in request if connection reused
ssh: log the libssh2 error message when ssh session startup fails
test1558: verify CURLINFO_PROTOCOL on file:// transfer
test1561: improve test name
test1653: make it survive torture tests
tests: allow tests to pass by 2037-02-12
tests: move objnames-* from lib into tests
timediff: fix math for unsigned time_t
timeval: Disable MSVC Analyzer GetTickCount warning
tool_cb_prg: avoid integer overflow
travis: added cmake build for osx
urlapi: Fix port parsing of eol colon
urlapi: distinguish possibly empty query
urlapi: fix parsing ipv6 with zone index
urldata: rename easy_conn to just conn
winbuild: conditionally use /DZLIB_WINAPI
wolfssl: fix memory-leak in threaded use
spnego_sspi: add support for channel binding"
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
...
'/usr/src/config/rootfiles/packages//borgbackup' -> '/install/packages/package/ROOTFILES'
tar: usr/lib/python3.6/site-packages/borg/chunker.cpython-36m-i586-linux-gnu.so: Cannot stat: No such file or directory
tar: usr/lib/python3.6/site-packages/borg/compress.cpython-36m-i586-linux-gnu.so: Cannot stat: No such file or directory
tar: usr/lib/python3.6/site-packages/borg/crypto.cpython-36m-i586-linux-gnu.so: Cannot stat: No such file or directory
tar: usr/lib/python3.6/site-packages/borg/hashindex.cpython-36m-i586-linux-gnu.so: Cannot stat: No such file or directory
tar: usr/lib/python3.6/site-packages/borg/platform_linux.cpython-36m-i586-linux-gnu.so: Cannot stat: No such file or directory
tar: Exiting with failure status due to previous errors
make: *** [borgbackup:58: dist] Error 2
...
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Wed, 6 Feb 2019 21:00:00 +0000 (21:00 +0000)]
apply default firewall policy for ORANGE, too
If firewall default policy is set to DROP, this setting was not
applied to outgoing ORANGE traffic as well, which was misleading.
Fixes #11973
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Cc: Michael Tremer <michael.tremer@ipfire.org> Cc: Oliver Fuhrer <oliver.fuhrer@bluewin.ch> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>