]>
git.ipfire.org Git - ipfire-2.x.git/log
Arne Fitzenreiter [Sat, 2 Jun 2012 08:21:44 +0000 (10:21 +0200)]
core61: add collectd initskript to updater.
Arne Fitzenreiter [Sat, 2 Jun 2012 08:17:34 +0000 (10:17 +0200)]
collectd: fix collectd on machines without rtc.
collectd hangs with 100% cpu usage if there is a very old entry
in the database. This was created at the first start without internet so
ntp cannot set the time.
Arne Fitzenreiter [Fri, 1 Jun 2012 15:30:54 +0000 (17:30 +0200)]
Merge remote-tracking branch 'origin/core60' into next
Conflicts:
config/rootfiles/core/59/update.sh
lfs/strongswan
make.sh
Arne Fitzenreiter [Fri, 1 Jun 2012 15:25:10 +0000 (17:25 +0200)]
Move core60 content to core61.
Arne Fitzenreiter [Fri, 1 Jun 2012 10:54:24 +0000 (12:54 +0200)]
core60: add strongswan security update.
Arne Fitzenreiter [Fri, 1 Jun 2012 10:47:07 +0000 (12:47 +0200)]
strongswan: security update to 4.6.4 (fix CVE-2012-2388).
RSA signature verification vulnerability
see http://http://www.strongswan.org/blog/2012/05/31/strongswan-4.6.4-released-%28cve-2012-2388%29.html for details.
Erik Kapfer [Sun, 27 May 2012 19:36:44 +0000 (21:36 +0200)]
mtr+tcpick: Two new binary addons.
Michael Tremer [Sun, 27 May 2012 16:19:35 +0000 (18:19 +0200)]
openvpn: Import translation patch from #10137.
See comment 5 for more detail.
Nico Prenzel [Thu, 24 May 2012 16:18:22 +0000 (18:18 +0200)]
openvpn: Fix deletion of static routes.
Michael Tremer [Thu, 24 May 2012 08:48:44 +0000 (10:48 +0200)]
Start core update 60.
Erik Kapfer [Thu, 24 May 2012 08:47:37 +0000 (10:47 +0200)]
openvpn: Change colour of N2N connections.
From https://bugzilla.ipfire.org/show_bug.cgi?id=10137:
The first patch i have made is to give the index.cgi the origin colour (the
same then for the roadwarrior) for OpenVPN N2N connections on IPFire. At this
time the colour is stated in IPSec colour, so i made a patch to change this.
Michael Tremer [Sat, 19 May 2012 09:22:18 +0000 (11:22 +0200)]
fireinfo: Update to 2.1.5.
Fixes issues on the Raspberry Pi Computer.
Arne Fitzenreiter [Sat, 12 May 2012 17:40:41 +0000 (19:40 +0200)]
core59: start/stop ipsec and ssh at update.
Arne Fitzenreiter [Sat, 12 May 2012 17:22:26 +0000 (19:22 +0200)]
finished core59.
Arne Fitzenreiter [Sat, 12 May 2012 17:15:38 +0000 (19:15 +0200)]
GeoIP: update database to
01052012 .
Arne Fitzenreiter [Sat, 12 May 2012 15:13:45 +0000 (17:13 +0200)]
dhcpcd: ignore MTU Smaller than 577.
Normally 576 is the smallest valid mtu but some cable provider set this
also if they support much higher mtu's. Fedora does not accept
this to prevent speed problems with such isp connections so we do the same.
If you really need mtu=576 you can still force at at the setup.
Arne Fitzenreiter [Sat, 12 May 2012 13:33:42 +0000 (15:33 +0200)]
php: security update to 5.3.13 (CVE-2012-2311).
Arne Fitzenreiter [Sat, 12 May 2012 13:32:47 +0000 (15:32 +0200)]
openssh: update to 6.0p1.
Arne Fitzenreiter [Sat, 12 May 2012 13:30:38 +0000 (15:30 +0200)]
openssl: security update to 0.9.8x (CVE-2012-2333).
Invalid TLS/DTLS record attack (CVE-2012-2333)
===============================================
A flaw in the OpenSSL handling of CBC mode ciphersuites in TLS 1.1, 1.2 and
DTLS can be exploited in a denial of service attack on both clients and
servers.
DTLS applications are affected in all versions of OpenSSL. TLS is only
affected in OpenSSL 1.0.1 and later.
Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic fuzzing
as a service testing platform.
The fix was developed by Stephen Henson of the OpenSSL core team.
Affected users should upgrade to OpenSSL 1.0.1c, 1.0.0j or 0.9.8x
References
==========
URL for this Security Advisory:
http://www.openssl.org/news/secadv_20120510.txt
Arne Fitzenreiter [Sun, 6 May 2012 10:51:14 +0000 (12:51 +0200)]
traceroute: update to 2.0.18 and fix name resolution.
fixes #10097
Arne Fitzenreiter [Sat, 5 May 2012 21:25:07 +0000 (23:25 +0200)]
strongswan: update to 4.6.3.
Arne Fitzenreiter [Sat, 5 May 2012 21:23:53 +0000 (23:23 +0200)]
python: update to 2.7.3.
Arne Fitzenreiter [Sat, 5 May 2012 21:21:18 +0000 (23:21 +0200)]
fix core58 merge problem.
Conflicts:
config/rootfiles/core/58/filelists/files
Arne Fitzenreiter [Sat, 5 May 2012 21:19:36 +0000 (23:19 +0200)]
core59: add openssl to core update.
Arne Fitzenreiter [Wed, 2 May 2012 17:42:02 +0000 (19:42 +0200)]
openssl: security update to 0.9.8w. (CVE-2012-2131).
SN1 BIO incomplete fix (CVE-2012-2131)
=======================================
It was discovered that the fix for CVE-2012-2110 released on 19 Apr
2012 was not sufficient to correct the issue for OpenSSL 0.9.8.
Please see http://www.openssl.org/news/secadv_20120419.txt for details
of that vulnerability.
This issue only affects OpenSSL 0.9.8v. OpenSSL 1.0.1a and 1.0.0i
already contain a patch sufficient to correct CVE-2012-2110.
Thanks to Red Hat for discovering and fixing this issue.
Affected users should upgrade to 0.9.8w.
References
==========
URL for this Security Advisory:
http://www.openssl.org/news/secadv_20120424.txt
Arne Fitzenreiter [Mon, 9 Apr 2012 10:19:06 +0000 (12:19 +0200)]
started core59.
Arne Fitzenreiter [Sat, 12 May 2012 17:22:26 +0000 (19:22 +0200)]
finished core59.
Arne Fitzenreiter [Sat, 12 May 2012 17:15:38 +0000 (19:15 +0200)]
GeoIP: update database to
01052012 .
Arne Fitzenreiter [Sat, 12 May 2012 15:13:45 +0000 (17:13 +0200)]
dhcpcd: ignore MTU Smaller than 577.
Normally 576 is the smallest valid mtu but some cable provider set this
also if they support much higher mtu's. Fedora does not accept
this to prevent speed problems with such isp connections so we do the same.
If you really need mtu=576 you can still force at at the setup.
Arne Fitzenreiter [Sat, 12 May 2012 13:33:42 +0000 (15:33 +0200)]
php: security update to 5.3.13 (CVE-2012-2311).
Arne Fitzenreiter [Sat, 12 May 2012 13:32:47 +0000 (15:32 +0200)]
openssh: update to 6.0p1.
Arne Fitzenreiter [Sat, 12 May 2012 13:30:38 +0000 (15:30 +0200)]
openssl: security update to 0.9.8x (CVE-2012-2333).
Invalid TLS/DTLS record attack (CVE-2012-2333)
===============================================
A flaw in the OpenSSL handling of CBC mode ciphersuites in TLS 1.1, 1.2 and
DTLS can be exploited in a denial of service attack on both clients and
servers.
DTLS applications are affected in all versions of OpenSSL. TLS is only
affected in OpenSSL 1.0.1 and later.
Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic fuzzing
as a service testing platform.
The fix was developed by Stephen Henson of the OpenSSL core team.
Affected users should upgrade to OpenSSL 1.0.1c, 1.0.0j or 0.9.8x
References
==========
URL for this Security Advisory:
http://www.openssl.org/news/secadv_20120510.txt
Arne Fitzenreiter [Sun, 6 May 2012 10:54:13 +0000 (12:54 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Sun, 6 May 2012 10:51:14 +0000 (12:51 +0200)]
traceroute: update to 2.0.18 and fix name resolution.
fixes #10097
Arne Fitzenreiter [Sat, 5 May 2012 21:25:07 +0000 (23:25 +0200)]
strongswan: update to 4.6.3.
Arne Fitzenreiter [Sat, 5 May 2012 21:23:53 +0000 (23:23 +0200)]
python: update to 2.7.3.
Arne Fitzenreiter [Sat, 5 May 2012 21:21:18 +0000 (23:21 +0200)]
fix core58 merge problem.
Arne Fitzenreiter [Sat, 5 May 2012 21:19:36 +0000 (23:19 +0200)]
core59: add openssl to core update.
Arne Fitzenreiter [Wed, 2 May 2012 17:42:02 +0000 (19:42 +0200)]
openssl: security update to 0.9.8w. (CVE-2012-2131).
SN1 BIO incomplete fix (CVE-2012-2131)
=======================================
It was discovered that the fix for CVE-2012-2110 released on 19 Apr
2012 was not sufficient to correct the issue for OpenSSL 0.9.8.
Please see http://www.openssl.org/news/secadv_20120419.txt for details
of that vulnerability.
This issue only affects OpenSSL 0.9.8v. OpenSSL 1.0.1a and 1.0.0i
already contain a patch sufficient to correct CVE-2012-2110.
Thanks to Red Hat for discovering and fixing this issue.
Affected users should upgrade to 0.9.8w.
References
==========
URL for this Security Advisory:
http://www.openssl.org/news/secadv_20120424.txt
Arne Fitzenreiter [Wed, 2 May 2012 14:55:26 +0000 (16:55 +0200)]
Merge branch 'master' into next
Arne Fitzenreiter [Wed, 2 May 2012 08:10:07 +0000 (10:10 +0200)]
samba: security update to 3.5.15. (CVE-2012-2111).
This security release addresses CVE-2012-2111 (incorrect permission checks when
granting/removing privileges could compromise file server security).
Arne Fitzenreiter [Tue, 10 Apr 2012 18:21:37 +0000 (20:21 +0200)]
samba: security update to 3.5.14. (CVE-2012-1182).
Further information can be found in the security advisory:
http://www.samba.org/samba/security/CVE-2012-1182
Arne Fitzenreiter [Mon, 9 Apr 2012 10:19:06 +0000 (12:19 +0200)]
started core59.
Arne Fitzenreiter [Mon, 9 Apr 2012 10:15:59 +0000 (12:15 +0200)]
Merge branch 'master' into next
Conflicts:
config/rootfiles/core/58/filelists/files
make.sh
Arne Fitzenreiter [Sat, 7 Apr 2012 09:39:23 +0000 (11:39 +0200)]
finished core58.
Arne Fitzenreiter [Fri, 6 Apr 2012 17:30:24 +0000 (19:30 +0200)]
hwdata: updata usb and pci ids database.
Arne Fitzenreiter [Fri, 6 Apr 2012 17:22:23 +0000 (19:22 +0200)]
GeoIP: update database to
03032012 .
Arne Fitzenreiter [Fri, 6 Apr 2012 16:49:20 +0000 (18:49 +0200)]
core58: add cryptodev module to updater.
Arne Fitzenreiter [Sat, 31 Mar 2012 09:21:15 +0000 (11:21 +0200)]
cryptodev: update to 1.4.
Arne Fitzenreiter [Sat, 31 Mar 2012 09:20:27 +0000 (11:20 +0200)]
openssl: fix aes accleration via cryptodev.
Michael Tremer [Fri, 6 Apr 2012 11:42:27 +0000 (13:42 +0200)]
pound: Add patch to select certificates by their SANs.
http://www.apsis.ch/pound/pound_list/archive/2012/2012-02/
1329442080000 #
1329442080000
Arne Fitzenreiter [Sun, 18 Mar 2012 12:14:59 +0000 (13:14 +0100)]
clamav: updated to 0.97.4.
Arne Fitzenreiter [Tue, 13 Mar 2012 20:16:25 +0000 (21:16 +0100)]
openssl: update to 0.9.8u.
Arne Fitzenreiter [Tue, 13 Mar 2012 19:47:09 +0000 (20:47 +0100)]
samba: update to 3.5.13.
Michael Tremer [Sun, 11 Mar 2012 15:53:32 +0000 (16:53 +0100)]
git: Update to 1.7.9.3.
Michael Tremer [Sun, 11 Mar 2012 13:50:44 +0000 (14:50 +0100)]
fireinfo: Update to 2.1.4.
Fixes an issue with the detection of online CPUs on ARM.
Arne Fitzenreiter [Sat, 10 Mar 2012 16:37:23 +0000 (17:37 +0100)]
usb_modeswitch: update to 1.2.3.
Arne Fitzenreiter [Sat, 10 Mar 2012 16:32:31 +0000 (17:32 +0100)]
strongswan: update to 4.6.2.
fixes #10037
Michael Tremer [Tue, 6 Mar 2012 21:26:22 +0000 (22:26 +0100)]
Add libpng update to core update 58.
Michael Tremer [Sat, 4 Feb 2012 10:17:22 +0000 (11:17 +0100)]
libpng: Update to 1.2.46.
Fixes several security issues from 2011.
Michael Tremer [Tue, 6 Mar 2012 21:23:29 +0000 (22:23 +0100)]
Open core update 58 and import changes that were already commited.
Michael Tremer [Sat, 25 Feb 2012 11:10:25 +0000 (12:10 +0100)]
openvpn: Update to 2.2.2.
Add --enable-password-save switch that was requested by the
community.
See bug #10036.
Michael Tremer [Wed, 22 Feb 2012 23:01:05 +0000 (00:01 +0100)]
vim: Add "set ruler" option to configuration file.
This will show a small line at the bottom which displays
the current cursor position and more.
References bug #10021.
Arne Fitzenreiter [Sun, 19 Feb 2012 12:04:06 +0000 (13:04 +0100)]
core57: stop/start ipsec at update.
Arne Fitzenreiter [Fri, 6 Apr 2012 17:30:24 +0000 (19:30 +0200)]
hwdata: updata usb and pci ids database.
Arne Fitzenreiter [Fri, 6 Apr 2012 17:22:23 +0000 (19:22 +0200)]
GeoIP: update database to
03032012 .
Arne Fitzenreiter [Fri, 6 Apr 2012 16:49:20 +0000 (18:49 +0200)]
core58: add cryptodev module to updater.
Arne Fitzenreiter [Sat, 31 Mar 2012 09:21:15 +0000 (11:21 +0200)]
cryptodev: update to 1.4.
Arne Fitzenreiter [Sat, 31 Mar 2012 09:20:27 +0000 (11:20 +0200)]
openssl: fix aes accleration via cryptodev.
Michael Tremer [Fri, 6 Apr 2012 11:42:27 +0000 (13:42 +0200)]
pound: Add patch to select certificates by their SANs.
http://www.apsis.ch/pound/pound_list/archive/2012/2012-02/
1329442080000 #
1329442080000
Arne Fitzenreiter [Sun, 18 Mar 2012 12:14:59 +0000 (13:14 +0100)]
clamav: updated to 0.97.4.
Arne Fitzenreiter [Tue, 13 Mar 2012 20:16:25 +0000 (21:16 +0100)]
openssl: update to 0.9.8u.
Arne Fitzenreiter [Tue, 13 Mar 2012 19:47:09 +0000 (20:47 +0100)]
samba: update to 3.5.13.
Michael Tremer [Mon, 12 Mar 2012 10:13:51 +0000 (11:13 +0100)]
Add VPN changes to core update.
Michael Tremer [Sun, 11 Mar 2012 15:53:32 +0000 (16:53 +0100)]
git: Update to 1.7.9.3.
Michael Tremer [Sun, 11 Mar 2012 13:50:44 +0000 (14:50 +0100)]
fireinfo: Update to 2.1.4.
Fixes an issue with the detection of online CPUs on ARM.
Arne Fitzenreiter [Sat, 10 Mar 2012 16:37:23 +0000 (17:37 +0100)]
usb_modeswitch: update to 1.2.3.
Arne Fitzenreiter [Sat, 10 Mar 2012 16:32:31 +0000 (17:32 +0100)]
strongswan: update to 4.6.2.
fixes #10037
Michael Tremer [Tue, 6 Mar 2012 21:53:07 +0000 (22:53 +0100)]
Import VPN changes by the Special Interest Group.
See here for more details:
http://lists.ipfire.org/pipermail/sig-vpn/2012-March/000031.html
Michael Tremer [Tue, 6 Mar 2012 21:26:22 +0000 (22:26 +0100)]
Add libpng update to core update 58.
Michael Tremer [Tue, 6 Mar 2012 21:24:28 +0000 (22:24 +0100)]
Merge branch 'libpng-update' into next
Michael Tremer [Tue, 6 Mar 2012 21:23:29 +0000 (22:23 +0100)]
Open core update 58 and import changes that were already commited.
Michael Tremer [Sat, 25 Feb 2012 11:10:25 +0000 (12:10 +0100)]
openvpn: Update to 2.2.2.
Add --enable-password-save switch that was requested by the
community.
See bug #10036.
Michael Tremer [Wed, 22 Feb 2012 23:01:05 +0000 (00:01 +0100)]
vim: Add "set ruler" option to configuration file.
This will show a small line at the bottom which displays
the current cursor position and more.
References bug #10021.
Arne Fitzenreiter [Sun, 19 Feb 2012 12:04:06 +0000 (13:04 +0100)]
core57: stop/start ipsec at update.
Arne Fitzenreiter [Sun, 19 Feb 2012 11:51:12 +0000 (12:51 +0100)]
finished core57.
Arne Fitzenreiter [Sun, 19 Feb 2012 11:48:42 +0000 (12:48 +0100)]
network: don't set ip address "1.1.1.1".
This change made also green-only with dhcp possible.
configure green to 1.1.1.1 and red to dhcp client and RED_DEV=green0.
Dirk Wagner [Sat, 11 Feb 2012 17:28:13 +0000 (18:28 +0100)]
pound: update to latest stable 2.6
Dirk Wagner [Sat, 11 Feb 2012 17:27:13 +0000 (18:27 +0100)]
pound: update to latest stable 2.6
Dirk Wagner [Fri, 10 Feb 2012 21:23:44 +0000 (22:23 +0100)]
nut: fixed wrong version in filename
Dirk Wagner [Fri, 10 Feb 2012 19:46:44 +0000 (20:46 +0100)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Dirk Wagner [Fri, 10 Feb 2012 19:44:14 +0000 (20:44 +0100)]
nut: update to latest version 2.6.3
Michael Tremer [Fri, 10 Feb 2012 10:10:14 +0000 (11:10 +0100)]
outgoingfw.cgi: Fix enabled checkbox when editing rules.
When a rule was edited, the enabled checkbox was always unchecked.
References bug #10022.
Michael Tremer [Fri, 10 Feb 2012 10:01:42 +0000 (11:01 +0100)]
strongswan: Customize the welcome banner.
References:
http://forum.ipfire.org/index.php/topic,5993.0.html
http://forum.ipfire.org/index.php/topic,3329.0.html
Michael Tremer [Wed, 8 Feb 2012 21:37:09 +0000 (22:37 +0100)]
installer: Enhance mountsource.sh script.
Searches for installation images on all partitions on external
media.
References bug #10020.
Michael Tremer [Wed, 8 Feb 2012 21:35:30 +0000 (22:35 +0100)]
vim: Create configuration files for better usage.
This commits also ships all syntax highlighting information
and among others in /usr/share/vim.
References bug #10021.
Michael Tremer [Wed, 8 Feb 2012 20:54:26 +0000 (21:54 +0100)]
Merge branch 'master' into next
Michael Tremer [Wed, 8 Feb 2012 20:47:09 +0000 (21:47 +0100)]
Merge branch 'master' of ssh://git.ipfire.org/pub/git/ipfire-2.x
Michael Tremer [Wed, 8 Feb 2012 20:39:26 +0000 (21:39 +0100)]
Remove donation button from credits.cgi.
Arne Fitzenreiter [Wed, 8 Feb 2012 18:59:36 +0000 (19:59 +0100)]
apache: fix typo.