Adolf Belka [Fri, 3 Oct 2025 14:04:35 +0000 (16:04 +0200)]
openssl: Update to version 3.5.4
- Update from version 3.5.1 to 3.5.4
- Update of rootfile
- Changelog
3.5.4
* Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap
Issue summary: An application trying to decrypt CMS messages encrypted using
password based encryption can trigger an out-of-bounds read and write.
Impact summary: This out-of-bounds read may trigger a crash which leads to
Denial of Service for an application. The out-of-bounds write can cause
a memory corruption which can have various consequences including
a Denial of Service or Execution of attacker-supplied code.
The issue was reported by Stanislav Fort (Aisle Research).
([CVE-2025-9230])
* Fix Timing side-channel in SM2 algorithm on 64 bit ARM
Issue summary: A timing side-channel which could potentially allow remote
recovery of the private key exists in the SM2 algorithm implementation on
64 bit ARM platforms.
Impact summary: A timing side-channel in SM2 signature computations on
64 bit ARM platforms could allow recovering the private key by an attacker.
The issue was reported by Stanislav Fort (Aisle Research).
([CVE-2025-9231])
* Fix Out-of-bounds read in HTTP client no_proxy handling
Issue summary: An application using the OpenSSL HTTP client API functions
may trigger an out-of-bounds read if the "no_proxy" environment variable is
set and the host portion of the authority component of the HTTP URL is an
IPv6 address.
Impact summary: An out-of-bounds read can trigger a crash which leads to
Denial of Service for an application.
The issue was reported by Stanislav Fort (Aisle Research).
([CVE-2025-9232])
* The FIPS provider no longer performs a PCT on key import for ECX keys
(that was introduced in 3.5.2), following the latest update
on that requirement in FIPS 140-3 IG 10.3.A additional comment 1.
* Fixed the length of the ASN.1 sequence for the SM3 digests of RSA-encrypted
signatures.
* Reverted the synthesised `OPENSSL_VERSION_NUMBER` change for the release
builds, as it broke some exiting applications that relied on the previous
3.x semantics, as documented in `OpenSSL_version(3)`.
3.5.3
* Avoided a potential race condition introduced in 3.5.1, where
`OSSL_STORE_CTX` kept open during lookup while potentially being used
by multiple threads simultaneously, that could lead to potential crashes
when multiple concurrent TLS connections are served.
* The FIPS provider no longer performs a PCT on key import for RSA, DH,
and EC keys (that was introduced in 3.5.2), following the latest update
on that requirement in FIPS 140-3 IG 10.3.A additional comment 1.
* Secure memory allocation calls are no longer used for HMAC keys.
* `openssl req` no longer generates certificates with an empty extension list
when SKID/AKID are set to `none` during generation.
* The man page date is now derived from the release date provided
in `VERSION.dat` and not the current date for the released builds.
* Hardened the provider implementation of the RSA public key "encrypt"
operation to add a missing check that the caller-indicated output buffer
size is at least as large as the byte count of the RSA modulus. The issue
was reported by Arash Ale Ebrahim from SYSPWN.
This operation is typically invoked via `EVP_PKEY_encrypt(3)`. Callers that
in fact provide a sufficiently large buffer, but fail to correctly indicate
its size may now encounter unexpected errors. In applications that attempt
RSA public encryption into a buffer that is too small, an out-of-bounds
write is now avoided and an error is reported instead.
* Added FIPS 140-3 PCT on DH key generation.
* Fixed the synthesised `OPENSSL_VERSION_NUMBER`.
3.5.2
* The FIPS provider now performs a PCT on key import for RSA, EC and ECX.
This is mandated by FIPS 140-3 IG 10.3.A additional comment 1.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Thu, 2 Oct 2025 11:10:15 +0000 (13:10 +0200)]
firewall.cgi: Fixes XSS potential
- Related to CVE-2025-50975
- Fixes PROT
- ruleremark was already escaped when firewall.cgi was initially merged back in Core
Update 77.
- SRC_PORT, TGT_PORT, dnaport, src_addr & tgt_addr are already validated in the code as
ports or port ranges.
- std_net_tgt is a string defined in the code and not a variable
- The variable key ignores any input that is not a digit and subsequently uses the next
free rulenumber digit
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
'dmz' => 'AÇIK BÖLGE',
'dmz pinhole configuration' => 'Açık bölge yapılandırma',
'dmz pinhole rule added' => 'Açık bölge kuralı eklendi; Açık bölge
yeniden başlatılıyor',
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
since the last update made changes for the webinterface of OpenVPN, it's
time to remove unused translations and update the remaining ones for
downloading the client configuration.
Starting here with the German translation.
Best regards
Peer Dietzmann
'dmz pinhole configuration' => 'Einstellungen des DMZ-Schlupfloches',
'dmz pinhole rule added' => 'Regel für DMZ-Schlupfloch hinzugefügt;
Starte DMZ-Schlupfloch neu',
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Sun, 28 Sep 2025 21:06:00 +0000 (21:06 +0000)]
OpenSSH: Amend upstream default cipher changes
This patch implements the following change made to OpenSSH server
upstream in version 10.0:
* sshd(8): this release disables finite field (a.k.a modp)
Diffie-Hellman key exchange in sshd by default. Specifically,
this removes the "diffie-hellman-group*" and
"diffie-hellman-group-exchange-*" methods from the default
KEXAlgorithms list. The client is unchanged and continues to
support these methods by default. Finite field Diffie Hellman
is slow and computationally expensive for the same security
level as Elliptic Curve DH or PQ key agreement while offering
no redeeming advantages. ECDH has been specified for the SSH
protocol for 15 years and some form of ECDH has been the default
key exchange in OpenSSH for the last 14 years.
In addition, for both OpenSSH server and client, the following upstream
change made in version 9.9 is implemented:
* ssh(1): the hybrid post-quantum algorithm mlkem768x25519-sha256
is now used by default for key agreement. This algorithm is
considered to be safe against attack by quantum computers,
is guaranteed to be no less strong than the popular
curve25519-sha256 algorithm, has been standardised by NIST
and is considerably faster than the previous default.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Sun, 28 Sep 2025 21:05:00 +0000 (21:05 +0000)]
OpenSSH: Prefer AES-GCM ciphers over AES-CTR
This reflects the following change made upstream in OpenSSH 9.9:
* ssh(1): prefer AES-GCM to AES-CTR mode when selecting a cipher
for the connection. The default cipher preference list is now
Chacha20/Poly1305, AES-GCM (128/256) followed by AES-CTR
(128/192/256).
However, we keep preferring AES-GCM over Chacha/Poly, as hardware
acceleration often grants the former a better performance, while there
is no security advance of Chacha/Poly usage over 256 bit AES-GCM.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Sun, 28 Sep 2025 19:51:00 +0000 (19:51 +0000)]
initscripts: Always wait for xtables lock when running iptables commands
If not explicitly instructed to do so, iptables by default aborts with
an error message such as
> Can't lock /run/xtables.lock: Resource temporarily unavailable
> Another app is currently holding the xtables lock. Perhaps you want to use the -w option?
if the Xtables lock is still set, i.e., another iptables operation is
currently in progress. This causes iptables commands not to be executed
at all if there are delays during the boot procedure, e.g. due to slow
PPPoE dial-up procedure or similar.
To ensure deterministic behavior, this match modifies initscripts to
always execute iptables to wait for the Xtables lock to be removed, to
make sure iptables rules are installed properly (the "firewall"
initscript is doing so already).
Fixes: #13896 - OpenVPN RW port not opened in firewall after reboot Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Tested-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Sun, 28 Sep 2025 22:29:00 +0000 (22:29 +0000)]
Tor: Update to 0.4.8.18
Changes in version 0.4.8.18 - 2025-09-16
This is a minor release with a major onion service directory cache (HSDir)
bug fix. A series of minor bugfixes as well. As always, we strongly recommend
to upgrade as soon as possible.
o Major bugfixes (onion service directory cache):
- Preserve the download counter of an onion service descriptor
across descriptor uploads, so that recently updated descriptors
don't get pruned if there is memory pressure soon after update.
Additionally, create a separate torrc option MaxHSDirCacheBytes
that defaults to the former 20% of MaxMemInQueues threshold, but
can be controlled by relay operators under DoS. Also enforce this
theshold during HSDir uploads. Fixes bug 41006; bugfix
on 0.4.8.14.
o Minor feature (padding, logging):
- Reduce the amount of messages being logged related to channel
padding timeout when log level is "notice".
o Minor features (fallbackdir):
- Regenerate fallback directories generated on September 16, 2025.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2025/09/16.
o Minor bugfix (conflux):
- Remove the pending nonce if we realize that the nonce of the
unlinked circuit is not tracked anymore. Should avoid the non
fatal assert triggered with a control port circuit event. Fixes
bug 41037; bugfix on 0.4.8.15.
o Minor bugfixes (circuit handling):
- Prevent circuit_mark_for_close() from being called twice on the
same circuit. Second fix attempt Fixes bug 41106; bugfix
on 0.4.8.17
o Minor bugfixes (threads):
- Make thread control POSIX compliant. Fixes bug 41109; bugfix
on 0.4.8.17-dev.
Changes in version 0.4.8.17 - 2025-06-30
This is a minor providing a series of minor features especially in the realm
of TLS. It also brings a new set of recommended and required sub protocols.
And finally, few minor bugfixes, nothing major. As always, we strongly
recommend you upgrade as soon as possible.
o Minor features (security, TLS):
- When we are running with OpenSSL 3.5.0 or later, support using the
ML-KEM768 for post-quantum key agreement. Closes ticket 41041.
o Minor feature (client, TLS):
- Set the TLS 1.3 cipher list instead of falling back on the
default value.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on June 30, 2025.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2025/06/30.
o Minor features (hsdesc POW):
- Tolerate multiple PoW schemes in onion service descriptors, for
future extensibility. Implements torspec ticket 272.
o Minor features (performance TLS):
- When running with with OpenSSL 3.0.0 or later, support using
X25519 for TLS key agreement. (This should slightly improve
performance for TLS session establishment.)
o Minor features (portability):
- Fix warnings when compiling with GCC 15. Closes ticket 41079.
o Minor features (recommended protocols):
- Directory authorities now vote to recommend that clients support
certain protocols beyond those that are required. These include
improved support for connecting to relays on IPv6, NtorV3, and
congestion control. Part of ticket 40836.
o Minor features (required protocols):
- Directory authorities now vote to require clients to support the
authenticated SENDME feature, which was introduced in
0.4.1.1-alpha. Part of ticket 40836.
- Directory authorities now vote to require relays to support
certain protocols, all of which have been implemented since
0.4.7.4-alpha or earlier. These include improved support for
connecting to relays on IPv6, NtorV3, running as a rate-limited
introduction point, authenticated SENDMEs, and congestion control.
Part of ticket 40836.
o Minor bugfix (conflux):
- Avoid a non fatal assert when describing a conflux circuit on the
control port after being prepped to be freed. Fixes bug 41037;
bugfix on 0.4.8.15.
o Minor bugfixes (circuit handling):
- Prevent circuit_mark_for_close() from being called twice on the
same circuit. Fixes bug 40951; bugfix on 0.4.8.16-dev.
o Minor bugfixes (compiler warnings):
- Make sure the two bitfields in the half-closed edge struct are
unsigned, as we're using them for boolean values and assign 1 to
them. Fixes bug 40911; bugfix on 0.4.7.2-alpha.
o Minor bugfixes (threads, memory):
- Improvements in cleanup of resources used by threads. Fixes bug
40991; bugfix on 0.4.8.13-dev.
- Rework start and exit of worker threads.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Thu, 25 Sep 2025 17:22:53 +0000 (19:22 +0200)]
expat: Update to version 2.7.3
- Update from version 2.7.2 to 2.7.3
- Update of rootfile
- Changelog
2.7.3
Security fixes:
Fix alignment of internal allocations for some non-amd64
architectures (e.g. sparc32); fixes up on the fix to
CVE-2025-59375 from #1034 (of Expat 2.7.2 and related
backports)
Fix a class of false positives where input should have been
rejected with error XML_ERROR_ASYNC_ENTITY; regression from
CVE-2024-8176 fix pull request #973 (of Expat 2.7.0 and
related backports). Please check the added unit tests for
example documents.
Other changes:
Prove and regression-proof absence of integer overflow
from function expat_realloc
Remove "harmless" cast that truncated a size_t to unsigned
Autotools: Remove "ln -s" discovery
docs: Be consistent with use of floating point around
XML_SetAllocTrackerMaximumAmplification
docs: Make it explicit that XML_GetCurrentColumnNumber starts at 0
docs: Better integrate the effect of the activation thresholds
docs: Fix an in-comment typo in expat.h
docs: Fix a typo in README.md
docs: Improve change log of release 2.7.2
xmlwf: Resolve use of functions XML_GetErrorLineNumber
and XML_GetErrorColumnNumber
Windows: Normalize .bat files to CRLF line endings
Version info bumped from 12:0:11 (libexpat*.so.1.11.0)
to 12:1:11 (libexpat*.so.1.11.1); see https://verbump.de/
for what these numbers do
Infrastructure:
CI: Cleanup UndefinedBehaviorSanitizer fatality
CI|Linux: Stop aborting at first job failure
CI|FreeBSD: Upgrade to FreeBSD 15.0
CI|FreeBSD: Do not install CMake meta-package
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Thu, 25 Sep 2025 11:12:52 +0000 (13:12 +0200)]
proxy.cgi: Further fix for bug 13893
- Previous patch for proxy.cgi was related to the mitigation provided by the bug reporter
for the parameter VISIBLE_HOSTNAME. This parameter however was not mentioned in the
description for that bug.
- bug 13893 description mentions TLS_HOSTNAME, UPSTREAM_USER, UPSTREAM_PASSWORD,
ADMIN_MAIL_ADDRESS, and ADMIN_PASSWORD but it mentions them as being from dns.cgi
which is incorrect except for TLS_HOSTNAME.
- The other parameters are from proxy.cgi but no mitigation was shown for those in the
bug report.
- This patch adds fixes for the parameters UPSTREAM_USER, UPSTREAM_PASSWORD,
ADMIN_MAIL_ADDRESS, and ADMIN_PASSWORD
Fixes: bug 13893 - proxy.cgi Multiple Parameters Stored Cross-Site Scripting Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 24 Sep 2025 16:36:12 +0000 (18:36 +0200)]
ovpnmain.cgi: Remove the auth-nocache directive from clients
This seems to have some weird effects on Windows clients using OpenVPN
2.6.14 where username/password popup appears after one hour. Since we
don't use any real username/password authentication, we will have to
make sure that the client keeps using the fake data that we have added
to the configuration.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 24 Sep 2025 16:30:59 +0000 (18:30 +0200)]
openvpn: Return something if the authentication is in an unknown state
Sometimes, the clients seem to be sending a PUSH_REQUEST which is not
receiving a reply from the server. That is because the authenticator
might not respond at all on the socket.
In that case, we should just aim to restart the authentication and hope
that the client will come back with something that we expected.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Robin Roevens [Wed, 24 Sep 2025 06:11:48 +0000 (08:11 +0200)]
zabbix_agentd: Update to 7.0.18 (LTS)
- Update of rootfile not required
Bugs fixed:
- ZBX-26723 Fixed Zabbix Agent active remote command getting timeout applied due to incorrect parsing of JSON
- ZBX-26697 Fixed memory error in sender when trying to read invalid response
- ZBX-26477 Fixed vfs.dir.get ignoring entries with 0 unixtime and fixed vfs.file.get having null values for time fields in this case
- ZBX-26143 Fixed duplicated address issue after redirection and disabled history upload on Agent connection failure until the connection is re-established
Full changelogs:
- https://www.zabbix.com/rn/rn7.0.17
- https://www.zabbix.com/rn/rn7.0.18
- https://www.zabbix.com/rn/rn7.0.10
- https://www.zabbix.com/rn/rn7.0.11
Signed-off-by: Robin Roevens <robin.roevens@disroot.org> Reviewed-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 22 Sep 2025 13:08:26 +0000 (14:08 +0100)]
arpwatch: Add status command to the initscript
This is not very reliable as the exit codes are not very clean, but it
is good enough to tell the user on the terminal whether arpwatch is
running and it will fix the web UI output.
Fixes: #13874 - Arpwatch does not display correct status on service.cgi Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 23 Jul 2025 14:59:56 +0000 (16:59 +0200)]
hostapd: Introduce new WiFi modes to accomodate all different modes
Using just 802.11ac does not entirely cover how the hardware could be
configured. Some devices support 20, 40, 80 or even 160 MHz channels
which is now being implemented here.
The channel offsets are computed manually or will be automatically
selected by hostapd if we are using ACS.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 17 Jul 2025 18:07:10 +0000 (18:07 +0000)]
hostapd: Rebase the configuration on the upstream default config
Most options are added, but not enabled. There are however the following
changes:
* Enable Operating Channel Validation
* Enable Fast BSS Transition (802.11r)
* Support for 802.11ax and 802.11be
* Disable the internal randomness pool
* Enable Interworking (802.11u)
* Enable Fast Session Transfer (FST)
* Enable Multiband Operation support
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sat, 20 Sep 2025 14:02:01 +0000 (14:02 +0000)]
arpwatch: Fix the envelope sender
arpwatch invokes sendmail without passing the envelope sender
explicitely. This causes that mails can get rejected if the From: header
does not match the envelope sender.
This patch passes the correct address as the envelope sender.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
projects / ipfire-2.x.git / log
