lshw (Hardware Lister) is a small tool to provide detailed information on
the hardware configuration of the machine.
It can report exact memory configuration, firmware version,
mainboard configuration, CPU version and speed,
cache configuration, bus speed, etc.
Signed-off-by: Marcel Follert (Smooky) <smooky@16.de> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Marcel Follert [Fri, 21 Aug 2020 19:37:07 +0000 (21:37 +0200)]
ncdu-1.15.1
>>> https://dev.yorhel.nl/ncdu <<<
Ncdu is a disk usage analyzer with an ncurses interface.
It is designed to find space hogs on a remote server where you don't
have an entire graphical setup available,
but it is a useful tool even on regular desktop systems.
Ncdu aims to be fast, simple and easy to use,
and should be able to run in any minimal POSIX-like environment
with ncurses installed.
Signed-off-by: Marcel Follert (Smooky) <smooky@16.de> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
-fcf-protection insert non i586 instructions that crash on amd k6 and geode
to build a working glibc also the toolchain compiler must build without this
so this need a new toolchain.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Stefan Schantl [Tue, 15 Sep 2020 17:36:15 +0000 (19:36 +0200)]
Language files: Clarify menu entries and page titles for VPN connections.
These pages for RW and N2N statistics only show handle for OpenVPN connections.
Fixes #12476.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Michael Tremer [Fri, 18 Sep 2020 07:44:37 +0000 (07:44 +0000)]
graphs: Fix rendering CPU graphs after number of cores decreased
Fixes: #12193 - cpu graphs cannot created if smt is disabled Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Wed, 2 Sep 2020 10:48:55 +0000 (12:48 +0200)]
postfix: Update to 3.5.7
- Update postfix from version 3.5.6 to 3.5.7
see ftp://ftp.cs.uu.nl/mirror/postfix/postfix-release/official/postfix-3.5.7.RELEASE_NOTES
Supporting request from Peter Müller Signed-off-by: Adolf Belka<ahb@ipfire@gmail.com Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Mon, 7 Sep 2020 18:26:46 +0000 (20:26 +0200)]
nagios_nrpe: Fix for bug 12337
- added pid_file=/var/run to the configure statement
to give the required pid directory in the default nrpe.cfg file
Signed-off-by: Adolf Belka <ahb.ipfire@gmail.com> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
ACPI (with EFI) is used on ARM systems conforming to the
Server Base Boot Requirements (SBBR) and is an optional
on embedded systems (EBBR).
Up to now the ARM64 boards supported by IPFire use U-Boot and
device tree so ACPI was not turned on.
The immediate use case here is to run under virtualization,
using my muvirt project[1] I can run IPFire on our Traverse Ten64
system. For reasons I'll explain separately it is not
currently possible to run stock IPFire on this system.
This change also enables the EFI RTC driver which is presented
by the qemu arm64 virt machine.
the configure.ac has a bug that detects gcc-10 as gcc-1 and so not use
some quirks. Also there is a bug with FORTIFY-SOURCE=2 that crash
if the matchparen plugin is used (enabled by default).
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This problem is serious because it allows any client, including
browser scripts, to bypass local security and poison the browser
cache and any downstream caches with content from an arbitrary
source.
* SQUID-2020:9 Denial of Service processing Cache Digest Response
(CVE pending allocation)
This problem allows a trusted peer to deliver to perform Denial
of Service by consuming all available CPU cycles on the machine
running Squid when handling a crafted Cache Digest response
message.
This problem is serious because it allows any client, including
browser scripts, to bypass local security and poison the proxy
cache and any downstream caches with content from an arbitrary
source.
* Bug 5051: Some collapsed revalidation responses never expire
* SSL-Bump: Support parsing GREASEd (and future) TLS handshakes
* Honor on_unsupported_protocol for intercepted https_port"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Erik Kapfer [Tue, 18 Aug 2020 14:34:37 +0000 (14:34 +0000)]
tshark: Update to version 3.2.6
The version jump from 3.2.3 to 3.2.6 includes several changes.
3.2.4 includes only bugfixes.
3.2.5 includes bugfixes and updated protocols.
3.2.6 includes also bugfixes and updated protocols.
For a full overview, the release notes can be found in here -->
https://www.wireshark.org/docs/relnotes/ .
Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
For details see:
https://gitlab.freedesktop.org/spice/usbredir/-/blob/master/ChangeLog
"-Source code and bug tracker hosted in Freedesktop's instance of Gitlab
-https://gitlab.freedesktop.org/spice/usbredir
-usbredirfilter
-Fix busy wait due endless recursion when interface_count is zero
-usbredirhost:
-Fix leak on error
-usbredirserver:
-Use 'busnum-devnum' instead of 'usbbus-usbaddr'
-Add support for bind specific address -4 for ipv4, -6 for ipv6
-Reject empty vendorid from command line
-Enable TCP keepalive"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Tue, 14 Jul 2020 19:05:10 +0000 (19:05 +0000)]
Postfix: update to 3.5.4
Please refer to http://www.postfix.org/announcements/postfix-3.5.4.html
for release announcements.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Tue, 14 Jul 2020 20:26:26 +0000 (20:26 +0000)]
Tor: update to 0.4.3.6
Please refer to https://blog.torproject.org/new-release-tor-03511-0428-0436-security-fixes
for release announcements.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
For details see:
https://downloads.isc.org/isc/bind9/9.11.21/RELEASE-NOTES-bind-9.11.21.html
"Bug Fixes
named could crash when cleaning dead nodes in lib/dns/rbtdb.c that
were being reused. [GL #1968]
Properly handle missing kyua command so that make check does not
fail unexpectedly when CMocka is installed, but Kyua is not. [GL
#1950]
The validator could fail to accept a properly signed RRset if an
unsupported algorithm appeared earlier in the DNSKEY RRset than
a supported algorithm. It could also stop if it detected a malformed
public key. [GL #1689]"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Ice Lake Intel CPUs have been found of being vulnerable to MDS, thus
requiring new microcodes for them. <sarcasm>Yay!</sarcasm> Please refer to
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20200616
for further information.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>