git.ipfire.org Git - ipfire-2.x.git/log

]> git.ipfire.org Git - ipfire-2.x.git/log

projects / ipfire-2.x.git / log

commit | commitdiff | tree

Michael Tremer [Mon, 26 Feb 2018 16:28:16 +0000 (16:28 +0000)]

Bump release of all packages linked against OpenSSL

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 26 Feb 2018 16:22:32 +0000 (16:22 +0000)]

core120: Ship everything that is linked against OpenSSL

This will make sure that everything is using the new version
of the library.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 26 Feb 2018 15:37:49 +0000 (15:37 +0000)]

Disable Path MTU discovery

This seems to be a failed concept and causes issues with transferring
large packets through an IPsec tunnel connection.

This configures the kernel to still respond to PMTU ICMP discovery
messages, but will not try this on its own.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 26 Feb 2018 15:34:10 +0000 (15:34 +0000)]

core120: Fix typo in initscript name

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 26 Feb 2018 13:06:34 +0000 (13:06 +0000)]

Rootfile update

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 26 Feb 2018 11:12:20 +0000 (11:12 +0000)]

dhcp: Allow adding extra DHCP interfaces

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Erik Kapfer via Development [Mon, 26 Feb 2018 07:00:15 +0000 (08:00 +0100)]

OpenVPN: Ship missing OpenSSL configuration file for update

Core 115 delivered a patch which prevents the '--ns-cert-type server is deprecated' message
and introduced also '--remote-cert-tls server' -->
https://patchwork.ipfire.org/patch/1441/ whereby the changed ovpn.cnf has not been delivered.

Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Erik Kapfer via Development [Sun, 25 Feb 2018 13:49:49 +0000 (14:49 +0100)]

OpenVPN: New AES-GCM cipher for N2N and RW

AES-GCM 128, 196 and 256 bit has been added to Net-to-Net and Roadwarrior section.

HMAC selection for N2N will be disabled if AES-GCM is used since GCM provides an own message authentication (GMAC).
'auth *' line in N2N.conf will be deleted appropriately if AES-GCM is used since '--tls-auth' is not available for N2N.
HMAC selection menu for Roadwarriors is still available since '--tls-auth' is available for RWs
which uses the configuered HMAC even AES-GCM has been applied.

Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Thu, 22 Feb 2018 18:52:03 +0000 (18:52 +0000)]

openssl-compat: Do not try to apply missing padlock patch

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Thu, 22 Feb 2018 18:50:38 +0000 (18:50 +0000)]

openssl-compat: Add missing library path

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Wed, 21 Feb 2018 13:06:22 +0000 (13:06 +0000)]

core120: Remove deprecated sshd configuration option

This just created a warning and is now dropped

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Wed, 21 Feb 2018 12:55:36 +0000 (12:55 +0000)]

Revert "wget: Link against GnuTLS instead of OpenSSL"

This reverts commit a46b159a8dc0d191ee57cf48b66be8a39fd7d9ec.

wget 1.19.4 supports linking against OpenSSL 1.1.0.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Wed, 21 Feb 2018 12:41:05 +0000 (12:41 +0000)]

core120: Remove forgotten PHP file

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Wed, 21 Feb 2018 12:39:55 +0000 (12:39 +0000)]

core120: Ship updated OpenSSL 1.1.0

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Wed, 21 Feb 2018 12:21:10 +0000 (12:21 +0000)]

Merge branch 'openssl-11' into next

commit | commitdiff | tree

Michael Tremer [Wed, 21 Feb 2018 12:20:57 +0000 (12:20 +0000)]

Start Core Update 120

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Wed, 21 Feb 2018 12:05:14 +0000 (12:05 +0000)]

core119: Reload apache after configuration changes

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Peter Müller [Tue, 5 Dec 2017 13:43:17 +0000 (14:43 +0100)]

disable Apache server signature

Sending the server signature is unnecessary and might leak
some internal information (although ServerTokens is already
set to "Prod").

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Wed, 21 Feb 2018 11:24:48 +0000 (11:24 +0000)]

backup: Don't backup apache configuration, keys only

In the past the apache configuration was part of the backup
and may have been restored after Core Update 118 was installed
with PHP being dropped amongst other things.

This patch will make sure that only keys are being backuped.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 20 Feb 2018 20:10:30 +0000 (20:10 +0000)]

Rootfile update

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 19 Feb 2018 23:44:57 +0000 (23:44 +0000)]

strongswan: Update to 5.6.2

Fixed a DoS vulnerability in the parser for PKCS#1 RSASSA-PSS
signatures that was caused by insufficient input validation.
One of the configurable parameters in algorithm identifier
structures for RSASSA-PSS signatures is the mask generation
function (MGF). Only MGF1 is currently specified for this purpose.
However, this in turn takes itself a parameter that specifies
the underlying hash function. strongSwan's parser did not
correctly handle the case of this parameter being absent,
causing an undefined data read.

This vulnerability has been registered as CVE-2018-6459.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 19 Feb 2018 23:42:17 +0000 (23:42 +0000)]

IPsec: Try to restart always-on tunnels immediately

When a tunnel that is in always-on configuration closes
unexpectedly, we can instruct strongSwan to restart it
immediately which is precisely what we do now.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 17 Feb 2018 18:55:38 +0000 (18:55 +0000)]

Rootfile update for armv5tel

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 17 Feb 2018 13:36:37 +0000 (13:36 +0000)]

haproxy: Link against libatomic on ARM

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 16 Feb 2018 20:01:55 +0000 (20:01 +0000)]

i2c-tools: New package

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 16 Feb 2018 19:14:33 +0000 (19:14 +0000)]

flac: Update to 1.3.2

The previous version fails to build on i586

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Thu, 15 Feb 2018 19:34:50 +0000 (19:34 +0000)]

Rootfile update

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Erik Kapfer [Thu, 15 Feb 2018 04:43:49 +0000 (05:43 +0100)]

OpenVPN: Added needed directive for v2.4 update

script-security: The support for the 'system' flag has been removed due to security implications
with shell expansions when executing scripts via system() call.
For more informations: https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage .

ncp-disable: Negotiable crypto parameters has been disabled for the first.

Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Wed, 14 Feb 2018 22:23:20 +0000 (22:23 +0000)]

core119: Ship changed proxy.cgi

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Bernhard Held [Mon, 12 Feb 2018 22:25:47 +0000 (23:25 +0100)]

proxy.cgi: remove excessive newlines in generated proxy.pac

Remove excessive newlines in generated proxy.pac

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 13 Feb 2018 21:07:04 +0000 (21:07 +0000)]

Rootfile update

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 13 Feb 2018 16:35:08 +0000 (16:35 +0000)]

Bump toolchain version

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 13 Feb 2018 16:34:55 +0000 (16:34 +0000)]

Rootfile update for glibc on i586

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 13 Feb 2018 16:30:05 +0000 (16:30 +0000)]

nagios-plugins: Update rootfiles

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 13 Feb 2018 16:20:55 +0000 (16:20 +0000)]

postfix: Update rootfile

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 13 Feb 2018 10:24:04 +0000 (10:24 +0000)]

zlib: Fix name of logfile in toolchain build

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 13 Feb 2018 10:23:54 +0000 (10:23 +0000)]

sslh: Build without tcpwrappers

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 14:24:12 +0000 (14:24 +0000)]

toolchain: Add zlib

ccache needs this and usually comes with an own bundled
version but fails to build in version 3.4.1.

Since this is a small library only and we really want
ccache to use compression, we will build this indepently
and let ccache use it from the system.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 13:07:38 +0000 (13:07 +0000)]

Bump toolchain version

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 12:44:37 +0000 (12:44 +0000)]

Cleanup toolchain scripts

No functional changes, just some tidy up

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 12:12:08 +0000 (12:12 +0000)]

ccache: Update to 3.4.1

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 12:09:22 +0000 (12:09 +0000)]

PAM: Drop shipped configuration

This is outdated, broken and has hardcoded passwords.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 12:07:29 +0000 (12:07 +0000)]

Drop perl-DBD-mysql

This package is not used by anything and depends on MySQL
which has been dropped, too.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 12:05:46 +0000 (12:05 +0000)]

Drop MySQL

This is outdated and still on 5.0.x and nobody volunteered to
update this package.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 11:55:28 +0000 (11:55 +0000)]

asterisk: Do not depend on MySQL any more

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 11:52:07 +0000 (11:52 +0000)]

postfix: Don't depend on amavis

This can be used together but there is no need to
always install amavis when someone wants to use postfix

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 11:51:46 +0000 (11:51 +0000)]

postfix: Don't depend on MySQL any more

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 11:50:51 +0000 (11:50 +0000)]

postfix: Don't ship our own configuration

This is outdated and half of it is not maintained any more.

Users should configure postfix themselves based on the
default configuration.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 11:44:28 +0000 (11:44 +0000)]

Drop pammysql

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 11:42:47 +0000 (11:42 +0000)]

Drop tcpwrapper

This library has been unused for quite a while

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 11:40:07 +0000 (11:40 +0000)]

Drop mISDN userspace tools

This is unsupported for quite a while and nobody should be using this.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 11:33:51 +0000 (11:33 +0000)]

Drop capi4k-utils

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 11:31:14 +0000 (11:31 +0000)]

core119: Remove dropped lcr package during update

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 11:29:53 +0000 (11:29 +0000)]

core119: Import changed packages

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 11:22:58 +0000 (11:22 +0000)]

Start Core Update 119

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 12 Feb 2018 11:18:01 +0000 (11:18 +0000)]

Rootfile update for bison

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Erik Kapfer [Thu, 8 Feb 2018 08:54:58 +0000 (09:54 +0100)]

OpenVPN: Mark unsecure ciphers and DH-parameter as 'weak' in WUI menu

64 bit block ciphers like Blowfish, TDEA and CAST5 are vulnerable to the so called 'Birthday attacks' .
    Infos for 'Sweet32' Birthday attacks can be found in here
        https://sweet32.info/ .
    An Overview of 64 bit clock ciphers can also be found in here
        http://en.citizendium.org/wiki/Block_cipher/Catalogs/Cipher_list#64-bit_blocks

1024 bit Diffie-Hellman parameter has also been marked as weak causing the 'Logjam Attack' .
   Infos for 'Logjam Attack' can be found in here
        https://weakdh.org/ .

Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 11 Feb 2018 23:23:54 +0000 (23:23 +0000)]

index.cgi: Properly show IPsec subnets

Fixes: #11604
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Erik Kapfer [Wed, 7 Feb 2018 17:31:49 +0000 (18:31 +0100)]

CRL updater: Update script for OpenVPNs CRL

Update script for OpenVPNs CRL cause OpenVPN refactors the CRL handling since v.2.4.0 .
Script checks the next update field from the CRL and executes an update before it expires.
Script is placed under fcron.daily for daily checks.

Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Wed, 7 Feb 2018 12:43:28 +0000 (12:43 +0000)]

openssl: Properly pass CFLAGS and LDFLAGS to build

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 2 Feb 2018 11:12:19 +0000 (11:12 +0000)]

Package openssl-compat (1.0.2.n)

This is provided for compatibility with binaries that have
been compiled against this version of OpenSSL.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 2 Feb 2018 10:59:37 +0000 (10:59 +0000)]

openssl: Rootfile update

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Erik Kapfer [Wed, 31 Jan 2018 09:34:59 +0000 (10:34 +0100)]

OpenVPN: Update to version 2.4.4

Changed LFS and ROOTFILE for OpenVPN 2.4.4 update.

Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 13 Jan 2018 12:00:08 +0000 (12:00 +0000)]

python-m2crypto: Install in correct directory

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 13 Jan 2018 11:59:37 +0000 (11:59 +0000)]

openssl: Enable engines

Some tools that depend on openssl won't compile without it

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Thu, 11 Jan 2018 11:49:31 +0000 (11:49 +0000)]

wget: Link against GnuTLS instead of OpenSSL

This version does not seem to be compatible with OpenSSL 1.1
and might be changed back to OpenSSL when ever it will compile.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 28 Nov 2017 16:51:51 +0000 (16:51 +0000)]

python-m2crypto: Update to 0.27.0

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 28 Nov 2017 16:48:20 +0000 (16:48 +0000)]

python-typing: Required for m2crypto

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 28 Nov 2017 16:39:38 +0000 (16:39 +0000)]

transmission: Patch to build against OpenSSL 1.1

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 28 Nov 2017 15:06:54 +0000 (15:06 +0000)]

net-snmp: Patch to build against OpenSSL 1.1

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 28 Nov 2017 13:58:29 +0000 (13:58 +0000)]

elinks: Patch to build against OpenSSL 1.1

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 28 Nov 2017 13:37:38 +0000 (13:37 +0000)]

ncat: Update to 7.60

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 28 Nov 2017 13:06:26 +0000 (13:06 +0000)]

krb5: Update to 1.15.2 to build against OpenSSL 1.1

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 28 Nov 2017 13:02:17 +0000 (13:02 +0000)]

openssh: Update to 7.6p1 and patch against OpenSSL 1.1

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 27 Nov 2017 13:19:20 +0000 (13:19 +0000)]

Net-SSLeay: Update to 1.82

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 27 Nov 2017 12:47:13 +0000 (12:47 +0000)]

cyrus-sasl: Disable OTP to build against OpenSSL 1.1

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 25 Nov 2017 13:03:13 +0000 (13:03 +0000)]

openssl: Update to version 1.1

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 11 Feb 2018 19:22:01 +0000 (19:22 +0000)]

make.sh: Bump toolchain version

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 11 Feb 2018 19:21:20 +0000 (19:21 +0000)]

qemu: Make it build with newer glibcs

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 11 Feb 2018 17:12:23 +0000 (17:12 +0000)]

nfs: Fix building with newer glibcs

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 11 Feb 2018 16:58:10 +0000 (16:58 +0000)]

glibc: Enable obsolete NSL

This will re-activate the deprecated NIS code on which lots of
software relies on so that we can have some extra time to migrate.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 11 Feb 2018 11:35:41 +0000 (11:35 +0000)]

Config: Set PREFIX either to TOOLS_DIR or /usr

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 11 Feb 2018 11:34:47 +0000 (11:34 +0000)]

make.sh: CFLAGS: There is no evidence that supports enabling retpoline in user space is a good idea

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 11 Feb 2018 11:34:17 +0000 (11:34 +0000)]

libtirpc: Fix build against newer glibcs

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 11 Feb 2018 11:31:56 +0000 (11:31 +0000)]

binutils: Update to 2.30

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 11 Feb 2018 11:20:01 +0000 (11:20 +0000)]

dma: Don't only use TLSv1

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 10 Feb 2018 14:42:36 +0000 (14:42 +0000)]

postfix: Temporarily disable NIS

This makes postfix FTBFS because glibc has removed their
RPC headers.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 10 Feb 2018 14:31:21 +0000 (14:31 +0000)]

glibc: Update to 2.27

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 10 Feb 2018 13:50:53 +0000 (13:50 +0000)]

flex: Patch against SEGV with newer glibc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 10 Feb 2018 13:30:58 +0000 (13:30 +0000)]

Revert "make.sh: Add -fstack-clash-protection on platforms that support it"

This reverts commit 18b82970b81a5bbd31b8922440a97e43d6f01566.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 10 Feb 2018 13:20:14 +0000 (13:20 +0000)]

make.sh: Enable cheap out-of-bounds checks in C++ standard library

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 10 Feb 2018 13:18:42 +0000 (13:18 +0000)]

make.sh: Add -fstack-clash-protection on platforms that support it

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 10 Feb 2018 13:09:00 +0000 (13:09 +0000)]

make.sh: CFLAGS remove --param=ssp-buffer-size=4

This flag is useless with -fstack-protector-strong

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 10 Feb 2018 12:37:46 +0000 (12:37 +0000)]

pam: Update to 1.30.0

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 9 Feb 2018 17:38:08 +0000 (17:38 +0000)]

make.sh: make requires pkg-config to run autoconf

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 9 Feb 2018 17:34:50 +0000 (17:34 +0000)]

iproute2: Update to 4.14.1

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 9 Feb 2018 17:21:59 +0000 (17:21 +0000)]

hostname: Update to 3.20

Drops dependency to obsolete RPCSVC code in glibc.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 9 Feb 2018 17:21:12 +0000 (17:21 +0000)]

make: Patch against SEGV when using globbing functions

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Thu, 8 Feb 2018 22:03:28 +0000 (22:03 +0000)]

toolchain: Add bison

This is required by glibc 2.27

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Sat, 27 Jan 2018 12:47:09 +0000 (13:47 +0100)]

gcc: fix gmp download

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

IPFire 2.x development tree

RSS Atom