people/teissler/ipfire-2.x.git
9 years agoMerge remote-tracking branch 'origin/next' into kernel-update
Arne Fitzenreiter [Sat, 7 Jul 2012 17:40:10 +0000 (19:40 +0200)] 
Merge remote-tracking branch 'origin/next' into kernel-update

9 years agopakfire: add function to extract backup includes.
Arne Fitzenreiter [Sat, 7 Jul 2012 17:37:56 +0000 (19:37 +0200)] 
pakfire: add function to extract backup includes.

this is needed to fix some addons with missing includes at the next
update. (eg. nagios).

9 years agoindex.cgi: Add warning if deprecated reiser4 found.
Arne Fitzenreiter [Sat, 7 Jul 2012 17:12:56 +0000 (19:12 +0200)] 
index.cgi: Add warning if deprecated reiser4 found.

9 years agokernel3: update to 3.2.22.
Arne Fitzenreiter [Sat, 7 Jul 2012 12:57:27 +0000 (14:57 +0200)] 
kernel3: update to 3.2.22.

9 years agoMerge remote-tracking branch 'origin/next' into kernel-update
Arne Fitzenreiter [Fri, 6 Jul 2012 20:53:24 +0000 (22:53 +0200)] 
Merge remote-tracking branch 'origin/next' into kernel-update

9 years agousb-modeswitch-data: update database to 20120531.
Arne Fitzenreiter [Fri, 6 Jul 2012 20:51:49 +0000 (22:51 +0200)] 
usb-modeswitch-data: update database to 20120531.

9 years agoGeoIP: update database to 04072012.
Arne Fitzenreiter [Fri, 6 Jul 2012 15:05:51 +0000 (17:05 +0200)] 
GeoIP: update database to 04072012.

9 years agoMerge remote-tracking branch 'origin/next' into kernel-update
Arne Fitzenreiter [Thu, 5 Jul 2012 22:04:56 +0000 (00:04 +0200)] 
Merge remote-tracking branch 'origin/next' into kernel-update

9 years agoproxy.cgi: add more speed steps and some filetypes.
Arne Fitzenreiter [Tue, 3 Jul 2012 13:00:45 +0000 (15:00 +0200)] 
proxy.cgi: add more speed steps and some filetypes.

9 years agosquid: update to 3.1.20.
Arne Fitzenreiter [Tue, 3 Jul 2012 11:41:13 +0000 (13:41 +0200)] 
squid: update to 3.1.20.

9 years agocore61: add php to update.
Arne Fitzenreiter [Tue, 3 Jul 2012 07:53:39 +0000 (09:53 +0200)] 
core61: add php to update.

9 years agophp: security update to 5.3.14.
Arne Fitzenreiter [Tue, 3 Jul 2012 07:48:49 +0000 (09:48 +0200)] 
php: security update to 5.3.14.

The release fixes multiple security issues: A weakness in the DES implementation of crypt and a heap overflow issue in the phar extension

PHP 5.4.4 and PHP 5.3.14 fixes over 30 bugs. Please note that the use of php://fd streams is now restricted to the CLI SAPI.

9 years agosamba: update to 3.5.16.
Arne Fitzenreiter [Mon, 2 Jul 2012 13:16:23 +0000 (15:16 +0200)] 
samba: update to 3.5.16.

9 years agokernel3: updated to 3.2.21.
Arne Fitzenreiter [Wed, 27 Jun 2012 16:57:03 +0000 (18:57 +0200)] 
kernel3: updated to 3.2.21.

9 years agorpi-firmware: update to 234c19d.
Arne Fitzenreiter [Tue, 26 Jun 2012 13:30:09 +0000 (15:30 +0200)] 
rpi-firmware: update to 234c19d.

9 years agosysctl.conf: reserve 8MB free memory.
Arne Fitzenreiter [Tue, 26 Jun 2012 13:19:36 +0000 (15:19 +0200)] 
sysctl.conf: reserve 8MB free memory.

Some driver like SMSC9500 need some free memory for network packet
recieve and produce kernel faults if this memory cant allocated fast
enough.

9 years agoflash-images: disable fsck timecheck.
Arne Fitzenreiter [Tue, 26 Jun 2012 13:17:44 +0000 (15:17 +0200)] 
flash-images: disable fsck timecheck.

Most systems that use the flash image has no rtc so check is better
disabled.

9 years agoudev: fix vol_id ext4 detection if it has no journal.
Arne Fitzenreiter [Tue, 26 Jun 2012 13:09:38 +0000 (15:09 +0200)] 
udev: fix vol_id ext4 detection if it has no journal.

9 years agoMerge remote-tracking branch 'origin/next' into kernel-update
Arne Fitzenreiter [Sat, 23 Jun 2012 11:12:37 +0000 (13:12 +0200)] 
Merge remote-tracking branch 'origin/next' into kernel-update

9 years agoopenvpn: Properly handle fragment size.
Michael Tremer [Wed, 20 Jun 2012 18:53:10 +0000 (20:53 +0200)] 
openvpn: Properly handle fragment size.

Allow settings FRAGMENT=0.

9 years agoopenvpn: Introduce CCD.
Erik Kapfer [Wed, 20 Jun 2012 17:58:38 +0000 (19:58 +0200)] 
openvpn: Introduce CCD.

9 years agoopenvpn: Honour DAYS_VALID for CA certificates.
Erik Kapfer [Wed, 20 Jun 2012 17:54:45 +0000 (19:54 +0200)] 
openvpn: Honour DAYS_VALID for CA certificates.

9 years agoopenvpn: Sort connections by name.
Erik Kapfer [Wed, 20 Jun 2012 17:54:09 +0000 (19:54 +0200)] 
openvpn: Sort connections by name.

9 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Wed, 20 Jun 2012 13:40:28 +0000 (15:40 +0200)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

9 years agoAdd logwatch changes to next core update.
Michael Tremer [Wed, 20 Jun 2012 09:57:44 +0000 (11:57 +0200)] 
Add logwatch changes to next core update.

9 years agoMerge remote-tracking branch 'jlentfer/logwatch' into next
Michael Tremer [Wed, 20 Jun 2012 09:54:00 +0000 (11:54 +0200)] 
Merge remote-tracking branch 'jlentfer/logwatch' into next

9 years agologwatch: Enable Date::Manip 6.x support (using interface v5)
Jan Lentfer [Wed, 20 Jun 2012 08:42:35 +0000 (10:42 +0200)] 
logwatch: Enable Date::Manip 6.x support (using interface v5)

9 years agoclamav: update to 0.97.5.
Arne Fitzenreiter [Tue, 19 Jun 2012 19:24:51 +0000 (21:24 +0200)] 
clamav: update to 0.97.5.

9 years agoredirect_wrapper: fix logfile path in log output.
Arne Fitzenreiter [Mon, 18 Jun 2012 17:59:15 +0000 (19:59 +0200)] 
redirect_wrapper: fix logfile path in log output.

fixes #10126.

9 years agolang.de: Fix pakfire updated string.
Arne Fitzenreiter [Mon, 18 Jun 2012 17:42:20 +0000 (19:42 +0200)] 
lang.de: Fix pakfire updated string.

fixes #10112.

9 years agoMerge remote-tracking branch 'jlentfer/foomatic' into next
Michael Tremer [Sun, 17 Jun 2012 18:27:19 +0000 (20:27 +0200)] 
Merge remote-tracking branch 'jlentfer/foomatic' into next

9 years agofoomatic: Clean out /usr/share/foomatic prior to build to prevent hangs
Jan Lentfer [Sun, 17 Jun 2012 18:23:35 +0000 (20:23 +0200)] 
foomatic: Clean out /usr/share/foomatic prior to build to prevent hangs

9 years agoasterisk: Update to 1.8.13.0.
Jan Lentfer [Sat, 16 Jun 2012 10:31:18 +0000 (12:31 +0200)] 
asterisk: Update to 1.8.13.0.

The 1.4 branch of asterisk does not build with the new flex and bison.
Also, the 1.4 branch was EOL'ed April 2012. The 1.8 branch has long
term support until 2015.

This patch also update chan_capi to the most recent version (HEAD),
as this is the only one that compiles with asterisk 1.8.

Asterisk 1.8 ships addons as part of the main tarball.
Asterisk 1.8 has no build in mp3 support anymore, mp3 libs need to be
downloaded seperatly via svn
(see asterisk-1.8.13.0/contrib/scripts/get_mp3_source.sh).
This patch DOES NOT include mp3 support.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
9 years agolcr: Update to 1.10.
Jan Lentfer [Sat, 16 Jun 2012 10:27:04 +0000 (12:27 +0200)] 
lcr: Update to 1.10.

This is a prerequisite for updating asterisk.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
9 years agopam: Update 0.99.10.0.
Jan Lentfer [Sat, 16 Jun 2012 10:24:32 +0000 (12:24 +0200)] 
pam: Update 0.99.10.0.

The prior verion in base system did not build with
the new version of bison and flex.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
9 years agoflex: Update to 2.5.35.
Jan Lentfer [Sat, 16 Jun 2012 10:22:31 +0000 (12:22 +0200)] 
flex: Update to 2.5.35.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
9 years agom4: Update to 1.4.16.
Jan Lentfer [Sat, 16 Jun 2012 10:21:12 +0000 (12:21 +0200)] 
m4: Update to 1.4.16.

This is a prerequisite for updating bison and flex

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
9 years agobison: Update to 2.5.1.
Jan Lentfer [Sat, 16 Jun 2012 10:17:57 +0000 (12:17 +0200)] 
bison: Update to 2.5.1.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
9 years agou-boot: mount rootfs first readonly on pandaboard.
Arne Fitzenreiter [Sat, 16 Jun 2012 13:04:40 +0000 (15:04 +0200)] 
u-boot: mount rootfs first readonly on pandaboard.

remount for fscheck seems to fail on ext4 without journal.

9 years agoflash-images: align rootfs to 64MB.
Arne Fitzenreiter [Sat, 16 Jun 2012 13:02:56 +0000 (15:02 +0200)] 
flash-images: align rootfs to 64MB.

9 years agopartresize: fix typo.
Arne Fitzenreiter [Sat, 16 Jun 2012 13:01:31 +0000 (15:01 +0200)] 
partresize: fix typo.

9 years agokernel3: rootfile update.
Arne Fitzenreiter [Sat, 16 Jun 2012 13:00:55 +0000 (15:00 +0200)] 
kernel3: rootfile update.

9 years agokernel3: updated to 2.6.42.20 (aka 3.2.20).
Arne Fitzenreiter [Sat, 16 Jun 2012 12:58:35 +0000 (14:58 +0200)] 
kernel3: updated to 2.6.42.20 (aka 3.2.20).

kernel3 is used for raspberry pi and pandaboard yet.

9 years agorpi-firmware: updated firmware for new kernel.
Arne Fitzenreiter [Sat, 16 Jun 2012 12:55:58 +0000 (14:55 +0200)] 
rpi-firmware: updated firmware for new kernel.

9 years agosquid: Enable ICAP client.
Michael Tremer [Wed, 13 Jun 2012 13:43:27 +0000 (15:43 +0200)] 
squid: Enable ICAP client.

9 years agoflashimages: switch to single ext4 (wo journal)
Arne Fitzenreiter [Sun, 10 Jun 2012 09:16:57 +0000 (11:16 +0200)] 
flashimages: switch to single ext4 (wo journal)

also support video out on pandaboard.

9 years agokernel: updated omap and rpi kernel to 2.6.42.19 (aka 3.2.19).
Arne Fitzenreiter [Sun, 10 Jun 2012 09:13:59 +0000 (11:13 +0200)] 
kernel: updated omap and rpi kernel to 2.6.42.19 (aka 3.2.19).

9 years agoMerge remote-tracking branch 'origin/next' into kernel-update
Arne Fitzenreiter [Sat, 2 Jun 2012 08:25:02 +0000 (10:25 +0200)] 
Merge remote-tracking branch 'origin/next' into kernel-update

9 years agocore61: add collectd initskript to updater.
Arne Fitzenreiter [Sat, 2 Jun 2012 08:21:44 +0000 (10:21 +0200)] 
core61: add collectd initskript to updater.

9 years agocollectd: fix collectd on machines without rtc.
Arne Fitzenreiter [Sat, 2 Jun 2012 08:17:34 +0000 (10:17 +0200)] 
collectd: fix collectd on machines without rtc.

collectd hangs with 100% cpu usage if there is a very old entry
in the database. This was created at the first start without internet so
ntp cannot set the time.

9 years agoMerge remote-tracking branch 'origin/core60' into next
Arne Fitzenreiter [Fri, 1 Jun 2012 15:30:54 +0000 (17:30 +0200)] 
Merge remote-tracking branch 'origin/core60' into next

Conflicts:
config/rootfiles/core/59/update.sh
lfs/strongswan
make.sh

9 years agoMove core60 content to core61.
Arne Fitzenreiter [Fri, 1 Jun 2012 15:25:10 +0000 (17:25 +0200)] 
Move core60 content to core61.

9 years agocore60: add strongswan security update.
Arne Fitzenreiter [Fri, 1 Jun 2012 10:54:24 +0000 (12:54 +0200)] 
core60: add strongswan security update.

9 years agostrongswan: security update to 4.6.4 (fix CVE-2012-2388).
Arne Fitzenreiter [Fri, 1 Jun 2012 10:47:07 +0000 (12:47 +0200)] 
strongswan: security update to 4.6.4 (fix CVE-2012-2388).

RSA signature verification vulnerability
see http://http://www.strongswan.org/blog/2012/05/31/strongswan-4.6.4-released-%28cve-2012-2388%29.html for details.

9 years agomtr+tcpick: Two new binary addons.
Erik Kapfer [Sun, 27 May 2012 19:36:44 +0000 (21:36 +0200)] 
mtr+tcpick: Two new binary addons.

9 years agoopenvpn: Import translation patch from #10137.
Michael Tremer [Sun, 27 May 2012 16:19:35 +0000 (18:19 +0200)] 
openvpn: Import translation patch from #10137.

See comment 5 for more detail.

9 years agoopenvpn: Fix deletion of static routes.
Nico Prenzel [Thu, 24 May 2012 16:18:22 +0000 (18:18 +0200)] 
openvpn: Fix deletion of static routes.

9 years agoStart core update 60.
Michael Tremer [Thu, 24 May 2012 08:48:44 +0000 (10:48 +0200)] 
Start core update 60.

9 years agoopenvpn: Change colour of N2N connections.
Erik Kapfer [Thu, 24 May 2012 08:47:37 +0000 (10:47 +0200)] 
openvpn: Change colour of N2N connections.

From https://bugzilla.ipfire.org/show_bug.cgi?id=10137:
The first patch i have made is to give the index.cgi the origin colour (the
same then for the roadwarrior) for OpenVPN N2N connections on IPFire. At this
time the colour is stated in IPSec colour, so i made a patch to change this.

9 years agokernel: add kernel for Raspberry Pi.
Arne Fitzenreiter [Wed, 23 May 2012 11:43:03 +0000 (13:43 +0200)] 
kernel: add kernel for Raspberry Pi.

9 years agobuild: add armv6l to supported buildplatforms.
Arne Fitzenreiter [Wed, 23 May 2012 11:38:18 +0000 (13:38 +0200)] 
build: add armv6l to supported buildplatforms.

9 years agokernel: updated omap kernel to 2.6.40.32 aka 3.0.32.
Arne Fitzenreiter [Wed, 23 May 2012 11:34:39 +0000 (13:34 +0200)] 
kernel: updated omap kernel to 2.6.40.32 aka 3.0.32.

9 years agoMerge remote-tracking branch 'origin/next' into kernel-update
Arne Fitzenreiter [Sun, 20 May 2012 15:14:56 +0000 (17:14 +0200)] 
Merge remote-tracking branch 'origin/next' into kernel-update

9 years agofireinfo: Update to 2.1.5.
Michael Tremer [Sat, 19 May 2012 09:22:18 +0000 (11:22 +0200)] 
fireinfo: Update to 2.1.5.

Fixes issues on the Raspberry Pi Computer.

9 years agoMerge branch 'kernel-update' of git.ipfire.org:/pub/git/ipfire-2.x into kernel-update
Arne Fitzenreiter [Mon, 14 May 2012 15:12:27 +0000 (17:12 +0200)] 
Merge branch 'kernel-update' of git.ipfire.org:/pub/git/ipfire-2.x into kernel-update

9 years agoMerge remote-tracking branch 'origin/next' into kernel-update
Arne Fitzenreiter [Mon, 14 May 2012 08:40:15 +0000 (10:40 +0200)] 
Merge remote-tracking branch 'origin/next' into kernel-update

9 years agocore59: start/stop ipsec and ssh at update.
Arne Fitzenreiter [Sat, 12 May 2012 17:40:41 +0000 (19:40 +0200)] 
core59: start/stop ipsec and ssh at update.

9 years agofinished core59.
Arne Fitzenreiter [Sat, 12 May 2012 17:22:26 +0000 (19:22 +0200)] 
finished core59.

9 years agoGeoIP: update database to 01052012.
Arne Fitzenreiter [Sat, 12 May 2012 17:15:38 +0000 (19:15 +0200)] 
GeoIP: update database to 01052012.

9 years agodhcpcd: ignore MTU Smaller than 577.
Arne Fitzenreiter [Sat, 12 May 2012 15:13:45 +0000 (17:13 +0200)] 
dhcpcd: ignore MTU Smaller than 577.

Normally 576 is the smallest valid mtu but some cable provider set this
also if they support much higher mtu's. Fedora does not accept
this to prevent speed problems with such isp connections so we do the same.
If you really need mtu=576 you can still force at at the setup.

9 years agophp: security update to 5.3.13 (CVE-2012-2311).
Arne Fitzenreiter [Sat, 12 May 2012 13:33:42 +0000 (15:33 +0200)] 
php: security update to 5.3.13 (CVE-2012-2311).

9 years agoopenssh: update to 6.0p1.
Arne Fitzenreiter [Sat, 12 May 2012 13:32:47 +0000 (15:32 +0200)] 
openssh: update to 6.0p1.

9 years agoopenssl: security update to 0.9.8x (CVE-2012-2333).
Arne Fitzenreiter [Sat, 12 May 2012 13:30:38 +0000 (15:30 +0200)] 
openssl: security update to 0.9.8x (CVE-2012-2333).

Invalid TLS/DTLS record attack (CVE-2012-2333)
===============================================

A flaw in the OpenSSL handling of CBC mode ciphersuites in TLS 1.1, 1.2 and
DTLS can be exploited in a denial of service attack on both clients and
servers.

DTLS applications are affected in all versions of OpenSSL. TLS is only
affected in OpenSSL 1.0.1 and later.

Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic fuzzing
as a service testing platform.

The fix was developed by Stephen Henson of the OpenSSL core team.

Affected users should upgrade to OpenSSL 1.0.1c, 1.0.0j or 0.9.8x

References
==========

URL for this Security Advisory:
http://www.openssl.org/news/secadv_20120510.txt

9 years agotraceroute: update to 2.0.18 and fix name resolution.
Arne Fitzenreiter [Sun, 6 May 2012 10:51:14 +0000 (12:51 +0200)] 
traceroute: update to 2.0.18 and fix name resolution.

fixes #10097

9 years agostrongswan: update to 4.6.3.
Arne Fitzenreiter [Sat, 5 May 2012 21:25:07 +0000 (23:25 +0200)] 
strongswan: update to 4.6.3.

9 years agopython: update to 2.7.3.
Arne Fitzenreiter [Sat, 5 May 2012 21:23:53 +0000 (23:23 +0200)] 
python: update to 2.7.3.

9 years agofix core58 merge problem.
Arne Fitzenreiter [Sat, 5 May 2012 21:21:18 +0000 (23:21 +0200)] 
fix core58 merge problem.

Conflicts:

config/rootfiles/core/58/filelists/files

9 years agocore59: add openssl to core update.
Arne Fitzenreiter [Sat, 5 May 2012 21:19:36 +0000 (23:19 +0200)] 
core59: add openssl to core update.

9 years agoopenssl: security update to 0.9.8w. (CVE-2012-2131).
Arne Fitzenreiter [Wed, 2 May 2012 17:42:02 +0000 (19:42 +0200)] 
openssl: security update to 0.9.8w. (CVE-2012-2131).

SN1 BIO incomplete fix (CVE-2012-2131)
=======================================

It was discovered that the fix for CVE-2012-2110 released on 19 Apr
2012 was not sufficient to correct the issue for OpenSSL 0.9.8.

Please see http://www.openssl.org/news/secadv_20120419.txt for details
of that vulnerability.

This issue only affects OpenSSL 0.9.8v.  OpenSSL 1.0.1a and 1.0.0i
already contain a patch sufficient to correct CVE-2012-2110.

Thanks to Red Hat for discovering and fixing this issue.

Affected users should upgrade to 0.9.8w.

References
==========

URL for this Security Advisory:
http://www.openssl.org/news/secadv_20120424.txt

9 years agostarted core59.
Arne Fitzenreiter [Mon, 9 Apr 2012 10:19:06 +0000 (12:19 +0200)] 
started core59.

9 years agofinished core59.
Arne Fitzenreiter [Sat, 12 May 2012 17:22:26 +0000 (19:22 +0200)] 
finished core59.

9 years agoGeoIP: update database to 01052012.
Arne Fitzenreiter [Sat, 12 May 2012 17:15:38 +0000 (19:15 +0200)] 
GeoIP: update database to 01052012.

9 years agodhcpcd: ignore MTU Smaller than 577.
Arne Fitzenreiter [Sat, 12 May 2012 15:13:45 +0000 (17:13 +0200)] 
dhcpcd: ignore MTU Smaller than 577.

Normally 576 is the smallest valid mtu but some cable provider set this
also if they support much higher mtu's. Fedora does not accept
this to prevent speed problems with such isp connections so we do the same.
If you really need mtu=576 you can still force at at the setup.

9 years agophp: security update to 5.3.13 (CVE-2012-2311).
Arne Fitzenreiter [Sat, 12 May 2012 13:33:42 +0000 (15:33 +0200)] 
php: security update to 5.3.13 (CVE-2012-2311).

9 years agoopenssh: update to 6.0p1.
Arne Fitzenreiter [Sat, 12 May 2012 13:32:47 +0000 (15:32 +0200)] 
openssh: update to 6.0p1.

9 years agoopenssl: security update to 0.9.8x (CVE-2012-2333).
Arne Fitzenreiter [Sat, 12 May 2012 13:30:38 +0000 (15:30 +0200)] 
openssl: security update to 0.9.8x (CVE-2012-2333).

Invalid TLS/DTLS record attack (CVE-2012-2333)
===============================================

A flaw in the OpenSSL handling of CBC mode ciphersuites in TLS 1.1, 1.2 and
DTLS can be exploited in a denial of service attack on both clients and
servers.

DTLS applications are affected in all versions of OpenSSL. TLS is only
affected in OpenSSL 1.0.1 and later.

Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic fuzzing
as a service testing platform.

The fix was developed by Stephen Henson of the OpenSSL core team.

Affected users should upgrade to OpenSSL 1.0.1c, 1.0.0j or 0.9.8x

References
==========

URL for this Security Advisory:
http://www.openssl.org/news/secadv_20120510.txt

9 years agoMerge remote-tracking branch 'origin/next' into kernel-update
Arne Fitzenreiter [Wed, 9 May 2012 18:51:23 +0000 (20:51 +0200)] 
Merge remote-tracking branch 'origin/next' into kernel-update

9 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Sun, 6 May 2012 10:54:13 +0000 (12:54 +0200)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

9 years agotraceroute: update to 2.0.18 and fix name resolution.
Arne Fitzenreiter [Sun, 6 May 2012 10:51:14 +0000 (12:51 +0200)] 
traceroute: update to 2.0.18 and fix name resolution.

fixes #10097

9 years agoMerge remote-tracking branch 'origin/next' into kernel-update
Arne Fitzenreiter [Sat, 5 May 2012 22:54:05 +0000 (00:54 +0200)] 
Merge remote-tracking branch 'origin/next' into kernel-update

9 years agostrongswan: update to 4.6.3.
Arne Fitzenreiter [Sat, 5 May 2012 21:25:07 +0000 (23:25 +0200)] 
strongswan: update to 4.6.3.

9 years agopython: update to 2.7.3.
Arne Fitzenreiter [Sat, 5 May 2012 21:23:53 +0000 (23:23 +0200)] 
python: update to 2.7.3.

9 years agofix core58 merge problem.
Arne Fitzenreiter [Sat, 5 May 2012 21:21:18 +0000 (23:21 +0200)] 
fix core58 merge problem.

9 years agocore59: add openssl to core update.
Arne Fitzenreiter [Sat, 5 May 2012 21:19:36 +0000 (23:19 +0200)] 
core59: add openssl to core update.

9 years agokernel: updated omap kernel to 2.6.40.30 aka 3.0.30.
Arne Fitzenreiter [Sat, 5 May 2012 09:04:25 +0000 (11:04 +0200)] 
kernel: updated omap kernel to 2.6.40.30 aka 3.0.30.

9 years agoMerge remote-tracking branch 'origin/next' into kernel-update
Arne Fitzenreiter [Fri, 4 May 2012 09:58:41 +0000 (11:58 +0200)] 
Merge remote-tracking branch 'origin/next' into kernel-update

9 years agoopenssl: security update to 0.9.8w. (CVE-2012-2131).
Arne Fitzenreiter [Wed, 2 May 2012 17:42:02 +0000 (19:42 +0200)] 
openssl: security update to 0.9.8w. (CVE-2012-2131).

SN1 BIO incomplete fix (CVE-2012-2131)
=======================================

It was discovered that the fix for CVE-2012-2110 released on 19 Apr
2012 was not sufficient to correct the issue for OpenSSL 0.9.8.

Please see http://www.openssl.org/news/secadv_20120419.txt for details
of that vulnerability.

This issue only affects OpenSSL 0.9.8v.  OpenSSL 1.0.1a and 1.0.0i
already contain a patch sufficient to correct CVE-2012-2110.

Thanks to Red Hat for discovering and fixing this issue.

Affected users should upgrade to 0.9.8w.

References
==========

URL for this Security Advisory:
http://www.openssl.org/news/secadv_20120424.txt

9 years agoMerge branch 'master' into next
Arne Fitzenreiter [Wed, 2 May 2012 14:55:26 +0000 (16:55 +0200)] 
Merge branch 'master' into next

9 years agosamba: security update to 3.5.15. (CVE-2012-2111).
Arne Fitzenreiter [Wed, 2 May 2012 08:10:07 +0000 (10:10 +0200)] 
samba: security update to 3.5.15. (CVE-2012-2111).

This security release addresses CVE-2012-2111 (incorrect permission checks when
granting/removing privileges could compromise file server security).

9 years agoMerge remote-tracking branch 'origin/master' into kernel-update
Arne Fitzenreiter [Tue, 10 Apr 2012 18:30:23 +0000 (20:30 +0200)] 
Merge remote-tracking branch 'origin/master' into kernel-update