git.ipfire.org Git - people/ummeegge/ipfire-2.x.git/log

]> git.ipfire.org Git - people/ummeegge/ipfire-2.x.git/log

projects / people / ummeegge / ipfire-2.x.git / log

Michael Tremer [Thu, 20 Apr 2017 11:53:53 +0000 (12:53 +0100)]

IPsec: Mark MODP<=1024 and MD5 as broken and SHA1 as weak

Since we somehow have to support these algorithms this patch
adds some information for the user that it is very strongly
discouraged to use them in production.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Thu, 20 Apr 2017 11:44:27 +0000 (12:44 +0100)]

IPsec: Allow using MODP-768 in proposal

MODP-768 is broken but some systems out there (for example old
Cisco ASAs) do not support anything better. Hence it is better
to allow this instead of using no VPN at all.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Sun, 9 Apr 2017 22:35:50 +0000 (00:35 +0200)]

libevent2: Update to 2.1.8-stable

Contains lots of build- and bugfixes since 2.0.22 - for details see:
https://raw.githubusercontent.com/libevent/libevent/release-2.1.8-stable/ChangeLog

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Wed, 19 Apr 2017 05:39:28 +0000 (07:39 +0200)]

kernel: update to 4.9.23

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Wed, 19 Apr 2017 13:26:06 +0000 (15:26 +0200)]

Revert "gdbm: update to 1.13"

This reverts commit dc539daf8823ef97c931f12b514453c25e867c45.

With "gdbm-Update to 1.13", 'php 5.3.27' failed to build.

Best,
Matthias

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Wed, 19 Apr 2017 08:10:05 +0000 (10:10 +0200)]

php 5.3.27: Source format improvements

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Thu, 13 Apr 2017 07:08:21 +0000 (09:08 +0200)]

cups-filters: Fix for lfs-file (dropped avahi package)

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Wed, 12 Apr 2017 16:35:43 +0000 (17:35 +0100)]

avahi: Drop package

The daemon locks up when starting up in avahi_log_info() and
probably the other logging functions, too.

Since avahi is not really used a lot in the distribution,
has been in testing for four years and has virtually no users
I am going to drop it instead of wasting time on fixing this.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Marcel Lorenz [Tue, 18 Apr 2017 12:56:05 +0000 (14:56 +0200)]

git: update to 2.12.1

Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Sun, 16 Apr 2017 21:01:33 +0000 (23:01 +0200)]

BUG 11318: Fix deletion of temporary files from IPTables-GUI

For details see:
https://bugzilla.ipfire.org/show_bug.cgi?id=11318

Temporary files for 'iptables', 'iptablesmangle' and 'iptablesnat' created by
'iptables.cgi' were not deleted after use but stayed in '/srv/weg/ipfire/html/'.

As a workaround I changed 'getipstat.c' to create these files in '/var/tmp' and the
"open (file..." and "rm" commands in 'iptables.cgi'.

Works here.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Mon, 17 Apr 2017 12:25:59 +0000 (14:25 +0200)]

libevent2-compat: newpackage

Keeps older packages that have been linked
against this version of libevent2 working.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Sun, 16 Apr 2017 22:16:02 +0000 (00:16 +0200)]

Fix for guardian-CGI: As a result of fixing BUG11318

This is necessary because commit bf1985fae5baca327fcded31264f45638442f02e changes the
place where temporary files from 'iptables' are stored.

Some typos where fixed, too.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 17 Apr 2017 11:36:49 +0000 (12:36 +0100)]

Rootfile update

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Sun, 16 Apr 2017 17:36:22 +0000 (19:36 +0200)]

Build python3-libvirt only on i586 and x86_64

Libvirt is build only on these arches and the bindings make only with
libvirt sense so we should build them only on these two arches too.

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Sat, 15 Apr 2017 13:56:22 +0000 (15:56 +0200)]

Add package python3-libvirt

This new package provides the python3 bindings for libvirt.

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Marcel Lorenz [Sun, 16 Apr 2017 17:35:50 +0000 (19:35 +0200)]

gdbm: update to 1.13

Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Sat, 15 Apr 2017 13:48:54 +0000 (15:48 +0200)]

Update python3 to 3.6.1

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Sun, 16 Apr 2017 12:13:33 +0000 (14:13 +0200)]

ipset: Update to 6.32

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Sun, 16 Apr 2017 12:38:46 +0000 (14:38 +0200)]

coreutils: Update to 8.27

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Sat, 15 Apr 2017 12:01:30 +0000 (14:01 +0200)]

Update libvirt to 3.1.0

This patch update the libvirt library to version 3.1.0
We can not update to the latest version in the moment because version
3.2.0 has a annoying bug.

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Sun, 16 Apr 2017 12:11:10 +0000 (14:11 +0200)]

bind: Update to 9.11.0-P5

For details see:
https://ftp.isc.org/isc/bind9/9.11.0-P5/RELEASE-NOTES-bind-9.11.0-P5.html

"BIND 9.11.0-P5 addresses the security issues described in CVE-2017-3136,
CVE-2017-3137, and CVE-2017-3138, and updates the built-in trusted keys for the root zone.

Security Fixes

rndc "" could trigger an assertion failure in named. This flaw is disclosed in
(CVE-2017-3138). [RT #44924]

Some chaining (i.e., type CNAME or DNAME) responses to upstream queries could
trigger assertion failures. This flaw is disclosed in CVE-2017-3137. [RT #44734]

dns64 with break-dnssec yes; can result in an assertion failure. This flaw is
disclosed in CVE-2017-3136. [RT #44653]

If a server is configured with a response policy zone (RPZ) that rewrites an
answer with local data, and is also configured for DNS64 address mapping, a NULL
pointer can be read triggering a server crash. This flaw is disclosed in CVE-2017-3135.
[RT #44434]

A coding error in the nxdomain-redirect feature could lead to an assertion failure if
the redirection namespace was served from a local authoritative data source such as a
local zone or a DLZ instead of via recursive lookup. This flaw is disclosed in
CVE-2016-9778. [RT #43837]

named could mishandle authority sections with missing RRSIGs, triggering an assertion
failure. This flaw is disclosed in CVE-2016-9444. [RT #43632]

named mishandled some responses where covering RRSIG records were returned without the
requested data, resulting in an assertion failure. This flaw is disclosed in
CVE-2016-9147. [RT #43548]

named incorrectly tried to cache TKEY records which could trigger an assertion failure
when there was a class mismatch. This flaw is disclosed in CVE-2016-9131. [RT #43522]

It was possible to trigger assertions when processing responses containing answers of
type DNAME. This flaw is disclosed in CVE-2016-8864. [RT #43465]

Bug Fixes

A synthesized CNAME record appearing in a response before the associated DNAME could be
cached, when it should not have been. This was a regression introduced while addressing
CVE-2016-8864. [RT #44318]

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Thu, 13 Apr 2017 07:08:21 +0000 (09:08 +0200)]

cups-filters: Fix for lfs-file (dropped avahi package)

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Thu, 13 Apr 2017 06:10:35 +0000 (08:10 +0200)]

kernel: update to 4.9.22

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Wed, 12 Apr 2017 16:35:43 +0000 (17:35 +0100)]

commit | commitdiff | tree

Michael Tremer [Tue, 11 Apr 2017 13:26:57 +0000 (14:26 +0100)]

graphs.pl: Fix HTML syntax error

The missing ' caused that a different URL was called

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 11 Apr 2017 13:26:57 +0000 (14:26 +0100)]

graphs.pl: Fix HTML syntax error

The missing ' caused that a different URL was called

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Mon, 10 Apr 2017 12:10:28 +0000 (14:10 +0200)]

kbd 1.12: Update for rootfile

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Sun, 9 Apr 2017 16:19:49 +0000 (18:19 +0200)]

rrdtool 1.6.0: fix for rootfile

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 11 Apr 2017 13:11:16 +0000 (14:11 +0100)]

ltrace: New package

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 11 Apr 2017 13:10:53 +0000 (14:10 +0100)]

elfutils: Update rootfile

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 11 Apr 2017 12:05:53 +0000 (13:05 +0100)]

elfutils: New package

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 11 Apr 2017 12:05:22 +0000 (13:05 +0100)]

dbus: Update to 1.11.12

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Tue, 11 Apr 2017 06:06:55 +0000 (08:06 +0200)]

kernel: update to 4.9.21

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

commit | commitdiff | tree

Timo Eissler [Fri, 7 Apr 2017 19:59:40 +0000 (21:59 +0200)]

nmap: remove uninstall_ndiff from rootfile

Signed-off-by: Timo Eissler <timo.eissler@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Sat, 8 Apr 2017 04:57:56 +0000 (06:57 +0200)]

attr: rootfile update

there must be a problem at log generation. sometimes
some manpages are not listed in the log.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Fri, 7 Apr 2017 22:04:48 +0000 (00:04 +0200)]

mpd: disable smbclient

because it has many dependencies and spit allot of error messages.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Fri, 7 Apr 2017 21:13:09 +0000 (23:13 +0200)]

core110: fix legacy theme css path

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Fri, 7 Apr 2017 15:35:05 +0000 (17:35 +0200)]

Merge remote-tracking branch 'origin/master' into core110

commit | commitdiff | tree

Michael Tremer [Fri, 7 Apr 2017 11:05:35 +0000 (12:05 +0100)]

core110: Ship updated legacy style CSS

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 7 Apr 2017 11:04:02 +0000 (12:04 +0100)]

pakfire: Fix dependency resolver

The old algorithm could potentially lock itself in an endless
recursion when there were packages with circular dependencies.

This version does not do this and is also faster.

Reported-by: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Fri, 7 Apr 2017 10:09:51 +0000 (12:09 +0200)]

attr: update rootfile

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Fri, 7 Apr 2017 10:02:50 +0000 (12:02 +0200)]

mpd: back to 0.19.19 because 0.20.x not work on arm softfloat

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Thu, 6 Apr 2017 18:12:06 +0000 (19:12 +0100)]

QoS: Enable IMQ multi queueing

This increases throughput when QoS is activated
since now all available CPU cores will be used

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Thu, 6 Apr 2017 18:00:45 +0000 (19:00 +0100)]

Rootfile update

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Thu, 6 Apr 2017 11:52:10 +0000 (12:52 +0100)]

dhcp: Fix extracting bundled BIND package

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Marcel Lorenz [Fri, 17 Mar 2017 14:50:03 +0000 (15:50 +0100)]

gcc: update to 4.9.4

This is only a bugfix release
https://gcc.gnu.org/gcc-4.9/changes.html

Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Marcel Lorenz [Fri, 17 Mar 2017 15:00:04 +0000 (16:00 +0100)]

mpfr: update to 3.1.5

Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Marcel Lorenz [Fri, 17 Mar 2017 14:26:06 +0000 (15:26 +0100)]

gmp: update to 6.1.2

Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Marcel Lorenz [Fri, 17 Mar 2017 14:20:07 +0000 (15:20 +0100)]

pcre: update to 8.40

Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Marcel Lorenz [Fri, 17 Mar 2017 14:11:12 +0000 (15:11 +0100)]

rrdtool: update to 1.6.0

Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Marcel Lorenz [Fri, 17 Mar 2017 15:11:36 +0000 (16:11 +0100)]

pkg-config: update to 0.29.1

Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Marcel Lorenz [Fri, 17 Mar 2017 15:16:57 +0000 (16:16 +0100)]

nmap: update to 7.40

Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Marcel Lorenz [Fri, 17 Mar 2017 15:23:13 +0000 (16:23 +0100)]

m4: update to 1.4.18

Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Marcel Lorenz [Sat, 18 Mar 2017 10:16:16 +0000 (11:16 +0100)]

acpid: update to 2.0.28

Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Marcel Lorenz [Sat, 18 Mar 2017 10:25:05 +0000 (11:25 +0100)]

unzip: update to 60

Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Thu, 6 Apr 2017 09:04:34 +0000 (10:04 +0100)]

gzip: Drop patch that is no longer applied

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Marcel Lorenz [Sat, 18 Mar 2017 10:30:31 +0000 (11:30 +0100)]

gzip: update to 1.8

Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Marcel Lorenz [Wed, 22 Mar 2017 11:41:55 +0000 (12:41 +0100)]

file: update to 5.30

Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Wed, 5 Apr 2017 15:44:55 +0000 (17:44 +0200)]

logwatch 7.4.3: next fix, output for 'lm_sensors' was missing

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Wed, 5 Apr 2017 11:42:14 +0000 (13:42 +0200)]

logwatch 7.4.3: some more fixes for rootfile

Hi,

'eximstats', 'zz-sys' and 'resolver'-files were missing.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Daniel Weismüller [Wed, 5 Apr 2017 10:25:16 +0000 (12:25 +0200)]

netsnmpd: added lmsensors and some other mibs

Signed-off-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Wed, 5 Apr 2017 11:16:52 +0000 (12:16 +0100)]

IPsec: Include Curve 25519 in default proposal

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Wed, 5 Apr 2017 11:15:20 +0000 (12:15 +0100)]

IPsec: Allow selecting Curve 25519 as group type

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Wed, 5 Apr 2017 11:08:39 +0000 (12:08 +0100)]

strongswan: Update to version 5.5.2

Introduces support for Curve25519 for IKE as defined by RFC8031.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Wed, 5 Apr 2017 10:42:55 +0000 (11:42 +0100)]

IPsec: Drop SHA1 and MODP<=1536 from proposed ciphers

IPsec is still proposing to use SHA1 and MODP-1536 or MODP-1024
when initiating a connection. These are considered weak although
many off-the-shelf hardware is still using this as defaults.

This patch disables those algorithms and additionally changes
default behaviour to only accept the configured cipher suites.

This might create some interoperability issues, but increases
security of IPFire-to-IPFire IPsec connections.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Wed, 5 Apr 2017 09:33:49 +0000 (10:33 +0100)]

ipsecctrl: Reload IPsec block rules after connection is deleted

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Tue, 4 Apr 2017 10:45:12 +0000 (12:45 +0200)]

logwatch: Update to 7.4.3

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Tue, 4 Apr 2017 10:38:33 +0000 (12:38 +0200)]

logwatch 7.4.1: another fix for rootfile

Hi,

similar to:

http://git.ipfire.org/?p=people/mfischer/ipfire-2.x.git;a=commit;h=9f46e637ac345509ff75248d1087b1bff117ff20

A missing '#' for "usr/share/logwatch/default.conf/services" in rootfile.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Mon, 3 Apr 2017 22:46:38 +0000 (00:46 +0200)]

logwatch 7.4.1: fix for rootfile

Hi,

One missing '#' and all underlying 'services' in 'usr/share/logwatch/scripts/services'
are installed. 147 files are active, but it should be only 33.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Tue, 4 Apr 2017 19:32:28 +0000 (21:32 +0200)]

Merge remote-tracking branch 'origin/master' into core110

commit | commitdiff | tree

Michael Tremer [Tue, 4 Apr 2017 18:08:34 +0000 (19:08 +0100)]

openssh: Remove deprecated configuration options

This was used for SSH version 1 which is not supported
any more

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 4 Apr 2017 17:59:44 +0000 (18:59 +0100)]

apache only supports MaxClients up to 256

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Tue, 4 Apr 2017 17:14:31 +0000 (19:14 +0200)]

mpd: mpd needs opus libs

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Tue, 4 Apr 2017 17:14:31 +0000 (19:14 +0200)]

mpd: mpd needs opus libs

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Mon, 3 Apr 2017 21:04:59 +0000 (23:04 +0200)]

Merge branch 'next'

commit | commitdiff | tree

Arne Fitzenreiter [Mon, 3 Apr 2017 21:04:03 +0000 (23:04 +0200)]

core110: finish update

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Mon, 3 Apr 2017 19:26:44 +0000 (21:26 +0200)]

squid: Update to 3.5.25

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Sun, 2 Apr 2017 08:09:08 +0000 (10:09 +0200)]

squid 3.5.24: latest patches (14149-14153)

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Mon, 27 Feb 2017 17:38:17 +0000 (18:38 +0100)]

squid 3.5.24: latest patches (14144-14148)

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Sun, 26 Feb 2017 20:21:30 +0000 (21:21 +0100)]

squid 3.5.24: latest patch (14143)

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 2 Apr 2017 18:48:20 +0000 (19:48 +0100)]

DNS: Show DNSSEC status on index page if deavtivated

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Fri, 31 Mar 2017 19:44:59 +0000 (21:44 +0200)]

kernel: update to 4.9.20

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Thu, 30 Mar 2017 22:18:26 +0000 (00:18 +0200)]

kernel: update to 4.9.19

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 28 Mar 2017 16:20:50 +0000 (17:20 +0100)]

core110: Ship updated ntp package

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Sat, 25 Mar 2017 21:25:09 +0000 (22:25 +0100)]

ntp: Update to 4.2.8p10

"It addresses 6 medum- and 5 low-severity security issues, 4 informational security topics,
15 bugfixes, and contains other improvements over 4.2.8p9."

For a complete list, see:
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Sat, 25 Mar 2017 21:44:55 +0000 (22:44 +0100)]

mpd 0.20.6: fixes for lfs-file

Package refused to build without initscript.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Mon, 27 Mar 2017 19:01:54 +0000 (21:01 +0200)]

motion 4.0.1: suggested new rootfile

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Matthias Fischer [Sat, 25 Mar 2017 21:50:18 +0000 (22:50 +0100)]

motion: Update to 4.0.1

'ffmpeg' seems to need this update.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 28 Mar 2017 16:15:35 +0000 (17:15 +0100)]

network: Create route to gateway

Some hosters have their gateway in a different subnet than
the RED interface is to save IPv4 address space.

This patch sets a host route to that gateway so that
IPFire can be installed in data centres that use such
technique.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 28 Mar 2017 16:14:41 +0000 (17:14 +0100)]

setup: Allow setting netmask to 255.255.255.255

Some hosters require that the subnet mask of the RED network
is set to 255.255.255.255. This was not possible to save before.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 28 Mar 2017 09:29:03 +0000 (10:29 +0100)]

unbound: Increase memory size on even larger systems

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 28 Mar 2017 09:25:39 +0000 (10:25 +0100)]

unbound: Double buffer size

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 28 Mar 2017 09:24:40 +0000 (10:24 +0100)]

unbound: Increase size of send/receive buffers

This will allow to not drop any packets when there is a
peak in queries

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 28 Mar 2017 09:17:33 +0000 (10:17 +0100)]

unbound: Re-use UDP sockets

This will make UDP queries faster

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 28 Mar 2017 09:16:56 +0000 (10:16 +0100)]

unbound: Increase number of parallel queries

The parameters are the recommended values for libevent

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Mon, 27 Mar 2017 04:31:46 +0000 (06:31 +0200)]

kernel: update to 4.9.18

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Mon, 27 Mar 2017 04:07:47 +0000 (06:07 +0200)]

kernel: fix e1000e hung at stats update.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

commit | commitdiff | tree

Marcel Lorenz [Wed, 15 Mar 2017 13:32:47 +0000 (14:32 +0100)]

mpd: update to 0.20.6

Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Arne Fitzenreiter [Sat, 25 Mar 2017 09:43:55 +0000 (10:43 +0100)]

kernel: fix igb crash if update_stats was often used.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 24 Mar 2017 12:24:42 +0000 (13:24 +0100)]

ipsec: Do not reject connections in on-demand mode

When an on-demand VPN connection is not up, the packets will
traverse the firewall and be rejected by the IPSECBLOCK chain
which will cause that an ICMP error message will be sent to
the client. If that does not happen and the packet is being
silently dropped, the client will retransmit and by then
the VPN connection will hopefully be up.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

IPFire 2.x development tree

RSS Atom