Hello development folks,
as discussed yesterday (https://wiki.ipfire.org/devel/telco/2022-06-13), I would like to close the merge window for Core Update 169 by the end of this week (i.e. Sunday).
Currently, the update features a toolchain update, to bring some GCC fixes to our users. An updated kernel plugs several recently disclosed security vulnerabilities, some of them related to BPF. None of them is critical and/or remotely exploitable, but they leverage local privilege escalation, which we don't want in IPFire. :-) Lastly, an updated linux-firmware petting zoo brings all the shiny proprietary firmware of various vendors to our users, and we can only hope that they benefit from whatever changes were made in all these binary blobs.
Currently, the update is pretty large (95 MBytes) already. Should any of you have changes in the pipeline that are space-intensive, I would like to abstain from including them in C169, and rather put them into C170.
Michael's OpenVPN 2FA merge request is yet to come, and I need to update U-Boot.
To cut it short, please submit patches you want to have in C169 soon. It is my intention to provide our users with a testing Core Update as soon as possible, ideally not waiting as long for the final release as we unfortunately had to with C168.
Stay safe, and best regards, Peter Müller
Hi,
Done.
'bind 9.16.30' just came out...
Running here.
Best, Matthias
On 14.06.2022 14:00, Peter Müller wrote:
Hello development folks,
as discussed yesterday (https://wiki.ipfire.org/devel/telco/2022-06-13), I would like to close the merge window for Core Update 169 by the end of this week (i.e. Sunday).
Currently, the update features a toolchain update, to bring some GCC fixes to our users. An updated kernel plugs several recently disclosed security vulnerabilities, some of them related to BPF. None of them is critical and/or remotely exploitable, but they leverage local privilege escalation, which we don't want in IPFire. :-) Lastly, an updated linux-firmware petting zoo brings all the shiny proprietary firmware of various vendors to our users, and we can only hope that they benefit from whatever changes were made in all these binary blobs.
Currently, the update is pretty large (95 MBytes) already. Should any of you have changes in the pipeline that are space-intensive, I would like to abstain from including them in C169, and rather put them into C170.
Michael's OpenVPN 2FA merge request is yet to come, and I need to update U-Boot.
To cut it short, please submit patches you want to have in C169 soon. It is my intention to provide our users with a testing Core Update as soon as possible, ideally not waiting as long for the final release as we unfortunately had to with C168.
Stay safe, and best regards, Peter Müller
-
Matthias Fischer -
Peter Müller