This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via 1d3698fc00d4189fbf90739039f4b3b110fb8b27 (commit) via c7e79ba6020904fb42308cd687197d353cd93383 (commit) via 35d361d72e3fd67689c331c6122e380fddae94f3 (commit) via 1eba21f2a8e5f9e04e5e5924152aff95faf02772 (commit) via 996b64e5130ddfd5caf12ba5b1aecfa6494df2d7 (commit) via 82d0a717433cdaf4ee16d2876c2cb282f47374f9 (commit) via 2bd5209d49f902894c4989ff8ca3cf603dd08a83 (commit) from 714ef1cf953745a3c73f900d8012bf3aadd2f9e0 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 1d3698fc00d4189fbf90739039f4b3b110fb8b27 Author: Arne Fitzenreiter arne_f@ipfire.org Date: Tue May 19 19:45:29 2020 +0000
core145: add bind
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit c7e79ba6020904fb42308cd687197d353cd93383 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Tue May 19 14:38:11 2020 +0200
bind: Update to 9.11.19
For details see: https://downloads.isc.org/isc/bind9/9.11.19/RELEASE-NOTES-bind-9.11.19.html
"Security Fixes
To prevent exhaustion of server resources by a maliciously configured domain, the number of recursive queries that can be triggered by a request before aborting recursion has been further limited. Root and top-level domain servers are no longer exempt from the max-recursion-queries limit. Fetches for missing name server address records are limited to 4 for any domain. This issue was disclosed in CVE-2020-8616. [GL #1388]
Replaying a TSIG BADTIME response as a request could trigger an assertion failure. This was disclosed in CVE-2020-8617. [GL #1703]
Feature Changes
Message IDs in inbound AXFR transfers are now checked for consistency. Log messages are emitted for streams with inconsistent message IDs. [GL #1674]
Bug Fixes
When running on a system with support for Linux capabilities, named drops root privileges very soon after system startup. This was causing a spurious log message, "unable to set effective uid to 0: Operation not permitted", which has now been silenced. [GL #1042] [GL #1090]
When named-checkconf -z was run, it would sometimes incorrectly set its exit code. It reflected the status of the last view found; if zone-loading errors were found in earlier configured views but not in the last one, the exit code indicated success. Thanks to Graham Clinch. [GL #1807]
When built without LMDB support, named failed to restart after a zone with a double quote (") in its name was added with rndc addzone. Thanks to Alberto Fernández. [GL #1695]"
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit 35d361d72e3fd67689c331c6122e380fddae94f3 Author: Arne Fitzenreiter arne_f@ipfire.org Date: Tue May 19 19:43:39 2020 +0000
core145: stop/start suricata and squid
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit 1eba21f2a8e5f9e04e5e5924152aff95faf02772 Author: Arne Fitzenreiter arne_f@ipfire.org Date: Tue May 19 19:41:22 2020 +0000
core145: restart squid
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit 996b64e5130ddfd5caf12ba5b1aecfa6494df2d7 Author: Arne Fitzenreiter arne_f@ipfire.org Date: Tue May 19 19:39:30 2020 +0000
core145: add unbound
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit 82d0a717433cdaf4ee16d2876c2cb282f47374f9 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Tue May 19 14:17:58 2020 +0200
unbound: Update to 1.10.1
For details see: https://lists.nlnetlabs.nl/pipermail/unbound-users/2020-May/006833.html
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Reviewed-by: Peter Müller peter.mueller@ipfire.org Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit 2bd5209d49f902894c4989ff8ca3cf603dd08a83 Author: Peter Müller peter.mueller@ipfire.org Date: Tue May 19 10:46:59 2020 +0000
Tor: update to 0.4.3.5
Please refer to https://blog.torproject.org/node/1872 for release notes.
Signed-off-by: Peter Müller peter.mueller@ipfire.org Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
-----------------------------------------------------------------------
Summary of changes: config/rootfiles/common/bind | 4 ++-- config/rootfiles/common/unbound | 2 +- config/rootfiles/{oldcore/100 => core/145}/filelists/bind | 0 config/rootfiles/{oldcore/106 => core/145}/filelists/unbound | 0 config/rootfiles/core/145/update.sh | 6 ++++++ lfs/bind | 4 ++-- lfs/tor | 6 +++--- lfs/unbound | 6 +++--- 8 files changed, 17 insertions(+), 11 deletions(-) copy config/rootfiles/{oldcore/100 => core/145}/filelists/bind (100%) copy config/rootfiles/{oldcore/106 => core/145}/filelists/unbound (100%)
Difference in files: diff --git a/config/rootfiles/common/bind b/config/rootfiles/common/bind index 8c6f7983c..d70ce3272 100644 --- a/config/rootfiles/common/bind +++ b/config/rootfiles/common/bind @@ -271,7 +271,7 @@ usr/lib/libbind9.so.161.0.4 #usr/lib/libdns.la #usr/lib/libdns.so usr/lib/libdns.so.1110 -usr/lib/libdns.so.1110.0.1 +usr/lib/libdns.so.1110.0.2 #usr/lib/libisc.la #usr/lib/libisc.so usr/lib/libisc.so.1105 @@ -283,7 +283,7 @@ usr/lib/libisccc.so.161.0.1 #usr/lib/libisccfg.la #usr/lib/libisccfg.so usr/lib/libisccfg.so.163 -usr/lib/libisccfg.so.163.0.6 +usr/lib/libisccfg.so.163.0.7 #usr/lib/liblwres.la #usr/lib/liblwres.so usr/lib/liblwres.so.161 diff --git a/config/rootfiles/common/unbound b/config/rootfiles/common/unbound index 945b08507..cfa8d8ae5 100644 --- a/config/rootfiles/common/unbound +++ b/config/rootfiles/common/unbound @@ -11,7 +11,7 @@ etc/unbound/unbound.conf #usr/lib/libunbound.la #usr/lib/libunbound.so usr/lib/libunbound.so.8 -usr/lib/libunbound.so.8.1.7 +usr/lib/libunbound.so.8.1.8 #usr/lib/pkgconfig/libunbound.pc usr/sbin/unbound usr/sbin/unbound-anchor diff --git a/config/rootfiles/core/145/filelists/bind b/config/rootfiles/core/145/filelists/bind new file mode 120000 index 000000000..48a0ebaef --- /dev/null +++ b/config/rootfiles/core/145/filelists/bind @@ -0,0 +1 @@ +../../../common/bind \ No newline at end of file diff --git a/config/rootfiles/core/145/filelists/unbound b/config/rootfiles/core/145/filelists/unbound new file mode 120000 index 000000000..66adf0924 --- /dev/null +++ b/config/rootfiles/core/145/filelists/unbound @@ -0,0 +1 @@ +../../../common/unbound \ No newline at end of file diff --git a/config/rootfiles/core/145/update.sh b/config/rootfiles/core/145/update.sh index 475641d38..45177e158 100644 --- a/config/rootfiles/core/145/update.sh +++ b/config/rootfiles/core/145/update.sh @@ -47,6 +47,8 @@ done
# Stop services /etc/init.d/vnstat stop +/etc/init.d/squid stop +/etc/init.d/suricata stop
# Prepare OpenVPN for update /usr/local/bin/openvpnctrl -k @@ -63,8 +65,12 @@ rm /etc/rc.d/rc0.d/K45random rm /etc/rc.d/rc6.d/K45random mv /etc/rc.d/rc3.d/S00random /etc/rc.d/rcsysinit.d/S66random mv /etc/rc.d/rcsysinit.d/S92rngd /etc/rc.d/rcsysinit.d/S65rngd + # Start services /etc/init.d/vnstat start +/etc/init.d/unbound restart +/etc/init.d/suricata start +/etc/init.d/squid start
# Start OpenVPN again /usr/local/bin/openvpnctrl -s diff --git a/lfs/bind b/lfs/bind index 1d5bca986..4d0602eda 100644 --- a/lfs/bind +++ b/lfs/bind @@ -25,7 +25,7 @@
include Config
-VER = 9.11.18 +VER = 9.11.19
THISAPP = bind-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -43,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 83144af1532ba16e95f90b42036ef519 +$(DL_FILE)_MD5 = 41bc2c6509a4c324e16775b462608820
install : $(TARGET)
diff --git a/lfs/tor b/lfs/tor index 83ffa7371..ec08bf0f3 100644 --- a/lfs/tor +++ b/lfs/tor @@ -24,7 +24,7 @@
include Config
-VER = 0.4.2.7 +VER = 0.4.3.5
THISAPP = tor-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = tor -PAK_VER = 48 +PAK_VER = 49
DEPS = libseccomp
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = a4b338b9f7444f4f89259c9736ff74c8 +$(DL_FILE)_MD5 = 0ad32a560bce8eeb64496d2a0fd8035c
install : $(TARGET)
diff --git a/lfs/unbound b/lfs/unbound index 14c1bca5b..c119d6b2d 100644 --- a/lfs/unbound +++ b/lfs/unbound @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2019 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2020 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 1.10.0 +VER = 1.10.1
THISAPP = unbound-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 0754392baee77c18fd8295b5e51e6fd8 +$(DL_FILE)_MD5 = 48f8ee02d0d92603a8d7f4fda7152da0
install : $(TARGET)
hooks/post-receive -- IPFire 2.x development tree