This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via 27d1dc083ecc49cd11f57b975f8daf599eb436f4 (commit) via b074ebd6ad688124d5dfdcc2ed614040553afd7e (commit) from 1ad192722a9ecd0b0f0afc008da020b9534e57d6 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 27d1dc083ecc49cd11f57b975f8daf599eb436f4 Author: Peter Müller peter.mueller@ipfire.org Date: Thu May 12 18:06:59 2022 +0000
Core Update 168: Ship and restart strongSwan
Signed-off-by: Peter Müller peter.mueller@ipfire.org
commit b074ebd6ad688124d5dfdcc2ed614040553afd7e Author: Peter Müller peter.mueller@ipfire.org Date: Thu May 12 18:04:52 2022 +0000
strongSwan: Update to 5.9.6
See: https://github.com/strongswan/strongswan/releases/tag/5.9.6
Since this addresses security issues, and also with regards to reports such as https://community.ipfire.org/t/core-update-167-ipsec-issue/7893, I take the liberty to push this straight into Core Update 168.
Signed-off-by: Peter Müller peter.mueller@ipfire.org
-----------------------------------------------------------------------
Summary of changes: config/rootfiles/{oldcore/106 => core/168}/filelists/strongswan | 0 config/rootfiles/core/168/update.sh | 4 ++++ lfs/strongswan | 4 ++-- 3 files changed, 6 insertions(+), 2 deletions(-) copy config/rootfiles/{oldcore/106 => core/168}/filelists/strongswan (100%)
Difference in files: diff --git a/config/rootfiles/core/168/filelists/strongswan b/config/rootfiles/core/168/filelists/strongswan new file mode 120000 index 000000000..90c727e26 --- /dev/null +++ b/config/rootfiles/core/168/filelists/strongswan @@ -0,0 +1 @@ +../../../common/strongswan \ No newline at end of file diff --git a/config/rootfiles/core/168/update.sh b/config/rootfiles/core/168/update.sh index d21f648dd..e11e08b7f 100644 --- a/config/rootfiles/core/168/update.sh +++ b/config/rootfiles/core/168/update.sh @@ -32,6 +32,7 @@ for (( i=1; i<=$core; i++ )); do done
# Stop services +/etc/init.d/ipsec stop /etc/init.d/squid stop /usr/local/bin/openvpnctrl -k /usr/local/bin/openvpnctrl -kn2n @@ -128,6 +129,9 @@ esac /usr/local/bin/openvpnctrl -s /usr/local/bin/openvpnctrl -sn2n /etc/init.d/suricata start +if grep -q "ENABLED=on" /var/ipfire/vpn/settings; then + /etc/init.d/ipsec start +fi
# This update needs a reboot... touch /var/run/need_reboot diff --git a/lfs/strongswan b/lfs/strongswan index ae1be29f4..a32c103d7 100644 --- a/lfs/strongswan +++ b/lfs/strongswan @@ -24,7 +24,7 @@
include Config
-VER = 5.9.5 +VER = 5.9.6
THISAPP = strongswan-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 8b3adc44d5f5eb3824845ce9eda75e7b75f0f7394fbe84f827f4a8177e5299ca7170103ee6cd76e1e18aef85d7f124a43a505ceaf41ec4ed575eb214ebb6af21 +$(DL_FILE)_BLAKE2 = 4021a10611e66f9e2e4e432bdfb9de0f94d27ba1be1b7d4e4b8bf3cd797c123658993e60eb3d49c424b479558e9581bb069a345a70f55850d1faf5abaa401246
install : $(TARGET)
hooks/post-receive -- IPFire 2.x development tree