This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via 730e96c98b5432104f5394aabfc55a05bef39e0e (commit) via c33d30d8f99bc06737739857c316b35ea87d759b (commit) via 4a22b1f4f59e44499997d5c218c11bcdb4d0d38c (commit) via 482634a1d3b55d9e4697abbd5e04ea074d6805ee (commit) from 29e0faba1a0bf5884f1cef8490b8db833cb684d5 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 730e96c98b5432104f5394aabfc55a05bef39e0e Author: Stephan Feddersen sfeddersen@ipfire.org Date: Tue Feb 16 22:45:07 2021 +0100
WIO - Patch PPPOE show right Icon
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit c33d30d8f99bc06737739857c316b35ea87d759b Author: Matthias Fischer matthias.fischer@ipfire.org Date: Fri Feb 19 18:51:14 2021 +0100
krb5: Update to 1.19.1
For details see: https://web.mit.edu/kerberos/krb5-1.19/README-1.19.1.txt
"This is a bug fix release.
* Fix a linking issue with Samba.
* Better support multiple pkinit_identities values by checking whether certificates can be loaded for each value.
krb5-1.19.1 changes by ticket ID --------------------------------
8984 Load certs when checking pkinit_identities values 8985 Restore krb5_set_default_tgs_ktypes() 8987 Synchronize command-line option documentation"
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 4a22b1f4f59e44499997d5c218c11bcdb4d0d38c Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Feb 19 19:32:43 2021 +0000
core155: Ship bind
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 482634a1d3b55d9e4697abbd5e04ea074d6805ee Author: Matthias Fischer matthias.fischer@ipfire.org Date: Fri Feb 19 18:44:27 2021 +0100
bind: Update to 9.11.28
For details see: https://downloads.isc.org/isc/bind9/9.11.28/RELEASE-NOTES-bind-9.11.28.html
"Notes for BIND 9.11.28 Security Fixes
When tkey-gssapi-keytab or tkey-gssapi-credential was configured, a specially crafted GSS-TSIG query could cause a buffer overflow in the ISC implementation of SPNEGO (a protocol enabling negotiation of the security mechanism to use for GSSAPI authentication). This flaw could be exploited to crash named. Theoretically, it also enabled remote code execution, but achieving the latter is very difficult in real-world conditions. (CVE-2020-8625)
This vulnerability was responsibly reported to us as ZDI-CAN-12302 by Trend Micro Zero Day Initiative. [GL #2354]"
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
-----------------------------------------------------------------------
Summary of changes: config/rootfiles/common/bind | 6 +-- .../{oldcore/100 => core/155}/filelists/bind | 0 lfs/bind | 6 +-- lfs/krb5 | 6 +-- lfs/wio | 6 +-- src/wio/wio.cgi | 52 ++++++++++++---------- 6 files changed, 41 insertions(+), 35 deletions(-) copy config/rootfiles/{oldcore/100 => core/155}/filelists/bind (100%)
Difference in files: diff --git a/config/rootfiles/common/bind b/config/rootfiles/common/bind index d18332bf4..c3235bb8f 100644 --- a/config/rootfiles/common/bind +++ b/config/rootfiles/common/bind @@ -272,12 +272,12 @@ usr/lib/libbind9.so.161 usr/lib/libbind9.so.161.0.4 #usr/lib/libdns.la #usr/lib/libdns.so -usr/lib/libdns.so.1112 -usr/lib/libdns.so.1112.0.2 +usr/lib/libdns.so.1113 +usr/lib/libdns.so.1113.0.1 #usr/lib/libisc.la #usr/lib/libisc.so usr/lib/libisc.so.1107 -usr/lib/libisc.so.1107.0.4 +usr/lib/libisc.so.1107.0.5 #usr/lib/libisccc.la #usr/lib/libisccc.so usr/lib/libisccc.so.161 diff --git a/config/rootfiles/core/155/filelists/bind b/config/rootfiles/core/155/filelists/bind new file mode 120000 index 000000000..48a0ebaef --- /dev/null +++ b/config/rootfiles/core/155/filelists/bind @@ -0,0 +1 @@ +../../../common/bind \ No newline at end of file diff --git a/lfs/bind b/lfs/bind index 0069fea59..3047ac83e 100644 --- a/lfs/bind +++ b/lfs/bind @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2020 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2021 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -25,7 +25,7 @@
include Config
-VER = 9.11.26 +VER = 9.11.28
THISAPP = bind-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -43,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 1e5fb81b0ef562d32a19e579c0183f1a +$(DL_FILE)_MD5 = 59aa4d7be438b2c8103811d18f318c82
install : $(TARGET)
diff --git a/lfs/krb5 b/lfs/krb5 index c77e4fdfd..a972920e7 100644 --- a/lfs/krb5 +++ b/lfs/krb5 @@ -24,7 +24,7 @@
include Config
-VER = 1.19 +VER = 1.19.1
THISAPP = krb5-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP)/src TARGET = $(DIR_INFO)/$(THISAPP) PROG = krb5 -PAK_VER = 5 +PAK_VER = 6
DEPS =
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = aaf18447a5a014aa3b7e81814923f4c9 +$(DL_FILE)_MD5 = 81257292f8243f735654d4fd5d1fef6a
install : $(TARGET)
diff --git a/lfs/wio b/lfs/wio index b4222f1b5..b65d244d6 100644 --- a/lfs/wio +++ b/lfs/wio @@ -1,6 +1,6 @@ ############################################################################### -# IPFire.org - An Open Source Firewall Solution # -# Copyright (C) 2007-2020 IPFire Team info@ipfire.org # +# IPFire.org - An Open Source Firewall Solution # +# Copyright (C) 2007-2021 IPFire Team info@ipfire.org # ###############################################################################
############################################################################### @@ -15,7 +15,7 @@ THISAPP = wio-$(VER) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = wio -PAK_VER = 11 +PAK_VER = 12
############################################################################### # Top-level Rules diff --git a/src/wio/wio.cgi b/src/wio/wio.cgi index d07332e5e..ac8fc1220 100644 --- a/src/wio/wio.cgi +++ b/src/wio/wio.cgi @@ -3,7 +3,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2017-2020 Stephan Feddersen sfeddersen@ipfire.org # +# Copyright (C) 2017-2021 Stephan Feddersen sfeddersen@ipfire.org # # All Rights Reserved. # # # # This program is free software: you can redistribute it and/or modify # @@ -21,7 +21,7 @@ # # ############################################################################### # -# Version: 2020/08/04 21:12:23 +# Version: 2021/02/16 21:32:23 # # This wio.cgi is based on the code from the IPCop WIO Addon # and is extremly adapted to work with IPFire. @@ -1140,7 +1140,16 @@ print" <tr bgcolor='$color{'color22'}' height='20'> <td align='center'>01</td> <td align='center'><font color='$Header::colourred'>$redip</font></td> - <td align='center'><img align='middle' src='$imgstatic/red.png' alt='$Lang::tr{'internet'}' title='$Lang::tr{'internet'}' /></td> +"; + +if ( $netsettings{"RED_TYPE"} eq 'PPPOE' ) { + print"<td align='center'><img align='middle' src='$imgstatic/red.png' alt='$Lang::tr{'internet'}' title='$Lang::tr{'internet'}' /></td>"; +} +else { + print"<td align='center'><img align='middle' src='$imgstatic/red.png' alt='$Lang::tr{'wio_red_lan'}' title='$Lang::tr{'wio_red_lan'}' /></td>"; +} + +print" <td align='center'><font color='$Header::colourgreen'>".$mainsettings{'HOSTNAME'}.".".$mainsettings{'DOMAINNAME'}."</font></td> <td align='center'><font color='$Header::colourred'>".( $redip ne '-' ? (gethostbyaddr(pack("C4", split (/./, $redip)), 2))[0] : '-' )."</font></td> <td align='center'> @@ -1154,7 +1163,6 @@ close (FILE);
foreach (@ddns) { chomp; - @temp = split (/,/, $_);
if ( $temp[7] eq "on" ) { @@ -1336,7 +1344,7 @@ foreach $key (keys %ovpnconfighash) { if (-e "/var/run/$ovpnconfighash{$key}[1]n2n.pid") { my ( @output, @tustate ) = ''; my $tport = $ovpnconfighash{$key}[22]; - my $tnet = new Net::Telnet ( Timeout=>5, Errmode=>'return', Port=>$tport); + my $tnet = new Net::Telnet (Timeout=>5, Errmode=>'return', Port=>$tport); if ($tport ne '') { $tnet->open('127.0.0.1'); @output = $tnet->cmd(String => 'state', Prompt => '/(END.*\n|ERROR:.*\n)/'); @@ -1589,16 +1597,9 @@ my $dotip = length($ipaddresses[$a]) - rindex($ipaddresses[$a],'.'); }
if ( $netsettings{"RED_TYPE"} eq 'PPPOE' ) { - my $redipadr = qx'ip addr | grep red0 | grep inet | awk "{print $2}"'; - my @rednet = split ("/", $redipadr); - chomp ($rednet[1]); - my $red_netmask = General::iporsubtodec($rednet[1]); - my $red_netaddress = Network::get_netaddress("$rednet[0]/$red_netmask"); + print"<td align='center' height='20'><img src='$imgstatic/red.png' alt='$Lang::tr{'internet'}' title='$Lang::tr{'internet'}' /></td>"; + last SWITCH;
- if ( &General::IpInSubnet($ipaddresses[$a], $red_netaddress, $red_netmask) ) { - print"<td align='center' height='20'><img src='$imgstatic/red.png' alt='$Lang::tr{'internet'}' title='$Lang::tr{'internet'}' /></td>"; - last SWITCH; - } } else { print"<td align='center'><img align='middle' src='$imgstatic/white.png' alt='$Lang::tr{'wio_unknown_lan'}' title='$Lang::tr{'wio_unknown_lan'}' /></td>"; @@ -1606,17 +1607,20 @@ my $dotip = length($ipaddresses[$a]) - rindex($ipaddresses[$a],'.'); } }
-if ( $webinterface[$a] eq 'HTTP' ) { - print"<td align='center'><a title="$Lang::tr{'wio_webinterface_link'}" href="http://$names%5B$a%5D%5C" target="_blank">$names[$a]</a></td>"; -} -elsif ( $webinterface[$a] eq 'HTTPS' ) { - print"<td align='center'><a title="$Lang::tr{'wio_webinterface_link'}" href="https://$names%5B$a%5D%5C" target="_blank">$names[$a]</a></td>"; -} -else { - print"<td align='center'>$names[$a]</td>"; -} +print"<td align='center'>"; + + if ( $webinterface[$a] eq 'HTTP' ) { + print"<a title="$Lang::tr{'wio_webinterface_link'}" href="http://$names%5B$a%5D%5C" target="_blank">$names[$a]</a>"; + } + elsif ( $webinterface[$a] eq 'HTTPS' ) { + print"<a title="$Lang::tr{'wio_webinterface_link'}" href="https://$names%5B$a%5D%5C" target="_blank">$names[$a]</a>"; + } + else { + print $names[$a]; + }
print" + </td> <td> <table bgcolor='$bgcolor' cellpadding='2' cellspacing='0' width='100%'> <tr height='20'> @@ -2054,6 +2058,8 @@ if ( $wiosettings{'LOGGING'} eq 'on' ) { print" <td width='10%' align='right'><form method='post' action='$ENV{'SCRIPT_NAME'}' enctype='multipart/form-data'><input type='hidden' name='ACTION' value='$Lang::tr{'edit'}1' /><input type='submit' name='SUBMIT' value='$Lang::tr{'wio_edit_set'}' /></form></td> </tr> +<tr><td colspan='4'><b> </b></td></tr> +<tr><td colspan='4' align='right'><b><font size='1' color='grey'>wio-1.3.2-12</font></b></td></tr> </table> "; }
hooks/post-receive -- IPFire 2.x development tree