From: git@ipfire.org
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, core111, created. 488c7e7e31d52387609a3ee8b29015158d7ecaf3
Date: Thu, 18 May 2017 11:58:33 +0100 [thread overview]
Message-ID: <20170518105833.9CD6810853C3@git01.ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 39353 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, core111 has been created
at 488c7e7e31d52387609a3ee8b29015158d7ecaf3 (commit)
- Log -----------------------------------------------------------------
commit 488c7e7e31d52387609a3ee8b29015158d7ecaf3
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Thu May 18 11:55:20 2017 +0100
core111: Ship updated cpio
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 42661bf875f609f13e0757a9838a70d07aa57269
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Tue Apr 25 11:13:04 2017 +0200
cpio: Update to 2.12
FTBFS on aarch64
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 8c31790a2f706ff05471e864ecde7853fec0cb3a
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Thu Apr 13 19:16:25 2017 +0200
ccache: Cleanup makefile
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit b4b62a341450b085fd95b4f5f8ce4da09bec4327
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Thu Apr 13 19:02:21 2017 +0200
make.sh: Set TOOLCHAIN=1 in toolchain stage
This allows better lfs files and fewer ifdefs in toolchain stage.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit e467a2f274cdff830b5d3646ed9c9ac5a117940d
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Thu Apr 13 19:01:28 2017 +0200
make.sh: Adjust toolchain PATH in lfsmake1 instead of globally
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit fdfddd64620ea6fcb109f50633c304f14a354b4d
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Sat Apr 8 12:12:42 2017 +0200
kernel headers: Install correct headers for all architectures
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 70ba2380d3088a4384abd25893d2d93828b627b0
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Wed Apr 12 11:38:42 2017 +0200
fake-environ: Fix typos
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 3f9ecfdc27263ed0c419a3500112411f5c07b08c
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Fri May 5 14:10:36 2017 +0200
make.sh: Show last lines of log when build aborts
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit a0ab2f880e9dd8809b327b9245fb36cd7cb9b67e
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Thu May 18 11:47:07 2017 +0100
Start Core Update 111
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 12b0a9da205108e5ce706913ff4c9553e58284f9
Merge: 844e542 2a77d2a
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Thu May 18 11:24:41 2017 +0100
Merge remote-tracking branch 'origin/master' into next
commit 844e542e60d0f1b01546a1e81d5b35b96ce9eba1
Merge: 59b2133 c335b0c
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Thu May 18 11:22:20 2017 +0100
Merge remote-tracking branch 'ms/wlanclient' into next
commit c335b0cd8edb800795cf1b4422043ef3c24a036b
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Tue May 16 16:02:25 2017 +0200
index.cgi: Show WiFi properties on front page
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 0628d956a7cc1d952b236494de0559cbea52c0ff
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Tue May 16 15:05:25 2017 +0200
WiFi: Show EAP status on wireless client page
This patch adds some status information so that we know what
authentication an access point is using.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 59b2133892ca3592da4aaa92e57bb38ba924191b
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Tue May 16 11:33:40 2017 +0100
tor: Update to 0.3.0.7
Fixes various security vulnerabilities of medium severity in
the relay component.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit a7f7657c4b2282e3f3f33e1dfb7c4d4a963ad713
Author: Gabriel Rolland <rollopack(a)gmail.com>
Date: Thu May 4 10:28:35 2017 +0200
Italian translations in it.pl after 110
Missing or incorrect translations.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 5e06cb2778c66096d4b4f2cf443f45e3d126c6bb
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Fri May 5 23:22:30 2017 +0200
web-user-interface: Fix for rootfile
Added 'back.png' for Firewall-GUI
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 86282bdc7dc7a45872558866aadbb780fcd12f43
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Fri May 5 12:02:21 2017 +0100
vpnmain.cgi: Fix typo
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit f2c94780088c6b172e63493705906142dbad0727
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Fri May 5 11:31:36 2017 +0100
wlan client: Generate wpa_supplicant configuration file for EAP
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 19f0fa5694d9224c128ff362673c42e9b169351c
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Fri May 5 11:17:06 2017 +0100
wlan client: Allow configuration of EAP-PEAP and EAP-TTLS on web user interface
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 415cbcecfae2330a8c4211dc4c17e8a98ee4f64b
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Sun Apr 30 12:59:23 2017 +0200
GUI: Some simple FW-Log cosmetics
I altered 'showrequestfromcountry.dat', 'showrequestfromip.dat' and 'showrequestfromport.dat'
in the same manner as the 'Loggraphs'-Pages in commit
Each 'Details'-page got a unique title.
Furthermore, I added a 'Back'-Button to go back to the previous page. For this, I used
'back.png' from 'wio' (thanks Stephan! ;-) ) since I found no other appropriate image.
'ipinfo.cgi' got a centered 'Back'-Button, too.
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 057aaf42b6c6f82eb14808b5167eec703bcc4989
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Fri Apr 28 21:29:58 2017 +0200
BUG 11305: Suggested fix for '/var/log/btmp' permissions
Fixes BUG 11305, for details see:
https://bugzilla.ipfire.org/show_bug.cgi?id=11305
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 094a27c8f9bf39b5b5b6df1a28d976d9f52e776f
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Sun Apr 30 13:09:51 2017 +0100
unbound: Update dnssec-status file
The status file was not updated when DNSSEC was disabled
before and has been enabled after which always caused
the webif to show that DNSSEC was disabled.
Fixes #11315
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit b5fe050fce03a7ee2547a1162452c8211d2eea8d
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Mon Apr 24 20:56:29 2017 +0200
unbound: Update to 1.6.2
For details see:
http://www.unbound.net/download.html
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 07002f2bca7efd49d8baea0dadf193a29f27604b
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Tue Apr 25 21:08:32 2017 +0200
bind: Update to 9.11.1
For details see:
https://ftp.isc.org/isc/bind9/9.11.1/RELEASE-NOTES-bind-9.11.1.html
"Security Fixes
rndc "" could trigger an assertion failure in named. This flaw is disclosed
in (CVE-2017-3138). [RT #44924]
Some chaining (i.e., type CNAME or DNAME) responses to upstream queries could
trigger assertion failures. This flaw is disclosed in CVE-2017-3137. [RT #44734]
dns64 with break-dnssec yes; can result in an assertion failure. This flaw is
disclosed in CVE-2017-3136. [RT #44653]
If a server is configured with a response policy zone (RPZ) that rewrites an
answer with local data, and is also configured for DNS64 address mapping, a NULL
pointer can be read triggering a server crash. This flaw is disclosed in
CVE-2017-3135. [RT #44434]
A coding error in the nxdomain-redirect feature could lead to an assertion failure
if the redirection namespace was served from a local authoritative data source such
as a local zone or a DLZ instead of via recursive lookup. This flaw is disclosed in
CVE-2016-9778. [RT #43837]
named could mishandle authority sections with missing RRSIGs, triggering an
assertion failure. This flaw is disclosed in CVE-2016-9444. [RT #43632]
named mishandled some responses where covering RRSIG records were returned without
the requested data, resulting in an assertion failure. This flaw is disclosed in
CVE-2016-9147. [RT #43548]
named incorrectly tried to cache TKEY records which could trigger an assertion failure
when there was a class mismatch. This flaw is disclosed in CVE-2016-9131. [RT #43522]
It was possible to trigger assertions when processing responses containing answers of
type DNAME. This flaw is disclosed in CVE-2016-8864. [RT #43465]
Added the ability to specify the maximum number of records permitted in a zone
(max-records #;). This provides a mechanism to block overly large zone transfers, which
is a potential risk with slave zones from other parties, as described in CVE-2016-6170.
[RT #42143]
Bug Fixes
A synthesized CNAME record appearing in a response before the associated DNAME could be
cached, when it should not have been. This was a regression introduced while addressing
CVE-2016-8864. [RT #44318]
named could deadlock if multiple changes to NSEC/NSEC3 parameters for the same zone were
being processed at the same time. [RT #42770]
named could trigger an assertion when sending NOTIFY messages. [RT #44019]
Referencing a nonexistent zone in a response-policy statement could cause an assertion
failure during configuration. [RT #43787]
rndc addzone could cause a crash when attempting to add a zone with a type other than
master or slave. Such zones are now rejected. [RT #43665]
named could hang when encountering log file names with large apparent gaps in version
number (for example, when files exist called "logfile.0", "logfile.1", and
"logfile.1482954169"). This is now handled correctly. [RT #38688]
If a zone was updated while named was processing a query for nonexistent data, it could
return out-of-sync NSEC3 records causing potential DNSSEC validation failure. [RT #43247]"
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit abd12bd073dd0be74d97e2f204027f2a4346549a
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Tue Apr 25 21:13:17 2017 +0200
nano: Update to 2.8.1
For details see:
https://www.nano-editor.org/news.php
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 3d5c499e0ca73c9a787815b8894d6cfcb0416a1b
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Fri Apr 28 08:17:33 2017 +0200
logrotate: Update to 3.12.1
For details see:
https://github.com/logrotate/logrotate/blob/master/ChangeLog.md
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit f3dfb261c8c78f7806bcf215646f9d3618d151f5
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Fri Apr 28 13:03:46 2017 +0100
OpenVPN: Mark SHA1 as weak
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 7090074557516deaaff9b1a84f4f8beec6c4dadd
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Fri Apr 28 13:01:41 2017 +0100
OpenVPN: Use SHA512 by default
This will break compatibility with old clients like
Windows XP, but these are too old now to be supported.
SHA1 is considered to be weak and should not be used any more
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 0e8f275e80d8ad517019f7c0f8349a5a16ea9f1b
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Sat Apr 22 18:17:27 2017 +0200
vnstat: Update to 1.17
For details see:
http://humdi.net/vnstat/CHANGES
Please note - this commit is based on:
http://git.ipfire.org/?p=people/mfischer/ipfire-2.x.git;a=commit;h=f92c3ef6b97d4bd5e3db9c6c783ab0059016b211
1.15 was running here since then, upgrading to 1.17 showed no problems so far.
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit d55d05b6cb6bb3ddb7fde20d975cf4f9546afedf
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Tue Jul 12 12:56:42 2016 +0200
vnstat: Update to 1.15
Changelog:
http://humdi.net/vnstat/CHANGES
I had to add some 'configure'-lines to build this - nevertheless: its
working. ;-)
'vnstat.conf' needed some additional 'sed'-lines, too.
Please review, test and confirm.
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 1bea8be2ce2ce0c4ee2a07bcffb978f4ea07ab89
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Fri Apr 21 22:37:28 2017 +0200
GUI: Some simple FW-Log cosmetics
Fixed the 'details'-Button in 'firewalllogcountry.dat' by adding missing
translation string.
Each 'Loggraphs'-Page got a unique title and a new heading for the corresponding
diagram.
Just cosmetics...
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 723d1d911ff717ac43c24738960e76fca11c4cbd
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Fri Apr 21 19:00:21 2017 +0200
unbound 1.6.1: Linking against libevent2
Hi,
this was triggered by unbound-users(a)unbound.net - it seems that the
'configure'-option '--with-libevent-support' is not enough:
***SNIP***
...
When building unbound with --with-libevent support, the make
install phase should also call make unbound-event-install or else
unbound-event.h does not get installed and the header file for
using the unbound event functionality is not available.
...
This install is triggered by the option --enable-event-api. Just
enabling --with-libevent does not trigger the install by itself.
Best regards,
Wouter
...
***SNAP***
I built 'unbound' this way - its running without any problems so far.
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 1fab4edfa690b410a255b9dd1d896178512e03d5
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Thu Apr 20 13:00:42 2017 +0100
IPsec: Show status in WUI when VPN is connecting
This is helpful when debugging on-demand connections
when you can see if strongswan tries to connect or is
still idle.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit c94d1976d3bf2fd760834a0093eeb286a90c8fdd
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Thu Apr 20 12:53:53 2017 +0100
IPsec: Mark MODP<=1024 and MD5 as broken and SHA1 as weak
Since we somehow have to support these algorithms this patch
adds some information for the user that it is very strongly
discouraged to use them in production.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 2c2cf3918bee850ede133562ae1c42bf8c73ef68
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Thu Apr 20 12:44:27 2017 +0100
IPsec: Allow using MODP-768 in proposal
MODP-768 is broken but some systems out there (for example old
Cisco ASAs) do not support anything better. Hence it is better
to allow this instead of using no VPN at all.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 1e645047b23939036c5aa4c86c0709c8b128a906
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Mon Apr 10 00:35:50 2017 +0200
libevent2: Update to 2.1.8-stable
Contains lots of build- and bugfixes since 2.0.22 - for details see:
https://raw.githubusercontent.com/libevent/libevent/release-2.1.8-stable/ChangeLog
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 4d376982163c134907415d44778af2a1f03b1485
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Wed Apr 19 15:26:06 2017 +0200
Revert "gdbm: update to 1.13"
This reverts commit dc539daf8823ef97c931f12b514453c25e867c45.
With "gdbm-Update to 1.13", 'php 5.3.27' failed to build.
Best,
Matthias
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit b7d071af817c11b6daf54abfeea82360185208f3
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Wed Apr 19 10:10:05 2017 +0200
php 5.3.27: Source format improvements
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 4c6b2034921fcfbff5fc92ab567c56c47fe99137
Author: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Date: Tue Apr 18 14:56:05 2017 +0200
git: update to 2.12.1
Signed-off-by: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 77cdccf4c0a2b1c0a2b8d6e4aab86fbcbd5439b9
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Sun Apr 16 23:01:33 2017 +0200
BUG 11318: Fix deletion of temporary files from IPTables-GUI
For details see:
https://bugzilla.ipfire.org/show_bug.cgi?id=11318
Temporary files for 'iptables', 'iptablesmangle' and 'iptablesnat' created by
'iptables.cgi' were not deleted after use but stayed in '/srv/weg/ipfire/html/'.
As a workaround I changed 'getipstat.c' to create these files in '/var/tmp' and the
"open (file..." and "rm" commands in 'iptables.cgi'.
Works here.
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit ac69a292a8b41224b31e7dd8c0335e3d9b604129
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Mon Apr 17 14:25:59 2017 +0200
libevent2-compat: newpackage
Keeps older packages that have been linked
against this version of libevent2 working.
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit d68ead3decfdcc4ca4a1413e33f3c47270799836
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Mon Apr 17 00:16:02 2017 +0200
Fix for guardian-CGI: As a result of fixing BUG11318
This is necessary because commit bf1985fae5baca327fcded31264f45638442f02e changes the
place where temporary files from 'iptables' are stored.
Some typos where fixed, too.
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 935f05065e79ec06b529a44631ffcf50199d8cf0
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon Apr 17 12:36:49 2017 +0100
Rootfile update
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 52883a8e9efd1a9949fc1d4419800f4728cd5466
Author: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
Date: Sun Apr 16 19:36:22 2017 +0200
Build python3-libvirt only on i586 and x86_64
Libvirt is build only on these arches and the bindings make only with
libvirt sense so we should build them only on these two arches too.
Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit fd15f250e8e7d372cc767ec4482fe3b64a23dc39
Author: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
Date: Sat Apr 15 15:56:22 2017 +0200
Add package python3-libvirt
This new package provides the python3 bindings for libvirt.
Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit dc539daf8823ef97c931f12b514453c25e867c45
Author: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Date: Sun Apr 16 19:35:50 2017 +0200
gdbm: update to 1.13
Signed-off-by: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit ae3b38d473ae6929fd61b42513f4e636cabe55f0
Author: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
Date: Sat Apr 15 15:48:54 2017 +0200
Update python3 to 3.6.1
Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 6db46712114eb663688d7ddb988afec47677a90e
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Sun Apr 16 14:13:33 2017 +0200
ipset: Update to 6.32
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit e1fb40529c3b843ba97868c0928c23db715f9db9
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Sun Apr 16 14:38:46 2017 +0200
coreutils: Update to 8.27
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 8e5116af265d59d09808ea5a6e77fbfb19646f73
Author: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
Date: Sat Apr 15 14:01:30 2017 +0200
Update libvirt to 3.1.0
This patch update the libvirt library to version 3.1.0
We can not update to the latest version in the moment because version
3.2.0 has a annoying bug.
Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 91c35e4838b4e059c67240bb54cd32eefd105da3
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Sun Apr 16 14:11:10 2017 +0200
bind: Update to 9.11.0-P5
For details see:
https://ftp.isc.org/isc/bind9/9.11.0-P5/RELEASE-NOTES-bind-9.11.0-P5.html
"BIND 9.11.0-P5 addresses the security issues described in CVE-2017-3136,
CVE-2017-3137, and CVE-2017-3138, and updates the built-in trusted keys for the root zone.
Security Fixes
rndc "" could trigger an assertion failure in named. This flaw is disclosed in
(CVE-2017-3138). [RT #44924]
Some chaining (i.e., type CNAME or DNAME) responses to upstream queries could
trigger assertion failures. This flaw is disclosed in CVE-2017-3137. [RT #44734]
dns64 with break-dnssec yes; can result in an assertion failure. This flaw is
disclosed in CVE-2017-3136. [RT #44653]
If a server is configured with a response policy zone (RPZ) that rewrites an
answer with local data, and is also configured for DNS64 address mapping, a NULL
pointer can be read triggering a server crash. This flaw is disclosed in CVE-2017-3135.
[RT #44434]
A coding error in the nxdomain-redirect feature could lead to an assertion failure if
the redirection namespace was served from a local authoritative data source such as a
local zone or a DLZ instead of via recursive lookup. This flaw is disclosed in
CVE-2016-9778. [RT #43837]
named could mishandle authority sections with missing RRSIGs, triggering an assertion
failure. This flaw is disclosed in CVE-2016-9444. [RT #43632]
named mishandled some responses where covering RRSIG records were returned without the
requested data, resulting in an assertion failure. This flaw is disclosed in
CVE-2016-9147. [RT #43548]
named incorrectly tried to cache TKEY records which could trigger an assertion failure
when there was a class mismatch. This flaw is disclosed in CVE-2016-9131. [RT #43522]
It was possible to trigger assertions when processing responses containing answers of
type DNAME. This flaw is disclosed in CVE-2016-8864. [RT #43465]
Bug Fixes
A synthesized CNAME record appearing in a response before the associated DNAME could be
cached, when it should not have been. This was a regression introduced while addressing
CVE-2016-8864. [RT #44318]
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 4d8d78169fd108b526aa85a204dee080f277228a
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Thu Apr 13 09:08:21 2017 +0200
cups-filters: Fix for lfs-file (dropped avahi package)
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 076ad71576609f66f9a99cf4c14c75dbcd1a8220
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Wed Apr 12 17:35:43 2017 +0100
avahi: Drop package
The daemon locks up when starting up in avahi_log_info() and
probably the other logging functions, too.
Since avahi is not really used a lot in the distribution,
has been in testing for four years and has virtually no users
I am going to drop it instead of wasting time on fixing this.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 7cbdd31d6e3e15be0b6856ab792b4edf7678cbb5
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Tue Apr 11 14:26:57 2017 +0100
graphs.pl: Fix HTML syntax error
The missing ' caused that a different URL was called
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 30b980a84dd89aea8d49ad5d93b2b033c38f48e8
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Mon Apr 10 14:10:28 2017 +0200
kbd 1.12: Update for rootfile
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit a696f575104e9bca3ae6df6d36f01b9a63c6c70c
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Sun Apr 9 18:19:49 2017 +0200
rrdtool 1.6.0: fix for rootfile
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit f0c71e72b0f84400127d7ebc9e34f2805ebbec81
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Tue Apr 11 14:11:16 2017 +0100
ltrace: New package
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit c4f3b29a9de4ced24110c39f818afd59c977d296
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Tue Apr 11 14:10:53 2017 +0100
elfutils: Update rootfile
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 015640d67161b27e729e6bc31b32eb838afd5060
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Tue Apr 11 13:05:53 2017 +0100
elfutils: New package
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 778979f630b0157f7bcee40087a80dae6076c4b4
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Tue Apr 11 13:05:22 2017 +0100
dbus: Update to 1.11.12
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit a0168f9fca199e78bf88ab263deaec3a2c8e977e
Author: Timo Eissler <timo.eissler(a)ipfire.org>
Date: Fri Apr 7 21:59:40 2017 +0200
nmap: remove uninstall_ndiff from rootfile
Signed-off-by: Timo Eissler <timo.eissler(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit b3ee263b07d24c115614e2d5ceb909f1afe10c80
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Thu Apr 6 19:12:06 2017 +0100
QoS: Enable IMQ multi queueing
This increases throughput when QoS is activated
since now all available CPU cores will be used
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit d0755f4cb2e8d1d1332f6624b6d8d7adf0db9192
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Thu Apr 6 19:00:45 2017 +0100
Rootfile update
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit e4d7dc1ea473e655adf0b72c6c7bb9eea91b50aa
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Thu Apr 6 12:52:10 2017 +0100
dhcp: Fix extracting bundled BIND package
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 4a3940a15fcec5977955be1aadd2f46075b401b4
Author: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Date: Fri Mar 17 15:50:03 2017 +0100
gcc: update to 4.9.4
This is only a bugfix release
https://gcc.gnu.org/gcc-4.9/changes.html
Signed-off-by: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit a8c2aae946a5184f89baec9f5fd4f68bd3e9ddd4
Author: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Date: Fri Mar 17 16:00:04 2017 +0100
mpfr: update to 3.1.5
Signed-off-by: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit fcab4e5f187a370f5e72be0226560f83b50a5b65
Author: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Date: Fri Mar 17 15:26:06 2017 +0100
gmp: update to 6.1.2
Signed-off-by: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit a309f3b5c387a436df4c44ef4e7bf48d832a279a
Author: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Date: Fri Mar 17 15:20:07 2017 +0100
pcre: update to 8.40
Signed-off-by: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 85ca3a529baffa6ce20c27eca31a4877d2d52b69
Author: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Date: Fri Mar 17 15:11:12 2017 +0100
rrdtool: update to 1.6.0
Signed-off-by: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit e9dae64ea1788d181ea482315642cc196576d21a
Author: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Date: Fri Mar 17 16:11:36 2017 +0100
pkg-config: update to 0.29.1
Signed-off-by: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit f4574da97a680b7467506fec52fe7954a00bcb48
Author: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Date: Fri Mar 17 16:16:57 2017 +0100
nmap: update to 7.40
Signed-off-by: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit f155baa6f034f8935337578afd33cdc30fd37760
Author: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Date: Fri Mar 17 16:23:13 2017 +0100
m4: update to 1.4.18
Signed-off-by: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit e0e3f3a3e7520a4fdfacf543698c4a96871aed9e
Author: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Date: Sat Mar 18 11:16:16 2017 +0100
acpid: update to 2.0.28
Signed-off-by: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 6c96150b453b7ad81d329c5fbaedb39afbed6715
Author: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Date: Sat Mar 18 11:25:05 2017 +0100
unzip: update to 60
Signed-off-by: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 49e3621c32f02b90e69c1249778dd8a818566e53
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Thu Apr 6 10:04:34 2017 +0100
gzip: Drop patch that is no longer applied
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 3b7a290523569bf7d083ae988060a527b7fa5998
Author: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Date: Sat Mar 18 11:30:31 2017 +0100
gzip: update to 1.8
Signed-off-by: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 361cc1bd0c102d2a0ec79943b0bad0ef106412ce
Author: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Date: Wed Mar 22 12:41:55 2017 +0100
file: update to 5.30
Signed-off-by: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 176ba83d49b7fa1ce4c5989ed64778cd91e2d9e6
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Wed Apr 5 17:44:55 2017 +0200
logwatch 7.4.3: next fix, output for 'lm_sensors' was missing
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit cd31b51ea57d49fc406db3ce2a0e906454c8c48d
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Wed Apr 5 13:42:14 2017 +0200
logwatch 7.4.3: some more fixes for rootfile
Hi,
'eximstats', 'zz-sys' and 'resolver'-files were missing.
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 2dbfc4020d18e65b525104b13891921411cb6322
Author: Daniel Weismüller <daniel.weismueller(a)ipfire.org>
Date: Wed Apr 5 12:25:16 2017 +0200
netsnmpd: added lmsensors and some other mibs
Signed-off-by: Daniel Weismüller <daniel.weismueller(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 9bc2e596d0805171e5a25e1be33fdcd9c114066d
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Wed Apr 5 12:16:52 2017 +0100
IPsec: Include Curve 25519 in default proposal
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 64056cae466b49993af8fe831731d2eed77f683a
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Wed Apr 5 12:15:20 2017 +0100
IPsec: Allow selecting Curve 25519 as group type
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 1ef80c435225c6bd35df4d510b728ea6bfad772a
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Wed Apr 5 12:08:39 2017 +0100
strongswan: Update to version 5.5.2
Introduces support for Curve25519 for IKE as defined by RFC8031.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 570d54fd84ead452753ac7fd498c7ee760caa3ff
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Wed Apr 5 11:42:55 2017 +0100
IPsec: Drop SHA1 and MODP<=1536 from proposed ciphers
IPsec is still proposing to use SHA1 and MODP-1536 or MODP-1024
when initiating a connection. These are considered weak although
many off-the-shelf hardware is still using this as defaults.
This patch disables those algorithms and additionally changes
default behaviour to only accept the configured cipher suites.
This might create some interoperability issues, but increases
security of IPFire-to-IPFire IPsec connections.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 4f6790a7e48c1c5bf52ad53c060ef6f3274bd5a1
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Wed Apr 5 10:33:49 2017 +0100
ipsecctrl: Reload IPsec block rules after connection is deleted
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 3fa1cb5f35dd59fed503211898662c5cf22c3c97
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Tue Apr 4 12:45:12 2017 +0200
logwatch: Update to 7.4.3
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 9d8574996e7833f8a009cc4012990c2fcc8113cc
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Tue Apr 4 12:38:33 2017 +0200
logwatch 7.4.1: another fix for rootfile
Hi,
similar to:
http://git.ipfire.org/?p=people/mfischer/ipfire-2.x.git;a=commit;h=9f46e637ac345509ff75248d1087b1bff117ff20
A missing '#' for "usr/share/logwatch/default.conf/services" in rootfile.
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 31b34f950912478f8594f41cdf20dc715b15bc34
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Tue Apr 4 00:46:38 2017 +0200
logwatch 7.4.1: fix for rootfile
Hi,
One missing '#' and all underlying 'services' in 'usr/share/logwatch/scripts/services'
are installed. 147 files are active, but it should be only 33.
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
-----------------------------------------------------------------------
hooks/post-receive
--
IPFire 2.x development tree
reply other threads:[~2017-05-18 10:58 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170518105833.9CD6810853C3@git01.ipfire.org \
--to=git@ipfire.org \
--cc=ipfire-scm@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox