* [git.ipfire.org] IPFire 2.x development tree branch, next, updated. cf361ef4b55134254150b5070069f9d25b201bd1
@ 2017-10-18 19:28 git
0 siblings, 0 replies; only message in thread
From: git @ 2017-10-18 19:28 UTC (permalink / raw)
To: ipfire-scm
[-- Attachment #1: Type: text/plain, Size: 8501 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via cf361ef4b55134254150b5070069f9d25b201bd1 (commit)
via fb1eb40f9b84c190c62dec16897fefb552b4f50e (commit)
via fcd8ab4c236d434e655866c3aa3cf90c8eefc110 (commit)
via 6c6c1e3f043b7c4e99fabb6e92fce226089392af (commit)
via bee416e2829a5063819ee97f299482e4f894e9e5 (commit)
via a10e6aaefe6cf2127b8b9f51ff45fef175f53e2c (commit)
via de5862aaab0e73bffe32162de760b0f000d07d8f (commit)
via d5f061e9e7401c2f88483a7bbc48344a412fef3b (commit)
from 348ba8e2c54db7608ca9c2584c4c14b3466e6fbb (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit cf361ef4b55134254150b5070069f9d25b201bd1
Author: Arne Fitzenreiter <arne_f(a)ipfire.org>
Date: Wed Oct 18 21:25:59 2017 +0200
finish core115
Signed-off-by: Arne Fitzenreiter <arne_f(a)ipfire.org>
commit fb1eb40f9b84c190c62dec16897fefb552b4f50e
Author: Arne Fitzenreiter <arne_f(a)ipfire.org>
Date: Wed Oct 18 21:24:43 2017 +0200
core115: add extrahd.cgi to updater
this file was missing in early core114 testbuilds so ship it again.
Signed-off-by: Arne Fitzenreiter <arne_f(a)ipfire.org>
commit fcd8ab4c236d434e655866c3aa3cf90c8eefc110
Merge: 6c6c1e3 bee416e
Author: Arne Fitzenreiter <arne_f(a)ipfire.org>
Date: Wed Oct 18 21:20:23 2017 +0200
Merge branch 'master' into core115
commit 6c6c1e3f043b7c4e99fabb6e92fce226089392af
Author: Peter Müller <peter.mueller(a)link38.eu>
Date: Tue Oct 17 19:49:07 2017 +0200
redirect to TLS WebUI if authorisation required
Do not allow credentials being submitted in plaintext to Apache.
Instead, redirect the user with a 301 to the TLS version of IPFire's
web interface.
Signed-off-by: Peter Müller <peter.mueller(a)link38.eu>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit bee416e2829a5063819ee97f299482e4f894e9e5
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Sat Sep 23 01:34:55 2017 +0200
wpa_supplicant: Update to 2.6
For details see:
https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit a10e6aaefe6cf2127b8b9f51ff45fef175f53e2c
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon Oct 16 15:49:35 2017 +0100
KRACK attack: Patch wpa_supplicant & hostapd
A vulnerability was found in how a number of implementations can be
triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by
replaying a specific frame that is used to manage the keys. Such
reinstallation of the encryption key can result in two different types
of vulnerabilities: disabling replay protection and significantly
reducing the security of encryption to the point of allowing frames to
be decrypted or some parts of the keys to be determined by an attacker
depending on which cipher is used.
This fixes: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,
CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086,
CVE-2017-13087, CVE-2017-13088
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/extrahd/extrahd.pl | 2 +-
config/httpd/vhosts.d/ipfire-interface.conf | 24 ++++++++----------------
config/rootfiles/core/115/filelists/files | 1 +
config/rootfiles/oldcore/114/filelists/files | 1 +
html/cgi-bin/extrahd.cgi | 9 +++++++--
make.sh | 2 +-
6 files changed, 19 insertions(+), 20 deletions(-)
Difference in files:
diff --git a/config/extrahd/extrahd.pl b/config/extrahd/extrahd.pl
index 6c3c99c..3b57e92 100644
--- a/config/extrahd/extrahd.pl
+++ b/config/extrahd/extrahd.pl
@@ -75,7 +75,7 @@ if ( "$ARGV[0]" eq "mount" ) {
if ( ! `/bin/mount | /bin/fgrep $ARGV[1]` ) {
system("/bin/cp -f /etc/fstab $fstab");
system("/bin/fgrep -v $ARGV[1] <$fstab >/etc/fstab");
- print "Succesfully umounted $ARGV[1].\n";
+ print "Successfully umounted $ARGV[1].\n";
exit(0);
} else {
print "Can't umount $ARGV[1].\n";
diff --git a/config/httpd/vhosts.d/ipfire-interface.conf b/config/httpd/vhosts.d/ipfire-interface.conf
index 27fd25a..be15cd0 100644
--- a/config/httpd/vhosts.d/ipfire-interface.conf
+++ b/config/httpd/vhosts.d/ipfire-interface.conf
@@ -12,25 +12,17 @@
Require all granted
</Directory>
<DirectoryMatch "/srv/web/ipfire/html/(graphs|sgraph)">
- AuthName "IPFire - Restricted"
- AuthType Basic
- AuthUserFile /var/ipfire/auth/users
- Require user admin
+ Options SymLinksIfOwnerMatch
+ RewriteEngine on
+ RewriteCond %{HTTPS} off
+ RewriteRule (.*) https://%{SERVER_NAME}:444/$1 [R=301,L]
</DirectoryMatch>
ScriptAlias /cgi-bin/ /srv/web/ipfire/cgi-bin/
<Directory /srv/web/ipfire/cgi-bin>
- AllowOverride None
- Options None
- AuthName "IPFire - Restricted"
- AuthType Basic
- AuthUserFile /var/ipfire/auth/users
- Require user admin
- <Files chpasswd.cgi>
- Require all granted
- </Files>
- <Files webaccess.cgi>
- Require all granted
- </Files>
+ Options SymLinksIfOwnerMatch
+ RewriteEngine on
+ RewriteCond %{HTTPS} off
+ RewriteRule (.*) https://%{SERVER_NAME}:444/$1 [R=301,L]
</Directory>
Alias /updatecache/ /var/updatecache/
<Directory /var/updatecache>
diff --git a/config/rootfiles/core/115/filelists/files b/config/rootfiles/core/115/filelists/files
index 4cf39b0..72c5e5f 100644
--- a/config/rootfiles/core/115/filelists/files
+++ b/config/rootfiles/core/115/filelists/files
@@ -8,6 +8,7 @@ srv/web/ipfire/cgi-bin/captive/index.cgi
srv/web/ipfire/cgi-bin/captive/logo.cgi
srv/web/ipfire/cgi-bin/captive/redirect.cgi
srv/web/ipfire/cgi-bin/captive.cgi
+srv/web/ipfire/cgi-bin/extrahd.cgi
srv/web/ipfire/cgi-bin/ovpnmain.cgi
srv/web/ipfire/cgi-bin/proxy.cgi
srv/web/ipfire/cgi-bin/vpnmain.cgi
diff --git a/config/rootfiles/oldcore/114/filelists/files b/config/rootfiles/oldcore/114/filelists/files
index ca8087f..3d0cd04 100644
--- a/config/rootfiles/oldcore/114/filelists/files
+++ b/config/rootfiles/oldcore/114/filelists/files
@@ -1,4 +1,5 @@
etc/system-release
etc/issue
etc/rc.d/init.d/unbound
+srv/web/ipfire/cgi-bin/extrahd.cgi
var/ipfire/langs
diff --git a/html/cgi-bin/extrahd.cgi b/html/cgi-bin/extrahd.cgi
index 5a6fbce..da1efb2 100644
--- a/html/cgi-bin/extrahd.cgi
+++ b/html/cgi-bin/extrahd.cgi
@@ -48,8 +48,13 @@ my $partitionentry = "";
my $devicefile = "/var/ipfire/extrahd/devices";
my $scanfile = "/var/ipfire/extrahd/scan";
my $partitionsfile = "/var/ipfire/extrahd/partitions";
-system("/usr/local/bin/extrahdctrl scanhd ide");
-system("/usr/local/bin/extrahdctrl scanhd partitions");
+
+#workaround to suppress a warning when a variable is used only once
+my @dummy = ( ${Header::colourgreen}, ${Header::colourred} );
+undef (@dummy);
+
+system("/usr/local/bin/extrahdctrl scanhd ide >/dev/null");
+system("/usr/local/bin/extrahdctrl scanhd partitions >/dev/null");
&Header::showhttpheaders();
diff --git a/make.sh b/make.sh
index 5843527..f4a651a 100755
--- a/make.sh
+++ b/make.sh
@@ -26,7 +26,7 @@ NAME="IPFire" # Software name
SNAME="ipfire" # Short name
VERSION="2.19" # Version number
CORE="115" # Core Level (Filename)
-PAKFIRE_CORE="114" # Core Level (PAKFIRE)
+PAKFIRE_CORE="115" # Core Level (PAKFIRE)
GIT_BRANCH=`git rev-parse --abbrev-ref HEAD` # Git Branch
SLOGAN="www.ipfire.org" # Software slogan
CONFIG_ROOT=/var/ipfire # Configuration rootdir
hooks/post-receive
--
IPFire 2.x development tree
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2017-10-18 19:28 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-10-18 19:28 [git.ipfire.org] IPFire 2.x development tree branch, next, updated. cf361ef4b55134254150b5070069f9d25b201bd1 git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox