From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: ipfire-scm@lists.ipfire.org Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 730e96c98b5432104f5394aabfc55a05bef39e0e Date: Fri, 19 Feb 2021 19:39:00 +0000 Message-ID: <4Dj22F0c3Mz2xXP@people01.haj.ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============9061388527011392144==" List-Id: --===============9061388527011392144== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via 730e96c98b5432104f5394aabfc55a05bef39e0e (commit) via c33d30d8f99bc06737739857c316b35ea87d759b (commit) via 4a22b1f4f59e44499997d5c218c11bcdb4d0d38c (commit) via 482634a1d3b55d9e4697abbd5e04ea074d6805ee (commit) from 29e0faba1a0bf5884f1cef8490b8db833cb684d5 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 730e96c98b5432104f5394aabfc55a05bef39e0e Author: Stephan Feddersen Date: Tue Feb 16 22:45:07 2021 +0100 WIO - Patch PPPOE show right Icon =20 Signed-off-by: Michael Tremer commit c33d30d8f99bc06737739857c316b35ea87d759b Author: Matthias Fischer Date: Fri Feb 19 18:51:14 2021 +0100 krb5: Update to 1.19.1 =20 For details see: https://web.mit.edu/kerberos/krb5-1.19/README-1.19.1.txt =20 "This is a bug fix release. =20 * Fix a linking issue with Samba. =20 * Better support multiple pkinit_identities values by checking whether certificates can be loaded for each value. =20 krb5-1.19.1 changes by ticket ID -------------------------------- =20 8984 Load certs when checking pkinit_identities values 8985 Restore krb5_set_default_tgs_ktypes() 8987 Synchronize command-line option documentation" =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 4a22b1f4f59e44499997d5c218c11bcdb4d0d38c Author: Michael Tremer Date: Fri Feb 19 19:32:43 2021 +0000 core155: Ship bind =20 Signed-off-by: Michael Tremer commit 482634a1d3b55d9e4697abbd5e04ea074d6805ee Author: Matthias Fischer Date: Fri Feb 19 18:44:27 2021 +0100 bind: Update to 9.11.28 =20 For details see: https://downloads.isc.org/isc/bind9/9.11.28/RELEASE-NOTES-bind-9.11.28.ht= ml =20 "Notes for BIND 9.11.28 Security Fixes =20 When tkey-gssapi-keytab or tkey-gssapi-credential was configured, a specially crafted GSS-TSIG query could cause a buffer overflow in the ISC implementation of SPNEGO (a protocol enabling negotiation of the security mechanism to use for GSSAPI authentication). This flaw could be exploited to crash named. Theoretically, it also enabled remote code execution, but achieving the latter is very difficult in real-world conditions. (CVE-2020-8625) =20 This vulnerability was responsibly reported to us as ZDI-CAN-12302 by Trend Micro Zero Day Initiative. [GL #2354]" =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer ----------------------------------------------------------------------- Summary of changes: config/rootfiles/common/bind | 6 +-- .../{oldcore/100 =3D> core/155}/filelists/bind | 0 lfs/bind | 6 +-- lfs/krb5 | 6 +-- lfs/wio | 6 +-- src/wio/wio.cgi | 52 ++++++++++++--------= -- 6 files changed, 41 insertions(+), 35 deletions(-) copy config/rootfiles/{oldcore/100 =3D> core/155}/filelists/bind (100%) Difference in files: diff --git a/config/rootfiles/common/bind b/config/rootfiles/common/bind index d18332bf4..c3235bb8f 100644 --- a/config/rootfiles/common/bind +++ b/config/rootfiles/common/bind @@ -272,12 +272,12 @@ usr/lib/libbind9.so.161 usr/lib/libbind9.so.161.0.4 #usr/lib/libdns.la #usr/lib/libdns.so -usr/lib/libdns.so.1112 -usr/lib/libdns.so.1112.0.2 +usr/lib/libdns.so.1113 +usr/lib/libdns.so.1113.0.1 #usr/lib/libisc.la #usr/lib/libisc.so usr/lib/libisc.so.1107 -usr/lib/libisc.so.1107.0.4 +usr/lib/libisc.so.1107.0.5 #usr/lib/libisccc.la #usr/lib/libisccc.so usr/lib/libisccc.so.161 diff --git a/config/rootfiles/core/155/filelists/bind b/config/rootfiles/core= /155/filelists/bind new file mode 120000 index 000000000..48a0ebaef --- /dev/null +++ b/config/rootfiles/core/155/filelists/bind @@ -0,0 +1 @@ +../../../common/bind \ No newline at end of file diff --git a/lfs/bind b/lfs/bind index 0069fea59..3047ac83e 100644 --- a/lfs/bind +++ b/lfs/bind @@ -1,7 +1,7 @@ ############################################################################= ### # = # # IPFire.org - A linux based firewall = # -# Copyright (C) 2007-2020 IPFire Team = # +# Copyright (C) 2007-2021 IPFire Team = # # = # # This program is free software: you can redistribute it and/or modify = # # it under the terms of the GNU General Public License as published by = # @@ -25,7 +25,7 @@ =20 include Config =20 -VER =3D 9.11.26 +VER =3D 9.11.28 =20 THISAPP =3D bind-$(VER) DL_FILE =3D $(THISAPP).tar.gz @@ -43,7 +43,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 1e5fb81b0ef562d32a19e579c0183f1a +$(DL_FILE)_MD5 =3D 59aa4d7be438b2c8103811d18f318c82 =20 install : $(TARGET) =20 diff --git a/lfs/krb5 b/lfs/krb5 index c77e4fdfd..a972920e7 100644 --- a/lfs/krb5 +++ b/lfs/krb5 @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 1.19 +VER =3D 1.19.1 =20 THISAPP =3D krb5-$(VER) DL_FILE =3D $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM =3D $(URL_IPFIRE) DIR_APP =3D $(DIR_SRC)/$(THISAPP)/src TARGET =3D $(DIR_INFO)/$(THISAPP) PROG =3D krb5 -PAK_VER =3D 5 +PAK_VER =3D 6 =20 DEPS =3D =20 @@ -44,7 +44,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D aaf18447a5a014aa3b7e81814923f4c9 +$(DL_FILE)_MD5 =3D 81257292f8243f735654d4fd5d1fef6a =20 install : $(TARGET) =20 diff --git a/lfs/wio b/lfs/wio index b4222f1b5..b65d244d6 100644 --- a/lfs/wio +++ b/lfs/wio @@ -1,6 +1,6 @@ ############################################################################= ### -# IPFire.org - An Open Source Firewall Solution = # -# Copyright (C) 2007-2020 IPFire Team = # +# IPFire.org - An Open Source Firewall Solution = # +# Copyright (C) 2007-2021 IPFire Team = # ############################################################################= ### =20 ############################################################################= ### @@ -15,7 +15,7 @@ THISAPP =3D wio-$(VER) DIR_APP =3D $(DIR_SRC)/$(THISAPP) TARGET =3D $(DIR_INFO)/$(THISAPP) PROG =3D wio -PAK_VER =3D 11 +PAK_VER =3D 12 =20 ############################################################################= ### # Top-level Rules diff --git a/src/wio/wio.cgi b/src/wio/wio.cgi index d07332e5e..ac8fc1220 100644 --- a/src/wio/wio.cgi +++ b/src/wio/wio.cgi @@ -3,7 +3,7 @@ ############################################################################= ### # = # # IPFire.org - A linux based firewall = # -# Copyright (C) 2017-2020 Stephan Feddersen = # +# Copyright (C) 2017-2021 Stephan Feddersen = # # All Rights Reserved. = # # = # # This program is free software: you can redistribute it and/or modify = # @@ -21,7 +21,7 @@ # = # ############################################################################= ### # -# Version: 2020/08/04 21:12:23 +# Version: 2021/02/16 21:32:23 # # This wio.cgi is based on the code from the IPCop WIO Addon # and is extremly adapted to work with IPFire. @@ -1140,7 +1140,16 @@ print" 01 $redip - =3D'$Lang::tr{'internet'}' +"; + +if ( $netsettings{"RED_TYPE"} eq 'PPPOE' ) { + print"3D'$Lang::tr{'internet'}'"; +} +else { + print"3D'$Lang::tr{'wio_red_lan'}'"; +} + +print" ".$mainsettings{'= HOSTNAME'}.".".$mainsettings{'DOMAINNAME'}." ".( $redip ne '-' ?= (gethostbyaddr(pack("C4", split (/\./, $redip)), 2))[0] : '-' )." @@ -1154,7 +1163,6 @@ close (FILE); =20 foreach (@ddns) { chomp; - @temp =3D split (/\,/, $_); =20 if ( $temp[7] eq "on" ) { @@ -1336,7 +1344,7 @@ foreach $key (keys %ovpnconfighash) { if (-e "/var/run/$ovpnconfighash{$key}[1]n2n.pid") { my ( @output, @tustate ) =3D ''; my $tport =3D $ovpnconfighash{$key}[22]; - my $tnet =3D new Net::Telnet ( Timeout=3D>5, Errmode=3D>'return', Port= =3D>$tport); + my $tnet =3D new Net::Telnet (Timeout=3D>5, Errmode=3D>'return', Port=3D= >$tport); if ($tport ne '') { $tnet->open('127.0.0.1'); @output =3D $tnet->cmd(String =3D> 'state', Prompt =3D> '/(END.*\n|ERRO= R:.*\n)/'); @@ -1589,16 +1597,9 @@ my $dotip =3D length($ipaddresses[$a]) - rindex($ipadd= resses[$a],'.'); } =20 if ( $netsettings{"RED_TYPE"} eq 'PPPOE' ) { - my $redipadr =3D qx'ip addr | grep red0 | grep inet | awk "{print \$2}"'; - my @rednet =3D split ("/", $redipadr); - chomp ($rednet[1]); - my $red_netmask =3D General::iporsubtodec($rednet[1]); - my $red_netaddress =3D Network::get_netaddress("$rednet[0]/$red_netmask"); + print"3D'$Lang::tr{'internet'}'"; + last SWITCH; =20 - if ( &General::IpInSubnet($ipaddresses[$a], $red_netaddress, $red_netmask= ) ) { - print"3D'$Lang::tr{'internet'}'"; - last SWITCH; - } } else { print"3D'$Lang::tr{'wio_unknown_lan'}'"; @@ -1606,17 +1607,20 @@ my $dotip =3D length($ipaddresses[$a]) - rindex($ipad= dresses[$a],'.'); } } =20 -if ( $webinterface[$a] eq 'HTTP' ) { - print"$names[$a]"; -} -elsif ( $webinterface[$a] eq 'HTTPS' ) { - print"$names[$a]"; -} -else { - print"$names[$a]"; -} +print""; + + if ( $webinterface[$a] eq 'HTTP' ) { + print"$names[$a]"; + } + elsif ( $webinterface[$a] eq 'HTTPS' ) { + print"$names[$a]"; + } + else { + print $names[$a]; + } =20 print" + @@ -2054,6 +2058,8 @@ if ( $wiosettings{'LOGGING'} eq 'on' ) { print" + +
 
wio= -1.3.2-12
"; } hooks/post-receive -- IPFire 2.x development tree --===============9061388527011392144==--