From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <git@ipfire.org>
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, master, updated.
 9f42266a5957dd9da1f6eb68a8602429a3e993da
Date: Fri, 13 May 2022 09:24:04 +0000
Message-ID: <4L039w6xzbz2xjs@people01.haj.ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============6603082231521980034=="
List-Id: <ipfire-scm.lists.ipfire.org>

--===============6603082231521980034==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, master has been updated
       via  9f42266a5957dd9da1f6eb68a8602429a3e993da (commit)
       via  8615d42ce7d77016aed51ea0528119f38e589e5d (commit)
       via  27d1dc083ecc49cd11f57b975f8daf599eb436f4 (commit)
       via  b074ebd6ad688124d5dfdcc2ed614040553afd7e (commit)
       via  1ad192722a9ecd0b0f0afc008da020b9534e57d6 (commit)
       via  675849974918df21c717c26bf6e974fa2f9d7f67 (commit)
      from  91f1aaaa869df6fe9a04d3aefb36f021e9945ad7 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 9f42266a5957dd9da1f6eb68a8602429a3e993da
Author: Peter M=C3=BCller <peter.mueller(a)ipfire.org>
Date:   Fri May 13 09:22:35 2022 +0000

    strongswan: Update rootfile
   =20
    Signed-off-by: Peter M=C3=BCller <peter.mueller(a)ipfire.org>

commit 8615d42ce7d77016aed51ea0528119f38e589e5d
Author: Stefan Schantl <stefan.schantl(a)ipfire.org>
Date:   Fri May 13 06:30:57 2022 +0200

    expat: Fix rootfile.
   =20
    The libexpat.so.1 file is just a symlink to libexpat.so.1.8.8 which
    contains all the functions and symbols required by the binaries, linked
    against it. Therefore this file needs to be present on the systems.
   =20
    Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
    Reviewed-by: Peter M=C3=BCller <peter.mueller(a)ipfire.org>

commit 27d1dc083ecc49cd11f57b975f8daf599eb436f4
Author: Peter M=C3=BCller <peter.mueller(a)ipfire.org>
Date:   Thu May 12 18:06:59 2022 +0000

    Core Update 168: Ship and restart strongSwan
   =20
    Signed-off-by: Peter M=C3=BCller <peter.mueller(a)ipfire.org>

commit b074ebd6ad688124d5dfdcc2ed614040553afd7e
Author: Peter M=C3=BCller <peter.mueller(a)ipfire.org>
Date:   Thu May 12 18:04:52 2022 +0000

    strongSwan: Update to 5.9.6
   =20
    See: https://github.com/strongswan/strongswan/releases/tag/5.9.6
   =20
    Since this addresses security issues, and also with regards to reports
    such as https://community.ipfire.org/t/core-update-167-ipsec-issue/7893,
    I take the liberty to push this straight into Core Update 168.
   =20
    Signed-off-by: Peter M=C3=BCller <peter.mueller(a)ipfire.org>

commit 1ad192722a9ecd0b0f0afc008da020b9534e57d6
Author: Peter M=C3=BCller <peter.mueller(a)ipfire.org>
Date:   Thu May 12 17:53:50 2022 +0000

    intel-microcode: Update to 20220510
   =20
    Please refer to https://github.com/intel/Intel-Linux-Processor-Microcode-=
Data-Files/releases/tag/microcode-20220510
    for further details.
   =20
    Signed-off-by: Peter M=C3=BCller <peter.mueller(a)ipfire.org>

commit 675849974918df21c717c26bf6e974fa2f9d7f67
Author: Peter M=C3=BCller <peter.mueller(a)ipfire.org>
Date:   Thu May 12 17:27:34 2022 +0000

    Core Update 168: Ship core-files
   =20
    https://community.ipfire.org/t/core-168-testing-working/7901/7
   =20
    Signed-off-by: Peter M=C3=BCller <peter.mueller(a)ipfire.org>

-----------------------------------------------------------------------

Summary of changes:
 config/rootfiles/common/expat                                   | 2 +-
 config/rootfiles/common/strongswan                              | 3 +++
 config/rootfiles/core/168/{ =3D> filelists}/core-files            | 0
 config/rootfiles/{oldcore/106 =3D> core/168}/filelists/strongswan | 0
 config/rootfiles/core/168/update.sh                             | 4 ++++
 lfs/intel-microcode                                             | 4 ++--
 lfs/strongswan                                                  | 4 ++--
 7 files changed, 12 insertions(+), 5 deletions(-)
 copy config/rootfiles/core/168/{ =3D> filelists}/core-files (100%)
 copy config/rootfiles/{oldcore/106 =3D> core/168}/filelists/strongswan (100%)

Difference in files:
diff --git a/config/rootfiles/common/expat b/config/rootfiles/common/expat
index 3911aa90b..69b3fbfe6 100644
--- a/config/rootfiles/common/expat
+++ b/config/rootfiles/common/expat
@@ -10,7 +10,7 @@
 #usr/lib/libexpat.la
 #usr/lib/libexpat.so
 usr/lib/libexpat.so.1
-#usr/lib/libexpat.so.1.8.8
+usr/lib/libexpat.so.1.8.8
 #usr/lib/pkgconfig/expat.pc
 #usr/share/doc/expat
 #usr/share/doc/expat-2.4.8
diff --git a/config/rootfiles/common/strongswan b/config/rootfiles/common/str=
ongswan
index ff363f08c..e9d84808a 100644
--- a/config/rootfiles/common/strongswan
+++ b/config/rootfiles/common/strongswan
@@ -40,6 +40,7 @@ etc/strongswan.d/charon/gcm.conf
 etc/strongswan.d/charon/gcrypt.conf
 etc/strongswan.d/charon/gmp.conf
 etc/strongswan.d/charon/hmac.conf
+etc/strongswan.d/charon/kdf.conf
 etc/strongswan.d/charon/kernel-netlink.conf
 etc/strongswan.d/charon/md5.conf
 etc/strongswan.d/charon/mgf1.conf
@@ -137,6 +138,7 @@ usr/lib/ipsec/plugins/libstrongswan-gcm.so
 usr/lib/ipsec/plugins/libstrongswan-gcrypt.so
 usr/lib/ipsec/plugins/libstrongswan-gmp.so
 usr/lib/ipsec/plugins/libstrongswan-hmac.so
+usr/lib/ipsec/plugins/libstrongswan-kdf.so
 usr/lib/ipsec/plugins/libstrongswan-kernel-netlink.so
 usr/lib/ipsec/plugins/libstrongswan-md5.so
 usr/lib/ipsec/plugins/libstrongswan-mgf1.so
@@ -225,6 +227,7 @@ usr/sbin/swanctl
 #usr/share/strongswan/templates/config/plugins/gcrypt.conf
 #usr/share/strongswan/templates/config/plugins/gmp.conf
 #usr/share/strongswan/templates/config/plugins/hmac.conf
+#usr/share/strongswan/templates/config/plugins/kdf.conf
 #usr/share/strongswan/templates/config/plugins/kernel-netlink.conf
 #usr/share/strongswan/templates/config/plugins/md5.conf
 #usr/share/strongswan/templates/config/plugins/mgf1.conf
diff --git a/config/rootfiles/core/168/filelists/core-files b/config/rootfile=
s/core/168/filelists/core-files
new file mode 100644
index 000000000..0dec37e53
--- /dev/null
+++ b/config/rootfiles/core/168/filelists/core-files
@@ -0,0 +1,5 @@
+etc/system-release
+etc/issue
+etc/os-release
+srv/web/ipfire/cgi-bin/credits.cgi
+var/ipfire/langs
diff --git a/config/rootfiles/core/168/filelists/strongswan b/config/rootfile=
s/core/168/filelists/strongswan
new file mode 120000
index 000000000..90c727e26
--- /dev/null
+++ b/config/rootfiles/core/168/filelists/strongswan
@@ -0,0 +1 @@
+../../../common/strongswan
\ No newline at end of file
diff --git a/config/rootfiles/core/168/update.sh b/config/rootfiles/core/168/=
update.sh
index d21f648dd..e11e08b7f 100644
--- a/config/rootfiles/core/168/update.sh
+++ b/config/rootfiles/core/168/update.sh
@@ -32,6 +32,7 @@ for (( i=3D1; i<=3D$core; i++ )); do
 done
=20
 # Stop services
+/etc/init.d/ipsec stop
 /etc/init.d/squid stop
 /usr/local/bin/openvpnctrl -k
 /usr/local/bin/openvpnctrl -kn2n
@@ -128,6 +129,9 @@ esac
 /usr/local/bin/openvpnctrl -s
 /usr/local/bin/openvpnctrl -sn2n
 /etc/init.d/suricata start
+if grep -q "ENABLED=3Don" /var/ipfire/vpn/settings; then
+       /etc/init.d/ipsec start
+fi
=20
 # This update needs a reboot...
 touch /var/run/need_reboot
diff --git a/lfs/intel-microcode b/lfs/intel-microcode
index 73ccb4623..34dfe901e 100644
--- a/lfs/intel-microcode
+++ b/lfs/intel-microcode
@@ -24,7 +24,7 @@
=20
 include Config
=20
-VER        =3D 20220419
+VER        =3D 20220510
=20
 THISAPP    =3D Intel-Linux-Processor-Microcode-Data-Files-microcode-$(VER)
 DL_FILE    =3D $(THISAPP).tar.gz
@@ -41,7 +41,7 @@ objects =3D $(DL_FILE)
=20
 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE)
=20
-$(DL_FILE)_BLAKE2 =3D 69d296efad5329324a47640eace5d1a10e38b85cb8b7ac5baa9f14=
c40391ff809ae17cb7814f99f2e43910fe4c4b02dc77ffea7bb5f2b58069b2c17029e9f76a
+$(DL_FILE)_BLAKE2 =3D 5f8c238b00970ddda132dbcf9059df759bb768e1eb2fe0b9912ffe=
69cf9a6104b32ea816e7574660ea74e3d08af1aa45cc46b5f38d0b315e6e466d8ca466f37d
=20
 install : $(TARGET)
=20
diff --git a/lfs/strongswan b/lfs/strongswan
index ae1be29f4..a32c103d7 100644
--- a/lfs/strongswan
+++ b/lfs/strongswan
@@ -24,7 +24,7 @@
=20
 include Config
=20
-VER        =3D 5.9.5
+VER        =3D 5.9.6
=20
 THISAPP    =3D strongswan-$(VER)
 DL_FILE    =3D $(THISAPP).tar.bz2
@@ -40,7 +40,7 @@ objects =3D $(DL_FILE)
=20
 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE)
=20
-$(DL_FILE)_BLAKE2 =3D 8b3adc44d5f5eb3824845ce9eda75e7b75f0f7394fbe84f827f4a8=
177e5299ca7170103ee6cd76e1e18aef85d7f124a43a505ceaf41ec4ed575eb214ebb6af21
+$(DL_FILE)_BLAKE2 =3D 4021a10611e66f9e2e4e432bdfb9de0f94d27ba1be1b7d4e4b8bf3=
cd797c123658993e60eb3d49c424b479558e9581bb069a345a70f55850d1faf5abaa401246
=20
 install : $(TARGET)
=20


hooks/post-receive
--
IPFire 2.x development tree

--===============6603082231521980034==--