* [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 7f8b75f8badcfb58710093a4d352cff6fec59b70
@ 2023-10-20 8:46 Michael Tremer
0 siblings, 0 replies; only message in thread
From: Michael Tremer @ 2023-10-20 8:46 UTC (permalink / raw)
To: ipfire-scm
[-- Attachment #1: Type: text/plain, Size: 33758 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via 7f8b75f8badcfb58710093a4d352cff6fec59b70 (commit)
via 447d0bf51ed17f16880fd5041b3a88dcdec8a648 (commit)
via bf85d30b58353bdbf3f375d01f72ca96d0cd030d (commit)
via 7a6cf8276d81a2df609a807586e0fb0f95d648c0 (commit)
via 5049433d91f564a768be95ae51f3ef0a2fa17c52 (commit)
via e1a68c27a091e1165aaa18ed47d763e81e8a8de4 (commit)
via 37678a4f824d7368f39531f39b10ed43abc92aa5 (commit)
via d03f03e24c1c84618aa9420b0cdc0ccff14f99e8 (commit)
via 3f18addedeaa0f917c9a164484dedfaaa2008a69 (commit)
from 6c829050c8c758e554e584ecf6de41596fad2a4b (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 7f8b75f8badcfb58710093a4d352cff6fec59b70
Author: Peter Müller <peter.mueller(a)ipfire.org>
Date: Fri Oct 13 09:04:00 2023 +0000
linux: Set default IOMMU handling to "strict" on 64-bit ARM
This has been our default setting on x86_64 for quite some time now,
which is why this patch aligns the aarch64 kernel configuration to that
value.
Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 447d0bf51ed17f16880fd5041b3a88dcdec8a648
Author: Peter Müller <peter.mueller(a)ipfire.org>
Date: Fri Oct 13 09:03:00 2023 +0000
linux: Disable io_uring
This subsystem has been a frequent source of security vulnerabilities
affecting the Linux kernel; as a result, Google announced on June 14,
2023, that they would disable it in their environment as widely as
possible.
IPFire does not depend on the availability of io_uring. Therefore,
disable this subsystem as well in order to preemptively cut attack
surface.
See also: https://security.googleblog.com/2023/06/learnings-from-kctf-vrps-42-linux.html
Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit bf85d30b58353bdbf3f375d01f72ca96d0cd030d
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Fri Oct 20 08:36:20 2023 +0200
suricata: Update to 6.0.15
Excerpt from changelog:
"6.0.15 -- 2023-10-18
Security #6363: mime: quadratic complexity in MimeDecAddEntity (6.0.x backport)
Bug #6407: email: disabled fields in suricata.yaml also get logged (6.0.x backport)
Bug #6403: detect: multi-level tunneling inspection fails (6.0.x backport)
Bug #6377: byte_jump with negative post_offset before start of buffer failure (6.0.x backport)
Task #6364: decode: add drop reason for stream reassembly memcap (6.0.x backport)"
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 7a6cf8276d81a2df609a807586e0fb0f95d648c0
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Fri Oct 20 08:43:07 2023 +0000
core181: Ship apache2
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 5049433d91f564a768be95ae51f3ef0a2fa17c52
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Thu Oct 19 20:52:32 2023 +0200
apache: Update to 2.4.58
For details see:
https://dlcdn.apache.org/httpd/CHANGES_2.4.58
Excerpt from changelog:
"Changes with Apache 2.4.58
*) SECURITY: CVE-2023-45802: Apache HTTP Server: HTTP/2 stream
memory not reclaimed right away on RST (cve.mitre.org)
When a HTTP/2 stream was reset (RST frame) by a client, there
was a time window were the request's memory resources were not
reclaimed immediately. Instead, de-allocation was deferred to
connection close. A client could send new requests and resets,
keeping the connection busy and open and causing the memory
footprint to keep on growing. On connection close, all resources
were reclaimed, but the process might run out of memory before
that.
This was found by the reporter during testing of CVE-2023-44487
(HTTP/2 Rapid Reset Exploit) with their own test client. During
"normal" HTTP/2 use, the probability to hit this bug is very
low. The kept memory would not become noticeable before the
connection closes or times out.
Users are recommended to upgrade to version 2.4.58, which fixes
the issue.
Credits: Will Dormann of Vul Labs
*) SECURITY: CVE-2023-43622: Apache HTTP Server: DoS in HTTP/2 with
initial windows size 0 (cve.mitre.org)
An attacker, opening a HTTP/2 connection with an initial window
size of 0, was able to block handling of that connection
indefinitely in Apache HTTP Server. This could be used to
exhaust worker resources in the server, similar to the well
known "slow loris" attack pattern.
This has been fixed in version 2.4.58, so that such connection
are terminated properly after the configured connection timeout.
This issue affects Apache HTTP Server: from 2.4.55 through
2.4.57.
Users are recommended to upgrade to version 2.4.58, which fixes
the issue.
Credits: Prof. Sven Dietrich (City University of New York)
*) SECURITY: CVE-2023-31122: mod_macro buffer over-read
(cve.mitre.org)
Out-of-bounds Read vulnerability in mod_macro of Apache HTTP
Server.This issue affects Apache HTTP Server: through 2.4.57.
Credits: David Shoon (github/davidshoon)"
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit e1a68c27a091e1165aaa18ed47d763e81e8a8de4
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Thu Oct 19 19:03:24 2023 +0200
samba: Update to 4.19.2
For details see:
v4.19.1. => https://www.samba.org/samba/history/samba-4.19.1.html
"
==============================
Release Notes for Samba 4.19.1
October 10, 2023
==============================
This is a security release in order to address the following defects:
o CVE-2023-3961: Unsanitized pipe names allow SMB clients to connect as root to
existing unix domain sockets on the file system.
https://www.samba.org/samba/security/CVE-2023-3961.html
o CVE-2023-4091: SMB client can truncate files to 0 bytes by opening files with
OVERWRITE disposition when using the acl_xattr Samba VFS
module with the smb.conf setting
"acl_xattr:ignore system acls = yes"
https://www.samba.org/samba/security/CVE-2023-4091.html
o CVE-2023-4154: An RODC and a user with the GET_CHANGES right can view all
attributes, including secrets and passwords. Additionally,
the access check fails open on error conditions.
https://www.samba.org/samba/security/CVE-2023-4154.html
o CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the
server block for a user-defined amount of time, denying
service.
https://www.samba.org/samba/security/CVE-2023-42669.html
o CVE-2023-42670: Samba can be made to start multiple incompatible RPC
listeners, disrupting service on the AD DC.
https://www.samba.org/samba/security/CVE-2023-42670.html"
v4.19.2 => https://www.samba.org/samba/history/samba-4.19.2.html
"Changes since 4.19.1
--------------------
o Jeremy Allison <jra(a)samba.org>
* BUG 15423: Use-after-free in aio_del_req_from_fsp during smbd shutdown
after failed IPC FSCTL_PIPE_TRANSCEIVE.
* BUG 15426: clidfs.c do_connect() missing a "return" after a cli_shutdown()
call.
o Ralph Boehme <slow(a)samba.org>
* BUG 15463: macOS mdfind returns only 50 results.
o Volker Lendecke <vl(a)samba.org>
* BUG 15481: GETREALFILENAME_CACHE can modify incoming new filename with
previous cache entry value.
o Stefan Metzmacher <metze(a)samba.org>
* BUG 15464: libnss_winbind causes memory corruption since samba-4.18,
impacts sendmail, zabbix, potentially more.
o Martin Schwenke <mschwenke(a)ddn.com>
* BUG 15479: ctdbd: setproctitle not initialized messages flooding logs.
o Joseph Sutton <josephsutton(a)catalyst.net.nz>
* BUG 15491: CVE-2023-5568 Heap buffer overflow with freshness tokens in the
Heimdal KDC in Samba 4.19
* BUG 15477: The heimdal KDC doesn't detect s4u2self correctly when fast is
in use."
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 37678a4f824d7368f39531f39b10ed43abc92aa5
Author: Adolf Belka <adolf.belka(a)ipfire.org>
Date: Mon Oct 16 13:50:58 2023 +0200
en.pl: Correction of typo
- This error means that a section in extrahd.cgi about the mount path being incorrect
does not get shown for users with english language selected.
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
Reviewed-by: bbitsch(a)ipfire.org
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit d03f03e24c1c84618aa9420b0cdc0ccff14f99e8
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Fri Oct 20 08:41:35 2023 +0000
core181: Ship backup.pl
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 3f18addedeaa0f917c9a164484dedfaaa2008a69
Author: Adolf Belka <adolf.belka(a)ipfire.org>
Date: Sun Oct 15 18:28:22 2023 +0200
backup.pl: Fix for bug#11048 - add script for adding pass/no pass to ovpnconfig from backup
- A script was added to the update.sh script to add pass/no pass to the ovpnconfig entries
but I forgot that this was also needed in the backup.pl file to add those statuses into
any ovpnconfig file restored from a backup before the pass/no pass entries were added.
- This patch corrects that oversight.
- Confirmed by testing on my vm. Before the script added to backup.pl a restore of older
ovpnconfig ended up not showing any icons or status elements. With the script in
backup.pl confirmed that the restored ovpnconfig showed up in the WUI page correctly
with the right icons and with the status elements correctly displayed.
Tested-by: Adolf Belka <adolf.belka(a)ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/backup/backup.pl | 24 ++++++++++++++++++++++
config/kernel/kernel.config.aarch64-ipfire | 7 +++----
config/kernel/kernel.config.x86_64-ipfire | 3 +--
.../{oldcore/114 => core/181}/filelists/apache2 | 0
config/rootfiles/core/181/filelists/files | 1 +
config/rootfiles/core/181/update.sh | 1 +
config/rootfiles/packages/x86_64/samba | 1 -
doc/language_issues.en | 4 ++--
doc/language_issues.es | 2 +-
doc/language_issues.fr | 2 +-
doc/language_issues.it | 2 +-
doc/language_issues.nl | 3 +--
doc/language_issues.pl | 2 +-
doc/language_issues.ru | 2 +-
doc/language_issues.tr | 2 +-
doc/language_missings | 16 +++++++--------
langs/en/cgi-bin/en.pl | 2 +-
lfs/apache2 | 4 ++--
lfs/samba | 6 +++---
lfs/suricata | 4 ++--
20 files changed, 54 insertions(+), 34 deletions(-)
copy config/rootfiles/{oldcore/114 => core/181}/filelists/apache2 (100%)
Difference in files:
diff --git a/config/backup/backup.pl b/config/backup/backup.pl
index 8d990c0f1..75a0e4f60 100644
--- a/config/backup/backup.pl
+++ b/config/backup/backup.pl
@@ -205,6 +205,30 @@ restore_backup() {
done
fi
+ #Update ovpnconfig to include pass or no-pass for old backup versions missing the entry
+ # Check if ovpnconfig exists and is not empty
+ if [ -s /var/ipfire/ovpn/ovpnconfig ]; then
+ # Add blank line at top of ovpnconfig otherwise the first roadwarrior entry is treated like a blank line and missed out from update
+ awk 'NR==1{print ""}1' /var/ipfire/ovpn/ovpnconfig > /var/ipfire/ovpn/tmp_file && mv /var/ipfire/ovpn/tmp_file /var/ipfire/ovpn/ovpnconfig
+ # Make all N2N connections 'no-pass' since they do not use encryption
+ awk '{FS=OFS=","} {if($5=="net") {$43="no-pass"; print $0}}' /var/ipfire/ovpn/ovpnconfig >> /var/ipfire/ovpn/ovpnconfig.new
+ # Evaluate roadwarrior connection names for *.p12 files
+ for y in $(awk -F',' '/host/ { print $3 }' /var/ipfire/ovpn/ovpnconfig); do
+ # Sort all unencrypted roadwarriors out and set 'no-pass' in [43] index
+ if [[ -n $(openssl pkcs12 -info -in /var/ipfire/ovpn/certs/${y}.p12 -noout -password pass:'' 2>&1 | grep 'Encrypted data') ]]; then
+ awk -v var="$y" '{FS=OFS=","} {if($3==var) {$43="no-pass"; print $0}}' /var/ipfire/ovpn/ovpnconfig >> /var/ipfire/ovpn/ovpnconfig.new
+ fi
+ # Sort all encrypted roadwarriors out and set 'pass' in [43] index
+ if [[ -n $(openssl pkcs12 -info -in /var/ipfire/ovpn/certs/${y}.p12 -noout -password pass:'' 2>&1 | grep 'verify error') ]]; then
+ awk -v var="$y" '{FS=OFS=","} {if($3==var) {$43="pass"; print $0}}' /var/ipfire/ovpn/ovpnconfig >> /var/ipfire/ovpn/ovpnconfig.new
+ fi
+ done
+ fi
+ # Replace existing ovpnconfig with updated index
+ mv /var/ipfire/ovpn/ovpnconfig.new /var/ipfire/ovpn/ovpnconfig
+ # Set correct ownership
+ chown nobody:nobody /var/ipfire/ovpn/ovpnconfig
+
return 0
}
diff --git a/config/kernel/kernel.config.aarch64-ipfire b/config/kernel/kernel.config.aarch64-ipfire
index c69c13e71..6dc9d7d42 100644
--- a/config/kernel/kernel.config.aarch64-ipfire
+++ b/config/kernel/kernel.config.aarch64-ipfire
@@ -229,7 +229,7 @@ CONFIG_TIMERFD=y
CONFIG_EVENTFD=y
CONFIG_SHMEM=y
CONFIG_AIO=y
-CONFIG_IO_URING=y
+# CONFIG_IO_URING is not set
CONFIG_ADVISE_SYSCALLS=y
CONFIG_MEMBARRIER=y
CONFIG_KALLSYMS=y
@@ -7187,9 +7187,9 @@ CONFIG_IOMMU_IO_PGTABLE_LPAE=y
# CONFIG_IOMMU_IO_PGTABLE_DART is not set
# end of Generic IOMMU Pagetable Support
-# CONFIG_IOMMU_DEFAULT_DMA_STRICT is not set
+CONFIG_IOMMU_DEFAULT_DMA_STRICT=y
# CONFIG_IOMMU_DEFAULT_DMA_LAZY is not set
-CONFIG_IOMMU_DEFAULT_PASSTHROUGH=y
+# CONFIG_IOMMU_DEFAULT_PASSTHROUGH is not set
CONFIG_OF_IOMMU=y
CONFIG_IOMMU_DMA=y
CONFIG_ROCKCHIP_IOMMU=y
@@ -7821,7 +7821,6 @@ CONFIG_NLS_MAC_TURKISH=m
CONFIG_NLS_UTF8=m
# CONFIG_DLM is not set
# CONFIG_UNICODE is not set
-CONFIG_IO_WQ=y
# end of File systems
#
diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel.config.x86_64-ipfire
index da8dcad00..3195b0c42 100644
--- a/config/kernel/kernel.config.x86_64-ipfire
+++ b/config/kernel/kernel.config.x86_64-ipfire
@@ -249,7 +249,7 @@ CONFIG_TIMERFD=y
CONFIG_EVENTFD=y
CONFIG_SHMEM=y
CONFIG_AIO=y
-CONFIG_IO_URING=y
+# CONFIG_IO_URING is not set
CONFIG_ADVISE_SYSCALLS=y
CONFIG_MEMBARRIER=y
CONFIG_KALLSYMS=y
@@ -7041,7 +7041,6 @@ CONFIG_DLM=m
# CONFIG_DLM_DEPRECATED_API is not set
# CONFIG_DLM_DEBUG is not set
# CONFIG_UNICODE is not set
-CONFIG_IO_WQ=y
# end of File systems
#
diff --git a/config/rootfiles/core/181/filelists/apache2 b/config/rootfiles/core/181/filelists/apache2
new file mode 120000
index 000000000..eef95efa7
--- /dev/null
+++ b/config/rootfiles/core/181/filelists/apache2
@@ -0,0 +1 @@
+../../../common/apache2
\ No newline at end of file
diff --git a/config/rootfiles/core/181/filelists/files b/config/rootfiles/core/181/filelists/files
index 4e8d58659..4bed8098d 100644
--- a/config/rootfiles/core/181/filelists/files
+++ b/config/rootfiles/core/181/filelists/files
@@ -3,3 +3,4 @@ srv/web/ipfire/cgi-bin/ovpnmain.cgi
srv/web/ipfire/cgi-bin/urlfilter.cgi
srv/web/ipfire/html/images/openvpn_encrypted.png
usr/local/bin/urlfilterctrl
+var/ipfire/backup/bin/backup.pl
diff --git a/config/rootfiles/core/181/update.sh b/config/rootfiles/core/181/update.sh
index 59cfa650d..ee7cc92bc 100644
--- a/config/rootfiles/core/181/update.sh
+++ b/config/rootfiles/core/181/update.sh
@@ -102,6 +102,7 @@ ldconfig
# Start services
telinit u
/etc/init.d/udev restart
+/etc/init.d/apache restart
# Rebuild initial ramdisks
dracut --regenerate-all --force
diff --git a/config/rootfiles/packages/x86_64/samba b/config/rootfiles/packages/x86_64/samba
index 4e5cee3a8..7a44b9cdb 100644
--- a/config/rootfiles/packages/x86_64/samba
+++ b/config/rootfiles/packages/x86_64/samba
@@ -923,7 +923,6 @@ usr/libexec/samba/rpcd_epmapper
usr/libexec/samba/rpcd_fsrvp
usr/libexec/samba/rpcd_lsad
usr/libexec/samba/rpcd_mdssvc
-usr/libexec/samba/rpcd_rpcecho
usr/libexec/samba/rpcd_spoolss
usr/libexec/samba/rpcd_winreg
usr/libexec/samba/samba-bgqd
diff --git a/doc/language_issues.en b/doc/language_issues.en
index 70eb9fbe8..c9d1117ef 100644
--- a/doc/language_issues.en
+++ b/doc/language_issues.en
@@ -617,7 +617,7 @@ WARNING: untranslated string: disk access = Disk Access
WARNING: untranslated string: disk usage = Disk usage
WARNING: untranslated string: display = Display
WARNING: untranslated string: display hostname in window title = Display hostname in window title
-WARNING: untranslated string: dl client arch = Download Client Package (zip)
+WARNING: untranslated string: dl client arch = Download Encrypted Client Package (zip)
WARNING: untranslated string: dl client arch insecure = Download insecure Client Package (zip)
WARNING: untranslated string: dmz = DMZ
WARNING: untranslated string: dnat address = Firewall Interface
@@ -752,7 +752,7 @@ WARNING: untranslated string: exclude logfiles = Exclude logfiles
WARNING: untranslated string: expires = Expires
WARNING: untranslated string: export = Export
WARNING: untranslated string: external aliases configuration = External aliases configuration
-WARNING: untranslated string: extrahd because it is outside the allowed mount path = unknown string
+WARNING: untranslated string: extrahd because it is outside the allowed mount path = , because it is outside the allowed mount path
WARNING: untranslated string: extrahd because there is already a device mounted = , because there is already a device mounted
WARNING: untranslated string: extrahd cant umount = Can't umount
WARNING: untranslated string: extrahd detected drives = detected drives
diff --git a/doc/language_issues.es b/doc/language_issues.es
index 45ffdf5d7..8bb0b56fb 100644
--- a/doc/language_issues.es
+++ b/doc/language_issues.es
@@ -952,7 +952,7 @@ WARNING: untranslated string: downfall gather data sampling = Downfall/Gather Da
WARNING: untranslated string: enable disable client = unknown string
WARNING: untranslated string: enable disable dyndns = unknown string
WARNING: untranslated string: error message = unknown string
-WARNING: untranslated string: extrahd because it is outside the allowed mount path = unknown string
+WARNING: untranslated string: extrahd because it is outside the allowed mount path = , because it is outside the allowed mount path
WARNING: untranslated string: extrahd mounted = Mounted
WARNING: untranslated string: extrahd no mount point given = No mount point given
WARNING: untranslated string: extrahd not configured = Not configured
diff --git a/doc/language_issues.fr b/doc/language_issues.fr
index cacfb1ec6..6805c1eb9 100644
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -911,7 +911,7 @@ WARNING: untranslated string: downfall gather data sampling = Downfall/Gather Da
WARNING: untranslated string: enable disable client = unknown string
WARNING: untranslated string: enable disable dyndns = unknown string
WARNING: untranslated string: error message = unknown string
-WARNING: untranslated string: extrahd because it is outside the allowed mount path = unknown string
+WARNING: untranslated string: extrahd because it is outside the allowed mount path = , because it is outside the allowed mount path
WARNING: untranslated string: extrahd mounted = Mounted
WARNING: untranslated string: extrahd no mount point given = No mount point given
WARNING: untranslated string: extrahd not configured = Not configured
diff --git a/doc/language_issues.it b/doc/language_issues.it
index 68ff12c86..bb1d5db96 100644
--- a/doc/language_issues.it
+++ b/doc/language_issues.it
@@ -1004,7 +1004,7 @@ WARNING: untranslated string: eol architecture warning = You are running an arch
WARNING: untranslated string: error = Error
WARNING: untranslated string: error message = unknown string
WARNING: untranslated string: error the to date has to be later than the from date = The to date has to be later than the from date!
-WARNING: untranslated string: extrahd because it is outside the allowed mount path = unknown string
+WARNING: untranslated string: extrahd because it is outside the allowed mount path = , because it is outside the allowed mount path
WARNING: untranslated string: extrahd mounted = Mounted
WARNING: untranslated string: extrahd no mount point given = No mount point given
WARNING: untranslated string: extrahd not configured = Not configured
diff --git a/doc/language_issues.nl b/doc/language_issues.nl
index ea0abc74c..b85619977 100644
--- a/doc/language_issues.nl
+++ b/doc/language_issues.nl
@@ -953,7 +953,6 @@ WARNING: untranslated string: dhcp fixed ip address in dynamic range = Fixed IP
WARNING: untranslated string: dhcp make fixed lease = Add to fix leases
WARNING: untranslated string: disable = Disable
WARNING: untranslated string: disconnected = Disconnected
-WARNING: untranslated string: dl client arch insecure = Download insecure Client Package (zip)
WARNING: untranslated string: dns check servers = Check DNS Servers
WARNING: untranslated string: dns configuration = DNS Configuration
WARNING: untranslated string: dns enable safe-search = Enable Safe Search
@@ -1010,7 +1009,7 @@ WARNING: untranslated string: eol architecture warning = You are running an arch
WARNING: untranslated string: error = Error
WARNING: untranslated string: error message = unknown string
WARNING: untranslated string: error the to date has to be later than the from date = The to date has to be later than the from date!
-WARNING: untranslated string: extrahd because it is outside the allowed mount path = unknown string
+WARNING: untranslated string: extrahd because it is outside the allowed mount path = , because it is outside the allowed mount path
WARNING: untranslated string: extrahd mounted = Mounted
WARNING: untranslated string: extrahd no mount point given = No mount point given
WARNING: untranslated string: extrahd not configured = Not configured
diff --git a/doc/language_issues.pl b/doc/language_issues.pl
index 893f73211..d88e3fb8e 100644
--- a/doc/language_issues.pl
+++ b/doc/language_issues.pl
@@ -997,7 +997,7 @@ WARNING: untranslated string: eol architecture warning = You are running an arch
WARNING: untranslated string: error = Error
WARNING: untranslated string: error message = unknown string
WARNING: untranslated string: error the to date has to be later than the from date = The to date has to be later than the from date!
-WARNING: untranslated string: extrahd because it is outside the allowed mount path = unknown string
+WARNING: untranslated string: extrahd because it is outside the allowed mount path = , because it is outside the allowed mount path
WARNING: untranslated string: extrahd because there is already a device mounted = , because there is already a device mounted
WARNING: untranslated string: extrahd cant umount = Can't umount
WARNING: untranslated string: extrahd install or load driver = If your device isn't listed here, you need to install or load the driver.<br />If you can see your device but no partitions you have to create them first.
diff --git a/doc/language_issues.ru b/doc/language_issues.ru
index 64c9b5095..22e06460c 100644
--- a/doc/language_issues.ru
+++ b/doc/language_issues.ru
@@ -994,7 +994,7 @@ WARNING: untranslated string: eol architecture warning = You are running an arch
WARNING: untranslated string: error = Error
WARNING: untranslated string: error message = unknown string
WARNING: untranslated string: error the to date has to be later than the from date = The to date has to be later than the from date!
-WARNING: untranslated string: extrahd because it is outside the allowed mount path = unknown string
+WARNING: untranslated string: extrahd because it is outside the allowed mount path = , because it is outside the allowed mount path
WARNING: untranslated string: extrahd because there is already a device mounted = , because there is already a device mounted
WARNING: untranslated string: extrahd cant umount = Can't umount
WARNING: untranslated string: extrahd install or load driver = If your device isn't listed here, you need to install or load the driver.<br />If you can see your device but no partitions you have to create them first.
diff --git a/doc/language_issues.tr b/doc/language_issues.tr
index eadbd33c7..0d9514083 100644
--- a/doc/language_issues.tr
+++ b/doc/language_issues.tr
@@ -967,7 +967,7 @@ WARNING: untranslated string: eol architecture warning = You are running an arch
WARNING: untranslated string: error = Error
WARNING: untranslated string: error message = unknown string
WARNING: untranslated string: error the to date has to be later than the from date = The to date has to be later than the from date!
-WARNING: untranslated string: extrahd because it is outside the allowed mount path = unknown string
+WARNING: untranslated string: extrahd because it is outside the allowed mount path = , because it is outside the allowed mount path
WARNING: untranslated string: extrahd mounted = Mounted
WARNING: untranslated string: extrahd no mount point given = No mount point given
WARNING: untranslated string: extrahd not configured = Not configured
diff --git a/doc/language_missings b/doc/language_missings
index 6eb960f62..4d8f4a2a9 100644
--- a/doc/language_missings
+++ b/doc/language_missings
@@ -55,7 +55,6 @@
< download apple profile
< enable
< error the to date has to be later than the from date
-< extrahd because it it outside the allowed mount path
< g.dtm
< g.lite
< ids automatic rules update
@@ -108,7 +107,7 @@
< dhcp fixed ip address in dynamic range
< dns servers
< downfall gather data sampling
-< extrahd because it it outside the allowed mount path
+< extrahd because it is outside the allowed mount path
< extrahd mounted
< extrahd no mount point given
< extrahd not configured
@@ -131,7 +130,7 @@
< bewan adsl pci st
< bewan adsl usb
< downfall gather data sampling
-< extrahd because it it outside the allowed mount path
+< extrahd because it is outside the allowed mount path
< extrahd mounted
< extrahd no mount point given
< extrahd not configured
@@ -327,7 +326,7 @@
< eol architecture warning
< error
< error the to date has to be later than the from date
-< extrahd because it it outside the allowed mount path
+< extrahd because it is outside the allowed mount path
< extrahd mounted
< extrahd no mount point given
< extrahd not configured
@@ -785,7 +784,6 @@
< disable
< Disabled
< disconnected
-< dl client arch insecure
< dns check servers
< dns configuration
< dns could not add server
@@ -847,7 +845,7 @@
< eol architecture warning
< error
< error the to date has to be later than the from date
-< extrahd because it it outside the allowed mount path
+< extrahd because it is outside the allowed mount path
< extrahd mounted
< extrahd no mount point given
< extrahd not configured
@@ -1474,7 +1472,7 @@
< eol architecture warning
< error
< error the to date has to be later than the from date
-< extrahd because it it outside the allowed mount path
+< extrahd because it is outside the allowed mount path
< extrahd because there is already a device mounted
< extrahd cant umount
< extrahd install or load driver
@@ -2464,7 +2462,7 @@
< eol architecture warning
< error
< error the to date has to be later than the from date
-< extrahd because it it outside the allowed mount path
+< extrahd because it is outside the allowed mount path
< extrahd because there is already a device mounted
< extrahd cant umount
< extrahd install or load driver
@@ -3269,7 +3267,7 @@
< eol architecture warning
< error
< error the to date has to be later than the from date
-< extrahd because it it outside the allowed mount path
+< extrahd because it is outside the allowed mount path
< extrahd mounted
< extrahd no mount point given
< extrahd not configured
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index 7bbf7cd32..02cf1bf4b 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -1073,7 +1073,7 @@
'external access rule removed' => ' External access rule removed; restarting access controller',
'external aliases configuration' => 'External aliases configuration',
'extrahd' => 'ExtraHD',
-'extrahd because it it outside the allowed mount path' => ', because it is outside the allowed mount path',
+'extrahd because it is outside the allowed mount path' => ', because it is outside the allowed mount path',
'extrahd because there is already a device mounted' => ', because there is already a device mounted',
'extrahd cant umount' => 'Can\'t umount',
'extrahd detected drives' => 'detected drives',
diff --git a/lfs/apache2 b/lfs/apache2
index 80462969b..9a0ad38a9 100644
--- a/lfs/apache2
+++ b/lfs/apache2
@@ -25,7 +25,7 @@
include Config
-VER = 2.4.57
+VER = 2.4.58
THISAPP = httpd-$(VER)
DL_FILE = $(THISAPP).tar.bz2
@@ -45,7 +45,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = b33b51a741acd308ef4d4bdd2444d43eca9db68676fa67ec907eeea7384554f3f9a5608fc43dcf5819498264bbe36f176f30be9809474307642b70720036b88c
+$(DL_FILE)_BLAKE2 = 2105b8fada99f1dda55201ed89ed5326f0edb078d352cbff44f02cde80d129b65b63e07366a9a744ba474be5687fa8d3d2d8ddc64ac914b47166607f3f4a9de2
install : $(TARGET)
diff --git a/lfs/samba b/lfs/samba
index 77bb569cd..2f2184ecc 100644
--- a/lfs/samba
+++ b/lfs/samba
@@ -24,7 +24,7 @@
include Config
-VER = 4.19.0
+VER = 4.19.2
SUMMARY = A SMB/CIFS File, Print, and Authentication Server
THISAPP = samba-$(VER)
@@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = samba
-PAK_VER = 96
+PAK_VER = 97
DEPS = avahi cups perl-Parse-Yapp perl-JSON
@@ -47,7 +47,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 4e0db41d7d06e195cee994c5ec02a37892c1a7dd99ea9defb845fe2fbf96446846c469007218b6b0d6077c0886f0d08b2a4376acba1ed455b641daacd9018f12
+$(DL_FILE)_BLAKE2 = cb3747f1be6e712c6e68f3720e68aee7db2e4dcc48a9210d002337d6690ed8b027919f333dc4a7c1e74b716ebceeff1d8071463899513edfe51da967d71d8148
install : $(TARGET)
diff --git a/lfs/suricata b/lfs/suricata
index 5e16d1ac0..2e71ba49d 100644
--- a/lfs/suricata
+++ b/lfs/suricata
@@ -24,7 +24,7 @@
include Config
-VER = 6.0.14
+VER = 6.0.15
THISAPP = suricata-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 7e14f16f04bdd632d26f4249c328ea918cc4edf96cc07be6a92722d4457353a36662e0041fd2b9669a104deaa010a093cb8195eb2604ed8145ab38f93a8b7124
+$(DL_FILE)_BLAKE2 = cf5c2d5760e52f0b4eb0276feb89e056d74ef5478e3158a047fbdec14022aa6e0ba986b7ee9f9ec49e2ebb3f206c7d71ad8ce8dc4eb9a6b48b4ba38c96c2f1c6
install : $(TARGET)
hooks/post-receive
--
IPFire 2.x development tree
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2023-10-20 8:46 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-10-20 8:46 [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 7f8b75f8badcfb58710093a4d352cff6fec59b70 Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox