[git.ipfire.org] IPFire 2.x development tree branch, next, updated. 71cea32cd8ab84d174f1913a04b4751c8eacd69e

public inbox for ipfire-scm@lists.ipfire.org
 help / color / mirror / Atom feed

* [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 71cea32cd8ab84d174f1913a04b4751c8eacd69e
@ 2024-10-07  9:16 Michael Tremer
  0 siblings, 0 replies; only message in thread
From: Michael Tremer @ 2024-10-07  9:16 UTC (permalink / raw)
  To: ipfire-scm

[-- Attachment #1: Type: text/plain, Size: 6671 bytes --]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, next has been updated
       via  71cea32cd8ab84d174f1913a04b4751c8eacd69e (commit)
       via  388802662fea877c22fc57c95084c60bc40c402e (commit)
       via  d867ea26850725c9c230973eb12fdda44f8ffe23 (commit)
       via  d455578342ce1b54eeac30c6adf9f8531406e5d3 (commit)
       via  74f5f41372571c29b80db217a3d852ef0e613c6f (commit)
       via  b38609d64d0ea20f510d6a692d7114d9d331bd77 (commit)
      from  0e49a87ff0218385d2998664367c861dbc52638b (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 71cea32cd8ab84d174f1913a04b4751c8eacd69e
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Mon Oct 7 09:15:40 2024 +0000

    core190: Ship Unbound again
    
    This was a late addition to c189
    
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

commit 388802662fea877c22fc57c95084c60bc40c402e
Merge: d867ea2685 74f5f41372
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Mon Oct 7 09:15:04 2024 +0000

    Merge branch 'master' into next

commit d867ea26850725c9c230973eb12fdda44f8ffe23
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Mon Oct 7 09:14:37 2024 +0000

    core190: Ship rules.pl
    
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

commit d455578342ce1b54eeac30c6adf9f8531406e5d3
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Mon Oct 7 09:13:12 2024 +0000

    firewall: Flush SYN_FLOOD_PROTECTION
    
    This chain was not flushed when the firewall was being reloaded which
    made any ports appear as open when rules have been disabled or deleted.
    
    This has no security implications, but nevertheless isn't right.
    
    Reported-by: Adolf Belka <adolf.belka(a)ipfire.org>
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

-----------------------------------------------------------------------

Summary of changes:
 config/firewall/rules.pl                                     | 1 +
 config/rootfiles/common/unbound                              | 2 +-
 config/rootfiles/core/190/filelists/files                    | 1 +
 config/rootfiles/{oldcore/106 => core/190}/filelists/unbound | 0
 config/rootfiles/core/190/update.sh                          | 1 +
 config/rootfiles/oldcore/{106 => 189}/filelists/unbound      | 0
 config/rootfiles/oldcore/189/update.sh                       | 1 +
 lfs/unbound                                                  | 4 ++--
 8 files changed, 7 insertions(+), 3 deletions(-)
 copy config/rootfiles/{oldcore/106 => core/190}/filelists/unbound (100%)
 copy config/rootfiles/oldcore/{106 => 189}/filelists/unbound (100%)

Difference in files:
diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index e38f77242..c414f172c 100644
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -221,6 +221,7 @@ sub flush {
 	run("$IPTABLES -t nat -F $CHAIN_NAT_SOURCE");
 	run("$IPTABLES -t nat -F $CHAIN_NAT_DESTINATION");
 	run("$IPTABLES -t mangle -F $CHAIN_MANGLE_NAT_DESTINATION_FIX");
+	run("$IPTABLES -t raw -F SYN_FLOOD_PROTECT");
 }
 
 sub buildrules {
diff --git a/config/rootfiles/common/unbound b/config/rootfiles/common/unbound
index 03e382d2e..1da88aa9d 100644
--- a/config/rootfiles/common/unbound
+++ b/config/rootfiles/common/unbound
@@ -11,7 +11,7 @@ etc/unbound/unbound.conf
 #usr/lib/libunbound.la
 #usr/lib/libunbound.so
 usr/lib/libunbound.so.8
-usr/lib/libunbound.so.8.1.28
+usr/lib/libunbound.so.8.1.29
 #usr/lib/pkgconfig/libunbound.pc
 usr/sbin/unbound
 usr/sbin/unbound-anchor
diff --git a/config/rootfiles/core/190/filelists/files b/config/rootfiles/core/190/filelists/files
index 0d9f889c1..2ee32fa74 100644
--- a/config/rootfiles/core/190/filelists/files
+++ b/config/rootfiles/core/190/filelists/files
@@ -13,6 +13,7 @@ srv/web/ipfire/cgi-bin/logs.cgi/log.dat
 srv/web/ipfire/cgi-bin/ovpnmain.cgi
 srv/web/ipfire/cgi-bin/vpnmain.cgi
 usr/bin/suricata-watcher
+usr/lib/firewall/rules.pl
 usr/lib/perl5/5.36.0/xxxMACHINExxx-linux-thread-multi/Compress/Raw/Zlib.pm
 var/ipfire/backup/include
 var/ipfire/graphs.pl
diff --git a/config/rootfiles/core/190/filelists/unbound b/config/rootfiles/core/190/filelists/unbound
new file mode 120000
index 000000000..66adf0924
--- /dev/null
+++ b/config/rootfiles/core/190/filelists/unbound
@@ -0,0 +1 @@
+../../../common/unbound
\ No newline at end of file
diff --git a/config/rootfiles/core/190/update.sh b/config/rootfiles/core/190/update.sh
index ba7816216..ba24bc41e 100644
--- a/config/rootfiles/core/190/update.sh
+++ b/config/rootfiles/core/190/update.sh
@@ -62,6 +62,7 @@ fi
 /etc/init.d/sshd restart
 /etc/init.d/squid restart
 /etc/init.d/suricata start
+/etc/init.d/unbound restart
 
 # This update needs a reboot...
 touch /var/run/need_reboot
diff --git a/config/rootfiles/oldcore/189/filelists/unbound b/config/rootfiles/oldcore/189/filelists/unbound
new file mode 120000
index 000000000..66adf0924
--- /dev/null
+++ b/config/rootfiles/oldcore/189/filelists/unbound
@@ -0,0 +1 @@
+../../../common/unbound
\ No newline at end of file
diff --git a/config/rootfiles/oldcore/189/update.sh b/config/rootfiles/oldcore/189/update.sh
index 43323f38a..cae569b80 100644
--- a/config/rootfiles/oldcore/189/update.sh
+++ b/config/rootfiles/oldcore/189/update.sh
@@ -349,6 +349,7 @@ ldconfig
 telinit u
 
 # Start services
+/etc/init.d/unbound restart
 /etc/init.d/collectd restart
 /usr/local/bin/openvpnctrl -s
 /usr/local/bin/openvpnctrl -sn2n
diff --git a/lfs/unbound b/lfs/unbound
index f10fed82d..d8efaf872 100644
--- a/lfs/unbound
+++ b/lfs/unbound
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 1.21.0
+VER        = 1.21.1
 
 THISAPP    = unbound-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = f6dc7b60e0071d3a7e7e687eb76fd086590ac69da954775c85bd09d8caa5e0cc4181c97fc14a75d2235f3b182d2d5b0b9120e453beb4e112af67ac80216cfca9
+$(DL_FILE)_BLAKE2 = 4a14019a52c7f0641a6cfcb946be3016d9fd722acff7eeb5ea243808621af9fc05d2bb4dcba1024f134eb6ec609994e5a07b6c4b6bc0b8cc639b35db1546acd1
 
 install : $(TARGET)
 


hooks/post-receive
--
IPFire 2.x development tree

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2024-10-07  9:16 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-10-07  9:16 [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 71cea32cd8ab84d174f1913a04b4751c8eacd69e Michael Tremer

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox