IPFire.org

lp://qastaging/~vcs-imports/ipfire/ipfire-2.x

Created by Jelmer Vernooij and last modified
Get this branch:
bzr branch lp://qastaging/~vcs-imports/ipfire/ipfire-2.x

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
VCS imports
Project:
IPFire.org
Status:
Development

Import details

Import Status: Suspended

This branch is an import of the HEAD branch of the Git repository at git://git.ipfire.org/ipfire-2.x.git.

Last successful import was .

Import started on juju-98ee42-prod-launchpad-codeimport-5 and finished taking 2 minutes — see the log
Import started on juju-98ee42-prod-launchpad-codeimport-4 and finished taking 3 minutes — see the log
Import started on juju-98ee42-prod-launchpad-codeimport-3 and finished taking 3 minutes — see the log
Import started on juju-98ee42-prod-launchpad-codeimport-2 and finished taking 3 minutes — see the log

Recent revisions

13714. By Michael Tremer <email address hidden>

core196: Ship man pages

Signed-off-by: Michael Tremer <email address hidden>

13713. By Arne Fitzenreiter

vulnerabilities.cgi add indirect target selection

Signed-off-by: Arne Fitzenreiter <email address hidden>

13712. By Michael Tremer <email address hidden>

freeradius: Bump release

Fixes: #13590 - Freeradius not starting: libssl version mismatch
Signed-off-by: Michael Tremer <email address hidden>

13711. By Michael Tremer <email address hidden>

Revert "libusb: Add comment to update nut when libusb is updated"

This reverts commit 80b5bcd5ed1c3dbad515e0835806999cdbe71e61.

This change is no longer needed.

Signed-off-by: Michael Tremer <email address hidden>

13710. By Adolf Belka <email address hidden>

sudo: Update to version 1.9.17p1

- Update from version 1.9.17 to 1.9.17p1
- Update of rootfile not required
- Changelog
    1.9.17p1
  * Fixed CVE-2025-32462. Sudo's -h (--host) option could be specified
    when running a command or editing a file. This could enable a
    local privilege escalation attack if the sudoers file allows the
    user to run commands on a different host.
  * Fixed CVE-2025-32463. An attacker can leverage sudo's -R
    (--chroot) option to run arbitrary commands as root, even if
    they are not listed in the sudoers file. The chroot support has
    been deprecated an will be removed entirely in a future release.

Signed-off-by: Adolf Belka <email address hidden>
Signed-off-by: Arne Fitzenreiter <email address hidden>

13709. By Adolf Belka <email address hidden>

libusb: Add comment to update nut when libusb is updated

- libusb is a run time requirement for nut

Signed-off-by: Adolf Belka <email address hidden>
Signed-off-by: Michael Tremer <email address hidden>

13708. By Adolf Belka <email address hidden>

core196: Revert ship of customservices from fwhosts

- Shipping the customservices file replaced the existing file on all users systems, which
   resulted in any modificationjs they had made being wiped out.
- Having thought about it further what I shouldn have done is just added the additional
   custom service of "DNS over TLS" to the end of the customservices file during the
   update process using update.sh but that is also not so easy because what number to
   use for the "DNS over TLS" entry will depend on how many custom services the user
   has created.
- At the least the shipping of the customservices file needs to be reverted. I and others
   can then think about alternative ways to provide that entry to existing files.
- Alternatively we could leave it without doing anything. A fresh install will have the
   "DNS over TLS" entry and upgrades will just leave the existing customservices file
   alone.
- Users can of course recover the file by doing a restore from the backup they have
   created but it is not good to overwrite those sorts of files.

Signed-off-by: Adolf Belka <email address hidden>
Signed-off-by: Michael Tremer <email address hidden>

13707. By Michael Tremer <email address hidden>

Merge branch 'next'

13706. By Michael Tremer <email address hidden>

wireguard: Don't use fwmarks for the gateways

This slightly conflicts with the reverse path filter which does not seem
to consider the mark and therefore does not resolve to the correct route.

There is not too much benefit of using the mark, except its elegance, a
more accurate lookup and that we were hiding a direct route to the
gateway from the clients.

Signed-off-by: Michael Tremer <email address hidden>

13705. By Michael Tremer <email address hidden>

langs: Remove Pakfire strings again

This is an extra step to resolve a merge conflict from the previous
patch.

Signed-off-by: Michael Tremer <email address hidden>

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.