committing changes in /etc after apt run

Package changes:
-libwireshark-data 2.6.5-1~deb9u1 all
-libwireshark11 2.6.5-1~deb9u1 amd64
-libwiretap8 2.6.5-1~deb9u1 amd64
+libwireshark-data 2.6.7-1~deb9u1 all
+libwireshark11 2.6.7-1~deb9u1 amd64
+libwiretap8 2.6.7-1~deb9u1 amd64
-libwscodecs2 2.6.5-1~deb9u1 amd64
-libwsutil9 2.6.5-1~deb9u1 amd64
+libwscodecs2 2.6.7-1~deb9u1 amd64
+libwsutil9 2.6.7-1~deb9u1 amd64
-openjdk-8-jre-headless 8u181-b13-2~deb9u1 amd64
+openjdk-8-jre-headless 8u212-b01-1~deb9u1 amd64
-tshark 2.6.5-1~deb9u1 amd64
+tshark 2.6.7-1~deb9u1 amd64
-wireshark-common 2.6.5-1~deb9u1 amd64
+wireshark-common 2.6.7-1~deb9u1 amd64

diff --git a/alternatives/clhsdb b/alternatives/clhsdb
new file mode 120000 (symlink)
index 0000000..567a929
--- /dev/null
+++ b/alternatives/clhsdb
@@ -0,0 +1 @@
+/usr/lib/jvm/java-8-openjdk-amd64/jre/bin/clhsdb
\ No newline at end of file

diff --git a/alternatives/hsdb b/alternatives/hsdb
new file mode 120000 (symlink)
index 0000000..855fe86
--- /dev/null
+++ b/alternatives/hsdb
@@ -0,0 +1 @@
+/usr/lib/jvm/java-8-openjdk-amd64/jre/bin/hsdb
\ No newline at end of file

diff --git a/java-8-openjdk/calendars.properties b/java-8-openjdk/calendars.properties
index 49f68aca4920a424498aa33fdf3da8c09a721a25..8ffee4ca3ffba6460fb6f20939db3f8e44f293fb 100644 (file)
--- a/java-8-openjdk/calendars.properties
+++ b/java-8-openjdk/calendars.properties
@@ -29,12 +29,14 @@
 #   Taisho since 1912-07-30 00:00:00 local time (Gregorian)
 #   Showa  since 1926-12-25 00:00:00 local time (Gregorian)
 #   Heisei since 1989-01-08 00:00:00 local time (Gregorian)
+#   NewEra since 2019-05-01 00:00:00 local time (Gregorian)
 calendar.japanese.type: LocalGregorianCalendar
 calendar.japanese.eras: \
        name=Meiji,abbr=M,since=-3218832000000;  \
        name=Taisho,abbr=T,since=-1812153600000; \
        name=Showa,abbr=S,since=-1357603200000;  \
-       name=Heisei,abbr=H,since=600220800000
+       name=Heisei,abbr=H,since=600220800000;   \
+       name=NewEra,abbr=N,since=1556668800000
 
 #
 # Taiwanese calendar

diff --git a/java-8-openjdk/net.properties b/java-8-openjdk/net.properties
index b490e174a3f4915c54610f59f4826d58f2d2a050..a541eef9e649c3e4a1658fbfb197e840d3d9f877 100644 (file)
--- a/java-8-openjdk/net.properties
+++ b/java-8-openjdk/net.properties
@@ -1,5 +1,5 @@
 ############################################################
-#      Default Networking Configuration File
+#       Default Networking Configuration File
 #
 # This file may contain default values for the networking system properties.
 # These values are only used when the system properties are not specified
@@ -14,7 +14,7 @@
 # Note that the system properties that do explicitely set proxies
 # (like http.proxyHost) do take precedence over the system settings
 # even if java.net.useSystemProxies is set to true.
- 
+
 java.net.useSystemProxies=false
 
 #------------------------------------------------------------------------
@@ -66,8 +66,8 @@ ftp.nonProxyHosts=localhost|127.*|[::1]
 # socksProxyPort=1080
 #
 # HTTP Keep Alive settings. remainingData is the maximum amount of data
-# in kilobytes that will be cleaned off the underlying socket so that it 
-# can be reused (default value is 512K), queuedConnections is the maximum 
+# in kilobytes that will be cleaned off the underlying socket so that it
+# can be reused (default value is 512K), queuedConnections is the maximum
 # number of Keep Alive connections to be on the queue for clean up (default
 # value is 10).
 # http.KeepAlive.remainingData=512
@@ -99,3 +99,23 @@ ftp.nonProxyHosts=localhost|127.*|[::1]
 #jdk.http.auth.proxying.disabledSchemes=
 jdk.http.auth.tunneling.disabledSchemes=Basic
 
+#
+# Transparent NTLM HTTP authentication mode on Windows. Transparent authentication
+# can be used for the NTLM scheme, where the security credentials based on the
+# currently logged in user's name and password can be obtained directly from the
+# operating system, without prompting the user. This property has three possible
+# values which regulate the behavior as shown below. Other unrecognized values
+# are handled the same as 'disabled'. Note, that NTLM is not considered to be a
+# strongly secure authentication scheme and care should be taken before enabling
+# this mechanism.
+#
+# Transparent authentication never used.
+#jdk.http.ntlm.transparentAuth=disabled
+#
+# Enabled for all hosts.
+#jdk.http.ntlm.transparentAuth=allHosts
+#
+# Enabled for hosts that are trusted in Windows Internet settings
+#jdk.http.ntlm.transparentAuth=trustedHosts
+#
+jdk.http.ntlm.transparentAuth=disabled

diff --git a/java-8-openjdk/security/java.security b/java-8-openjdk/security/java.security
index 1e62d676fd8b74da525541fcd0a74512956c94cb..718f819aa0efa3c1bf19ada94464ed8271b0731d 100644 (file)
--- a/java-8-openjdk/security/java.security
+++ b/java-8-openjdk/security/java.security
@@ -620,8 +620,8 @@ jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024
 #
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
-jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
-    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
+jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
+    EC keySize < 224, 3DES_EDE_CBC, anon, NULL
 
 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
 # processing in JSSE implementation.
@@ -982,3 +982,33 @@ jdk.xml.dsig.secureValidationPolicy=\
 # and javax.crypto.spec.SecretKeySpec and rejects all the others.
 jceks.key.serialFilter = java.lang.Enum;java.security.KeyRep;\
   java.security.KeyRep$Type;javax.crypto.spec.SecretKeySpec;!*
+
+#
+# Policies for distrusting Certificate Authorities (CAs).
+#
+# This is a comma separated value of one or more case-sensitive strings, each
+# of which represents a policy for determining if a CA should be distrusted.
+# The supported values are:
+#
+#
+#   SYMANTEC_TLS : Distrust TLS Server certificates anchored by a Symantec
+#   root CA and issued after April 16, 2019 unless issued by one of the
+#   following subordinate CAs which have a later distrust date:
+#     1. Apple IST CA 2 - G1, SHA-256 fingerprint:
+#        AC2B922ECFD5E01711772FEA8ED372DE9D1E2245FCE3F57A9CDBEC77296A424B
+#        Distrust after December 31, 2019.
+#     2. Apple IST CA 8 - G1, SHA-256 fingerprint:
+#        A4FE7C7F15155F3F0AEF7AAA83CF6E06DEB97CA3F909DF920AC1490882D488ED
+#        Distrust after December 31, 2019.
+# Leading and trailing whitespace surrounding each value are ignored.
+# Unknown values are ignored. If the property is commented out or set to the
+# empty String, no policies are enforced.
+#
+# Note: This property is currently used by the JDK Reference implementation.
+# It is not guaranteed to be supported by other SE implementations. Also, this
+# property does not override other security properties which can restrict
+# certificates such as jdk.tls.disabledAlgorithms or
+# jdk.certpath.disabledAlgorithms; those restrictions are still enforced even
+# if this property is not enabled.
+#
+jdk.security.caDistrustPolicies=SYMANTEC_TLS

diff --git a/wireshark/init.lua b/wireshark/init.lua
index 271d5de0c71a68c09897a2c4d4764efafac97c63..91c0d104894c4ae3c11cc0718878cda7b48d8ea2 100644 (file)
--- a/wireshark/init.lua
+++ b/wireshark/init.lua
@@ -697,5 +697,7 @@ datafile_path = Dir.global_config_path
 persconffile_path = Dir.personal_config_path
 
 
-dofile(DATA_DIR.."console.lua")
+if not running_superuser or run_user_scripts_when_superuser then
+    dofile(DATA_DIR.."console.lua")
+end
 --dofile(DATA_DIR.."dtd_gen.lua")