summaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-support
Commit message (Collapse)AuthorAgeFilesLines
* tcpreplay: fix CVE-2024-22654Archana Polampalli2025-07-103-0/+127
| | | | | | | tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c. Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireshark: upgrade 4.2.9 -> 4.2.12Vijay Anusuri2025-07-101-4/+4
| | | | | | | | | | | | | | | | | | releasenote: https://www.wireshark.org/docs/relnotes/wireshark-4.2.12.html https://www.wireshark.org/docs/relnotes/wireshark-4.2.11.html https://www.wireshark.org/docs/relnotes/wireshark-4.2.10.html Includes security fix CVE-2025-5601 License-Update: Update GPL copies for FSF no longer having an address Link: https://github.com/wireshark/wireshark/commit/18e4db97c424c11cb26fa7fef97b95dd3d001bb1 The 4.2.9 was not longer available at the original SRC_URI. At the new SRC_URI all version of the wireshark releases are available. Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* chrony: use inherit_defer for conditional inherit of useraddClayton Casciato2025-06-231-1/+1
| | | | | | | | | | | | [ Upstream commit 63df976d8eec0fa714e8da30f4333f8af23c57d3 ] conditionnal inherit is missed when PACKAGECONFIG privdrop is activated after this inherit, eg in .bbappend. Signed-off-by: Andreas Fenkart <afenkart@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Clayton Casciato <majortomtosourcecontrol@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openvpn: upgrade 2.6.12 -> 2.6.14Divya Chellam2025-04-161-1/+1
| | | | | | | | | | | | | | This includes CVE-fix for CVE-2025-2704 Changelog: ========== https://github.com/OpenVPN/openvpn/releases For full details, refer to: https://github.com/OpenVPN/openvpn/compare/v2.6.12...v2.6.14 Signed-off-by: Divya Chellam <divya.chellam@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* fwknop: Specify target locations of gpg and wgetKhem Raj2025-04-161-1/+3
| | | | | | | | | This fixes emitting buildpaths into binary and also fixes the issue where these tools wont exist on the paths they were found on build machine Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster@mvista.com>
* fetchmail: disable rpath to fix buildpaths warning.Wang Mingyu2025-04-161-4/+1
| | | | | | | | | | | There was an error with the last modification to the buildpaths warning, which could cause segment error. fix the following warning about buildpath: WARNING: fetchmail-6.4.38-r0 do_package_qa: QA Issue: File /usr/bin/fetchmail in package fetchmail contains reference to TMPDIR [buildpaths] Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster@mvista.com>
* fetchmail: Fix buildpaths warning.Wang Mingyu2025-04-161-0/+3
| | | | | | | | WARNING: fetchmail-6.4.38-r0 do_package_qa: QA Issue: File /usr/bin/fetchmail in package fetchmail contains reference to TMPDIR [buildpaths] Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster@mvista.com>
* wireshark: upgrade 4.2.7 -> 4.2.9Vijay Anusuri2025-03-232-135/+1
| | | | | | | | | | | | | | | | | Fixes CVE-2024-11595 CVE-2024-11596 Removed CVE-2024-9781.patch which is already fixed in 4.2.8 version Release notes: https://www.wireshark.org/docs/relnotes/wireshark-4.2.8.html https://www.wireshark.org/docs/relnotes/wireshark-4.2.9.html Reference: https://www.wireshark.org/security/wnpa-sec-2024-15.html https://www.wireshark.org/security/wnpa-sec-2024-14.html https://www.wireshark.org/security/wnpa-sec-2024-13.html Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* unbound: Fix CVE-2024-8508Virendra Thakur2025-03-072-1/+250
| | | | | | | | | | | | Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression to downstream replies. This can lead to degraded performance and eventually denial of service in well orchestrated attacks. Reference: https://nvd.nist.gov/vuln/detail/cve-2024-8508 Signed-off-by: Virendra Thakur <virendrak@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* mdio-tools: fix mdio-netlink kernel module reproducibilityYoann Congal2025-02-041-2/+3
| | | | | | | | | | | | | | | | | | mdio-netlink source make reference to ${S}/.. which breaks -fdebug-prefix-map and results in the full TMPDIR path being present in the -dbg package and, also, change a related CRC in the main package. This changes ${S} to enclose the whole SRC_URI repo and adapt relative paths to build (MODULES_MODULE_SYMVERS_LOCATION) This make mdio-netlink reproducible and fixes this warning: WARNING: mdio-netlink-1.3.1-r0 do_package_qa: QA Issue: File /lib/modules/6.6.29-yocto-standard/updates/.debug/mdio-netlink.ko in package mdio-netlink-dbg contains reference to TMPDIR [buildpaths] Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Reviewed-by: Alexandre Truong <alexandre.truong@smile.fr> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit d161de0b00b91cd0c286fbbc1190f87cf20fe088) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireshark 4.2.7: Fix CVE-2024-9781Shubham Pushpkar2025-01-202-0/+134
| | | | | | | | | | | | | Upstream Repository: https://gitlab.com/wireshark/wireshark.git Bug Details: https://nvd.nist.gov/vuln/detail/CVE-2024-9781 Type: Security Fix CVE: CVE-2024-9781 Score: 7.8 Patch: https://gitlab.com/wireshark/wireshark/-/commit/cad248ce3bf5 Signed-off-by: Shubham Pushpkar <spushpka@cisco.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* chrony: fix do_fetch errorJiaying Song2025-01-201-1/+1
| | | | | | | | Change the SRC_URI to the correct value due to the following error: WARNING: chrony-4.5-r0.wr2401 do_fetch: Failed to fetch URL https://download.tuxfamily.org/chrony/chrony-4.5.tar.gz, attempting MIRRORS if available Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ndisc6: Fix reproducible buildKhem Raj2024-12-152-0/+86
| | | | | | | | | | | | includes the CFLAGS used to build the package in the binary via PACKAGE_CONFIGURE_INVOCATION which then includes the absolute build path via (eg.) the -ffile-prefix-map flag. Here we remove using variables like PACKAGE_CONFIGURE_INVOCATION in code Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ndisc: Remove buildpaths from binariesKhem Raj2024-12-151-0/+4
| | | | | | | | | | configure emits its arguments into binaries via PACKAGE_CONFIGURE_INVOCATION therefore edit the paths from this in generated config.h before it gets into binaries. Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openvpn: upgrade 2.6.10 -> 2.6.12Haixiao Yan2024-11-242-146/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | ChangeLog: https://github.com/OpenVPN/openvpn/blob/v2.6.12/Changes.rst Security fixes: CVE-2024-4877: Windows: harden interactive service pipe. Security scope: a malicious process with "some" elevated privileges (SeImpersonatePrivilege) could open the pipe a second time, tricking openvn GUI into providing user credentials (tokens), getting full access to the account openvpn-gui.exe runs as. CVE-2024-5594: control channel: refuse control channel messages with nonprintable characters in them. Security scope: a malicious openvpn peer can send garbage to openvpn log, or cause high CPU load. CVE-2024-28882: only call schedule_exit() once (on a given peer). Security scope: an authenticated client can make the server "keep the session" even when the server has been told to disconnect this client. Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com> [Drop CVE-2024-28882 patch not yet in stable] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openvpn: fix CVE-2024-28882Haixiao Yan2024-11-092-0/+145
| | | | | | | | | | | | CVE-2024-28882: OpenVPN in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session References: https://community.openvpn.net/openvpn/wiki/CVE-2024-28882 Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tcpreplay: fix CVE-2023-43279Jiaying Song2024-11-092-0/+40
| | | | | | | | | | | | | | | Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command. References: https://nvd.nist.gov/vuln/detail/CVE-2023-43279 Upstream patches: https://github.com/appneta/tcpreplay/pull/860/commits/963842ceca79e97ac3242448a0de94fb901d3560 Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openipmi: upgrade 2.0.34->2.0.36Jiaying Song2024-11-091-1/+1
| | | | | | | | Full changelog: https://sourceforge.net/p/openipmi/news/ Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libldb: upgrade 2.8.0 -> 2.8.1Yi Zhao2024-10-061-1/+1
| | | | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 09f8ef2242c2d7f83101effed09ee7894e14c069) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireshark: upgrade 4.2.5 -> 4.2.7Vijay Anusuri2024-09-091-1/+1
| | | | | | | | | | | | | CVE's fixed by upgrade: CVE-2024-8250 Other Changes between 4.2.5 -> 4.2.7 ====================================== https://www.wireshark.org/docs/relnotes/wireshark-4.2.7.html https://www.wireshark.org/docs/relnotes/wireshark-4.2.6.html Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tcpreplay: Fix CVE-2023-4256Poonam Jadhav2024-08-032-0/+28
| | | | | | | | | | | Add patch to fix tcpreplay CVE-2023-4256 dlt_jnpr_ether_cleanup: check config before cleanup Links: https://github.com/appneta/tcpreplay/pull/851 https://github.com/appneta/tcpreplay/issues/813#issuecomment-2245557093 Signed-off-by: Poonam Jadhav <poonam.jadhav@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireshark: upgrade 4.2.4 -> 4.2.5Vijay Anusuri2024-07-171-1/+1
| | | | | | | | | | | | | | | The following vulnerabilities have been fixed: wnpa-sec-2024-07 MONGO and ZigBee TLV dissector infinite loops. Issue 19726. CVE-2024-4854. wnpa-sec-2024-08 The editcap command line utility could crash when chopping bytes from the beginning of a packet. Issue 19724. CVE-2024-4853. wnpa-sec-2024-09 The editcap command line utility could crash when injecting secrets while writing multiple files. Issue 19782. CVE-2024-4855. Release Notes: https://www.wireshark.org/docs/relnotes/wireshark-4.2.5.html Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tcpdump: fix CVE-2024-2397Hitendra Prajapati2024-06-262-0/+130
| | | | | | | Upstream-Status: Backport from https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libtevent: upgrade 0.16.0 -> 0.16.1Yi Zhao2024-06-021-1/+1
| | | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* open-vm-tools: Update status for CVE-2014-4199 and CVE-2014-4200Ninette Adhikari2024-04-301-0/+2
| | | | | | | Current version 12.3.5 is not affected by the issue. Affected versions: Up to (incl) 10.0.3 Signed-off-by: Khem Raj <raj.khem@gmail.com>
* spice-gtk: add PACKAGECONFIG for webdavMarkus Volk2024-04-301-0/+1
| | | | | Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* spice-gtk: use hwdata instead of usbidsMarkus Volk2024-04-301-2/+2
| | | | | | | | spice-gtk seems to be the last recipe in meta-openembedded that uses usbids instead of hwdata. Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* sngrep: upgrade 1.8.0 -> 1.8.1Wang Mingyu2024-04-211-1/+1
| | | | | | | | Changelog: capture: fix possible buffer overflow while processing headers Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* rdma-core: upgrade 50.0 -> 51.0Wang Mingyu2024-04-211-1/+1
| | | | | | | | | | | | | | | | | | Changelog: ============ -Merge pull request #1444 from yishaih/mlx5_dr -Merge pull request #1439 from Kamalheib/qedr_pr -mlx5: DR, Using sq ts format when RoCE is disabled -Merge pull request #1440 from Honggang-LI/doc -librdmacm: adjust ECE function name in man page -providers/qedr: Remove unused debug files -roviders/qelr: Replace DP_ERR with verbs_err -providers/qelr: Replace DP_VERBOSE with verbs_debug -providers/qelr: Remove unused macros -Merge pull request #1438 from amzn/fix-rdma-tracepoint Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* Use PYTHON_SITEPACKAGES_DIR instead of hard-coded site-packages directory pathalperak2024-04-214-5/+5
| | | | | | | | | | | | The following paths have been replaced with PYTHON_SITEPACKAGES_DIR: - "${libdir}/${PYTHON_DIR}/site-packages" - "${libdir}/python${PYTHON_BASEVERSION}/site-packages" - "${libdir}/python*/site-packages" - "${libdir}/python3.*/site-packages" Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* tnftp: switch the SRC_URI to httpsRandy MacLeod2024-04-141-1/+1
| | | | | Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* pimd: switch SRC_URI to httpsRandy MacLeod2024-04-141-2/+1
| | | | | | | | Switch SRC_URI to https (yes, the URI still has ftp in the path!). Also drop the obsolete SRC_URI[md5sum]. Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* unbound: upgrade 1.19.1 -> 1.19.3Beniamin Sandu2024-04-071-2/+2
| | | | | | | | | | | Includes security fixes for: CVE-2024-1931 - Loop with Unreachable Exit Condition ('Infinite Loop') Full release notes: https://github.com/NLnetLabs/unbound/releases/tag/release-1.19.3 Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wireshark: upgrade 4.2.3 -> 4.2.4Wang Mingyu2024-04-021-1/+1
| | | | | | | | | | | | | | | Bugfix: ========= -wnpa-sec-2024-06 T.38 dissector crash. -Extcap with configuration never starts; "Configure all extcaps before start of capture." is shown instead. -Packet Dissection CSV Export includes last column even if hidden. -Inject TLS secrets closes Wireshark on Windows. -Wireshark crashes when adding another port to the HTTP dissector. -When adding a new row to a table an error report may be inserted. -'--export-objects' does not work as expected on tshark version later than 3.2.10. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libcpr: add new recipePeter Marko2024-03-261-0/+24
| | | | | | | | Curl for People C++ Requests is a simple wrapper around libcurl inspired by the excellent Python Requests project. Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* strongswan: upgrade 5.9.13 -> 5.9.14Yi Zhao2024-03-261-1/+1
| | | | | | | | ChangeLog: https://github.com/strongswan/strongswan/releases/tag/5.9.14 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ssmtp: Fix build with musl >= 1.2.5Khem Raj2024-03-252-0/+33
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* rdma-core: Fix build with musl >= 1.2.5Khem Raj2024-03-252-1/+61
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openvpn: upgrade 2.6.9 -> 2.6.10Yi Zhao2024-03-211-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | License-Update: Update copyright years to 2024 ChangeLog: https://github.com/OpenVPN/openvpn/blob/v2.6.10/Changes.rst Security fixes: CVE-2024-27459: Windows: fix a possible stack overflow in the interactive service component which might lead to a local privilege escalation. CVE-2024-24974: Windows: disallow access to the interactive service pipe from remote computers. CVE-2024-27903: Windows: disallow loading of plugins from untrusted installation paths, which could be used to attack openvpn.exe via a malicious plugin. Plugins can now only be loaded from the OpenVPN install directory, the Windows system directory, and possibly from a directory specified by HKLM\SOFTWARE\OpenVPN\plugin_dir. CVE-2024-1305: Windows TAP driver: Fix potential integer overflow in !TapSharedSendPacket. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* recipes: Drop remaining PR values from recipesMartin Jansa2024-03-171-1/+0
| | | | | | | | | | | | * as oe-core did in: https://git.openembedded.org/openembedded-core/commit/?id=d4c346e8ab * when people are have to maintain own PRs for recipes in oe-core, they might add them for meta-oe recipes at the same time when upgrading to next LTS Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* sngrep: new recipe for ncurses SIP Messages flow viewerJörg Sommer2024-03-171-0/+37
| | | | | Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* unionfs-fuse, dropwatch, postgresql, yasm, multipath-tools, ↵Martin Jansa2024-03-171-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | python3-pybind11: add missing Upstream-Status * add Pending to .patch files where it was accidentally droped with upgrades or modifications in: f88e5b146e postgresql: upgrade 15.5 -> 16.2 c904e169db multipath-tools: upgrade 0.9.3 -> 0.9.8 105be9b3d9 unionfs-fuse: upgrade 2.2 --> 3.4 or new patches where the author didn't notice/care: 2a7f74cdb0 dropwatch: Use header files from sysroot instead of build host f5cc9f272a yasm: improve reproducibility 39028d0d9d python3-pybind11: Restore strip prevention patch authors of these added to CC, please be more careful with removing or not adding these or enable patch-status in ERROR_QA for your builds, see: https://lists.openembedded.org/g/openembedded-core/topic/104922136#197113 * added with: for p in `/OE/layers/openembedded-core/scripts/contrib/patchreview.py -v . | grep Missing.Upstream-Status.tag | sed 's/.*(//g;s/)$//g'`; do grep -q ^Upstream-Status: $p || sed -i "s/^---$/\nUpstream-Status: Pending\n---/g" $p; grep -q ^Upstream-Status: $p || sed -i "1iUpstream-Status: Pending\n" $p; done Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* netcf: Fix build with latest gnulibKhem Raj2024-03-092-1/+84
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* tcprelay: fix a minor cross compilation do_configure issueChen Qi2024-03-082-0/+52
| | | | | | | | | | | | | | | | We're seeing errors like below in log.do_configure: ./conftest: cannot execute binary file: Exec format error The tcprelay's configure have two places to execute ./conftest. And the result happens to be correct even with the error above. Instead of leaving the errors as they are, we explicitly skip running ./conftest in case of cross compiling. The build will continue to succeed and result will remain the same. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* stunnel: upgrade 5.69 -> 5.72Wang Mingyu2024-03-082-18/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fix-openssl-no-des.patch refreshed for 5.72 License-Update: Copyright year updated to 2024. Changelog: =========== * Security bugfixes - OpenSSL DLLs updated to version 3.2.1. - OpenSSL FIPS Provider updated to version 3.0.8. * Bugfixes - Fixed SSL_CTX_new() errors handling. - Fixed OPENSSL_NO_PSK builds. - Android build updated for NDK r23c. - stunnel.nsi updated for Debian 12. - Fixed tests with OpenSSL older than 1.0.2. - Fixed the console output of tstunnel.exe. - Fixed TLS socket EOF handling with OpenSSL 3.x. This bug caused major interoperability issues between stunnel built with OpenSSL 3.x and Microsoft's Schannel Security Support Provider (SSP). - Fixed reading certificate chains from PKCS#12 files. * Features sponsored by SAE IT-systems - OCSP stapling is requested and verified in the client mode. - Using "verifyChain" automatically enables OCSP stapling in the client mode. - OCSP stapling is always available in the server mode. - An inconclusive OCSP verification breaks TLS negotiation. This can be disabled with "OCSPrequire = no". - Added the "TIMEOUTocsp" option to control the maximum time allowed for connecting an OCSP responder. * Features - Added support for Red Hat OpenSSL 3.x patches. - Added configurable delay for the "retry" option. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libtdb: upgrade 1.4.9 -> 1.4.10Wang Mingyu2024-03-082-8/+33
| | | | | | | | 0001-tdb-Add-configure-options-for-packages.patch refreshed for 1.4.10 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libtalloc: upgrade 2.4.1 -> 2.4.2Wang Mingyu2024-03-082-8/+33
| | | | | | | | 0001-talloc-Add-configure-options-for-packages.patch refreshed for 2.4.2 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* fetchmail: upgrade 6.4.37 -> 6.4.38Wang Mingyu2024-03-081-1/+1
| | | | | | | | | | | | Changelog: ========== -updates translations, and tightens OpenSSL/wolfSSL version requirements in order to track their security fixes and deprecations. OpenSSL 3.0.9, 3.1.4, 3.2.0 and wolfSSL 5.6.2 (or newer on the respective compatible branches) remain supported. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* pgpool2: Fix build with postgresql 16+Khem Raj2024-03-052-0/+26
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* pgpool2: Upgrade to 4.5.1Khem Raj2024-03-052-39/+2
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>