summaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-support
Commit message (Collapse)AuthorAgeFilesLines
* bridge-utils: add CVE_PRODUCTBenjamin Bouvier2024-12-131-0/+2
| | | | | | | | Add exact CPE name (from NVD database) in CVE_PRODUCT in order to ensure CVE filtering and not be disturb by futur potential false-positive CVEs. Signed-off-by: Benjamin Bouvier <benjamin.bouvier@ekinops.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wireshark: use inherit_defer for conditional casesGhislain Mangé2024-12-031-1/+1
| | | | | | | | | | | Conditionnal inherit may be missed when PACKAGECONFIG qt5 is activated after this inherit, eg in .bbappend. see patch [0] [0]: https://lists.openembedded.org/g/bitbake-devel/message/16815 Reviewed-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Ghislain Mangé <ghislain.mange@smile.fr> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wireshark: fix Qt5/6 configurationGhislain Mangé2024-12-031-1/+1
| | | | | | | | | | | | Wireshark is built with Qt6 by default when Qt is enabled. Forcibly disable Qt6 in our Qt5 PACKAGECONFIG Github issue: https://github.com/openembedded/meta-openembedded/issues/844 Reported-by: Ludovic Jozeau <ludovic.jozeau@smile.fr> Reviewed-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Ghislain Mangé <ghislain.mange@smile.fr> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nbdkit: Bump to the newest stable repoMarcin Nowakowski2024-11-272-0/+71
| | | | | | | | | | | | | | | | Recently, the official nbdkit repo has been changed: from https://github.com/libguestfs/nbdkit into https://gitlab.com/nbdkit/nbdkit Additionally, the newest stable tag version is v1.40.4. The patch used with version 1.33.11 is also copied and modified to support the latest changes. The version 1.33.11 is not removed for reference purposes. It was tested with one of openbmc images. Signed-off-by: Khem Raj <raj.khem@gmail.com>
* dovecot: Upgrade to 2.3.21.1Khem Raj2024-11-232-1/+26
| | | | | | Fix build with icu-76.x while here Signed-off-by: Khem Raj <raj.khem@gmail.com>
* tcpdump: add CVE_PRODUCTBenjamin Bouvier2024-11-211-0/+2
| | | | | | | Add exact CPE name in CVE_PRODUCT. Signed-off-by: Benjamin Bouvier <benjamin.bouvier@ekinops.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openvpn: add ptest supportJiaying Song2024-11-192-2/+51
| | | | | | | | | | | | | | | | | | | | | | | | | All test cases PASS. Add openvpn to PTESTS_SLOW because test duration longer than 30s Below is parts of the run log: [==========] xkey provider tests: Running 3 test(s). [ RUN ] xkey_provider_test_fetch [ OK ] xkey_provider_test_fetch [ RUN ] xkey_provider_test_mgmt_sign_cb [ OK ] xkey_provider_test_mgmt_sign_cb [ RUN ] xkey_provider_test_generic_sign_cb [ OK ] xkey_provider_test_generic_sign_cb [==========] xkey provider tests: 3 test(s) run. [ PASSED ] 3 test(s). PASS: provider_testdriver The files t_client.sh.in and t_cltsrv.sh were not added because they require specific environment configuration files. It is recommended that users configure these based on their environment before testing. Since the recipe enables iproute2, the condition for t_net.sh based on HAVE_SITNL is not met, so t_net.sh will not be included in the build. Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* unbound: update to latest to fix occasional build failureMartin Jansa2024-11-051-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | buildhistory-diff shows few new files in testdata: packages/core2-64-oe-linux/unbound/unbound-ptest: FILELIST: added " /usr/lib/unbound/ptest/tests/testdata/rpz_val_block.rpl /usr/lib/unbound/ptest/tests/testdata/serve_expired_ttl_reset.rpl /usr/lib/unbound/ptest/tests/testdata/val_negcache_ttl_prefetch.rpl /usr/lib/unbound/ptest/tests/testdata/val_negcache_ttl.rpl /usr/lib/unbound/ptest/tests/testdata/iter_max_global_quota.rpl /usr/lib/unbound/ptest/tests/testdata/iter_unverified_glue.rpl /usr/lib/unbound/ptest/tests/testdata/serve_expired_val_bogus.rpl /usr/lib/unbound/ptest/tests/testdata/iter_unverified_glue_fallback.rpl /usr/lib/unbound/ptest/tests/testdata/serve_expired_client_timeout_val_bogus.rpl /usr/lib/unbound/ptest/tests/testdata/serve_expired_client_timeout_val_insecure_delegation.rpl /usr/lib/unbound/ptest/tests/testdata/dns64_prefetch_cache.rpl" wasn't tested in runtime, I don't use it, I just wanted to get rid of random build failure from world builds (happens at least since kirkstone which has 1.15.0). Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mctp: Fix build errors with clang19 + muslChanh Nguyen2024-10-281-1/+1
| | | | | Signed-off-by: Chanh Nguyen <chanh@os.amperecomputing.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mctp: upgrade 1.1 -> 2.0Chanh Nguyen2024-10-181-1/+5
| | | | | Signed-off-by: Chanh Nguyen <chanh@os.amperecomputing.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mdio-tools: RRECOMMENDS the kernel moduleAlban Bedel2024-10-161-1/+1
| | | | | | | | | The mdio-tools package RDEPENDS on `kernel-module-mdio-netlink` but this package doesn't exists if the module is built into the kernel. Use RRECOMMENDS instead as is usually done with kernel modules. Signed-off-by: Alban Bedel <alban.bedel@aerq.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* open-vm-tools: upgrade 12.4.5 -> 12.5.0Yi Zhao2024-10-131-2/+2
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* unbound: Upgrade to 1.21.1Khem Raj2024-10-131-2/+2
| | | | | | | Disable rpaths we are cross building and paths on target will be the usual locations e.g. /usr/lib Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ndisc6: Fix reproducible buildKhem Raj2024-10-102-0/+86
| | | | | | | | | | includes the CFLAGS used to build the package in the binary via PACKAGE_CONFIGURE_INVOCATION which then includes the absolute build path via (eg.) the -ffile-prefix-map flag. Here we remove using variables like PACKAGE_CONFIGURE_INVOCATION in code Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wireshark: fix typo in PACKAGECONFIG[zstd]Ghislain Mangé2024-10-021-1/+1
| | | | | | | | | | | | | | | ENABLE_STTD is a typo, correct option is ENABLE_ZSTD. This patches the following CMake warning in do_configure: Manually-specified variables were not used by the project: ENABLE_STTD After, do_configure does not show the warning. Github issue: https://github.com/openembedded/meta-openembedded/issues/845 Reported-by: Ludovic Jozeau <ludovic.jozeau@smile.fr> Reviewed-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Ghislain Mangé <ghislain.mange@smile.fr> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* curlpp: Fix build issuealperak2024-10-012-1/+38
| | | | | Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* lksctp-tools: upgrade 1.0.20 -> 1.0.21Yi Zhao2024-09-291-1/+1
| | | | | | | | ChangeLog: https://github.com/sctp/lksctp-tools/blob/v1.0.21/ChangeLog Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* tcpslice: upgrade 1.7 -> 1.8Yi Zhao2024-09-231-1/+1
| | | | | | | | ChangeLog: https://github.com/the-tcpdump-group/tcpslice/blob/tcpslice-1.8/CHANGES Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* lksctp-tools: upgrade 1.0.19 -> 1.0.20Yi Zhao2024-09-231-11/+3
| | | | | | | | | | | ChangeLog: https://github.com/sctp/lksctp-tools/blob/v1.0.20/ChangeLog Drop redundant variables LK_REL, SOLIBVERSION and SOLIBMAJORVERSION in recipe. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* traceroute: upgrade 2.1.5 -> 2.1.6Wang Mingyu2024-09-181-1/+1
| | | | | | | | | Changelog: - Let getaddrinfo(3) select the default IPv4 or IPv6 protocol version when it is not explicitly specified on the command line Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* stunnel: upgrade 5.72 -> 5.73Wang Mingyu2024-09-182-12/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fix-openssl-no-des.patch refreshed for 5.73 Changelog: =========== * Security bugfixes - OpenSSL DLLs updated to version 3.3.2. - OpenSSL FIPS Provider updated to version 3.0.9. * Bugfixes - Fixed a memory leak while reloading stunnel.conf sections with "client=yes" and "delay=no". - Fixed TIMEOUTocsp with values greater than 4. - Fix the IPv6 test on a non-IPv6 machine. * Features - HELO replaced with EHLO in the post-STARTTLS SMTP protocol negotiation (thx to Peter Pentchev). - OCSP stapling fetches moved away from server threads. - Improved client-side session resumption. - Added support for the mimalloc allocator. - Check for protocolHost moved to configuration file processing for the client-side CONNECT protocol. - Clarified some confusing OpenSSL's certificate verification error messages. - stunnel.nsi updated for Debian 13 and Fedora. - Improved NetBSD compatibility. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ntp: Fix status call reporting incorrect valueKeith McRae2024-09-181-1/+1
| | | | | | The "status" function called by this script calls "pidof" to get the process id. "pidof" does not expect or operate with a full path. Signed-off-by: Khem Raj <raj.khem@gmail.com>
* open-vm-tools: upgrade 12.3.5 -> 12.4.5Yi Zhao2024-09-151-3/+3
| | | | | | | | | | | | | | | | Release Notes: https://github.com/vmware/open-vm-tools/blob/stable-12.4.0/ReleaseNotes.md https://github.com/vmware/open-vm-tools/blob/stable-12.4.5/ReleaseNotes.md ChangeLog: https://github.com/vmware/open-vm-tools/blob/stable-12.4.0/open-vm-tools/ChangeLog https://github.com/vmware/open-vm-tools/blob/stable-12.4.5/open-vm-tools/ChangeLog Drop --without-xerces configuration option as it has been removed since 12.4.0. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libconfuse: move to meta-oeEnrico Jörns2024-09-121-14/+0
| | | | | | | | | | | This prepares for using libconfuse for the 'genimage' recipe which should reside in meta-oe. Also libftdi (which is in meta-oe already) optionally requires libconfuse when PACKAGECONFIG option 'ftdi-eeprom' is enabled. Signed-off-by: Enrico Jörns <ejo@pengutronix.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* drbd-utils: upgrade 9.27.0 -> 9.28.0Yi Zhao2024-09-113-95/+10
| | | | | | | | | | | | | | ChangeLog: https://github.com/LINBIT/drbd-utils/blob/v9.28.0/ChangeLog * Drop backport patch: 0001-configure.ac-Add-an-option-to-disable-host-udev-vers.patch * Refresh patch: 0001-drbd-utils-support-usrmerge.patch Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wireshark: upgrade 4.2.6 -> 4.2.7Vijay Anusuri2024-09-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | Bug Fixes The following vulnerability has been fixed: wnpa-sec-2024-11 NTLMSSP dissector crash. Issue 19943. CVE-2024-8250. The following bugs have been fixed: Fuzz job issue: fuzz-2024-01-31-7745.pcap. Issue 19627. OSS-Fuzz 70534: wireshark:fuzzshark_ip_proto-udp: Stack-overflow in dissect_cbor_main_type. Issue 19935. SOME/IP Protocol heuristic dissector fails to parse. Issue 19670. 6loWPAN: Page Number Field Incorrect Registration. Issue 19934. PacketBB incorrectly reports "Malformed Packet" Issue 19972. Release Notes: https://www.wireshark.org/docs/relnotes/wireshark-4.2.7.html Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* tcpdump: upgrade 4.99.4 -> 4.99.5Yi Zhao2024-09-013-132/+2
| | | | | | | | ChangeLog: https://git.tcpdump.org/tcpdump/blob/HEAD:/CHANGES Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* unbound: upgrade 1.20.0 -> 1.21.0Wang Mingyu2024-08-281-3/+3
| | | | | | | | Changelog: https://github.com/NLnetLabs/unbound/releases/tag/release-1.21.0 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libtdb: upgrade 1.4.11 -> 1.4.12Wang Mingyu2024-08-281-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* fwknop: Specify target locations of gpg and wgetKhem Raj2024-08-191-1/+3
| | | | | | | | This fixes emitting buildpaths into binary and also fixes the issue where these tools wont exist on the paths they were found on build machine Signed-off-by: Khem Raj <raj.khem@gmail.com>
* fwknop: Upgrade to 2.6.11Khem Raj2024-08-183-61/+3
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* dnsmasq: set config dhcp6, broken-rtc by FEATURESJörg Sommer2024-08-161-1/+6
| | | | | | | | Some of the PACKAGECONFIG can be derived from the DISTRO_FEATURES and MACHINE_FEATURES. Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* dnsmasq: Install conf example from upstream instead of our versionJörg Sommer2024-08-162-300/+1
| | | | | | | | Our version was copied 2011 and is out of date. The changes in the meantime affected only comments. Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ndisc: Remove buildpaths from binariesKhem Raj2024-08-151-0/+4
| | | | | | | | configure emits its arguments into binaries via PACKAGE_CONFIGURE_INVOCATION therefore edit the paths from this in generated config.h before it gets into binaries. Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wavemon: upgrade 0.9.5 -> 0.9.6Wang Mingyu2024-08-091-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openvpn: upgrade 2.6.11 -> 2.6.12Wang Mingyu2024-08-092-4/+4
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openipmi: upgrade 2.0.35 -> 2.0.36Wang Mingyu2024-08-091-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libtdb: upgrade 1.4.10 -> 1.4.11Wang Mingyu2024-08-091-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* tcpreplay: upgrade 4.4.4 -> 4.5.1Yi Zhao2024-08-014-164/+1
| | | | | | | | | | ChangeLog: https://github.com/appneta/tcpreplay/releases/tag/v4.5.1 Drop patches that have been merged upstream. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* tcpreplay: Fix CVE-2023-4256Poonam Jadhav2024-07-252-0/+28
| | | | | | | | | | | Add patch to fix tcpreplay CVE-2023-4256 dlt_jnpr_ether_cleanup: check config before cleanup Links: https://github.com/appneta/tcpreplay/pull/851 https://github.com/appneta/tcpreplay/issues/813#issuecomment-2245557093 Signed-off-by: Poonam Jadhav <poonam.jadhav@kpit.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wireshark: upgrade 4.2.5 -> 4.2.6Wang Mingyu2024-07-151-1/+1
| | | | | | | | | | | | | | | | | | Bugfixes: =========== * RADIUS dissector's dictionary loading broken in many ways. * 3.4 -> 3.6.5 ASCII display is broken on CentOS 7. * Funnel/Lua: Closing child window disconnects buttons of parent. * Lua detection fails with Alpine Linux: missing: LUA_LIBRARIES. * vnd.3gpp.5gnas payloads of type SMS not decoded inside HTTP2 5GC. * TCP Stream Graphs green sliding window line not displayed correctly. * Wireshark window doesn't fully fit on screen on small resolutions and can't be resized properly on Russian language. * Wireshark started from command line doesn't set gui.fileopen_remembered_dir correctly on Windows. * Wireshark expects wrong length for DHCP Relay Agent Information Source Port Suboption. * SIP P-Access-Network-Info header not correctly decoded. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* sngrep: upgrade 1.8.1 -> 1.8.2Wang Mingyu2024-07-151-1/+1
| | | | | | | | Changelog: capture: fix possible buffer overflow while processing RTP payload Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* fetchmail: disable rpath to fix buildpaths warning.Wang Mingyu2024-07-101-4/+1
| | | | | | | | | | There was an error with the last modification to the buildpaths warning, which could cause segment error. fix the following warning about buildpath: WARNING: fetchmail-6.4.38-r0 do_package_qa: QA Issue: File /usr/bin/fetchmail in package fetchmail contains reference to TMPDIR [buildpaths] Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* recipes: ignore various issues fatal with gcc-14Martin Jansa2024-07-082-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | work arounds for: meta-oe/meta-oe/recipes-devtools/nodejs/nodejs_20.12.2.bb:do_compile meta-oe/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb:do_compile meta-oe/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb:do_compile meta-oe/meta-oe/recipes-extended/rrdtool/rrdtool_1.8.0.bb:do_compile meta-oe/meta-oe/recipes-extended/cmpi-bindings/cmpi-bindings_1.0.4.bb:do_compile meta-oe/meta-python/recipes-devtools/python/python3-gevent_24.2.1.bb:do_compile meta-oe/meta-oe/recipes-support/avro/avro-c++_1.11.3.bb:do_compile meta-oe/meta-python/recipes-devtools/python/python3-h5py_3.10.0.bb:do_compile meta-oe/meta-oe/recipes-multimedia/cdrkit/cdrkit_1.1.11.bb:do_compile meta-oe/meta-networking/recipes-connectivity/openthread/ot-br-posix_git.bb:do_compile meta-oe/meta-oe/recipes-devtools/heaptrack/heaptrack_1.2.0.bb:do_configure meta-oe/meta-oe/recipes-support/avro/avro-c_1.11.3.bb:do_compile meta-oe/meta-oe/recipes-core/usleep/usleep_1.2.bb:do_compile meta-oe/meta-networking/recipes-protocols/openflow/openflow_git.bb:do_compile meta-oe/meta-oe/recipes-extended/sblim-sfcc/sblim-sfcc_2.2.8.bb:do_compile meta-oe/meta-networking/recipes-support/linux-atm/linux-atm_2.5.2.bb:do_compile meta-oe/meta-oe/recipes-kernel/ipmitool/ipmitool_1.8.19.bb:do_compile meta-oe/meta-networking/recipes-support/ssmping/ssmping_0.9.1.bb:do_compile meta-oe/meta-oe/recipes-connectivity/wifi-test-suite/wifi-test-suite_10.10.1.bb:do_compile meta-oe/meta-oe/recipes-extended/zsync/zsync-curl_git.bb:do_compile meta-oe/meta-python/recipes-devtools/python/python3-kivy_2.3.0.bb:do_compile meta-oe/meta-oe/recipes-support/openct/openct_0.6.20.bb:do_compile meta-oe/meta-oe/recipes-benchmark/dhrystone/dhrystone_2.1.bb:do_compile meta-oe/meta-networking/recipes-daemons/ncftp/ncftp_3.2.7.bb:do_compile meta-oe/meta-oe/recipes-support/daemontools/daemontools_0.76.bb:do_compile meta-oe/meta-oe/recipes-devtools/libgee/libgee_0.20.6.bb:do_compile meta-oe/meta-oe/recipes-devtools/mcpp/mcpp_2.7.2.bb:do_compile meta-oe/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb:do_compile meta-oe/meta-networking/recipes-connectivity/dibbler/dibbler_git.bb:do_compile meta-oe/meta-oe/recipes-devtools/glade/glade_3.22.2.bb:do_compile http://errors.yoctoproject.org/Errors/Build/183124/ Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* unbound: Add ptest for unboundrajmohan r2024-07-012-2/+38
| | | | | | | | | | Adapt the compile 'test' phony target from Makefile and deploy as ptest for unbound. All test are successful on a trial and took around >9min and <10min. Duration of ptest execution was 587 seconds on an average. Signed-off-by: rajmohan r <semc.2042@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* devecot: set dovecot.conf file mode with chmodYi Zhao2024-06-281-1/+2
| | | | | | | The touch command doesn't support file mode setting. Set it with chmod. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openvpn: upgrade 2.6.10 -> 2.6.11Wang Mingyu2024-06-272-7/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | 0001-configure.ac-eliminate-build-path-from-openvpn-versi.patch refreshed for 2.6.11 Changelog: ============= - Implement server_poll_timeout for socks - Use snprintf instead of sprintf for get_ssl_library_version - Add bracket in fingerprint message and do not warn about missing verification - Replace macos11 with macos14 in github runners - Only run coverity scan in OpenVPN/OpenVPN repository - Workaround issue in LibreSSL crashing when enumerating digests/ciphers - Properly handle null bytes and invalid characters in control messages - Allow to set ifmode for existing DCO interfaces in FreeBSD - samples: Update sample configurations - documentation: make section levels consistent - phase2_tcp_server: fix Coverity issue 'Dereference after null check' - script-options.rst: Update ifconfig_* variables - LZO: do not use lzoutils.h macros - Remove "experimental" denotation for --fast-io - Implement Windows CA template match for Crypto-API selector - misc.c: remove unused code - interactive.c: Improve access control for gui<->service pipe - Only schedule_exit() once Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* tcpdump: fix CVE-2024-2397Hitendra Prajapati2024-06-272-0/+130
| | | | | | | Upstream-Status: Backport from https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* rdma-core: Do not use overloadable attribute with muslKhem Raj2024-06-271-4/+2
| | | | | | | clang fortify with glibc is where the issue happens so limit it to just glibc Signed-off-by: Khem Raj <raj.khem@gmail.com>
* rdma-core: Fix recvfrom override errors with glibc 2.40 and clangKhem Raj2024-06-212-0/+41
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-04 08:44:08 +0000