| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
fix-gcc-6-conflicts-signbit.patch
Removed since they are included in 4.9.0
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Security fixes:
CVE-2019-14861: Samba AD DC zone-named record Denial of Service in DNS
management server (dnsserver).
CVE-2019-14870: DelegationNotAllowed not being enforced in protocol transition
on Samba AD DC.
See: https://www.samba.org/samba/history/samba-4.10.11.html
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current NTP server responds to mode 6 queries from any clients.
Devices that respond to these queries have the potential to be used in
NTP amplification attacks. An unauthenticated, remote attacker could
potentially exploit this, via a specially crafted mode 6 query, to cause
a reflected denial of service condition.
See: https://www.tenable.com/plugins/nessus/97861
https://scan.shadowserver.org/ntpversion/
Update ntp.conf to restrict NTP mode 6 queries.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Release notes of the bugfix release:
- https://www.stunnel.org/NEWS.html
Also:
- rename COPYING to COPYING.md
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Adrian Bunk <bunk@stusta.de>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Guest accounts for Samba are a known potential vulnerability
(see https://www.tenable.com/plugins/nessus/26919) where info
about the host can be obtained without proper access. The option
"map to guest = bad user" allows login attempts with usernames
that don't exist to map to the guest account, while the
"restrict anonymous" value (implicitly set to 0 before this patch)
would allow any queries to obtain user and group list information.
Raise the default security level by setting "restrict anonymous"
to "1" and "map to guest" to "never" to avoid providing user/group
info to unauthenticated users and reject login attempts with an
invalid password, respectively.
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Fixes
error: 'runtime_error' is not a member of 'std'
throw std::runtime_error("Allocation error.");
^~~~~~~~~~~~~
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
| |
This helps in taking care of multilib install dir
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
ERROR: firewalld-0.7.2-r0 do_package: QA Issue: firewalld: Files/directories were installed but not shipped in any package:
/usr/lib
/usr/lib/firewalld
/usr/lib/firewalld/zones
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
| |
Helps fixing packaging errors on mulilib builds
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It shows an warning of openl2tp in systemd log:
| /lib/systemd/system/openl2tpd.service:8: PIDFile= references a path
| below legacy directory /var/run/, updating /var/run/openl2tpd.pid →
| /run/openl2tpd.pid; please update the unit file accordingly.
Update the systemd service file to fix the warning.
Update SRC_URI as well that the homepage openl2tp.org has been closed.
Use archived file on sourceforge instead.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fill out PACKAGECONFIG options for json, mini-gmp, readline and xtables
whilst matching existing behaviour. Drop PACKAGECONFIG to weak default.
Fix upstream version matching so the very old 0.099 is rejected as the
newest version.
Drop seemingly redundant ASNEEDED which was added in 5477d5bcb727
("nftables: Upgrade to 0.7") without explanation.
Package python files from libdir not libdir_native; whilst they're the
same thing, building a target package with native variables is odd.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
New patch:
0001-update-python3-nftables-reference.patch
Signed-off-by: Todd Cunningham <tcunningham07@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Fixes
/usr/src/debug/rdma-core/26.1-r0/git/librdmacm/rsocket.c:3041: undefined reference to `pthread_yield'
collect2: error: ld returned 1 exit status
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Kai Kang <kai.kang@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Upgrade rdma-core from 18.1 to 27.0
* remove 4 patches which have been merged by upstream
* update context and remove more unbuildable manual in
0001-Remove-man-files-which-cant-be-built.patch
* set services file for systemd
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Bugfix release. For details, see:
https://mosquitto.org/blog/2019/11/version-1-6-8-released/
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This helps in avoiding packaging errors seen with distros enabling
multilib
Fixes
ERROR: grpc-1.24.3-r0 do_package: QA Issue: grpc: Files/directories were installed but not shipped in any package:
/usr/lib/libgrpc++.so.1.24.3
...
/usr/lib/cmake
/usr/lib/cmake/grpc
/usr/lib/cmake/grpc/gRPCConfigVersion.cmake
/usr/lib/cmake/grpc/gRPCConfig.cmake
/usr/lib/cmake/grpc/gRPCTargets-noconfig.cmake
/usr/lib/cmake/grpc/gRPCTargets.cmake
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or de
lete them within do_install.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix corosync build error when package config rdma enabled.
* replace dependency librdmacm from layer meta-cloud-services with
rdma-core from meta-networking
* add patch to fix issue that fail to find rdma library via pkgconfig
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
fix wrong shebang "#!/usr/bin/env python3/"
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Remove obselete patch:
0001-Move-exports-before-symbol-definition.patch
Refresh patch:
0002-avoid-naming-local-function-as-one-of-printf-family.patch
Add one new file in this patch:
src/obj/synproxy.c
Signed-off-by: Todd Cunningham <tcunningham07@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
>From https://hewlettpackard.github.io/netperf/doc/netperf.html:
Other optional configure-time settings include --enable-intervals=yes to give
netperf the ability to “pace” its _STREAM tests and --enable-histogram=yes to
have netperf keep a histogram of interesting times.
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
libappindicator is a library to allow applications to export a menu into
the Unity Menu bar. Unity is not supported in openembedded, so disable
appindicator support for blueman.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Canonical's Netplan is a network configuration abstraction renderer written in
Python. It's compatible with NetworkManager and systemd-networkd.
Signed-off-by: Jacopo Dall'Aglio <jacopo.dallaglio@kynetics.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
A ntpdc is a special NTP query program. It shouldn't be part of ntp-utils
which is depending on perl.
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Previously the kernel module was only pulled in for ${PN}-utils and
${PN}-ptest, but not for the library itself. As a result, appsexternal
to this recipe using only the library fail because kernel module is
not installed in the image.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Switch PACKAGECONFIG from man to manpages so we are included when
api-documentation is set. Ensure correct tools are available to build
the documentation and avoid unsupported option failures by not passing
`--enable-man-doc`.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
we install dnsmasq under /usr/bin by default, correct
the path in comments.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Avoid warning due to the class rename in OE-Core.
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
do_install never executed as a result it was empty install
Create ruli-bin package for utilities, so libraries can be packages
granularily
Drop the makefile patch which is no longer needed, set the make
variables to get the needed bits set
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 84-nm-drivers.rules is not required for systemd-udevd versions
v210 and later. The file has been split into a separate file so
distributions with a new enough systemd version can drop it. See
also:
https://github.com/NetworkManager/NetworkManager/commit/1e0375826252abf9aab2aef273a2a24cd08c9f42
I noticed this while investigating into a warning show during
bootup:
/usr/lib/udev/rules.d/84-nm-drivers.rules:10 Invalid value "/bin/sh -c
'ethtool -i $1 | sed -n s/^driver:\ //p' -- $env{INTERFACE}" for PROGRAM
(char 24: invalid substitution type), ignoring, but please fix it.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
| |
-fstack-clash-protection is gcc-only option
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
clang does delegate the atomic<double> calls to libatomic on x86 where
as gcc tries to use intrinsics, its debatable who is right, but it does
seem that clang is safe in case pointer is unaligned
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
It was only added because samba was a dependency, but was not removed
again when the dependency on samba was removed in commit 6207331f.
This effectively reverts commit a190c2e3.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
| |
Signed-off-by: Martin Balik <martin.balik@siemens.com>
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Mbed TLS 2.16.3 is a maintenance release of the Mbed TLS 2.16 branch, and
provides bug fixes and minor enhancements.
https://github.com/ARMmbed/mbedtls/releases/tag/mbedtls-2.16.3
Most importantly, this fixes breakage on ARMv5TE platforms:
* Fix the build on ARMv5TE in ARM mode to not use assembly instructions that
are only available in Thumb mode.
https://github.com/ARMmbed/mbedtls/pull/2169
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Security fixes:
CVE-2019-10218: Client code can return filenames containing path
separators.
CVE-2019-14833: Samba AD DC check password script does not receive the
full password.
CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP
server via dirsync.
See: https://www.samba.org/samba/history/samba-4.10.10.html
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
