summaryrefslogtreecommitdiffstats
path: root/meta-networking
Commit message (Collapse)AuthorAgeFilesLines
* meta-networking/licenses/netperf: remove unused licenseArsalan H. Awan2023-05-081-43/+0
| | | | | | | | | | | | This removes the old unused license for netperf as upstream moved to using the MIT license for netperf. See: meta-openembedded commit 587fe5877790b6c2e1d337c351b8f50603ad4db9 Signed-off-by: Arsalan H. Awan <arsalan.awan@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 27bdecd1bcf1fa86bf4ebbc527fceb455efe2970) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* restinio: fix S variable in multilib buildsMartin Jansa2023-04-181-2/+2
| | | | | | | | | * do_populate_lic as well as do_configure fails in multilib builds, because S points to empty: lib32-restinio/0.6.13-r0/lib32-restinio-0.6.13/dev Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* dnsmasq: fix CVE-2023-28450Peter Marko2023-03-252-0/+49
| | | | | | | | The patch is modified by removing irrelevant and conflicting CHANGELOG entry. Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* mbedtls: upgrade to 2.28.2 to fix CVE-2022-46392, CVE-2022-46393Stefan Ghinea2023-03-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller. An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX. References: https://nvd.nist.gov/vuln/detail/CVE-2022-46392 https://nvd.nist.gov/vuln/detail/CVE-2022-46393 Upstream patches: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2 Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 2ab113e8be42ae2dd61babb8e9a1742684df1f59) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ntp: whitelist CVE-2019-11331Peter Marko2023-03-161-0/+2
| | | | | | | | | | | | Links from https://nvd.nist.gov/vuln/detail/CVE-2019-11331 lead to conclusion that this is how icurrent ntp protocol is designed. New RFC is propsed for future but it will not be compatible with current one. See https://support.f5.com/csp/article/K09940637 Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* mdns: use git fetcherMartin Jansa2023-02-1515-16/+203
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * https://opensource.apple.com/tarballs/mDNSResponder/mDNSResponder-${PV}.tar.gz is just redirect to unsafe github archives which are regenerated from time to time. * We do have src-uri-bad QA check which prevents to use github archives in SRC_URI since 2019: https://github.com/openembedded/openembedded-core/commit/21f84fcdd659544437fe393285c407e1e9432043 but this cannot catch such redirects, see: $ wget https://opensource.apple.com/tarballs/mDNSResponder/mDNSResponder-878.30.4.tar.gz --2023-01-31 10:06:02-- https://opensource.apple.com/tarballs/mDNSResponder/mDNSResponder-878.30.4.tar.gz Resolving opensource.apple.com (opensource.apple.com)... 17.253.73.203, 17.253.73.206, 2a01:b740:a26:f000::5, ... Connecting to opensource.apple.com (opensource.apple.com)|17.253.73.203|:443... connected. HTTP request sent, awaiting response... 302 Redirect Location: https://github.com/apple-oss-distributions/mDNSResponder/archive/refs/tags/mDNSResponder-878.30.4.tar.gz [following] --2023-01-31 10:06:02-- https://github.com/apple-oss-distributions/mDNSResponder/archive/refs/tags/mDNSResponder-878.30.4.tar.gz Resolving github.com (github.com)... 140.82.121.3 Connecting to github.com (github.com)|140.82.121.3|:443... connected. HTTP request sent, awaiting response... 302 Found Location: https://codeload.github.com/apple-oss-distributions/mDNSResponder/tar.gz/refs/tags/mDNSResponder-878.30.4 [following] --2023-01-31 10:06:02-- https://codeload.github.com/apple-oss-distributions/mDNSResponder/tar.gz/refs/tags/mDNSResponder-878.30.4 Resolving codeload.github.com (codeload.github.com)... 140.82.121.10 Connecting to codeload.github.com (codeload.github.com)|140.82.121.10|:443... connected. HTTP request sent, awaiting response... 200 OK Length: unspecified [application/x-gzip] Saving to: ?mDNSResponder-878.30.4.tar.gz? * The tarball was regenerated recently as discussed in: https://github.com/orgs/community/discussions/45830 * Use top-level directory in S to fix DEBUG_PREFIX_MAP usage like the version in master does, the only exception here is that there still was top-level Makefile (which fails to set VER with: Makefile:26: *** missing separator. Stop. so use the simple one like newer version in master) * it's already included in master as part of version upgrade in: https://github.com/openembedded/meta-openembedded/commit/ec96eb577bd518b89e2e7834bd569ba269df458f Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tinyproxy: fix CVE-2022-40468Chee Yang Lee2023-02-112-0/+34
| | | | | | | Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 795ccdd86cad05c425adae15af27797f42f33c56) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* net-snmp: CVE-2022-44792 & CVE-2022-44793 Fix NULL Pointer ExceptionNarpat Mali2023-02-112-0/+122
| | | | | | | | | | | References: https://nvd.nist.gov/vuln/detail/CVE-2022-44792 https://nvd.nist.gov/vuln/detail/CVE-2022-44793 Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 5ae6f9434f44a57389a3f52dce17da6fe5928e1f) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* net-snmp: Fix build with clang16Khem Raj2023-02-112-0/+33
| | | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit ee0de616df82937191613c85f9df7e872b99ed6f) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* freeradius: Security fixes for CVE-2022-41860 CVE-2022-41861Yi Zhao2023-02-113-0/+173
| | | | | | | | | | | | | | | | | | | | | | | | | | | | CVE-2022-41860: In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash. CVE-2022-41861: A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash. References: https://nvd.nist.gov/vuln/detail/CVE-2022-41860 https://nvd.nist.gov/vuln/detail/CVE-2022-41861 Patches from: CVE-2022-41860: https://github.com/FreeRADIUS/freeradius-server/commit/f1cdbb33ec61c4a64a32e107d4d02f936051c708 CVE-2022-41861: https://github.com/FreeRADIUS/freeradius-server/commit/0ec2b39d260e08e4c3464f6b95005821dc559c62 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* strongswan: upgrade 5.9.8 -> 5.9.9Yi Zhao2023-01-211-1/+1
| | | | | | | | | | Changelog: https://github.com/strongswan/strongswan/releases/tag/5.9.9 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 6cca42d726c333b5955c6f4e46395b9578efce2e) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sshpass: Use SPDX identified string for GPLv2Khem Raj2023-01-211-1/+1
| | | | | | | | | Fixes QA Issue: Recipe LICENSE includes obsolete licenses GPLv2 [obsolete-license] Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit bb9672b8c5a8df645f420bd0ce8092800fa61e73) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* networkmanager: fix /etc/resolv.conf handlingChen Qi2023-01-211-4/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The current handling of /etc/resolv.conf by NM has some problems. When networkd is not configuring network, and there's 'ip=dhcp' in kernel command line, the /run/NetworkManager/resolv.conf file is not created, resulting in /etc/resolv.conf being a dead symlink. This is because NM is treating the network interface as externally configured and will not try to reconfigure it again. This means if we want NM to work properly with /etc/resolv.conf, we've got to either ensure there's no 'ip=dhcp' in kernel command line, or we've got to ensure networkd is configuring network. This is weird because normally we should not enable two network managers at the same time. Note that NM syncs part of its codes with networkd, which is the reason I think it happens to work when these two network configuration tools are configuring the same interface at the same time. In fact, NM now works well with resolved. It sends the DNS info it gets to resolved unconditionally by default (the behavior could be disabled in configuration file). Looking at the original commit that sets up the update-alternatives mechanism, it says: """ This brings the networkmanager in sync with how systemd-resolved and connman work. Additionally this allows it to function with a read-only rootFS. """ I guess the author was using systemd but disabling resolved, and the author wanted to use read-only rootFS. In order to keep such combination still works, change to use PACKAGECONFIG to handle things, and when 'man-resolv-conf' is enabled, the above combination could still work. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit a8ebf23dde9c82dd9d1dcd0fa6de0b4467a0112b) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* Revert "waf-samba.bbclass: point PYTHON_CONFIG to target python3-config"Armin Kuster2023-01-211-1/+0
| | | | | | | | This reverts commit 4b063f93a731cd6cc486dfcbc2c2f403fd29e7f3. This is breaking builds. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* kernel_add_regdb: Change the task orderHermes Zhang2023-01-191-1/+1
| | | | | | | | The kernel_add_regdb should run before do_compile to make it take effect. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* networkmanager: install config files into correct placeChen Qi2022-12-201-2/+2
| | | | | | | | | | | | | | | | | The current location has no effect, because NetworkManager is not looking for config files there. In meson.build, we have: nm_pkglibdir = join_paths(nm_prefix, 'lib', nm_name) config_extra_h.set_quoted('NMLIBDIR', nm_pkglibdir) It's clear that the configuration directory should be nonarch_libdir instead of libdir. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 15893f46f8af8c91d922fa41f9a1f537d92aeb9a) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* networkmanager: fix dhcpcd PACKAGECONFIGChen Qi2022-12-201-1/+1
| | | | | | | | | | | | | | | | Without this patch, even if dhcpcd is enabled, the NetworkManager cannot find it. Below are the messages from NetworkMananger: dhcp: init: DHCP client 'dhcpcd' not available dhcp: init: Using DHCP client 'internal' The problem is that dhcpcd needs to be specified as a path, otherwise NetworkManager tries to find it in /usr/sbin/dhcpcd. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 178123a0066c40db1e75d018dc65f056fb03b826) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* postfix: fix multilib conflict of sample-main.cfKai Kang2022-12-201-1/+1
| | | | | | | | | | | | | | | It fails to install postfix and lib32-postfix at same time: | Error: Transaction test error: | file /etc/postfix/sample-main.cf conflicts between attempted installs of lib32-postfix-cfg-3.7.3-r0.i586 and postfix-cfg-3.7.3-r0.core2_64 Rename sample-main.cf with ${MLPREFIX}. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit b75c138a1cdfacb4a9fba2a291a0d15f0691526b) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* smcroute: upgrade 2.5.5 -> 2.5.6Wang Mingyu2022-12-201-1/+1
| | | | | | | | | | | | | | | | | | | | | Changelog: ========== - Add smcroutectl batch support, issue #189. Based on the IPC support added in issue #185 - Fix #178: invalid systemd daemon type Simple/Notify vs simple/notify - Fix #179: typo in wildcard routes section of README - Fix #180: minor typo in file and directory names in documentation - Fix #183: casting in IPC code hides error handling of recv() - Fix #186: NULL pointer dereference in utimensat() replacement function. Found accidentally by Alexey Smirnov. Only triggered on systems that don't have a native utimensat() in their C-library, or if you try to build SMCRoute without using its own build system ... - Fix #187: strange behavior joining/leaving the same group - Fix #192: typo in README Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit abc501113aa7e136963c1bbab9b202d425014dbf) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* waf-samba.bbclass: point PYTHON_CONFIG to target python3-configKhem Raj2022-12-201-0/+1
| | | | | | | | Ensures that waf detects and uses it correctly Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 3b7f98f52b58ec48bda9a6a64c0be507ccfb6463) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* freeradius: fix multilib systemd service start failureKai Kang2022-11-252-1/+32
| | | | | | | | | | | | It fails to start radiusd.service from lib32-freeradius that the configure directory is /etc/lib32-raddb rather than /etc/raddb. So add an environment file to export a variable MLPREFIX for the service file to make it start successfully. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 172c707251fd1a646b8e63854b5f4c04ff044ce3) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ettercap: Add missing dependency on libpcreKhem Raj2022-11-251-0/+1
| | | | | | | | | | | | It depends on it, but it was being pulled in via glib-2.0 which now uses libpcre2 Fixes TOPDIR/build/tmp/work/cortexa15t2hf-neon-yoe-linux-gnueabi/ettercap/0.8.3.1-r0/recipe-sysroot-native/usr/lib/libpcre.so: file not recognized: file format not recognized Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit d8bc689ee73fa0f497294cc742660766c7ecd8c3) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* blueman: add RDEPEND on python3-fcntlMarkus Volk2022-11-251-0/+1
| | | | | | | | | | | After updating current poky master python3-fcntl is not installed into my image anymore. Blueman-applet fails to run with Error: No module named 'fcntl''Module fcntl not found' Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 25c38607014f2d325884ad003c96237906aefa48) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* chrony: Remove the libcap and nss PACKAGECONFIGsPeter Kjellerstedt2022-11-181-4/+4
| | | | | | | | | | | | There is no need for these configs on their own and they would only mess up the sechash and privdrop configs. To actually enable sechash one also had to enable nss, and to enable privdrop one also had to enable libcap. This also avoids passing --with-libcap if privdrop is enabled since the option does not exist. Change-Id: I64a49741f61385e87ddbc83b9e87213a6fc7668e Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
* chrony: Make it possible to enable editline support againPeter Kjellerstedt2022-11-181-9/+4
| | | | | | | | | | | | | Support for readline was dropped in Chrony 4.2. However, the --disable-readline option still remains (it is used to completely ignore all forms of command line editing, even though the only remaining variant is editline). So keeping the readline PACKAGECONFIG and making it pass --disable-readline when it is not enabled disabled support for editline, and if it was enabled it instead passed --without-editline, which also disabled support for editline. Thus there was no way to enable editline support. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
* wolfssl: upgrade 5.5.1 -> 5.5.2Wang Mingyu2022-11-051-1/+1
| | | | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit a9334a5cba6d9e83f81f036e1d92aae584ce3dbc) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tcpslice: upgrade 1.5 -> 1.6zhengruoqin2022-11-051-2/+1
| | | | | | | | | | | | | | | | | | | Changelog: ========= - Call pcap_dump_close() on the output file. - Implement new flags in ./configure: --enable-instrument-functions, --without-libnids, --without-libosipparser2 and --without-libooh323c. - autoconf: Add the option to print functions and files names - Update config.{guess,sub}, timestamps 2022-01-09,2022-01-03 - configure: use pcap-config --static-pcap-only if available - Remove awk code from mkdep. - Refine the man page. - Refine the documentation files. Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 8e64d8f7afa26c7d2c4ac7ed23f6d48d639cfd39) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* lldpd: Upgrade 1.0.14 -> 1.0.15Alex Kiernan2022-11-051-2/+2
| | | | | | | | | Add github-releases to make new releases discoverable. Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit c782674d3f4575817c2c7222adc188ea5aca44f2) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-openemnedded: Add myself as langdale maintainerArmin Kuster2022-10-222-17/+7
| | | | | Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* postfix: Upgrade to 3.7.3Khem Raj2022-10-193-17/+53
| | | | | | Fix build on systems with linux 6.x Signed-off-by: Khem Raj <raj.khem@gmail.com>
* unbound: upgrade 1.16.3 -> 1.17.0zhengrq.fnst2022-10-181-1/+1
| | | | | Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* blueman: upgrade 2.3.2 -> 2.3.4Wang Mingyu2022-10-181-1/+1
| | | | | | | | | Bugs fixed ========== Errors when connected to a device with the DisconnectItems plugin enabled Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nbdkit: upgrade 1.33.1 -> 1.33.2Wang Mingyu2022-10-181-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* conntrack-tools: Use canonical shell spacingAlex Kiernan2022-10-161-12/+12
| | | | | Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* conntrack-tools: Add PACKAGECONFIGs for build optionsAlex Kiernan2022-10-161-1/+8
| | | | | Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* conntrack-tools: Upgrade 1.4.6 -> 1.4.7Alex Kiernan2022-10-161-3/+2
| | | | | Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* blueman: upgrade 2.2.4 -> 2.3.2Markus Volk2022-10-132-12/+14
| | | | | | | | Switch from using tarball to git because the 2.3.2 tarball lacks the meson_options.txt file. Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* frr: Security fix CVE-2022-37032Yi Zhao2022-10-122-0/+44
| | | | | | | | | | | | | | | | CVE-2022-37032: An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c. Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-37032 Patch from: https://github.com/FRRouting/frr/commit/066770ac1c69ee5b484bb82581b22ad0423b004d Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mctp: install the .target filesHao Jiang2022-10-121-1/+4
| | | | | | | Need the targets file to enable the mctpd.service on systemd. Signed-off-by: Hao Jiang <jianghao@google.com> Change-Id: I8d48d3767760dc1f34ae7e1266600d350ac93281
* dhcp-relay: upgrade 4.4.3 -> 4.4.3-P1Yi Zhao2022-10-111-3/+3
| | | | | | | | | | | | | | | | | | | | Changes since 4.4.3 (Bug Fixes) Corrected a reference count leak that occurs when the server builds responses to leasequery packets. Thanks to VictorV of Cyber Kunlun Lab for reporting the issue. [Gitlab #253] CVE: CVE-2022-2928 Corrected a memory leak that occurs when unpacking a packet that has an FQDN option (81) that contains a label with length greater than 63 bytes. Thanks to VictorV of Cyber Kunlun Lab for reporting the issue. [Gitlab #254] CVE: CVE-2022-2929 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* spice: Include aarch64 to COMPATIBLE_HOSTFabio Estevam2022-10-101-1/+1
| | | | | | | | Allow spice to be built on ARM64 as well, so add aarch64 entry to COMPATIBLE_HOST. Signed-off-by: Fabio Estevam <festevam@denx.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* open-vm-tools: upgrade 11.3.5 -> 12.1.0Yi Zhao2022-10-1017-176/+97
| | | | | | | | | | | * Drop 0001-Make-HgfsConvertFromNtTimeNsec-aware-of-64-bit-time_.patch and 0013-misc-Do-not-print-NULL-string-into-logs.patch which have been merged upstream. * Refresh patches. * Do not build containerinfo plugin as it requries containerd. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wolfssl: upgrade 5.5.0 -> 5.5.1zhengrq.fnst2022-10-101-1/+1
| | | | | Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* stunnel: upgrade 5.65 -> 5.66zhengrq.fnst2022-10-101-1/+1
| | | | | | | | | | | | | | Changelog: =========== New features OpenSSL 3.0 FIPS Provider support for Windows. Bugfixes Fixed building on machines without pkg-config. Added the missing "environ" declaration for BSD-based operating systems. Fixed the passphrase dialog with OpenSSL 3.0. Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* strongswan: upgrade 5.9.7 -> 5.9.8Yi Zhao2022-10-081-2/+2
| | | | | | | | | | | | ChangeLog: https://github.com/strongswan/strongswan/releases/tag/5.9.8 * Drop PACKAGECONFIG[scep] as scepclient has been removed. * Add plugin-gcm to RDEPENDS as gcm plugin has been added to the default plugins. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* chrony: correct parameter to configure to disable readline usageFederico Pellegrin2022-10-061-1/+1
| | | | | | | | | | | The correct parameter to disable readline usage is --disable-readline and not --without-readline. See also chrony source at: https://github.com/mlichvar/chrony/blob/master/configure#L110 Signed-off-by: Federico Pellegrin <fede@evolware.org> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* chrony: add pkgconfig class as pkg-config is explicitly searched forFederico Pellegrin2022-10-061-1/+1
| | | | | | | | | | | | | | The configure script present in chrony will explicitly look for pkg-config and without the pkgconfig class it will fail: Checking for pkg-config : No This then affects the possibility (via image features or bbappend) to use features based on nettle/gnutls/nss which strictly require pkgconfig to be present and working. Signed-off-by: Federico Pellegrin <fede@evolware.org> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mbedtls: Whitelist CVE-2021-43666, CVE-2021-45451Mathieu Dubois-Briand2022-10-041-0/+5
| | | | | Signed-off-by: Mathieu Dubois-Briand <mbriand@witekio.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mbedtls: Update to 2.28.1 versionMathieu Dubois-Briand2022-10-041-1/+1
| | | | | Signed-off-by: Mathieu Dubois-Briand <mbriand@witekio.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mbedtls: Fix CVE product nameMathieu Dubois-Briand2022-10-041-0/+2
| | | | | Signed-off-by: Mathieu Dubois-Briand <mbriand@witekio.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-07-23 10:42:09 +0000