summaryrefslogtreecommitdiffstats
path: root/meta-networking
Commit message (Collapse)AuthorAgeFilesLines
...
* mdio-tools: upgrade 1.3.0 -> 1.3.1Michael Haener2024-01-093-1/+1
| | | | | | | | | | | | Changelog: * Multiple registers can now be dumped at once, via the generic dump operation. * Relax the driver matching to accept the strings used in kernels 6.2 and newer. Signed-off-by: Michael Haener <michael.haener@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* daq: Fix install conflict when enable multilib.Wang Mingyu2024-01-091-1/+2
| | | | | | | | | | | | | | | | | | | Error: Transaction test error: file /usr/bin/daq-modules-config conflicts between attempted installs of lib32-daq-2.0.7-r0.armv7ahf_neon and daq-2.0.7-r0.cortexa57 The differences of daq-modules-config are as follows: @@ -7,7 +7,7 @@ prefix=/usr exec_prefix=/usr -LIBDIR=/usr/lib64 +LIBDIR=/usr/lib STATIC_LIBS=" -lsfbpf -lpcap -lsfbpf -lnfnetlink -lnetfilter_queue -lsfbpf -lpcap -ldnet" static=0 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* tgt: Fix build with muslKhem Raj2024-01-092-3/+44
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wolfssl: upgrade 5.6.4 -> 5.6.6Wang Mingyu2024-01-081-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* traceroute: upgrade 2.1.3 -> 2.1.5Wang Mingyu2024-01-081-1/+1
| | | | | | | | | Changelog ======== Fix rfc5837 parsing Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* tgt: upgrade 1.0.83 -> 1.0.90Wang Mingyu2024-01-081-2/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* chrony: upgrade 4.4 -> 4.5Wang Mingyu2024-01-081-1/+1
| | | | | | | | | | | | | Changelog ======== * Add support for AES-GCM-SIV in GnuTLS * Add support for corrections from PTP transparent clocks * Add support for systemd socket activation * Fix presend in interleaved mode * Fix reloading of modified sources from sourcedir Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: upgrade 4.18.9 -> 4.19.3Yi Zhao2024-01-0826-65/+73
| | | | | | | | | | | | | | | According to samba release planning[1], 4.18 is already in maintenance mode and will be EOL in Sep 2024. Upgrade to current stable release 4.19. Release Notes https://www.samba.org/samba/history/samba-4.19.0.html https://www.samba.org/samba/history/samba-4.19.3.html [1] https://wiki.samba.org/index.php/Samba_Release_Planning Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libldb: upgrade 2.7.2 -> 2.8.0Yi Zhao2024-01-085-36/+27
| | | | | | | | | * Remove PACKAGECONFIG[libaio] as libaio is no longer required by libldb. * Refresh patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libtevent: upgrade 0.14.1 -> 0.16.0Yi Zhao2024-01-084-39/+55
| | | | | | | | | * Remove PACKAGECONFIG[libaio] as libaio is no longer required by libtevent. * Refresh patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libtalloc: upgrade 2.4.0 -> 2.4.1Yi Zhao2024-01-085-41/+60
| | | | | | | | | | * Remove PACKAGECONFIG[libaio] as libaio is no longer required by libtalloc. * Add ptest. * Refresh patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libtdb: upgrade 1.4.8 -> 1.4.9Yi Zhao2024-01-084-37/+53
| | | | | | | | | | * Remove PACKAGECONFIG[libaio] as libaio is no longer required by libtdb. * Add ptest. * Refresh patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* keepalived: Move the sample configuration files to a separate packageJordan Crouse2024-01-021-0/+4
| | | | | | | | | | | By default keepalived installs a bunch of sample configurations to /etc/keepalived/samples. These are good demonstrations but will almost certainly not apply to any real world situation. Move the sample files to a separate package. Signed-off-by: Jordan Crouse <jorcrous@amazon.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* squid: upgrade 6.5 -> 6.6Wang Mingyu2024-01-021-1/+1
| | | | | | | | | | | | | | | | | | Changelog: =========== - Bug 5328: Fix ESI build with libxml2 v2.12.0 - Bug 5319: QOS Netfilter MARK preservation is always disabled - Bug 5318: peer_digest.cc:399: "fetch->pd && receivedData.data" - Bug 5317: FATAL attempt to read data from memory - Bug 5154: Do not open IPv6 sockets when IPv6 is disabled - FTP: Ignore credentials with a NUL-prefixed username - log_db_daemon: Fix DSN construction - Limit the number of allowed X-Forwarded-For hops - Do not update StoreEntry expiration after errorAppendEntry() - improve handling of response sending errors Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* vsomeip: upgrade 3.3.8 -> 3.4.10Yi Zhao2024-01-016-27/+98
| | | | | | | | | | | ChangeLog: https://github.com/COVESA/vsomeip/releases/tag/3.4.10 * Refresh patches * Fix build for lld Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openipmi: update 2.0.32 -> 2.0.34Alexander Kanavin2023-12-317-109/+16
| | | | | | | | | | This resolves dependency on removed python distutils in particular. openipmi-remove-host-path-from-la_LDFLAGS.patch is removed as issue is fixed upstream. Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wireshark: update 4.0.10 -> 4.2.0Alexander Kanavin2023-12-316-148/+73
| | | | | | | This resolves python 3.12 issues. Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* system-config-printer: rely on setuptools to obtain distutils copyAlexander Kanavin2023-12-311-1/+1
| | | | | Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: upgrade 4.18.8 -> 4.18.9Yi Zhao2023-12-291-1/+1
| | | | | | | | | | | | | | | | This is the latest stable release of the Samba 4.18 release series. It contains the security-relevant bugfix CVE-2018-14628: Wrong ntSecurityDescriptor values for "CN=Deleted Objects" allow read of object tombstones over LDAP (Administrator action required!) https://www.samba.org/samba/security/CVE-2018-14628.html Release Notes: https://www.samba.org/samba/history/samba-4.18.9.html Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: drop libnewt dependencyDmitry Baryshkov2023-12-291-1/+0
| | | | | | | | | With the nmtui being now handled via tha PACKAGECONFIG, there is no need for the global libnewt dependency, PACKAGECONFIG["nmtui"] handles it correctrly. Drop the libnewt from DEPENDS list. Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* uftp: upgrade 5.0.2 -> 5.0.3Wang Mingyu2023-12-291-1/+1
| | | | | | | | | | Changelog: =========== -A memory leak fix in the prior version wasn't applied correctly, resulting in an invalid memory access causing a crash. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* bearssl: Upgrade to latestAlex Kiernan2023-12-293-100/+16
| | | | | | | | | | | | | | | | | | Install headers so that dependencies can use this to build against. Make `brssl` executable, fixup library soname. Drop patches which change build flags in favour of command line overrides. Add support for static build. Changes: Thomas Pornin (4): Added generic API for date range validation (with callbacks). Fixed RSA PSS verificatiobn bug (when hash_len != salt_len). Added macro that indicates presence of the time callback feature. Also added C++ compatibility. Fixed spurious warning about old-style prototype. Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* open-vm-tools: upgrade 12.1.5 -> 12.3.5Yi Zhao2023-12-2717-227/+67
| | | | | | | | | | Release Notes: https://github.com/vmware/open-vm-tools/blob/stable-12.3.5/ReleaseNotes.md ChangeLog: https://github.com/vmware/open-vm-tools/blob/stable-12.3.5/open-vm-tools/ChangeLog Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: fix some missing pkgconfigThomas Perrot2023-12-211-0/+3
| | | | | | | | | | | - to build and package nmtui - to automatically append networkmanager-adsl and networkmanager-wwan in recommended packages. - to fix an invalid-packageconfig QA issue that is raised when adsl and wwan are added in pkgconfig. Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mdns: Upgrade 2200.40.37.0.1 -> 2200.60.25.0.4Alex Kiernan2023-12-211-1/+1
| | | | | Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mbedtls: Upgrade 3.5.0 -> 3.5.1Alex Kiernan2023-12-181-4/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | Use canonical URL, add UPSTREAM_CHECK_GITTAGREGEX. Changes: Dave Rodgman (12): Header updates Fix some non-standard headers Update documentation Add Changelog for license Update license for p256-m README improvements to 3rdparty section assemble Changelog Fix typos in changelog Bump version Update BRANCHES Update Changelog with bugfix entry Add docs re Everest license David Horstmann (1): Fix 3rdparty target names for custom config License-update: Upstream clarified licensing as dual Apache-2.0 or GPL-2.0 or later Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mdns: Fix HOMEPAGE URLAlex Kiernan2023-12-181-1/+1
| | | | | | | The Apple Bonjour homepage has moved. Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* strongswan: upgrade 5.9.12 -> 5.9.13Wang Mingyu2023-12-181-1/+1
| | | | | | | | | | | Changelog: - Fixes a regression with handling OCSP error responses and adds a new option to specify the length of nonces in OCSP requests. Also adds some other improvements for OCSP handling and fuzzers for OCSP requests/responses. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: add missing modemmanager rdependsThomas Perrot2023-12-181-1/+1
| | | | | | | Fix rdepends with modemmanager PACKAGECONFIG enabled. Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ifenslave: upgrade 2.13 -> 2.14Wang Mingyu2023-12-181-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: Improved SUMMARY and added DESCRIPTIONWilliam Lyu2023-12-141-1/+12
| | | | | | | | The SUMMARY and DESCRIPTION are taken from Arch Linux wiki page: https://wiki.archlinux.org/title/NetworkManager Signed-off-by: William Lyu <William.Lyu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* pgpool2: use autotools-brokensep instead of setting Balperak2023-12-121-2/+2
| | | | | Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* spice-gtk: Set meson version based on PVMarkus Volk2023-11-291-0/+4
| | | | | | | This fixes build for gnome-boxes Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* spice: Set meson version based on PVMarkus Volk2023-11-291-0/+4
| | | | | | | | | | | | | This fixes: | Dependency spice-server found: NO found UNKNOWN but need: '>=0.14.0' | Run-time dependency spice-server found: NO | | ../qemu-8.1.2/meson.build:1038:10: ERROR: Dependency lookup for spice-server with method 'pkgconfig' failed: Invalid version, need 'spice-server' ['>=0.14.0'] found 'UNKNOWN'. Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libcacard: set meson version based on PVMarkus Volk2023-11-292-38/+5
| | | | | Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* squid: add systemd servicePatrick Wicki2023-11-291-1/+12
| | | | | | | Integrate the upstream unit file into the recipe. Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* squid: add url-rewrite-helpers packageconfigPatrick Wicki2023-11-291-1/+2
| | | | | Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* squid: move configs to sub packagePatrick Wicki2023-11-291-2/+6
| | | | | | | | Move the config files to a separate squid-conf package. This allows shipping new configs via a custom conf package. Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* squid: add auth packageconfigPatrick Wicki2023-11-291-4/+7
| | | | | | | | | Introduce PACKAGECONFIG[auth] and pin the dependencies to it. This allows building squid without authentication support and all its related dependencies. Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* squid: add nm dispatcher reload hookPatrick Wicki2023-11-292-0/+15
| | | | | | | | | | This enables the networkmanager dispatcher to reload squid automatically on network changes. This idea is from the Fedora package where they do the same: https://src.fedoraproject.org/rpms/squid/blob/rawhide/f/squid.spec#_207 Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* squid: update from v5.7 to v6.5Patrick Wicki2023-11-299-187/+110
| | | | | | | | | | | | | | | | | | | | | | | | | | Refresh patches and clean up ones that are no longer needed: * dlopen test was removed in b65d2165c5c250242764ed7cdac4540fba813dec * libxml2 variables were removed in 866a092dad01e58986a6e9ecb84ac89037a63e9a * squid-conf-tests no longer run at build time since cd3dc147bf8abc0225237ced865c6660fffcb63a Fix squid-conf-tests to allow running on target device. License change: Update year The version update eliminates the following CVEs: * CVE-2023-5824 (affected: <6.4) * CVE-2023-46724 (affected: >=3.3.0.1, <6.4) * CVE-2023-46728 (affected: <6.0.1) * CVE-2023-46846 (affected: >=2.6, <6.4) * CVE-2023-46847 (affected: >=3.2.0.1, <6.4) * CVE-2023-46848 (affected: >=5.0.3, <6.4) Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* frr: upgrade 9.0.1 -> 9.1Wang Mingyu2023-11-286-514/+2
| | | | | | | | | | | | 0001-tools-make-quiet-actually-suppress-output.patch CVE-2023-46752.patch CVE-2023-46753.patch CVE-2023-47234.patch CVE-2023-47235.patch removed since they're included in 9.1 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* freeradius: make sub packages to runtime depends on freeradiusHongxu Jia2023-11-281-0/+7
| | | | | | | | | | | | | | | | | Otherwise install packages reported warning at do_rootfs ...log.do_rootfs... Installing : freeradius-ldap-3.0.26-r0.corei7_64 1235/1236 warning: user radiusd does not exist - using root warning: group radiusd does not exist - using root Installing : freeradius-krb5-3.0.26-r0.corei7_64 1236/1236 warning: user radiusd does not exist - using root ...log.do_rootfs... The user/group radiusd is added by package freeradius, explicitly made the sub packages to runtime depends on freeradius Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* system-config-printer: Add packageconfig for polkitMarkus Volk2023-11-251-1/+2
| | | | | Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libcacard: fix version string in libcacard.pcMarkus Volk2023-11-232-1/+38
| | | | | Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libexosip2: package binaries in a separate packageCharles Perry2023-11-221-0/+3
| | | | | | | | Put sip_monitor, sip_reg and sip_storm in a separate libexosip2-tools package as they won't be needed most of the time. Signed-off-by: Charles Perry <charles.perry@savoirfairelinux.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libexosip2: add c-ares and openssl PACKAGECONFIGCharles Perry2023-11-221-0/+4
| | | | | | | They are enabled by default as libexosip2 works better with those. Signed-off-by: Charles Perry <charles.perry@savoirfairelinux.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* frr: fix CVEs CVE-2023-4675{2,3} and CVE-2023-4723{4,5}Jonas Gorski2023-11-225-0/+455
| | | | | | | | | | | | | | | | | Add patches fixing CVE CVE-2023-46752, CVE-2023-46753, CVE-2023-47234, and CVE-2023-47235 to FRR 9.0. Patch order is commit order, not CVE numerical order, to avoid fuzz / need for rebasing of the patches. References: https://nvd.nist.gov/vuln/detail/CVE-2023-46752 https://nvd.nist.gov/vuln/detail/CVE-2023-46753 https://nvd.nist.gov/vuln/detail/CVE-2023-47234 https://nvd.nist.gov/vuln/detail/CVE-2023-47235 Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* strongswan: upgrade 5.9.11 -> 5.9.12Wang Mingyu2023-11-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: ========== - Fixed a vulnerability in charon-tkm related to processing DH public values that can lead to a buffer overflow and potentially remote code execution. - The new `pki --ocsp` command produces OCSP responses based on certificate status information provided by plugins. - The cert-enroll script handles the initial enrollment of an X.509 host certificate with a PKI server via the EST or SCEP protocols. - The --priv argument for charon-cmd allows using any type of private key. - Support for nameConstraints of type iPAddress has been added (the openssl plugin previously didn't support nameConstraints at all). - SANs of type uniformResourceIdentifier can now be encoded in certificates. - Password-less PKCS#12 and PKCS#8 files are supported. - A new global option allows preventing peers from authenticating with trusted end-entity certificates (i.e. local certificates). - ECDSA public keys that encode curve parameters explicitly are now rejected by all plugins that support ECDSA. - charon-nm now actually uses the XFRM interfaces added with 5.9.10, it can also use the name in connection.interface-name. - The resolve plugin tries to maintain the order of installed DNS servers. - The kernel-libipsec plugin always installs routes even if no address is found in the local traffic selectors. - Increased the default receive buffer size for Netlink sockets to 8 MiB and simplified its configuration. - Copy the issuer's subjectKeyIdentifier as authorityKeyIdentifier instead of always generating a hash of the subjectPublicKey. - Fixed issues while reestablishing multiple CHILD_SAs (e.g. after a DPD timeout) that could cause a reqid to get assigned to multiple CHILD_SAs with unrelated traffic selectors. - Fixed a possible infinite loop issue in watcher_t and removed WATCHER_EXCEPT, instead callbacks are always invoked even if only errors are signaled. - Fixed a regression in the IKE_SA_INIT tracking code added with 5.9.6 when handling invalid messages. - Fixed adding the XFRMA_REPLAY_ESN_VAL attribute twice when updating SAs. - Correctly encode SPI from REKEY_SA notify in CHILD_SA_NOT_FOUND notify if CHILD_SA is not found during rekeying. - The testing environment is now based on Debian 12 (bookworm), by default. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* open62541: update to v1.3.8Johannes Kauffmann2023-11-211-1/+1
| | | | | Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>