| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
| |
ChangeLog:
https://github.com/FRRouting/frr/releases/tag/frr-8.4.4
https://github.com/FRRouting/frr/commit/45e36c0c00a517ad1606135b18c5753e210cfc0d
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Changelog:
https://weechat.org/files/doc/weechat/ChangeLog-4.0.0.html
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Refer to https://git.netfilter.org/conntrack-tools/tree/INSTALL, add
required kernel modules to RRECOMMENDS.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Refer to
https://salsa.debian.org/pkg-netfilter-team/pkg-conntrack-tools/-/blob/master/debian/conntrackd.service,
add systemd unit file conntrackd.service.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This release contains bug fixes only.
The following CVEs have been addressed:
CVE-2023-27783
CVE-2023-27784
CVE-2023-27785
CVE-2023-27786
CVE-2023-27787
CVE-2023-27788
CVE-2023-27789
Changelog:
=========
dlt_jnpr_ether_cleanup: check subctx before cleanup by @Marsman1996 in #781
Bug #780 assert tcpedit dlt cleanup by @fklassen in #800
Fix bugs caused by strtok_r by @Marsman1996 in #783
Bug #782 #784 #785 #786 #787 #788 strtok r isuses by @fklassen in #801
Update en10mb.c by @david-guti in #793
PR #793 ip6 unicast flood by @fklassen in #802
Bug #719 fix overflow check for parse_mpls() by @fklassen in #804
PR #793 - update tests for corrected IPv6 MAC by @fklassen in #805
PR #793 - update tests for vlandel by @fklassen in #806
Feature #773 gh actions ci by @fklassen in #807
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is new patch-status QA check in oe-core:
https://git.openembedded.org/openembedded-core/commit/?id=76a685bfcf927593eac67157762a53259089ea8a
This is temporary work around just to hide _many_ warnings from
optional patch-status (if you add it to WARN_QA).
This just added
Upstream-Status: Pending
everywhere without actually investigating what's the proper status.
This is just to hide current QA warnings and to catch new .patch files being
added without Upstream-Status, but the number of Pending patches is now terrible:
5 (26%) meta-xfce
6 (50%) meta-perl
15 (42%) meta-webserver
21 (36%) meta-gnome
25 (57%) meta-filesystems
26 (43%) meta-initramfs
45 (45%) meta-python
47 (55%) meta-multimedia
312 (63%) meta-networking
756 (61%) meta-oe
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Version 3.4.0 adds a lot of improvements and fixes (a notable one
being initial support for PKCS7 CMS), but since this is a pretty
big jump, let's keep both versions for a while, so the v2.x users
can upgrade to 3.x in a timely manner if needed.
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
- A deadlock in the vici plugin has been fixed that could get triggered when
multiple connections were initiated/terminated concurrently and control-log
events were raised by the watcher_t component.
- CRLs have to be signed by a certificate that has the cRLSign keyUsage bit
encoded (even if it's a CA), or a CA certificate without keyUsage extension.
- Optional CA labels in EST server URIs are supported by `pki --est/estca`.
- CMS-style signatures in PKCS#7 containers are supported by the pkcs7 and
openssl plugins, which allows verifying RSA-PSS and ECDSA signatures.
- Fixed a regression in the server implementation of EAP-TLS with TLS 1.2 or
earlier that was introduced with 5.9.10.
- Ensure the TLS handshake is complete in the EAP-TLS client with TLS <= 1.2.
- kernel-libipsec can process raw ESP packets on Linux (disabled by default) and
gained support for trap policies.
- The dhcp plugin uses an alternate method to determine the source address
for unicast DHCP requests that's not affected by interface filtering.
- Certificate and trust chain selection as initiator has been improved in case
the local trust chain is incomplete and an unrelated certreq is received.
- ECDSA and EdDSA keys in IPSECKEY RRs are supported by the ipseckey plugin.
- To bypass tunnel mode SAs/policies, the kernel-wfp plugin installs bypass
policies also on the FWPM_SUBLAYER_IPSEC_TUNNEL sublayer.
- Stale OCSP responses are now replace in-place in the certificate cache.
- Fixed parsing of SCEP server capabilities by `pki --scep/scepca`.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
The READMEs are often viewed from websites markdown format which is
much as readable as text and yet friendlier in browsers.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Type=forking means systemd waits untill the main process, /usr/sbin/ntpd
in this case, has exited. However, the ntpd daemon does not seem to call
fork() or vfork() and runs endlessly untill killed. Eventually, this
causes systemd to trigger a timeout, and the ntpd service is killed. All
the while, "systemctl status ntpd" shows "activating (start)" instead of
"active (running)". This is fixed by switching Type=forking to
Type=simple.
Reading ntpd(8) shows that the "-n" option requests ntpd not to fork, so
also use that to be safe.
Finally, there is no need anymore to keep a pidfile around.
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
By default, subscriptions are turned on.
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
By default, open62541 is built without multithreading support. Make this
configurable.
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
* [Bug 3824] Spurious "ntpd: daemon failed to notify parent!" logged at
event_sync.
* [Bug 3822] ntpd significantly delays first poll of servers specified by name.
* [Bug 3821] 4.2.8p16 misreads hex authentication keys, won't interop with
4.2.8p15 or earlier.
* Add tests/libntp/digests.c to catch regressions reading keys file or with
symmetric authentication digest output.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
- When --no-decorate is given the default output will
include no colors (#28)
- Correctly split networks with /31 (#25)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
lld flags errors when checking for --version-script linker option since
the export file specifies symbols which do not exist during link, so in
a way it is right, however bfd linker works fine and ignores this error.
perhaps the meson check should be improved but until them lets add
--undefined-version option to linker when using lld
Fixes
aarch64-yoe-linux-ld.lld: error: TOPDIR/build/tmp/work/cortexa72-cortexa53-crypto-mx8-yoe-linux/spice-gtk/0.42-r0/git/src/spice-glib-sym-file:1: unknown directive: spice_audio_get
>>> spice_audio_get
>>> ^
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Drop CVE patch as its included.
Drop 0003-bison-Remove-line-directives.patch as file is not longer there.
refactor 0001-wireshark-src-improve-reproducibility.patch
LIC_FILES_CHKSUM changed do to re-structuring.
Remove TMPDIR found in some files.
Remove c-ares PACKAGECONFIG as its a required pkg
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There's conflict of config.h between dovecot and lib32-dovecot.
The differences of config-64.h and config-32.h are as follows:
@@ -774,7 +774,7 @@
#define MODULE_SUFFIX ".so"
/* Maximum value of off_t */
-#define OFF_T_MAX LONG_MAX
+#define OFF_T_MAX LLONG_MAX
/* Name of package */
#define PACKAGE "dovecot"
@@ -834,7 +834,7 @@
#define PRIdTIME_T "ld"
/* printf() format for uoff_t */
-#define PRIuUOFF_T "lu"
+#define PRIuUOFF_T "llu"
/* printf() fmt for hex time_t */
#define PRIxTIME_T "lx"
@@ -846,19 +846,19 @@
#define SIZEOF_INT 4
/* The size of `long', as computed by sizeof. */
-#define SIZEOF_LONG 8
+#define SIZEOF_LONG 4
/* The size of `long long', as computed by sizeof. */
#define SIZEOF_LONG_LONG 8
/* The size of `void *', as computed by sizeof. */
-#define SIZEOF_VOID_P 8
+#define SIZEOF_VOID_P 4
/* Build SQL drivers as plugins */
/* #undef SQL_DRIVER_PLUGINS */
/* Maximum value of ssize_t */
-#define SSIZE_T_MAX LONG_MAX
+#define SSIZE_T_MAX INT_MAX
/* C99 static array */
#define STATIC_ARRAY static
@@ -887,13 +887,13 @@
/* #undef UOFF_T_INT */
/* Define if off_t is long */
-#define UOFF_T_LONG /**/
+/* #undef UOFF_T_LONG */
/* Define if off_t is long long */
-/* #undef UOFF_T_LONG_LONG */
+#define UOFF_T_LONG_LONG /**/
/* Maximum value of uoff_t */
-#define UOFF_T_MAX ULONG_MAX
+#define UOFF_T_MAX ULLONG_MAX
/* Build with checkpassword userdb support */
#define USERDB_CHECKPASSWORD /**/
@@ -935,7 +935,7 @@
#endif
/* Number of bits in a file offset, on hosts where this is settable. */
-/* #undef _FILE_OFFSET_BITS */
+#define _FILE_OFFSET_BITS 64
/* Define for large files, on AIX-style hosts. */
/* #undef _LARGE_FILES */
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Apart the bugfixes, the 1.3.0 introduced the following features:
feat(service): add Warpinator (6de3f18)
feat(dbus): reset to default settings (4d327c5)
feat(service): add bareos-director bareos-filedaemon bareos-storage (7552095)
feat(policy): masquerade: allow ingress zone to have interface (d8ebe1d)
feat(service): add Nebula service (3f59ce9)
feat(service): add Ceph Prometheus exporter (ef9d51f)
feat(service): add OMG DDS service definition (9ad3d37)
feat(service): add llmnr-client service (0ae765c)
feat(service): add ps2link service (6d1586c)
feat(service): add definition for syncthing-relay (cab0d43)
Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Without any build type specified, open62541 defaults to "Debug".
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
0001-libntp-Do-not-use-PTHREAD_STACK_MIN-on-glibc.patch
0001-test-Fix-build-with-new-compiler-defaults-to-fno-com.patch
refreshed for new version.
Changelog
=========
- fixes 4 vulnerabilities (3 LOW and 1 None severity),
- fixes 46 bugs
- includes 15 general improvements
- adds support for OpenSSL-3.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This reverts the commit df47d871c7f3bbe3fdd8b0ed7230d3bfb8daf6fd.
The correct DISTRO_FEATURE is gobject-introspection-data,
which shall also be used by firewalld.
Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
This fixes the commit 046ee4bb3061214a794d7be6d324a79d92053dfa.
The correct DISTRO_FEATURE is gobject-introspection-data.
Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
This fixes the commit 1f04864065ec1cbd4b835ad47cbc50ff6ebc8e30.
The correct DISTRO_FEATURE is gobject-introspection-data.
Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Since v1.3.4, support for OpenSSL 3.0 has been added.
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Fixes
File /usr/src/debug/ettercap/0.8.3.1-r0/utils/ef_grammar.c in package ettercap-src contains reference to TMPDIR
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Fixes
WARNING: rdma-core-46.0-r0 do_package_qa: QA Issue: File /usr/lib/udev/rules.d/60-srp_daemon.rules in package rdma-core contains reference to TMPDIR
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Fixes
WARNING: ruli-0.36-r0 do_package_qa: QA Issue: File /usr/lib/.debug/libruli.so.4 in package ruli-dbg contains reference to TMPDIR [buildpaths]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Fixes
WARNING: zeroconf-0.9-r1 do_package_qa: QA Issue: File /usr/sbin/.debug/zeroconf in package zeroconf-dbg contains reference to TMPDIR [buildpaths]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
This helps in avoiding absolute build time paths in binaries debug info
Fixes
WARNING: ipvsadm-1.31-r0 do_package_qa: QA Issue: File /usr/sbin/.debug/ipvsadm in package ipvsadm-dbg contains reference to TMPDIR [buildpaths]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
CCFLAGS is used in Make rules which will ensure file remapping options
are used when compiling
Fixes
WARNING: vlan-1.9-r0 do_package_qa: QA Issue: File /usr/sbin/.debug/vconfig.vlan in package vlan-dbg contains reference to TMPDIR [buildpaths]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
The build of NM involves running Python that uses PyGObject, so add that
to DEPENDS.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
Merge pull request #1327 from haoyue-Xu/bugfixes
libhns: Disable local invalidate operation
Merge pull request #1330 from amzn/change-maintainer
MAINTAINERS: Update EFA provider maintainer
Merge pull request #1329 from selvintxavier/bnxt_update
bnxt_re/lib: Remove deferred arming logic
bnxt_re/lib: Fix the UD completion reported
Merge pull request #1328 from amzn/tests-fix
tests: Skip rc_flush tests if not supported in kernel
tests: Fix get_net_name for cases there is no net device
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
License-Update: Update SSL configure instructions and license info.
Changelog:
===========
- OpenSSL 1.1.1t and 3.0.8 and wolfSSL 5.5.4 (or newer on the respective compatible branches) remain supported.
- updated translations and bumped SSL/TLS library version requirements.
- fixed a critical softbounce bug
- finds both rst2html5 with and without .py suffix when rebuilding the distribution.
- updated the configure script for --with-ssl properly identifying the right
OpenSSL on a system with multiple OpenSSL versions installed, and updates the
manual page and its HTML conversion process, and adds some error checking to the .netrc parser.
- added a wolfSSL compatibility workaround
- updated the manual page and several other documentation files, adds preliminary
wolfSSL 5.0 support on systems that provide a C99 compiler, fixed up a specific
fix for a compatibility issue with the end-of-life OpenSSL 1.0.2 around the
expiry of the DST Root CA X3 certificate which impairs connectivity to
Let's-Encrypt-certified sites. Supported OpenSSL versions 1.1.1 and newer are unaffected.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
* Fix:
Read overflow when parsing CDP addresses.
Don't output empty lines on configure commands.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
features
firewalld is only enabled when gobject-introspection is in distro
features which is required package to build system-config-printer
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
This project uses gobject-introspection, so depend on the DISTRO_FEATURE.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
This project uses gobject-introspection, so depend on the DISTRO_FEATURE.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
This project uses gobject-introspection, so depend on the DISTRO_FEATURE.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
* it was removed from SRC_URI in:
https://git.openembedded.org/meta-openembedded/commit/?id=8359cf87458d185011831a8132b8af17bcbc9605
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
dhcp-relay contains a bundled bind thus their development packages
conflict each other.
Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Since multiple crypto provider aren't supported simultaneously, the
mbedtls packageconfig conflicts with the openssl packgeconfig.
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
... in anticipation for OpenSSL as crypto provider.
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Fix buildpath QA errors while here by passing bitbake provided cflags to
build env
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
