| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
| |
In [1] nmtui PACKAGECONFIG was introduced but they are still be
explicit in EXTRA_OEMESON and so remove the last.
[1] https://git.openembedded.org/meta-openembedded/commit/?id=c331f59e42e9c0bda9d47d0365e6c276746fc81d
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Changelog:
api: added a new dioctl for snort latency data
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Move `append' to the behind of RDEPENDS:${PN}-libs
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Extract mdns-libnss-mdns from the main package so we can mark it as an
RPROVIDE for libnss-mdns (matching avahi-libnss-mdns) and then
RRECOMMEND this when building with glibc.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
We want to select libdns_sd.so from either Avahi or mDNSResponder, make
the RPROVIDE match the one in Avahi.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
In case "encryption-openssl" PACKAGECONFIG is enabled, do_package_qa fails:
ERROR: open62541-1.3.8-r0 do_package_qa: QA Issue: File /usr/lib/cmake/open62541/open62541Targets.cmake in package open62541-dev contains reference to TMPDIR [buildpaths]
Fix it by changing the value of RECIPE_SYSROOT to CMAKE_SYSROOT variable,
so the qa check passes, and other CMake projects should be still able to find the
CMake package provided by this recipe.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
1. Set the correct LICENSE value
2. Csocket is a submodule of the main znc project. Instead of
cloning it separately in a subfolder, just let the gitsm fetcher
to fetch the correct revisions, at the correct place.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Recipes are much more readable with whitespace around the assignment operators.
Fix various assignments in meta-openembedded recipes to show this is definitely
the preferred formatting.
This fixes recipes with larger numbers of issues but there are just under 100
other references left to fix.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Building of net-snmp-native aborted due to
missing dependency with libpci-native.
Fixed by keeping the dependency on for
target recipe and removing it for native
CC: Yoann Congal <yoann.congal@smile.fr>
CC: Randy MacLeod <randy.macleod@windriver.com>
Signed-off-by: Christos Gavros <gavrosc@yahoo.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. The do_install:append() deleted the TMPDIR from the cmake file,
however that left two absolute pathes in the file: /usr/lib/libssl.so
and /usr/lib/libcrypto.so. In case another project is trying to link
to civetweb-server with cmake, it fails with the following error:
ninja: error: '/usr/lib/libssl.so', needed by 'examples/prometheus/prometheus_example', missing and no known rule to make it
Instead of only deleting the TMPDIR, change it to ${CMAKE_SYSROOT} -
a variable set by cmake.bbclass. This allows other projects to find
the required interfacing libraries successfully.
2. When linking to civetweb-server from another project using cmake,
the cmake file verifies if the /usr/bin/civetweb binary exists. When using
the class-target package, this file is not included in the sysroot during
build-time, so this check fails with the following error:
CMake Error at ${RECIPE_SYSROOT}/usr/lib/cmake/civetweb/civetweb-targets.cmake:97 (message):
The imported target "civetweb::server" references the file
"${RECIPE_SYSROOT}/usr/bin/civetweb"
but this file does not exist. Possible reasons include:
To avoid this error, this check is deleted for class-target.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Recent changes in to the autotools class in core means that it no longer
sets CONFIG_SITE for compile tasks. However, ntp decides to reconfigure
itself mid-build, so the CONFIG_SITE values are lost.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
ACLOCALEXTRAPATH is no longer used, so pass the required -I via
EXTRA_AUTORECONF.
Also explicitly disable aclocal as the aclocal is hand-maintained.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
- ACLOCALEXTRAPATH is gone in core with commit 878e1517d4890b31332a506ce903d57e1d7dff87
- Add patches to fix build with latest clang and gcc
- Drop disabling warnings as the fixes above take care of the problem
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
- Refuse clients if username or password is longer than USER_PASS_LEN
- Improve peer fingerprint documentation
- console_systemd: remove the timeout when using 'systemd-ask-password'
- Fix missing spaces in various messages
- GHA: Update macOS runners
- GHA: Simplify macOS builds
- Various typo fixes
- forward: Fix potential unaligned access in drop_if_recursive_routing
- send uname() release as IV_PLAT_VER= on non-windows versions
- preparing release 2.6.13
- Route: remove incorrect routes on exit
- Use a more robust way to get dco-win version
- Fix check_addr_clash argument order
- Add calls to nvlist_destroy to avoid leaks
- proxy.c: Clear sensitive data after use
- Protect cached username, password and token on client
- Fix more of uninitialized struct user_pass local vars
- Fix IPv6 in port-share journal
- Fix port-share journal doc
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Similarly to old openssl versions, proftpd has patch releases with
characters instead of numbers.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
See https://github.com/proftpd/proftpd/blob/1.3.8/RELEASE_NOTES
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Patch releases have character after version
devtool upgrade would currently downgrade 1.3.8b -> 1.3.8
This will make it upgrade 1.3.8b -> 1.3.8c
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
License-Update: Delete unnecessary blank lines
Changelog:
https://github.com/linux-wpan/wpan-tools/releases/tag/wpan-tools-0.10
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
=========
- Support of both Apple Silicon and Intel for macOS package.
- Add cvlan/svlan/tpmr capabilities.
- Disable LLDP in firmware for Intel X7xx cards on FreeBSD.
- Add lldpctl_watch_sync_unblock to liblldpctl.
- Add C++ wrapper for lldpctl.
- Fix AppArmor policy for /run/lldpd/lldpd.socket.lock.
- Do not query stats for a down interface on Linux.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
============
Enhancements
------------
* Add ntsaeads directive to enable only selected AEAD algorithms for NTS
* Add activate option to local directive to set activation threshold
* Add ipv4 and ipv6 options to server/pool/peer directive
* Add kod option to ratelimit directive for server KoD RATE support
* Add leapseclist directive to read NIST/IERS leap-seconds.list file
* Add ptpdomain directive to set PTP domain for NTP over PTP
* Allow disabling pidfile
* Improve copy server option to accept unsynchronised status instantly
* Log one selection failure on start
* Add offset command to modify source offset correction
* Add timestamp sources to ntpdata report
Workarounds
-----------
* Negotiate use of compliant NTS keys with AES-128-GCM-SIV AEAD algorithm
(by default the keys are generated differently than in RFC 8915 for
compatibility with chrony server and client versions 4.4, 4.5, and 4.6)
* Switch to compliant NTS keys if first response from server is NTS NAK
Bug fixes
---------
* Fix crash on sources reload during initstepslew or RTC initialisation
* Fix source refreshment to not repeat failed name resolving attempts
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Drop backports and not needed patches
Add local SRC_URI For googletests
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Change the SRC_URI to the correct value due to the following error:
WARNING: chrony-4.5-r0.wr2401 do_fetch: Failed to fetch URL https://download.tuxfamily.org/chrony/chrony-4.5.tar.gz, attempting MIRRORS if available
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://github.com/snort3/snort3/releases/tag/3.6.1.0
https://github.com/snort3/snort3/releases/tag/3.6.0.0
https://github.com/snort3/snort3/releases/tag/3.5.2.0
https://github.com/snort3/snort3/releases/tag/3.5.1.0
https://github.com/snort3/snort3/releases/tag/3.5.0.0
https://github.com/snort3/snort3/releases/tag/3.3.7.0
https://github.com/snort3/snort3/releases/tag/3.3.6.0
https://github.com/snort3/snort3/releases/tag/3.3.5.0
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
ChangeLog:
https://github.com/FRRouting/frr/commit/5f0beaa0fdd00b7a60c1765067d1b6fa65ce96c0
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Debian has fixed this CVE with [1].
That patch is taken from [2].
.../tmp/work/core2-64-poky-linux/spice/0.15.2/git$ git describe 69628ea13
v0.13.1-190-g69628ea1
.../tmp/work/core2-64-poky-linux/spice/0.15.2/git$ git tag --contains 69628ea13
v0.13.2
[1] https://sources.debian.org/patches/spice/0.12.5-1%2Bdeb8u5/CVE-2016-2150/0002-improve-primary-surface-parameter-checks.patch/
[2] https://gitlab.freedesktop.org/spice/spice/-/commit/69628ea1375282cb7ca5b4dc4410e7aa67e0fc02
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
ChangeLog:
https://github.com/strongswan/strongswan/releases/tag/6.0.0
The aes, curve25519, des, fips-prf, gmp, hmac, md5, pkcs12, rc2, sha1,
sha2 plugins are not enabled by default[1]. Remove these plugins from
RDEPENDS and add PACKAGECONFIG for them.
[1] https://github.com/strongswan/strongswan/blob/6.0.0/NEWS#L38
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
ChangeLog:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/1.50.0/NEWS
Drop 0001-libnm-systemd-core-Disable-sd_dhcp6_client_set_duid_.patch as
it has been merged upstream.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
ChangeLog:
https://github.com/FRRouting/frr/releases/tag/frr-10.2
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Solves CVE-2024-46613
Update dependencies:
- remove openssl and icu
- add cjson and gettext-native
Remove patch to find gcrypt which is no longer needed.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Solves CVE-2024-9781
Release notes:
https://www.wireshark.org/docs/relnotes/wireshark-4.2.7.html
https://www.wireshark.org/docs/relnotes/wireshark-4.2.8.html
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Per [1] this is fixed by [2].
The commit message says that it is reverting feature added in:
$ git tag --no-contains d7a0084 | grep 1.0.18
1.0.18
This recipe is for the original memcached which is unmaintained now.
Hence the ignore instead of upgrade.
[1] https://nvd.nist.gov/vuln/detail/CVE-2023-27478
[2] https://github.com/awesomized/libmemcached/commit/48dcc61a
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
After removing old libmemcached recipe version, these is no reasons
anymore to have this split.
The memcached resurrected project uses cmake and different urls.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
This no longer compiles with latest toolchains.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Solves CVE-2023-46852 and CVE-2023-46853.
Upgrade done via "devtool upgrade".
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Download URL is not listable so devtool upgrade fails.
Using homepage works as it contains link to latest release,
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Per [1] this is a problem of applications using memcached inproperly.
This should not be a CVE against php-memcached, but for whatever
software the issue was actually found in. php-memcached and
libmemcached provide a VERIFY_KEY flag if they're too lazy to
filter untrusted user input.
[1] https://github.com/php-memcached-dev/php-memcached/issues/519
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
It is fixed by [1] since 0.15.3.
NVD tracks this CVE as version-less.
[1] https://cgit.freedesktop.org/spice/spice-gtk/commit/?id=efbf867bb88845d5edf839550b54494b1bb752b9
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
NVD tracks this as version-less CVE for spice.
It was fixed by [1] and [2] included in 0.13.2.
[1] https://gitlab.freedesktop.org/spice/spice/-/commit/6b32af3e1746988bb5a5123263bcf61b65e5be7e
[2] https://gitlab.freedesktop.org/spice/spice/-/commit/359ac42a7ac02dcd1013757559292006647cd5c4
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fix-openssl-no-des.patch
refreshed for 5.74
* Bugfixes
- Fixed a stapling cache deallocation crash.
- Fixed "redirect" with protocol negotiation.
* Features
- "protocolHost" support for "socks" protocol clients.
- More detailed logs in OpenSSL 3.0 or later.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Chanh Nguyen <chanh@os.amperecomputing.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Add exact CPE name (from NVD database) in CVE_PRODUCT in order to ensure
CVE filtering and not be disturb by futur potential false-positive CVEs.
Signed-off-by: Benjamin Bouvier <benjamin.bouvier@ekinops.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This ancient CVE [1] is unversioned ("*") in NVD DB.
"mod_sqlpw module in ProFTPD does not reset a cached password..."
Looking at history and changelog, the module was removed [2] around
the time when this CVE was published, likely as reaction to this CVE.
"mod_sqlpw.c, mod_mysql.c and mod_pgsql.c have been REMOVED from the
distribution. They are currently unmaintained and have numerous bugs."
Note: It was later re-introduced as mod_sql when it got fixed under
new maintainer.
[1] https://nvd.nist.gov/vuln/detail/CVE-2001-0027
[2] https://github.com/proftpd/proftpd/blob/v1.3.8b/NEWS#L3362
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* since elfutils upgrade to 0.192 in:
https://git.openembedded.org/openembedded-core/commit/?id=1d6ac3c811798732e6addc798656bbe104661d77
json-c is detected in RSS and ov-rest plugin gets enabled, but fails to build:
../../../openhpi-3.8.0/plugins/ov_rest/ov_rest_event.c:78:10: fatal error: amqp_ssl_socket.h: No such file or directory
78 | #include <amqp_ssl_socket.h>
| ^~~~~~~~~~~~~~~~~~~
compilation terminated.
../../../openhpi-3.8.0/plugins/ov_rest/ov_rest_re_discover.c:707:23: error: initialization of 'SaErrorT' {aka 'int'} from 'void *' makes integer from pointer without a cast [-Wint-conversion]
707 | SaErrorT rv = NULL;
| ^~~~
* keep it explicitly disabled as it was disabled before
* add rabbitmq-c dependency for the first issue, the 2nd issue could be
worked around by:
# openhpi-3.8.0/plugins/ov_rest/ov_rest_re_discover.c:707:23: error: initialization of 'SaErrorT' {aka 'int'} from 'void *' makes integer from pointer without a cast [-Wint-conversion]
CFLAGS += "-Wno-error=int-conversion"
or better fixed properly by someone actually using this recipe
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Mistakenly removed musl-fixes.patch in previous commit.
update & Include 0001-Musl-build-fix.patch based on latest upstream of ot-br-posix
Remove CXXFLAGS:append:libc-musl:toolchain-clang = " -Wno-error=sign-compare
-Wno-error=unused-but-set-variable", as issue is not reproducible with
current SRCREV of ot-br-posix.
Signed-off-by: deepan.shivap <deepan.shivap@lge.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
