summaryrefslogtreecommitdiffstats
path: root/meta-webserver
Commit message (Collapse)AuthorAgeFilesLines
* recipes: Update SRC_URI branch and protocolsArmin Kuster2021-11-175-5/+5
| | | | | | | | This patch updates SRC_URIs using git to include branch=master if no branch is set and also to use protocol=https for github urls as generated by the conversion script in OE-Core. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* Apache: Several CVE fixesArmin Kuster2021-10-281-1/+1
| | | | | | | | | | | | | | | | | | | | | | Source: Apache.org MR: 113457, 113453 Type: Security Fix Disposition: Backport from apache.org 2.4.51 ChangeID: 9d7b58f49487baff99bf8f101e53217425a2b81f Description: Bug fix only update. LTS version https://httpd.apache.org/security/vulnerabilities_24.html Fixes CVEs: CVE-2021-42013 CVE-2021-41524 CVE-2021-41773 Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit c59ce3299e8ed52a520a95f0bc0d0996b1cc37df) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* apache2: upgrade 2.4.48 -> 2.4.49wangmy2021-10-011-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://git.openembedded.org/meta-openembedded MR: 112702, 113258, 113284, 113290, 113296 Type: Security Fix Disposition: Backport from https://git.openembedded.org/meta-openembedded/commit/meta-webserver/recipes-httpd/apache2?h=honister&id=54a96fa4feb1a7712f9f3d1190c0d95d89eb6c7c ChangeID: 1576d86baac5a72ea4d2909a8a05c0c87fdce2f1 Description: Changes with Apache 2.4.49 *) SECURITY: CVE-2021-40438 (cve.mitre.org) mod_proxy: Server Side Request Forgery (SSRF) vulnerabilty [Yann Ylavic] *) SECURITY: CVE-2021-39275 (cve.mitre.org) core: ap_escape_quotes buffer overflow *) SECURITY: CVE-2021-36160 (cve.mitre.org) mod_proxy_uwsgi: Out of bound read vulnerability [Yann Ylavic] *) SECURITY: CVE-2021-34798 (cve.mitre.org) core: null pointer dereference on malformed request *) SECURITY: CVE-2021-33193 (cve.mitre.org) mod_http2: Request splitting vulnerability with mod_proxy [Stefan Eissing] *) core/mod_proxy/mod_ssl: Adding `outgoing` flag to conn_rec, indicating a connection is initiated by the server to somewhere, in contrast to incoming connections from clients. Adding 'ap_ssl_bind_outgoing()` function that marks a connection as outgoing and is used by mod_proxy instead of the previous optional function `ssl_engine_set`. This enables other SSL module to secure proxy connections. The optional functions `ssl_engine_set`, `ssl_engine_disable` and `ssl_proxy_enable` are now provided by the core to have backward compatibility with non-httpd modules that might use them. mod_ssl itself no longer registers these functions, but keeps them in its header for backward compatibility. The core provided optional function wrap any registered function like it was done for `ssl_is_ssl`. [Stefan Eissing] *) mod_ssl: Support logging private key material for use with wireshark via log file given by SSLKEYLOGFILE environment variable. Requires OpenSSL 1.1.1. PR 63391. [Joe Orton] *) mod_proxy: Do not canonicalize the proxied URL when both "nocanon" and "ProxyPassInterpolateEnv On" are configured. PR 65549. [Joel Self <joelself gmail.com>] *) mpm_event: Fix children processes possibly not stopped on graceful restart. PR 63169. [Joel Self <joelself gmail.com>] *) mod_proxy: Fix a potential infinite loop when tunneling Upgrade(d) protocols from mod_proxy_http, and a timeout triggering falsely when using mod_proxy_wstunnel, mod_proxy_connect or mod_proxy_http with upgrade= setting. PRs 65521 and 65519. [Yann Ylavic] *) mod_unique_id: Reduce the time window where duplicates may be generated PR 65159 [Christophe Jaillet] *) mpm_prefork: Block signals for child_init hooks to prevent potential threads created from there to catch MPM's signals. [Ruediger Pluem, Yann Ylavic] *) Revert "mod_unique_id: Fix potential duplicated ID generation under heavy load. PR 65159" added in 2.4.47. This causes issue on Windows. [Christophe Jaillet] *) mod_proxy_uwsgi: Fix PATH_INFO setting for generic worker. [Yann Ylavic] *) mod_md: Certificate/keys pairs are verified as matching before a renewal is accepted as successful or a staged renewal is replacing the existing certificates. This avoid potential mess ups in the md store file system to render the active certificates non-working. [@mkauf] *) mod_proxy: Faster unix socket path parsing in the "proxy:" URL. [Yann Ylavic] *) mod_ssl: tighten the handling of ALPN for outgoing (proxy) connections. If ALPN protocols are provided and sent to the remote server, the received protocol selected is inspected and checked for a match. Without match, the peer handshake fails. An exception is the proposal of "http/1.1" where it is accepted if the remote server did not answer ALPN with a selected protocol. This accomodates for hosts that do not observe/support ALPN and speak http/1.x be default. *) mod_proxy: Fix possible reuse/merging of Proxy(Pass)Match worker instances with others when their URLs contain a '$' substitution. PR 65419 + 65429. [Yann Ylavic] *) mod_dav: Add method_precondition hook. WebDAV extensions define conditions that must exist before a WebDAV method can be executed. This hook allows a WebDAV extension to verify these preconditions. [Graham Leggett] *) Add hooks deliver_report and gather_reports to mod_dav.h. Allows other modules apart from versioning implementations to handle the REPORT method. [Graham Leggett] *) Add dav_get_provider(), dav_open_lockdb(), dav_close_lockdb() and dav_get_resource() to mod_dav.h. [Graham Leggett] *) core: fix ap_escape_quotes substitution logic. [Eric Covener] *) Easy patches: synch 2.4.x and trunk - mod_auth_basic: Use ap_cstr_casecmp instead of strcasecmp. - mod_ldap: log and abort locking errors. - mod_ldap: style fix for r1831165 - mod_ldap: build break fix for r1831165 - mod_deflate: Avoid hard-coded "%ld" format strings in mod_deflate's logging statements - mod_deflate: Use apr_uint64_t instead of uint64_t (follow up to r1849590) - mod_forensic: Follow up to r1856490: missing one mod_log_forensic test_char_table case. - mod_rewrite: Save a few cycles. - mod_request: Fix a comment (missing '_' in 'keep_body') and some style issues - core: remove extra whitespace in HTTP_NOT_IMPLEMENTED [Christophe Jaillet] *) core/mpm: add hook 'child_stopping` that gets called when the MPM is stopping a child process. The additional `graceful` parameter allows registered hooks to free resources early during a graceful shutdown. [Yann Ylavic, Stefan Eissing] *) mod_proxy: Fix icomplete initialization of BalancerMember(s) from the balancer-manager, which can lead to a crash. [Yann Ylavic] *) mpm_event: Fix graceful stop/restart of children processes if connections are in lingering close for too long. [Yann Ylavic] *) mod_md: fixed a potential null pointer dereference if ACME/OCSP server returned 2xx responses without content type. Reported by chuangwen. [chuangwen, Stefan Eissing] *) mod_md: - Domain names in `<MDomain ...>` can now appear in quoted form. - Fixed a failure in ACME challenge selection that aborted further searches when the tls-alpn-01 method did not seem to be suitable. - Changed the tls-alpn-01 setup to only become unsuitable when none of the dns names showed support for a configured 'Protocols ... acme-tls/1'. This allows use of tls-alpn-01 for dns names that are not mapped to a VirtualHost. [Stefan Eissing] *) Add CPING to health check logic. [Jean-Frederic Clere] *) core: Split ap_create_request() from ap_read_request(). [Graham Leggett] *) core, h2: common ap_parse_request_line() and ap_check_request_header() code. [Yann Ylavic] *) core: Add StrictHostCheck to allow unconfigured hostnames to be rejected. [Eric Covener] *) htcacheclean: Improve help messages. [Christophe Jaillet] Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 54a96fa4feb1a7712f9f3d1190c0d95d89eb6c7c) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit f44e1a2b575826e88b8cb2725e54a7c5d29cf94a) Signed-off-by: Armin Kuster <akuster@mvista.com>
* apache2: upgrade 2.4.46 -> 2.4.48Changqing Li2021-09-026-241/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: https://git.openembedded.org/meta-openembedded https://git.openembedded.org/meta-openembedded MR: 112869, 112835, 105131, 112702, 112829 Type: Security Fix Disposition: Backport from https://git.openembedded.org/meta-openembedded/commit/meta-webserver/recipes-httpd/apache2?id=ba016d73b5233a43ec6e398b45445d13ddaad745 ChangeID: f3ac0bc1005c94a694573b823c8f3f7d4a15360c Description: Apache2 2.4.x is an LTS version with bug and CVE fixes. https://downloads.apache.org/httpd/CHANGES_2.4.48 Includes these CVE fixes: 2.4.48 CVE-2021-31618 2.4.47 CVE-2020-13938 CVE-2020-11985 CVE-2021-33193 CVE-2019-17567 Drop these patches included in update: CVE-2020-13950.patch CVE-2020-35452.patch CVE-2021-26690.patch CVE-2021-26691.patch CVE-2021-30641.patch Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit ba016d73b5233a43ec6e398b45445d13ddaad745) Signed-off-by: Armin Kuster <akuster@mvista.com>
* nginx: fix CVE-2021-3618Joe Slater2021-08-212-0/+90
| | | | | | | | | | | | | | | | | | | | | Source: meta-openembedded.ort MR: 112731 Type: Security Fix Disposition: Backport from https://git.openembedded.org/meta-openembedded/commit/meta-webserver/recipes-httpd/nginx?id=f92dbcc4c2723e6ff4e308c8a2e6dc228a6cd7d5 ChangeID: dd3295b606d73e01dd09291d85d529dea17a1a9e Description: Backport with no change a patch from version 1.21.0. This patch was not cherry-picked by nginx to version 1.20.1. Information about this CVE comes from https://ubuntu.com/security/CVE-2021-3618. Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit f92dbcc4c2723e6ff4e308c8a2e6dc228a6cd7d5) [refesh patch for Dunfell context] Signed-off-by: Armin Kuster <akuster@mvista.com>
* hiawatha: fix url.Armin Kuster2021-07-241-1/+1
| | | | | | | | files moved under a new dir structure. ERROR: hiawatha-10.10-r0 do_fetch: Fetcher failure for URL: 'http://hiawatha-webserver.org/files/hiawatha-10.10.tar.gz'. Unable to fetch URL from any source. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* apache2: fix CVE-2020-13950 CVE-2020-35452 CVE-2021-26690 CVE-2021-26691 ↵Li Wang2021-07-106-0/+239
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CVE-2021-30641 CVE-2020-13950: Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service References: https://nvd.nist.gov/vuln/detail/CVE-2020-13950 Upstream patches: https://bugzilla.redhat.com/show_bug.cgi?id=1966738 https://github.com/apache/httpd/commit/8c162db8b65b2193e622b780e8c6516d4265f68b CVE-2020-35452: Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow References: https://nvd.nist.gov/vuln/detail/CVE-2020-35452 Upstream patches: https://security-tracker.debian.org/tracker/CVE-2020-35452 https://github.com/apache/httpd/commit/3b6431eb9c9dba603385f70a2131ab4a01bf0d3b CVE-2021-26690: Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service References: https://nvd.nist.gov/vuln/detail/CVE-2021-26690 Upstream patches: https://security-tracker.debian.org/tracker/CVE-2021-26690 https://github.com/apache/httpd/commit/67bd9bfe6c38831e14fe7122f1d84391472498f8 CVE-2021-26691: In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow References: https://nvd.nist.gov/vuln/detail/CVE-2021-26691 Upstream patches: https://bugzilla.redhat.com/show_bug.cgi?id=1966732 https://github.com/apache/httpd/commit/7e09dd714fc62c08c5b0319ed7b9702594faf49b CVE-2021-30641: Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' References: https://nvd.nist.gov/vuln/detail/CVE-2021-30641 Upstream patches: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-30641 https://github.com/apache/httpd/commit/6141d5aa3f5cf8f1b89472e7fdb66578810d0ae3 Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 70b1aa0a4cd4bfd08b6c8d36a76f9b7cf20d61a6) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nginx: fix CVE-2021-23017Changqing Li2021-07-102-0/+47
| | | | | | | Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 82385049035a3a4a81b18af099d2131b46802965) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-meta-webserver: remove nostromo from pkg grpArmin Kuster2021-05-141-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nostromo: Blacklist and exclude from world buildsArmin Kuster2021-05-141-0/+3
| | | | | | Host site is dead. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* apache2: upgrade v2.4.43 -> v2.4.46Sakib Sajal2021-01-121-2/+2
| | | | | | | | | | | | | | | | | | | | Source: meta-openembedded.org MR: 105034, 105034, 105124 Type: Security Fix Disposition: Backport from https://git.openembedded.org/meta-openembedded/commit/meta-webserver/recipes-httpd/apache2?h=gatesgarth&id=fc995b3cfed86850ce5ab1b70da1e31560ac350f ChangeID: 37b9f376c5e4b9a9355f867bac56454e2630d86c Description: Minor upgrade inluding bug and CVE fixes, namely: - CVE-2020-9490 - CVE-2020-11984 - CVE-2020-11993 Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit fc995b3cfed86850ce5ab1b70da1e31560ac350f) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* apache2: create log/run directory via pkg_postinstYi Zhao2020-05-285-9/+23
| | | | | | | | | | | The commit e789c3837ca8d65abb4bac29dc2e5c595c8ce05b tries to create log/run directory in initscript/systemd unit file. This is not a correct method. We should create them in pkg_postinst. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 6f4d0dbfbc7d5ab8c5781379884f41d30cb6db25) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* apache2: fix service start failChangqing Li2020-05-205-13/+9
| | | | | | | | | | | | | | | | | | | | | | reproduce steps: 1. boot up target 2. scp apache2-2.4.41-r0.1.aarch64.rpm on target 3. rpm -i apache2-2.4.41-r0.1.aarch64.rpm 4. systemctl status apache2 Error: httpd[7767]: (2)No such file or directory: AH02291: Cannot access directory '/var/log/apache2/' for main error log with the old way, /var/log/apache2/ is created by service systemd-tmpfiles-setup during boot, so only works when apache2 already installed before boot, in above scenario, /var/log/apache2/ will not created. fix by creating it in the service file. similar fix for sysV system Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit e789c3837ca8d65abb4bac29dc2e5c595c8ce05b) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nginx: remove /var/log/nginx when do_installYi Zhao2020-05-171-1/+3
| | | | | | | | | | Remove directory /var/log/nginx when do_install because it is created by volatiles file. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 6e9f393605eed1e5f4e317536b1463b83b978bad) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* README: updated Maintainers list for DunfellArmin Kuster2020-05-051-4/+4
| | | | | Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* xdebug: upgrade 2.7.2 -> 2.9.5Changqing Li2020-04-271-2/+2
| | | | | Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* apache2: add patch ensuring destdir is empty stringTrevor Gamblin2020-04-172-0/+50
| | | | | | | | | | | | | | | | | | | | | apache2 added cross-compilation support after 2.4.41, but this conflicts with our own cross-compilation setup and causes related recipes like apache-websocket to fail to find config files (due to incorrect file paths) during build: | cannot open /ala-lpggp31/tgamblin/yocto/poky.git/build/tmp/work/core2-64-poky-linux/apache-websocket/0.1.1+gitAUTOINC+6968083264-r0/recipe-sysroot/ala-lpggp31/tgamblin/yocto/poky.git/build/tmp/work/core2-64-poky-linux/apache-websocket/0.1.1+gitAUTOINC+6968083264-r0/recipe-sysroot//usr/share/apache2/build/config_vars.mk: No such file or directory at /ala-lpggp31/tgamblin/yocto/poky.git/build/tmp/work/core2-64-poky-linux/apache-websocket/0.1.1+gitAUTOINC+6968083264-r0/recipe-sysroot/usr/bin/crossscripts/apxs line 213. Add this patch to ensure that the $destdir variable used in apache2's cross-compilation scheme is always the empty string so that apache-websocket can find the right files. Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* apache2: upgrade 2.4.41 -> 2.4.43Trevor Gamblin2020-04-171-3/+3
| | | | | | | | | | | | | | | | | LICENSE file was updated due to a typo fix. Note that this upgrade fixes two CVES affecting versions 2.4.41 and earlier: CVE: CVE-2020-1927 CVE: CVE-2020-1934 See: https://nvd.nist.gov/vuln/detail/CVE-2020-1927 https://nvd.nist.gov/vuln/detail/CVE-2020-1934 Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* phpmyadmin: upgrade 4.9.2 -> 5.0.2Wang Mingyu2020-04-011-2/+2
| | | | | Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nostromo: upgrade 1.9.6 -> 1.9.7Wang Mingyu2020-04-011-2/+2
| | | | | Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* layers: update LAYERSERIES_COMPAT to dunfellKhem Raj2020-03-201-1/+1
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: fix error during service startupChangqing Li2020-02-262-0/+100
| | | | | | | | | fix below error: nginx.service: failed to parse pid from file /run/nginx/nginx.pid: invalid argument Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: update to the latest development version (1.17.8)Derek Straka2020-02-092-6/+10
| | | | | | | See Changelog: https://nginx.org/en/CHANGES Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: update to the latest stable version (1.16.1)Derek Straka2020-02-092-10/+6
| | | | | | | | See changlog here: https://nginx.org/en/CHANGES-1.16 * Fixes CVE-2019-9511, CVE-2019-9513, CVE-2019-9516 Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* hiawatha: upgrade 10.7 -> 10.10Pierre-Jean Texier2020-02-031-2/+2
| | | | | | | See full changelog https://www.hiawatha-webserver.org/changelog Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* netdata: Add libatomic to link stepKhem Raj2020-01-281-0/+2
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cherokee: Replace using BBPATH with BBFILE_COLLECTIONS for meta-python2 checkKhem Raj2020-01-222-2/+2
| | | | | | BBPATH check actually does not work Signed-off-by: Khem Raj <raj.khem@gmail.com>
* recipes: Turn inherit classes from meta-py2 to conditional constructsKhem Raj2020-01-221-1/+1
| | | | | | helps parsing without meta-py2 in mix Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cherokee: Only build with meta-py2 is in layermixKhem Raj2020-01-222-2/+8
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cherokee: Use python3 native during buildKhem Raj2020-01-221-1/+1
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* phpmyadmin: upgrade 4.9.1 -> 4.9.2Yi Zhao2019-12-131-2/+2
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: fix install pathsGaylord Charles2019-11-171-2/+2
| | | | | | | | | | | This patch fixes Nginx install paths. I tried to build the native variant for testing purpose and had errors. - Use path variable instead of /usr - Replace the absolute path symlink with a relative one Signed-off-by: Gaylord CHARLES <gaylord.charles@veo-labs.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* layer.conf: Add phpmyadmin->php dep to SIGGEN_EXCLUDE_SAFE_RECIPE_DEPSKhem Raj2019-11-131-0/+1
| | | | | | | | | phpmyadmin rdeps on php-cli but we can ignore signatures for the deps ERROR: phpmyadmin different signature for task do_package_write_ipk.sigdata Hash for dependent task php/php_7.3.11.bb:do_packagedata changed Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cherokee: Fix build when time_t is 64bitKhem Raj2019-11-112-0/+48
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cherokee: Update to latestKhem Raj2019-11-101-1/+1
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* webmin: Clarify BSD license variantChristophe PRIOUZEAU2019-10-241-1/+1
| | | | | | | The License of webmin is BSD-3-Clause. Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* spawn-fcgi: Clarify BSD license variantChristophe PRIOUZEAU2019-10-241-1/+1
| | | | | | | The License of spawn-fcgi is BSD-3-Clause. Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* Add zeus compatibility to all layer.conf filesPalmer Dabbelt2019-10-081-1/+1
| | | | | | | | | | | I have no idea if this is the right thing to do, but without the patch I can't actually buil OE because none of these layers are compatible with the change in openembedded-core to move to zeus. Fixes: a5c9709b8d ("layer.conf: Update for zeus series") # openembedded-core Signed-off-by: Palmer Dabbelt <palmer@dabbelt.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* phpmyadmin: upgrade 4.9.0.1 -> 4.9.1Yi Zhao2019-09-231-3/+3
| | | | | | | License-Update: tecnickcom/tcpdf/LICENSE.TXT: copyright years updated. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* netdata: Update to 1.17.0 and fix build with clang/x86Khem Raj2019-09-101-2/+5
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* apache-websocket: fix module pathYi Zhao2019-09-101-4/+4
| | | | | | | | The apache2 module's path has been changed from ${libdir} to ${libexecdir} in commit 8d4d608b4e937bb3b8e3b260bd75338c3ff7e8fd. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* apache2: fix multilib file conflictsKai Kang2019-09-051-3/+3
| | | | | | | | | | | | | | | | | | | There are errors of apache2 about files conflicts when multilib enabled: | Error: Transaction check error: | file /etc/apache2/extra/httpd-ssl.conf conflicts between attempted installs of lib32-apache2-2.4.41-r0.core2_32 and apache2-2.4.41-r0.core2_64 | file /etc/apache2/httpd.conf conflicts between attempted installs of lib32-apache2-2.4.41-r0.core2_32 and apache2-2.4.41-r0.core2_64 | file /usr/sbin/envvars conflicts between attempted installs of lib32-apache2-2.4.41-r0.core2_32 and apache2-2.4.41-r0.core2_64 | file /usr/sbin/envvars-std conflicts between attempted installs of lib32-apache2-2.4.41-r0.core2_32 and apache2-2.4.41-r0.core2_64 It makes libexecdir point to ${libdir}. Reset to ${libexecdir} which could eliminate file conflicts of the conf files. And remove /usr/sbin/envvars and /usr/sbin/envvars-std which only used by apachectl. They only add standard library path ${libdir} to LD_LIBRARY_PATH, so remove them to avoid multilib file conflicts. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* apache2: upgrade 2.4.39 -> 2.4.41Yi Zhao2019-08-201-2/+2
| | | | | | | | | | | | | | | Security fixes: CVE-2019-10081 CVE-2019-9517 CVE-2019-10098 CVE-2019-10092 CVE-2019-10097 CVE-2019-10082 See: http://www.apache.org/dist/httpd/CHANGES_2.4.41 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* webmin: Add perl to rdeps for modulesKhem Raj2019-08-171-2/+2
| | | | | | | | Fixes ERROR: webmin-1.850-r0 do_package_qa: QA Issue: /usr/libexec/webmin/ldap-client/stop.cgi contained in package webmin-module-ldap-client requires /usr/bin/perl, but no providers found in RDEPENDS_webmin-module-ldap-client? [file-rdeps] Signed-off-by: Khem Raj <raj.khem@gmail.com>
* Netdata upgrade: 1.8.0 -> 1.16.0Luca Palano2019-08-025-58/+72
| | | | | Signed-off-by: Luca Palano <github@lpzone.it> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* sthttpd: Use git SRC_URI instead of github archiveKhem Raj2019-07-211-5/+3
| | | | | | | Fixes SRC_URI uses unstable GitHub archives [src-uri-bad] Signed-off-by: Khem Raj <raj.khem@gmail.com>
* phpmyadmin: upgrade 4.8.5 -> 4.9.0.1Yi Zhao2019-06-151-2/+2
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* xdebug: upgrade 2.7.0RC2 -> 2.7.2Yi Zhao2019-06-151-2/+2
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* fcgi: upgrade 2.4.1+git -> 2.4.2Yi Zhao2019-06-152-22/+3
| | | | | | | | Remove add_foreign_to_AM_INIT_AUTOMAKE.patch as the issue had been fixed upstream. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: fix kill path in nginx systemd unit filenick83ola2019-05-272-2/+2
| | | | | | | the kill utility is located in /bin/kill -> use base_bindir instead of bindir Signed-off-by: Nicola Lunghi <nick83ola@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-03 17:52:30 +0000