summaryrefslogtreecommitdiffstats
path: root/recipes-security
Commit message (Collapse)AuthorAgeFilesLines
...
* checksec: add missing rdepends to readelfArmin Kuster2019-10-141-1/+1
| | | | | | update test to check for depends Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ncrack: update to tipScott Ellis2019-09-291-2/+2
| | | | | | | | | | | | LIC_FILES_CHKSUM changed do to the date bumped to 2018 to 2019. The license is the same as nmap and the nmap recipe in meta-openembedded has that beginline/endline grab stuff. Went for consistency as ncrack is an nmap project. Signed-off-by: Scott Ellis <scott@jumpnowtek.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: update package nameArmin Kuster2019-09-071-3/+1
| | | | | | Also remove tpm packagegroup reference Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security-ptest: only included if ptest is enabledArmin Kuster2019-09-071-1/+5
| | | | | | update python package names Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libseccomp: build static library alwaysStefan Agner2019-09-011-0/+2
| | | | | | | | Always build static library. This is required e.g. for runc from meta-virtualization in its default configuration. Signed-off-by: Stefan Agner <stefan.agner@toradex.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python-scapy: drop py2 packageArmin Kuster2019-09-014-37/+25
| | | | | | fixup run-ptest Signed-off-by: Armin Kuster <akuster808@gmail.com>
* checksec: upgrade 1.11.1 -> 2.1.0Yuan Chao2019-08-291-1/+1
| | | | | Signed-off-by: Yuan Chao <yuanc.fnst@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python-scapy: upgrade 2.4.2 -> 2.4.3Yuan Chao2019-08-293-2/+2
| | | | | | | License file changed from bin/scapy to LICENSE Signed-off-by: Yuan Chao <yuanc.fnst@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* xmlsec1: Remove, moved to meta-oeAdrian Bunk2019-08-288-314/+0
| | | | | Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ecryptfs-utils: fix race condition in do_installQi.Chen@windriver.com2019-08-282-0/+33
| | | | | | | | | | | | | | | | | | | | | | The rootsbindir is a self-defined directory. The install-rootsbinPROGRAMS is actually treated as part of install-data instead of install-exec. Do making install-exec-am depend on it actually results in the following Makefile contents. install-data-am: install-rootsbinPROGRAMS install-exec-am: install-binPROGRAMS install-binSCRIPTS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook install-exec-hook: install-rootsbinPROGRAMS And this results in race condition as two install commands of the same file running at the same time. Error message is like below. TOPDIR/tmp-glibc/hosttools/install: cannot create regular file 'TOPDIR/tmp-glibc/work/aarch64-wrs-linux/ecryptfs-utils/111-r0/image/sbin/mount.ecryptfs': File exists Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ecryptfs-utils: remove openssl PACKAGECONFIGQi.Chen@windriver.com2019-08-281-1/+1
| | | | | | | | | | | | | | | | | ecryptfs-utils does not build with openssl1.1. Previously this openssl PACKAGECONFIG is disabled by default, so we are not getting build failures by default. But if we enable it, we get do_compile failure. This package is from ubuntu source, and the one ubuntu ships does not depend on openssl. The development of this package has stopped for about 3 years. I don't see it will fix the build offically. So remove this PACKAGECONFIG and use '--disable-openssl' directly. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* xmlsec1: upgrade 1.2.27 -> 1.2.28Yi Zhao2019-08-111-2/+2
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* keyutils: remove from meta-securityArmin Kuster2019-08-045-167/+0
| | | | | | now in meta-oe Signed-off-by: Armin Kuster <akuster808@gmail.com>
* clamav: minor recipe cleanupArmin Kuster2019-06-261-4/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libmspack: update SRC_URI and packageArmin Kuster2019-06-261-5/+5
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* test-image: add a few more packages to imageArmin Kuster2019-06-261-0/+8
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* test-image: add packagegroup-core-security-ptestArmin Kuster2019-06-262-3/+26
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: cleanup and remove ptestArmin Kuster2019-06-261-17/+3
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* security-test-image: add a testing imageArmin Kuster2019-06-261-0/+27
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-scapy: solved the conflict with python-scapyZang Ruochen2019-06-101-0/+4
| | | | | | | | | -Rename the following file to resolve the conflict with python-scapy: Rename /usr/bin/UTscapy to /usr/bin/UTscapy3 Rename /usr/bin/scapy to /usr/bin/scapy3 Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python-scapy: solved the conflict with python3-scapyZang Ruochen2019-06-101-0/+5
| | | | | | | | | -Rename the following file to resolve the conflict with python3-scapy: Rename /usr/bin/UTscapy to /usr/bin/UTscapy2 Rename /usr/bin/scapy to /usr/bin/scapy2 Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python-scapy: Remove redundant sed operationsZang Ruochen2019-06-101-7/+0
| | | | | | | -Remove redundant sed operations. Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* bastille: solved the conflict with perl-module-text-wrap and base-filesZang Ruochen2019-06-101-3/+1
| | | | | | | | | -Remove the link to perl5 to resolve the conflict with perl-module-text-wrap. -Remove the operation on /var/lock to resolve the conflict with base-files. Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-fail2ban: Fix build error of xrange.leimaohui2019-05-212-0/+32
| | | | | | | NameError: name 'xrange' is not defined Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* keyutils: fix library install pathArmin Kuster2019-05-212-6/+36
| | | | | | | | [v2] fix multilib support Als add native support Signed-off-by: Armin Kuster <akuster808@gmail.com>
* checksec: update to 1.11.1Armin Kuster2019-05-211-1/+1
| | | | | | | | | | | | | | | | | | | | * checksec.sh: Updated to 1.11.1 * checksec.sh: resolved issues with readelf * checksec.sh: Added docker images for testing * checksec.sh: Added armhf and aarch64 libc locations * checksec.sh: Replace FS_COUNT with fgrep * checksec.sh: Fixed symbols count in csv * checksec.sh: Fixed RW-RPATH and RW-RUNPATH * checksec.sh: Added stack canaries generated by intel compiler * checksec.sh: Mute stat errors for non-existent directories * checksec.sh: Removed invalid json structures and duplicate kernel checks * checksec.sh: fixed spaces in -d option * checksec.sh: Added stack-protector-string check * checksec.sh: Add arm64 specific kernel checks * checksec.sh: Add REFCOUNT_FULL to kernel tests * checksec.sh: Remove OSX support Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libseccomp: update to 2.4.1Armin Kuster2019-05-091-1/+1
| | | | | | bug fix release. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* clamav-native: fix new build issueArmin Kuster2019-04-141-22/+19
| | | | | | | | re-arch the reciped to build properly. Fixed /var/lib/clamav dir issue Signed-off-by: Armin Kuster <akuster808@gmail.com>
* clamav: add clamav-cvd package for cvd dbArmin Kuster2019-04-142-6/+259
| | | | | | | | | Add native package to support creating a mirror of the clamav cvd and supply it in a new package. Provide a INSTALL_CLAMAV_CVD flag to bypass this creation Signed-off-by: Armin Kuster <akuster808@gmail.com>
* clamav: fix llvm reference versionArmin Kuster2019-04-131-1/+1
| | | | | | llvm8.0 does not exist. dropped the version part. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libmspack: update to 0.10.1Armin Kuster2019-04-071-3/+3
| | | | | | | | For details see: https://github.com/kyz/libmspack/blob/master/libmspack/ChangeLog change compression to match that now being used from source Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ccs-tools: move to reciped-macArmin Kuster2019-04-072-62/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* reorg ids: move ids recipes to recipes-idsArmin Kuster2019-03-3141-4401/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* reorg: move mac recipes to recipes-macArmin Kuster2019-03-3113-965/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* clamav: drop llvm version settingArmin Kuster2019-03-311-7/+3
| | | | | | | | There is only one llvm and its in core so drop allowing it to be overwritten. We can hardcode it now. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* samhain: fix runtime errorArmin Kuster2019-03-311-0/+1
| | | | | | | | | | fix: samhain[1652]: FATAL: x_dnmalloc.c: 2790: hashval < AMOUNTHASH Killed disable dnmalloc Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sssd: update to 1.16.4Armin Kuster2019-03-311-2/+2
| | | | | | | | | | | | | Add systemd pkgconf via DISTRO_FEATURE Fix uid/gid of sssd.conf [v2] drop non update related changes also, this includes CVE-2019-3811 Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sssd: fix a few runtime issuesArmin Kuster2019-03-311-2/+17
| | | | | | | | | | include a few more RDEPEND packages. remove init script as there really isn't one yet. [v2] Squish build tweeking done in pkg update into this changeset Signed-off-by: Armin Kuster <akuster808@gmail.com>
* Revert "sssd: fix libcrypto version used"Armin Kuster2019-03-291-1/+1
| | | | | | This reverts commit 2488c965d6b1b440734f43326fb33ac642ac7b82. This corrects an incorrect fix as pointed out by Adrian Bunk.
* sssd: fix libcrypto version usedArmin Kuster2019-03-251-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* keyutils: fix pulling in glibc when musl enabledArmin Kuster2019-03-251-1/+3
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* keyutils: fix QA WARNINGArmin Kuster2019-03-161-0/+3
| | | | | | | | WARNING: keyutils-1.6-r0 do_package: QA Issue: keyutils: Files/directories were installed but not shipped in any package: /lib/pkgconfig /lib/pkgconfig/libkeyutils.pc Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libseccomp: update to 2.4.0Armin Kuster2019-03-161-2/+2
| | | | | | | | Update the syscall table for Linux v5.0-rc5. also a security releated issue; https://github.com/seccomp/libseccomp/issues/139 Signed-off-by: Armin Kuster <akuster808@gmail.com>
* suricata: update to 4.1.3Armin Kuster2019-03-123-5/+6
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: change fail2ban ptest to reg python pkgArmin Kuster2019-03-121-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tripwire: fix ptest so more tests passArmin Kuster2019-03-081-1/+2
| | | | | | replace relative path with abs path for binaries. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* keyutils: improve ptestsArmin Kuster2019-03-081-1/+1
| | | | | | Tests need lsb Signed-off-by: Armin Kuster <akuster808@gmail.com>
* keyutils: update to 1.6Armin Kuster2019-03-062-31/+2
| | | | | | | remove patch now included in update: keyutils-use-relative-path-for-link.patch Signed-off-by: Armin Kuster <akuster808@gmail.com>
* suricata: update to 4.0.6Armin Kuster2019-03-063-3/+3
| | | | | | includes: SMTP crash issue was fixed: CVE-2018-18956 Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python-fail2ban: update 0.10.4.0Armin Kuster2019-03-063-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-07-23 21:16:00 +0000