summaryrefslogtreecommitdiffstats
path: root/recipes-security
Commit message (Collapse)AuthorAgeFilesLines
...
* recipes-security/chipsec: platform security assessment frameworkLiwei Song2021-10-181-0/+35
| | | | | | | | Add chipsec, tools to dump and analyzing hardware, system firmware components, like PCH register, ioport or iomem configuration space. Signed-off-by: Liwei Song <liwei.song@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* recipes-security/fscrypt: Add fscrypt .bb fileBhupesh Sharma2021-09-281-0/+49
| | | | | | | | | | | | fscrypt is a high-level tool for the management of Linux filesystem encryption. fscrypt manages metadata, key generation, key wrapping, PAM integration, and provides a uniform interface for creating and modifying encrypted directories. Add recipe for the same in 'recipes-security'. Signed-off-by: Bhupesh Sharma <bhupesh.sharma@linaro.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* isic: set precise BSD licenseArmin Kuster2021-09-151-1/+1
| | | | | | "BSD" is ambiguous, use the precise licenses BSD-2-Clause Signed-off-by: Armin Kuster <akuster808@gmail.com>
* opendnssec: set precise BSD licenseArmin Kuster2021-09-151-1/+1
| | | | | | "BSD" is ambiguous, use the precise licenses BSD-2-Clause Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cryfs: drop recipeArmin Kuster2021-09-151-10/+0
| | | | | | it was accidently pushed and is incmomplete Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sssd: 2.5.1 -> 2.5.2Kai Kang2021-09-102-1/+290
| | | | | | | | | | | | | | | | | | | | | | | | | | | SSSD 2.5.2 Highlights * General information - originalADgidNumber attribute in the SSSD cache is now indexed * New features - Debug messages in data provider include a unique request ID that can be used to track the request from its start to its end (requires libtevent >= 0.11.0) * Important fixes - Update large files in the files provider in batches to avoid timeouts * Configuration changes - Add new config option fallback_to_nss Full release notes: * https://sssd.io/release-notes/sssd-2.5.2.html And backport patch to fix CVE-2021-3621. CVE: CVE-2021-3621 Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* krill: Rust is in core nowArmin Kuster2021-08-263-0/+380
| | | | | | drop dynamic-layer Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cryfs: add new packageArmin Kuster2021-08-261-0/+10
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-security: Convert to new override syntaxArmin Kuster2021-08-0117-81/+81
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sssd: update to 2.5.1Armin Kuster2021-07-042-2/+57
| | | | | | | | See full change log: https://sssd.io/release-notes/sssd-2.5.1.html Including a musl build work around Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ssshgaurd: add packaageArmin Kuster2021-06-291-0/+11
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* aircrack-ng: update to 1.6Federico Pellegrin2021-06-201-3/+5
| | | | | Signed-off-by: Federico Pellegrin <fede@evolware.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sssd: add fix-ldblibdir.patch backKai Kang2021-06-202-0/+26
| | | | | | | | The patch fix-ldblibdir.patch has been dropped when update sssd to 2.5.0. But it fails to start sssd without this patch. So add it back. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sssd: set pid path with /runKai Kang2021-06-201-2/+3
| | | | | | | | /var/run is deprecated and set pid path with /run to store pid files for the SSSD. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libgssglue: update SRC_URIYi Zhao2021-06-051-3/+3
| | | | | | | | | | | | Update SRC_URI to use Debian mirror because the original site is unaccessible. Fixes do_fetch error: ERROR: libgssglue-0.4-r0 do_fetch: Fetcher failure for URL: 'http://www.citi.umich.edu/projects/nfsv4/linux/libgssglue/libgssglue-0.4.tar.gz'. Unable to fetch URL from any source. Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
* python3-scapy: drop , now in meta-pythonArmin Kuster2021-06-052-34/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sssd: update to 2.5.0Armin Kuster2021-06-058-183/+89
| | | | | | | | | | | | Add new depends Drop obsolete patches Signed-off-by: Armin Kuster <akuster808@gmail.com> ---- v2] Fix issue with nsupdate check don't use host bind
* python3-scapy: update to 2.4.5Armin Kuster2021-06-051-3/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* opendnssec: upgrade 2.1.8 -> 2.1.9Upgrade Helper2021-06-051-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-scapy: add UPSTREAM_CHECK_COMMITSArmin Kuster2021-05-161-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libseccomp: drop recipe. In core nowArmin Kuster2021-04-262-51/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* Use libest "main" branch instead of "master".Anton Antonov2021-04-121-1/+1
| | | | | | | | | | | This patch fixes the issue: WARNING: libest-3.2.0-r0 do_fetch: Failed to fetch URL git://github.com/cisco/libest, attempting MIRRORS if available ERROR: libest-3.2.0-r0 do_fetch: Fetcher failure: Unable to find revision 4ca02c6d7540f2b1bcea278a4fbe373daac7103b in branch master even from upstream ERROR: libest-3.2.0-r0 do_fetch: Fetcher failure for URL: 'git://github.com/cisco/libest'. Unable to fetch URL from any source. Signed-off-by: Anton Antonov <Anton.Antonov@arm.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-privacyidea: upgrade 3.5.1 -> 3.5.2Armin Kuster2021-04-021-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* fscryptctl: Fix installation pathlukasz plachno2021-03-181-1/+1
| | | | | | | - Without the patch fscryptctl is installed in /usr/bin/usr/local/bin instead of /usr/bin. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-fail2ban: fix building with ptest enabledArmin Kuster2021-03-092-2/+3
| | | | | | Use new structure for testing. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-fail2ban: update to 0.11.2Armin Kuster2021-03-022-2530/+4
| | | | | | drop hard python3 patch and create it dufing compile. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* opendnssec: update to 2.1.8Armin Kuster2021-03-023-53/+24
| | | | | | | refresh libdns_conf_fix.patch Drop fix_fprint.patch includd in update Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-scapy: upgrade 2.4.3 -> 2.4.4Armin Kuster2021-03-021-1/+1
|
* python3-privacyidea: upgrade 3.3 -> 3.5.1Armin Kuster2021-03-021-1/+1
|
* libseccomp: upgrade 2.5.0 -> 2.5.1Armin Kuster2021-03-022-52/+2
| | | | drop patch merged in update
* fscryptctl: upgrade 0.1.0 -> 1.0.0Armin Kuster2021-03-021-1/+1
|
* ding-libs: upgrade 0.5.0 -> 0.6.1Armin Kuster2021-03-021-2/+1
|
* nikito: Update common-licenses references to match new namesArmin Kuster2021-02-232-2/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* softhsm: drop pkg as meta-oe has itArmin Kuster2021-02-231-30/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sssd: update to latest ltm 1.16.5Armin Kuster2020-10-102-3/+37
| | | | | | fix musl support Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libest: fix musl build.Armin Kuster2020-10-101-0/+4
| | | | | | | | | fixes est.c:38:10: fatal error: execinfo.h: No such file or directory | 38 | #include <execinfo.h> | | ^~~~~~~~~~~~ Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ecryptfs-utils: fix musl buildArmin Kuster2020-10-102-0/+16
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libseccomp: fix ptest failures.Armin Kuster2020-10-011-1/+1
| | | | | | | | | | Fixes: BusyBox v1.32.0 () multi-call binary. Usage: dd [if=FILE] [of=FILE] [bs=N] [count=N] [skip=N] Don't use Busybox dd, not compatable. Use coreutils Signed-off-by: Armin Kuster <akuster808@gmail.com>
* opendnssec: add recipeArmin Kuster2020-09-294-0/+391
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libest: add recipeArmin Kuster2020-09-291-0/+23
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* softHSM: add pkgArmin Kuster2020-09-291-0/+30
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nss: update patch to fix do_patch errorQi.Chen@windriver.com2020-09-121-77/+78
| | | | | | | Currently sssd's do_patch task fails. Update the patch to fix this problem. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sssd: Avoid nss function conflicts with glibc nss.hArmin Kuster2020-09-052-0/+78
| | | | | | | | | | glibc 2.32 will define these varibles [1] which results in conflicts with these static function names, backport a fix from upstream [1] https://sourceware.org/git/?p=glibc.git;a=commit;h=499a92df8b9fc64a054cf3b7f728f8967fc1da7d Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sssd: Make manpages buildableJonatan Pålsson2020-08-292-1/+37
| | | | | | | Some XML related fixes are needed to make the sssd manpages buildable Signed-off-by: Jonatan Pålsson <jonatan.p@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libseccomp: fix cross compile error for mipsKai Kang2020-08-042-0/+50
| | | | | | | | | | | Backport patch to fix cross compile error for mips: | syscalls.h:44:6: error: expected identifier or '(' before numeric constant | 44 | int mips; | | ^~~~ Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libseccomp: update to 2.5.0Armin Kuster2020-07-271-4/+5
| | | | | | | | | | | Notable changes: Add support for the 64-bit RISC-V architecture Update the syscall tables to Linux v5.8.0-rc5 Python bindings and build now default to Python 3.x for more info see: https://github.com/seccomp/libseccomp/blob/master/CHANGELOG Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libsecomp: rv32/rv64 target builds are not supported yetArmin Kuster2020-07-271-0/+3
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* security packagegroups: move to recipes-coreArmin Kuster2020-07-252-96/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* security images: Move to recipe-coreArmin Kuster2020-07-254-87/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-privacyidea: adding initial support for mfaArmin Kuster2020-07-181-0/+40
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>