MIRRORS/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-01-08 02:05:55 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
23,921 Commits 63 Branches 0 Tags 106 MiB
3d0f3707fe
Commit Graph

1232 Commits

Author SHA1 Message Date
Yi Zhao
ea62a6b30a tcpreplay: fix buildpaths issue 
POSIX_SHELL is specified a host tool path as it searches path on build
host using `which` when configure. Set it to a fixed path '/bin/sh'.

Fixes:
QA Issue: File /usr/bin/tcpbridge in package tcpreplay contains reference to TMPDIR
File /usr/bin/tcpliveplay in package tcpreplay contains reference to TMPDIR
File /usr/bin/tcprewrite in package tcpreplay contains reference to TMPDIR
File /usr/bin/tcpcapinfo in package tcpreplay contains reference to TMPDIR
File /usr/bin/tcpreplay in package tcpreplay contains reference to TMPDIR
File /usr/bin/tcpprep in package tcpreplay contains reference to TMPDIR
File /usr/bin/tcpreplay-edit in package tcpreplay contains reference to TMPDIR [buildpaths]
QA Issue: File /usr/src/debug/tcpreplay/4.4.2-r0/src/defines.h in package tcpreplay-src contains reference to TMPDIR [buildpaths]

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-30 15:27:08 -07:00
Khem Raj
f88f52d563 rdma-core: Fix build with musl 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-30 00:14:58 -07:00
Khem Raj
5bed4f9a47 ettercap: Pass -D_GNU_SOURCE 
Fixes build on musl

Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-30 00:14:58 -07:00
Khem Raj
db24f3e273 memcached: Upgrade to 1.6.17 
Fix build with clang while here

Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-30 00:14:58 -07:00
Khem Raj
a1917e5bde linux-atm: Include missing string.h 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-30 00:14:58 -07:00
Khem Raj
e458eb326d fping: Fix build with musl 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-30 00:14:58 -07:00
Khem Raj
516bded779 ypbind-mt: Upgrade to 2.7.2 
Disable on musl since its using some non-portable glibc only constructs
Drop gettid patch its applied upstream

Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-30 00:14:58 -07:00
Khem Raj
61eb94c55a mctp: Update to latest tip of trunk 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-30 00:14:58 -07:00
Wang Mingyu
69fb572481 tcpreplay: upgrade 4.4.1 -> 4.4.2 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-29 08:44:19 -07:00
Yi Zhao
1cd743f8d8 libldb: upgrade 2.3.3 -> 2.3.4 
Required by samba 4.14.14.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-25 23:08:11 -07:00
Khem Raj
1b26adb83a libesmtp: Define _GNU_SOURCE 
Needed for strlcpy

Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-25 23:08:11 -07:00
Khem Raj
12fb09281f ssmtp: Fix null pointer assignments 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-25 23:08:11 -07:00
Jan Luebbe
517c9dab9e chrony: add support for config and source snippet includes 
This makes it simpler to set specific config options or custom sources
by adding snippet files to /etc/chrony/conf.d/ or /etc/chrony/sources.d/
instead of modifying a copy of the full configuration file. As new
snippets can be added from separate recipes, targeted changes can be
done in multiple layers.

These specific directories are also used in Debian's default
configuration. It is not an error if they are missing.

Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-24 16:59:55 -07:00
Wang Mingyu
b5a791a1bf unbound: upgrade 1.16.1 -> 1.16.2 
Changelog:
===========
Features
- Merge #718: Introduce infra-cache-max-rtt option to config max
  retransmit timeout.

Bug Fixes
- Fix the novel ghost domain issues CVE-2022-30698 and CVE-2022-30699.
- Fix bug introduced in 'improve val_sigcrypt.c::algo_needs_missing for
  one loop pass'.
- Merge PR #668 from Cristian Rodríguez: Set IP_BIND_ADDRESS_NO_PORT on
  outbound tcp sockets.
- Fix verbose EDE error printout.
- Fix dname count in sldns parse type descriptor for SVCB and HTTPS.
- For windows crosscompile, fix setting the IPV6_MTU socket option
  equivalent (IPV6_USER_MTU); allows cross compiling with latest
  cross-compiler versions.
- Merge PR 714: Avoid treat normal hosts as unresponsive servers.
  And fixup the lock code.
- iana portlist update.
- Update documentation for 'outbound-msg-retry:'.
- Tests for ghost domain fixes.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-23 19:12:52 -07:00
Wang Mingyu
d718d90d2d rdma-core: upgrade 41.0 -> 42.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-23 19:12:52 -07:00
Wang Mingyu
4a958b1ab5 nbdkit: upgrade 1.32.1 -> 1.33.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-23 19:12:52 -07:00
Khem Raj
375be9fd60 ntpsec: Add -D_GNU_SOURCE and fix building with devtool 
wscript detects .git directory and if its present them invokes git
describe --dirty which does not work on the devtool created git
repository, since its synthesized.

Add GNU_SOURCE define to get strptime() definition

Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-23 09:55:28 -07:00
Enguerrand de Ribaucourt
821e2e0cdf mdio-tools: add recipes 
Self-description from the README: mdio-tools is a low-level debug tool
for communicating with devices attached to an MDIO bus.

Signed-off-by: Enguerrand de Ribaucourt <enguerrand.de-ribaucourt@savoirfairelinux.com>
Signed-off-by: Potin Lai <potin.lai.pt@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-22 08:57:20 -07:00
Wang Mingyu
0a58426ed0 uftp: upgrade 5.0 -> 5.0.1 
Changelog:
==========
-On very low speed transfers (<10Kbps) sessions would time out due to a very
  large interpacket transmission interval.  Fixed by putting a lower limit
  on the advertised GRTT of of the interpacket transmission interval.
-Sending of ABORT messages on early shutdown would sometimes fail due to
  OpenSSL cleanup functions running before application cleanup.  Changed the
  ordering of atexit() handlers to ensure OpenSSL cleanup happens last.
-Fixed missing timestamp update when clients read CONG_CTRL messages
-Fix to GRTT handling on server to ensure it doesn't fall below minumim.
-Fixed bypassed checking of existing files on client for backup
-Various logging fixes

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-15 16:27:53 -07:00
Wang Mingyu
e99695e771 nbdkit: upgrade 1.31.15 -> 1.32.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-15 16:27:53 -07:00
Wang Mingyu
6d8fbbfc2f htpdate: upgrade 1.3.5 -> 1.3.6 
Fix when correcting large time offsets (bug introduced in 1.3.5)

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-15 16:27:53 -07:00
Wang Mingyu
988566884d cifs-utils: upgrade 6.15 -> 7.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-15 16:27:53 -07:00
Khem Raj
38ce750aac unbound: Always enable largefile support 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-13 07:05:31 -07:00
Khem Raj
a203981a2a openipmi: Always enable largefile support 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-13 07:05:31 -07:00
Khem Raj
4114fdc78b netperf: Always enable largefile support 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-13 07:05:31 -07:00
Khem Raj
3d3d7b1d6b openipmi: Enable largefile cflags 
When largefile distro feature is enabled the relevant flags are needed
to be passed, otherwise large file support wont work, since we are cross
compiling and runtime checks will fail.

Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-12 01:24:27 -07:00
Yi Zhao
42f8c22fcf strongswan: upgrade 5.9.6 -> 5.9.7 
ChangeLog:
https://github.com/strongswan/strongswan/releases/tag/5.9.7

* Drop backport patch 0001-enum-Fix-compiler-warning.patch.
* Update RDEPENDS to fix strongswan startup failures:
    plugin 'mgf1': failed to load - mgf1_plugin_create not found and no plugin file available
    plugin 'fips-prf': failed to load - fips_prf_plugin_create not found and no plugin file available
    plugin 'kdf': failed to load - kdf_plugin_create not found and no plugin file available
    plugin 'drbg': failed to load - drbg_plugin_create not found and no plugin file available

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-06 09:40:09 -07:00
Mingli Yu
5abd81567d openipmi: Fix buildpaths issue 
Fixes:
   WARNING: openipmi-2.0.32-r0 do_package_qa: QA Issue: File /usr/src/debug/openipmi/2.0.32-r0/OpenIPMI-2.0.32/swig/perl/OpenIPMI_wrap.c in package openipmi-src contains reference to TMPDIR [buildpaths]

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-06 09:40:09 -07:00
wangmy
2736076d7b nbdkit: upgrade 1.31.14 -> 1.31.15 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-06 09:12:14 -07:00
wangmy
ea95e48d68 htpdate: upgrade 1.3.4 -> 1.3.5 
Changelog:
===========
- Feature: set kernel synchronized
  (e.g. timedatectl will report 'System clock synchronized: yes')
- Improved time tuning accuracy/stability

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-06 09:12:14 -07:00
Alex Kiernan
9444f67b26 ntpsec: Add UPSTREAM_CHECK_URI 
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-08-06 09:07:11 -07:00
wangmy
3b40c93f44 unbound: upgrade 1.16.0 -> 1.16.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-07-26 10:40:35 -04:00
wangmy
52be803ba5 stunnel: upgrade 5.64 -> 5.65 
fix-openssl-no-des.patch
refreshed for version 5.65

Changelog:
==========
    Security bugfixes
        OpenSSL DLLs updated to version 3.0.5.
    Bugfixes
        Fixed handling globally enabled FIPS.
        Fixed the default openssl.cnf path in stunnel.exe.
        Fixed a number of MSVC warnings.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-07-26 10:40:35 -04:00
wangmy
e174de32ef nbdkit: upgrade 1.31.12 -> 1.31.14 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-07-26 10:40:35 -04:00
Wang Mingyu
c77bc20081 ndisc6: upgrade 1.0.5 -> 1.0.6 
Changelog:
==========
# ndisc6: print NAT64 prefix if present.
# rdnssd: fix timeout calculation.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-07-19 18:39:24 -07:00
wangmy
b88b492c21 nbdkit: upgrade 1.31.10 -> 1.31.12 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-07-19 06:44:18 -07:00
Alex Stewart
59be04fbcd openvpn: distribute sample-config-files 
The openvpn tarball has additional sample config files which are
generally useful to users, and which are typically distributed in other
distros' openvpn packages.

Include these sample configs in the OE recipe.

Signed-off-by: Bill Pittman <bill.pittman@ni.com>

Rebased to openvpn_2.5.7.

Signed-off-by: Alex Stewart <alex.stewart@ni.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-07-08 22:43:03 -04:00
Yi Zhao
e0e1eb4bed openvpn: add PACKAGECONFIG for selinux 
This is useful for selinux distro feature.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-07-07 10:26:37 -04:00
Yi Zhao
c098cf9190 openvpn: add PACKAGECONFIG for systemd 
The systemd support had been integrated to openvpn for a long time. Add
PACKAGECONFIG for it and use its own service files and volatile file.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-07-07 10:26:37 -04:00
wangmy
e60f083d5b nbdkit: upgrade 1.31.9 -> 1.31.10 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-07-07 10:26:37 -04:00
Davide Gardenal
dd25c78889 spice: ignore patched CVEs 
The following CVEs are already patched so we can ignore them:
- CVE-2016-0749
- CVE-2016-2150
- CVE-2018-10893

This is caused by inaccurate CPE in the NVD database.

Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-07-06 05:08:49 -07:00
Davide Gardenal
d2c19dc7ca wireshark: upgrade 3.4.11 -> 3.4.12 
This upgrade includes the following CVE fixes:
- CVE-2021-4190
- CVE-2022-0581
- CVE-2022-0582
- CVE-2022-0583
- CVE-2022-0585
- CVE-2022-0586

Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-07-06 00:08:14 -04:00
Davide Gardenal
1973a0adc6 ntp: ignore many CVEs 
cve-check is not able to correctly identify many of the patched
CVEs because of the non standard version number. All the ignored
CVEs were manually checked with the NVD database and deemed not
applicable to the current version.

Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-07-05 09:23:04 -04:00
Yi Zhao
689e8422b8 strongswan: upgrade 5.9.5 -> 5.9.6 
* Drop backport patch 0001-openssl-Don-t-unload-providers.patch

* Backport a patch to fix the build error:
src/libstrongswan/utils/enum.c: In function 'enum_flags_to_string':
src/libstrongswan/utils/enum.c💯9: error: format not a string literal and no format arguments [-Werror=format-security]
  100 |         if (snprintf(buf, len, e->names[0]) >= len)
      |         ^~

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-07-02 11:37:03 -04:00
wangmy
c3377acd23 nbdkit: upgrade 1.31.8 -> 1.31.9 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-07-02 11:37:02 -04:00
Changqing Li
3200122d68 chrony: create /var/lib/chrony by systemd-tmpfiles 
Ensure /var/lib/chrony exist to avoid error like:
chronyd.service: Failed to set up mount namespacing: /run/systemd/unit-root/var/lib/chrony: No such>
chronyd.service: Failed at step NAMESPACE spawning /usr/sbin/chronyd: No such file or directory

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-06-30 13:39:29 -04:00
Yi Zhao
da1da61690 dnsmasq: Security fix CVE-2022-0934 
CVE-2022-0934:
Heap use after free in dhcp6_no_relay

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-0934

Patch from:
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=03345ecefe

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-06-30 13:39:29 -04:00
wangmy
2dbc8c0c8a rdma-core: upgrade 40.0 -> 41.0 
Changelog:
=========
Merge pull request #1178 from yishaih/mlx5_misc
mlx5: Fix check for SQ overflow in bind_mw
mlx5: DR, Add support for modify IP ECN action for CX7
Merge pull request #1175 from zhijianli88/print-style
Merge pull request #1176 from EdwardSro/pr-extend-wqe-class
Merge pull request #1174 from EdwardSro/pr-pyverbs-read-write
Merge pull request #1170 from Hakon-Bugge/rdma_xserver_xclient
Merge pull request #1166 from EdwardSro/pr-tests-fixes
pyverbs/mr.pyx: Make MR and MW print style identical
pyverbs: Extend segments format of WQE class

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-06-30 13:39:27 -04:00
Ashish Sharma
06efcf5d56 netserver: don't change permissions on /dev/null 
Source: MontaVista Software, LLC
MR: 117141
Type: Defect Fix
Disposition: Backport from [78c9ae7d9a]
ChangeID: 199f8618971de15d177dab9651f82f5696ff1aa1
Description:
	the (now default) suppress_debug=1 changes permissions on /dev/null
	to 0644. Don't do this.

Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-06-30 13:39:27 -04:00
Yi Zhao
63d49fd481 openvpn: eliminate build path from openvpn --version option 
Before the patch:
$ openvpn  --version
OpenVPN 2.5.7 x86_64-poky-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL]
[snip]
Compile time defines: enable_async_push=no enable_comp_stub=no
[snip]
with_crypto_library=openssl with_gnu_ld=yes
with_libtool_sysroot=/buildarea/build/tmp/work/core2-64-poky-linux/openvpn/2.5.7-r0/recipe-sysroot
with_mem_check=no with_openssl_engine=auto

After the patch:
$ openvpn  --version
OpenVPN 2.5.7 x86_64-poky-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL]
[snip]
Compile time defines: enable_async_push=no enable_comp_stub=no
[snip]
with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no
with_openssl_engine=auto

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-06-30 13:39:27 -04:00