Age | Commit message (Collapse) | Author |
|
4.2.8p4 fixed following 13 low- and medium-severity vulnerabilities:
* Bug 2941 CVE-2015-7871
* Bug 2922 CVE-2015-7855
* Bug 2921 CVE-2015-7854
* Bug 2920 CVE-2015-7853
* Bug 2919 CVE-2015-7852
* Bug 2918 CVE-2015-7851
* Bug 2917 CVE-2015-7850
* Bug 2916 CVE-2015-7849
* Bug 2913 CVE-2015-7848
* Bug 2909 CVE-2015-7701
* Bug 2902 CVE-2015-7703
* Bug 2901 CVE-2015-7704, CVE-2015-7705
* Bug 2899 CVE-2015-7691, CVE-2015-7692, CVE-2015-7702
And three bugs: Bug 2382, 1774, 1593
Details at:
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
When ntp could be correctly built with openssh and libcrypto, we would meet
the following QA issue.
WARNING: QA Issue: package ntp contains bad RPATH ... [rpath]
Fix this problem by adding '--disable-rpath' to EXTRA_OECONF.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
replace to run "make install" with directly calling install command,
since "make install" asks "bin" user and group, and maybe fail when
system has not;
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
4.2.8p3 fixed CVE-2015-5146 and Bugs.
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
ntp 4.2.8p2 has more CVE fixes, like CVE-2015-1799, CVE-2015-1798;
and remove ntp-4.2.8-ntp-keygen-no-openssl.patch which 4.2.8p2 has integrated
4.2.8.p1 included CVE-2014-9297, CVE-2014-9298 (ak).
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This fixed the CVE-2015-4047:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4047
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
* libsmi is autodetected in configure, but in most cases disabled because of
cross-compilation so keep it explicitly disabled
* resolves following difference in builds with and without libsmi built
before tcpdump:
4.7.4-r0-with/temp/log.do_configure:checking smi.h usability... yes
4.7.4-r0-with/temp/log.do_configure:checking smi.h presence... yes
4.7.4-r0-with/temp/log.do_configure:checking for smi.h... yes
4.7.4-r0-with/temp/log.do_configure:checking for smiInit in -lsmi... yes
4.7.4-r0-with/temp/log.do_configure:checking whether to enable libsmi... not when cross-compiling
4.7.4-r0-without/temp/log.do_configure:checking smi.h usability... no
4.7.4-r0-without/temp/log.do_configure:checking smi.h presence... no
4.7.4-r0-without/temp/log.do_configure:checking for smi.h... no
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Zongchun Yu <Zongchun.Yu@freescale.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Chunrong Guo <B40290@freescale.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
When building for a system including systemd ypbind-mt will link against
libsystemd creating an implicit dependency. Make that explicit.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
esmtp use 'sbinsendmail' to define alternative ${sbindir}/sendmail, but
other packages msmtp and postfix use 'sendmail'. When remove esmtp, it
removes ${sbindir}/sendmail even msmtp or postfix is installed which has
alternative ${sbindir}/sendmail.
Make esmtp use 'sendmail' too to fix this issue.
Remove ${libdir}/sendmail which is only used by LSB core test for
historical reasons. And only create link file with fixed path
/usr/lib/sendmail for LSB images even for 64 bits system.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
The following vulnerabilities have been fixed.
* [1]wnpa-sec-2015-06
The ATN-CPDLC dissector could crash. ([2]Bug 9952) [3]CVE-2015-2187
* [4]wnpa-sec-2015-07
The WCP dissector could crash. ([5]Bug 10844) [6]CVE-2015-2188
* [7]wnpa-sec-2015-08
The pcapng file parser could crash. ([8]Bug 10895) [9]CVE-2015-2189
* [10]wnpa-sec-2015-09
The LLDP dissector could crash. ([11]Bug 10983) [12]CVE-2015-2190
* [13]wnpa-sec-2015-10
The TNEF dissector could go into an infinite loop. Discovered by
Vlad Tsyrklevich. ([14]Bug 11023) [15]CVE-2015-2191
* [16]wnpa-sec-2015-11
The SCSI OSD dissector could go into an infinite loop. Discovered
by Vlad Tsyrklevich. ([17]Bug 11024) [18]CVE-2015-2192
For more information see
https://www.wireshark.org/docs/relnotes/wireshark-1.12.4.html
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Sven Ebenfeld <sven.ebenfeld@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
The updated yp-tools fails on qemuarm:
/home/jenkins/oe/world/shr-core/tmp-glibc/work/armv5e-oe-linux-gnueabi/yp-tools/3.3-r0/yp-tools-3.3/lib/do_ypcall.c: In function 'do_ypcall_tr':
/home/jenkins/oe/world/shr-core/tmp-glibc/work/armv5e-oe-linux-gnueabi/yp-tools/3.3-r0/yp-tools-3.3/lib/do_ypcall.c:461:27:
error: cast increases required alignment of target type [-Werror=cast-align]
status = ypprot_err (((struct ypresp_val *) resp)->status);
http://errors.yoctoproject.org/Errors/Details/9221/
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Update to the latest stable NIS tools. The yp-tools libraries and headers
conflict with the RPC headers provided by glibc, so install them to a
different location. Systems that intend to build using the NIS-provided
versions will need to specify the alternate location, but that is covered
by pkg-config, so it should only be necessary to point pkg-config at the
alternate .pc file.
The older stable versions are suitable for IPv4-only setups, so keep them
around in case those are required for some systems.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Both yp-tools and ypbind-mt were out of date with their latest released
versions, so bump them up to current. Remove two dead patches at the same
time and reorganize the recipes to better follow the preferred OE style.
Finally, the new release includes a new version of the GPLv2 COPYING file,
with a significant amount of whitespace fixes, so update the license
checksum.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Typically the major-version-only link for shared libs are included in the
base package. Move the links into the base packages here, leaving the
un-versioned links in the -dev packages.
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
configure: error: Header file pcap.h not found; if you installed libpcap
don't use pcap. Use the internal version.
And minor configure cleanups
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Directory /var/run/openvpn is required by service.
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Use a better filename for the local copy of the
source.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
The old ones are invalid.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Fixed:
xmlto: Can't continue, xsltproc tool not found or not executable.
Makefile:20: recipe for target 'dnssec-configure.8' failed
make: *** [dnssec-configure.8] Error 3
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Added a few more PACKAGECONF options
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
The following vulnerabilities have been fixed.
* [1]wnpa-sec-2015-01
The WCCP dissector could crash. ([2]Bug 10720, ws-buglink:10806)
CVE-2015-0559, CVE-2015-0560
* [3]wnpa-sec-2015-02
The LPP dissector could crash. ([4]Bug 10773)
CVE-2015-0561
* [5]wnpa-sec-2015-03
The DEC DNA Routing Protocol dissector could crash. ([6]Bug 10724)
CVE-2015-0562
* [7]wnpa-sec-2015-04
The SMTP dissector could crash. ([8]Bug 10823)
CVE-2015-0563
* wnpa-sec-2015-05
Wireshark could crash while decypting TLS/SSL sessions.
Discovered by Noam Rathaus.
CVE-2015-0564
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
busybox provides traceroute command and uses the default priority to
update-alternatives, if traceroute is not defined the priority, the
traceroute maybe link to busybox's
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Some updates for lksctp-tools:
* add ptest subpackage
* only blacklist lksctp-tools when gold ld is used. Refer to:
https://bugs.gentoo.org/show_bug.cgi?id=530318
* update licenses and add homepage.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
The package includes a few data files. Despite the names,
these are very small databases only useful for running the
perl test scripts.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Fix perl path in ntp-wait and calc_tickadj.
Signed-off-by: Gyorgy Szombathelyi <gyurco@freemail.hu>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Also fix LICENSE to be "or any later version" (as specified in the
upstream source headers); both licenses apply so use &.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
* Newer automake compatibility fixed upstream, so drop patches.
* LIC_FILES_CHKSUM changed due to a trailing space being removed, no
actual change to the license text.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
The ntp-utils package contains at least one perl-using script as well as
a supporting perl module, therefore we need a dependency on perl.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
After the upgrade to 4.2.8, ntp's configure process now uses a custom
script which looks at the host to determine what install locations it
should use. This resulted in the recipe working on some people's
machines and failing during do_install on others. Force it to use the
"redhat" configuration as this seems closest to what we used to be
using prior to the upgrade (this means that binaries are now back in
sbindir as they used to be).
Thanks to Philip Balister for reporting this.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Drivers and tools to support ATM networking under Linux
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
for update the IP geolocation databases
Signed-off-by: leimh <leimaohui@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
The raw IP databases have been updated, so for the time being just update
the checksums.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
GeoIP app allow you to look up information about a given IP address.
Signed-off-by: leimh <leimaohui@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
The sysroot/${libdir}/sendmail conflicts with lsb's, and it's a
symlink to ${bindir}/esmtp which is meaningless for sysroot, so
remove it.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
dnssec-conf builds manpages using xmlto. Remove the raw manpages and add
a dependency on xmlto-native to support building the manapages from the
actual source.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* Upgrade to 4.2.8 which fixes several security issues, including
CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, and CVE-2014-9296. For
more details please see:
https://ics-cert.us-cert.gov/advisories/ICSA-14-353-01A
* LIC_FILES_CHKSUM changed due to a number of copyright year and patch
list changes; nothing material about the license text changed.
* This version moves a number of binaries from sbindir to bindir;
there's supposed to be a configure option --with-locfile=legacy to use
the old layout but it does not seem to work. I guess we'll just have
to live with the change.
* Drop patches which are no longer applicable.
* Merge inc file into recipe; there were too many changes required to
the inc file in this version and it's unlikely it was much use split
out in any case.
* Move remaining files in files/ to ntp/
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
DNSSEC configuration and priming tool. Dnssec-conf includes a commandline
configuration client for Bind and Unbound, known DNSSEC keys, URL's to
official publication pages of keys, and harvested keys, as well a script
to harvest DNSKEY's from DNS.
Signed-off-by: Qian Lei <qianl.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
The purpose of this patch as below.
1. upgrade openvpn to 2.3.6 in order to fix CVE-2014-8104
2. enable systemd
3. provide new packages named ${PN}-sample to help user create config file
easily and check whether is openvpn work.
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Add a test to find libpcap if testdir/.. is a sysroot.
Upstream-Status: Pending
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|