summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity
Commit message (Collapse)AuthorAgeFilesLines
* openssl: update to 1.1.1k to fix CVE-2021-3450 and CVE-2021-3449Mikko Rapeli2021-03-281-1/+1
| | | | | | | | Only security issues fixed in this release according to https://www.openssl.org/news/cl111.txt Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Improve LICENSE to show BSD license variants.Wang Mingyu2021-03-231-1/+1
| | | | | | | | Update LICENSE to show that BSD-2-Clause, BSD-3-Clause and BSD-4-Clause are all present. Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: upgrade 8.4p1 -> 8.5p1Wang Mingyu2021-03-232-31/+2
| | | | | | | | | | | 0f90440ca70abab947acbd77795e9f130967956c.patch removed since it is included in 8.5p1 License Updated : 2-clause BSD license and 4-clause BSD license added Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: upgrade 9.16.11 -> 9.16.12Alexander Kanavin2021-03-2010-2/+5
| | | | | | | Adjust library packaging (see link to commit in the recipe). Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Enable building for RISC-V 32-bitAlistair Francis2021-03-113-0/+166
| | | | | Signed-off-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: fix CVE-2021-27803Stefan Ghinea2021-03-062-0/+59
| | | | | | | | | | | | | | | | A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial of service or other impact (potentially execution of arbitrary code), for an attacker within radio range. References: https://nvd.nist.gov/vuln/detail/CVE-2021-27803 Upstream patches: https://w1.fi/cgit/hostap/commit/?id=8460e3230988ef2ec13ce6b69b687e941f6cdb32 Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: address ptest failures caused by perl 5.32.1Alexander Kanavin2021-03-021-0/+4
| | | | | | | | | For some reason the new perl no longer has . in list of directories searched in 'require', and so the file needs to be copied where perl can find it. Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: Fix configure test error with gcc11Khem Raj2021-03-013-0/+61
| | | | | | | | Since the test program fails to compile, configure thinks compiler is not having thread support and bails out Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iproute2: upgrade 5.10.0 -> 5.11.0Wang Mingyu2021-03-011-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta/recipes-connectivity: Add HOMEPAGE / DESCRIPTIONDorinda2021-02-266-0/+6
| | | | | | | | | Added HOMEPAGE and DESCRIPTION for recipes with missing decriptions or homepage [YOCTO #13471] Signed-off-by: Dorinda Bassey <dorindabassey@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: upgrade 2.5.2 -> 2.5.3Wang Mingyu2021-02-261-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: upgrade 5.55 -> 5.56Wang Mingyu2021-02-262-3/+3
| | | | | | | | -License-Update: remove the description of license from src/main.c Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: fix CVE-2021-0326Stefan Ghinea2021-02-262-0/+46
| | | | | | | | | | | | | | | | | | In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9 Android ID: A-172937525 References: https://nvd.nist.gov/vuln/detail/CVE-2021-0326 Upstream patches: https://w1.fi/cgit/hostap/commit/?id=947272febe24a8f0ea828b5b2f35f13c3821901e<links_for_CVE_patches> Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: upgrade 1.1.1i -> 1.1.1jWang Mingyu2021-02-231-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: Update common-licenses references to match new namesRichard Purdie2021-02-211-1/+1
| | | | | | | The licenses were renamed to match their SPDX names, fix the references in LIC_FILES_CHKSUM in OE-Core. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libuv: upgrade 1.40.0 -> 1.41.0Anuj Mittal2021-02-181-1/+1
| | | | | Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: update to 1.39akuster2021-02-121-2/+1
| | | | | | | | | | | | | | | | | | Bug fix only and includes two security fixes: CVE-2021-26675 CVE-2021-26676 Changelog: - Fix issue with scanning state synchronization and iwd. - Fix issue with invalid key with 4-way handshake offloading. - Fix issue with DNS proxy length checks to prevent buffer overflow. - Fix issue with DHCP leaking stack data via uninitialized variable. [Yocto #14231] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: upgrade 9.16.10 -> 9.16.11Wang Mingyu2021-02-0910-2/+2
| | | | | | | | rename directory of patches -License-Update: Copyright year updated to 2021. Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* inetutils: update to 2.0Oleksandr Kravchuk2021-02-088-87/+65
| | | | | | | Removed upstreamed patches and refreshed q few other. Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: re-enable whirlpoolAndreas Müller2021-02-061-1/+2
| | | | | | | | | | * it breaks KDE's qca and dependencies * it is not deprecated. Openssl 3.0 (currently alpha) will deprecate whirlpool [1] https://www.openssl.org/news/changelog.html#openssl-30 Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Backport a fix to fix with glibc 2.33 on some platformsRichard Purdie2021-02-052-0/+29
| | | | | | | | This fixes openssh failing to work on qemux86 with glibc 2.33 due to seccomp and the fact new syscalls are used. Also likely fixes issues on other platforms. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: set CVE_VERSION_SUFFIXLee Chee Yang2021-02-031-0/+2
| | | | | Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iproute2: Add subpackage for rdma commandAlan Perry2021-01-271-1/+4
| | | | | | | | | The rdma command is part of iproute2 and is used to query or set the RDMA configuration where applicable. This patch adds options to build it and include it. Signed-off-by: Alan Perry <alanp@snowmoose.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Enable srp algorithmakuster2021-01-271-1/+2
| | | | | | | | This is still needed by libest in meta-security Signed-off-by: Armin Kuster <akuster808@gmail.com> Cc: Shachar Menashe <shachar@vdoo.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* socat: upgrade 1.7.3.4 ->1.7.4.1Wang Mingyu2021-01-231-3/+3
| | | | | | | | | README updated: version updated add descrition of platform specifics - Debian Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* resolvconf: upgrade 1.83 -> 1.87Anuj Mittal2021-01-201-3/+3
| | | | | Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpcap: upgrade 1.9.1 -> 1.10.0Wang Mingyu2021-01-161-2/+2
| | | | | Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iproute2: upgrade 5.9.0 -> 5.10.0Wang Mingyu2021-01-151-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Enable psk for qtbaseKhem Raj2021-01-121-1/+2
| | | | | | | TLS 1.3 implementation in qt5 uses psk so retain it for now Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Enable rc4/rc2/bf/md4 algorithmsKhem Raj2021-01-121-2/+9
| | | | | | | | They are still needed by several packages in meta-openembedded Signed-off-by: Khem Raj <raj.khem@gmail.com> Cc: Shachar Menashe <shachar@vdoo.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: drop support for deprecated algorithmsShachar Menashe2021-01-121-1/+7
| | | | | | | | 1. Drop support for many deprecated algorithms by default 2. Allow dropping support for TLS 1.0/1.1 via PACKAGECONFIG Signed-off-by: Shachar Menashe <shachar@vdoo.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iproute2: split ip to individual packageSinan Kaya2021-01-121-2/+7
| | | | | | | | Move the ip tool into its own package. Useful for size constrained systems that only want the ip tool. Signed-off-by: Sinan Kaya <okaya@kernel.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ppp: Fix patch typoRichard Purdie2021-01-091-1/+1
| | | | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mobile-broadband-provider-info: upgrade 20190618 ->20201225Wang Mingyu2021-01-081-2/+2
| | | | | Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ppp: Fix reproducibility issueRichard Purdie2021-01-082-0/+41
| | | | | | | | Depending on which patches the make program has, the internal or external utmp could would be used. Add add a patch which avoids the issue and makes the build determnistic. We saw the regression on ubuntu1604. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ppp: Update 2.4.8 -> 2.4.9Richard Purdie2021-01-089-473/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This is the first ppp release in a long time. Many patches were resolved upstream: * musl fixes were merged * EAP patch was a backport added upstream * cflags were fixed upstream * CVE fix was merged upstream and a backport * pcap header from the host was fixed upstream * suid bits during install was removed upstream The only patch left was the /var/ redirect for resolv.conf which no longer applied cleanly after upstream changes. For this one the patch will need to be rewritten (and preferably submitted upstream) by someone who needs/uses it. It was presumbaly for RO rootfs and may be resolved by symlinks in modern system usage anyway. Tweak the files pulled into the pppoe package for a compatibility symlink and module rename. Add CC to the OEMAKE command to allow builds correctly. [Big thanks to Alex Kanavin for a lot of the work with upstream and pre-release testing of this] Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Disable lastlog on muslKhem Raj2021-01-031-2/+2
| | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: upgrade 9.3.4 -> 9.4.0Yi Zhao2020-12-313-89/+1
| | | | | | | | | Drop backported patches: 0001-Linux-Fix-privsep-build-by-including-sys-termios.h-f.patch 0001-privsep-Fix-Linux-i386-for-SECCOMP-as-it-just-uses-s.patch Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: upgrade 1.8.1 -> 1.8.2Alexander Kanavin2020-12-301-1/+1
| | | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: upgrade 9.16.9 -> 9.16.10Alexander Kanavin2020-12-3010-1/+1
| | | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* inetutils: add dnsdomainname to ALTERNATIVEYi Zhao2020-12-241-1/+3
| | | | | | | | | The dnsdomainname can also be provided by busybox and net-tools. Also move it from ${bindir} to ${base_bindir} because the command provided by busybox or net-tools is located here. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: fix SECCOMP for i386Yi Zhao2020-12-242-0/+58
| | | | | | | | The dhcpcd doesn't work on Intel 32bit platform. Backport a patch to fix the issue. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: upgrade 1.7.10 -> 1.8.1Alexander Kanavin2020-12-181-1/+1
| | | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iproute2: Make it easier to manipulate SUBDIRS list from bbappendAnatol Belski2020-12-181-1/+3
| | | | | | | | | Currently there's no easy way to override this part as it's hardcoded into the EXTRA_OEMAKE var. This change makes it possible to manipulate the list of subdirs in a more fine graned and future oriented manner. Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: add support for mingw64 as targetDeepak Rawat2020-12-181-0/+5
| | | | | | | | | | Engines are installed in a slightly different path, and the host type doesn't precisely match in x86_64 Co-authored-by: Paul Eggleton <paul.eggleton@microsoft.com> Co-authored-by: Deepak Rawat <derawa@microsoft.com> Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Update 1.1.1h -> 1.1.1iKhairul Rohaizzat Jamaluddin2020-12-181-1/+1
| | | | | | | | | | | | update version to 1.1.1i openssl 1.1.1i Fixed NULL pointer deref in GENERAL_NAME_cmp (CVE-2020-1971) updates include fix for CVE: CVE-2020-1971 Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: upgrade 9.3.2 -> 9.3.4Yi Zhao2020-12-152-1/+31
| | | | | | | Backport a patch to fix privsep build error on ppc. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: fix reproducibilityAlexander Kanavin2020-12-092-12/+44
| | | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: upgrade 9.16.7 -> 9.16.9Alexander Kanavin2020-12-0910-2/+2
| | | | | | | License-Update: http -> https Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "connman: set service to conflict with systemd-networkd"Jack Mitchell2020-12-062-30/+0
| | | | | | | | | | | | Without further examples of how this is failing revert as using both together is a valid use case, for example connman handling Wifi/AP and systemd-networkd handling more complex routing such as for containers and ethernet switches. This reverts commit 5303420ead25817f5caec276b79eec7ee797271a. Signed-off-by: Jack Mitchell <ml@embed.me.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>