| Age | Commit message (Collapse) | Author |
|---|
|
Samba version 4.10.17 which has been already available in Dunfell
depends on version 1.5.8 of libldb.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
createlang, droplang, and the tsearch2 module were all removed in the
10.0 release. More details are in the release notes:
https://www.postgresql.org/docs/10/release-10.html
The update from 12.3 to 12.4 is a minor release with bug and security
fixes:
https://www.postgresql.org/docs/current/release-12-4.html
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic
link (symlink) following.
Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE
access to the EXTEND MIB provides the ability to run arbitrary commands as
root.
References:
https://nvd.nist.gov/vuln/detail/CVE-2020-15861
https://nvd.nist.gov/vuln/detail/CVE-2020-15862
Upstream patches:
https://github.com/net-snmp/net-snmp/commit/2b3e300ade4add03b889e61d610b0db77d300fc3
https://github.com/net-snmp/net-snmp/commit/9cfb38b0aa95363da1466ca81dd929989ba27c1f
https://github.com/net-snmp/net-snmp/commit/114e4c2cec2601ca56e8afb1f441520f75a9a312
https://github.com/net-snmp/net-snmp/commit/2968b455e6f182f329746e2bca1043f368618c73
https://github.com/net-snmp/net-snmp/commit/4fd9a450444a434a993bc72f7c3486ccce41f602
https://github.com/net-snmp/net-snmp/commit/77f6c60f57dba0aaea5d8ef1dd94bcd0c8e6d205
CVE-2020-15861-0005.patch is the actual fix for CVE-2020-15861 and
CVE-2020-15861-0001.patch through CVE-2020-15861-0004.patch are context
patches needed by the fix to apply cleanly.
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
They got overwritten later with the correct values.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0b22ed995fec7ee23c23a9eed8323685af1e1403)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
/usr/src/debug/gnome-settings-daemon/3.34.2-r0/build/../gnome-settings-daemon-3.34.2/plugins/wacom/gsd-wacom-manager.c:195: undefined reference to `gdk_wayland_device_get_node_path'
Signed-off-by: Adrian Bunk <bunk@stusta.de>
[AK: hand applied]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
../babl-0.1.74/babl/babl-fish-reference.c:1064:7: error: ‘for’ loop initial declarations are only allowed in C99 mode
| for (int i = 0; i < n; i++)
| ^
| ../babl-0.1.74/babl/babl-fish-reference.c:1064:7: note: use option -std=c99 or -std=gnu99 to compile your code
Fails on CentOS7 with Arch64
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
build issue seen on CentOS7 and Aarch64 machine
Fixes:
../../vlc-3.0.9.2/src/misc/fourcc_gen.c:75:5: error: ‘for’ loop initial declarations are only allowed in C99 mode
| for (size_t i = 0; i < n; i++)
| ^
| ../../vlc-3.0.9.2/src/misc/fourcc_gen.c:75:5: note: use option -std=c99 or -std=gnu99 to compile your code
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upgrade to release 1.0.5:
- Fix regression in read_parquet() when reading from file-like
objects.
- Fix regression in reading from public S3 buckets.
- Fixed regression in replace() raising an AssertionError when
replacing values in an extension dtype with values of a
different dtype
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5dbc25ea9d4bd4b3f9a150d3893a12b41dd456d3)
[ak: fixes build issue on CentOS7: Bug fix only update
https://github.com/pandas-dev/pandas/releases]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
* there is no provider for gcov-native nor gcov-symlinks-native
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e82bb7efa8cf4c3b826b22761d5ba798bc134cb9)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes:
# cd /etc/raddb/certs
# ./bootstrap
[snip]
chmod g+r ca.key
openssl pkcs12 -in server.p12 -out server.pem -passin pass:'whatever' -passout pass:'whatever'
chmod g+r server.pem
C = FR, ST = Radius, O = Example Inc., CN = Example Server Certificate, emailAddress = admin@example.org
error 7 at 0 depth lookup: certificate signature failure
140066667427072:error:04067084:rsa routines:rsa_ossl_public_decrypt:data too large for modulus:../openssl-1.1.1g/crypto/rsa/rsa_ossl.c:553:
140066667427072:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:../openssl-1.1.1g/crypto/asn1/a_verify.c:170:
error server.pem: verification failed
make: *** [Makefile:107: server.vrfy] Error 2
It seems the ca.pem mismatchs server.pem which results in failing to
execute "openssl verify -CAfile ca.pem server.pem", so add the logic
to check the file to avoid inconsistency.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 52f5141109fae5f49c5a7334e9ded2b028e16cf6)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
It fails to compile rdist occasionally when system load of build server
is high:
| In file included from common.c:57:
| ../include/defs.h:49:10: fatal error: y.tab.h: No such file or directory
| 49 | #include "y.tab.h"
| | ^~~~~~~~~
| compilation terminated.
Make $(COMMONOBJS) which include common.o to depends on related header files
and y.tab.h to fix the parallel build failure.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1bb990c6ca1b149c19404fbe006fb6b372af8c4c)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This is a security release in order to address the following defects:
CVE-2020-10730: NULL pointer de-reference and use-after-free in Samba AD
DC LDAP Server with ASQ, VLV and paged_results.
CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
excessive CPU
CVE-2020-10760: LDAP Use-after-free in Samba AD DC Global Catalog with
paged_results and VLV.
CVE-2020-14303: Empty UDP packet DoS in Samba AD DC nbtd.
Also backport 3 patches to fix build error with musl.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1609df11530ebb73de863d0c705e16107015dbe3)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 6443044ca9ec90d6740c42e618830ca52d656f5f)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Backport fix from https://github.com/lua/lua.git.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 698748c1538ed03efbcfdd936cf8317b4f138c29)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f16aa16e917ea440daa3d5bd136338f66a964f5c)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This is seen with glibc 2.32 where these names are also defined
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5cf2665446f3fdc16b484c64afffaa0ac8373a35)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Ryan Rowe <rrowe@xevo.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit cfa786917343589c1756c1bc7cdf62309d29462f)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Alistair Francis <alistair@alistair23.me>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9cf730f22266d63df3cf63998c87918dfa540fb7)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
When starting radvd without any configuration the following errors would
be triggered.
"""
root@intel-x86-64:~# systemctl status radvd
● radvd.service - Router advertisement daemon for IPv6
Loaded: loaded (/lib/systemd/system/radvd.service; enabled; vendor preset:
enabled)
Active: inactive (dead)
Condition: start condition failed at Tue 2019-09-24 13:29:36 UTC; 3s ago
└─ ConditionPathExists=/etc/radvd.conf was not met
"""
Normally the user should create and configrue the /etc/radvd.conf
manually. However the radvd provide a example file for redhad located
at "radvd/redhat/radvd.conf.empty". When installing, it would copy
radvd/redhat/radvd.conf.empty to /etc/radvd.conf. Also add this empty
conf here to used as an example of configuration
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5af77740a46c334978adc7f37f53ea9a318d3a33)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
netoprintf() was not handling a case where
return value of vsnprintf is greater than
"size"(2nd argument), results in buffer overflow
while adjusting "nfrontp" pointer to point
beyond "netobuf" buffer.
Here is one such case where "nfrontp"
crossed boundaries of "netobuf", and
pointing to another global variable.
(gdb) p &netobuf[8255]
$5 = 0x55c93afe8b1f <netobuf+8255> ""
(gdb) p nfrontp
$6 = 0x55c93afe8c20 <terminaltype> "\377"
(gdb) p &terminaltype
$7 = (char **) 0x55c93afe8c20 <terminaltype>
(gdb)
This resulted in crash of telnetd service
with segmentation fault.
Signed-off-by: Julius Hemanth Pitti <jpitti@cisco.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 232b82afd405c526f822294509e1d32388544ed4)
[appears to be CVE-2020-10188]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes the occasional error:
# cd /etc/raddb/certs
# ./bootstrap
[snip]
openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr -key 'whatever' -out client.crt -extensions xpclient_ext -extfile xpextensions -config ./client.cnf
Using configuration from ./client.cnf
Check that the request matches the signature
Signature ok
ERROR:There is already a certificate for /C=FR/ST=Radius/O=Example Inc./CN=user@example.org/emailAddress=user@example.org
The matching entry has the following details
Type :Valid
Expires on :200908024833Z
Serial Number :02
File name :unknown
Subject Name :/C=FR/ST=Radius/O=Example Inc./CN=user@example.org/emailAddress=user@example.org
make: *** [Makefile:128: client.crt] Error 1
Add the check to fix the above error and it does the same for server.crt.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0d7522b7df80e45c379ad76addfddd51d0e56e9d)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Remove systemd service template lvm2-pvscan@.service from
SYSTEMD_SERVICE. It should be started/stopped in udev rules file
69-dm-lvm-metad.rules.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d85613d8d1d285c9a1f9cf3cf8b13655220cd8cf)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Master (nss version 3.54) is not affected by this issue. This is a backport
from nss version 3.54.
NSS has shown timing differences when performing DSA signatures, which was
exploitable and could eventually leak private keys. This vulnerability affects
Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
Upstream patch:
https://hg.mozilla.org/projects/nss/rev/daa823a4a29bcef0fec33a379ec83857429aea2e
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This reverts commit 2b384c59733c437027f9b14cc32da19251efd97b.
It appears that there was a change in soname not noted in the changelog.
https://github.com/open-source-parsers/jsoncpp/commit/8b7ea09b8055df01866a5ce4142b12ed8f9f13eb
ABI change appears to have occured.
https://abi-laboratory.pro/index.php?view=timeline&l=jsoncpp
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Source: wireshark.org
MR: 104620
Type: Security Fix
Disposition: Backport from wireshark.org
ChangeID: 64e3701e4d6bd53972c22c49d655556e6f37e461
Description:
Affects: 3.2.0 to 3.2.4
Includes:
CVE-2020-15466
For more info see: https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.html
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9019ceb2ccfd32789b7bc680269b3af234ebd397)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixed when rebuild:
DEBUG: Executing shell function autotools_preconfigure
NOTE: make clean
aclocal
autoheader
autoconf
You need to call ./configure with appropriate arguments (again).
make: *** [Makefile:287: config.status] Error 1
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 922e061fdbbc80c44f49866c7b08b2e09e4a3d0a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
With parallel build enabled, we got the following error:
ld: error in libsg.o(.eh_frame); no .eh_frame_hdr table will be created
....
ld: BFD (GNU Binutils) 2.34.0.20200220 internal error, aborting at ../../bfd/merge.c:933 in _bfd_merged_section_offset
....
| make[1]: *** [Makefile:24: libcheckcciss_tur.so] Error 1
| make[1]: *** Waiting for unfinished jobs....
However, looking at the Makefile, it does not seem to have problem.
So disable the parallel build as a workaround.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 45d6317353ea7431e2ffbe0419ba7e07a911265b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
in FILES_${PN}-slurpd:
- ${localstatedir}/volatile/run is already covered by FILES_${PN}-slapd
- ${localstatedir}/run is already covered by FILES_${PN}-slapd
in FILES_${PN}-dev:
- ${libdir}/*.a is already covered by FILES_${PN}-staticdev
remove the settings as they were without effect anyway
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 68988584921332f929f2508a3b2678cb33579290)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
ERROR: upm-2.0.0+gitAUTOINC+5cf20df96c-r0 do_package: QA Issue: upm:
Files/directories were installed but not shipped in any package:
/usr/lib/python3.8/site-packages/upm/pyupm_adc121c021.py
/usr/lib/python3.8/site-packages/upm/pyupm_hmc5883l.py
/usr/lib/python3.8/site-packages/upm/_pyupm_mma8x5x.so
/usr/lib/python3.8/site-packages/upm/_pyupm_m24lr64e.so
/usr/lib/python3.8/site-packages/upm/pyupm_tca9548a.py
/usr/lib/python3.8/site-packages/upm/pyupm_mb704x.py
/usr/lib/python3.8/site-packages/upm/_pyupm_ehr.so
......
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit efe14bb04e58dd2028ba7c1521f08e2bd5382130)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The error is as the following:
ERROR: paho-mqtt-c-1.3.2-r0 do_package: QA Issue: paho-mqtt-c:
Files/directories were installed but not shipped in any package:
/usr/lib
/usr/lib/cmake
/usr/lib/cmake/eclipse-paho-mqtt-c
/usr/lib/cmake/eclipse-paho-mqtt-c/eclipse-paho-mqtt-cConfig.cmake
/usr/lib/cmake/eclipse-paho-mqtt-c/eclipse-paho-mqtt-cConfigVersion.cmake
/usr/lib/cmake/eclipse-paho-mqtt-c/eclipse-paho-mqtt-cConfig-noconfig.cmake
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 93aa8defe3fae48c48b364136a0af8a58fd2be95)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
ERROR: mraa-2.1.0+gitAUTOINC+e15ce6fbc7-r0 do_package: QA Issue: mraa:
Files/directories were installed but not shipped in any package:
/usr/lib/python3.8/site-packages/_mraa.so
/usr/lib/python3.8/site-packages/mraa.py
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit fadaf4867074d0140e769b954b7e8afb92c4dd1a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Change SRC_URI:
- all minicoredumper related sources moved to https://github.com/diamon/minicoredumper
>From the NEWS:
The Linux Foundation will be shutting down their git service for workgroups.
The minicoredumper repository and bug tracking has been moved to the DiaMon
Workgroup account on github.com. We thank the Linux Foundation for providing
us the git service over the last 5 years.
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 110fa8902db7e8568f92b314716effc7558980f4)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b0d884a994197a9bc0b181545fe67f19a7630cd7)
[AK: This release fixes vmap support which broke in the previous 0.9.5 release.]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
ERROR: tracker-miners-2.3.3-r0 do_package: QA Issue: tracker-miners:
Files/directories were installed but not shipped in any package:
/usr/lib64/systemd
/usr/lib64/systemd/user
/usr/lib64/systemd/user/tracker-extract.service
/usr/lib64/systemd/user/tracker-writeback.service
/usr/lib64/systemd/user/tracker-miner-fs.service
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 02afb13f5dde533e97617635fdc1464fcade038c)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
1.5.22
* GDBusAuthObserver security fix 3d442db
* Use XDG_CACHE_HOME for Unix socket directory a141a14 982c40f 5742e1b d53401e a1705ad
* Hangul button press handling 25d11f5 c662a02 ecc3465
* Fix deprecated APIs 48a8d7e 35863d8
* Bug fixes 773420f 745ffb8 26a8105 bccf94d d50627f 7486385 cd4fef5
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 43e3c0da024f49e428aff6eef94feef8a17bf941)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f0a9b8bfab39e6b140bcb63f55cdadb692e7e91a)
[ak: 1.12.x is a stable release]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
2.1.3
Changes
* Force cython to use python language version 3
Bugs fixed
* Fix tooltip not updating when bluetooth is disabled
* Fix dbus timeout in DhcClient
* Call the right method when pulseaudio crashes
* Handle os.remove failing
2.1.2
Bugs fixed
* Signal bar updates with multiple adapters
* Pairing with pincode
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d05070c7d8d1f384914b1243298b4759fd9accae)
[AK: Dunfell does not support py2 so upgrade seems resonable]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
reproduce steps:
1. bitbake libmcrypt
2. add bb.note('hello') in do_fetch of base.bbclass
3. bitbake libmcrypt
do_configure failed:
Making clean in doc
make[1]: Entering directory 'build/tmp-glibc/work/cortexa72-wrs-linux/libmcrypt/2.5.8-r0/libmcrypt-2.5.8/doc'
make[1]: *** No rule to make target 'clean'. Stop.
make[1]: Leaving directory 'build/tmp-glibc/work/cortexa72-wrs-linux/libmcrypt/2.5.8-r0/libmcrypt-2.5.8/doc'
Makefile:316: recipe for target 'clean-recursive' failed
error occurred in autotools_preconfigure, since we have build one time
in step1, we have CONFIGURESTAMPFILE, and also BB_TASKHASH changed after
step2, in step3, after do_fetch, ${S} is renewed, but with main Makefile
exist but no Makefile exist under sub folder, so above error occurred.
set CLEANBROKEN to fix this error
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e2d3ecaeb03027dd34875486ad00c58f921a5595)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Source: net-snmp.org
MR: 104509
Type: Security Fix
Disposition: Backport from https://github.com/net-snmp/net-snmp/commit/5f881d3bf24599b90d67a45cae7a3eb099cd71c9
ChangeID: 206d822029d48d904864f23fd1b1af69dffc26c8
Description:
Fixes CVE-2019-20892 which affect net-snmp <= 5.8pre1
Had to fix up some file do to later code restructioning.
"int refcnt;" addition was done in include/net-snmp/library/snmpusm.h
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 96a63b1ecf321c9a63880a963ed257086998133b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Some files are compiled with armv8-a+crypto and when using cortex-a55
the deduced march is armv8.2-a which then conflicts
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Currently, testcnx ptest fails due to expired CA certificates:
Test project /usr/lib64/freeDiameter/ptest
...
Start 10: testcnx
10/11 Test #10: testcnx ..........................***Failed 0.12 sec
...
<snip>
Command: "/usr/lib64/freeDiameter/ptest/testcnx"
Directory: /usr/lib64/freeDiameter/ptest
"testcnx" start time: Jun 17 10:52 UTC
Output:
----------------------------------------------------------
10:52:43 ERROR ERROR: Invalid parameter '(conn->cc_rcvthr != (pthread_t)((voidd
*)0))', 22
10:52:43 ERROR TLS: Remote certificate invalid on socket 6 (Remote: 'localhostt
.localdomain')(Connection: '{---T} TCP from [127.0.0.1]:57898 (4<-6)') :
10:52:43 ERROR - The certificate has expired.
10:52:43 ERROR TLS ERROR: in 'ret = gnutls_handshake(conn->cc_tls_para.sessionn
)' : Error in the certificate.
10:52:43 FATAL! testcnx.c:867: CHECK FAILED : fd_cnx_handshake(server_side, GNUU
TLS_SERVER, ALGO_HANDSHAKE_DEFAULT , NULL, NULL) == 16 != 0
10:52:43 FATAL! FAILED: testcnx.c
<end of output>
Test time = 0.02 sec
<snip>
Backport upstream patch [1] to fix this issue.
[1] http://www.freediameter.net/hg/freeDiameter/rev/eff5bb332b5a
This patch is present in version 1.4.0, so master is not affected.
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit bf209dbf116a958689d82a73b7e1f4f1abfd5353)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Source: ntp.org
MR: 104487
Type: Security Fix
Disposition: Backport from http://archive.ntp.org/ntp4/ntp-4.2/
ChangeID: 65b220646dc29168c45b051a6ea2a651b9e669d1
Description:
Bugfix only update including a security fix: CVE-2020-15025
changelog: https://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ChangeLog-stable
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c9384d7fc40acdf8b5ed668ac3f5fa0e2ad4dbd1)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upgrade to release 1.3.17:
- orm Bug fixes
- orm Added an accessor ColumnProperty.Comparator.expressions
which provides access to the group of columns mapped under a
multi-column ColumnProperty attribute.
- orm Introduce _orm.relationship.sync_backref flag in a
relationship to control if the synchronization events that
mutate the in-Python attributes are added. This supersedes the
previous change #5149, which warned that viewonly=True
relationship target of a back_populates or backref configuration
would be disallowed.
- engine Bug fixes
- schema Bug fixes
- schema Add comment attribute to _schema.Column __repr__ method.
The year in LICENSE has been updated so LIC_FILES_CHKSUM was
changed.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5fef53b9989767dae9288274df871639e7c1c4a1)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
>From [1]
* Increase cache buffers size to accomodate VLAN edits (#594)
* Correct L2 header length to correct IP header offset (#583)
* Fix warnings from gcc version 10 (#580)
* Heap Buffer Overflow in randomize_iparp (#579)
* Use after free in get_ipv6_next (#578)
* Heap Buffer Overflow in git_ipv6_next (#576)
* Call pcap_freecode() on pcap_compile() (#572)
* Increase max snaplen to 262144 (#571)
* Fix divide by zero in fuzzing (#570)
* Unique IP repeats at very high iteration counts (#566)
* Fails to compile on FreeBSD amd64 13.0 (#558)
* Heap Buffer Overflow in do_checksum (#556) (#577)
* Attempt to correct corrupt pcap files, if possible (#557)
* Fix GCC v10 warnings (#555)
* Remove some duplicated SOURCES entries (#551)
* Expand /dev/bpfX hard limit to fix macOS Mojave (#550)
* Implement --loopdelay-ms when using --loop=0 (#546)
* Heap overflow packet2tree and get_l2len (#530)
[1] https://github.com/appneta/tcpreplay/releases
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 822963c6cba8edde6d91fc56e2f0ae9e7a730551)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
>From [1]
* release x86 and x64 libraries for android platform
* Bug fixes
[1] https://github.com/cisco/openh264/releases
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 69716e959bddb3b56dffb07bc308cfb6e1e80bb6)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Back ported upstream patch:
https://github.com/richardcochran/linuxptp/commit/7de73fefc378cc42b9ed1115b3afa409d0250a48
Signed-off-by: Christian Eggers <ceggers@arri.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 924bd4dd084cb86704c52fecee5bd147186a6efb)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
https://samba.org seems to be gone, switch to https://www.samba.org
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9a85b925c51308f93475d7cc8e2ddda90dff30fd)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
??Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 8f6facb77e13c9dc53056f30283d0dd33a9c8679)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
Yi Zhao
Robert Joslyn
Ovidiu Panait
Adrian Bunk
Armin Kuster
Leon Anavi
Martin Jansa
Mingli Yu
Kai Kang
Andreas Müller
Yue Tao
Khem Raj
Ryan Rowe
Alistair Francis
Changqing Li
Julius Hemanth Pitti
Armin Kuster
Robert Yang
Qi.Chen@windriver.com
Konrad Weihmann
Zheng Ruoqin
Pierre-Jean Texier
Zang Ruochen
Bog999
Christian Eggers
Wang Mingyu