Age | Commit message (Collapse) | Author |
|
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Security release, see GHSA-jpc9-mgw6-2xwx/CVE-2020-15238 [1]
Changes
Force cython to use python language version 3
Do not use exitcode 1 when we expect to fail
Mark more strings translatable (@cwendling)
Bugs fixed
Unstranslated strings
Searching (with Ctrl+F in manager device list) did not work
Default PIN lookup
Fix device removal handling (@Yannik)
Only use LaunchContext when we have proper event time
[1] https://github.com/blueman-project/blueman/security/advisories/GHSA-jpc9-mgw6-2xwx
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
0001-Make-ByteReverseWords-available-for-big-and-little-e.patch
Removed since this is included in 4.6.0
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Refresh the following patch:
0001-dbus-Remove-unused-variabes.patch
0002-Makefile-Exclude-.h-files-from-target-rule.patch
Add 0001-don-t-fail-if-GLOB_BRACE-is-not-defined.patch to solve the
compilation errors on musl.
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Deleted build fix patch. This is already applied in this release.
Signed-off-by: Alexander Vickberg <wickbergster@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14383
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14318
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Download archives are no longer updated so fetch from Github. Add build
fix from upstream. The file LICENSE now contains the full Apache 2.0
license text.
Signed-off-by: Alexander Vickberg <wickbergster@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
0001-src-parse.c-Initialize-key-to-NULL.patch
Removed since this is included in 0.100.
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Mark Jonas <toertel@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The dhcp-client has been removed from oe-core and the current
networkmanager does not support dhcpcd >= 9.0 (See bug report:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/410)
Remove the PACKAGECONFIG[dhclient] and pass --with-dhclient/dhcpcd=no
explicitly to EXTRA_OECONF. Otherwise it will search the host path when
configure.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This is security release in order to address CVE-2020-1472
(Unauthenticated domain takeover via netlogon ("ZeroLogon")).
See: https://www.samba.org/samba/history/samba-4.10.18.html
Also remove 3 backported patches.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Add patch from upstream which fixes building on big endian.
Signed-off-by: Alexander Vickberg <wickbergster@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fixes Issue #280
Signed-off-by: Winfried Dobbe <winfried.dobbe@xmsnet.nl>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
IEC 61850 is an international standard for communication systems in
Substation Automation Systems (SAS) and management of Decentralized
Energy Resources (DER). It is seen as one of the communication
standards of the emerging Smart Grid.
Add two upstream patch fixing build issues with musl libc.
Enable the libiec61850 python binding (pyiec61850) that require a fix
to find the correct PYTHON_SITE_DIR path while cross-compiling.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The wireless-regdb has been moved to oe-core. According the commit
message:
wireless-regdb-static should be used with kernel >= 4.15.
wireless-regdb can be used with older kernels and is mostly
irrelevant here, but keeping it in meta-networking would
create needless recipe duplication.
it should replace runtime dependency wireless-regdb with
wireless-regdb-static.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade to release 1.6.12:
Security:
- In some circumstances, Mosquitto could leak memory when handling
PUBLISH messages. This is limited to incoming QoS 2 messages,
and is related to the combination of the broker having
persistence enabled, a clean session=false client, which was
connected prior to the broker restarting, then has reconnected
and has now sent messages at a sufficiently high rate that the
incoming queue at the broker has filled up and hence messages
are being dropped. This is more likely to have an effect where
max_queued_messages is a small value. This has now been fixed.
Broker:
- Build warning fixes when building with WITH_BRIDGE=no and
WITH_TLS=no.
Clients:
- All clients exit with an error exit code on CONNACK failure.
- Don't busy loop with `mosquitto_pub -l` on a slow connection.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This helps it to use dropbear
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fixes
No GNU_HASH in the ELF binary /mnt/b/yoe/master/build/tmp/work/cortexa57-yoe-linux/bearssl/0.6-r0/packages-split/bearssl/usr/lib/libbearssl.so.6.0.0, didn't pass LDFLAGS? [ldflag
s]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
dhcp-client is being removed from oe-core
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fails to build on an aarch64 system with ipv6 disabled. This backported
patch fixes it.
Signed-off-by: Jack Mitchell <ml@embed.me.uk>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Default Makefile of bearssl doesn't have a make target which hadn't
enough attraction when creating the recipe.
Add missing functionality.
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Add recipe for BearSSL - an an implementation of the SSL/TLS protocol with
the approach of:
* Be correct and secure.
* Be small
* Be highly portable
* Be feature-rich and extensible
See https://bearssl.org for more details.
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Added recipe for autossh tool.
Signed-off-by: Colin McAllister <colinmca242@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade to release 1.6.11:
Broker:
- Fix usage message only mentioning v3.1.1.
- Fix broker refusing to start if only websockets listeners were
defined.
- Change systemd unit files to create /var/log/mosquitto before
starting.
- Don't quit with an error if opening the log file isn't possible.
- Fix bridge topic remapping when using "" as the topic.
- Fix messages being queued for disconnected bridges when clean
start was set to true.
- Fix `autosave_interval` not being triggered by messages being
delivered.
- Fix websockets clients sometimes not being disconnected promptly.
- Fix "slow" file based logging by switching to line based
buffering.
- Log protocol error message where appropriate from a bad
UNSUBSCRIBE, rather than the generic "socket error".
- Don't try to start DLT logging if DLT unavailable, to avoid a
long delay when shutting down the broker.
- Fix potential memory leaks.
- Fix clients not receiving messages after a previous client with
the same client ID and positive will delay interval quit.
- Fix overly broad HAVE_PTHREAD_CANCEL compile guard.
Client library:
- Improved documentation around connect callback return codes.
- Fix `mosquitto_publish*()` no longer returning
`MOSQ_ERR_NO_CONN` when not connected.
- `mosquitto_loop_start()` now sets a thread name on Linux,
FreeBSD, NetBSD, and OpenBSD.
- Fix `mosquitto_loop_stop()` not stopping on Windows.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Drop upstreamed patch
Fixed compatibility with g++-10
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Add patches to fix build with clang-11
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fixes:
# cd /etc/raddb/certs
# ./bootstrap
[snip]
chmod g+r ca.key
openssl pkcs12 -in server.p12 -out server.pem -passin pass:'whatever' -passout pass:'whatever'
chmod g+r server.pem
C = FR, ST = Radius, O = Example Inc., CN = Example Server Certificate, emailAddress = admin@example.org
error 7 at 0 depth lookup: certificate signature failure
140066667427072:error:04067084:rsa routines:rsa_ossl_public_decrypt:data too large for modulus:../openssl-1.1.1g/crypto/rsa/rsa_ossl.c:553:
140066667427072:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:../openssl-1.1.1g/crypto/asn1/a_verify.c:170:
error server.pem: verification failed
make: *** [Makefile:107: server.vrfy] Error 2
It seems the ca.pem mismatchs server.pem which results in failing to
execute "openssl verify -CAfile ca.pem server.pem", so add the logic
to check the file to avoid inconsistency.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
It fails to compile rdist occasionally when system load of build server
is high:
| In file included from common.c:57:
| ../include/defs.h:49:10: fatal error: y.tab.h: No such file or directory
| 49 | #include "y.tab.h"
| | ^~~~~~~~~
| compilation terminated.
Make $(COMMONOBJS) which include common.o to depends on related header files
and y.tab.h to fix the parallel build failure.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This is a security release in order to address the following defects:
CVE-2020-10730: NULL pointer de-reference and use-after-free in Samba AD
DC LDAP Server with ASQ, VLV and paged_results.
CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
excessive CPU
CVE-2020-10760: LDAP Use-after-free in Samba AD DC Global Catalog with
paged_results and VLV.
CVE-2020-14303: Empty UDP packet DoS in Samba AD DC nbtd.
Also backport 3 patches to fix build error with musl.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
nft build dependency has been removed in @3f7419dcb50a5bdcf800512d2491.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
License checksum changed due to modified copyright years.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
nngpp is a c++ wrapper for nng
Signed-off-by: Johan Jeppsson <johanje@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This is seen with glibc 2.32 where these names are also defined
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
NetworkManager depends on libudev, but not on libgudev.
Signed-off-by: Christian Eggers <ceggers@arri.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
nmcli depends on libreadline which is licensed under GPLv3.
Signed-off-by: Christian Eggers <ceggers@arri.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fixes the occasional error:
# cd /etc/raddb/certs
# ./bootstrap
[snip]
openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr -key 'whatever' -out client.crt -extensions xpclient_ext -extfile xpextensions -config ./client.cnf
Using configuration from ./client.cnf
Check that the request matches the signature
Signature ok
ERROR:There is already a certificate for /C=FR/ST=Radius/O=Example Inc./CN=user@example.org/emailAddress=user@example.org
The matching entry has the following details
Type :Valid
Expires on :200908024833Z
Serial Number :02
File name :unknown
Subject Name :/C=FR/ST=Radius/O=Example Inc./CN=user@example.org/emailAddress=user@example.org
make: *** [Makefile:128: client.crt] Error 1
Add the check to fix the above error and it does the same for server.crt.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|