Age | Commit message (Collapse) | Author |
|
Signed-off-by: Derek Straka <derek@asterius.io>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit 5c8efcc9f54d04ac9a7c41176989efb78c4ac54f)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The following vulnerabilities have been fixed:
* [1]wnpa-sec-2016-29
The SPOOLS dissector could go into an infinite loop. Discovered by
the CESG.
* [2]wnpa-sec-2016-30
The IEEE 802.11 dissector could crash. ([3]Bug 11585)
* [4]wnpa-sec-2016-31
The IEEE 802.11 dissector could crash. Discovered by Mateusz
Jurczyk. ([5]Bug 12175)
* [6]wnpa-sec-2016-32
The UMTS FP dissector could crash. ([7]Bug 12191)
* [8]wnpa-sec-2016-33
Some USB dissectors could crash. Discovered by Mateusz Jurczyk.
([9]Bug 12356)
* [10]wnpa-sec-2016-34
The Toshiba file parser could crash. Discovered by iDefense Labs.
([11]Bug 12394)
* [12]wnpa-sec-2016-35
The CoSine file parser could crash. Discovered by iDefense Labs.
([13]Bug 12395)
* [14]wnpa-sec-2016-36
The NetScreen file parser could crash. Discovered by iDefense Labs.
([15]Bug 12396)
* [16]wnpa-sec-2016-37
The Ethernet dissector could crash. ([17]Bug 12440)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit f316c4a32686e57c4b65e659fbf7d7936ac39ff6)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
No CVE's assigned.
The following vulnerabilities have been fixed:
* [1]wnpa-sec-2016-19
The NCP dissector could crash. ([2]Bug 11591)
* [3]wnpa-sec-2016-20
TShark could crash due to a packet reassembly bug. ([4]Bug 11799)
* [5]wnpa-sec-2016-21
The IEEE 802.11 dissector could crash. ([6]Bug 11824, [7]Bug 12187)
* [8]wnpa-sec-2016-22
The PKTC dissector could crash. ([9]Bug 12206)
* [10]wnpa-sec-2016-23
The PKTC dissector could crash. ([11]Bug 12242)
* [12]wnpa-sec-2016-24
The IAX2 dissector could go into an infinite loop. ([13]Bug 12260)
* [14]wnpa-sec-2016-25
Wireshark and TShark could exhaust the stack. ([15]Bug 12268)
* [16]wnpa-sec-2016-26
The GSM CBCH dissector could crash. ([17]Bug 12278)
* [18]wnpa-sec-2016-27
MS-WSP dissector crash. ([19]Bug 12341)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit 7a9c626092c7d3b10206c7ca4ea2827cca9cba4f)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
CVE-2016-4957
CVE-2016-4953
CVE-2016-4954
CVE-2016-4955
CVE-2016-4956
For more info to see:
http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit 13db3c65f525a6c87cd51961c3c1816e059478b9)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit 7be16bce816dee5e9ea1dd241b5a3543fdf78356)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit 126e48c2a0e56333a6e7da7d30ea4c01d67904d1)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit 81f3fb09de018b2b67f608ecdf6963a70bffb463)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes the following compile error:
| [ 6/27] Compiling lib/replace/test/testsuite.c
| In file included from ../lib/replace/test/testsuite.c:49:0:
| ../lib/replace/system/aio.h:29:20: fatal error: libaio.h: No such file or directory
| compilation terminated.
Signed-off-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit 18a1d69f86b7eb5d151a77665dbb6a2da5306c05)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Add PACKAGECONFIG for cifsacl and update PACKAGECONFIG for cifsidmap
to make samba a conditional dependency. It is nice to be able to
get mount.cifs without needing to build samba.
Signed-off-by: S. Lockwood-Childs <sjl@vctlabs.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit a6a36710a110d381b798b445b2da9d6c490215f3)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
fix for QA Warning: No GNU_HASH in elf binary, it won't obey the default
LDFLAGS which results in QA Warning while building with external toolchain,
so adding the default LDFLAGS.
WARNING: netcat-openbsd-1.105-r0 do_package_qa:QA Issue: No GNU_HASH in the
elf binary:..nc.netcat-openbsd' [ldflags]
Signed-off-by: Shrikant Bobade <shrikant_bobade@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit d765990dd2fc9324963e9ecb0f93b7e613e874ad)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
1) error: file /usr/share/man/man1/mailq.1 from install of postfix-doc
conflicts with file from package esmtp-doc
2) error: file /usr/share/man/man1/newaliases.1 from install of postfix-doc
conflicts with file from package esmtp-doc
3) error: file /usr/share/man/man1/sendmail.1 from install of postfix-doc
conflicts with file from package esmtp-doc
Signed-off-by: Dai Caiyun <daicy.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit a2256bb3bd2abe89c9ecfbdf2b9690aaf7540342)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
An mdns package is provided by meta-intel-iot-middleware.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit 9a13040d7b10b9f7221f8190e75aa249bfacee9d)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The file depcomp would be changed during configure, which is not
suitable for LIC_FILES_CHKSUM, there is a COPYING file which is GPLv2,
so use it.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
netcf fails to build on certain hosts with newer versions
of git installed as follows:
| ./bootstrap: Bootstrapping from checked-out netcf sources...
| ./bootstrap: consider installing git-merge-changelog from gnulib
| ./bootstrap: getting gnulib files...
| error: pathspec 'gnulib' did not match any file(s) known to git.
If we do a devshell we will see that our configure prepend that
intended to _create_ the .gitmodules has instead _modified_ it
and left us with this change present:
sh-4.3# git diff
diff --git a/.gitmodules b/.gitmodules
index 7acb1ea19ca7..2d10b0e0e0fe 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,3 +1,3 @@
[submodule "gnulib"]
- path = .gnulib
- url = git://git.sv.gnu.org/gnulib.git
+ path = gnulib
+ url = git://git.sv.gnu.org/gnulib
sh-4.3#
What happens is that the newer git does not respect uncommitted
changes to the .gitmodules file, and hence the path ".gnulib" is
still considered valid vs. the in tree updated path "gnulib". It
doesn't help any that the package has its own tracked files in
gnulib/ that we stomp over, but the real fail is just uncommitted
changes to the .gitmodule as this insertion of a random path shows:
sh-4.3# git diff
diff --git a/.gitmodules b/.gitmodules
index 7acb1ea19ca7..91bd45f8e4d4 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,3 +1,3 @@
[submodule "gnulib"]
- path = .gnulib
+ path = gnulibaaa
url = git://git.sv.gnu.org/gnulib.git
sh-4.3# git --version
git version 2.7.4
sh-4.3# git submodule init
fatal: no submodule mapping found in .gitmodules for path '.gnulib'
sh-4.3#
Since the original bbclass simply assumed there was no .gitmodules
file to begin with, we can easily solve this by not clobbering it
and respect the path choice used by the package itself.
As the version of ./bootstrap shipped with netcf supports this:
--no-git do not use git to update gnulib. Requires that
--gnulib-srcdir point to a correct gnulib snapshot
we can use it in conjunction with the pathspec since we know the
gnulib was just copied in from the sysroot, and does not need
to try and pull any further updates.
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The theory behind this bbclass was reasonable, with the primary
goal being to avoid multiple downloads of gnulib, but it neglected
the fact that packages would be shipping a specific version of the
./bootstrap which will support some flags but maybe not all the
latest ones from the latest gnulib/build-aux/bootstrap file.
I attempted to simply update the two pkgs to use the latest copy
of bootstrap from gnulib but this of course triggers the descent
into autoconf hell that we all know and love. Rather than futzing
with the packages configure.ac and deviating from what the pkg
maintainers intended and tested, we can just let the packages have
independent calls to ./bootstrap with whatever flags are needed.
The goal of this commit is to move the prepend out to the packages
and then delete the class without any real functional change ; i.e.
a purely mechanical change. Then we can adjust each package to
ensure it will still build with a modern host, in an independent
fashion, while keeping the main advantage of not fetching gnulib
two extra times for netcf and fontforge.
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
NOTE: Resolving any missing task queue dependencies
ERROR: Nothing PROVIDES 'libepoxy' (but /oss/maint/mylayers/openembedded-core/meta/recipes-gnome/gtk+/gtk+3_3.18.8.bb DEPENDS on or otherwise requires it)
ERROR: libepoxy was skipped: missing required distro feature 'opengl' (not in DISTRO_FEATURES)
add DISTRO_FEATURES check for opengl to enable gtk3
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fix curlpp recipe to make it succeed to build.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Modify FILES_${PN} and FILES_${PN}-dev to fix QA issue and remove dovecot
from blacklist.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
CVE-2016-1551
CVE-2016-2516
CVE-2016-2517
CVE-2016-2518
CVE-2016-2519
CVE-2016-1547
CVE-2015-7704
CVE-2015-8138
CVE-2016-1550
for more info see:
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
Signed-off-by: Armin Kuster <akuster@mvista.com>
Acked-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
this package is in 5 other layers.
Move to a more common location and update version.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
ctdbd_wrapper requires pgrep.
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
The systemd service is disabled by default, as the service will fail to start
without /etc/ctdb/nodes. If the user supplies this, they can re-enable the
service.
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
The update of Samba requires a newer version of libtalloc, so update it.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
The update of Samba requires a newer version of libtdb, so update it.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
The update of Samba requires a newer version of libtevent, so update it.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
The update of Samba requires a newer version of libldb, so update it.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
The changes made in commit 2497cf2960537152427c99629b2af412787eb6c2
[dnsmasq: steal resolvconf support from Ubuntu] broke systemd only
dnsmasq runtime. No sysvinit scripts are included in systemd only
builds (and should not be) and the dnsmasq executable has not moved to
/usr/sbin.
Reverting to the previous version of the systemd service file. If
folks want the local dnsmasq instance to be queried before going to
an external DNS they should add 'nameserver 127.0.0.1' to
/etc/resolv.conf. Or submit a change which will work with systemd.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Acked-by: Anders Darander <anders@chargestorm.se>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit 237ade5065aee5290288febfbbae90145c2c7764)
|
|
The following vulnerabilities have been fixed:
* [1]wnpa-sec-2016-01
DLL hijacking vulnerability. [2]CVE-2016-2521
* [3]wnpa-sec-2016-02
ASN.1 BER dissector crash. ([4]Bug 11828) [5]CVE-2016-2522
* [6]wnpa-sec-2016-03
DNP dissector infinite loop. ([7]Bug 11938) [8]CVE-2016-2523
* [9]wnpa-sec-2016-04
X.509AF dissector crash. ([10]Bug 12002) [11]CVE-2016-2524
* [12]wnpa-sec-2016-05
HTTP/2 dissector crash. ([13]Bug 12077) [14]CVE-2016-2525
* [15]wnpa-sec-2016-06
HiQnet dissector crash. ([16]Bug 11983) [17]CVE-2016-2526
* [18]wnpa-sec-2016-07
3GPP TS 32.423 Trace file parser crash. ([19]Bug 11982) [20]CVE-2016-2527
* [21]wnpa-sec-2016-08
LBMC dissector crash. ([22]Bug 11984) [23]CVE-2016-2528
* [24]wnpa-sec-2016-09
iSeries file parser crash. ([25]Bug 11985) [26]CVE-2016-2529
* [27]wnpa-sec-2016-10
RSL dissector crash. ([28]Bug 11829) [29]CVE-2016-2530 [30]CVE-2016-2531
* [31]wnpa-sec-2016-11
LLRP dissector crash. ([32]Bug 12048) [33]CVE-2016-2532
* [34]wnpa-sec-2016-12
Ixia IxVeriWave file parser crash. ([35]Bug 11795)
* [36]wnpa-sec-2016-13
IEEE 802.11 dissector crash. ([37]Bug 11818)
* [38]wnpa-sec-2016-14
GSM A-bis OML dissector crash. ([39]Bug 11825)
* [40]wnpa-sec-2016-15
ASN.1 BER dissector crash. ([41]Bug 12106)
* [42]wnpa-sec-2016-16
SPICE dissector large loop. ([43]Bug 12151)
* [44]wnpa-sec-2016-17
NFS dissector crash.
* [45]wnpa-sec-2016-18
ASN.1 BER dissector crash. ([46]Bug 11822)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Add support for resolvconf integration as done in Ubuntu. This implies
updates of start-scripts, resolvconf plugin (on nameserver update ...),
populate-volatiles control file for saved nameserver list.
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
* Using "cp -a" leaks UID of user running the builds, causing
many QA warnings.
* See this thread for details:
http://lists.openembedded.org/pipermail/openembedded-core/2015-November/112904.html
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Fixed:
WARNING: QA Issue: ctdb rdepends on libtdb, but it isn't a build dependency? [build-deps]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Fixed:
cim-schema-exper-2.39.0: cim-schema-exper: /cim-schema-exper/usr/share/mof/cimv2.39.0/Network/CIM_IPAddressRange.mof is owned by uid 15220, which is the same as the user running bitbake. This may be due to host contamination [host-user-contaminated]
cim-schema-final-2.40.0: cim-schema-final: /cim-schema-final/usr/share/mof/cimv2.40.0/Network/CIM_IPAddressRange.mof is owned by uid 15220, which is the same as the user running bitbake. This may be due to host contamination [host-user-contaminated]
lib32-cim-schema-exper-2.39.0: lib32-cim-schema-exper: /lib32-cim-schema-exper/usr/share/mof/cimv2.39.0/Network/CIM_IPAddressRange.mof is owned by uid 15220, which is the same as the user running bitbake. This may be due to host contamination [host-user-contaminated]
lib32-cim-schema-final-2.40.0: lib32-cim-schema-final: /lib32-cim-schema-final/usr/share/mof/cimv2.40.0/Network/CIM_IPAddressRange.mof is owned by uid 15220, which is the same as the user running bitbake. This may be due to host contamination [host-user-contaminated]
It uses cp -a to install the files, so fix the owner to root:root
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Fixed when build with multilib:
lib32-nbd-3.11: lib32-nbd: Files/directories were installed but not shipped in any package:
/usr/sbin/nbd-client
/usr/bin/nbd-trdump
/usr/bin/nbd-server
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
lib32-nbd: 3 installed and not shipped files. [installed-vs-shipped]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Wireshark official site keeps in /src only latest
versions of sources, moving them to /src/all-versions
after some time.
Update the SRC_URI string so wireshark can be built
even after few month after release.
Signed-off-by: Ruslan Bilovol <rbilovol@cisco.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Depending on the configuration used to build ntp it is possible to
have an empty libexecdir. This can cause QA issues. Add a test at the
end of install() to remove libexecdir if it is empty, thus avoiding
the possibility of QA issues, regardless of configuration.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
QA error fix:
ERROR: QA Issue: ntp: Files/directories were installed but not shipped in any package:
/usr/libexec
CVES addressed:
Bug 2948 / CVE-2015-8158
Bug 2945 / CVE-2015-8138: origin: Zero Origin Timestamp Bypass
Bug 2942 / CVE-2015-7979: Off-path Denial of Service (DoS) attack on authenticated broadcast mode
Bug 2940 / CVE-2015-7978: Stack exhaustion in recursive traversal of restriction list
Bug 2939 / CVE-2015-7977: reslist NULL pointer dereference
Bug 2938 / CVE-2015-7976: ntpq saveconfig command allows dangerous characters in filenames
Bug 2937 / CVE-2015-7975: nextvar() missing length check
Bug 2936 / CVE-2015-7974: Skeleton Key: Missing key check allows impersonation between authenticated peers
Bug 2935 / CVE-2015-7973: Deja Vu: Replay attack on authenticated broadcast mode
Bug 2947 / CVE-2015-8140: ntpq vulnerable to replay attacks
Bug 2946 / CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin
NTP-4.2.8p5
NtpBug2956: Small-step/Big-step CVE-2015-5300
Bug #2829 Clean up pipe_fds in ntpd.c
Bug #2887 stratum -1 config results as showing value 99.
Bug #2932 Update leapsecond file info in miscopt.html.
Bug #2934 tests/ntpd/t-ntp_scanner.c has a magic constant wired in.
Bug #2944 errno is not preserved properly in ntpdate after sendto call.
Bug #2952 peer associations were broken by the fix for NtpBug2901 CVE-2015-7704
Bug #2954 Version 4.2.8p4 crashes on startup on some OSes.
Bug #2957 'unsigned int' vs 'size_t' format clash.
Bug #2958 ntpq: fatal error messages need a final newline.
Bug #2962 truncation of size_t/ptrdiff_t on 64bit targets.
Bug #2965 Local clock didn't work since 4.2.8p4.
Bug #2967 ntpdate command suffers an assertion failure
Bug #2969 Seg fault from ntpq/mrulist when looking at server with lots of clients.
Bug #2971 ntpq bails on ^C: select fails: Interrupted system call
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
This recipe currently relies on EXTRA_OEMAKE having been to set to
"-e MAKEFLAGS=" in bitbake.conf to operate. It is necessary to make
this explicit so that the default in bitbake.conf can be changed.
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
While building an image I was getting an error during rootfs creation
that ctdb was conflicting with base-files as both were creating
'/var/run':
warning: Removing ctdb-2.5.1-r0@core2_64 due to file /var/run \
conflicting with base-files-3.0.14-r89@genericx86_64
This is normally a volatile directory so we have no need
to include this in the ctdb package, so revert the actions of the
Makefile by deleting the directory.
Although /run and $localstatedir/run are linked to be consistent we
update the .service file to use the latter. To ensure the 'ctdb'
subdir exists we patch the use of RuntimeDirectory= in to the .service
file. This will compensate for our removal of this directory creation
from the Makefile.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Also make geoip package rdepend on geoip-database and
add symbolic link to GeoIPCity.dat.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Upgrade openvpn from 2.3.7 to 2.3.8.
Signed-off-by: Dai Caiyun <daicy.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Upgrade dovecot from 2.2.18 to 2.2.21.
Signed-off-by: Dai Caiyun <daicy.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Upgrade stunnel from 5.21 to 5.28.
Signed-off-by: Dai Caiyun <daicy.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|