Age | Commit message (Collapse) | Author |
|
Includes:
wnpa-sec-2018-01, Multiple dissectors could crash. (Bug 14253) CVE-2018-5336
wnpa-sec-2018-02, The MRDISC dissector could crash. (Bug 14299, Bug 13707) CVE-2017-17997
wnpa-sec-2018-03, The IxVeriWave file parser could crash. (Bug 14297) CVE-2018-5334
wnpa-sec-2018-04, The WCP dissector could crash. (Bug 14251) CVE-2018-5335
Full release notes: https://www.wireshark.org/docs/relnotes/wireshark-2.2.12.html
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
changed --with-ssh to --with-libssh=DIR
includes:
wnpa-sec-2017-47 : CVE-2017-17084
The IWARP_MPA dissector could crash. (Bug 14236)
wnpa-sec-2017-48 : CVE-2017-17083
The NetBIOS dissector could crash. (Bug 14249)
wnpa-sec-2017-49 : CVE-2017-17085
The CIP Safety dissector could crash. (Bug 14250)
release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.11.html
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The following vulnerabilities have been fixed:
* [1]wnpa-sec-2017-42
BT ATT dissector crash ([2]Bug 14049) [3]CVE-2017-15192
* [4]wnpa-sec-2017-43
MBIM dissector crash ([5]Bug 14056) [6]CVE-2017-15193
* [7]wnpa-sec-2017-44
DMP dissector crash ([8]Bug 14068) [9]CVE-2017-15191
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Versions 2.16 to 2.69 have now also moved into the archives folder.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit d338d219dfbcbbdd133c7d4364bc8a1b19835e0b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This update fixes a number of bugs including the following
vulnerabilities:
CVE-2017-13704
CVE-2017-14491
CVE-2017-14492
CVE-2017-14493
CVE-2017-14494
CVE-2017-14495
CVE-2017-14496
Further details can be found in the changelog here:
http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Change LIC_FILES_CHKSUM from README.linux to COPYING as COPYING contains the license info
2.2.9 security fixes:
wnpa-sec-2017-38
MSDP dissector infinite loop (Bug 13933) CVE-2017-13767
wnpa-sec-2017-39
Profinet I/O buffer overrun (Bug 13847) CVE-2017-13766
wnpa-sec-2017-41
IrCOMM dissector buffer overrun (Bug 13929) CVE-2017-13765
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit c6928f15d93a1546c47116b3244893b9f813e6e1)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit 3ca10e7d924d94d85783dc7440096a7dab72b978)
Bug fix only:
Including these security fixes:
wnpa-sec-2017-13
WBMXL dissector infinite loop (Bug 13477, Bug 13796) CVE-2017-7702, CVE-2017-11410
Note: This is an update for a fix in Wireshark 2.2.6 and 2.0.12.
wnpa-sec-2017-28
openSAFETY dissector memory exhaustion (Bug 13649, Bug 13755) CVE-2017-9350, CVE-2017-11411
Note: This is an update for a fix in Wireshark 2.2.7.
wnpa-sec-2017-34
AMQP dissector crash. (Bug 13780) CVE-2017-11408
wnpa-sec-2017-35
MQ dissector crash. (Bug 13792) CVE-2017-11407
wnpa-sec-2017-36
DOCSIS infinite loop. (Bug 13797) CVE-2017-11406
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Refer to http://www.tcpdump.org/tcpdump-changes.txt:
Fix buffer overflow vulnerabilities:
CVE-2017-11543 (SLIP)
CVE-2017-13011 (bittok2str_internal)
Fix infinite loop vulnerabilities:
CVE-2017-12989 (RESP)
CVE-2017-12990 (ISAKMP)
CVE-2017-12995 (DNS)
CVE-2017-12997 (LLDP)
Fix buffer over-read vulnerabilities:
CVE-2017-11541 (safeputs)
CVE-2017-11542 (PIMv1)
CVE-2017-12893 (SMB/CIFS)
CVE-2017-12894 (lookup_bytestring)
CVE-2017-12895 (ICMP)
CVE-2017-12896 (ISAKMP)
CVE-2017-12897 (ISO CLNS)
CVE-2017-12898 (NFS)
CVE-2017-12899 (DECnet)
CVE-2017-12900 (tok2strbuf)
CVE-2017-12901 (EIGRP)
CVE-2017-12902 (Zephyr)
CVE-2017-12985 (IPv6)
CVE-2017-12986 (IPv6 routing headers)
CVE-2017-12987 (IEEE 802.11)
CVE-2017-12988 (telnet)
CVE-2017-12991 (BGP)
CVE-2017-12992 (RIPng)
CVE-2017-12993 (Juniper)
CVE-2017-11542 (PIMv1)
CVE-2017-11541 (safeputs)
CVE-2017-12994 (BGP)
CVE-2017-12996 (PIMv2)
CVE-2017-12998 (ISO IS-IS)
CVE-2017-12999 (ISO IS-IS)
CVE-2017-13000 (IEEE 802.15.4)
CVE-2017-13001 (NFS)
CVE-2017-13002 (AODV)
CVE-2017-13003 (LMP)
CVE-2017-13004 (Juniper)
CVE-2017-13005 (NFS)
CVE-2017-13006 (L2TP)
CVE-2017-13007 (Apple PKTAP)
CVE-2017-13008 (IEEE 802.11)
CVE-2017-13009 (IPv6 mobility)
CVE-2017-13010 (BEEP)
CVE-2017-13012 (ICMP)
CVE-2017-13013 (ARP)
CVE-2017-13014 (White Board)
CVE-2017-13015 (EAP)
CVE-2017-11543 (SLIP)
CVE-2017-13016 (ISO ES-IS)
CVE-2017-13017 (DHCPv6)
CVE-2017-13018 (PGM)
CVE-2017-13019 (PGM)
CVE-2017-13020 (VTP)
CVE-2017-13021 (ICMPv6)
CVE-2017-13022 (IP)
CVE-2017-13023 (IPv6 mobility)
CVE-2017-13024 (IPv6 mobility)
CVE-2017-13025 (IPv6 mobility)
CVE-2017-13026 (ISO IS-IS)
CVE-2017-13027 (LLDP)
CVE-2017-13028 (BOOTP)
CVE-2017-13029 (PPP)
CVE-2017-13030 (PIM)
CVE-2017-13031 (IPv6 fragmentation header)
CVE-2017-13032 (RADIUS)
CVE-2017-13033 (VTP)
CVE-2017-13034 (PGM)
CVE-2017-13035 (ISO IS-IS)
CVE-2017-13036 (OSPFv3)
CVE-2017-13037 (IP)
CVE-2017-13038 (PPP)
CVE-2017-13039 (ISAKMP)
CVE-2017-13040 (MPTCP)
CVE-2017-13041 (ICMPv6)
CVE-2017-13042 (HNCP)
CVE-2017-13043 (BGP)
CVE-2017-13044 (HNCP)
CVE-2017-13045 (VQP)
CVE-2017-13046 (BGP)
CVE-2017-13047 (ISO ES-IS)
CVE-2017-13048 (RSVP)
CVE-2017-13049 (Rx)
CVE-2017-13050 (RPKI-Router)
CVE-2017-13051 (RSVP)
CVE-2017-13052 (CFM)
CVE-2017-13053 (BGP)
CVE-2017-13054 (LLDP)
CVE-2017-13055 (ISO IS-IS)
CVE-2017-13687 (Cisco HDLC)
CVE-2017-13688 (OLSR)
CVE-2017-13689 (IKEv1)
CVE-2017-13690 (IKEv2)
CVE-2017-13725 (IPv6 routing headers)
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
(cherry picked from commit b5c46e9f8e078e98d4888d5ce8749ca126bbd1cc)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Summary for 4.9.1 tcpdump release
CVE-2017-11108/Fix bounds checking for STP.
Make assorted documentation updates and fix a few typos in tcpdump output.
Fixup -C for file size >2GB (GH #488).
Show AddressSanitizer presence in version output.
Fix a bug in test scripts (exposed in GH #613).
On FreeBSD adjust Capsicum capabilities for netmap.
On Linux fix a use-after-free when the requested interface does not exist.
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit 60b416317225d76e9374cb63807f1e1831f9f671)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Port to build on musl while here
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upgrade wireshark from 2.2.6 to 2.2.7
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
This update add bug and security fixes.
Bazaar dissector infinite loop (Bug 13599) CVE-2017-9352
DOF dissector read overflow (Bug 13608) CVE-2017-9348
DHCP dissector read overflow (Bug 13609, Bug 13628) CVE-2017-9351
SoulSeek dissector infinite loop (Bug 13631) CVE-2017-9346
DNS dissector infinite loop (Bug 13633) CVE-2017-9345
DICOM dissector infinite loop (Bug 13685) CVE-2017-9349
openSAFETY dissector memory exhaustion (Bug 13649) CVE-2017-9350
BT L2CAP dissector divide by zero (Bug 13701) CVE-2017-9344
MSNIP dissector crash (Bug 13725) CVE-2017-9343
ROS dissector crash (Bug 13637) CVE-2017-9347
RGMP dissector crash (Bug 13646) CVE-2017-9354
IPv6 dissector crash (Bug 13675) CVE-2017-9353
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Traceroute's manual pages are installed in /usr/share/man,
which should be placed in /usr/share/man/man8.
Correct this.
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fix the following QA issue.
ERROR: open-isns-0.97-r0 do_package: QA Issue: open-isns: Files/directories were installed but not shipped in any package:
/usr/lib
/usr/lib/systemd
/usr/lib/systemd/system
/usr/lib/systemd/system/isnsd.socket
/usr/lib/systemd/system/isnsd.service
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Remove the empty /var/lock to avoid conflict with base-files:
| Error: Transaction check error:
file /var/lock conflicts between attempted installs of
drbd-utils-8.9.6-r0.core2_64 and base-files-3.0.14-r89.qemux86_64
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Perl script drbd-overview fails to run due to some of
perl's lib noexists under small rootfs,fixing it through
adding explicit definitions
Signed-off-by: Marius Tiplea <marius.tiplea@windriver.com>
Signed-off-by: Yadi.hu <yadi.hu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
* Correct subdir to let the second source file
netcat-openbsd_${PV}-7.debian.tar.gz unpacked
under the correct folder to avoid below error
when do_patch in multilib env.
| DEBUG: Executing python function do_patch
| DEBUG: Executing shell function netcat_do_patch
| No patch removed
| No series file found
| WARNING: exit code 2 from a shell command.
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
strongSwan offers a plugin mechanism therefore it should not be
mandatory to install all of them when installing the package. Each
plugin is now a self-contained package with the library and its
configuration.
To remain compatible with the current configuration, a default set of
plugins has been selected as RDEPENDS of the main package. This default
list is based on the default strongSwan list minus some plugins enabled
via PACKAGECONFIG
(see https://wiki.strongswan.org/projects/strongswan/PluginList).
Signed-off-by: David Vincent <freesilicon@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Upgrade dovecot from 2.2.25 to 2.2.29.
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Benjamin Gaignard <benjamin.gaignard@linaro.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Fixes for musl build are not in a release yet
until then switch to using git for SRC_URI
License file changes are here
https://github.com/traviscross/mtr/commit/dd42b2305a94dcbf80847410be0288df29d6a5ef
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
The following vulnerabilities have been fixed:
* [1]wnpa-sec-2017-12
IMAP dissector crash ([2]Bug 13466) [3]CVE-2017-7703
* [4]wnpa-sec-2017-13
WBMXL dissector infinite loop ([5]Bug 13477) [6]CVE-2017-7702
* [7]wnpa-sec-2017-14
NetScaler file parser infinite loop ([8]Bug 13478) [9]CVE-2017-7700
* [10]wnpa-sec-2017-15
RPCoRDMA dissector infinite loop ([11]Bug 13558) [12]CVE-2017-7705
* [13]wnpa-sec-2017-16
BGP dissector infinite loop ([14]Bug 13557) [15]CVE-2017-7701
* [16]wnpa-sec-2017-17
DOF dissector infinite loop ([17]Bug 13453) [18]CVE-2017-7704
* [19]wnpa-sec-2017-18
PacketBB dissector crash ([20]Bug 13559)
* [21]wnpa-sec-2017-19
SLSK dissector long loop ([22]Bug 13576)
* [23]wnpa-sec-2017-20
SIGCOMP dissector infinite loop ([24]Bug 13578)
* [25]wnpa-sec-2017-21
WSP dissector infinite loop ([26]Bug 13581)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Andrea Galbusera <gizero@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
/run is in FILES_${PN} but nothing either populate or even create it.
Signed-off-by: Andrea Galbusera <gizero@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Andrea Galbusera <gizero@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
When systemd is in DISTRO_FEATURES we have two attempts to create
${localstatedir}/run/openvpn: one at build time with install command and
the other via systemd-tmpfiles at runtime which is enabled by installing
openvpn-volatile.conf. Beside looking redundant, by dropping the build-time
dir creation attempt solves the following error when building images with
both base-files and openvpn:
Error: Transaction check error:
file /var/run conflicts between attempted installs of
openvpn-2.3.9-r0.cortexa7hf_neon_vfpv4 and
base-files-3.0.14-r89.raspberrypi3
Signed-off-by: Andrea Galbusera <gizero@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
The file was installed but never packaged, ending up in no systemd-tmpfiles
configuration on the final rootfs.
Signed-off-by: Andrea Galbusera <gizero@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
To: openembedded-devel@lists.openembedded.org
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Drop do_compile, default is same
Do not assume that configure is running in S
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Switch the SRC_URI to git based fetcher
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
pkgconfig is used so we need to inherit pkgconfig
secondly, base64 support is added for it to work
with musl
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
LICENSE_FILE md5 changed do to copyright date change.
NTF's NTP Project is releasing ntp-4.2.8p10, which addresses:
6 MEDIUM severity vulnerabilities (1 is about the Windows PPSAPI DLL)
5 LOW severity vulnerabilities (2 are in the Windows Installer)
4 Informational-level vulnerabilities
15 other non-security fixes and improvements
All of the security issues in this release are listed in VU#633849.
ntp-4.2.8p10 was released on 21 March 2017.
Sec 3389 / CVE-2017-6464 / VU#325339: NTP-01-016 NTP: Denial of Service via Malformed Config (Pentest report 01.2017)
Sec 3388 / CVE-2017-6462 / VU#325339: NTP-01-014 NTP: Buffer Overflow in DPTS Clock (Pentest report 01.2017)
Sec 3387 / CVE-2017-6463 / VU#325339: NTP-01-012 NTP: Authenticated DoS via Malicious Config Option (Pentest report 01.2017)
Sec 3386: NTP-01-011 NTP: ntpq_stripquotes() returns incorrect Value (Pentest report 01.2017)
Sec 3385: NTP-01-010 NTP: ereallocarray()/eallocarray() underused (Pentest report 01.2017)
Sec 3384 / CVE-2017-6455 / VU#325339: NTP-01-009 NTP: Windows: Privileged execution of User Library code (Pentest report 01.2017)
Sec 3383 / CVE-2017-6452 / VU#325339: NTP-01-008 NTP: Windows Installer: Stack Buffer Overflow from Command Line (Pentest report 01.2017)
Sec 3382 / CVE-2017-6459 / VU#325339: NTP-01-007 NTP: Windows Installer: Data Structure terminated insufficiently (Pentest report 01.2017)
Sec 3381: NTP-01-006 NTP: Copious amounts of Unused Code (Pentest report 01.2017)
Sec 3380: NTP-01-005 NTP: Off-by-one in Oncore GPS Receiver (Pentest report 01.2017)
Sec 3379 / CVE-2017-6458 / VU#325339: NTP-01-004 NTP: Potential Overflows in ctl_put() functions (Pentest report 01.2017)
Sec 3378 / CVE-2017-6451 / VU#325339: NTP-01-003 Improper use of snprintf() in mx4200_send() (Pentest report 01.2017)
Sec 3377 / CVE-2017-6460 / VU#325339: NTP-01-002 Buffer Overflow in ntpq when fetching reslist (Pentest report 01.2017)
Sec 3376: NTP-01-001 Makefile does not enforce Security Flags (Pentest report 01.2017)
Sec 3361 / CVE-2016-9042 / VU#325339: 0rigin
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Fixes
| ./utils/smnotify/smnotify.h:9:10: fatal error: 'rpc/rpc.h' file not found
| #include <rpc/rpc.h>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
* based on discussion in pndeprecated thread:
https://patchwork.openembedded.org/patch/137573/
update the messages to warn possible users that the
recipe will be removed before the end of the next development
cycle (before Yocto 2.4 is released).
* updated with:
sed -i 's/^\(PNBLACKLIST.*".*\)"/\1 - the recipe will be removed on 2017-09-01 unless the issue is fixed"/g' `git grep PNBLACKLIST | sed 's/:.*//g' | sort -u | xargs`
* then noticed couple recipes being blacklisted only based on
DISTRO_FEATURES, so removed those:
meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.17.bb
meta-oe/recipes-connectivity/bluez/bluez-hcidump_2.5.bb
meta-oe/recipes-connectivity/bluez/bluez4_4.101.bb
meta-oe/recipes-connectivity/bluez/gst-plugin-bluetooth_4.101.bb
meta-oe/recipes-navigation/foxtrotgps/foxtrotgps_1.1.1.bb
meta-oe/recipes-navigation/gypsy/gypsy.inc
meta-oe/recipes-navigation/navit/navit.inc
meta-oe/recipes-support/opensync/libsyncml_0.5.4.bb
* if it isn't fixed by this date, it's fair game to be removed
whenever someone gets around to i
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Upgrade curlpp from 0.7.3 to 0.8.1. The main difference between 0.7.x
and 0.8.0 is that it replaces autotools with cmake, see
https://github.com/jpbarrette/curlpp/releases/tag/v0.8.0
The homepage of curlpp on googlecode is obsoleted, so update it and use
soure code repo on github.
Remove dependency boost which is dropped by upstream. And remove extra
CXXFLAGS which has been fixed by upstream.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Fix with musl along
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Eliminate references to syscalls not available
for ARM_EABI. Also add a dependency on libseccomp
which is needed for scfilter to work.
Set PACKAGECONFIG to not enable scfilter, since
kernel CONFIG_SECCOMP is unlikely to be set. This
aligns the usage of libseccomp with that of other packages.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Oleksandr Kravchuk <oleksandr.kravchuk@pelagicore.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
The info is taken from CentOS which is usefull
when bind (provides named) and dnsmasq are both
installed and one may fail to start:
| dnsmasq: failed to create listening socket for port 53: Address already in use
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|