aboutsummaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-support
AgeCommit message (Collapse)Author
2018-02-09wireshark: Update Package to 2.2.12stable/pyro-nextArmin Kuster
Includes: wnpa-sec-2018-01, Multiple dissectors could crash. (Bug 14253) CVE-2018-5336 wnpa-sec-2018-02, The MRDISC dissector could crash. (Bug 14299, Bug 13707) CVE-2017-17997 wnpa-sec-2018-03, The IxVeriWave file parser could crash. (Bug 14297) CVE-2018-5334 wnpa-sec-2018-04, The WCP dissector could crash. (Bug 14251) CVE-2018-5335 Full release notes: https://www.wireshark.org/docs/relnotes/wireshark-2.2.12.html Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-02-09wireshark: Update to 2.2.11Armin Kuster
changed --with-ssh to --with-libssh=DIR includes: wnpa-sec-2017-47 : CVE-2017-17084 The IWARP_MPA dissector could crash. (Bug 14236) wnpa-sec-2017-48 : CVE-2017-17083 The NetBIOS dissector could crash. (Bug 14249) wnpa-sec-2017-49 : CVE-2017-17085 The CIP Safety dissector could crash. (Bug 14250) release notes: https://www.wireshark.org/docs/relnotes/wireshark-2.2.11.html Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-02-09wireshark: update to 2.2.10Armin Kuster
The following vulnerabilities have been fixed: * [1]wnpa-sec-2017-42 BT ATT dissector crash ([2]Bug 14049) [3]CVE-2017-15192 * [4]wnpa-sec-2017-43 MBIM dissector crash ([5]Bug 14056) [6]CVE-2017-15193 * [7]wnpa-sec-2017-44 DMP dissector crash ([8]Bug 14068) [9]CVE-2017-15191 Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-02-09dnsmasq: update SRC_URI for versions 2.69 and earlierAndre McCurdy
Versions 2.16 to 2.69 have now also moved into the archives folder. Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> (cherry picked from commit d338d219dfbcbbdd133c7d4364bc8a1b19835e0b) Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-02-09dnsmasq: upgrade to 2.78Paul Eggleton
This update fixes a number of bugs including the following vulnerabilities: CVE-2017-13704 CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 Further details can be found in the changelog here: http://www.thekelleys.org.uk/dnsmasq/CHANGELOG Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-09-18wireshark: update to 2.2.9Armin Kuster
Change LIC_FILES_CHKSUM from README.linux to COPYING as COPYING contains the license info 2.2.9 security fixes: wnpa-sec-2017-38 MSDP dissector infinite loop (Bug 13933) CVE-2017-13767 wnpa-sec-2017-39 Profinet I/O buffer overrun (Bug 13847) CVE-2017-13766 wnpa-sec-2017-41 IrCOMM dissector buffer overrun (Bug 13929) CVE-2017-13765 Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> (cherry picked from commit c6928f15d93a1546c47116b3244893b9f813e6e1) Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-09-18wireshark: 2.2.7 -> 2.2.8Kai Kang
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> (cherry picked from commit 3ca10e7d924d94d85783dc7440096a7dab72b978) Bug fix only: Including these security fixes: wnpa-sec-2017-13 WBMXL dissector infinite loop (Bug 13477, Bug 13796) CVE-2017-7702, CVE-2017-11410 Note: This is an update for a fix in Wireshark 2.2.6 and 2.0.12. wnpa-sec-2017-28 openSAFETY dissector memory exhaustion (Bug 13649, Bug 13755) CVE-2017-9350, CVE-2017-11411 Note: This is an update for a fix in Wireshark 2.2.7. wnpa-sec-2017-34 AMQP dissector crash. (Bug 13780) CVE-2017-11408 wnpa-sec-2017-35 MQ dissector crash. (Bug 13792) CVE-2017-11407 wnpa-sec-2017-36 DOCSIS infinite loop. (Bug 13797) CVE-2017-11406 Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-09-18tcpdump: update to 4.9.2 to fix CVEsWenzong Fan
Refer to http://www.tcpdump.org/tcpdump-changes.txt: Fix buffer overflow vulnerabilities: CVE-2017-11543 (SLIP) CVE-2017-13011 (bittok2str_internal) Fix infinite loop vulnerabilities: CVE-2017-12989 (RESP) CVE-2017-12990 (ISAKMP) CVE-2017-12995 (DNS) CVE-2017-12997 (LLDP) Fix buffer over-read vulnerabilities: CVE-2017-11541 (safeputs) CVE-2017-11542 (PIMv1) CVE-2017-12893 (SMB/CIFS) CVE-2017-12894 (lookup_bytestring) CVE-2017-12895 (ICMP) CVE-2017-12896 (ISAKMP) CVE-2017-12897 (ISO CLNS) CVE-2017-12898 (NFS) CVE-2017-12899 (DECnet) CVE-2017-12900 (tok2strbuf) CVE-2017-12901 (EIGRP) CVE-2017-12902 (Zephyr) CVE-2017-12985 (IPv6) CVE-2017-12986 (IPv6 routing headers) CVE-2017-12987 (IEEE 802.11) CVE-2017-12988 (telnet) CVE-2017-12991 (BGP) CVE-2017-12992 (RIPng) CVE-2017-12993 (Juniper) CVE-2017-11542 (PIMv1) CVE-2017-11541 (safeputs) CVE-2017-12994 (BGP) CVE-2017-12996 (PIMv2) CVE-2017-12998 (ISO IS-IS) CVE-2017-12999 (ISO IS-IS) CVE-2017-13000 (IEEE 802.15.4) CVE-2017-13001 (NFS) CVE-2017-13002 (AODV) CVE-2017-13003 (LMP) CVE-2017-13004 (Juniper) CVE-2017-13005 (NFS) CVE-2017-13006 (L2TP) CVE-2017-13007 (Apple PKTAP) CVE-2017-13008 (IEEE 802.11) CVE-2017-13009 (IPv6 mobility) CVE-2017-13010 (BEEP) CVE-2017-13012 (ICMP) CVE-2017-13013 (ARP) CVE-2017-13014 (White Board) CVE-2017-13015 (EAP) CVE-2017-11543 (SLIP) CVE-2017-13016 (ISO ES-IS) CVE-2017-13017 (DHCPv6) CVE-2017-13018 (PGM) CVE-2017-13019 (PGM) CVE-2017-13020 (VTP) CVE-2017-13021 (ICMPv6) CVE-2017-13022 (IP) CVE-2017-13023 (IPv6 mobility) CVE-2017-13024 (IPv6 mobility) CVE-2017-13025 (IPv6 mobility) CVE-2017-13026 (ISO IS-IS) CVE-2017-13027 (LLDP) CVE-2017-13028 (BOOTP) CVE-2017-13029 (PPP) CVE-2017-13030 (PIM) CVE-2017-13031 (IPv6 fragmentation header) CVE-2017-13032 (RADIUS) CVE-2017-13033 (VTP) CVE-2017-13034 (PGM) CVE-2017-13035 (ISO IS-IS) CVE-2017-13036 (OSPFv3) CVE-2017-13037 (IP) CVE-2017-13038 (PPP) CVE-2017-13039 (ISAKMP) CVE-2017-13040 (MPTCP) CVE-2017-13041 (ICMPv6) CVE-2017-13042 (HNCP) CVE-2017-13043 (BGP) CVE-2017-13044 (HNCP) CVE-2017-13045 (VQP) CVE-2017-13046 (BGP) CVE-2017-13047 (ISO ES-IS) CVE-2017-13048 (RSVP) CVE-2017-13049 (Rx) CVE-2017-13050 (RPKI-Router) CVE-2017-13051 (RSVP) CVE-2017-13052 (CFM) CVE-2017-13053 (BGP) CVE-2017-13054 (LLDP) CVE-2017-13055 (ISO IS-IS) CVE-2017-13687 (Cisco HDLC) CVE-2017-13688 (OLSR) CVE-2017-13689 (IKEv1) CVE-2017-13690 (IKEv2) CVE-2017-13725 (IPv6 routing headers) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> (cherry picked from commit b5c46e9f8e078e98d4888d5ce8749ca126bbd1cc) Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-09-18tcpdump: update to 4.9.1 to fix CVE-2017-11108Wenzong Fan
Summary for 4.9.1 tcpdump release CVE-2017-11108/Fix bounds checking for STP. Make assorted documentation updates and fix a few typos in tcpdump output. Fixup -C for file size >2GB (GH #488). Show AddressSanitizer presence in version output. Fix a bug in test scripts (exposed in GH #613). On FreeBSD adjust Capsicum capabilities for netmap. On Linux fix a use-after-free when the requested interface does not exist. Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> (cherry picked from commit 60b416317225d76e9374cb63807f1e1831f9f671) Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-09-13ruli: FIx build with hardening flagsKhem Raj
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-09-13ruli: Fix build with hardening flagsKhem Raj
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-09-13linux-atm: Fix build with hardening flagsKhem Raj
Port to build on musl while here Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-09-13wireshark: Upgrade to 2.2.7fan.xin
Upgrade wireshark from 2.2.6 to 2.2.7 Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> This update add bug and security fixes. Bazaar dissector infinite loop (Bug 13599) CVE-2017-9352 DOF dissector read overflow (Bug 13608) CVE-2017-9348 DHCP dissector read overflow (Bug 13609, Bug 13628) CVE-2017-9351 SoulSeek dissector infinite loop (Bug 13631) CVE-2017-9346 DNS dissector infinite loop (Bug 13633) CVE-2017-9345 DICOM dissector infinite loop (Bug 13685) CVE-2017-9349 openSAFETY dissector memory exhaustion (Bug 13649) CVE-2017-9350 BT L2CAP dissector divide by zero (Bug 13701) CVE-2017-9344 MSNIP dissector crash (Bug 13725) CVE-2017-9343 ROS dissector crash (Bug 13637) CVE-2017-9347 RGMP dissector crash (Bug 13646) CVE-2017-9354 IPv6 dissector crash (Bug 13675) CVE-2017-9353 Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-09-13traceroute: Move manual pages from mandir to man8 under itLi Zhou
Traceroute's manual pages are installed in /usr/share/man, which should be placed in /usr/share/man/man8. Correct this. Signed-off-by: Li Zhou <li.zhou@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-07-17open-isns: fix QA issueQi.Chen@windriver.com
Fix the following QA issue. ERROR: open-isns-0.97-r0 do_package: QA Issue: open-isns: Files/directories were installed but not shipped in any package: /usr/lib /usr/lib/systemd /usr/lib/systemd/system /usr/lib/systemd/system/isnsd.socket /usr/lib/systemd/system/isnsd.service Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-07-17drbd-utils: remove /var/lock to avoid conflictJackie Huang
Remove the empty /var/lock to avoid conflict with base-files: | Error: Transaction check error: file /var/lock conflicts between attempted installs of drbd-utils-8.9.6-r0.core2_64 and base-files-3.0.14-r89.qemux86_64 Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-07-17drbd-utils: fix dependency for perl under small-fsYadi.hu
Perl script drbd-overview fails to run due to some of perl's lib noexists under small rootfs,fixing it through adding explicit definitions Signed-off-by: Marius Tiplea <marius.tiplea@windriver.com> Signed-off-by: Yadi.hu <yadi.hu@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-07-17netcat-openbsd: correct subdir for SRC_URIMingli Yu
* Correct subdir to let the second source file netcat-openbsd_${PV}-7.debian.tar.gz unpacked under the correct folder to avoid below error when do_patch in multilib env. | DEBUG: Executing python function do_patch | DEBUG: Executing shell function netcat_do_patch | No patch removed | No series file found | WARNING: exit code 2 from a shell command. Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-04-27strongswan: Split pluginsDavid Vincent
strongSwan offers a plugin mechanism therefore it should not be mandatory to install all of them when installing the package. Each plugin is now a self-contained package with the library and its configuration. To remain compatible with the current configuration, a default set of plugins has been selected as RDEPENDS of the main package. This default list is based on the default strongSwan list minus some plugins enabled via PACKAGECONFIG (see https://wiki.strongswan.org/projects/strongswan/PluginList). Signed-off-by: David Vincent <freesilicon@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25dovecot: 2.2.25 -> 2.2.29Huang Qiyu
Upgrade dovecot from 2.2.25 to 2.2.29. Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25yp-tools: Fix build with gcc7Khem Raj
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25libtalloc: Upgrade to 2.1.9Khem Raj
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25lowpan-tools: Fix build with gcc7Khem Raj
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25memcached: Upgrade to 1.4.36Khem Raj
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25ipsec-tools: Fix build with gcc7Khem Raj
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25tinyproxy: Add recipeBenjamin Gaignard
Signed-off-by: Benjamin Gaignard <benjamin.gaignard@linaro.org> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25lowpan-tools: Fix build with clangKhem Raj
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25mtr: Upgrade 0.87+gitKhem Raj
Fixes for musl build are not in a release yet until then switch to using git for SRC_URI License file changes are here https://github.com/traviscross/mtr/commit/dd42b2305a94dcbf80847410be0288df29d6a5ef Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25wireshark: update to 2.2.6Armin Kuster
The following vulnerabilities have been fixed: * [1]wnpa-sec-2017-12 IMAP dissector crash ([2]Bug 13466) [3]CVE-2017-7703 * [4]wnpa-sec-2017-13 WBMXL dissector infinite loop ([5]Bug 13477) [6]CVE-2017-7702 * [7]wnpa-sec-2017-14 NetScaler file parser infinite loop ([8]Bug 13478) [9]CVE-2017-7700 * [10]wnpa-sec-2017-15 RPCoRDMA dissector infinite loop ([11]Bug 13558) [12]CVE-2017-7705 * [13]wnpa-sec-2017-16 BGP dissector infinite loop ([14]Bug 13557) [15]CVE-2017-7701 * [16]wnpa-sec-2017-17 DOF dissector infinite loop ([17]Bug 13453) [18]CVE-2017-7704 * [19]wnpa-sec-2017-18 PacketBB dissector crash ([20]Bug 13559) * [21]wnpa-sec-2017-19 SLSK dissector long loop ([22]Bug 13576) * [23]wnpa-sec-2017-20 SIGCOMP dissector infinite loop ([24]Bug 13578) * [25]wnpa-sec-2017-21 WSP dissector infinite loop ([26]Bug 13581) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25openvpn: avoid hardcoded pathAndrea Galbusera
Signed-off-by: Andrea Galbusera <gizero@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25openvpn: avoid packaging /runAndrea Galbusera
/run is in FILES_${PN} but nothing either populate or even create it. Signed-off-by: Andrea Galbusera <gizero@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25openvpn: openvpn-volatile.conf: avoid hardcoded localstatedirAndrea Galbusera
Signed-off-by: Andrea Galbusera <gizero@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25openvpn: remove duplicate attempt to create dir in ${localstatedir}Andrea Galbusera
When systemd is in DISTRO_FEATURES we have two attempts to create ${localstatedir}/run/openvpn: one at build time with install command and the other via systemd-tmpfiles at runtime which is enabled by installing openvpn-volatile.conf. Beside looking redundant, by dropping the build-time dir creation attempt solves the following error when building images with both base-files and openvpn: Error: Transaction check error: file /var/run conflicts between attempted installs of openvpn-2.3.9-r0.cortexa7hf_neon_vfpv4 and base-files-3.0.14-r89.raspberrypi3 Signed-off-by: Andrea Galbusera <gizero@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25openvpn: ensure ${sysconfdir}/tmpfiles.d is packagedAndrea Galbusera
The file was installed but never packaged, ending up in no systemd-tmpfiles configuration on the final rootfs. Signed-off-by: Andrea Galbusera <gizero@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25uftp: Add recipeJaap de Jong
To: openembedded-devel@lists.openembedded.org Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25ntimed: Use adjtimex on muslKhem Raj
Drop do_compile, default is same Do not assume that configure is running in S Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25arptables: Upgrade to 0.0.4Khem Raj
Switch the SRC_URI to git based fetcher Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25lowpan-tools: Fix build with muslKhem Raj
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25netcat-openbsd: Fix build and whitelistKhem Raj
pkgconfig is used so we need to inherit pkgconfig secondly, base64 support is added for it to work with musl Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25ntp: update to 4.2.8.p10Armin Kuster
LICENSE_FILE md5 changed do to copyright date change. NTF's NTP Project is releasing ntp-4.2.8p10, which addresses: 6 MEDIUM severity vulnerabilities (1 is about the Windows PPSAPI DLL) 5 LOW severity vulnerabilities (2 are in the Windows Installer) 4 Informational-level vulnerabilities 15 other non-security fixes and improvements All of the security issues in this release are listed in VU#633849. ntp-4.2.8p10 was released on 21 March 2017. Sec 3389 / CVE-2017-6464 / VU#325339: NTP-01-016 NTP: Denial of Service via Malformed Config (Pentest report 01.2017) Sec 3388 / CVE-2017-6462 / VU#325339: NTP-01-014 NTP: Buffer Overflow in DPTS Clock (Pentest report 01.2017) Sec 3387 / CVE-2017-6463 / VU#325339: NTP-01-012 NTP: Authenticated DoS via Malicious Config Option (Pentest report 01.2017) Sec 3386: NTP-01-011 NTP: ntpq_stripquotes() returns incorrect Value (Pentest report 01.2017) Sec 3385: NTP-01-010 NTP: ereallocarray()/eallocarray() underused (Pentest report 01.2017) Sec 3384 / CVE-2017-6455 / VU#325339: NTP-01-009 NTP: Windows: Privileged execution of User Library code (Pentest report 01.2017) Sec 3383 / CVE-2017-6452 / VU#325339: NTP-01-008 NTP: Windows Installer: Stack Buffer Overflow from Command Line (Pentest report 01.2017) Sec 3382 / CVE-2017-6459 / VU#325339: NTP-01-007 NTP: Windows Installer: Data Structure terminated insufficiently (Pentest report 01.2017) Sec 3381: NTP-01-006 NTP: Copious amounts of Unused Code (Pentest report 01.2017) Sec 3380: NTP-01-005 NTP: Off-by-one in Oncore GPS Receiver (Pentest report 01.2017) Sec 3379 / CVE-2017-6458 / VU#325339: NTP-01-004 NTP: Potential Overflows in ctl_put() functions (Pentest report 01.2017) Sec 3378 / CVE-2017-6451 / VU#325339: NTP-01-003 Improper use of snprintf() in mx4200_send() (Pentest report 01.2017) Sec 3377 / CVE-2017-6460 / VU#325339: NTP-01-002 Buffer Overflow in ntpq when fetching reslist (Pentest report 01.2017) Sec 3376: NTP-01-001 Makefile does not enforce Security Flags (Pentest report 01.2017) Sec 3361 / CVE-2016-9042 / VU#325339: 0rigin Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-25ctdb: Fix build with muslKhem Raj
Fixes | ./utils/smnotify/smnotify.h:9:10: fatal error: 'rpc/rpc.h' file not found | #include <rpc/rpc.h> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-04-05recipes: add removal date to PNBLACKLIST messagesMartin Jansa
* based on discussion in pndeprecated thread: https://patchwork.openembedded.org/patch/137573/ update the messages to warn possible users that the recipe will be removed before the end of the next development cycle (before Yocto 2.4 is released). * updated with: sed -i 's/^\(PNBLACKLIST.*".*\)"/\1 - the recipe will be removed on 2017-09-01 unless the issue is fixed"/g' `git grep PNBLACKLIST | sed 's/:.*//g' | sort -u | xargs` * then noticed couple recipes being blacklisted only based on DISTRO_FEATURES, so removed those: meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.17.bb meta-oe/recipes-connectivity/bluez/bluez-hcidump_2.5.bb meta-oe/recipes-connectivity/bluez/bluez4_4.101.bb meta-oe/recipes-connectivity/bluez/gst-plugin-bluetooth_4.101.bb meta-oe/recipes-navigation/foxtrotgps/foxtrotgps_1.1.1.bb meta-oe/recipes-navigation/gypsy/gypsy.inc meta-oe/recipes-navigation/navit/navit.inc meta-oe/recipes-support/opensync/libsyncml_0.5.4.bb * if it isn't fixed by this date, it's fair game to be removed whenever someone gets around to i Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2017-03-24curlpp: 0.7.3 -> 0.8.1Kai Kang
Upgrade curlpp from 0.7.3 to 0.8.1. The main difference between 0.7.x and 0.8.0 is that it replaces autotools with cmake, see https://github.com/jpbarrette/curlpp/releases/tag/v0.8.0 The homepage of curlpp on googlecode is obsoleted, so update it and use soure code repo on github. Remove dependency boost which is dropped by upstream. And remove extra CXXFLAGS which has been fixed by upstream. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-03-24dovecot: Use libtirpc to provide rpc on musl systemsKhem Raj
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-03-24ipsec-tools: Fix build with muslKhem Raj
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-03-24libmemcached: Upgrade to 1.0.18Khem Raj
Fix with musl along Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-03-24chrony: fix build failure for arma9Joe Slater
Eliminate references to syscalls not available for ARM_EABI. Also add a dependency on libseccomp which is needed for scfilter to work. Set PACKAGECONFIG to not enable scfilter, since kernel CONFIG_SECCOMP is unlikely to be set. This aligns the usage of libseccomp with that of other packages. Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-03-24wireshark: update to 2.2.5Oleksandr Kravchuk
Signed-off-by: Oleksandr Kravchuk <oleksandr.kravchuk@pelagicore.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-03-23dnsmasq: add info for port settingJackie Huang
The info is taken from CentOS which is usefull when bind (provides named) and dnsmasq are both installed and one may fail to start: | dnsmasq: failed to create listening socket for port 53: Address already in use Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-03-23netcf_git: Check if src != dst while moving files.Amarnath Valluri
Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-27 08:42:14 +0000