| Age | Commit message (Collapse) | Author |
|---|
|
with make 4.4, linuxptp do_compile will failed with error:
In file included from clock.c:35:
missing.h:61:9: error: redeclaration of enumerator 'HWTSTAMP_TX_ONESTEP_P2P'
61 | HWTSTAMP_TX_ONESTEP_P2P = 3,
| ^~~~~~~~~~~~~~~~~~~~~~~
In file included from clock.c:21:
/buildarea2/WRLCD_Regression/Rerun/build_dir/11201532-build_scp_world_Feature_Test/qemux86-64-standard-std-OE/build/tmp-glibc/work/core2-64-wrs-linux/linuxptp/3.1.1-r0/recipe-sysroot/usr/include/linux/net_tstamp.h:128:9: note: previous definition of 'HWTSTAMP_TX_ONESTEP_P2P' with type 'enum hwtstamp_tx_types'
128 | HWTSTAMP_TX_ONESTEP_P2P,
|
Following change of make 4.4 changes behavior of shell function:
* WARNING: Backward-incompatibility!
Previously makefile variables marked as export were not exported to commands
started by the $(shell ...) function. Now, all exported variables are
exported to $(shell ...).
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Backport of commit 05c1003c4 ("linuxptp: fix do_compile error").
This is present in dunfell/kirkstone as well. If net_tstamp.h of the
build host disagrees with net_tstamp.h of the OE kernel or I remove
the build host's net_tstamp.h do_compile fails.
Changed Upstream Status to Backport with the git sha as the commit is
now applied upstream.
Signed-off-by: Max Krummenacher <max.krummenacher@toradex.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
CVE-2023-32726:
The vulnerability is caused by improper check for check
if RDLENGTH does not overflow the buffer in response
from DNS server.
CVE-2023-32727:
An attacker who has the privilege to configure Zabbix
items can use function icmpping() with additional
malicious command inside it to execute arbitrary code
on the current Zabbix server.
Refernces:
https://nvd.nist.gov/vuln/detail/CVE-2023-32726
https://security-tracker.debian.org/tracker/CVE-2023-32726
https://nvd.nist.gov/vuln/detail/CVE-2023-32727
https://security-tracker.debian.org/tracker/CVE-2023-32727
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The command "bitbake universe -c fetch" currently throws a ton of warnings
as there are many 'impossible' dependencies.
In some cases these variants may never have worked and were just added by copy
and paste of recipes. In some cases they once clearly did work but became
broken somewhere along the way. Users may also be carrying local bbappend files
which add further BBCLASSEXTEND.
Having universe fetch work without warnings is desireable so clean up the broken
variants. Anyone actually needing something dropped here can propose adding it
and the correct functional dependencies back quite easily. This also then
ensures we're not carrying or fixing things nobody uses.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9962d57f7c235873de0a0bb192b5f56747762fc7)
Backport:
* Updated paths to follow PV changes
* Adapted modified recipes to the ones generating warnings
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This is needed to be able to build mosquitto-native.
The dependency on libcap when building for native is needed because
cmake will pick up the existence of libcap from the host, but then the
build fails if it is not available in the sysroot. Unfortunately, there
does not seem to be any way to explicitly tell cmake to not build with
libcap.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c083e0569ad80d11b4f5cfdfa89acdd4264d8152)
Backported: Updated paths to follow PV changes.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
An issue was discovered in the C AMQP client library (aka rabbitmq-c) through
0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g.,
for amqp-publish or amqp-consume) and are thus visible to local attackers by
listing a process and its arguments.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2023-35789
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2
and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote
authenticated user can trigger a kadmind crash. This occurs because
_xdr_kadm5_principal_ent_rec does not validate the relationship
between n_key_data and the key_data array count.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-36054
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
JavaScript pre-processing can be used by the attacker to gain
access to the file system (read-only access on behalf of user
"zabbix") on the Zabbix Server or Zabbix Proxy, potentially
leading to unauthorized access to sensitive data.
Reference:
https://support.zabbix.com/browse/ZBX-22588
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
JavaScript preprocessing, webhooks and global scripts can cause
uncontrolled CPU, memory, and disk I/O utilization.
Preprocessing/webhook/global script configuration and testing
are only available to Administrative roles (Admin and Superadmin).
Administrative privileges should be typically granted to users
who need to perform tasks that require more control over the system.
The security risk is limited because not all users have this level
of access.
References:
https://support.zabbix.com/browse/ZBX-22589
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Refer: https://support.zabbix.com/browse/ZBX-22587
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upstream-Status: Backport from https://github.com/krb5/krb5/commit/4e661f0085ec5f969c76c0896a34322c6c432de4
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Some old CVEs don't have a vulnerable version range in the NVD database,
this causes come mismatch with cve-check. Ignore many CVEs that are
picked up by the class but are patched in our products.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit efa12676dd0676fd0aa63457d7ba360fe8a6fae2)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Without CVE_PRODUCT set to apache:thrift cve-check was catching
CVEs form facebook:thrift that are not related with this product.
Now the report is correct.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
|
|
This upgrade CVE fix:
CVE-2022-24349
CVE-2022-24917
CVE-2022-24918
CVE-2022-24919
Signed-off-by: Changqing Li <changqing.li@windriver.com>
|
|
* A new connection status dispatcher setup is provided, where users can
provide custom scripts that will be called on bearer connect/disconnect
events. This dispatcher will make the netifd integration in openwrt work
much better, as we'll be able to report network-initiated disconnections
cleanly to netifd.
There are no default connection status dispatcher scripts installed, but
it's suggested distributions make sure the following directories exist:
- ${sysconfdir}/ModemManager/connection.d/
- ${libdir}/ModemManager/connection.d/
* API:
** Add missing Simple interface definitions in ModemManager-names.h.
* Build:
** meson: fix daemon enums dependencies.
** meson: fix port enums includes.
** meson: fix 'export_packages' in GIR setup.
** meson: fix simtech plugin module name.
** systemd: don't run ModemManager in containers.
* Core:
** serial: ensure the port object is valid after BUFFER_FULL handling.
** netlink: use unaligned netlink attribute length.
** netlink: only change IFF_UP flag.
** bearer: match unknown auth to chap in loose comparisons.
** charsets: return error if UTF-8 validation fails.
** fcc-unlock: make scripts POSIX shell compatible.
** modem-helpers: consider minimum ID when choosing best profile.
** modem-helpers: fix reading <Act> given in COPS=? responses.
** sms: prevent crash if date is out of range.
** profile-manager: fix copy-paste error on tags for quarks.
* QMI:
** Ignore slot status indications until initial status is known.
** Return error when loading capabilities if none is found.
* MBIM:
** Default initial EPS bearer's auth to chap when unknown.
** Update default error when network error is out of range.
* mmcli:
** Fix key length when printing list of items.
* Plugins:
** linktop: new port type hints.
** cinterion: add support for PLSx3w modems
** huawei: disable +CPOL based features in Huawei E226
* Several other minor improvements and fixes.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
in PACKAGECONFIG. This fixes a FTBFS due to missing dependency.
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a9e6d16e6640d105ecf3470ab891598034c9ef33)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The mosh-server has no dependency on perl - upstream is explicit:
Mosh has a Perl dependency that is only required for client use. For
some platforms, it may make sense to have separate mosh-server and
mosh-client packages to allow mosh-server usage without Perl.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Alex Kiernan <alexk@zuma.ai>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Changelog:
==========
- C++ library don't work with HTTP (csharp server, cpp client; need cross test enhancement)
- Swift service generator doesn't support oneway
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
License-Update: Copyright Marcus Meissner <marcus@jet.franken.de> year updated to 2018
Changelog:
==========
- Lots of USB ids added, especially Garmin devices
- use a local libusb context, not the global one
- various bugfixes
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
remove patch 0001-fix-undefined-bswap32-and-bswap64-errors-for-MIPS-ma.patch
Upstream Status: Accepted [https://github.com/libimobiledevice/libimobiledevice-glue/commit/17a2b964ca9c94f6615994ba2179bf4228e31236]
subtree update: ecb0996fd2..bc6c44b920
Nikias Bassen (4):
[github-actions] Use windows-2019 instead of windows-latest for now
socket: Add socket_get_socket_port function
utils: Close file if buffer allocation fails in
buffer_read_from_filename()
Updated README with pkg-config requirement
Potin Lai (1):
Fix undefined bswap32 and bswap64 for MIPS machine
Signed-off-by: Potin Lai <potin.lai@quantatw.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
libirecovery is a cross-platform library which implements communication
to iBoot/iBSS found on Apple's iOS devices via USB.
Signed-off-by: Potin Lai <potin.lai@quantatw.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Add patch for fixing undefiened bswap32 & bswap64 error on MIPS machine
Signed-off-by: Potin Lai <potin.lai@quantatw.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
libimobiledevice-glue is the library with common code used by the
libraries and tools around the libimobiledevice project.
Signed-off-by: Potin Lai <potin.lai@quantatw.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Service release.
Issues resolved: https://github.com/eclipse/paho.mqtt.c/milestone/17?closed=1
Signed-off-by: Matthias Klein <matthias@extraklein.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Recipe changes:
* Switch to meson and git. From release notes of ModemManager:
"The next major release will likely be a meson-only one, and will therefore
not be based on a source release tarball any more, but on specific git tags
instead. The tar archive does not even contain the meson.build file."
* Update licenses to -or-later (warning about deprecated licenses)
* Make vala dependecy optional
* Delete redundant package split lines
* add missing dbus dependency
The most important features and changes in this release are the following:
* Data session multiplexing can now be enabled in QMI and MBIM modems, e.g. so
that multiple different APNs can be connected separately over a single
network interface. The multiplexing is disabled by default in this release,
except for cases where it's required (e.g. if non-multiplexed sessions aren't
supported) like IPA based Qualcomm SoCs. Users can request the multiplexing
support explicitly via settings when creating the connection bearer object.
In order to allow easy testing of the multiplexing feature without requiring
any additional change in the stack, a new '--test-multiplex-requested' option
in the daemon allows to switch the default (when not explicitly given by the
user) to attempt to use multiplexing.
It is worth noting that when multiplexing is enabled, the data network
interface used by the modem will be a virtual network interface created in
runtime, and will therefore have a different name than the real network
interface exposed by the modem. If there are additional settings in the
system relying on the data network interface name (e.g. iptables rules), they
may need to be updated.
* The ModemManager daemon can run now in a 'quick suspend/resume' mode, in
which no explicit data disconnection is triggered on suspend, and no explicit
device re-probing from scratch is launched on resume. Instead, the daemon
will try to refresh the state of all interfaces upon suspend, e.g. to see if
the module keeps registered to the same operator, to see if it is still
connected, and so on.
This mode of operation is useful when the WWAN module stays awake while the
host is suspended, and can be enabled with the '--test-quick-suspend-resume'
option in the daemon.
* API:
** New '3gppProfileManager' interface, providing operations on the list of
connection profiles stored in the 3GPP module. This interface is
implemented for all AT, QMI and MBIM protocols.
** New 'DisableFacilityLock()' method in the 3GPP interface, implemented for
QMI and MBIM devices.
** The 'MaxBearers' property is now deprecated, as it didn't provide any
additional information to what 'MaxActiveBearers' already provides.
** New 'MaxActiveMultiplexedBearers' property, listing how many bearers can
be connected at the same time if multiplexing is enabled.
** New settings in the bearer properties, applicable to both the
'Simple.Connect()' and 'Modem.CreateBearer()' methods:
*** 'multiplex': which allows the user to specify whether multiplexing
should be avoided ('none'), whether it should be mandatory
('required') or whether it should be enabled if available or skipped
if unavailable ('requested').
*** 'profile-id': which allows the user to request a connection attempt
with an existing profile stored in the module.
*** 'apn-type': which allows the user to specify the purpose of a given
connection, e.g. the user could create a connection to an APN
providing default internet connectivity and another one to an APN
providing access to the MMS gateway. This setting may or may not be
stored in the module itself, it depends on the type of module.
** New 'Multiplexed' boolean property in the Bearer object, specifying
whether the bearer is connected through a multiplexed interface.
** New 'ConnectionError' property in the bearer object, specifying the last
error reported by the module during a failed connection attempt or during
a network-initiated disconnection.
** Updated the list of enum values in the MMMobileEquipmentError' type,
according to the error codes defined in v17.1.0 of 3GPP TS 27.007.
* Core:
** iconv() features support is detected at runtime, and logged when the
daemon starts.
** Updated the base modem object to allow plugins to specify the types of
data ports they support, based on the specific plugin implementations,
e.g. so that a modem supporting only AT+PPP can ignore NET ports and
vice versa.
** Added support for modems exposing control ports via QRTR channels.
* Modem interface:
** The Dual SIM logic that would iterate over all slots during initialization
is updated, so that we only report the information that we can gather
without any explicit slot change. E.g. with QMI we can know whether there
is a SIM in the non-active slot, and the ICCID of that SIM, but we cannot
know the MCCMNC or the operator name of the SIM unless we change to that
slot. We must not do slot changes arbitrarily like that, and so that logic
is removed, even if we lose some of the information that we were providing
in the interface.
* Location interface:
** The multi-sentence NMEA trace support is updated to include additional
possible trace types in addition to GSV (e.g. ALM, GSV, RTE, SFI) and also
when coming from other constellations, not just GPS.
* SIM:
** New 'PreferredNetworks' property and 'SetPreferredNetworks' method,
implemented using '+CPOL' for generic AT modems and 'NAS Get/Set Preferred
Networks' for QMI modems. Several different modules and plugins (e.g.
Sierra Wireless EM7345, Telit LN930, SIM7070, all Option and Iridium
devices...) have this feature explicitly disabled due to '+CPOL' not
behaving properly (even crashing the module sometimes).
* QMI:
** The logic that decides which data mode (802.3 or raw-ip) is used in
modules managed by the qmi_wwan driver changes in this release. Until now,
if a module reported itself as configured in 802.3 mode on boot, that mode
would be the one used in normal operation. Due to the new multiplexing
feature, this is no longer true, and if possible the daemon will always
try to switch the module to raw-ip, and fallback to 802.3 only if raw-ip
is unsupported.
** Enabled both AT and QMI indications for the messaging and voice interfaces
so that new SMS and call events are reported via both channels. This
solves issues seen in the Pinephone when waking up from suspend.
** Enabled network reject indications.
** If operator name not updated through standard indications, it will be
explicitly queried with 'NAS Get Plmn Name'.
** Added support for transfer-route MT messages.
** Increased the QMI open timeout to 45s, as required by the newest modules.
** Implemented additional logic to read the status of the different facility
locks in the module.
** Updated ICCID reading logic to parse it as hex instead of BCD.
** Improved handling of the MNC PCS digit in the operations involving MCCMNC.
** Automatically run the 'DPM Open Port' logic on IPA based setups to bind
the hardware tx/rx endpoints with the logical ones in the QMI protocol.
** Implemented support for the Voice interface and its operations, not only
standard voice call management, but also support for the supplementary
services. Voice call management will be done completely using QMI, even
if the new call indications are notified via AT URCs.
* MBIM:
** Implemented support for Dual SIM in non-QMI MBIM devices, using the
Microsoft Basic Connect Extensions service.
** Increased the timeout for the MBIM_CID_HOME_PROVIDER query to 30s.
** Updated to load model string using QMI over MBIM if available.
** Increased the MBIM open timeout to 45s, as required by the newest modules.
* SMS:
** Defined a common timeout of 180s for all send operations.
* libmm-glib:
** Updated with new methods and types to handle all the DBus API updates.
** Extended with additional methods in the Location3gpp object to get/set the
full operator MCCMNC string, instead of integers without MNC PCS digit
info.
** Extended the 'ModemLocation' interface with methods to get the signaled
location updates; i.e. without requiring an explicit GetLocation(), and
obviously only supported when location signaling is explicitly enabled.
** Updated the way the internal monitored properties are handled in the
different types, now using some handy helper macros to share the same
logic among all.
* Plugins:
** zte: disabled CIND/CMER support.
** qcom-soc: added support for QRTR+IPA based setups.
** qcom-soc: added support for the WWAN subsystem instead of RPMSG.
** quectel: enabled QGPSXTRA by default when starting the GNSS engine.
** quectel: add support for EM120/160 PCIe modules.
** quectel: added Firehose update method.
** ublox: added additional URAT combinations.
** ublox: flagged UBANDSEL as unsupported in the SARA-R4 and -N4 modules.
** cinterion: added new custom MBIM based modem with shared reset operation.
** cinterion: ignored the MBIM Intel Firmware Update service completely.
** foxconn: added custom carrier config setup for the T77W968 module.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
- Switching to meson and git because of the following statement from news file:
"The next major release will likely be a meson-only one, and will therefore
not be based on a source release tarball any more, but on specific git tags
instead."
- Add PACKAGECONFIG for qrtr.
- Updateing deprecated licenses acc. to
https://gitlab.freedesktop.org/mobile-broadband/libqmi/#license
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Changelog:
=========
Fix issue with handling abort of periodic scans.
Fix issue with handling connection when link goes down.
Fix issue with handling operating channel information.
Add support for encrypted network profile storage.
Add support for DPP initiating as a configurator.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Changelog:
=========
* Build:
** meson: switch to use the new python module in meson.
** meson: added a new boolean 'man' option in the meson setup to explicitly
enable or disable building the man pages.
** meson: removed the option to detect if rmnet is supported.
** meson: multiple updates to use newer meson features like install_dir(),
install_mode() or summary().
** meson: options 'mbim_qmux' and 'qrtr' are enabled by default and must be
explicitly disabled if they're not needed, there is no attempt to
autodetect whether they can be enabled or not.
* qmi-proxy:
** Remove assert when attempting to close ghost device.
* qmi-firmware-update:
** Use defaults if FLASH variables not reported, enabling support to flash
the new Sierra Wireless EM9190 and EM9191 modules.
* Several other minor improvements and fixes.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
ver 1.24:
Fix issue with handshake and missing rekeying support.
Fix issue with BSS ranking and zero signal strength.
Fix issue with setting OWE IE length correctly.
ver 1.23:
Fix issue with handling handshake offloading.
Fix issue with at_console and D-Bus policy.
ver 1.22:
Fix issue with handling periodic scanning.
Fix issue with handling scanning completion.
Fix issue with handling scanning for OWE auto-connect.
Add support for additional DPP features.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
0001-Prepare-for-CVE-2021-30004.patch.patch
CVE-2019-16275.patch
CVE-2019-5061.patch
CVE-2021-0326.patch
CVE-2021-27803.patch
CVE-2021-30004.patch
removed since they're included in 2.10
License-Update: year updated to 2022.
Changelog:
=========
* SAE changes
- improved protection against side channel attacks
[https://w1.fi/security/2022-1/]
- added option send SAE Confirm immediately (sae_config_immediate=1)
after SAE Commit
- added support for the hash-to-element mechanism (sae_pwe=1 or
sae_pwe=2)
- fixed PMKSA caching with OKC
- added support for SAE-PK
* EAP-pwd changes
- improved protection against side channel attacks
[https://w1.fi/security/2022-1/]
* fixed WPS UPnP SUBSCRIBE handling of invalid operations
[https://w1.fi/security/2020-1/]
* fixed PMF disconnection protection bypass
[https://w1.fi/security/2019-7/]
* added support for using OpenSSL 3.0
* fixed various issues in experimental support for EAP-TEAP server
* added configuration (max_auth_rounds, max_auth_rounds_short) to
increase the maximum number of EAP message exchanges (mainly to
support cases with very large certificates) for the EAP server
* added support for DPP release 2 (Wi-Fi Device Provisioning Protocol)
* extended HE (IEEE 802.11ax) support, including 6 GHz support
* removed obsolete IAPP functionality
* fixed EAP-FAST server with TLS GCM/CCM ciphers
* dropped support for libnl 1.1
* added support for nl80211 control port for EAPOL frame TX/RX
* fixed OWE key derivation with groups 20 and 21; this breaks backwards
compatibility for these groups while the default group 19 remains
backwards compatible; owe_ptk_workaround=1 can be used to enabled a
a workaround for the group 20/21 backwards compatibility
* added support for Beacon protection
* added support for Extended Key ID for pairwise keys
* removed WEP support from the default build (CONFIG_WEP=y can be used
to enable it, if really needed)
* added a build option to remove TKIP support (CONFIG_NO_TKIP=y)
* added support for Transition Disable mechanism to allow the AP to
automatically disable transition mode to improve security
* added support for PASN
* added EAP-TLS server support for TLS 1.3 (disabled by default for now)
* a large number of other fixes, cleanup, and extensions
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
For changes, see https://wammu.eu/news/gammu/
* Update HOMEPAGE to https://wammu.eu/
* Update download URL
* python-gammu is now a separate code base
License-Update: whitespace changes
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The Python bindings for gammu have been moved into a separate package
python-gammu.
Send patch upstream to replace distutils.version.StrictVersion with
packaging.version.parse and .Version
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
|
|
Changelog:
=========
Fix issue with handling disconnect events issued by AP.
Add experimental support for DPP feature.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Changelog:
- Fix issue with handling Hotspot 2.0 requirements.
- Add support for evict_nocarrier setting during roaming.
- Add support for experimental NetworkConfigurationAgent API.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Under some configuration, CMake may pick up the existence of python
from the native recipe sysroot and use that when linking for target,
resulting in the following error:
ld: .../recipe-sysroot-native/usr/lib/libpython3.10.so: error adding
symbols: file in wrong format
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Matthias Klein <matthias@extraklein.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Matthias Klein <matthias@extraklein.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
0001-netconfig-Use-s6_addr-instead-of-__in6_u.__u6_addr8.patch
removed since it is included in 1.19
ver 1.19:
Fix issue with handling OCV if offloading is supported.
Fix issue with handling SA Query on channel switch event.
Fix issue with starting FT-over-DS actions after roaming.
Add support for OWE transition networks.
Add support for extended key IDs.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The use of intltool was removed in the 1.8.0 release, back in 2018.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This patch updates SRC_URIs using git to include branch=master if no branch is set
and also to use protocol=https for github urls as generated by the conversion script
in OE-Core.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fix a few minor annoyances.
Signed-off-by: Zang Ruochen <zangrc.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
Changqing Li
Yogita Urade
Richard Purdie
Peter Kjellerstedt
Soumya Sambu
Hitendra Prajapati
Davide Gardenal
Adrian Freihofer
Gianfranco
Alex Kiernan
wangmy
Potin Lai
Matthias Klein
Khem Raj
Oleksandr Kravchuk
Tim Orling
Ross Burton
zhengruoqin
zangrc