aboutsummaryrefslogtreecommitdiffstats
path: root/meta-webserver
AgeCommit message (Collapse)Author
2015-01-08phpmyadmin: update to 4.3.4Paul Eggleton
Drop patches merged upstream. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2015-01-08xdebug: update to 2.2.6Paul Eggleton
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2015-01-08xdebug: fix DEPENDS and un-blacklistPaul Eggleton
Now we use a single php recipe there is no conflict. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2015-01-08README: update for modphp merging into phpPaul Eggleton
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2015-01-08modphp: removePaul Eggleton
This is now built out of the standard php recipe. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2014-12-19phpmyadmin: don't install patchesWenzong Fan
Don't install local patch files to target. Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-12-17PNBLACKLIST: use weak assignmentsMartin Jansa
* this makes it easier to unblacklist it from local.conf which is parsed before the recipes Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-12-09apache2: add PACKAGECONFIG for selinuxWenzong Fan
Add PACKAGECONFIG for 'selinux', otherwise there would be warnings like below: WARN: apache2: apache2 rdepends on libselinux, but it isn't a build dependency? Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-10-31webmin: remove init script for gentooChong.Lu@windriver.com
The configure.initd.gentoo script is used for gentoo, it is invalid for oe. So remove it to solve the following warning: webmin-1.700: webmin-module-ajaxterm requires /sbin/runscript, but no providers in its RDEPENDS [file-rdeps] Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
2014-10-31phpmyadmin: fix for Security Advisory CVE-2014-7217Roy Li
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the (1) table search or (2) table structure page, related to libraries/TableSearch.class.php and libraries/Util.class.php. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7217 Signed-off-by: Roy Li <rongqing.li@windriver.com>
2014-10-31phpmyadmin: fix for Security Advisory CVE-2014-5274Roy Li
Cross-site scripting (XSS) vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5274 Signed-off-by: Roy Li <rongqing.li@windriver.com>
2014-10-31phpmyadmin: fix for Security Advisory CVE-2014-5273Roy Li
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) browse table page, related to js/sql.js; (2) ENUM editor page, related to js/functions.js; (3) monitor page, related to js/server_status_monitor.js; (4) query charts page, related to js/tbl_chart.js; or (5) table relations page, related to libraries/tbl_relation.lib.php. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5273 Signed-off-by: Roy Li <rongqing.li@windriver.com>
2014-10-31apache: add fix for CVE-2014-0117 Security AdvisoryKang Kai
The patch comes from upstream: http://svn.apache.org/viewvc?view=revision&revision=1610674 SECURITY (CVE-2014-0117): Fix a crash in mod_proxy. In a reverse proxy configuration, a remote attacker could send a carefully crafted request which could crash a server process, resulting in denial of service. Thanks to Marek Kroemeke working with HP's Zero Day Initiative for reporting this issue. Submitted by: Edward Lu, breser, covener Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com> Signed-off-by: Kai Kang <kai.kang@windriver.com>
2014-10-30modphp: Security Advisory - php - CVE-2014-3597Yue Tao
Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3597 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-10-30modphp: Security Advisory - php - CVE-2014-3587Yue Tao
Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3587 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-10-30modphp: Security Advisory - php - CVE-2014-5120Yue Tao
gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) imagewebp function. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5120 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-10-27modphp, xdebug: blacklist because of conflict with phpMartin Jansa
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-10-27Monkey: new v1.5.4 release.Eduardo Silva
This patch add the new Monkey HTTP Server v1.5.4. For more details about software changes please visit: http://monkey-project.com/Announcements/v1.5.4 === Build Tests == This version have been tested on Yocto/Daisy based on RPM. monkey-yocto/a617991e40bd5c3779ad7b3689f78857d3e45248 Signed-off-by: Eduardo Silva <eduardo@monkey.io> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-10-14modphp: using PKGCONFIG and PACKAGECONFIG for libxml and soapRoy.Li
Signed-off-by: Roy.Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-09-26webmin: fix hardcode of python2.3Robert Yang
Use "/usr/bin/env python" to fix it. Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
2014-09-26apache2: split apache2-scripts subpkgRobert Yang
Split apache2-scripts subpkg to put the perl script dbmmanage, so that apache2 doesn't have to RDEPEND on perl. Add another perl script apxs to apache2-dev pkg as Olof Johansson suggested. Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
2014-09-26phpmyadmin: add bash to RDEPENDS_phpmyadminRobert Yang
Bashism: possible bashism in plugins/transformations/generator_plugin.sh line 16 (echo -e): echo -e "Usage: ./generator_plugin.sh MIMEType MIMESubtype TransformationName [Description]\n" possible bashism in plugins/transformations/generator_plugin.sh line 28 (${parm,[,][pat]} or ${parm^[^][pat]}): MT="${MT^}" possible bashism in plugins/transformations/generator_plugin.sh line 29 (${parm,[,][pat]} or ${parm^[^][pat]}): MS="${MS^}" possible bashism in plugins/transformations/generator_plugin.sh line 30 (${parm,[,][pat]} or ${parm^[^][pat]}): TN="${TN^}" possible bashism in plugins/transformations/generator_plugin.sh line 51 (should be 'b = a'): if [ "$4" == "--generate_only_main_class" ]; then Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
2014-08-27apache2: add systemd unit fileChen Qi
Add systemd unit file for apache2. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-08-27monkey: new v1.5.3 release.Eduardo Silva
This patch add the new Monkey HTTP Server v1.5.3. For more details about software changes please visit: http://monkey-project.com/Announcements/v1.5.3 === Build Tests == This version have been tested on Yocto/Daisy being packaged and deployed on images based on RPM successfully. monkey-yocto/672eadb254e754b91efe691a6594985ee6d9a22e Signed-off-by: Eduardo Silva <eduardo@monkey.io> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-08-23webmin: uprev from 1.620 to 1.700Jackie Huang
Changed: - Adjust or remake the following patches based on 1.700: init-exclude.patch exports-lib.pl.patch Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-08-21fcgi: move recipe and patches to correct folderYangHaibo
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: YangHaibo <b40869@freescale.com>
2014-08-11webmin: explicitly list some packages, drop perl-module-timelocal rdepMartin Jansa
* perl-module-time-local is already in RDEPENDS (I guess it's the same thing as perl-module-timelocal without the last dash) * list some packages explicitly so that bitbake finds their RDEPENDS correctly * fixes following warnings: webmin-1.620: webmin-module-raid rdepends on mdadm, but it isn't a build dependency? [build-deps] webmin-1.620: webmin-module-proc rdepends on procps, but it isn't a build dependency? [build-deps] webmin-1.620: webmin rdepends on perl-module-timelocal, but it isn't a build dependency? [build-deps] Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-08-10integrate fcgi-2.4.0 and add OML license fileYangHaibo
Signed-off-by: YangHaibo <b40869@freescale.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2014-08-10phpmyadmin: update to 4.2.7Paul Eggleton
Note that this now requires MariaDB/MySQL 5.5+. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2014-08-10modphp: update to 5.5.15Paul Eggleton
LIC_FILES_CHKSUM changed since the copyright year changed. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2014-08-10apache2: update to 2.4.10Paul Eggleton
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2014-08-10apache2: do not patch generated filePaul Eggleton
We already patch configure.ac and we're not bypassing autoreconf, so we don't need to patch configure as well. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2014-08-10monkey: new v1.5.2 release.Eduardo Silva
This patch add the new Monkey HTTP Server v1.5.2. The new Bitbake file contains the modifications suggested over the patch set for v1.5.1. It specify each configuration file for CONFFILES_${PN}. For more details about software changes please visit: http://monkey-project.com/Announcements/v1.5.2 === Build Tests == This version and new Bitbake file have been tested on Yocto/Daisy being packaged and deployed on images based on rpm and ipk successfully. monkey-yocto/70d57bfd19c01ec055db57e35385ffc4185ae186 Signed-off-by: Eduardo Silva <eduardo@monkey.io> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-08-01monkey: new v1.5.1 release.Eduardo Silva
This patch add the minor release fix of Monkey HTTP Server v1.5.1. It fixes some problems when switching user when started as root. Signed-off-by: Eduardo Silva <eduardo@monkey.io> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-07-24webmin: make reconfigure webmin be able to workRoy Li
when move a file, test if this file exist or not Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-07-21webmin: drop allarchAnders Darander
* runtime dependencies are TUNE_PKGARCH causing do_package_write_* task to have different signature for MACHINEs with different TUNE_PKGARCH Signed-off-by: Anders Darander <anders@chargestorm.se> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-07-15meta-webserver: use BPN in SRC_URIRobert Yang
Fixed SRC_URI: * ${PN} -> ${BPN}, use ${BP} if it was ${PN}-${PV} * ${P} -> ${BP} Otherwise we would meet do_fetch errors when we do the multilib, native or nativesdk build. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-07-15recipes: Add missing pkgconfig dependenciesRichard Purdie
These recipes were all missing pkgconfig dependencies. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-06-21recipes: add missing pkgconfig class inheritsRichard Purdie
* These recipes all use pkg-config in some way but were missing dependencies on the tool, this patch adds them. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-06-21apache2(-native): use pkg-config for pcre detectionKoen Kooi
Also fixup apache2-native recipe to use autotools and SEPB. Signed-off-by: Koen Kooi <koen.kooi@linaro.org> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-06-21sthttpd: improve init scripts to use config fileJack Mitchell
Rather than put hardcoded values into the init scripts, use a config file. The SRV_DIR is a special value as it should be used in the conifg file and also passed to make so it can put the html files in the correct directory. Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-06-18webmin: split out webmin themesAnders Darander
The default set of themes taks up ~13MB, with a couple of them weighting in at ~5MB each. Let's split the themes to separate packages, to allow a considerable size reduction of the core webmin package (from +15MB to 2.1MB on my build host). Signed-off-by: Anders Darander <anders@chargestorm.se>
2014-06-18webmin: allow override of webmin login and passwordAnders Darander
Don't hardcode the webmin login and password in the install script. Instead, extract them to variables, to allow us to override them in a bbappend. Signed-off-by: Anders Darander <anders@chargestorm.se>
2014-06-12monkey: fix broken separate build with workaroundEduardo Silva
This patch make use of autotools-brokensep on main recipe to avoid a broken build when using a different build directory. monkey-yocto/f15c9e7cd9143ce8486ae5e78db9092238c3d0ec Signed-off-by: Eduardo Silva <eduardo@monkey.io>
2014-06-07monkey: add Monkey HTTP ServerEduardo Silva
This patch adds the Monkey HTTP Server v1.5.0 recipes. The content on this patch includes the modifications suggested by people in the Maling List. Signed-off-by: Eduardo Silva <eduardo@monkey.io>
2014-05-13xdebug: add license filePaul Eggleton
Add the Xdebug license file to avoid a missing generic license file warning during building. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2014-05-13xdebug: update to 2.2.5Paul Eggleton
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2014-05-13phpmyadmin: update to 4.2.0Paul Eggleton
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2014-05-13modphp: update to 5.5.12Paul Eggleton
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2014-05-03xdebug: fix for S != BPaul Eggleton
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>