Age | Commit message (Collapse) | Author |
|
In many scenarios the receipt of an EOF will coincide with the
teardown of the file which the FD is associated with by the
application on the other side of the file pipe. If a timeout (-t) is
used socat continues to poll for new data (read) and send any new data
(write) until the timeout. This can lead to input/output errors as the
FD exists still but the file it was openned on is gone, and no check
is done on writes.
To get around this a check is added after the EOF is received that the
file still exists, and if not we proceed to exit immediately. This
will avoid i/o errors and will also cause a quicker return as we don't
have to wait for the timeout.
The original author is Mark Asselstine <asselsm@gmail.com>.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The licenses were renamed to match their SPDX names, fix the
references in LIC_FILES_CHKSUM in OE-Core.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Bug fix only and includes two security fixes:
CVE-2021-26675
CVE-2021-26676
Changelog:
- Fix issue with scanning state synchronization and iwd.
- Fix issue with invalid key with 4-way handshake offloading.
- Fix issue with DNS proxy length checks to prevent buffer overflow.
- Fix issue with DHCP leaking stack data via uninitialized variable.
[Yocto #14231]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
rename directory of patches
-License-Update: Copyright year updated to 2021.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Removed upstreamed patches and refreshed q few other.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* it breaks KDE's qca and dependencies
* it is not deprecated. Openssl 3.0 (currently alpha) will deprecate whirlpool
[1] https://www.openssl.org/news/changelog.html#openssl-30
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This fixes openssh failing to work on qemux86 with glibc 2.33 due to
seccomp and the fact new syscalls are used. Also likely fixes issues
on other platforms.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The rdma command is part of iproute2 and is used to query or set the RDMA
configuration where applicable. This patch adds options to build it
and include it.
Signed-off-by: Alan Perry <alanp@snowmoose.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is still needed by libest in meta-security
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Cc: Shachar Menashe <shachar@vdoo.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
README updated:
version updated
add descrition of platform specifics - Debian
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
TLS 1.3 implementation in qt5 uses psk so retain it for now
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
They are still needed by several packages in meta-openembedded
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Shachar Menashe <shachar@vdoo.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
1. Drop support for many deprecated algorithms by default
2. Allow dropping support for TLS 1.0/1.1 via PACKAGECONFIG
Signed-off-by: Shachar Menashe <shachar@vdoo.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Move the ip tool into its own package. Useful for size constrained
systems that only want the ip tool.
Signed-off-by: Sinan Kaya <okaya@kernel.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Depending on which patches the make program has, the internal or external
utmp could would be used. Add add a patch which avoids the issue and makes
the build determnistic. We saw the regression on ubuntu1604.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is the first ppp release in a long time. Many patches
were resolved upstream:
* musl fixes were merged
* EAP patch was a backport added upstream
* cflags were fixed upstream
* CVE fix was merged upstream and a backport
* pcap header from the host was fixed upstream
* suid bits during install was removed upstream
The only patch left was the /var/ redirect for resolv.conf which no longer
applied cleanly after upstream changes. For this one the patch will
need to be rewritten (and preferably submitted upstream) by someone
who needs/uses it. It was presumbaly for RO rootfs and may be resolved
by symlinks in modern system usage anyway.
Tweak the files pulled into the pppoe package for a compatibility
symlink and module rename.
Add CC to the OEMAKE command to allow builds correctly.
[Big thanks to Alex Kanavin for a lot of the work with upstream and
pre-release testing of this]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop backported patches:
0001-Linux-Fix-privsep-build-by-including-sys-termios.h-f.patch
0001-privsep-Fix-Linux-i386-for-SECCOMP-as-it-just-uses-s.patch
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The dnsdomainname can also be provided by busybox and net-tools. Also
move it from ${bindir} to ${base_bindir} because the command provided by
busybox or net-tools is located here.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The dhcpcd doesn't work on Intel 32bit platform. Backport a patch to fix
the issue.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Currently there's no easy way to override this part as it's hardcoded
into the EXTRA_OEMAKE var. This change makes it possible to manipulate
the list of subdirs in a more fine graned and future oriented manner.
Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Engines are installed in a slightly different path, and
the host type doesn't precisely match in x86_64
Co-authored-by: Paul Eggleton <paul.eggleton@microsoft.com>
Co-authored-by: Deepak Rawat <derawa@microsoft.com>
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
update version to 1.1.1i
openssl 1.1.1i Fixed NULL pointer deref in GENERAL_NAME_cmp (CVE-2020-1971)
updates include fix for CVE:
CVE-2020-1971
Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport a patch to fix privsep build error on ppc.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
License-Update: http -> https
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Without further examples of how this is failing revert as using both
together is a valid use case, for example connman handling Wifi/AP
and systemd-networkd handling more complex routing such as for
containers and ethernet switches.
This reverts commit 5303420ead25817f5caec276b79eec7ee797271a.
Signed-off-by: Jack Mitchell <ml@embed.me.uk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Vickberg <wickbergster@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The OpenSSH server, as used in Fedora and Red Hat Enterprise
Linux 7 and when running in a Kerberos environment, allows remote
authenticated users to log in as another user when they are listed
in the .k5users file of that user, which might bypass intended
authentication requirements that would force a local login.
Whitelist the CVE since this issue is Redhat specific.
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The following changes since commit f075071761172c69f8ae2be5868d51ef9ef646e7:
conf: update for release 3.2 (2020-11-09 13:16:13 +0000)
are available in the Git repository at:
git://push.yoctoproject.org/poky-contrib fedepell/bug14083
Federico Pellegrin (1):
openssl: Add c_rehash to misc package and add perl runtime dependency
c_rehash implemented in perl is back (in history was moved to shell for
some time), so handle it inside the -misc package so just that one will
carry the heavy runtime dependency on perl and not the whole openssl
package. Note: in misc there were already before a few perl files
(tsget.pl and CA.pl) so the added perl dependency will fix those too.
[YOCTO #14083]
Signed-off-by: Federico Pellegrin <fede@evolware.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
0001-devlink.c-add-missing-include.patch
Removed since this is included in 5.9.0.
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The dhcpcd path is hardcoded to /sbin in ifupdown package. Move dhcpcd
from /usr/sbin to /sbin to make sure ifup/ifdown can find it when dhcpcd
as the dhcp client backend.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Do not run systemd-networkd and connman simultaneously. These two
network managers may conflict with each other.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop chunks from clang-warnings.patch that are merged upstream.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|