| Age | Commit message (Collapse) | Author |
|---|
|
The update from 2.4 to 2.5 was almost something AUH could take care of.
However, we had backported two patches to address CVE-2023-40303 and
that threw off AUH. These changes are confirmed to be in 2.5, so drop
them and update to 2.5.
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
glob/ doesn't exist and the other files are copied by autotools.bbclass
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
fix-disable-ipv6.patch: we don't support uclibc, and most libcs don't
have optional support for IPv6.
inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch and
inetutils-1.8-0003-wchar.patch: these don't appear to be needed anymore.
inetutils-only-check-pam_appl.h-when-pam-enabled.patch: configure.ac
doesn't fail if PAM is disabled anymore.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
inetutils guesses a lot of target paths in cross builds, and warns that
some of them are known to be wrong (for example, whether /proc/net/dev
exists is guessed as 'no').
Add a post-configure function to check for these warnings, and pass
--with-path-* as appropriate to set the paths explicitly.
This means we can remove the patch which was setting PATH_PROCNET_DEV,
and the autoconf cache value inetutils_cv_path_login.
The downside is that these --with-path-* options are not real autoconf
options, so the "unknown options" warning is emitted. Losing those is
an acceptable compromise, so disable it.
Musl doesn't implement utmp and has stub defines for _PATH_UTMP but not
_PATH_UTMPX, so we need to set the X variants explicitly.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* they were removed from SRC_URI in:
https://git.openembedded.org/openembedded-core/commit/?id=a21e8fdf1b66961ddae5929d393daa08800bb748
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
DESCRIPTION is optional for now; writing good component descriptions
is not easy (but appreciated).
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
CVE-2022-39028.patch
removed since it's included in 2.4
Changelog:
==========
ifconfig
------------
Support specifying prefix netmask lengths in -A.
Hurd: tell pfinet translator interfaces to configure
ftp
----------
Avoid crash caused by signed integer overflow resulting in out-of-bounds buffer access.
Avoid crash caused by heap buffer overflow.
Avoid crash caused by NULL pointer dereference.
Avoid crash caused by infinite macro recursion.
telnetd
-----------
Avoid crash on 0xff 0xf7 (IAC EC) or 0xff 0xf8 (IAC EL). CVE-2022-39028
telnet
-----------
Fix a buffer overflow problem. CVE-2019-0053
tftp
-----------
Avoid crashing when given unexpected or invalid commands from tty.
Various bugs fixes, internal improvements and clean ups.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
license identifiers
An automated conversion using scripts/contrib/convert-spdx-licenses.py to
convert to use the standard SPDX license identifiers. Two recipes in meta-selftest
were not converted as they're that way specifically for testing. A change in
linux-firmware was also skipped and may need a more manual tweak.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This CVE is already fixed in inetutils 2.2
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2021-40491:
The ftp client in GNU Inetutils before 2.2 does not validate addresses
returned by PASV/LSPV responses to make sure they match the server
address. This is similar to CVE-2020-8284 for curl.
References:
https://nvd.nist.gov/vuln/detail/CVE-2021-40491
Patch from:
https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=58cb043b190fd04effdaea7c9403416b436e50dd
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is the result of automated script conversion:
scripts/contrib/convert-overrides.py <oe-core directory>
converting the metadata to use ":" as the override character instead of "_".
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Removed upstreamed patches and refreshed q few other.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The dnsdomainname can also be provided by busybox and net-tools. Also
move it from ${bindir} to ${base_bindir} because the command provided by
busybox or net-tools is located here.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixes errors like
telnetd/state.c:69: multiple definition of `not42'; utility.o:/usr/src/debug/inetutils/1.9.4-r0/build/telnetd/../../inetutils-1.9.4/telnetd/utility.c:66: first defined here
| clang-11: error: linker command failed with exit code 1 (use -v to see invocation)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix the following manpage conflicts:
* check_data_file_clashes: Package inetutils-doc wants to install file /usr/share/man/man1/tftp.1
But that file is already provided by package * tftp-hpa-doc
* check_data_file_clashes: Package inetutils-doc wants to install file /usr/share/man/man8/tftpd.8
But that file is already provided by package * tftp-hpa-doc
* check_data_file_clashes: Package netkit-telnet-doc wants to install file /usr/share/man/man8/telnetd.8
But that file is already provided by package * inetutils-doc
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When the code is compiled with "-fstack-protector-strong
-D_FORTIFY_SOURCE=2", everytime ftpfd is asked for a non existent file,
it crashes with the following error:
*** buffer overflow detected ***:
Aborted
This seems to be a bug/feature of gcc. A bug has been open on their
bugzilla, and also inetutils have been posted with the proposed patch.
Without this patch, pxelinux fails to boot because it keeps asking the
server for the pxelinux.cfg/00-01-02-03-04 and never jumps to /default.
Signed-off-by: Ricardo Ribalda Delgado <ricardo@ribalda.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
fix below error:
file /etc/xinetd.d/telnet conflicts between attempted installs of netkit-telnet-0.17-r0.i586 and inetutils-telnetd-1.9.4-r0.i586
file /usr/sbin/in.telnetd conflicts between attempted installs of netkit-telnet-0.17-r0.i586 and inetutils-telnetd-1.9.4-r0.i586
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It is long since past time for rsh and company to be retired from the
world. Disable building these now.
Suggested-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
- We cannot build rsh, rshd, rlogind and rcp on musl. This is handled
gracefully in the configure scripts and spelled out with EXTRA_OECONF.
Expand this to include rexec to cover all of the related functionality.
- Rework adding in the xinetd.d files for these services to only do so
when we even have the services being built. This leads to no rsh/rshd
sub-packages on musl at all.
- If we use the normal alternatives mechanism to allow for this or
netkit-rsh to provide rsh/rshd functionality we end up with QA issues
on musl as we have unused ALTERNATIVES logic. Switch to making use of
RPROVIDES / RCONFLICTS logic instead and make it match the netkit-rsh
packaging names.
Cc: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There are no alternative provides of these packages anymore. To avoid
QA issues when building with musl, don't put these under an alternative
at all.
Cc: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In order to have more robust stand-alone network tools in oe-core, bring
in inetutils from meta-openembedded/meta-networking. This imports the
recipes as of git commit:
commit 408204073e6bdcd8ac586e05d5b75213417673f2
Author: Martin Jansa <martin.jansa@gmail.com>
Date: Thu Aug 16 20:39:15 2018 +0000
inetutils: fix build with glibc-2.28
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Tom Rini
Ross Burton
Khem Raj
Martin Jansa
Alexander Kanavin
Wang Mingyu
Richard Purdie
Alexandre Belloni
Alexander Kanavin
Yi Zhao
Oleksandr Kravchuk
Ovidiu Panait
Ricardo Ribalda Delgado
Changqing Li