10 files changed, 619 insertions, 2 deletions

diff --git a/meta-oe/recipes-security/nmap/files/0001-fix-racing-between-build-ncat-and-build-lua.patch b/meta-oe/recipes-security/nmap/files/0001-fix-racing-between-build-ncat-and-build-lua.patch
new file mode 100644
index 0000000000..aad8b1ee92
--- /dev/null
+++ b/meta-oe/recipes-security/nmap/files/0001-fix-racing-between-build-ncat-and-build-lua.patch
@@ -0,0 +1,55 @@
+From 0cde425abfcacdde725dccff29d01c9fce7c3888 Mon Sep 17 00:00:00 2001
+From: Hongxu Jia <hongxu.jia@windriver.com>
+Date: Sun, 9 Feb 2025 00:45:36 +0000
+Subject: [PATCH] fix racing between build-ncat and build-lua
+
+There are two build-lua rules, one in Makefile.in, another in
+ncat/Makefile.in which is required by build-ncat
+
+Build them may cause potential racing
+
+$ bitbake lib32-nmap
+$ grep -e "Compiling liblua" -e 'nmap-7.95/liblua' -e ": error" -n patch-to/temp/log.do_compile
+Compiling liblua
+make[1]: Entering directory 'path-to/build/tmp/work/corei7-32-wrsmllib32-linux/lib32-nmap/7.95/nmap-7.95/liblua'
+Compiling liblua
+make[2]: Entering directory 'path-to/build/tmp/work/corei7-32-wrsmllib32-linux/lib32-nmap/7.95/nmap-7.95/liblua'
+make[2]: Leaving directory 'path-to/tmp/work/corei7-32-wrsmllib32-linux/lib32-nmap/7.95/nmap-7.95/liblua'
+path-to/tmp/work/corei7-32-wrsmllib32-linux/lib32-nmap/7.95/recipe-sysroot-native/usr/bin/i686-wrsmllib32-linux/../../libexec/i686-wrsmllib32-linux/gcc/i686-wrsmllib32-linux/14.2.0/ld: ./../liblua/liblua.a: error adding symbols: no more archived files
+collect2: error: ld returned 1 exit status
+make[1]: Leaving directory 'path-to/tmp/work/corei7-32-wrsmllib32-linux/lib32-nmap/7.95/nmap-7.95/liblua'
+
+Explicitly make build-ncat depends on build-lua to avoid racing,
+after applying the patch
+...
+Compiling liblua
+make[1]: Entering directory 'path-to/tmp/work/corei7-32-wrsmllib32-linux/lib32-nmap/7.95/nmap-7.95/liblua'
+make[1]: Leaving directory 'path-to/tmp/work/corei7-32-wrsmllib32-linux/lib32-nmap/7.95/nmap-7.95/liblua'
+Compiling liblua
+make[2]: Entering directory 'path-to/tmp/work/corei7-32-wrsmllib32-linux/lib32-nmap/7.95/nmap-7.95/liblua'
+make[2]: Leaving directory 'path-to/tmp/work/corei7-32-wrsmllib32-linux/lib32-nmap/7.95/nmap-7.95/liblua'
+...
+
+Upstream-Status: Submitted [https://github.com/nmap/nmap/pull/3025]
+
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+ Makefile.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Makefile.in b/Makefile.in
+index e2f79c9..0e634a3 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -159,7 +159,7 @@ build-netutil: libnetutil/Makefile
+        @echo Compiling libnetutil;
+        cd libnetutil && $(MAKE)
+ 
+-build-ncat: $(NCATDIR)/Makefile build-nbase build-nsock $(NCATDIR)/ncat.h @PCAP_BUILD@
++build-ncat: $(NCATDIR)/Makefile build-nbase build-nsock build-lua $(NCATDIR)/ncat.h @PCAP_BUILD@
+        cd $(NCATDIR) && $(MAKE)
+ 
+ build-lua: $(LIBLUADIR)/Makefile
+-- 
+2.47.1
+
diff --git a/meta-oe/recipes-security/nmap/files/0003-Fix-off-by-one-overflow-in-the-IP-protocol-table.patch b/meta-oe/recipes-security/nmap/files/0003-Fix-off-by-one-overflow-in-the-IP-protocol-table.patch
new file mode 100644
index 0000000000..bcb04250bb
--- /dev/null
+++ b/meta-oe/recipes-security/nmap/files/0003-Fix-off-by-one-overflow-in-the-IP-protocol-table.patch
@@ -0,0 +1,165 @@
+From 364d089250d1acf459e9e8580161e7bb06268106 Mon Sep 17 00:00:00 2001
+From: Wang Mingyu <wangmy@fujitsu.com>
+Date: Tue, 15 Oct 2024 02:47:38 +0000
+Subject: [PATCH] Fix off-by-one overflow in the IP protocol table.
+
+Fixes #2896, closes #2897, closes #2900
+
+Upstream-Status: Backport [https://github.com/nmap/nmap/commit/efa0dc36f2ecade6ba8d2ed25dd4d5fbffdea308]
+
+Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
+---
+ CHANGELOG     |  3 +++
+ portlist.cc   |  8 ++++----
+ protocols.cc  |  6 +++---
+ protocols.h   |  2 ++
+ scan_lists.cc | 10 +++++-----
+ 5 files changed, 17 insertions(+), 12 deletions(-)
+
+diff --git a/CHANGELOG b/CHANGELOG
+index f01262c..5b204bd 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -1,5 +1,8 @@
+ #Nmap Changelog ($Id: CHANGELOG 38849 2024-04-18 17:16:42Z dmiller $); -*-text-*-
+ 
++o [GH#2900, GH#2896, GH#2897] Nmap is now able to scan IP protocol 255.
++  [nnposter]
++
+ Nmap 7.95 [2024-04-19]
+ 
+ o [Windows] Upgraded Npcap (our Windows raw packet capturing and
+diff --git a/portlist.cc b/portlist.cc
+index 8258853..cd08437 100644
+--- a/portlist.cc
++++ b/portlist.cc
+@@ -480,7 +480,7 @@ void PortList::setPortState(u16 portno, u8 protocol, int state, int *oldstate) {
+       state != PORT_CLOSEDFILTERED)
+     fatal("%s: attempt to add port number %d with illegal state %d\n", __func__, portno, state);
+ 
+-  assert(protocol!=IPPROTO_IP || portno<256);
++  assert(protocol!=IPPROTO_IP || portno<=MAX_IPPROTONUM);
+ 
+   bool created = false;
+   current = createPort(portno, protocol, &created);
+@@ -566,7 +566,7 @@ Port *PortList::nextPort(const Port *cur, Port *next,
+   if (cur) {
+     proto = INPROTO2PORTLISTPROTO(cur->proto);
+     assert(port_map[proto]!=NULL); // Hmm, it's not possible to handle port that doesn't have anything in map
+-    assert(cur->proto!=IPPROTO_IP || cur->portno<256);
++    assert(cur->proto!=IPPROTO_IP || cur->portno<=MAX_IPPROTONUM);
+     mapped_pno = port_map[proto][cur->portno];
+     mapped_pno++; //  we're interested in next port after current
+   } else { // running for the first time
+@@ -615,7 +615,7 @@ void PortList::mapPort(u16 *portno, u8 *protocol) const {
+   mapped_protocol = INPROTO2PORTLISTPROTO(*protocol);
+ 
+   if (*protocol == IPPROTO_IP)
+-    assert(*portno < 256);
++    assert(*portno <= MAX_IPPROTONUM);
+   if(port_map[mapped_protocol]==NULL || port_list[mapped_protocol]==NULL) {
+     fatal("%s(%i,%i): you're trying to access uninitialized protocol", __func__, *portno, *protocol);
+   }
+@@ -713,7 +713,7 @@ int PortList::port_list_count[PORTLIST_PROTO_MAX];
+  * should be sorted. */
+ void PortList::initializePortMap(int protocol, u16 *ports, int portcount) {
+   int i;
+-  int ports_max = (protocol == IPPROTO_IP) ? 256 : 65536;
++  int ports_max = (protocol == IPPROTO_IP) ? MAX_IPPROTONUM + 1 : 65536;
+   int proto = INPROTO2PORTLISTPROTO(protocol);
+ 
+   if (port_map[proto] != NULL || port_map_rev[proto] != NULL)
+diff --git a/protocols.cc b/protocols.cc
+index 76e42c7..85e55e4 100644
+--- a/protocols.cc
++++ b/protocols.cc
+@@ -79,7 +79,7 @@ struct strcmp_comparator {
+ 
+ // IP Protocol number is 8 bits wide
+ // protocol_table[IPPROTO_TCP] == {"tcp", 6}
+-static struct nprotoent *protocol_table[UCHAR_MAX];
++static struct nprotoent *protocol_table[MAX_IPPROTONUM + 1];
+ // proto_map["tcp"] = {"tcp", 6}
+ typedef std::map<const char *, struct nprotoent, strcmp_comparator> ProtoMap;
+ static ProtoMap proto_map;
+@@ -119,7 +119,7 @@ static int nmap_protocols_init() {
+     if (*p == '#' || *p == '\0')
+       continue;
+     res = sscanf(line, "%127s %hu", protocolname, &protno);
+-    if (res !=2 || protno > UCHAR_MAX) {
++    if (res !=2 || protno > MAX_IPPROTONUM) {
+       error("Parse error in protocols file %s line %d", filename, lineno);
+       continue;
+     }
+@@ -191,7 +191,7 @@ const struct nprotoent *nmap_getprotbynum(int num) {
+   if (nmap_protocols_init() == -1)
+     return NULL;
+ 
+-  assert(num >= 0 && num < UCHAR_MAX);
++  assert(num >= 0 && num <= MAX_IPPROTONUM);
+   return protocol_table[num];
+ }
+ 
+diff --git a/protocols.h b/protocols.h
+index 8934284..2de0aa4 100644
+--- a/protocols.h
++++ b/protocols.h
+@@ -79,6 +79,8 @@ int addprotocolsfromservmask(char *mask, u8 *porttbl);
+ const struct nprotoent *nmap_getprotbynum(int num);
+ const struct nprotoent *nmap_getprotbyname(const char *name);
+ 
++#define MAX_IPPROTONUM 255
++
+ #define MAX_IPPROTOSTRLEN 4
+ #define IPPROTO2STR(p)         \
+   ((p)==IPPROTO_TCP ? "tcp" :  \
+diff --git a/scan_lists.cc b/scan_lists.cc
+index f02e279..ebe1357 100644
+--- a/scan_lists.cc
++++ b/scan_lists.cc
+@@ -165,7 +165,7 @@ void getpts(const char *origexpr, struct scan_lists *ports) {
+       ports->udp_count++;
+     if (porttbl[i] & SCAN_SCTP_PORT)
+       ports->sctp_count++;
+-    if (porttbl[i] & SCAN_PROTOCOLS && i < 256)
++    if (porttbl[i] & SCAN_PROTOCOLS && i <= MAX_IPPROTONUM)
+       ports->prot_count++;
+   }
+ 
+@@ -192,7 +192,7 @@ void getpts(const char *origexpr, struct scan_lists *ports) {
+       ports->udp_ports[udpi++] = i;
+     if (porttbl[i] & SCAN_SCTP_PORT)
+       ports->sctp_ports[sctpi++] = i;
+-    if (porttbl[i] & SCAN_PROTOCOLS && i < 256)
++    if (porttbl[i] & SCAN_PROTOCOLS && i <= MAX_IPPROTONUM)
+       ports->prots[proti++] = i;
+   }
+ 
+@@ -388,7 +388,7 @@ static void getpts_aux(const char *origexpr, int nested, u8 *porttbl, int range_
+     } else if (isdigit((int) (unsigned char) *current_range)) {
+       rangestart = strtol(current_range, &endptr, 10);
+       if (range_type & SCAN_PROTOCOLS) {
+-        if (rangestart < 0 || rangestart > 255)
++        if (rangestart < 0 || rangestart > MAX_IPPROTONUM)
+           fatal("Protocols specified must be between 0 and 255 inclusive");
+       } else {
+         if (rangestart < 0 || rangestart > 65535)
+@@ -429,13 +429,13 @@ static void getpts_aux(const char *origexpr, int nested, u8 *porttbl, int range_
+       if (!*current_range || *current_range == ',' || *current_range == ']') {
+         /* Ended with a -, meaning up until the last possible port */
+         if (range_type & SCAN_PROTOCOLS)
+-          rangeend = 255;
++          rangeend = MAX_IPPROTONUM;
+         else
+           rangeend = 65535;
+       } else if (isdigit((int) (unsigned char) *current_range)) {
+         rangeend = strtol(current_range, &endptr, 10);
+         if (range_type & SCAN_PROTOCOLS) {
+-          if (rangeend < 0 || rangeend > 255)
++          if (rangeend < 0 || rangeend > MAX_IPPROTONUM)
+             fatal("Protocols specified must be between 0 and 255 inclusive");
+         } else {
+           if (rangeend < 0 || rangeend > 65535)
+-- 
+2.34.1
+
diff --git a/meta-oe/recipes-security/nmap/nmap-7.92/0001-redefine-the-python-library-install-dir.patch b/meta-oe/recipes-security/nmap/nmap-7.92/0001-redefine-the-python-library-install-dir.patch
new file mode 100644
index 0000000000..6298f7ea26
--- /dev/null
+++ b/meta-oe/recipes-security/nmap/nmap-7.92/0001-redefine-the-python-library-install-dir.patch
@@ -0,0 +1,31 @@
+From 67b4614ea529460dca9326bfe5d355bad6f9bdee Mon Sep 17 00:00:00 2001
+From: Roy Li <rongqing.li@windriver.com>
+Date: Sun, 27 Apr 2025 16:33:08 +0800
+Subject: [PATCH] redefine the python library install dir
+
+If install-lib is not defined, it is always /usr/lib/, but it
+maybe /usr/lib64 for multilib
+
+Upstream-Status: Pending
+
+Signed-off-by: Roy Li <rongqing.li@windriver.com>
+---
+ Makefile.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Makefile.in b/Makefile.in
+index ccfceda..6b25d27 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -387,7 +387,7 @@ build-nping: $(NPINGDIR)/Makefile build-nbase build-nsock build-netutil $(NPINGD
+        @cd $(NPINGDIR) && $(MAKE)
+ 
+ install-ndiff:
+-       cd $(NDIFFDIR) && $(PYTHON) setup.py install --prefix "$(prefix)" $(if $(DESTDIR),--root "$(DESTDIR)")
++       cd $(NDIFFDIR) && $(PYTHON) setup.py install --prefix "$(prefix)" --install-lib="${PYTHON_SITEPACKAGES_DIR}" $(if $(DESTDIR),--root "$(DESTDIR)")
+ 
+ NSE_FILES = scripts/script.db scripts/*.nse
+ NSE_LIB_LUA_FILES = nselib/*.lua nselib/*.luadoc
+-- 
+2.34.1
+
diff --git a/meta-oe/recipes-security/nmap/nmap-7.92/0002-replace-.-shtool-mkdir-with-coreutils-mkdir-command.patch b/meta-oe/recipes-security/nmap/nmap-7.92/0002-replace-.-shtool-mkdir-with-coreutils-mkdir-command.patch
new file mode 100644
index 0000000000..f81e230b28
--- /dev/null
+++ b/meta-oe/recipes-security/nmap/nmap-7.92/0002-replace-.-shtool-mkdir-with-coreutils-mkdir-command.patch
@@ -0,0 +1,38 @@
+From 783333de42b06020f5c0852c415cd34972a773fb Mon Sep 17 00:00:00 2001
+From: Roy Li <rongqing.li@windriver.com>
+Date: Sun, 27 Apr 2025 16:35:11 +0800
+Subject: [PATCH] replace "./shtool mkdir" with coreutils mkdir command
+
+"./shtool mkdir" is used when mkdir has not -p parameter, but mkdir in
+today most release has supportted the -p parameter, not need to use
+shtool, and it can not fix the race if two process are running mkdir to
+create same dir
+
+Upstream-Status: Pending
+
+Signed-off-by: Roy Li <rongqing.li@windriver.com>
+---
+ ncat/Makefile.in | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/ncat/Makefile.in b/ncat/Makefile.in
+index 4632a78..11a5e7c 100644
+--- a/ncat/Makefile.in
++++ b/ncat/Makefile.in
+@@ -166,11 +166,11 @@ $(NSOCKDIR)/libnsock.a: $(NSOCKDIR)/Makefile
+ 
+ install: $(TARGET)
+        @echo Installing Ncat;
+-       $(SHTOOL) mkdir -f -p -m 755 $(DESTDIR)$(bindir) $(DESTDIR)$(mandir)/man1
++       mkdir -p -m 755 $(DESTDIR)$(bindir) $(DESTDIR)$(mandir)/man1
+        $(INSTALL) -c -m 755 ncat $(DESTDIR)$(bindir)/ncat
+        $(STRIP) -x $(DESTDIR)$(bindir)/ncat
+        if [ -n "$(DATAFILES)" ]; then \
+-               $(SHTOOL) mkdir -f -p -m 755 $(DESTDIR)$(pkgdatadir); \
++               mkdir -p -m 755 $(DESTDIR)$(pkgdatadir); \
+                $(INSTALL) -c -m 644 $(DATAFILES) $(DESTDIR)$(pkgdatadir)/; \
+        fi
+        $(INSTALL) -c -m 644 docs/$(TARGET).1 $(DESTDIR)$(mandir)/man1/$(TARGET).1
+-- 
+2.34.1
+
diff --git a/meta-oe/recipes-security/nmap/nmap-7.92/0003-Include-time.h-header-to-pass-clang-compilation.patch b/meta-oe/recipes-security/nmap/nmap-7.92/0003-Include-time.h-header-to-pass-clang-compilation.patch
new file mode 100644
index 0000000000..b940124f98
--- /dev/null
+++ b/meta-oe/recipes-security/nmap/nmap-7.92/0003-Include-time.h-header-to-pass-clang-compilation.patch
@@ -0,0 +1,76 @@
+From e9d876bedc8a7bc96856ecf38bbeeafee2d5b206 Mon Sep 17 00:00:00 2001
+From: Peiran Hong <peiran.hong@windriver.com>
+Date: Fri, 20 Sep 2019 15:02:45 -0400
+Subject: [PATCH] Include time.h header to pass clang compilation
+
+Upstream-Status: Pending
+
+Signed-off-by: Peiran Hong <peiran.hong@windriver.com>
+---
+ nmap_error.cc       | 11 +----------
+ nping/EchoServer.cc |  1 +
+ osscan2.cc          |  1 +
+ service_scan.cc     |  1 +
+ 4 files changed, 4 insertions(+), 10 deletions(-)
+
+diff --git a/nmap_error.cc b/nmap_error.cc
+index 5ec938f..83ba6cc 100644
+--- a/nmap_error.cc
++++ b/nmap_error.cc
+@@ -67,16 +67,7 @@
+ #include "xml.h"
+ 
+ #include <errno.h>
+-#if TIME_WITH_SYS_TIME
+-# include <sys/time.h>
+-# include <time.h>
+-#else
+-# if HAVE_SYS_TIME_H
+-#  include <sys/time.h>
+-# else
+-#  include <time.h>
+-# endif
+-#endif
++#include <time.h>
+ 
+ extern NmapOps o;
+ 
+diff --git a/nping/EchoServer.cc b/nping/EchoServer.cc
+index dea2851..c80efb4 100644
+--- a/nping/EchoServer.cc
++++ b/nping/EchoServer.cc
+@@ -69,6 +69,7 @@
+ #include "NpingOps.h"
+ #include "ProbeMode.h"
+ #include <signal.h>
++#include <time.h>
+ 
+ extern NpingOps o;
+ extern EchoServer es;
+diff --git a/osscan2.cc b/osscan2.cc
+index efe6da0..392c65f 100644
+--- a/osscan2.cc
++++ b/osscan2.cc
+@@ -80,6 +80,7 @@
+ 
+ #include <list>
+ #include <math.h>
++#include <time.h>
+ 
+ extern NmapOps o;
+ #ifdef WIN32
+diff --git a/service_scan.cc b/service_scan.cc
+index 66e0d92..161f2a1 100644
+--- a/service_scan.cc
++++ b/service_scan.cc
+@@ -77,6 +77,7 @@
+ #include "nmap_tty.h"
+ 
+ #include <errno.h>
++#include <time.h>
+ 
+ #if HAVE_OPENSSL
+ /* OpenSSL 1.0.0 needs _WINSOCKAPI_ to be defined, otherwise it loads
+-- 
+2.34.1
+
diff --git a/meta-oe/recipes-security/nmap/nmap-7.92/0004-Fix-building-with-libc.patch b/meta-oe/recipes-security/nmap/nmap-7.92/0004-Fix-building-with-libc.patch
new file mode 100644
index 0000000000..295abe6d50
--- /dev/null
+++ b/meta-oe/recipes-security/nmap/nmap-7.92/0004-Fix-building-with-libc.patch
@@ -0,0 +1,79 @@
+From 4c54b00e6f3749924532c2636eae01daff9e4bcd Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Sun, 20 Jan 2019 23:11:56 -0800
+Subject: [PATCH] Fix building with libc++
+
+Upstream-Status: Pending
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ nping/EchoServer.cc | 16 ++++++++--------
+ 1 file changed, 8 insertions(+), 8 deletions(-)
+
+diff --git a/nping/EchoServer.cc b/nping/EchoServer.cc
+index c80efb4..914bd54 100644
+--- a/nping/EchoServer.cc
++++ b/nping/EchoServer.cc
+@@ -214,14 +214,14 @@ int EchoServer::nep_listen_socket(){
+         server_addr6.sin6_len = sizeof(struct sockaddr_in6);
+     #endif
+     /* Bind to local address and the specified port */
+-    if( bind(master_sd, (struct sockaddr *)&server_addr6, sizeof(server_addr6)) != 0 ){
++    if( ::bind(master_sd, (struct sockaddr *)&server_addr6, sizeof(server_addr6)) != 0 ){
+         nping_warning(QT_3, "Failed to bind to source address %s. Trying to bind to port %d...", IPtoa(server_addr6.sin6_addr), port);
+         /* If the bind failed for the supplied address, just try again with in6addr_any */
+         if( o.spoofSource() ){
+             server_addr6.sin6_addr = in6addr_any;
+-            if( bind(master_sd, (struct sockaddr *)&server_addr6, sizeof(server_addr6)) != 0 ){
++            if( ::bind(master_sd, (struct sockaddr *)&server_addr6, sizeof(server_addr6)) != 0 ){
+                 nping_fatal(QT_3, "Could not bind to port %d (%s).", port, strerror(errno));
+-            }else{ 
++            }else{
+                 nping_print(VB_1, "Server bound to port %d", port);
+             }
+         }
+@@ -252,12 +252,12 @@ int EchoServer::nep_listen_socket(){
+ #endif
+ 
+     /* Bind to local address and the specified port */
+-    if( bind(master_sd, (struct sockaddr *)&server_addr4, sizeof(server_addr4)) != 0 ){
++    if( ::bind(master_sd, (struct sockaddr *)&server_addr4, sizeof(server_addr4)) != 0 ){
+         nping_warning(QT_3, "Failed to bind to source address %s. Trying to bind to port %d...", IPtoa(server_addr4.sin_addr), port);
+         /* If the bind failed for the supplied address, just try again with in6addr_any */
+         if( o.spoofSource() ){
+             server_addr4.sin_addr.s_addr=INADDR_ANY;
+-            if( bind(master_sd, (struct sockaddr *)&server_addr4, sizeof(server_addr4)) != 0 ){
++            if( ::bind(master_sd, (struct sockaddr *)&server_addr4, sizeof(server_addr4)) != 0 ){
+                 nping_fatal(QT_3, "Could not bind to port %d (%s).", port, strerror(errno));
+             }else{
+                 nping_print(VB_1, "Server bound to port %d", port);
+@@ -493,7 +493,7 @@ clientid_t EchoServer::nep_match_headers(IPv4Header *ip4, IPv6Header *ip6, TCPHe
+                             nping_print(DBG_3, ";");
+                             /* The payload magic may affect the score only between
+                              * zero and 4 bytes. This is done to prevent long
+-                             * common strings like "GET / HTTP/1.1\r\n" 
++                             * common strings like "GET / HTTP/1.1\r\n"
+                              * increasing the score a lot and cause problems for
+                              * the matching logic. */
+                             current_score+= MIN(4, fspec->len)*FACTOR_PAYLOAD_MAGIC;
+@@ -503,7 +503,7 @@ clientid_t EchoServer::nep_match_headers(IPv4Header *ip4, IPv6Header *ip6, TCPHe
+                     default:
+                         nping_warning(QT_2, "Bogus field specifier found in client #%d context. Please report a bug", ctx->getIdentifier());
+                     break;
+-                }           
++                }
+             } /* End of field specifiers loop */
+ 
+             nping_print(DBG_3, "%s() current_score=%.02f candidate_score=%.02f", __func__, current_score, candidate_score);
+@@ -582,7 +582,7 @@ clientid_t EchoServer::nep_match_packet(const u8 *pkt, size_t pktlen){
+                 }else{
+                     if( (tcplen=tcp.validate())==OP_FAILURE){
+                         return CLIENT_NOT_FOUND;
+-                    }else{                        
++                    }else{
+                         if( (int)pktlen > (iplen+tcplen) ){
+                            if( payload.storeRecvData(pkt+iplen+tcplen, pktlen-iplen-tcplen)!=OP_FAILURE)
+                                payload_included=true;
+-- 
+2.34.1
+
diff --git a/meta-oe/recipes-security/nmap/nmap-7.92/0005-fix-racing-between-build-ncat-and-build-lua.patch b/meta-oe/recipes-security/nmap/nmap-7.92/0005-fix-racing-between-build-ncat-and-build-lua.patch
new file mode 100644
index 0000000000..f660719640
--- /dev/null
+++ b/meta-oe/recipes-security/nmap/nmap-7.92/0005-fix-racing-between-build-ncat-and-build-lua.patch
@@ -0,0 +1,55 @@
+From c1b436da46a7e3089b657f3f92308defc0ebb735 Mon Sep 17 00:00:00 2001
+From: Hongxu Jia <hongxu.jia@windriver.com>
+Date: Sun, 9 Feb 2025 00:45:36 +0000
+Subject: [PATCH] fix racing between build-ncat and build-lua
+
+There are two build-lua rules, one in Makefile.in, another in
+ncat/Makefile.in which is required by build-ncat
+
+Build them may cause potential racing
+
+$ bitbake lib32-nmap
+$ grep -e "Compiling liblua" -e 'nmap-7.95/liblua' -e ": error" -n patch-to/temp/log.do_compile
+Compiling liblua
+make[1]: Entering directory 'path-to/build/tmp/work/corei7-32-wrsmllib32-linux/lib32-nmap/7.95/nmap-7.95/liblua'
+Compiling liblua
+make[2]: Entering directory 'path-to/build/tmp/work/corei7-32-wrsmllib32-linux/lib32-nmap/7.95/nmap-7.95/liblua'
+make[2]: Leaving directory 'path-to/tmp/work/corei7-32-wrsmllib32-linux/lib32-nmap/7.95/nmap-7.95/liblua'
+path-to/tmp/work/corei7-32-wrsmllib32-linux/lib32-nmap/7.95/recipe-sysroot-native/usr/bin/i686-wrsmllib32-linux/../../libexec/i686-wrsmllib32-linux/gcc/i686-wrsmllib32-linux/14.2.0/ld: ./../liblua/liblua.a: error adding symbols: no more archived files
+collect2: error: ld returned 1 exit status
+make[1]: Leaving directory 'path-to/tmp/work/corei7-32-wrsmllib32-linux/lib32-nmap/7.95/nmap-7.95/liblua'
+
+Explicitly make build-ncat depends on build-lua to avoid racing,
+after applying the patch
+...
+Compiling liblua
+make[1]: Entering directory 'path-to/tmp/work/corei7-32-wrsmllib32-linux/lib32-nmap/7.95/nmap-7.95/liblua'
+make[1]: Leaving directory 'path-to/tmp/work/corei7-32-wrsmllib32-linux/lib32-nmap/7.95/nmap-7.95/liblua'
+Compiling liblua
+make[2]: Entering directory 'path-to/tmp/work/corei7-32-wrsmllib32-linux/lib32-nmap/7.95/nmap-7.95/liblua'
+make[2]: Leaving directory 'path-to/tmp/work/corei7-32-wrsmllib32-linux/lib32-nmap/7.95/nmap-7.95/liblua'
+...
+
+Upstream-Status: Submitted [https://github.com/nmap/nmap/pull/3025]
+
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+ Makefile.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Makefile.in b/Makefile.in
+index 6b25d27..b0a2719 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -159,7 +159,7 @@ build-netutil: libnetutil/Makefile
+        @echo Compiling libnetutil;
+        cd libnetutil && $(MAKE)
+ 
+-build-ncat: $(NCATDIR)/Makefile build-nbase build-nsock $(NCATDIR)/ncat.h @PCAP_BUILD@
++build-ncat: $(NCATDIR)/Makefile build-nbase build-nsock build-lua $(NCATDIR)/ncat.h @PCAP_BUILD@
+        cd $(NCATDIR) && $(MAKE)
+ 
+ build-lua: $(LIBLUADIR)/Makefile
+-- 
+2.34.1
+
diff --git a/meta-oe/recipes-security/nmap/nmap-7.92/0006-Fix-build-with-libpcap-1.10.5.patch b/meta-oe/recipes-security/nmap/nmap-7.92/0006-Fix-build-with-libpcap-1.10.5.patch
new file mode 100644
index 0000000000..4ee4a7295e
--- /dev/null
+++ b/meta-oe/recipes-security/nmap/nmap-7.92/0006-Fix-build-with-libpcap-1.10.5.patch
@@ -0,0 +1,47 @@
+From ba7b4a8cc570f0ce154f186fbe840f0ac23b2b96 Mon Sep 17 00:00:00 2001
+From: Yi Zhao <yi.zhao@windriver.com>
+Date: Mon, 28 Apr 2025 10:04:46 +0800
+Subject: [PATCH] Fix build with libpcap 1.10.5
+
+Fixes:
+In file included from /build/tmp/work/core2-64-poky-linux/nmap/7.92/recipe-sysroot/usr/include/pcap/pcap.h:130,
+                 from /build/tmp/work/core2-64-poky-linux/nmap/7.92/recipe-sysroot/usr/include/pcap.h:43,
+                 from tcpip.h:72,
+                 from nse_nsock.cc:4:
+nse_nsock.cc:36:3: error: expected identifier before 'int'
+   36 |   PCAP_SOCKET = lua_upvalueindex(3), /* pcap socket metatable */
+      |   ^~~~~~~~~~~
+nse_nsock.cc:36:3: error: expected '}' before 'int'
+nse_nsock.cc:33:6: note: to match this '{'
+   33 | enum {
+      |      ^
+nse_nsock.cc:36:15: error: expected unqualified-id before '=' token
+   36 |   PCAP_SOCKET = lua_upvalueindex(3), /* pcap socket metatable */
+      |               ^
+nse_nsock.cc:40:1: error: expected declaration before '}' token
+   40 | };
+      | ^
+
+Upstream-Status: Pending
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ nse_nsock.cc | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/nse_nsock.cc b/nse_nsock.cc
+index 75ddeb6..a3c5186 100644
+--- a/nse_nsock.cc
++++ b/nse_nsock.cc
+@@ -29,6 +29,8 @@
+ 
+ #define DEFAULT_TIMEOUT 30000
+ 
++#undef PCAP_SOCKET
++
+ /* Upvalues for library variables */
+ enum {
+   NSOCK_POOL = lua_upvalueindex(1),
+-- 
+2.34.1
+
diff --git a/meta-oe/recipes-security/nmap/nmap_7.92.bb b/meta-oe/recipes-security/nmap/nmap_7.92.bb
new file mode 100644
index 0000000000..98969fe001
--- /dev/null
+++ b/meta-oe/recipes-security/nmap/nmap_7.92.bb
@@ -0,0 +1,66 @@
+SUMMARY = "network auditing tool"
+DESCRIPTION = "Nmap (Network Mapper) is a free and open source (license) utility for network discovery and security auditing.\nGui support via appending to IMAGE_FEATURES x11-base in local.conf"
+SECTION = "security"
+LICENSE = "GPL-2.0-only"
+
+LIC_FILES_CHKSUM = "file://LICENSE;md5=b8823a06822788010eae05b4f5e921b3"
+
+SRC_URI = "http://nmap.org/dist/${BP}.tar.bz2 \
+           file://0001-redefine-the-python-library-install-dir.patch \
+           file://0002-replace-.-shtool-mkdir-with-coreutils-mkdir-command.patch \
+           file://0003-Include-time.h-header-to-pass-clang-compilation.patch \
+           file://0004-Fix-building-with-libc.patch \
+           file://0005-fix-racing-between-build-ncat-and-build-lua.patch \
+           file://0006-Fix-build-with-libpcap-1.10.5.patch \
+           "
+SRC_URI[sha256sum] = "a5479f2f8a6b0b2516767d2f7189c386c1dc858d997167d7ec5cfc798c7571a1" 
+
+UPSTREAM_CHECK_REGEX = "nmap-(?P<pver>\d+(\.\d+)+)\.tar"
+
+inherit autotools-brokensep pkgconfig python3native
+
+PACKAGECONFIG ?= "pcre ncat nping pcap"
+
+PACKAGECONFIG[pcap] = "--with-pcap=linux, --without-pcap, libpcap, libpcap"
+PACKAGECONFIG[pcre] = "--with-libpcre=${STAGING_LIBDIR}/.., --with-libpcre=included, libpcre"
+PACKAGECONFIG[ssl] = "--with-openssl=${STAGING_LIBDIR}/.., --without-openssl, openssl, openssl"
+PACKAGECONFIG[ssh2] = "--with-openssh2=${STAGING_LIBDIR}/.., --without-openssh2, libssh2, libssh2"
+PACKAGECONFIG[libz] = "--with-libz=${STAGING_LIBDIR}/.., --without-libz, zlib, zlib"
+
+# disable/enable packages
+PACKAGECONFIG[nping] = ",--without-nping,"
+PACKAGECONFIG[ncat] = ",--without-ncat,"
+PACKAGECONFIG[ndiff] = "--with-ndiff=yes,--without-ndiff,python3 python3-setuptools-native"
+PACKAGECONFIG[update] = ",--without-nmap-update,"
+
+EXTRA_OECONF = "--with-libdnet=included --with-liblinear=included --without-subversion --with-liblua=included"
+
+# zenmap needs python-pygtk which has been removed
+# it also only works with python2
+# disable for now until py3 is supported
+EXTRA_OECONF += "--without-zenmap"
+
+export PYTHON_SITEPACKAGES_DIR
+
+do_configure() {
+    autoconf
+    install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.guess ${S}
+    install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.sub ${S}
+    oe_runconf
+}
+
+do_install:append() {
+    for f in ndiff uninstall_ndiff; do
+        if [ -f ${D}${bindir}/$f ]; then
+            sed -i 's@^#!.*$@#!/usr/bin/env python3@g' ${D}${bindir}/$f
+        fi
+    done
+}
+
+FILES:${PN} += "${PYTHON_SITEPACKAGES_DIR} ${datadir}/ncat"
+
+RDEPENDS:${PN} += " \
+    python3-difflib \
+    python3-asyncio \
+    python3-xml \
+"
diff --git a/meta-oe/recipes-security/nmap/nmap_7.95.bb b/meta-oe/recipes-security/nmap/nmap_7.95.bb
index 79c28e71f0..a892c1e910 100644
--- a/meta-oe/recipes-security/nmap/nmap_7.95.bb
+++ b/meta-oe/recipes-security/nmap/nmap_7.95.bb
@@ -1,7 +1,7 @@
 SUMMARY = "network auditing tool"
 DESCRIPTION = "Nmap (Network Mapper) is a free and open source (license) utility for network discovery and security auditing.\nGui support via appending to IMAGE_FEATURES x11-base in local.conf"
 SECTION = "security"
-LICENSE = "GPL-2.0-only"
+LICENSE = "NPSL"
 
 LIC_FILES_CHKSUM = "file://LICENSE;md5=895af8527fe4bcb72f271fd1841fd2f6"
 
@@ -10,8 +10,13 @@ SRC_URI = "http://nmap.org/dist/${BP}.tar.bz2 \
            file://nmap-replace-shtool-mkdir-with-coreutils-mkdir-command.patch \
            file://0001-Include-time.h-header-to-pass-clang-compilation.patch \
            file://0002-Fix-building-with-libc.patch \
+           file://0003-Fix-off-by-one-overflow-in-the-IP-protocol-table.patch \
+           file://0001-fix-racing-between-build-ncat-and-build-lua.patch \
            "
 SRC_URI[sha256sum] = "e14ab530e47b5afd88f1c8a2bac7f89cd8fe6b478e22d255c5b9bddb7a1c5778" 
+
+UPSTREAM_CHECK_REGEX = "nmap-(?P<pver>\d+(\.\d+)+)\.tar"
+
 inherit autotools-brokensep pkgconfig python3native
 
 PACKAGECONFIG ?= "pcre ncat nping pcap"
@@ -25,7 +30,7 @@ PACKAGECONFIG[libz] = "--with-libz=${STAGING_LIBDIR}/.., --without-libz, zlib, z
 #disable/enable packages
 PACKAGECONFIG[nping] = ",--without-nping,"
 PACKAGECONFIG[ncat] = ",--without-ncat,"
-PACKAGECONFIG[ndiff] = "--with-ndiff=yes,--without-ndiff,python3"
+PACKAGECONFIG[ndiff] = "--with-ndiff=yes,--without-ndiff,python3 python3-setuptools-native"
 PACKAGECONFIG[update] = ",--without-nmap-update,"
 
 EXTRA_OECONF = "--with-libdnet=included --with-liblinear=included --without-subversion --with-liblua=included"