summaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-connectivity
Commit message (Collapse)AuthorAgeFilesLines
* libdnet: upgrade 1.17.0 -> 1.18.0Wang Mingyu2024-03-201-1/+1
| | | | | | | | | | Changelog: ========== -update to autotools build chain -rebuild Python bindings with latest Cython Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* civetweb: remove buildpaths from civetweb-targets.cmakeYi Zhao2024-03-191-0/+5
| | | | | | | | | | Fixes: WARNING: civetweb-1.16-r0 do_package_qa: QA Issue: File /usr/lib/cmake/civetweb/civetweb-targets.cmake in package civetweb-dev contains reference to TMPDIR [buildpaths] Siuned-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* bluez-tools: New recipe for bluez5 toolsJörg Sommer2024-03-183-0/+833
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: upgrade 4.19.4 -> 4.19.5Yi Zhao2024-03-101-1/+2
| | | | | | | | | | | | | Release Notes: https://www.samba.org/samba/history/samba-4.19.5.html Specify --pythondir to fix do_package_qa QA Issue: WARNING: samba-4.19.5-r0 do_package_qa: QA Issue: File /usr/lib/libsamba-util.so.0.0.1 in package libsamba-util contains reference to TMPDIR [buildpaths] Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: 1.44.0 -> 1.46.0Yi Zhao2024-03-081-1/+1
| | | | | | | | | | | | | ChangeLog: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/1.46.0/NEWS Highlights: - Drop build with python2, python3 is now required - Support randomizing the MAC address based on the Wi-Fi network - IPv4 DAD (Duplicate Address Detection) enabled by default Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager-fortisslvpn: use python3native and depend on ↵Martin Jansa2024-02-271-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | python3-packaging-native * it uses gdbus-codegen from glib-2.0-native which depended on python3-distutils-native until https://lists.openembedded.org/g/openembedded-core/message/196136 but distutils on host was enforced by sanity check only until mickledore with: https://git.openembedded.org/openembedded-core/commit/?id=8e3a5b0709384f2b455a82ac1e8e212686fe4456 so on hosts without distutils this was already failing with: http://errors.yoctoproject.org/Errors/Details/754697/ gdbus-codegen \ --generate-c-code src/nm-fortisslvpn-pppd-service-dbus \ --c-namespace NMDBus \ --interface-prefix org.freedesktop.NetworkManager \ ../NetworkManager-fortisslvpn-1.4.0/src/nm-fortisslvpn-pppd-service.xml Traceback (most recent call last): File "TOPDIR/tmp-glibc/work/core2-64-oe-linux/networkmanager-fortisslvpn/1.4.0/recipe-sysroot-native/usr/bin/gdbus-codegen", line 53, in <module> from codegen import codegen_main File "TOPDIR/tmp-glibc/work/core2-64-oe-linux/networkmanager-fortisslvpn/1.4.0/recipe-sysroot-native/usr/share/glib-2.0/codegen/codegen_main.py", line 29, in <module> from . import dbustypes File "TOPDIR/tmp-glibc/work/core2-64-oe-linux/networkmanager-fortisslvpn/1.4.0/recipe-sysroot-native/usr/share/glib-2.0/codegen/dbustypes.py", line 22, in <module> from . import utils File "TOPDIR/tmp-glibc/work/core2-64-oe-linux/networkmanager-fortisslvpn/1.4.0/recipe-sysroot-native/usr/share/glib-2.0/codegen/utils.py", line 22, in <module> import distutils.version ModuleNotFoundError: No module named 'distutils' make: *** [Makefile:2081: src/nm-fortisslvpn-pppd-service-dbus.h] Error 1 and the glib-2.0-native change only changes the dependency from distutils to packaging which results in: http://errors.yoctoproject.org/Errors/Details/754693/ gdbus-codegen \ --generate-c-code src/nm-fortisslvpn-pppd-service-dbus \ --c-namespace NMDBus \ --interface-prefix org.freedesktop.NetworkManager \ ../NetworkManager-fortisslvpn-1.4.0/src/nm-fortisslvpn-pppd-service.xml Traceback (most recent call last): File "TOPDIR/tmp-glibc/work/core2-64-oe-linux/networkmanager-fortisslvpn/1.4.0/recipe-sysroot-native/usr/bin/gdbus-codegen", line 53, in <module> from codegen import codegen_main File "TOPDIR/tmp-glibc/work/core2-64-oe-linux/networkmanager-fortisslvpn/1.4.0/recipe-sysroot-native/usr/share/glib-2.0/codegen/codegen_main.py", line 29, in <module> from . import dbustypes File "TOPDIR/tmp-glibc/work/core2-64-oe-linux/networkmanager-fortisslvpn/1.4.0/recipe-sysroot-native/usr/share/glib-2.0/codegen/dbustypes.py", line 22, in <module> from . import utils File "TOPDIR/tmp-glibc/work/core2-64-oe-linux/networkmanager-fortisslvpn/1.4.0/recipe-sysroot-native/usr/share/glib-2.0/codegen/utils.py", line 22, in <module> import packaging.version ModuleNotFoundError: No module named 'packaging' make: *** [Makefile:2081: src/nm-fortisslvpn-pppd-service-dbus.h] Error 1 * packaging probably isn't as wide spread on host distros as old distutils was, so make sure it's available by using python3-native with python3-packaging-native from OE build Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* snort3: fix snort.pcMartin Jansa2024-02-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | * fixes: ERROR: lib32-snort3-3+git-r0 do_populate_sysroot: QA Issue: snort.pc failed sanity test (tmpdir) in path lib32-snort3/3+git/sysroot-destdir/usr/lib/pkg * it's broken for non-multilib builds as well, the issue is that FLEX_CPPFLAGS points to native include dir, e.g. FLEX_CPPFLAGS=-I/OE/../lib32-snort3/3+git/recipe-sysroot-native/usr/include and the work around from: https://github.com/openembedded/meta-openembedded/commit/973647848049abda6f2adbee0189720109863731 sed -i "s#${RECIPE_SYSROOT}##g" ${D}${libdir}/pkgconfig/snort.pc strips the "/OE/../lib32-snort3/3+git/recipe-sysroot" part in non-multilib case, but leaves: FLEX_CPPFLAGS=-I-native/usr/include which is still wrong, but not detected by buildpaths QA check anymore and in multilib case, this didn't strip the first part because the target sysroot is: "/OE/../lib32-snort3/3+git/lib32-recipe-sysroot" so it didn't strip anything from native sysroot: "/OE/../lib32-snort3/3+git/recipe-sysroot-native" Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* snort3: drop SRCPV from PVMartin Jansa2024-02-261-1/+1
| | | | | | | | * as other recipes did in: https://git.openembedded.org/meta-openembedded/commit/?id=21f956598ddb1bb08855fbc9a3293acf957154d1 Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* snort3: Fix contains reference to TMPDIR [buildpaths] warningsKhem Raj2024-02-212-2/+38
| | | | | | | | | Fixes WARNING: snort3-3+git-r0 do_package_qa: QA Issue: File /usr/lib/pkgconfig/snort.pc in package snort3-dev contains reference to TMPDIR [buildpaths] WARNING: snort3-3+git-r0 do_package_qa: QA Issue: File /usr/src/debug/snort3/3+git/src/js_norm/pdf_tokenizer.cc in package snort3-src contains reference to TMPDIR File /usr/src/debug/snort3/3+git/src/js_norm/js_tokenizer.cc in package snort3-src contains reference to TMPDIR [buildpaths] Signed-off-by: Khem Raj <raj.khem@gmail.com>
* snort: Do not use llvm libunwindKhem Raj2024-02-212-1/+35
| | | | | | | If llvm unwind is present then disable unwinding support since it will not have all unw_* functions eg. unw_strerror Signed-off-by: Khem Raj <raj.khem@gmail.com>
* snort: add snort3 initial recipeKhawaja Shaheryar2024-02-211-0/+34
| | | | | | | | I am adding this recipe as snort2 is legacy now. See more: https://github.com/snort3/snort3 Signed-off-by: Khawaja Shaheryar <behzadshaheryar@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libdaq: add recipeKhawaja Shaheryar2024-02-212-0/+50
| | | | | | | | | I am adding this recipe as snort3 depends on it. snort3 recipe will be provided in next commit. See more: https://github.com/snort3/libdaq Signed-off-by: Khawaja Shaheryar <behzadshaheryar@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ot-br-posix: Limit vla-cxx-extension option to clang >= 18Khem Raj2024-02-101-1/+1
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ot-br-posix: upgrade to latest trunkKhem Raj2024-02-096-38/+56
| | | | | | Fix build with clang and drop unneeded patch for unused variable 'i' Signed-off-by: Khem Raj <raj.khem@gmail.com>
* recipes: drop ${SRCPV} usageMartin Jansa2024-02-096-6/+6
| | | | | | | | | | * Drop SRCPV similarly like oe-core did in: https://git.openembedded.org/openembedded-core/commit/?h=nanbield&id=843f82a246a535c353e08072f252d1dc78217872 * SRCPV is deferred now from PV to PKGV since: https://git.openembedded.org/openembedded-core/commit/?h=nanbield&id=a8e7b0f932b9ea69b3a218fca18041676c65aba0 Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
* nanomsg: upgrade 1.2 -> 1.2.1Wang Mingyu2024-02-091-1/+1
| | | | | | | | | | Changelog: =========== -Fixed #1105 which caused a SIGBUS on some some platforms due misaligned accesses. -Fixed a problem when using absolute CMake target directories. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mbedtls: upgrade 2.28.4 -> 2.28.7Beniamin Sandu2024-02-091-3/+3
| | | | | | | | | | | | | | | Includes security fixes for: CVE-2023-43615 - Buffer overread in TLS stream cipher suites CVE-2024-23170 - Timing side channel in private key RSA operations CVE-2024-23775 - Buffer overflow in mbedtls_x509_set_extension() Other changes: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.5 License updated to dual Apache-2.0 OR GPL-2.0-or-later. Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mbedtls: upgrade 3.5.1 -> 3.5.2Beniamin Sandu2024-02-091-1/+1
| | | | | | | | * Includes security fix for CVE-2024-23170 - Timing side channel in private key RSA operations * Includes security fix for CVE-2024-23775 - Buffer overflow in mbedtls_x509_set_extension() Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: upgrade 4.19.3 -> 4.19.4Yi Zhao2024-01-191-1/+1
| | | | | | | | Release Notes: https://www.samba.org/samba/history/samba-4.19.4.html Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* adcli: use https protocol for fetchingalperak2024-01-131-1/+1
| | | | | Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* daq: Fix install conflict when enable multilib.Wang Mingyu2024-01-091-1/+2
| | | | | | | | | | | | | | | | | | | Error: Transaction test error: file /usr/bin/daq-modules-config conflicts between attempted installs of lib32-daq-2.0.7-r0.armv7ahf_neon and daq-2.0.7-r0.cortexa57 The differences of daq-modules-config are as follows: @@ -7,7 +7,7 @@ prefix=/usr exec_prefix=/usr -LIBDIR=/usr/lib64 +LIBDIR=/usr/lib STATIC_LIBS=" -lsfbpf -lpcap -lsfbpf -lnfnetlink -lnetfilter_queue -lsfbpf -lpcap -ldnet" static=0 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wolfssl: upgrade 5.6.4 -> 5.6.6Wang Mingyu2024-01-081-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: upgrade 4.18.9 -> 4.19.3Yi Zhao2024-01-0810-49/+57
| | | | | | | | | | | | | | | According to samba release planning[1], 4.18 is already in maintenance mode and will be EOL in Sep 2024. Upgrade to current stable release 4.19. Release Notes https://www.samba.org/samba/history/samba-4.19.0.html https://www.samba.org/samba/history/samba-4.19.3.html [1] https://wiki.samba.org/index.php/Samba_Release_Planning Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: upgrade 4.18.8 -> 4.18.9Yi Zhao2023-12-291-1/+1
| | | | | | | | | | | | | | | | This is the latest stable release of the Samba 4.18 release series. It contains the security-relevant bugfix CVE-2018-14628: Wrong ntSecurityDescriptor values for "CN=Deleted Objects" allow read of object tombstones over LDAP (Administrator action required!) https://www.samba.org/samba/security/CVE-2018-14628.html Release Notes: https://www.samba.org/samba/history/samba-4.18.9.html Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: drop libnewt dependencyDmitry Baryshkov2023-12-291-1/+0
| | | | | | | | | With the nmtui being now handled via tha PACKAGECONFIG, there is no need for the global libnewt dependency, PACKAGECONFIG["nmtui"] handles it correctrly. Drop the libnewt from DEPENDS list. Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* bearssl: Upgrade to latestAlex Kiernan2023-12-293-100/+16
| | | | | | | | | | | | | | | | | | Install headers so that dependencies can use this to build against. Make `brssl` executable, fixup library soname. Drop patches which change build flags in favour of command line overrides. Add support for static build. Changes: Thomas Pornin (4): Added generic API for date range validation (with callbacks). Fixed RSA PSS verificatiobn bug (when hash_len != salt_len). Added macro that indicates presence of the time callback feature. Also added C++ compatibility. Fixed spurious warning about old-style prototype. Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: fix some missing pkgconfigThomas Perrot2023-12-211-0/+3
| | | | | | | | | | | - to build and package nmtui - to automatically append networkmanager-adsl and networkmanager-wwan in recommended packages. - to fix an invalid-packageconfig QA issue that is raised when adsl and wwan are added in pkgconfig. Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mbedtls: Upgrade 3.5.0 -> 3.5.1Alex Kiernan2023-12-181-4/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | Use canonical URL, add UPSTREAM_CHECK_GITTAGREGEX. Changes: Dave Rodgman (12): Header updates Fix some non-standard headers Update documentation Add Changelog for license Update license for p256-m README improvements to 3rdparty section assemble Changelog Fix typos in changelog Bump version Update BRANCHES Update Changelog with bugfix entry Add docs re Everest license David Horstmann (1): Fix 3rdparty target names for custom config License-update: Upstream clarified licensing as dual Apache-2.0 or GPL-2.0 or later Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: add missing modemmanager rdependsThomas Perrot2023-12-181-1/+1
| | | | | | | Fix rdepends with modemmanager PACKAGECONFIG enabled. Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: Improved SUMMARY and added DESCRIPTIONWilliam Lyu2023-12-141-1/+12
| | | | | | | | The SUMMARY and DESCRIPTION are taken from Arch Linux wiki page: https://wiki.archlinux.org/title/NetworkManager Signed-off-by: William Lyu <William.Lyu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* freeradius: make sub packages to runtime depends on freeradiusHongxu Jia2023-11-281-0/+7
| | | | | | | | | | | | | | | | | Otherwise install packages reported warning at do_rootfs ...log.do_rootfs... Installing : freeradius-ldap-3.0.26-r0.corei7_64 1235/1236 warning: user radiusd does not exist - using root warning: group radiusd does not exist - using root Installing : freeradius-krb5-3.0.26-r0.corei7_64 1236/1236 warning: user radiusd does not exist - using root ...log.do_rootfs... The user/group radiusd is added by package freeradius, explicitly made the sub packages to runtime depends on freeradius Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cannelloni: Fix build with clang and libc++ runtimeKhem Raj2023-11-132-1/+40
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openfortivpn: upgrade 1.20.5 -> 1.21.0alperak2023-11-121-1/+1
| | | | | | | | | | | | Changelog: * fix "Peer refused to agree to his IP address" message, again * deprecate option --plugin * better masking of password in logs * break on reading 0 from ppp pty, for non-Linux systems Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libdnet: upgrade 1.16.3 -> 1.17.0alperak2023-11-123-70/+3
| | | | | | | | | | | | Patches removed because fixed in the new version. Changelog: - Various fixes around the build process (esp. cmake support + string.h include fixes) - Stronger cmake support, updated autotools and a few smaller fixes. Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* civetweb: upgrade 1.12 -> 1.16alperak2023-11-121-3/+4
| | | | | | | | | | | | | | | | | | | ========================= - Added "-DCIVETWEB_SSL_OPENSSL_API_3_0=ON" because of following error: civetweb.c:1561:2: error: #error "Please define OPENSSL_API_#_# or USE_MBEDTLS" You may also want to check out the available CMake options here: https://github.com/civetweb/civetweb/blob/d7ba35bbb649209c66e582d5a0244ba988a15159/CMakeLists.txt ========================= Changelog: https://github.com/civetweb/civetweb/blob/d7ba35bbb649209c66e582d5a0244ba988a15159/RELEASE_NOTES.md Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cannelloni: upgrade 1.0.0 -> 1.1.0alperak2023-11-121-1/+1
| | | | | | | | | | | | | Changelog: - Typo fix in cannelloni.h - workflows: add nix-test.yml - Add TCP mode - No peer checking - Add -Wall switch and fix all warnings Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* meta-networking: Use autotools make systemKhem Raj2023-11-123-0/+3
| | | | | | OE-core is switching to default to meson for gnome recipes Signed-off-by: Khem Raj <raj.khem@gmail.com>
* drop GNOMEBASEBUILDCLASS = "meson"Markus Volk2023-11-111-1/+0
| | | | | | It is set to meson by default Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wolfssl: upgrade 5.5.4 -> 5.6.4Khem Raj2023-11-061-1/+1
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nng: upgrade 1.5.2 -> 12Khem Raj2023-11-061-0/+0
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mbedtls: upgrade 3.4.1 -> 3.5.0Beniamin Sandu2023-10-304-70/+89
| | | | | | | | | | | | | * Includes security fix for CVE-2023-43615 - Buffer overread in TLS stream cipher suites * Includes security fix for CVE-2023-45199 - Buffer overflow in TLS handshake parsing with ECDH * Includes aesce compilation fixes Full changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.5.0 The extra patch fixes x86 32-bit builds. Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* network-manager-applet,networkmanager-openvpn, networkmanager: Apply linker ↵Khem Raj2023-10-283-2/+2
| | | | | | | | | versioning patch when using lld only This patch caused GNU linker to fail linking, therefore limit it to just lld. Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mosquitto: Support building for native againPeter Kjellerstedt2023-10-261-0/+2
| | | | | | | | | | Support for building from native was removed in commit e1b332f2e (meta-networking: Drop broken BBCLASSEXTEND variants), most likely due to no support for building libwebsockets-native. That support has now been added, so it is now possible to build mosquitto-native again. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* meta-networking: Drop broken BBCLASSEXTEND variantsRichard Purdie2023-10-241-2/+0
| | | | | | | | | | | | | | | | | | The command "bitbake universe -c fetch" currently throws a ton of warnings as there are many 'impossible' dependencies. In some cases these variants may never have worked and were just added by copy and paste of recipes. In some cases they once clearly did work but became broken somewhere along the way. Users may also be carrying local bbappend files which add further BBCLASSEXTEND. Having universe fetch work without warnings is desireable so clean up the broken variants. Anyone actually needing something dropped here can propose adding it and the correct functional dependencies back quite easily. This also then ensures we're not carrying or fixing things nobody uses. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba.bb : Disable ad-dc by defaultFabien Thomas2023-10-191-1/+1
| | | | | | | | | | | | When this feature is enabled by default in packageconfig this implies a dependency to python3-dnspython which is in meta-python. Disable ac-dc PACKAGECONFIG by default to avoid adding a layer dependency only for this feature. Signed-off-by: Fabien Thomas <fabien.thomas@smile.fr> Reviewed-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: use external cmocka instead of bundled cmockaYi Zhao2023-10-122-54/+2
| | | | | | | | Do not use bundled cmocka to get rid of bundled library libcmocka-samba4.so. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: upgrade 4.18.6 -> 4.18.8Yi Zhao2023-10-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a security release in order to address the following defects: CVE-2023-3961: Unsanitized pipe names allow SMB clients to connect as root to existing unix domain sockets on the file system. https://www.samba.org/samba/security/CVE-2023-3961.html CVE-2023-4091: SMB client can truncate files to 0 bytes by opening files with OVERWRITE disposition when using the acl_xattr Samba VFS module with the smb.conf setting "acl_xattr:ignore system acls = yes" https://www.samba.org/samba/security/CVE-2023-4091.html CVE-2023-4154: An RODC and a user with the GET_CHANGES right can view all attributes, including secrets and passwords. Additionally, the access check fails open on error conditions. https://www.samba.org/samba/security/CVE-2023-4154.html CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the server block for a user-defined amount of time, denying service. https://www.samba.org/samba/security/CVE-2023-42669.html CVE-2023-42670: Samba can be made to start multiple incompatible RPC listeners, disrupting service on the AD DC. https://www.samba.org/samba/security/CVE-2023-42670.html Release Notes: https://www.samba.org/samba/history/samba-4.18.8.html Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* recipes-connectivity: Add tayga recipePawel Langowski2023-10-044-0/+154
| | | | | | | Recipe for TAYGA - an out-of-kernel stateless NAT64 implementation for Linux Signed-off-by: Pawel Langowski <pawel.langowski@3mdeb.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* relayd: Fix build with clangKhem Raj2023-10-021-0/+2
| | | | | | GNU extention is now in use in 6.5 kernel headers sadly Signed-off-by: Khem Raj <raj.khem@gmail.com>
* relayd: Update to latest tip of trunkKhem Raj2023-10-022-38/+2
| | | | | | Drop the patch fixing an issue already addressed upstream Signed-off-by: Khem Raj <raj.khem@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-09-21 18:03:02 +0000