summaryrefslogtreecommitdiffstats
path: root/meta-networking
Commit message (Collapse)AuthorAgeFilesLines
* openipmi: update 2.0.32 -> 2.0.34Alexander Kanavin2023-12-317-109/+16
| | | | | | | | | | This resolves dependency on removed python distutils in particular. openipmi-remove-host-path-from-la_LDFLAGS.patch is removed as issue is fixed upstream. Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wireshark: update 4.0.10 -> 4.2.0Alexander Kanavin2023-12-316-148/+73
| | | | | | | This resolves python 3.12 issues. Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* system-config-printer: rely on setuptools to obtain distutils copyAlexander Kanavin2023-12-311-1/+1
| | | | | Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: upgrade 4.18.8 -> 4.18.9Yi Zhao2023-12-291-1/+1
| | | | | | | | | | | | | | | | This is the latest stable release of the Samba 4.18 release series. It contains the security-relevant bugfix CVE-2018-14628: Wrong ntSecurityDescriptor values for "CN=Deleted Objects" allow read of object tombstones over LDAP (Administrator action required!) https://www.samba.org/samba/security/CVE-2018-14628.html Release Notes: https://www.samba.org/samba/history/samba-4.18.9.html Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: drop libnewt dependencyDmitry Baryshkov2023-12-291-1/+0
| | | | | | | | | With the nmtui being now handled via tha PACKAGECONFIG, there is no need for the global libnewt dependency, PACKAGECONFIG["nmtui"] handles it correctrly. Drop the libnewt from DEPENDS list. Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* uftp: upgrade 5.0.2 -> 5.0.3Wang Mingyu2023-12-291-1/+1
| | | | | | | | | | Changelog: =========== -A memory leak fix in the prior version wasn't applied correctly, resulting in an invalid memory access causing a crash. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* bearssl: Upgrade to latestAlex Kiernan2023-12-293-100/+16
| | | | | | | | | | | | | | | | | | Install headers so that dependencies can use this to build against. Make `brssl` executable, fixup library soname. Drop patches which change build flags in favour of command line overrides. Add support for static build. Changes: Thomas Pornin (4): Added generic API for date range validation (with callbacks). Fixed RSA PSS verificatiobn bug (when hash_len != salt_len). Added macro that indicates presence of the time callback feature. Also added C++ compatibility. Fixed spurious warning about old-style prototype. Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* open-vm-tools: upgrade 12.1.5 -> 12.3.5Yi Zhao2023-12-2717-227/+67
| | | | | | | | | | Release Notes: https://github.com/vmware/open-vm-tools/blob/stable-12.3.5/ReleaseNotes.md ChangeLog: https://github.com/vmware/open-vm-tools/blob/stable-12.3.5/open-vm-tools/ChangeLog Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: fix some missing pkgconfigThomas Perrot2023-12-211-0/+3
| | | | | | | | | | | - to build and package nmtui - to automatically append networkmanager-adsl and networkmanager-wwan in recommended packages. - to fix an invalid-packageconfig QA issue that is raised when adsl and wwan are added in pkgconfig. Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mdns: Upgrade 2200.40.37.0.1 -> 2200.60.25.0.4Alex Kiernan2023-12-211-1/+1
| | | | | Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mbedtls: Upgrade 3.5.0 -> 3.5.1Alex Kiernan2023-12-181-4/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | Use canonical URL, add UPSTREAM_CHECK_GITTAGREGEX. Changes: Dave Rodgman (12): Header updates Fix some non-standard headers Update documentation Add Changelog for license Update license for p256-m README improvements to 3rdparty section assemble Changelog Fix typos in changelog Bump version Update BRANCHES Update Changelog with bugfix entry Add docs re Everest license David Horstmann (1): Fix 3rdparty target names for custom config License-update: Upstream clarified licensing as dual Apache-2.0 or GPL-2.0 or later Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mdns: Fix HOMEPAGE URLAlex Kiernan2023-12-181-1/+1
| | | | | | | The Apple Bonjour homepage has moved. Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* strongswan: upgrade 5.9.12 -> 5.9.13Wang Mingyu2023-12-181-1/+1
| | | | | | | | | | | Changelog: - Fixes a regression with handling OCSP error responses and adds a new option to specify the length of nonces in OCSP requests. Also adds some other improvements for OCSP handling and fuzzers for OCSP requests/responses. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: add missing modemmanager rdependsThomas Perrot2023-12-181-1/+1
| | | | | | | Fix rdepends with modemmanager PACKAGECONFIG enabled. Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ifenslave: upgrade 2.13 -> 2.14Wang Mingyu2023-12-181-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: Improved SUMMARY and added DESCRIPTIONWilliam Lyu2023-12-141-1/+12
| | | | | | | | The SUMMARY and DESCRIPTION are taken from Arch Linux wiki page: https://wiki.archlinux.org/title/NetworkManager Signed-off-by: William Lyu <William.Lyu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* pgpool2: use autotools-brokensep instead of setting Balperak2023-12-121-2/+2
| | | | | Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* spice-gtk: Set meson version based on PVMarkus Volk2023-11-291-0/+4
| | | | | | | This fixes build for gnome-boxes Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* spice: Set meson version based on PVMarkus Volk2023-11-291-0/+4
| | | | | | | | | | | | | This fixes: | Dependency spice-server found: NO found UNKNOWN but need: '>=0.14.0' | Run-time dependency spice-server found: NO | | ../qemu-8.1.2/meson.build:1038:10: ERROR: Dependency lookup for spice-server with method 'pkgconfig' failed: Invalid version, need 'spice-server' ['>=0.14.0'] found 'UNKNOWN'. Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libcacard: set meson version based on PVMarkus Volk2023-11-292-38/+5
| | | | | Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* squid: add systemd servicePatrick Wicki2023-11-291-1/+12
| | | | | | | Integrate the upstream unit file into the recipe. Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* squid: add url-rewrite-helpers packageconfigPatrick Wicki2023-11-291-1/+2
| | | | | Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* squid: move configs to sub packagePatrick Wicki2023-11-291-2/+6
| | | | | | | | Move the config files to a separate squid-conf package. This allows shipping new configs via a custom conf package. Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* squid: add auth packageconfigPatrick Wicki2023-11-291-4/+7
| | | | | | | | | Introduce PACKAGECONFIG[auth] and pin the dependencies to it. This allows building squid without authentication support and all its related dependencies. Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* squid: add nm dispatcher reload hookPatrick Wicki2023-11-292-0/+15
| | | | | | | | | | This enables the networkmanager dispatcher to reload squid automatically on network changes. This idea is from the Fedora package where they do the same: https://src.fedoraproject.org/rpms/squid/blob/rawhide/f/squid.spec#_207 Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* squid: update from v5.7 to v6.5Patrick Wicki2023-11-299-187/+110
| | | | | | | | | | | | | | | | | | | | | | | | | | Refresh patches and clean up ones that are no longer needed: * dlopen test was removed in b65d2165c5c250242764ed7cdac4540fba813dec * libxml2 variables were removed in 866a092dad01e58986a6e9ecb84ac89037a63e9a * squid-conf-tests no longer run at build time since cd3dc147bf8abc0225237ced865c6660fffcb63a Fix squid-conf-tests to allow running on target device. License change: Update year The version update eliminates the following CVEs: * CVE-2023-5824 (affected: <6.4) * CVE-2023-46724 (affected: >=3.3.0.1, <6.4) * CVE-2023-46728 (affected: <6.0.1) * CVE-2023-46846 (affected: >=2.6, <6.4) * CVE-2023-46847 (affected: >=3.2.0.1, <6.4) * CVE-2023-46848 (affected: >=5.0.3, <6.4) Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* frr: upgrade 9.0.1 -> 9.1Wang Mingyu2023-11-286-514/+2
| | | | | | | | | | | | 0001-tools-make-quiet-actually-suppress-output.patch CVE-2023-46752.patch CVE-2023-46753.patch CVE-2023-47234.patch CVE-2023-47235.patch removed since they're included in 9.1 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* freeradius: make sub packages to runtime depends on freeradiusHongxu Jia2023-11-281-0/+7
| | | | | | | | | | | | | | | | | Otherwise install packages reported warning at do_rootfs ...log.do_rootfs... Installing : freeradius-ldap-3.0.26-r0.corei7_64 1235/1236 warning: user radiusd does not exist - using root warning: group radiusd does not exist - using root Installing : freeradius-krb5-3.0.26-r0.corei7_64 1236/1236 warning: user radiusd does not exist - using root ...log.do_rootfs... The user/group radiusd is added by package freeradius, explicitly made the sub packages to runtime depends on freeradius Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* system-config-printer: Add packageconfig for polkitMarkus Volk2023-11-251-1/+2
| | | | | Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libcacard: fix version string in libcacard.pcMarkus Volk2023-11-232-1/+38
| | | | | Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libexosip2: package binaries in a separate packageCharles Perry2023-11-221-0/+3
| | | | | | | | Put sip_monitor, sip_reg and sip_storm in a separate libexosip2-tools package as they won't be needed most of the time. Signed-off-by: Charles Perry <charles.perry@savoirfairelinux.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libexosip2: add c-ares and openssl PACKAGECONFIGCharles Perry2023-11-221-0/+4
| | | | | | | They are enabled by default as libexosip2 works better with those. Signed-off-by: Charles Perry <charles.perry@savoirfairelinux.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* frr: fix CVEs CVE-2023-4675{2,3} and CVE-2023-4723{4,5}Jonas Gorski2023-11-225-0/+455
| | | | | | | | | | | | | | | | | Add patches fixing CVE CVE-2023-46752, CVE-2023-46753, CVE-2023-47234, and CVE-2023-47235 to FRR 9.0. Patch order is commit order, not CVE numerical order, to avoid fuzz / need for rebasing of the patches. References: https://nvd.nist.gov/vuln/detail/CVE-2023-46752 https://nvd.nist.gov/vuln/detail/CVE-2023-46753 https://nvd.nist.gov/vuln/detail/CVE-2023-47234 https://nvd.nist.gov/vuln/detail/CVE-2023-47235 Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* strongswan: upgrade 5.9.11 -> 5.9.12Wang Mingyu2023-11-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: ========== - Fixed a vulnerability in charon-tkm related to processing DH public values that can lead to a buffer overflow and potentially remote code execution. - The new `pki --ocsp` command produces OCSP responses based on certificate status information provided by plugins. - The cert-enroll script handles the initial enrollment of an X.509 host certificate with a PKI server via the EST or SCEP protocols. - The --priv argument for charon-cmd allows using any type of private key. - Support for nameConstraints of type iPAddress has been added (the openssl plugin previously didn't support nameConstraints at all). - SANs of type uniformResourceIdentifier can now be encoded in certificates. - Password-less PKCS#12 and PKCS#8 files are supported. - A new global option allows preventing peers from authenticating with trusted end-entity certificates (i.e. local certificates). - ECDSA public keys that encode curve parameters explicitly are now rejected by all plugins that support ECDSA. - charon-nm now actually uses the XFRM interfaces added with 5.9.10, it can also use the name in connection.interface-name. - The resolve plugin tries to maintain the order of installed DNS servers. - The kernel-libipsec plugin always installs routes even if no address is found in the local traffic selectors. - Increased the default receive buffer size for Netlink sockets to 8 MiB and simplified its configuration. - Copy the issuer's subjectKeyIdentifier as authorityKeyIdentifier instead of always generating a hash of the subjectPublicKey. - Fixed issues while reestablishing multiple CHILD_SAs (e.g. after a DPD timeout) that could cause a reqid to get assigned to multiple CHILD_SAs with unrelated traffic selectors. - Fixed a possible infinite loop issue in watcher_t and removed WATCHER_EXCEPT, instead callbacks are always invoked even if only errors are signaled. - Fixed a regression in the IKE_SA_INIT tracking code added with 5.9.6 when handling invalid messages. - Fixed adding the XFRMA_REPLAY_ESN_VAL attribute twice when updating SAs. - Correctly encode SPI from REKEY_SA notify in CHILD_SA_NOT_FOUND notify if CHILD_SA is not found during rekeying. - The testing environment is now based on Debian 12 (bookworm), by default. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* open62541: update to v1.3.8Johannes Kauffmann2023-11-211-1/+1
| | | | | Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ntpsec, net-snmp: drop ${PE}, ${PR} from /usr/src/debug pathsMartin Jansa2023-11-202-2/+2
| | | | | Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mdns: Upgrade 2200.0.8 -> 2200.40.37.0.1Alex Kiernan2023-11-1717-139/+100
| | | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* uftp: upgrade 5.0.1 -> 5.0.2Wang Mingyu2023-11-171-1/+1
| | | | | | | | | | Changelog: ========= -Fixed bug that caused crash when a CLIENT_KEY arrived out of order -Fixed option handling on Windows when an argument is missing Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openvpn: upgrade 2.6.6 -> 2.6.7Wang Mingyu2023-11-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: ============ dco: fix crash when --multihome is used with --proto tcp Mock openvpn_exece on win32 also for test_tls_crypt Add warning for the --show-groups command that some groups are missing Print peer temporary key details Add warning if a p2p NCP client connects to a p2mp server Remove openssl engine method for loading the key Remove saving initial frame code Double check that we do not use a freed buffer when freeing a session Fix using to_link buffer after freed GHA: do not trigger builds in openvpn-build anymore GHA: new workflow to submit scan to Coverity Scan service buffer: use memcpy in buf_catrunc vcpkg-ports/pkcs11-helper: Backport MinGW series from master to release/2.6 CMake: backport CMake buildsystem from master to release/2.6 Remove all traces of the previous MSVC build system doc: fix argument name in --route-delay documentation dns option: remove support for exclude-domains Warn user if INFO control command is too long dco-win: get driver version dco: warn if DATA_V1 packets are sent to userspace Make cert_data.h and test_cryptoapi/pkcs11.c MSVC compliant Log OpenSSL errors on failure to set certificate configure: disable engines if OPENSSL_NO_ENGINE is defined Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* unbound: upgrade 1.18.0 -> 1.19.0Beniamin Sandu2023-11-151-1/+1
| | | | | | | Full changelog: https://github.com/NLnetLabs/unbound/releases/tag/release-1.19.0 Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* pkggrp: drop netkitArmin Kuster2023-11-151-17/+0
| | | | | Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* README: drop netkit maintainerArmin Kuster2023-11-151-1/+0
| | | | | Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* MAINTANERS: drop netkitArmin Kuster2023-11-151-4/+0
| | | | | Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* netkit: Drop old and no upstreamArmin Kuster2023-11-1542-3596/+0
| | | | | Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* system-config-printer: Add cups to rdependsMarkus Volk2023-11-141-0/+1
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cannelloni: Fix build with clang and libc++ runtimeKhem Raj2023-11-132-1/+40
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openfortivpn: upgrade 1.20.5 -> 1.21.0alperak2023-11-121-1/+1
| | | | | | | | | | | | Changelog: * fix "Peer refused to agree to his IP address" message, again * deprecate option --plugin * better masking of password in logs * break on reading 0 from ppp pty, for non-Linux systems Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libdnet: upgrade 1.16.3 -> 1.17.0alperak2023-11-123-70/+3
| | | | | | | | | | | | Patches removed because fixed in the new version. Changelog: - Various fixes around the build process (esp. cmake support + string.h include fixes) - Stronger cmake support, updated autotools and a few smaller fixes. Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* civetweb: upgrade 1.12 -> 1.16alperak2023-11-121-3/+4
| | | | | | | | | | | | | | | | | | | ========================= - Added "-DCIVETWEB_SSL_OPENSSL_API_3_0=ON" because of following error: civetweb.c:1561:2: error: #error "Please define OPENSSL_API_#_# or USE_MBEDTLS" You may also want to check out the available CMake options here: https://github.com/civetweb/civetweb/blob/d7ba35bbb649209c66e582d5a0244ba988a15159/CMakeLists.txt ========================= Changelog: https://github.com/civetweb/civetweb/blob/d7ba35bbb649209c66e582d5a0244ba988a15159/RELEASE_NOTES.md Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cannelloni: upgrade 1.0.0 -> 1.1.0alperak2023-11-121-1/+1
| | | | | | | | | | | | | Changelog: - Typo fix in cannelloni.h - workflows: add nix-test.yml - Add TCP mode - No peer checking - Add -Wall switch and fix all warnings Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-17 06:35:29 +0000