| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-5107:
"The default configuration of OpenSSH through 6.1 enforces a fixed time limit
between establishing a TCP connection and completing a login, which makes it
easier for remote attackers to cause a denial of service (connection-slot
exhaustion) by periodically making many new TCP connections."
Integrate patches from upstream to enable "random early drop" by default./
(From OE-Core rev: 1d4f2d5ef65135e61d78ac0db90afe7f5d166d05)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
openssh: openssh's init fails to restart if sshd is not running
Because of "set -e", it's necessary to specify the -o (or --oknodo)
so that start-stop-daemon returns an exit status of 0 if no actions
are taken.
(From OE-Core rev: 7e44d2e8457c9c90932ce4f0fd95c67b74efb2e0)
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: 11c169a9b289b0412e512c37d380a99fd1630df5)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
It is considered good practice to use the build system provided
variables instead of directly specify hardcoded paths.
(From OE-Core rev: b7134e8f76026d15a5e35c6a2e5d77d5e48c2787)
Signed-off-by: Javier Martinez Canillas <javier@dowhile0.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: fbcda6eff010e0a39cc0145a514e7de99f475145)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: b417ced0573acde896332827bcc13b0f7c5bd9fe)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
LICENSE checksum changed due to a trivial difference in the credits
list.
(From OE-Core rev: ce1fc60b0044bccf6cf8432700d6c0b6f042dae2)
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: 59923e66e85471acdb70d72082a8906c69b17720)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: 47c7f5a6f022dca10ae63851c7d9c14ee06f0c0b)
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current sshd postinst and postrm scripts in the OpenSSH make the
package dependant of the adduser/addgroup scripts which may not be
available on all systems.
This patch replaces the sshd postinst and postrm scripts with proper
usage of the useradd and update-rc.d classes.
This patch had been modified from the previous proposed version to
use useradd long options for more clarity.
(From OE-Core rev: 6b7f399d595ef58e759dab211f4ece155119a680)
Signed-off-by: Julian Pidancet <julian.pidancet@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
* Starting with openssh-5.8p1, the server will default to a newer key
algorithm (ECDSA).
(From OE-Core rev: 998e3acf0d38007fde10f47f98b71192685e19b9)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
Adding configuration file "sshd" in /etc/pam.d/ for supporting pam.
(From OE-Core rev: 8279f771a482d890ad897971cba1d656fdcaefe9)
Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Nothing in the system actually uses the PROVIDES field for these
recipes, its usually the runtime packages that are used. We can
therefore remove the PROVIDES and hence quieten the associated
warnings from bitbake.
If these recipes do really need the PROVIDES, they would be better
as virtuals and adding that to MULTI_PROVIDER_WHITELIST.
(From OE-Core rev: 84f3ae92ab4345cc99b47e021ff960857f803d45)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As discussed on the mailing list, this variable isn't useful and if wanted
would be better implemented by distros using pn-X overrides.
This patch executes:
find . -regex ".*\.\(bb\|inc\)$" | xargs sed -i '/^PRIORITY = ".*"$/d'
against the tree removing the referenced. Thanks to Phil Blundell for
the command.
(From OE-Core rev: d122343362669c683acc4af295971a62cbc823fc)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
LICENCE checksum updated due to a one-line change in the file (RedHat
was added as a copyright holder).
(From OE-Core rev: 969cdde4541819ef5123a77391d870843aff0b55)
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
for the following recipes:
pcmciautils openssl udev apt gdm
(From OE-Core rev: 552c9fa44c2a2bb94bcf83bff802773265a35a27)
Signed-off-by: Qing He <qing.he@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
This is 1259e0289ce53198cc6c57a9616c8a1623be502a in OE.
[RP: Added PR bump]
(From OE-Core rev: 49e8503acb8424979b12ec6b5ea17421a1edc80c)
Signed-off-by: Tom Rini <tom_rini@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add Upstream-Status tag to patches for the following recipes:
openssh
dbus-glib
expat
opensp
sgml-common
at
cpio (GPLv3 version)
libpam
icu
(From OE-Core rev: 0702602332ad63c2cfaa207516497bb0b75bfdf3)
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
This allows the openssh meta-package to be used in the
poky-ssh task. Otherwise there will be no package named
openssh to install during image creation.
(From OE-Core rev: 9f4747a1e7e04e0b08b7b402bd8dd7cf8ccd0166)
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
[BUGID #281]
Evaluate and update each package in recipes-connectivity to ensure they
have a consistent summary and description.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
|
OpenSSH v5.6p1, derived from OpenEmbedded's recipe.
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
|