summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity
Commit message (Collapse)AuthorAgeFilesLines
* bind: fix CVE-2020-8616/7Lee Chee Yang2020-06-053-0/+237
| | | | | | | | | | | | fix CVE-2020-8616 and CVE-2020-8617 (From OE-Core rev: 8681058cce46b342c9895819e3a4bc0770934d86) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d0df831830e4c5f8df2343a45ea75c2ab4f57058) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi: Don't advertise example services by defaultPaul Barker2020-05-281-0/+5
| | | | | | | | | | | | | | | | The example service files are placed into /etc/avahi/services when we run `make install` for avahi. This results in ssh and sftp-ssh services being announced by default even if no ssh server is installed in an image. These example files should be moved away to another location such as /usr/share/doc/avahi (taking inspiration from Arch Linux). (From OE-Core rev: c88cf750f26f6786d6ba5b4f1f7e5d4f0c800e6e) Signed-off-by: Paul Barker <pbarker@konsulko.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: Include vpn-script in FILESAlejandro Hernandez2020-05-221-1/+2
| | | | | | | | | | | | | When vpnc support is included through PACKAGECONFIG, there is now an extra vpn-script coming after the atest upgrade, include that script into FILES so it gets packaged. (From OE-Core rev: 8587149c49dd8d1e1a0a0b5cf81e458bfa88547e) Signed-off-by: Alejandro Hernandez Samaniego <alejandro@enedino.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: upgrade 1.1.1f -> 1.1.1gJan Luebbe2020-05-071-1/+1
| | | | | | | | | | | This also fixes CVE-2020-1967. (From OE-Core rev: f0bd52e5b50a1742b767eefe0d9d67facbb6c53a) Signed-off-by: Jan Luebbe <jlu@pengutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "dhclient: not always skip the nfsroot interface"Mingli Yu2020-04-071-25/+1
| | | | | | | | | | | | | | | | | | | | | This reverts commit[27aec88 dhclient: not always skip the nfsroot interface] which used to address the IP address renew issue when boot a system in a nfsroot fs and altogether boot with ip=dhcp. But reported by some tester, the above commit introduces below issue when run ltp test on a nfsroot system which boot with ip=dhcp: nfs: server 192.168.100.1 not responding, still trying nfs: server 192.168.100.1 not responding, still trying [snip] So revert the above commit now to avoid blocking test. (From OE-Core rev: 5c172e0e8f8d02fe1dacec9d3574671baf9ad075) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: add RDEPENDS for dhcp-clientMingli Yu2020-04-021-0/+1
| | | | | | | | | | | | | Add iproute2 RDEPENDS for dhcp-client as /sbin/dhclient-systemd-wrapper which called by dhclient.service depends on ip command which provided by iproute2 package when systemd enabled in DISTRO_FEATURES. (From OE-Core rev: 0c91fcba446418ad1f71d3df9aa3b186bbd353c7) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhclient: not always skip the nfsroot interfaceMingli Yu2020-04-021-1/+25
| | | | | | | | | | | | Don't skip the nfsroot interface when use dhcp to get the address for nfsroot interface as the nfsroot interface may need dhclient to renew the lease. (From OE-Core rev: 27aec88c2ff4588acacadbe1cd61d7ce233fc817) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* inetutils: Use alternatives to avoid manpage conflictOvidiu Panait2020-04-021-1/+5
| | | | | | | | | | | | | | | Fix the following manpage conflicts: * check_data_file_clashes: Package inetutils-doc wants to install file /usr/share/man/man1/tftp.1 But that file is already provided by package * tftp-hpa-doc * check_data_file_clashes: Package inetutils-doc wants to install file /usr/share/man/man8/tftpd.8 But that file is already provided by package * tftp-hpa-doc * check_data_file_clashes: Package netkit-telnet-doc wants to install file /usr/share/man/man8/telnetd.8 But that file is already provided by package * inetutils-doc (From OE-Core rev: fc14bfd60ad86094f65ebefbd10dbddc112d2698) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: update to 1.1.1fAlexander Kanavin2020-04-011-1/+1
| | | | | | | | | | This also un-breaks python3 ptest which got broken with 1.1.1e update. (From OE-Core rev: b4ddf5b9d8cd769b7026663f93c8bc69b55d8cbf) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi: add LICENSE for individual packagesMatthew2020-03-291-0/+10
| | | | | | | | | | | | | Fixes [YOCTO #13609] avahi_0.7.bb defines 9 PACKAGES. However, avahi.inc generically sets LICENSE to "GPLv2+ & LGPLv2.1+". The library specific packages should be LGPLv2.1+ only. (From OE-Core rev: bd10fa54a94e9ae44defddae573ce67d33a11979) Signed-off-by: Matthew Zeng <matthew.zeng@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: fix do_package error when enable PACKAGECONFIG[nfsv4]Yi Zhao2020-03-241-4/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: ERROR: nfs-utils-2.4.3-r0 do_package: QA Issue: nfs-utils: Files/directories were installed but not shipped in any package: /usr/lib/libnfsidmap/nsswitch.so /usr/lib/libnfsidmap/static.so Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install. nfs-utils: 2 installed and not shipped files. [installed-vs-shipped] Add rdep on python3-core for PACKAGECONFIG[nfsv4] to fix: ERROR: nfs-utils-2.4.3-r0 do_package_qa: QA Issue: /usr/sbin/clddb-tool contained in package nfs-utils requires /usr/bin/python3, but no providers found in RDEPENDS_nfs-utils? [file-rdeps] Add rdep on libdevmapper for PACKAGECONFIG[nfsv41] to fix: ERROR: nfs-utils-2.4.3-r0 do_package_qa: QA Issue: /usr/sbin/blkmapd contained in package nfs-utils requires libdevmapper.so.1.02()(64bit), but no providers found in RDEPENDS_nfs-utils? [file-rdeps] (From OE-Core rev: 17b44d51eaf71ae6d04034454dcb68f508b85258) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Upgrade 1.1.1d -> 1.1.1eAdrian Bunk2020-03-242-761/+1
| | | | | | | | | Backported patch removed. (From OE-Core rev: 710bc0f8544f54750c8fb7b8affa243932927a24) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: upgrade 5.53 -> 5.54Wang Mingyu2020-03-214-182/+2
| | | | | | | | | | | CVE-2020-0556-1.patch CVE-2020-0556-2.patch removed since they are included in 5.54 (From OE-Core rev: 5552caed72169d397ce0bdf436216ec320a29751) Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez: fix CVE-2020-0556Anuj Mittal2020-03-133-0/+180
| | | | | | | | | | | | | | | | It was discovered that BlueZ's HID and HOGP profiles implementations don't specifically require bonding between the device and the host. This creates an opportunity for an malicious device to connect to a target host to either impersonate an existing HID device without security or to cause an SDP or GATT service discovery to take place which would allow HID reports to be injected to the input subsystem from a non-bonded source. (From OE-Core rev: d598f8eee0741148416e8660e10c716654205cb5) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix perl shebang in c_rehashMartin Jansa2020-03-081-1/+1
| | | | | | | | | | | | | | | | | | | | | | | * passing PERL=perl breaks c_rehash calls from dash (works fine with bash) dash doesn't like #!perl shebang PERL="/usr/bin/env perl" unfortunately just passing PERL like this doesn't pass do_configure: Creating Makefile sh: 1: /usr/bin/env perl: not found WARNING: exit code 1 from a shell command. But passing it as: HASHBANGPERL="/usr/bin/env perl" PERL=perl seems to work. (From OE-Core rev: 79350826396a882d115caafd88b0a49c91a4fa6c) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: recommend cryptodev-module for corresponding PACKAGECONFIGDenys Dmytriyenko2020-03-081-1/+1
| | | | | | | (From OE-Core rev: 57fcf9b517fe95e871122946cb99fe7fa9fd2e26) Signed-off-by: Denys Dmytriyenko <denys@ti.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: pass PERL=perl environment variable to configuratorRuslan Bilovol2020-03-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | In our build environment we use wrapper script for perl in non-standard configuration with extra variables set (provided by custom buildtools-tarball). In this case openssl fails to build because by default it's Configure script detects and uses perl executable directly (with absolute path) obviously missing extra settings from wrapper script. Pass PERL=perl environment variable to Configure, so it won't try to use perl executable directly but will use what is provided from environment. (From OE-Core rev: 2b087fef6820da8a6d86ca763bd7730dcac30849) Signed-off-by: Ruslan Bilovol <rbilovol@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: upgrade 5.52 -> 5.53Anuj Mittal2020-02-211-2/+2
| | | | | | | (From OE-Core rev: 1df5ece4ef6ef49bfeba83a2716ae4e2ce58d20e) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: upgrade 2.4.2 -> 2.4.3Wang Mingyu2020-02-213-47/+10
| | | | | | | | | | | | | 0001-Don-t-build-tools-with-CC_FOR_BUILD.patch Removed since it is included in 2.4.3. refresh the following patch: 0001-Makefile.am-fix-undefined-function-for-libnsm.a.patch (From OE-Core rev: fcaca33d458449379eeb2f99b613f8be1e6a44ce) Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iproute2: add devlink support to iproute2Scott Branden2020-02-211-11/+23
| | | | | | | | | Add devlink support to iproute2 recipe. (From OE-Core rev: 00cc9773505b2afd002f9b2d72330e517af97d0c) Signed-off-by: Scott Branden <scott.branden@broadcom.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Upgrade 8.1p1 -> 8.2p1Alex Kiernan2020-02-154-123/+2
| | | | | | | | | | | | | Drop backports from upstream: 0001-Manually-applied-upstream-fix-for-openssh-test.patch 0001-seccomp-Allow-clock_gettime64-in-sandbox.patch openssh-8.1p1-seccomp-nanosleep.patch (From OE-Core rev: c9b5802bbe1de609450f509edf4721ab0a7a70aa) Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: add mulitlib_header for platform.hJeremy A. Puhlman2020-02-151-1/+3
| | | | | | | (From OE-Core rev: cfaaeedcb634b68d0b20a05130fd582df660fef6) Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ppp: Security fix CVE-2020-8597Yi Zhao2020-02-142-0/+48
| | | | | | | | | | | | | | | | CVE-2020-8597: eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions. References: https://nvd.nist.gov/vuln/detail/CVE-2020-8597 Patch from: https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426 (From OE-Core rev: b01505e018ff46f1af34f98219d55f4ca700cd5a) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: upgrade 4.4.1 -> 4.4.2Wang Mingyu2020-02-084-153/+6
| | | | | | | | | | | | | | 0001-Fix-a-NSUPDATE-compiling-issue.patch 0001-master-Added-includes-of-new-BIND9-compatibility-hea.patch Removed since they are included in 4.4.2. refresh the following patch: 0004-Fix-out-of-tree-builds.patch (From OE-Core rev: d3c6f7e689a743fd060755eceb60353093013e84) Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Fix reproducibility issueRichard Purdie2020-02-082-0/+33
| | | | | | | | | | | There was a build architecture leaking into the target ptest which could vary depending upon host. Remove it as its cosmetic. [YOCTO #13770] (From OE-Core rev: 37db519eedb7eb5cd4f14d05f30f5d580aa7458d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* socat: upgrade 1.7.3.3 -> 1.7.3.4Alexander Kanavin2020-02-031-2/+2
| | | | | | | (From OE-Core rev: 37b11d03bec508fa7428b6b0ed3a5f4ca2b7e65e) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iw: upgrade 5.3 -> 5.4Changhyeok Bae2020-02-022-10/+18
| | | | | | | (From OE-Core rev: 9b436d3c5625f1525a1c9e94886ff9f373ec7cf1) Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iproute2: upgrade 5.3.0 -> 5.5.0Changhyeok Bae2020-02-021-2/+2
| | | | | | | (From OE-Core rev: 90f670a9f389f497d5dc00c0d3f955f07cff5805) Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: add PACKAGECONFIG for the commandline clientRoss Burton2020-01-271-5/+3
| | | | | | | | | | | | | The client depends on readline which is GPLv3. Add a PACKAGECONFIG so users who don't need the client and are against GPLv3 can disable it. Also remove the explicit installation of the client in do_install_append, as the Makefile installs it now. (From OE-Core rev: 84b082be0a879153d9af8e093b6823d49c2621b8) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: explicitly skip unit testsAlexander Kanavin2020-01-211-0/+1
| | | | | | | | | | | These tests are already implicitly excluded by not being built. This change avoids a confusing failure-but-not-really printed by run-ptest. (From OE-Core rev: f3e27d8e23df37fb06f77af1583021f471dede51) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: applied upstream fix for "cert not yet valid" testMingde (Matthew) Zeng2020-01-212-0/+61
| | | | | | | | | | | | applied upstream fix for openssh's "cert not yet valid" test Upstream Status: Backport: https://github.com/openssh/openssh-portable/commit/ff31f15773ee173502eec4d7861ec56f26bba381 (From OE-Core rev: f0a949fe33da47fd0a587abb942ff60f0a56ed0d) Signed-off-by: Mingde (Matthew) Zeng<matthew.zeng@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Add powerpc64 LE supportKhem Raj2020-01-191-0/+3
| | | | | | | (From OE-Core rev: a77c76566dbffaccd2692e9110fca440c8eca53e) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Allow clock_nanosleep/clock_gettime64/clock_nanosleep_time64 syscallKhem Raj2020-01-103-0/+60
| | | | | | | | | Fixes connection denials with these syscalls being there on upcoming glibc 2.31 release (From OE-Core rev: 557d464de217cdf959aa275d20e7b155e4130ec7) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* resolvconf: update to 1.82Alexander Kanavin2020-01-101-3/+4
| | | | | | | | | Switch to git, as using debian snapshots makes automated upgrades impossible. (From OE-Core rev: 0e6b5151480cd03eb96deecc465f16958c41afa2) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: Drop unneeded patches, cmdline option overridesKhem Raj2020-01-023-44/+62
| | | | | | | | | | | | | | | | 0001-configure.ac-Do-not-fatalize-Wmissing-prototypes.patch is no longer needed disabling format warnings is no longer needed as well therefore remove it from recipe and address the warnings (if any in patches) Ensure that it can build with clang as well on the way via the new clang-warnings.patch patch (From OE-Core rev: c22726425a2554a65b17a9daac9350940b2ddd6b) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: Use -fcommon explicitlyKhem Raj2019-12-302-1/+3
| | | | | | | | | This is needed with gcc 10 (From OE-Core rev: 312e9fe3f047547df4c21c8e666cc9aa70e15347) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: update to 2.4.2Alexander Kanavin2019-12-284-391/+3
| | | | | | | | | | Drop backports, and a musl patch that is no longer needed. (From OE-Core rev: 91ab8c4ba830136116e2e9486898e683e32513d8) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libnss-dns: update to 0.14.1Alexander Kanavin2019-12-281-14/+6
| | | | | | | | | | Change SRC_URI to the new location, drop no longer supported/unneeded options. (From OE-Core rev: 7df632664b94d2b5df6e8734937eaefb91e6ff18) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix CVE-2019-1551Anuj Mittal2019-12-162-0/+759
| | | | | | | (From OE-Core rev: 7a8165e0d833bc64c824fa2aee2ddad21d866675) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: update kernel module RRECOMMENDS for kernel >= v4.19André Draszik2019-12-161-1/+1
| | | | | | | | | | | | | | | | nf_tables_inet.ko and nf_tables_ipv4.ko and nf_tables_ipv6.o (and nf_tables_arp.ko and nf_tables_netdev.ko) were merged into the core nf_tables.ko before v4.17 in kernel commit 02c7b25e5f54 netfilter: nf_tables: build-in filter chain type nf_meta.ko was merged to be a builtin of nf_tables.ko before v4.18 in kernel commit 8a22543c8e70 netfilter: nf_tables: make meta expression builtin (From OE-Core rev: 98715c9dc8dd925cffce9bd5d57172206d1e2a7b) Signed-off-by: André Draszik <git@andred.net> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: disable debug output in ptestsAlexander Kanavin2019-12-151-1/+1
| | | | | | | | | | This makes the log very large and breaks the ptest result parser. (From OE-Core rev: 78221af4c0297e0278c042eed390ad0e53f2548a) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez: update 5.50 -> 5.52Alexander Kanavin2019-12-159-982/+16
| | | | | | | | | | | | | Drop a big pile of backports. Disable zsh completions, as they're unlikely to be useful. (From OE-Core rev: dad8cd50bcc4203a65d153dc2445502c1e728975) (From OE-Core rev: 1a31a31a3bd68f027ba0a13f8e66ce92104a4d4c) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "bluez: update 5.50 -> 5.52"Richard Purdie2019-12-109-16/+982
| | | | | | | | | This reverts commit dad8cd50bcc4203a65d153dc2445502c1e728975. It is causing performance problems in ptest, taking hours (~18) to parse the ptest runner logs. Log output increased from ~4MB to ~65MB. Revert until we can deal with the performance issue. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Whitelist CVE-2019-0190Adrian Bunk2019-12-091-0/+4
| | | | | | | | | This is only a problem with older Apache versions. (From OE-Core rev: 492d43296b15514ec72dfb15f37c6d2ab1fbbae3) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez: update 5.50 -> 5.52Alexander Kanavin2019-12-099-982/+16
| | | | | | | | | | | Drop a big pile of backports. Disable zsh completions, as they're unlikely to be useful. (From OE-Core rev: dad8cd50bcc4203a65d153dc2445502c1e728975) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Upgrade 8.0p1 -> 8.1p1Alex Kiernan2019-12-062-45/+10
| | | | | | | | | | | | Drop upstream backport of integer overflow in XMSS private key parsing. Add PACKAGECONFIG for kerberos, libedit and ldns. If api-documentation is enabled then install man(7) manpages rather than catman pages. License-Update: convert to UTF-8 (From OE-Core rev: b084fa095800c090389b9c00d66f109d7cd11455) Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: update 9.11.5-P4 -> 9.11.13Alexander Kanavin2019-12-0413-2799/+20
| | | | | | | | | | | | | | Drop backports. Drop 0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch and 0001-lib-dns-gen.c-fix-too-long-error.patch as problem is fixed upstream. (From OE-Core rev: 6965ec5c491e71d5951dfb58fc060bd0b717e33d) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Whitelist CVE-2019-6470Adrian Bunk2019-11-211-0/+4
| | | | | | | (From OE-Core rev: ad4318b6501b3d724365bf95015850022441518e) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* distro_features_check: expand with MACHINE_FEATURES and COMBINED_FEATURES, ↵Denys Dmytriyenko2019-11-213-3/+3
| | | | | | | | | | | | | | | | rename Besides checking DISTRO_FEATURES for required or conflicting features, being able to check MACHINE_FEATURES and/or COMBINED_FEATURES may also be useful at times. Temporarily support the old class name with a warning about future deprecation. (From OE-Core rev: 5f4875b950ce199e91f99c8e945a0c709166dc14) Signed-off-by: Denys Dmytriyenko <denys@ti.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: Workaround busybox limitation in Linux dhclient-scriptHaris Okanovic2019-11-142-0/+66
| | | | | | | | | | | | | | | Busybox's implementation of chown and chmod doesn't provide a "--reference" option used in the latest version of dhclient-script. This change works around that limitation by using stat to read ownership and permissions flags and simple chown/chmod calls supported in both coreutils and busybox. Patch submitted upstream to ISC, tracked as bug 48771. (From OE-Core rev: a311013e1fd0e7b874dfe11bb3cdf4839cd91c9f) Signed-off-by: Haris Okanovic <haris.okanovic@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-06 23:45:43 +0000