summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity
Commit message (Collapse)AuthorAgeFilesLines
* openssl: Security fix CVE-2016-8610Armin Kuster2017-02-102-0/+125
| | | | | | | | | | | affects openssl < 1.0.2i (From OE-Core rev: 0256b61cdafe540edb3cec2a34429e24b037cfae) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* bind: fix two CVEsZheng Ruoqin2016-11-083-0/+215
| | | | | | | | | | | | | | | | | | Add two CVE patches from upstream git: https://www.isc.org/git/ 1.CVE-2016-2775.patch 2.CVE-2016-2776.patch (From OE-Core rev: 5f4588d675e400f13bb6001df04790c867a95230) (From OE-Core rev: ecc0a8ba077305c51804fd7bc287758b43420a76) Signed-off-by: zhengruoqin <zhengrq.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Security fix CVE-2016-6306Armin Kuster2016-09-272-0/+72
| | | | | | | | | affects openssl < 1.0.1i (From OE-Core rev: 378e58a93127cbf7c330aa1ae4df9a96681bc410) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Security fix CVE-2016-6304Armin Kuster2016-09-272-0/+76
| | | | | | | | | affects openssl < 1.0.1i (From OE-Core rev: ae1db7aea891978e42e5205d2ffc93c16703134c) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Security fix CVE-2016-6303Armin Kuster2016-09-272-0/+37
| | | | | | | | | affects openssl < 1.0.1i (From OE-Core rev: bb812836c2c8d89da54d905b65487a9f1acd5f3c) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Security fix CVE-2016-6302Armin Kuster2016-09-272-0/+54
| | | | | | | | | affects openssl < 1.0.1i (From OE-Core rev: 6d26328bd1d950ddc5ca1cda47da4b8f3d432a1e) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Security fix CVE-2016-2182Armin Kuster2016-09-272-0/+71
| | | | | | | | | affects openssl < 1.0.1i (From OE-Core rev: 4be4162d5a03af6a20adc2314575e4d0baa5337a) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Security fix CVE-2016-2181Armin Kuster2016-09-274-0/+363
| | | | | | | | | affects openssl < 1.0.1i (From OE-Core rev: 401f3ccd509d012c4b048eb9fcb5d0f4ab5cc7d2) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Security fix CVE-2016-2180Armin Kuster2016-09-272-0/+45
| | | | | | | | | affects openssl < 1.0.1i (From OE-Core rev: 94b44f40fb52f642eeab1211bd5fc57ceba29f7e) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Security fix CVE-2016-2179Armin Kuster2016-09-272-0/+256
| | | | | | | | | affects openssl < 1.0.1i (From OE-Core rev: 8eb58cf801a26ec17dfc67bae2881f0fc03ea49b) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Security fix CVE-2016-2178Armin Kuster2016-09-272-0/+55
| | | | | | | | | affects openssl < 1.0.2i (From OE-Core rev: 2752dba61da730ccd914b7720490754a476d1024) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa_supplicant: Security Advisory-CVE-2016-4477Zhixiong Chi2016-09-274-0/+178
| | | | | | | | | | | | | | | | | Add CVE-2016-4477 patch for avoiding \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation. Patches came from http://w1.fi/security/2016-1/ (From OE-Core rev: d4d4ed5f31c687b2b2b716ff0fb8ca6c7aa29853) (From OE-Core rev: 9db41b45beae7224ba928f9267046f1b6a8288a0) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa_supplicant: Security Advisory-CVE-2016-4476Zhixiong Chi2016-09-273-0/+174
| | | | | | | | | | | | | | | | | Add CVE-2016-4476 patch for avoiding \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation. Patches came from http://w1.fi/security/2016-1/ (From OE-Core rev: ed610b68f7e19644c89d7131e34c990a02403c62) (From OE-Core rev: 6ef620c717c43a29f51ccd298c84070552bdfe52) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Security fix CVE-2015-8325Armin Kuster2016-09-232-0/+34
| | | | | | | | | openssh < 7.2p2 (From OE-Core rev: 94325689e52cd86faf732d0cc01a29d193e6abfe) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Security fix CVE-2016-5615Armin Kuster2016-09-232-0/+55
| | | | | | | | | openssh < 7.3 (From OE-Core rev: 800bd6e734837a16dfe0f2f0e6591f7a1b37a593) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Security fix CVE-2016-6210Armin Kuster2016-09-234-0/+289
| | | | | | | | | affects openssh < 7.3 (From OE-Core rev: 3bc2ea285637894d158d951ed721c54c1f1af4c3) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "openssl: prevent ABI break from earlier krogoth releases"Armin Kuster2016-07-061-22/+9
| | | | | | | | | | | This patch should not have been back ported. This reverts commit 18b0a78f439ce26ea475537cc20ebbc1d091920c. (From OE-Core rev: 08f85da10b3a7fc6165f163fd0f23784a2c9c8e4) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: fix init script restart with read-only-rootfsMatthew Campbell2016-06-291-1/+1
| | | | | | | | | | | | | | | | | restart in the init script uses the check_config() function which doesn't have the $SSHD_OPTS passed through. This causes it to check the wrong config (and fail when read-only-rootfs is enabled. (From OE-Core rev: cb6f78072deb8b8c22baf5c31c3bd19d7e0af236) (From OE-Core rev: ad5a14484b780ea5d48d35dac0de8062c53077de) Signed-off-by: Matthew Campbell <mcampbell@izotope.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 772ba8d865c1e7b62496df6b8eac73b367a4dc20) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: change URI to http:Ross Burton2016-06-291-1/+1
| | | | | | | | | | | | | | | | The OpenBSD FTP server isn't accepting connections from wget, which breaks fetches. Luckily they also have a HTTP server on the same host. [ YOCTO #9628 ] (From OE-Core rev: 8b10f0af3c434145b460fd5d7a9f394dc1284260) (From OE-Core rev: 511f3ba2b66aa61cf8212f95df762b8de1eaa92d) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: prevent ABI break from earlier krogoth releasesJoshua Lock2016-06-291-9/+22
| | | | | | | | | | | | | | | | | | | The backported upgrade to 1.0.2h included an updated GNU LD version-script which results in an ABI change. In order to try and respect ABI for existing binaries built against fido this commit partially reverts the version-script to maintain the existing ABI and instead only add the new symbols required by 1.0.2h. Suggested-by: Martin Jansa <martin.jansa@gmail.com> (From OE-Core rev: 480db6be99f9a53d8657b31b846f0079ee1a124f) (From OE-Core rev: 4d1cb0646eafca44fae5321f48c6114a32fbf164) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: enable out-of-tree buildsRoss Burton2016-06-292-2/+29
| | | | | | | | | | | | | | A patch is needed to fix a race in out-of-tree builds, and the install-ptest logic can be simplified. (From OE-Core rev: 471fdafb340e90a4ab2e31854f69d5204e9380bf) (From OE-Core rev: 75fad33f495ca8a548b98054e4731940d1491d94) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: fixed path to bluetoothd in sysvinit scriptChristian Ege2016-06-152-1/+5
| | | | | | | | | | | Within the sysvinit script the path to bluetoothd is wrong. Because of this the init scripts silently terminates without any message (From OE-Core rev: 4bcd78028ae1000ea4cd86f4a729d4497618ae85) Signed-off-by: Christian Ege <k4230r6@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Security fix via update to 1.0.2hArmin Kuster2016-05-172-11/+9
| | | | | | | | | | | | | | | | | | | | | | | CVE-2016-2105 CVE-2016-2106 CVE-2016-2109 CVE-2016-2176 https://www.openssl.org/news/secadv/20160503.txt fixup openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch drop crypto_use_bigint_in_x86-64_perl.patch as that fix is in latest. (From OE-Core rev: c693f34f54257a8eca9fe8c5a9eee5647b7eeb0c) (From OE-Core rev: 73daaa207754e48efef59b516ad5601129cf4bac) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Security Fix CVE-2016-3115Armin Kuster2016-04-292-1/+87
| | | | | | | | | opehssh <= 7.2 (From OE-Core rev: 7d6abd0b7b89f28343741c2188da22c6d1c6c8ea) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman-gnome: Depend on dbus-glib-nativeJussi Kukkonen2016-04-291-1/+1
| | | | | | | | | | This is required for dbus-binding-tool. (From OE-Core rev: 513515fef1a5dac197b260613af8205bea96bcfc) Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: CVE-2016-2774Catalin Enache2016-04-182-0/+66
| | | | | | | | | | | | | | | | ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2774 (From OE-Core rev: 2fc84114c6323bf1e3d3598af52dd1523168c9fc) Signed-off-by: Catalin Enache <catalin.enache@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: CVE-2016-2088Jussi Kukkonen2016-04-182-0/+248
| | | | | | | | | | | | | | | | | Duplicate EDNS COOKIE options in a response could trigger an assertion failure: Fix with a backport. bind as built with the oe-core recipe is not at risk: Only servers which are built with DNS cookie support (--enable-sit) are vulnerable to denial of service. Fixes [YOCTO #9438] (From OE-Core rev: da38a9840b32e80464e2938395db5c9167729f7e) Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: Enable update-rc.d serviceFabio Berton2016-04-151-1/+5
| | | | | | | | | | | do_install_append function installs init scripts but to enable this service we need to inherit update-rc.d class and set INITSCRIPT name and params. (From OE-Core rev: 854523f173ba9784f1e2a00804c0f5ef16e8cf85) Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: CVE-2016-1285 CVE-2016-1286Sona Sarmadi2016-04-144-0/+550
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes following vulnerabilities: CVE-2016-1285 bind: malformed packet sent to rndc can trigger assertion failure CVE-2016-1286 bind: malformed signature records for DNAME records can trigger assertion failure [YOCTO #9400] External References: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1285 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1286 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286 References to the Upstream commits and Security Advisories: =========================================================== CVE-2016-1285: https://kb.isc.org/article/AA-01352 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=70037e040e587329cec82123e12b9f4f7c945f67 CVE-2016-1286_1: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=a3d327bf1ceaaeabb20223d8de85166e940b9f12 CVE-2016-1286_2: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=7602be276a73a6eb5431c5acd9718e68a55e8b61 (From OE-Core rev: 080d1a313e4982dd05846b375ebf936c46934d80) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* socat: Use c_ispeed and c_ospeed based upon libcKhem Raj2016-04-141-20/+33
| | | | | | | | | | | | | musl calls them __c_ispeed and __c_ospeed and we can not use get/set APIs because the get APIs will return the value from iflags and not from *speed element from termios struct (From OE-Core rev: b4744ffb94f76f2be138f2f9bd04153034bf62df) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl.inc: minor packaging cleanupAndre McCurdy2016-04-091-2/+1
| | | | | | | | | | | | | | | | | | | | | libcrypto.so was explicitly added to FILES_${PN}-dev as part of moving libcrypto from libdir -> base_libdir to support dhclient [1]. However, the line has been unnecessary since ${base_libdir}/lib*.so files started to be included in FILES_${PN}-dev by default [2] (and it's still unnecessary now, after moving libcrypto from back to libdir to support ntp [3]). [1] http://git.openembedded.org/openembedded-core/commit/?id=01ea85f7f6c53c66c76d6f832518b28bf06ec072 [2] http://git.openembedded.org/openembedded-core/commit/?id=66c36bcb7d9368718453265e58bd5e3c854c786a [3] http://git.openembedded.org/openembedded-core/commit/?id=0be2ab32f690a2fcba0e821abe11460958bbc6dc Also define FILES_libssl using SOLIBS instead of a hardcoded pattern. (From OE-Core rev: 3f81b516e2f23683ce6129bb79bcc08263cb7fe1) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5.inc: remove obsolete workaroundPatrick Ohly2016-04-051-2/+0
| | | | | | | | | | | | | Bluez 5.37 itself correctly installs bluetooth.conf, and honors the path settings in dbus-1.pc. Removing the obsolete workaround is necessary for compiling "stateless" (= read-only system configuration moved out of /etc). (From OE-Core rev: 695b99336b40842c15762ef9dac2ce43d1c8c186) Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: add ptest supportAlexander Kanavin2016-04-033-1/+71
| | | | | | | | | [YOCTO #5134] (From OE-Core rev: 70d8cb61b03aa9214fe0e1990ab9500888d9f565) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: /var/cache/bindJoe Slater2016-03-251-3/+2
| | | | | | | | | | Change the ownership of /var/cache/bind to bind rather than root. (From OE-Core rev: 6c76c9e5bb4f4bf6adfac7ccece03d7dcdea7f3d) Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpd: create dhcpd user for dhcp dameonAlexandru Moise2016-03-202-2/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch enables the functionality for dhcpd service to be started with dhcp uid and gid. Test steps: Step 1: Assign ip to interface ifconfig eth0 192.168.1.1 Step 2: Edit /etc/dhcp/dhcpd.conf: default-lease-time 600; max-lease-time 7200; option subnet-mask 255.255.255.0; subnet 192.168.1.0 netmask 255.255.255.0 { option broadcast-address 192.168.1.255; range 192.168.1.88 192.168.1.88; option routers 192.168.1.0; } Step 3: Edit /etc/default/dhcp-server: INTERFACES="eth0" Step 4: Check uid and gid of running dhcpd process $ ps -eo user:19,group:19,cmd | grep dhcpd dhcp dhcp /usr/sbin/dhcpd eth0 -user dhcp -group dhcp (From OE-Core rev: 36d59255131f6d3f289d4f5dfcb58a9890996ffe) Signed-off-by: Alexandru Moise <alexandru.moise@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: allow D-Bus to spawn obexd in systems without systemdJavier Viguera2016-03-202-0/+64
| | | | | | | | | | | This includes a proper D-Bus service file for obexd in systems that do not support systemd. (From OE-Core rev: 75c5dc8d4a5506bf5b89292a96c7b9f91e9d71c8) Signed-off-by: Javier Viguera <javier.viguera@digi.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* socat: Access c_ispeed and c_ospeed via APIsKhem Raj2016-03-202-0/+40
| | | | | | | | | | make it more portable across libc implementations (From OE-Core rev: cd3408e7b845891b63de04249982330e02f13ee8) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: don't move libcrypto to base_libdirChen Qi2016-03-201-9/+2
| | | | | | | | | | | | | | For now, if 'openssl' is enabled for ntp, ntp would still be built without openssl & libcrypto. This is because that ntp thinks openssl and libcrypto locates under the same directory. This patch removes the codes of moving libcrypto to base_libdir. (From OE-Core rev: 0be2ab32f690a2fcba0e821abe11460958bbc6dc) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: enable gentle shutdownChen Qi2016-03-202-0/+26
| | | | | | | | | | | | | | For now, `systemctl stop dhcpd' cannot stop dhcpd correctly, the SIGTERM signal would time out, causing a SIGKILL signal sent to dhcpd. Patch site.h to enable gentle shutdown to so that dhcpd could be stopped by SIGTERM. (From OE-Core rev: 2c789bac353e17637549a7b31706761ba848728e) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi: enable gobject-introspectionAlexander Kanavin2016-03-122-5/+12
| | | | | | | (From OE-Core rev: b9f543de30eb86c0787886d0e78d530fb24984dc) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi-ui: remove the dependency on python-pygtk by disabling avahi-discoverAlexander Kanavin2016-03-121-8/+6
| | | | | | | | | | python-pygtk is removed in a separate commit; the reasons for that are explained in that commit's message. (From OE-Core rev: 40e7d522f1e0f9e5533cbb2660f7cec4d62b5d11) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi-ui: add dbus to PACKAGECONFIGRoss Burton2016-03-091-1/+1
| | | | | | | | | | Now that avahi has a dbus PACKAGECONFIG we need to ensure it's enabled as otherwise the avahi-ui module won't build. (From OE-Core rev: d5e3cf611d302babf0120f887f15aec176ff3429) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi: add missing intltool-native build dependencyRoss Burton2016-03-091-1/+1
| | | | | | | (From OE-Core rev: 52e6e586b142ec782aac10c16366f273be6405f6) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi: make dbus optional but defaultJens Rehsack2016-03-091-2/+5
| | | | | | | | | | | Since do_install fails when dbus is removed by .bbappend, add packageconfig to allow users to get rid of desktop ipc helper dbus. (From OE-Core rev: 93b6ac66a90a6f2cca18ee4cae15f899da7ecb15) Signed-off-by: Jens Rehsack <sno@netbsd.org> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: add a patch to fix parallel buildsRoss Burton2016-03-072-0/+327
| | | | | | | | | | Apply a patch taken from Gentoo to hopefully fix the remaining parallel make races. (From OE-Core rev: 3d806d59a4c5e8ff35c7e7c5a3a6ef85e2b4b259) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Security fix Drown via 1.0.2g updateArmin Kuster2016-03-033-11/+4668
| | | | | | | | | | | | | | | | | | | | CVE-2016-0800 CVE-2016-0705 CVE-2016-0798 CVE-2016-0797 CVE-2016-0799 CVE-2016-0702 CVE-2016-0703 CVE-2016-0704 https://www.openssl.org/news/secadv/20160301.txt Updated 2 debian patches to match changes in 1.0.2g (From OE-Core rev: 7933fbbc6372ec8edaec82dd5c7b44fa2d15a4d5) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: CVE-2015-8605Mariano Lopez2016-03-022-0/+100
| | | | | | | | | | | | ISC DHCP allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet. (From OE-Core rev: f9739b7fa8d08521dc5e42a169753d4c75074ec7) Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi: update to version 0.6.32Maxin B. John2016-02-189-356/+8
| | | | | | | | | | | | | | | | | | | | | 0.6.31 -> 0.6.32 a. Switched to the new repository hosted in github. b. Removed the following Upstreamed/Backported patches 1. 0001-Don-t-log-warnings-about-invalid-packets-Fixes-lathi.patch 2. 0001-avahi-fix-avahi-status-command-error-prompt.patch 3. avahi_fix_install_issue.patch 4. fix_for_automake_1.12.x.patch 5. out-of-tree.patch 6. reuseport-check.patch c. Added UPSTREAM_CHECK_URI [YOCTO #7553] (From OE-Core rev: 5ba7df63c4f0ac56f8513f9aecdbf3b12a121cd1) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: bugfix: adjust name of statd service unitUlrich Ölmann2016-02-182-0/+35
| | | | | | | | | | | Upstream nfs-utils use 'rpc-statd.service' and Yocto introduced 'nfs-statd.service' instead but forgot to update the mount.nfs helper 'start-statd' accordingly. (From OE-Core rev: cda5b219d62fece0e67ee766290e73a6636bd652) Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* socat: Fix build with muslKhem Raj2016-02-182-0/+33
| | | | | | | | | NETDB_INTERNAL is a glibc define (From OE-Core rev: eb513884519804b3b8d600eeb7aadf3ec54e0345) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-03 05:50:17 +0000