| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
release notes:
https://downloads.isc.org/isc/bind9/9.18.19/doc/arm/html/notes.html#notes-for-bind-9-18-19
Security Fixes
Previously, sending a specially crafted message over the control channel
could cause the packet-parsing code to run out of available stack
memory, causing named to terminate unexpectedly. This has been fixed.
(CVE-2023-3341)
ISC would like to thank Eric Sesterhenn from X41 D-Sec GmbH for bringing
this vulnerability to our attention. [GL #4152]
A flaw in the networking code handling DNS-over-TLS queries could cause
named to terminate unexpectedly due to an assertion failure under
significant DNS-over-TLS query load. This has been fixed.
(CVE-2023-4236)
ISC would like to thank Robert Story from USC/ISI Root Server Operations
for bringing this vulnerability to our attention. [GL #4242]
Removed Features
The dnssec-must-be-secure option has been deprecated and will be removed
in a future release. [GL #4263]
Feature Changes
If the server command is specified, nsupdate now honors the nsupdate -v
option for SOA queries by sending both the UPDATE request and the
initial query over TCP. [GL #1181]
Bug Fixes
The value of the If-Modified-Since header in the statistics channel was
not being correctly validated for its length, potentially allowing an
authorized user to trigger a buffer overflow. Ensuring the statistics
channel is configured correctly to grant access exclusively to
authorized users is essential (see the statistics-channels block
definition and usage section). [GL #4124]
This issue was reported independently by Eric Sesterhenn of X41 D-Sec
GmbH and Cameron Whitehead.
The Content-Length header in the statistics channel was lacking proper
bounds checking. A negative or excessively large value could potentially
trigger an integer overflow and result in an assertion failure. [GL
This issue was reported by Eric Sesterhenn of X41 D-Sec GmbH.
Several memory leaks caused by not clearing the OpenSSL error stack were
fixed. [GL #4159]
This issue was reported by Eric Sesterhenn of X41 D-Sec GmbH.
The introduction of krb5-subdomain-self-rhs and ms-subdomain-self-rhs
UPDATE policies accidentally caused named to return SERVFAIL responses
to deletion requests for non-existent PTR and SRV records. This has been
fixed. [GL #4280]
The stale-refresh-time feature was mistakenly disabled when the server
cache was flushed by rndc flush. This has been fixed. [GL #4278]
BIND’s memory consumption has been improved by implementing dedicated
jemalloc memory arenas for sending buffers. This optimization ensures
that memory usage is more efficient and better manages the return of
memory pages to the operating system. [GL #4038]
Previously, partial writes in the TLS DNS code were not accounted for
correctly, which could have led to DNS message corruption. This has been
fixed. [GL #4255]
Known Issues
There are no new known issues with this release. See above for a list of
all known issues affecting this BIND 9 branch.
(From OE-Core rev: 29cc2203b06b12d4c93ffc1fb56f1754f6982e80)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Set CONF_USR_DIR explicitly as upstream hardcodes 'lib' in it.
Fix up iproute2-ip packaging to reflect that, and fix multilib error
where the executable would end up in the main package.
(From OE-Core rev: c88d6e94c0df3079410930abff9af0a08930ec8c)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
https://github.com/openssl/openssl/blob/openssl-3.1/NEWS.md#major-changes-between-openssl-312-and-openssl-313-19-sep-2023
Major changes between OpenSSL 3.1.2 and OpenSSL 3.1.3 [19 Sep 2023]
* Fix POLY1305 MAC implementation corrupting XMM registers on Windows (CVE-2023-4807)
(From OE-Core rev: eb65fdd971aa30d3fd09a8bc1b33ad2a1197f364)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We've been removing PR values from recipes at upgrade time for a while. In general
anyone maintaining a binary distro would end up having to curate these themselves
so the values in OE-Core aren't really that useful anymore. In many ways it makes
sense to clear out the remaining ones (which are mostly for 'config' recipes that
are unlikely to increase in PV) and leave a clean slate for anyone implementing
a binary distro config.
References are left in meta-selftest since the tests there do involve them and
their removal upon upgrade.
(From OE-Core rev: d4c346e8ab8f3cae25d1b01c7331ed9f6d4f96ef)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
Piping results through sed may mask failures that sed isn't catching.
(From OE-Core rev: 2b1b0e9e4d5011e7c2fd1b59fc277a7cfdc41194)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
This brings them from 15 minutes to just over 4.
(From OE-Core rev: 9eeee78aa94aaa441da012aeb904a0f1cbcd4d91)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop patch to improve logging since upstream rejected it
but capture failure logs in run-ptests with similar code
as what upstream uses when running the tests via
https://github.com/openssh/openssh-portable/blob/master/.github/run_test.sh#L23
(From OE-Core rev: 5f817f5a3897bca39eb832bb910b032632f275b8)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Adds `StateDirectory=nfs` for the systemd service. This ensures that 1)
and .mount services required for /var/lib/nfs are started before these
services, and 2) that /var/lib/nfs exists before starting the services.
(From OE-Core rev: ba814211699d40590363b9b80f264218be9d7ad8)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Adds a `ConditionPathExists` to nfs-statsd.service. This allows it to
match the other NFS services and not start if nothing is exported.
(From OE-Core rev: 5fae759ff99ccd6e3473cb8aa638fbb23f7583ff)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Log the input and output banner files. Output seems to
contain more lines than input which fails the test but
it's not clear what is in there from the ssh command
stderr. So print them out to dig deeper into the root
cause.
Upstream rejected previous logging patch so they will likely
do the same for this:
https://github.com/openssh/openssh-portable/pull/437
Reference: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15178
(From OE-Core rev: 3230378d651ecc53ff5cac1aaa24f35d5cea8665)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Upstream rejected the change:
https://github.com/openssh/openssh-portable/pull/437
(From OE-Core rev: 46c5f3b7a57442b9979ad36b679900cf0b8f74d5)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Services which broadcast an invalid service type will cause the browse
to fail. Instead of failing, replace the service type and continue.
(From OE-Core rev: e581da6c4db21312833395e96b48e868a202f0f9)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Drop backports. 0001-vpn-Adding-support-for-latest-pppd-2.5.0-release.patch
is partially dropped, as upstream hasn't included the newly added header
into the tarball (issue addressed after the release).
(From OE-Core rev: eeb686876dc560b5f0fab6f37a2def3d78bb55db)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
This significantly speeds up the build by default.
(From OE-Core rev: 2b5ee583c62dbe381cd429da14ecbba5ea32d506)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When tests fail, capture the sshd and ssh client logs from
the failing test run. These are needed to investigate
the root cause.
Reference: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15178
(From OE-Core rev: 7c6a0ee7961dc976dddbfd1615f90c2306970626)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Changes:
Update sha256sum
Remove backported patch
(From OE-Core rev: 51a6e56fcb28ec97ba3a4b40bbcd3d64e6d390d5)
Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
Fixed missing DBus org.neard.se.conf.
Sync Linux kernel UAPI nfc.h header with newer kernel.
NFC tag: Implement readout of tag UID via DBus interface.
(From OE-Core rev: 02cc07dbdf0dcb52d736f39fc01f406030f8339b)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fix-check-ell-path.patch
removed since it's included in 5.69
Changelog:
=========
Fix issue with BAP enabling state correctly when resuming.
Fix issue with detaching source ASEs only after Stop Ready.
Fix issue with handling VCP audio location and descriptor.
Fix issue with generating IRK for adapter with privacy enabled.
Add support for BAP broadcast sink.
(From OE-Core rev: e964b7f4bbd398bef3f48ec9ddd441a7f5df9987)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
============
Deprecate the 'dialup' and 'heartbeat-interval' options.
Ignore 'max-zone-ttl' on 'dnssec-policy insecure'.
Return REFUSED to GSS-API TKEY requests if GSS-API support is not configured.
Mark a primary server as temporarily unreachable if the TCP connection attempt times out.
Don't process detach and close netmgr events when the netmgr has been paused.
(From OE-Core rev: e78ec619beea6e541b2d83a5dc845ce57ff12564)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
glob/ doesn't exist and the other files are copied by autotools.bbclass
(From OE-Core rev: f11fac5430c1308347f673c6e1fb6c5b2c7ff9c0)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fix-disable-ipv6.patch: we don't support uclibc, and most libcs don't
have optional support for IPv6.
inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch and
inetutils-1.8-0003-wchar.patch: these don't appear to be needed anymore.
inetutils-only-check-pam_appl.h-when-pam-enabled.patch: configure.ac
doesn't fail if PAM is disabled anymore.
(From OE-Core rev: abcc8273a788981bd06867d141b78aa0cfedddf4)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
inetutils guesses a lot of target paths in cross builds, and warns that
some of them are known to be wrong (for example, whether /proc/net/dev
exists is guessed as 'no').
Add a post-configure function to check for these warnings, and pass
--with-path-* as appropriate to set the paths explicitly.
This means we can remove the patch which was setting PATH_PROCNET_DEV,
and the autoconf cache value inetutils_cv_path_login.
The downside is that these --with-path-* options are not real autoconf
options, so the "unknown options" warning is emitted. Losing those is
an acceptable compromise, so disable it.
Musl doesn't implement utmp and has stub defines for _PATH_UTMP but not
_PATH_UTMPX, so we need to set the X variants explicitly.
(From OE-Core rev: 91179f89db127063dbdf998e15d63e04d6be53f7)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport a patch to fix buffer overflow for strlcpy:
$ dhcpcd enp0s3
dhcpcd-10.0.2 starting
*** buffer overflow detected ***: terminated
dhcpcd_fork_cb: truncated read 0 (expected 4)
(From OE-Core rev: d0bd1c823c10af9a0ef7e5ce05b770c1d8bb247c)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
https://github.com/NetworkConfiguration/dhcpcd/releases/tag/v10.0.2
(From OE-Core rev: 037fd7c8e772bae0949d6e096c34564eaa2a3858)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 5bbcf129b83d2b78cae7ecb1fe19bab72e54b3f7)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 211942410ec0fb5ebe906b4fed7f1feb13b7cf39)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The nfs-utils recipe creates a nfs-utils-client package, which can be
used if we need to install only the client side of nfs-utils.
Unfortunately, rpc.idmapd is part of this package, and requires the
dynamic library libnfsidmap.so, which is included in the main package
nfs-utils. Therefore, nfs-utils-client has a dependency on nfs-utils, so
the server is installed, and try to be started, even on system where the
appropriate modules are not present, which causes errors.
This patch adds the needed library to the nfs-utils-client package, so
that it is now complete and does not require nfs-utils anymore.
(From OE-Core rev: c04b28ee26ae1ccce1722c4143961ee6fd87b40e)
Signed-off-by: Stéphane Veyret <sveyret@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://github.com/openssl/openssl/blob/openssl-3.1/NEWS.md#major-changes-between-openssl-311-and-openssl-312-1-aug-2023
Major changes between OpenSSL 3.1.1 and OpenSSL 3.1.2 [1 Aug 2023]
* Fix excessive time spent checking DH q parameter value (CVE-2023-3817)
* Fix DH_check() excessive time with over sized modulus (CVE-2023-3446)
* Do not ignore empty associated data entries with AES-SIV (CVE-2023-2975)
* When building with the enable-fips option and using the resulting FIPS provider, TLS 1.2 will, by default, mandate the use of an extended master secret and the Hash and HMAC DRBGs will not operate with truncated digests.
(From OE-Core rev: e65802383b02df6f502af859a927309d881bbb27)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes:
Update license checksum: change in copyright year.
Update sha256sum for new version.
An additinal patch to fix the reproducible build failure which is
still under discussion with upstream.
(From OE-Core rev: 99f61d952467076abb68bf50f9220e422ed98e60)
Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The goal of connman-conf in qemu environments is to stop connman from
trying to control the network device, because runqemu will set it up
appropriately.
It currently hardcodes eth0, but 6.2 kernels onwards will rename eth0 to
en* even when the interface is already up[1]. So that this recipe
continues to work as intended, expand the list to "eth,en" so that
connman ignores _all_ ethernet devices with either the new or old names.
[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit?id=bd039b5ea2a91ea707ee8539df26456bd5be80af
(From OE-Core rev: 56baa430f8a577ff280676dc2e8a2debbc85bc21)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
This reverts commit 4048ddf7fdd6859c43aeb82d85ee0851b3a9177b.
2.5.0 is a development series and the upgrade should have been to 2.4.x.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes:
Update license checksum: change in copyright year.
Update sha256sum for new version.
An additinal patch to fix the reproducible build failure.
(From OE-Core rev: 4048ddf7fdd6859c43aeb82d85ee0851b3a9177b)
Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes:
Update license checksum: only whitespace change.
Update sha256sum for new version.
Additional change:
Do not use version with the foldername, which will result in less diffstat
with future upgrades.
(From OE-Core rev: 1eda31b370ab4129ad149c45f1e43a44d6db9241)
Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change sync the contents of this file with upstream's
ssh_config except for the locally added line
'Include /etc/ssh/ssh_config.d/*.conf'.
More specifically the ForwardXXX options are disabled by default,
this sync with what ssh_config(5) says about these two items.
In addition, the RSAAuthentication items are removed as they are v1 protocol.
See the contents of Changelog file in openssh project as below:
"""
commit bfe19197a92b7916f64a121fbd3c179abf15e218
Author: Darren Tucker <dtucker@dtucker.net>
Date: Fri Jul 2 15:43:28 2021 +1000
Remove now-unused SSHv1 enums.
sRhostsRSAAuthentication and sRSAAuthentication are protocol 1 options
and are no longer used.
"""
(From OE-Core rev: 01174262c6cb8f6d7b9dbe5292d0f93f72a15691)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
No longer used in generating packages
Also creates a possible confusion with the recipe maintainer
name.
(From OE-Core rev: 9d5edd124b7dddb995ceddd79f8a7fc8cf44badf)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
9795c401 (tag: V_9_3_P2) OpenSSH 9.3p2
bde3635f update version in README
f673f2f3 update RPM spec versions
d7790cdc disallow remote addition of FIDO/PKCS11 keys
b23fe83f terminate pkcs11 process for bad libraries
This includes the fix for CVE-2023-38408.
(From OE-Core rev: 7ae89bdeaa97c8d6a0b63e92da31290548f03168)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rewrite of CVE_CHECK_IGNORE to CVE_STATUS contained copy+paste
problem changing CVE numbers.
CVE-2020-12352 -> CVE-2022-3563
CVE-2020-24490 -> CVE-2022-3637
CVE-2020-12352 is now for kernel only in NVD BD, so remove it.
CVE-2020-24490 is corrected in this commit.
(From OE-Core rev: 150f81b764ccf1abfc69bd573d1fb997a6115884)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: c4a50b0738235ce6fdff078d513827ba00b8affc)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/log/
Added a patch for including limits.h with musl builds, or else
we get failures such as:
| mdb.c: In function 'mdb_parse_vni':
| mdb.c:666:47: error: 'ULONG_MAX' undeclared (first use in this function)
| 666 | if ((endptr && *endptr) || vni_num == ULONG_MAX)
| | ^~~~~~~~~
| mdb.c:666:47: note: 'ULONG_MAX' is defined in header '<limits.h>'; did you forget to '#include <limits.h>'?
(From OE-Core rev: ae2a9b8d3a8b119cc021b9c99cac72d18d5954ba)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog: http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=shortlog
Three patches were removed as they're now upstream:
2c0b5249 Replace statfs64 with statfs
167f2336 Fix function prototypes
896946e3 mountd: Check for return of stat function
do_compile still failed after removing these patches, reporting
undefined references to 'event_base_new', 'sqlite3_open_v2', etc. This
is fixed by backporting
0001-configure.ac-libevent-and-libsqlite3-checked-when-nf.patch from
upstream.
(From OE-Core rev: 8042f96a90e979374299404dbe34164f9aa65079)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Try to add convert and apply statuses for old CVEs
- Drop some obsolete ignores, while they are not relevant for current
version
(From OE-Core rev: 1634ed4048cf56788cd5c2c1bdc979b70afcdcd7)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Reviewed-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Text-Template was updated from 1.46 to 1.56
| ERROR: openssl-native-3.1.1-r0 do_configure: PERLEXTERNAL '/build/tmp/work/x86_64-linux/openssl-native/3.1.1-r0/openssl-3.1.1/external/perl/Text-Template-1.46/lib' not found!
(From OE-Core rev: b9a7739b01e31d0cc8358d99255e3e1b02a0a1a8)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
When upstream change is better to fail or removing the PERL5LIB
if they are not need anymore.
(From OE-Core rev: 337ac1159644678508990927923ef8af30f34cd7)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes since version 1.45.0:
* Add SHA to ChangeLog
* misc: update readthedocs config
* test: remove erroneous RETURN_SKIP
* android: disable io_uring support
* linux: add some more iouring backed fs ops
* build: add autoconf option for disable-maintainer-mode
* fs: use WTF-8 on Windows (Stefan Karpinski)
* unix,win: replace QUEUE with struct uv__queue
* linux: fs_read to use io_uring if iovcnt > IOV_MAX
* ios: fix uv_getrusage() ru_maxrss calculation
* include: update outdated code comment
* linux: support abstract unix sockets
* unix,win: add UV_PIPE_NO_TRUNCATE flag
* unix: add loongarch support
* doc: add DPS8M to LINKS.md
* include: add EUNATCH errno mapping
* src: don't run timers if loop is stopped/unref'd
* win: fix -Wpointer-to-int-cast warning
* test,win: fix -Wunused-variable warning
* test,win: fix -Wformat warning
* linux: work around io_uring IORING_OP_CLOSE bug
* win: remove unused functions
* bench: add bench to check uv_loop_alive
* test: add uv_cancel test for threadpool
* unix: skip prohibited syscalls on tvOS and watchOS
* unix,fs: make no_pwritev access thread-safe
* unix: fix build for lower versions of Android
(From OE-Core rev: 22c2d5d1e4c47a3cbaaef240fd1c86070a4d2e3d)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
Include a patch submitted upstream to fix cross-compilation issues.
(From OE-Core rev: 1067c44ee48b2e72624c42c8e1675307bd73900e)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Remove configure options no longer supported online.
Changelog:
=========
[security] A query that prioritizes stale data over lookup
triggers a fetch to refresh the stale data in cache.
If the fetch is aborted for exceeding the recursion
quota, it was possible for 'named' to enter an infinite
callback loop and crash due to stack overflow. This has
been fixed. (CVE-2023-2911) [GL #4089]
[security] Improve the overmem cleaning process to prevent the
cache going over the configured limit. (CVE-2023-2828)
[GL #4055]
[performance] Reduce memory consumption by allocating properly
sized send buffers for stream-based transports.
[GL #4038]
[bug] Fix a 'clients-per-query' miscalculation bug. When the
'stale-answer-enable' options was enabled and the
'stale-answer-client-timeout' option was enabled and
larger than 0, named was taking two places from the
'clients-per-query' limit for each client and was
failing to gradually auto-tune its value, as configured.
[GL #4074]
[func] Add "ClientQuota" statistics channel counter, which
indicates the number of the resolver's spilled queries
due to reaching the clients per query quota. [GL !7978]
[bug] Fix a serve-stale bug where a delegation from cache
could be returned to the client. [GL #3950]
[cleanup] Remove configure checks for epoll, kqueue and
/dev/poll. [GL #4098]
[func] The "tkey-dhkey" option has been deprecated; a
warning will be logged when it is used. In a future
release, Diffie-Hellman TKEY mode will be removed.
[GL #3905]
[bug] The session key object could be incorrectly added
to multiple different views' keyrings. [GL #4079]
[bug] Fix an interfacemgr use-after-free error in
zoneconf.c:isself(). [GL #3765]
[test] Add support for using pytest & pytest-xdist to
execute the system test suite. [GL #3978]
[bug] BIND could get stuck on reconfiguration when a
'listen' statement for HTTP is removed from the
configuration. That has been fixed. [GL #4071]
[bug] Properly process extra "nameserver" lines in
resolv.conf otherwise the next line is not properly
processed. [GL #4066]
[bug] named could crash when deleting inline-signing zones
with "rndc delzone". [GL #4054]
[bug] Fix a logic error in dighost.c which could call the
dighost_shutdown() callback twice and cause problems
if the callback function was not idempotent. [GL #4039]
(From OE-Core rev: 77d2fa5ac1f394fba2b8e24f2b6ded6ea6b691b4)
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: 878fb0aea1e98ffadc3cd64de5189f7b05ecb454)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Below upstream commit removed BSD-4-Clause from the LICENSE variable,
Link: https://git.yoctoproject.org/poky/commit/?id=2c86f586d55d0f6b99053e3e4d14c9ee36fa8aa8
But actually if we check from the source code of the openssh for this
version (8.9p1), there are some files (openbsd-compat/libressl-api-compat.c)
still affected.
As upstream removed this BSD-4-clause license, there are still some files
has this license. Below file is affected by this BSD-4-clause contents when
the below command is executed
grep -rl "All advertising materials mentioning features or use of this software" *|grep -v \.1|grep -v \.5|grep -v \.8 | sort
openbsd-compat/libressl-api-compat.c
All advertising materials mentioning features or use of this software
Reason for backporting is some of the product restrict the BSD-4-Clause usage and the purpose of this commit is
to completely remove the BSD-4-Clause license from the openssh.
When checked in the master branch, openssh upstream removes the bsd-4 license compeletely from this commit
https://github.com/openssh/openssh-portable/commit/7280401bdd77ca54be6867a154cc01e0d72612e0
Hence Backport this commit completely to remove license of BSD-4-clause contents from code. Hunks are refreshed.
(From OE-Core rev: d9045a7bc6d9acc137c292b60a8ce4d24f359a19)
Signed-off-by: Riyaz Khan <Riyaz.Khan@kpit.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
On riscv32 configurations OpenSSL fails to build with "undefined
reference to `__atomic_foo'" kind of errors. Change OpenSSL recipe to
use linux-latomic configuration instead of linux-generic32.
(From OE-Core rev: e8ce80fc6d6579554bca2eba057e65d4b12c0793)
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
License-Update: doc: clean up license file (#3876)
GitHub gets confused by the non-standard format of the LICENSE file.
Move the extra bits into the creatively named LICENSE-extra file.
Changelog:
==========
linux: introduce io_uring support #3952
src: add new metrics APIs #3749
unix,win: give thread pool threads an 8 MB stack #3787
win,unix: change execution order of timers #3927
(From OE-Core rev: 594953f635894217b9dcf570a601ac84ad908b4d)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|