summaryrefslogtreecommitdiffstats
path: root/meta-networking
Commit message (Collapse)AuthorAgeFilesLines
* keepalived: patch CVE-2021-44225Gyorgy Sarvari2025-10-272-0/+42
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2021-44225 Pick patch mentioned in the nvd report. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* unbound: Fix CVE-2022-3204Vijay Anusuri2025-10-272-0/+222
| | | | | | | Upstream-Status: Backport from https://github.com/NLnetLabs/unbound/commit/137719522a8ea5b380fbb6206d2466f402f5b554 Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* unbound: Fix for CVE-2022-30698 and CVE-2022-30699Vijay Anusuri2025-10-272-0/+628
| | | | | | | Upstream-Status: Backport from https://github.com/NLnetLabs/unbound/commit/f6753a0f1018133df552347a199e0362fc1dac68 Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* squid: fix esi PACKAGECONFIGGyorgy Sarvari2025-10-272-0/+36
| | | | | | | | | | | | | libxml has derecated the "xmlSetFeature" call, and hid is behind a special config flag (--with-legacy), which is not used by default in oe-core. This makes compilation fail, when "esi" PACKAGECONFIG is enabled: Libxml2Parser.cc:94:5: error: 'xmlSetFeature' was not declared in this scope; did you mean 'xmlHasFeature'? This backported patch fixes this. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* squid: patch CVE-2025-59362Gyorgy Sarvari2025-10-272-0/+52
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-59362 Pick the PR content that's referenced in the nvd report. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* squid: patch CVE-2023-46724Gyorgy Sarvari2025-10-272-0/+42
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2023-46724 Pick the patch from the details of the nvd report. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* squid: patch CVE-2022-41318Gyorgy Sarvari2025-10-272-0/+46
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2022-41318 Pick the v4 patch referenced in the nvd report. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* squid: patch CVE-2022-41317Gyorgy Sarvari2025-10-272-0/+27
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2022-41317 Pick the v4 patch referenced in the nvd report. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* squid: patch CVE-2021-46784Gyorgy Sarvari2025-10-272-0/+134
| | | | | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2021-46784 Pick the backported patch from v4 branch, that referenced the same PR[1] that the patch[2] from the nvd report refers to. [1]: https://github.com/squid-cache/squid/pull/1022 [2]: https://github.com/squid-cache/squid/commit/5e2ea2b13bd98f53e29964ca26bb0d602a8a12b9 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* netkit-telnet: patch CVE-2022-39028Gyorgy Sarvari2025-10-272-0/+73
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2022-39028 Pick the patch mentioned in the nvd report. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* proftpd: Fix CVE-2023-48795Vijay Anusuri2025-10-202-0/+752
| | | | | | | Upstream-Status: Backport from https://github.com/proftpd/proftpd/commit/bcec15efe6c53dac40420731013f1cd2fd54123b Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* squid: mark CVE-2025-54574 as patchedPeter Marko2025-10-171-1/+1
| | | | | | | | | | | | | Per [1] CVE-2025-54574 is fixed in patch for CVE-2023-5824. That was a composite patch from more commits. When checking it, it really contains also commit [2] which is mentioned as fix for CVE-2025-54574. [1] https://security-tracker.debian.org/tracker/CVE-2025-54574 [2] https://github.com/squid-cache/squid/commit/a27bf4b84da23594150c7a86a23435df0b35b988 Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* open-vm-tools: fix CVE-2025-41244Rajeshkumar Ramasamy2025-10-172-0/+125
| | | | | | | | | | | | | | | | | VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-41244 Upstream-patch: https://github.com/vmware/open-vm-tools/commit/7ed196cf01f8acd09011815a605b6733894b8aab Signed-off-by: Rajeshkumar Ramasamy <rajeshkumar.ramasamy@windriver.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* tcpreplay: fix CVE-2025-51006Archana Polampalli2025-10-172-0/+98
| | | | | | | | | | | | Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the dlt_linuxsll2_cleanup() function in plugins/dlt_linuxsll2/linuxsll2.c. This vulnerability is triggered when tcpedit_dlt_cleanup() indirectly invokes the cleanup routine multiple times on the same memory region. By supplying a specifically crafted pcap file to the tcprewrite binary, a local attacker can exploit this flaw to cause a Denial of Service (DoS) via memory corruption. Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* tcpreplay: fix CVE-2025-9157Archana Polampalli2025-10-172-1/+46
| | | | | | | | | | | | | A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untrunc_packet of the file src/tcpedit/edit_packet.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. This patch is called 73008f261f1cdf7a1087dc8759115242696d35da. Applying a patch is advised to resolve this issue. Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* dovecot: patch CVE-2021-33515Gyorgy Sarvari2025-10-122-0/+77
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2021-33515 Backport the relevant patch. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* dovecot: patch CVE-2022-30550Gyorgy Sarvari2025-10-122-0/+138
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2022-30550 Pick the commit referenced in https://www.openwall.com/lists/oss-security/2022/07/08/1 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* civetweb: patch CVE-2020-27304Gyorgy Sarvari2025-10-123-0/+119
| | | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2020-27304 Take the patches referenced in https://jfrog.com/blog/cve-2020-27304-rce-via-directory-traversal-in-civetweb-http-server/ (which URL is also referenced by NIST) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* recipes: Remove double protocol= from SRC_URIsPeter Kjellerstedt2025-09-291-1/+1
| | | | | | | | | | | | With the exception of paho-mqtt-cpp, the double protocol= attributes were added to the SRC_URIs when protocol=https was added to all SRC_URIs fetching from github.com in commit b402a3076f (recipes: Update SRC_URI branch and protocols). Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 2e0a581bee7fc15a78f6e19ba1e596930edee414) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* uftp: upgrade 5.0.2 -> 5.0.3Wang Mingyu2025-09-291-1/+1
| | | | | | | | | | | | Changelog: =========== -A memory leak fix in the prior version wasn't applied correctly, resulting in an invalid memory access causing a crash. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 5d050f078afcb24d0532367592b074ae0787b06f) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* uftp: upgrade 5.0.1 -> 5.0.2Wang Mingyu2025-09-291-1/+1
| | | | | | | | | | | | Changelog: ========= -Fixed bug that caused crash when a CLIENT_KEY arrived out of order -Fixed option handling on Windows when an argument is missing Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 93a5628ae660bf6aa3cfdc9e0032088e4df8a0c5) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* uftp: upgrade 5.0 -> 5.0.1Wang Mingyu2025-09-291-1/+1
| | | | | | | | | | | | | | | | | | | | Changelog: ========== -On very low speed transfers (<10Kbps) sessions would time out due to a very large interpacket transmission interval. Fixed by putting a lower limit on the advertised GRTT of of the interpacket transmission interval. -Sending of ABORT messages on early shutdown would sometimes fail due to OpenSSL cleanup functions running before application cleanup. Changed the ordering of atexit() handlers to ensure OpenSSL cleanup happens last. -Fixed missing timestamp update when clients read CONG_CTRL messages -Fix to GRTT handling on server to ensure it doesn't fall below minumim. -Fixed bypassed checking of existing files on client for backup -Various logging fixes Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 0a58426ed073d48533276688445df3777776886b) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* libtdb: upgrade 1.4.3 -> 1.4.7Yi Zhao2025-09-294-21/+52
| | | | | | | | | | * Refresh patches * Add a patch to skip checking PYTHONHASHSEED Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit cf53340f000b770faba44560e81a3d1e15138805) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* cifs-utils: upgrade 6.14 -> 6.15wangmy2025-09-293-93/+2
| | | | | | | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 88ea7fc012f3edcb7ee7b22330826d285f0319b7) Adapted to Kirkstone. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* tnftp: switch the SRC_URI to httpsRandy MacLeod2025-09-291-1/+1
| | | | | | | Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 8f4dc754cf2a01905211a89980f7a492c33b71a8) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* ssmping: Use debian mirror for SRC_URIKhem Raj2025-09-291-2/+1
| | | | | | | | | Original URI is not accessible anymore Drop md5sum Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit ceb91603415c6e059d866666574dd1be5b93867a) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* pimd: switch SRC_URI to httpsRandy MacLeod2025-09-291-2/+1
| | | | | | | | | | Switch SRC_URI to https (yes, the URI still has ftp in the path!). Also drop the obsolete SRC_URI[md5sum]. Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 9221eaa8d6d4279f4477a30bc3112d32af04b976) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* ndisc6: upgrade 1.0.7 -> 1.0.8Wang Mingyu2025-09-291-1/+1
| | | | | | | | | | | Changelog ============ Fix potential garbage whilst prining an advertised prefix. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 3fe7c5fae8576b41dbe546491649e9bdb4ed5096) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* ndisc6: upgrade 1.0.6 -> 1.0.7Wang Mingyu2025-09-291-1/+1
| | | | | | | | | | | | Changelog: ========= # Do not ignore multicast advertisements when discovery was sent as unicast (fix regression from 1.0.5). Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit a014528ede30caf2e1ac340bc09222428c4f5870) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* lksctp-tools: upgrade 1.0.20 -> 1.0.21Yi Zhao2025-09-291-1/+1
| | | | | | | | | | ChangeLog: https://github.com/sctp/lksctp-tools/blob/v1.0.21/ChangeLog Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 4c3e3638b9fb8a26b91aac02803e93da256bdc7f) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* lksctp-tools: upgrade 1.0.19 -> 1.0.20Yi Zhao2025-09-291-9/+3
| | | | | | | | | | | | | | | | ChangeLog: https://github.com/sctp/lksctp-tools/blob/v1.0.20/ChangeLog Drop redundant variables LK_REL, SOLIBVERSION and SOLIBMAJORVERSION in recipe. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 162039c327f065d87730565b18fdc3986844a065) Adapted to Kirkstone. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* ncftp: Upgrade to 3.2.7Randy MacLeod2025-09-262-88/+3
| | | | | | | | | | | Switch the SRC_URI from "ftp:" to "https:". Drop the obsolete SRC_URI[md5sum]. Drop ncftp-3.2.5-gcc10.patch since we're using gcc13 and upstream has fixed the build to work by adding an extern to sh_util/gpshare.c for example. Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 9dbf1b42bbbd71f8492117bf5a16137faf5f9fc9) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* devecot: set dovecot.conf file mode with chmodYi Zhao2025-09-261-1/+2
| | | | | | | | | The touch command doesn't support file mode setting. Set it with chmod. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 4b306f382f4cf133308c7eb4b056a755f5bc4c96) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* radiusclient-ng: Point SRC_URI to archive.ubuntu.comKhem Raj2025-09-261-2/+1
| | | | | | | | This tarball is not available on debian ftp archive anymore Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit fe62e64c973730da0e385ddbbab8cdc3217e0e69) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* openflow: Switch SRC_URI to github mirrorKhem Raj2025-09-263-2/+33
| | | | | | | | | | | | Original repo seems to be not accessible. Fix build with clang-18 Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 59bffb68440c9099d724aa2f2b1e6366216f0f11) Adapted for Kirkstone. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* openflow: Include sys/stat.h for fchmodKhem Raj2025-09-262-2/+25
| | | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit e2b1b060b038ce26578e1672a1211b948f789bd6) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* freediameter: fix typo and old overide syntaxBergin, Peter2025-09-261-1/+1
| | | | | | | | | | | | A typo that probably caused a left over from override syntax conversion. INITSCRIPT_PARAMS$_${PN} --> INITSCRIPT_PARAMS:${PN} Signed-off-by: Peter Bergin <peter.bergin@windriver.com> Signed-off-by: Peter Bergin <peter@berginkonsult.se> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 77f031776ec9c9edb18e7323b17b697f5c52d5f5) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* znc: fix LICENSE value, clean up SRC_URIGyorgy Sarvari2025-09-261-9/+3
| | | | | | | | | | | | | 1. Set the correct LICENSE value 2. Csocket is a submodule of the main znc project. Instead of cloning it separately in a subfolder, just let the gitsm fetcher to fetch the correct revisions, at the correct place. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 6a8d205e5c8e7c637eacbe91986c5f8c9145c6ff) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* nfacct: Update SRC_URI to point to valid URLKhem Raj2025-09-261-5/+3
| | | | | | | | Update UPSTREAM_CHECK_URI accordingly Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 88b295625df710014b67cd2a6bfbf2cbff8838a2) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* libnftnl: upgrade 1.2.5 -> 1.2.6Wang Mingyu2025-09-261-1/+1
| | | | | | | | | | | | | Changelog: ========= tests: nft-rule-test: Add test cases to improve code coverage tests: nft-table-test: fix typo shixuantong expr: meta: introduce broute meta expression Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit d35850759791685892b02a5794cfe16cb8e920f7) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* libnftnl: upgrade 1.2.4 -> 1.2.5Yi Zhao2025-09-262-5/+5
| | | | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit e9df01df3db8fd67102e53c6a424bc0128100573) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* libnftnl: upgrade 1.2.3 -> 1.2.4Wang Mingyu2025-09-261-1/+1
| | | | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 9afefefac5dacd113bc3c21c055fd9aa3e802d00) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* libnftnl: upgrade 1.2.2 -> 1.2.3Yi Zhao2025-09-262-656/+4
| | | | | | | | | | Drop 0001-avoid-naming-local-function-as-one-of-printf-family.patch as the issue has been fixed upstream. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 333cdd80c6943fb37e7f5e338fa5c0222127dbfa) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* libnftnl: upgrade 1.2.1 -> 1.2.2wangmy2025-09-261-1/+1
| | | | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 6d997c52c5643c5d92cc6bdf77beae7ae3b300e9) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* pure-ftpd: upgrade 1.0.51 -> 1.0.52Wang Mingyu2025-09-262-6/+5
| | | | | | | | | | | | | | | | | | | | | | | nostrip.patch refreshed for 1.0.52 License-Update: Copyright year updated to 2024 Changelog: ========== - The QUIT command is now accepted during a transfer. - The server can be built with --with-minimal again. - Fixed an out of bounds read in the MLSD command. - Larger mmap()ed pages are used on aarch64. - Improved compatibility with HPUX - Improved OpenSSL API compatibility - Improved compatibility with OpenWall Linux - Improved compatibility with Netfilter Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit fac6357f60463b80cfa2e348804a587f343481ff) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* pure-ftpd: upgrade 1.0.50 -> 1.0.51wangmy2025-09-262-8/+11
| | | | | | | | | | 0001-Remove-hardcoded-usr-local-includes-from-configure.a.patch updated for new version. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 8a50039955ae8feb8cfa2b56969a9b8039d3f248) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* adcli: use https protocol for fetchingalperak2025-09-261-1/+1
| | | | | | | Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit c74cdd43f37f8c5709250e88489dbd1870544568) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* ot-br-posix: Add dep to ipset as used by firewallPhilippe Coval2025-09-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | ipset is used by firewall module of ot-br-posix: third_party/openthread/repo/src/posix/platform/firewall.cpp:\ return ExecuteCommand("%s add %s %s -exist", kIpsetCommand, aSetName, aAddress); Related observed issue looked like: ``` oniro@oniro-linux-blueprint-gateway-raspberrypi4-64:~$ sudo journalctl -u otbr-agent.service Apr 28 17:42:32 oniro-linux-blueprint-gateway-raspberrypi4-64 systemd[1]: Started OpenThread Border Router Agent. Apr 28 17:42:38 oniro-linux-blueprint-gateway-raspberrypi4-64 otbr-agent[330]: sh: ipset: not found ``` Relate-to: https://gitlab.eclipse.org/eclipse/oniro-blueprints/transparent-gateway/meta-oniro-blueprints-gateway/-/issues/6 Cc: Stefan Schmidt <stefan.schmidt@huawei.com> Forwarded: https://github.com/openembedded/meta-openembedded/pull/611 Signed-off-by: Philippe Coval <philippe.coval.ext@huawei.com> (cherry picked from commit fc8209e8bc2c45d241561e75c4f2b99c23c5689e) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* networkmanager: fix iptables and nft pathsJim Broadus2025-09-261-0/+2
| | | | | | | | | | | | | | | | | | | | | | The NetworkManager meson.build is searching for iptables and nft by passing absolute paths to meson's find_program. The result is that it locates tools on the host machine when they exist at those locations. If they don't, it uses default locations. This often works out, but in some cases, such as when the host uses a merged usr scheme and the build target does not, the paths will be incorrect and the tools won't be found at runtime. These could be PACKAGECONFIG options, but since they have fallback values, completely disabling the use of either iptables or nft would require patching the meson.build or setting a bogus location. Note that this meson.build file follows the same pattern elsewhere, but most cases are already covered by PACKAGECONFIG options. Signed-off-by: Jim Broadus <jim@thruwave.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 7c440945326db26c3ff2b413956bb3dad223891a) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* mosquitto: bump to 2.0.22Gianfranco Costamagna2025-09-263-29/+14
| | | | | | | | | | Refresh patches, drop patch 3238, now part of upstream codebase Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org> Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 0331499e1f023471173e5d35d29d7ef2362b4aeb) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2026-02-24 20:21:16 +0000