summaryrefslogtreecommitdiffstats
path: root/meta-networking
Commit message (Collapse)AuthorAgeFilesLines
...
* freeradius: fix radiusd startup failure due to missing openssl legacy providerYi Zhao2026-04-013-0/+169
| | | | | | | | | | | | | | | | | | | | | Radiusd fails to start because the openssl legacy provider is no longer built by default[1]: $ radiusd -C -X FreeRADIUS Version 3.2.8 [snip] (TLS) Failed loading legacy provider Add PACKAGECONFIG[legacy-openssl] to enable openssl legacy provider support. When disabled, pass --enable-fips-workaround to configure instead. Backport two patches to fix the --enable-fips-workaround option. [1] https://git.openembedded.org/openembedded-core/commit/?id=a150c3580f7f4962152444272c0fe07cfdb72df5 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* strongswan: upgrade 6.0.4 -> 6.0.5Gyorgy Sarvari2026-04-011-1/+1
| | | | | | | | | Beside other fixes, it contains a remediation for CVE-2026-25075 Changelog: https://github.com/strongswan/strongswan/releases/tag/6.0.5 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* netcf: remove recipeAnuj Mittal2026-04-014-229/+0
| | | | | | | | | | | | | It isn't maintained anymore and requires workarounds when gnulib is updated. It was only used by libvirt and with the upstream [1] and meta-virt changes to not require it anymore, this can be dropped. [1] https://gitlab.com/libvirt/libvirt/-/commit/35d5b26aa433bd33f4b33be3dbb67313357f97f9 Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* tftp-hpa: upgrade 5.2 -> 5.3Yi Zhao2026-04-0117-260/+101
| | | | | | | | | * Use git instead of tarball in SRC_URI. * Update configuration options. * Clean up and refresh local patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* dovecot: upgrade 2.4.2 -> 2.4.3Gyorgy Sarvari2026-04-013-31/+35
| | | | | | | | | | | | | | | | | | Drop patch which is included in this release, and add a patch that adapts a lua api call to the lua version that is used in OE. License-Change: the unicode license text has been updated, there should be no material change. However while examining these changes, I noticed that some parts of the code are covered by licenses not mentined in the recipe. It should reflect all licenses now. Tis version contains fixes fox CVE-2025-59028, CVE-2025-59031, CVE-2026-24031, CVE-2026-27859, CVE-2026-27860, CVE-2026-27857, CVE-2026-27856 and CVE-2026-27855 Changelog: https://github.com/dovecot/core/blob/main/NEWS Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* strongswan: update PACKAGECONFIG soupChangqing Li2026-04-011-1/+1
| | | | | | | | | | | | | Refer [1], this can fix do_configure failure: | checking for libsoup-3.0... no | configure: error: Package requirements (libsoup-3.0) were not met: | | Package 'libsoup-3.0' not found [1] https://github.com/strongswan/strongswan/commit/6ddabf52d5f335147601c7c2797da21820efafb8 Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* postfix: Convert confusing appends to override syntaxMichal Sieron2026-04-011-2/+2
| | | | | | | | | | While in this case `RDEPENDS:class-target +=` wouldn't result in any unwanted override, there is no guarantee there won't be a change, which would be hidden by this override. To avoid any surprises in the future let's use `:append:class-target =` syntax here. Signed-off-by: Michal Sieron <michalwsieron@gmail.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* openvpn: fix ptestHaixiao Yan2026-03-273-15/+65
| | | | | | | | | | | | | | The openvpn 2.7.0 upgrade refactored tests/unit_tests/openvpn/Makefile.am, changing how test_binaries is defined. This caused autoreconf to generate Makefiles where buildtest-TESTS and runtest-TESTS no longer have rule bodies, breaking the existing ptest recipe which relied on these targets for compilation and execution. The fix replaces these internal automake targets with stable interfaces: check-am for compilation and direct binary execution on target. Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* lldpd: upgrade 1.0.20 -> 1.0.21Wang Mingyu2026-03-271-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* libdaq: upgrade 3.0.25 -> 3.0.27Wang Mingyu2026-03-271-1/+1
| | | | | | | | | | Changelog: ========== - libdaq: add a ChangeLog.md file to track changes - pcap: add basic rewind feature upon reaching EOF (excluding stdin and pcapng) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* openvpn: Upgrade to 2.7.0Zoltán Böszörményi2026-03-241-2/+3
| | | | | | | | Release notes: https://community.openvpn.net/ReleaseHistory#openvpn-270-released-11-february-2026 Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* mbedtls: Update HOMEPAGERicardo Simoes2026-03-241-1/+2
| | | | | | | | | | | | | | | | Mbed OS has reached its ends of life in 2024 [1], the annoucement also includes the change of the Mbed TLS homepage. This commit updates the HOMEPAGE variable in the mbedtls recipe to reflect the new URL. Additionally, the BUGTRACKER variable is added, as it is a required field [2]. [1] https://os.mbed.com/blog/entry/Important-Update-on-Mbed/ [2] https://docs.yoctoproject.org/contributor-guide/recipe-style-guide.html#required-variables Signed-off-by: Ricardo Simoes <ricardo.simoes@pt.bosch.com> Signed-off-by: Mark Jonas <mark.jonas@de.bosch.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* wolfssl: upgrade 5.8.4 -> 5.9.0Ankur Tyagi2026-03-231-4/+1
| | | | | | | | | | | | | | | | | | | | | | | | | Conatins many CVE fixes: https://github.com/wolfSSL/wolfssl/releases/tag/v5.9.0-stable Dropped CVE_STATUS for version 5.8.4 specific CVE conflicts. Ptests: START: ptest-runner 2026-03-23T10:28 BEGIN: /usr/lib/wolfssl/ptest Wolfssl ptest logs are stored in /tmp/wolfss_temp.Y7VEJ2/ptest.log Test script returned: 0 unit_test: Success for all configured tests. PASS: Wolfssl DURATION: 130 END: /usr/lib/wolfssl/ptest 2026-03-23T10:30 STOP: ptest-runner TOTAL: 1 FAIL: 0 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* lldpd: fix xml PACKAGECONFIG dependencyAviv Daum2026-03-231-1/+1
| | | | | | | | | | | | The xml PACKAGECONFIG entry uses libxm2, which is a typo and not a valid dependency in OE. Replace it with libxml2 so enabling PACKAGECONFIG:xml pulls in the correct provider. Signed-off-by: Aviv Daum <aviv.daum@gmail.com> Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* frr: upgrade 10.5.2 -> 10.5.3Yi Zhao2026-03-231-2/+2
| | | | | | | | ChangeLog: https://github.com/FRRouting/frr/releases/tag/frr-10.5.3 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* netcf: Fix build with newer autotools and gnulibKhem Raj2026-03-223-17/+90
| | | | | | | | | | | | Newer gnulib use python implementation by default if it finds py3 on the system. However, netcf is old package and its not expecting python implementation, therefore make the shell implementation be used. REALLOC_N is gone in latest gnulib so house a local macro Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* ntopng: Upgrade to 6.6Khem Raj2026-03-2210-221/+262
| | | | | | | Fix build with Lua 5.5 Add fixes to build with ndpi 5.0 Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* mdns: Upgrade 2881.0.25 -> 2881.80.4.0.1Alex Kiernan2026-03-218-15/+43
| | | | | | | | Add new patch to fix breakage from Apple Wireless Direct Link support on macOS. Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* mosquitto: upgrade 2.0.22 -> 2.1.2Andrej Kozemcak2026-03-202-58/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | License-Update: Change license to EPL-2.0 OR BSD-3-Clause Clarify license in LICENSE.txt: https://github.com/eclipse-mosquitto/mosquitto/commit/f466e454e016825220e8494bd6264a5736ed1112 Updated NOTICE.md: https://github.com/eclipse-mosquitto/mosquitto/commit/827c803cb8d6376891548b856a1faa3f0ab5 Removed patch included in this release Update PACKAGECONFIG/cmake options: - manpages: -DDOCUMENTATION → -DWITH_DOCS (the CMake option was renamed in 2.1.x) - ssl: removed -DWITH_EC=ON/-DWITH_EC=OFF; the WITH_EC option was dropped in 2.1.x since Elliptic Curve support is now always included with TLS - websockets — adapt websockets to properly use with picohttpparser - persist-sqlite - for persistence support in the broker, have sqlite3 dependency - ctrl-shell: mosquitto_ctrl interactive shell, have libedit dependency Disable `DWITH_ADNS` option because it required Argon2, which is not part of meta-oe layer Disable `DWITH_TESTS` option because mosquitto start using GoogleTest and we hit a common Yocto + CMake + GoogleTest problem Improve shipped package to modern version Changelog: v2.1.2: https://github.com/eclipse-mosquitto/mosquitto/blob/v2.1.2/ChangeLog.txtgT Broker: - Forbid running with `persistence true` and with a persistence plugin at the same time. Build: - Build fixes for OpenBSD. Closes #3474. - Add missing libedit to docker builds. Closes #3476. - Fix static/shared linking of libwebsockets under cmake. v2.1.1: https://github.com/eclipse-mosquitto/mosquitto/blob/v2.1.1/ChangeLog.txt v2.1.0: https://github.com/eclipse-mosquitto/mosquitto/blob/v2.1.0/ChangeLog.txt Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* tunctl: Make cflags weak in makefileKhem Raj2026-03-201-3/+16
| | | | | | ensures it used flags from OE env Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ndpi: Upgrade to 5.0 releaseKhem Raj2026-03-203-45/+61
| | | | | | Drop downstream cross compile patch, the relevant code is removed in new version Signed-off-by: Khem Raj <raj.khem@gmail.com>
* phytool: Update to latestRicardo Simoes2026-03-201-1/+1
| | | | | | | | | | Changelog: - Add man pages and adjust Makefile for man pages - Avoid %#x printf pattern Signed-off-by: Ricardo Simoes <ricardo.simoes@pt.bosch.com> Signed-off-by: Mark Jonas <mark.jonas@de.bosch.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* phytool: Refactor recipeRicardo Simoes2026-03-201-2/+6
| | | | | | | | | | | | | | | | | This commit fixes a few issues with the phytool recipe: - Missing "_git" suffix in the recipe name, as required by [1]; - Missing description, homepage, and bugtracker metadata [2]'; - Missing section metadata, which is improved package management [3]; - As defined by [4], the SRCREV should be defined after the SRC_URI. [1] https://docs.yoctoproject.org/contributor-guide/recipe-style-guide.html#recipe-naming-conventions [2] https://docs.yoctoproject.org/contributor-guide/recipe-style-guide.html#required-variables [3] https://docs.yoctoproject.org/ref-manual/variables.html#term-SECTION [4] https://docs.yoctoproject.org/contributor-guide/recipe-style-guide.html#recipe-ordering Signed-off-by: Ricardo Simoes <ricardo.simoes@pt.bosch.com> Signed-off-by: Mark Jonas <mark.jonas@de.bosch.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkd-dispatcher: Refactor recipeRicardo Simoes2026-03-201-5/+7
| | | | | | | | | | | | | | | | | | | | | | | | This commit fixes the below issues with the networkd-dispatcher recipe: - Add the missing required variables defined in [1]: - HOMEPAGE - BUGTRACKER - Add the SECTION variable allowing improved package management [2] - Drop SYSTEMD_PACKAGES PN as this is already handled by systemd bbclass [3] - Inherit allarch as the recipe does not create any architecture dependent files - Change the recipe ordering so that [4] is respected - Add tag parameter for the git fetch, as recommended by [5] [1] https://docs.yoctoproject.org/contributor-guide/recipe-style-guide.html#required-variables [2] https://docs.yoctoproject.org/dev/ref-manual/variables.html#term-SECTION [3] https://docs.yoctoproject.org/dev/ref-manual/variables.html#term-SYSTEMD_PACKAGES [4] https://docs.yoctoproject.org/contributor-guide/recipe-style-guide.html#variable-ordering [5] https://docs.yoctoproject.org/dev/migration-guides/migration-5.3.html#bitbake-git-fetcher-tag-parameter Signed-off-by: Ricardo Simoes <ricardo.simoes@pt.bosch.com> Signed-off-by: Mark Jonas <mark.jonas@de.bosch.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* open-vm-tools: backport patch to build with glibc 2.43Gyorgy Sarvari2026-03-202-0/+145
| | | | | | | | | | | | As the subject says. Fixes error: | ../../../sources/open-vm-tools-13.0.10/open-vm-tools/lib/hgfs/hgfsEscape.c: In function 'HgfsAddEscapeCharacter': | ../../../sources/open-vm-tools-13.0.10/open-vm-tools/lib/hgfs/hgfsEscape.c:201:15: error: assignment discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers] | 201 | illegal = strchr(HGFS_ILLEGAL_CHARS, bufIn[escapeContext->processedOffset]); Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wowlan-udev: set S to UNPACKDIRAnuj Mittal2026-03-201-0/+2
| | | | | | | | | | | | Since there are no sources being fetched, set S to UNPACKDIR to fix: | WARNING: wowlan-udev-1.0-r0 do_unpack: wowlan-udev: the directory | ${UNPACKDIR}/${BP} ... pointed to by the S variable doesn't exist | - please set S within the recipe to point to where the source has | been unpacked to. Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* layers: update for wrynose release seriesKhem Raj2026-03-181-1/+1
| | | | | | Drop walnascar from supported release series Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wireshark: Add xxhash to DEPENDSJörg Sommer2026-03-181-1/+13
| | | | | | | | | | | | Currently, the build of wireshark fails with ERROR: wireshark-1_4.6.3-r0 do_package_qa: QA Issue: /usr/lib/libwsutil.so.17.0.0 contained in package wireshark requires libxxhash.so.0()(64bit), but no providers found in RDEPENDS:wireshark? [file-rdeps] ERROR: wireshark-1_4.6.3-r0 do_package_qa: Fatal QA errors were found, failing task. ERROR: Logfile of failure stored in: /build/tmp/work/core2-64-poky-linux/wireshark/4.6.3/temp/log.do_package_qa.302606 ERROR: Task (/build/../work/layers-3rdparty/openembedded/meta-networking/recipes-support/wireshark/wireshark_4.6.3.bb:do_package_qa) failed with exit code '1' Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* opensaf: upgrade 5.22.01 -> 5.26.02Liu Yiding2026-03-186-452/+83
| | | | | | | | | | | | | 1.Add new patch 0001-To-fix-Werror-discarded-qualifiers-error.patch to fix build error 2.Remove following patches as merged upstream 0001-Fix-build-with-fno-common.patch 0001-include-missing-array-header.patch 0001-include-cstdint-for-uintXX_t-types.patch 0002-Fix-Werror-enum-int-mismatch-with-gcc13.patch Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ettercap: fix typo in CVE IDGyorgy Sarvari2026-03-182-1/+1
| | | | | | | | The CVE fix is correct, but the CVE ID contains a typo. The correct ID is CVE-2026-3606. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* kronosnet: upgrade 1.31 -> 1.33Liu Yiding2026-03-181-1/+1
| | | | | | | | Changelog https://github.com/kronosnet/kronosnet/releases/tag/v1.33 Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* squid: upgrade 7.4 -> 7.5Peter Marko2026-03-181-2/+2
| | | | | | | | | | | | | | | | | License-Update: updated to latest GPLv2 text version [1] Changelog [2] - Bug 5501: Squid may exit when ACLs decode an invalid URI - ICP: Fix HttpRequest lifetime for ICP v3 queries - ICP: Fix validation of packet sizes and URLs - Do not escape malformed URI twice when sending ICP errors - ... and some code, CI, and documentation cleanups [1] https://github.com/squid-cache/squid/commit/765c7f4e7fa45ce87134b4a38ad175db4bda06dd [2] https://github.com/squid-cache/squid/releases/tag/SQUID_7_5 Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* squid: fix UPSTREAM_CHECK_REGEXPeter Marko2026-03-181-1/+1
| | | | | | | | | | Squid tags are in form SQUID_<MAJ>_<MIN>. This can also be seen in SRC_URI download link. This change will make "devtool latest-version squid" correctly show 7.5 Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* spice-gtk: enable libva-x11 and drop gstreamer1.0-vaapiDmitry Baryshkov2026-03-181-1/+1
| | | | | | | | | OE-Core has dropped gstreamer1.0-vaaapi, breaking spice-gtk. Drop the dependency and, while we are at it, enable libva as a dependency, making sure VA-API is enabled. Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nftables: build with native python instead of host pythonGyorgy Sarvari2026-03-181-1/+1
| | | | | | | | | | | | | | Using old Python on the build host with SetupTools 82 results in an error message during building: | error: invalid command 'egg_info' | | ERROR Backend subprocess exited when trying to invoke get_requires_for_build_wheel | WARNING: exit code 1 from a shell command. To avoid it, use the native Python environment built by OE. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ntp: fix build with glibc 2.43Peter Marko2026-03-182-0/+42
| | | | | Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* conntrack-tools: upgrade 1.4.8 -> 1.4.9Yi Zhao2026-03-171-1/+1
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: upgrade 1.52.2 -> 1.56.0Andrej Kozemcak2026-03-172-5/+77
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Create path to fix `meson` build errors Add missing dependencies. Disables man page generation. The build was using xsltproc to try downloading http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl from the network, which fails in embedded build environments. Changelog: v1.56.0 https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/1.56.0/NEWS?ref_type=tags Changed: - Unify the versioning to use everywhere the scheme with the -rcX or -dev suffixes when appropriate. This affects, for example, the URL and filename of the release tarball and the version reported by nmcli and the daemon. As an exception, the C API will continue to use the 90+ scheme for RC versions. - nmcli now supports viewing and managing WireGuard peers. - Support reapplying the "sriov.vfs" property as long as "sriov.total-vfs" is not changed. - Support reapplying "bond-port.vlans". - Accept hostnames longer than 64 characters from DNS lookup. - Make that global-dns configuration overwrites DNS searches and options from connections, instead of merging all together. - Add support for a new rd.net.dhcp.client-id option in nm-initrd-generator. - Add gsm device-uid setting to restrict the devices the connection applies to. - Support configuring the HSR protocol version via the "hsr.protocol-version" property. - Fix a bug that makes broadband connections auto-connect getting blocked if the connection tries to reconnect when modem status is "disconnecting" / "disconnected". - Treat modem connection not having an operator code available as a recoverable error. - Add support for configuring systemd-resolved's DNSSEC option per-connection via the "connection.dnssec" connection property. - Support configuring the HSR interlink port via the "hsr.interlink" property. - Fix some connection properties not being applied to vpn connections (connection.mdns, connection.llmnr, connection.dns-over-tls, connection.mptcp-flags, ipv6.ip6-privacy) - Update n-acd to always compile with eBPF enabled, as support for eBPF is now detected at run time. - Add new MPTCP 'laminar' endpoint type, and set it by default alongside the 'subflow' one. - For private connections (the ones that specify a user in the "connection.permissions" property), verify that the user can access the 802.1X certificates and keys set in the connection. - Introduce a libnm function that can be used by VPN plugins to check user permissions on certificate and keys. v1.54.0 https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/1.54.0/NEWS?ref_type=tags Changed: - Add support for configuring per-device IPv4 forwarding via the "ipv4.forwarding" connection property. - Add a new "prefix-delegation" setting containing a "subnet-id" property that specifies the subnet to choose on the downstream interface when using IPv6 prefix delegation. - Support OCI baremetal in nm-cloud-setup - When activating a WireGuard connection to an IPv6 endpoint, now NetworkManager creates firewall rules to ensure that the incoming packets are not dropped by kernel reverse path filtering. - Add support for configuring the loopback interface in nmtui. - Most of the properties of ovs-bridge and ovs-port connections can now be reapplied at runtime without bringing the connection down. - Add a new "sriov.preserve-on-down" property that controls whether NetworkManager preserves the SR-IOV parameters set on the device when the connection is deactivated, or whether it resets them to their default value. - Introduce a new "ovs-dpdk.lsc-interrupt" property to configure the Link State Change (LSC) detection mode for OVS DPDK interfaces. - The initrd-generator now can parse the NVMe Boot Firmware Table (NBFT) to configure networking during early boot. - Add systemd services to provide networking in the initrd. Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libcpr: upgrade 1.13.0 -> 1.14.2Andrej Kozemcak2026-03-171-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The tag is not on any branch. Changelog: 1.14.2: https://github.com/libcpr/cpr/releases/tag/1.14.2 Changed: - test: don't reflect Content-Length from request - Fixed curlholder Double Free - Fix error when running CMake configure multiple times with CPR_BUILD_TESTS, bump CMake min version to 3.18 - fix: replace curl_error_map with switch to fix Static Initialization Order Fiasco - Updated Bazel Instructions - Bump actions/upload-artifact from 5 to 6 - Bump actions/checkout from 5 to 6 - Bump jwlawson/actions-setup-cmake from 1.14 to 2.1 v1.14.1: https://github.com/libcpr/cpr/releases/tag/1.14.1 Changed: - Fixed SSE Windows string parsing v1.14.0 https://github.com/libcpr/cpr/releases/tag/1.14.0 Changed: - fix: Crash when building with /MT in MSVC (double-destructor) #1276 - 1.14.0 Release Preparation - NuGet Release Build Fixes - Add support for Server Sent Events (SSE) Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* weechat: upgrade 4.8.1 -> 4.8.2Wang Mingyu2026-03-171-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nbdkit: upgrade 1.47.3 -> 1.47.5Wang Mingyu2026-03-171-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* memcached: upgrade 1.6.40 -> 1.6.41Wang Mingyu2026-03-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | Changelog: =========== - tests: make slabs-reassign2 test more resilient - proxy: reduce flakiness in t/proxyunits.t - proxy: fix off by one in temp string with 250b key - slabs: fix hang and crash. - Fix failing proxy*.t tests on some systems like OL8 - Account for absent 'ssl_proto_errors' in stats during SSL tests - Fix test compatibility on IPv6-only systems. - Use SSLv23 method when TLSv1.3 is unsupported (e.g., macOS) - extstore: more compaction write patience - parser: fix lru command regression - Fix: avoid null print for slab busy reason - extstore: testing around rescued compaction items - extstore: fix compaction checks wrong refcount - proto: armor against empty commands Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libdaq: upgrade 3.0.23 -> 3.0.25Wang Mingyu2026-03-171-1/+1
| | | | | | | | Changelog: api: update dioctl daqSnort latency common changes Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* tnftp: Add HOMEPAGELiu Yiding2026-03-171-0/+1
| | | | | Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* squid: upgrade 7.3 -> 7.4Andrej Kozemcak2026-03-172-24/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | License-Update: update GPLv2 COPYING document Some terminology and FSF address changes since the GPLv2 https://github.com/squid-cache/squid/commit/4c5fbc7e8db25352722de4ebe7fe1cab904b62b6 Remove lines from patch, which modify not exist code. Changelog: https://github.com/squid-cache/squid/releases/tag/SQUID_7_4 Changes: - Do not create world-readable directories - digest_edirectory_auth: Fix LDAPS memory leaks - snmplib: Improve handling of zero-length ASN OCTET STRINGs - Debug tls_read_method()/tls_write_method() errors - ICMP: Harden echo paths, fix overflows, UB, and leaks - Set SSL_OP_LEGACY_SERVER_CONNECT when peeking at servers - security_file_certgen: Fix OPENSSL_malloc()/free(3) mismatch - Detect FreeBSD ports Heimdal package - Remove SQUID_CHECK_KRB5_HEIMDAL_BROKEN_KRB5_H macro - Remove SQUID_CHECK_KRB5_SOLARIS_BROKEN_KRB5_H macro - ext_kerberos_ldap_group_acl: Do not prohibit all LDFLAGS - negotiate_sspi_auth: Respond with ERR when FormatMessage() fails - ... and some code cleanups - ... and some CI improvements Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libnetfilter-conntrack: upgrade 1.1.0 -> 1.1.1Andrej Kozemcak2026-03-171-1/+1
| | | | | | | | | | | | Changelog: https://git.netfilter.org/libnetfilter_conntrack/log/?h=libnetfilter_conntrack-1.1.1 Changes: - libnetfilter_conntrack: bump version to 1.1.1 - src: add support for CTA_TIMESTAMP_EVENT Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ettercap: patch CVE-2026-3603Gyorgy Sarvari2026-03-172-1/+51
| | | | | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2026-3606 Pick the commit that is marked to solve the related Github issue[1]. Its commit message also references the CVE ID explicitly. [1]: https://github.com/Ettercap/ettercap/issues/1297 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nopoll: upgrade 0.4.7.b429 -> 0.4.9.b462Ankur Tyagi2026-03-171-1/+1
| | | | | | | | | | | | | | | 0.4.9 ----- Stable release with bug fixing, support for Debian Buster, Debian Bullseye and Ubuntu Focal https://github.com/ASPLes/nopoll/blob/master/doc/release-notes/nopoll-0.4.9.txt 0.4.8 ----- Stable release with bug fixing, support for Debian Buster, Debian Bullseye and Ubuntu Focal https://github.com/ASPLes/nopoll/blob/master/doc/release-notes/nopoll-0.4.8.txt Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* dropwatch: upgrade 1.5.4 -> 1.5.5Gyorgy Sarvari2026-03-171-2/+2
| | | | | | | | | | | Changes: - Added abilty to build and run in a docker container - kas is the default symbol lookup method now - Fix building without libtool installed - Misc fixes for kas lookup logic Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* curlpp: upgrade to latest revisionGyorgy Sarvari2026-03-172-38/+5
| | | | | | | | | | | | | The last release was almost a decade ago, but there are quite a few commits that were added to the project since that. Instead of waiting for a new release, use the tip of the repository. Changelog: https://github.com/jpbarrette/curlpp/compare/v0.8.1...ec1b66e699557cd9d608d322c013a1ebda16bd08 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>