From 32081787dc12cd372be6e2b134379e735f1bbc08 Mon Sep 17 00:00:00 2001 From: Michael Opdenacker Date: Wed, 22 Apr 2026 12:06:48 +0200 Subject: kernel-hardening-checker: update 0.6.10.2 -> 0.6.17.1 Following the update on master. This version reports more hardening issues: 128 "failures" instead of 113 on the same kernel. Signed-off-by: Michael Opdenacker Signed-off-by: Anuj Mittal --- .../kernel-hardening-checker_0.6.10.2.bb | 41 ---------------------- .../kernel-hardening-checker_0.6.17.1.bb | 41 ++++++++++++++++++++++ 2 files changed, 41 insertions(+), 41 deletions(-) delete mode 100644 meta-oe/recipes-security/kernel-hardening-checker/kernel-hardening-checker_0.6.10.2.bb create mode 100644 meta-oe/recipes-security/kernel-hardening-checker/kernel-hardening-checker_0.6.17.1.bb diff --git a/meta-oe/recipes-security/kernel-hardening-checker/kernel-hardening-checker_0.6.10.2.bb b/meta-oe/recipes-security/kernel-hardening-checker/kernel-hardening-checker_0.6.10.2.bb deleted file mode 100644 index c0ae0f0d3c..0000000000 --- a/meta-oe/recipes-security/kernel-hardening-checker/kernel-hardening-checker_0.6.10.2.bb +++ /dev/null @@ -1,41 +0,0 @@ -SUMMARY = "A tool for checking the security hardening options of the Linux kernel" -DESCRIPTION = "\ - There are plenty of security hardening options for the Linux kernel; Kconfig \ - options (compile-time); Kernel cmdline arguments (boot-time); Sysctl \ - parameters (runtime). A lot of them have to be enabled manually to make the \ - system more secure which is difficult to track. This tool helps with this \ - task by checking and reporting about the settings compared to a list of \ - recommendation. \ -" -HOMEPAGE = "https://github.com/a13xp0p0v/kernel-hardening-checker" -BUGTRACKER = "https://github.com/a13xp0p0v/kernel-hardening-checker/issues" -LICENSE = "GPL-3.0-only" -LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=d32239bcb673463ab874e80d47fae504" - -SRC_URI = "git://github.com/a13xp0p0v/kernel-hardening-checker;protocol=https;branch=master \ - file://0001-pyproject.toml-fix-up-license-information.patch \ - file://0002-pyproject.toml-relax-setuptool-version-requirement.patch" - -SRCREV = "0ebece346f187e7d3589883cc1d194fcd1c3cda8" - -S = "${WORKDIR}/git" - -PACKAGE_ARCH = "${MACHINE_ARCH}" - -RDEPENDS:${PN} = "\ - python3-json \ - python3-misc \ - python3-compression \ - bash \ -" - -# /boot/config is required for the analysis -RRECOMMENDS:${PN}:class-target = "\ - kernel-dev \ -" - -inherit python_setuptools_build_meta - -# allow to run on build host, if you don't want it in the image -# oe-run-native kernel-hardening-checker-native kernel-hardening-checker ... -BBCLASSEXTEND = "native" diff --git a/meta-oe/recipes-security/kernel-hardening-checker/kernel-hardening-checker_0.6.17.1.bb b/meta-oe/recipes-security/kernel-hardening-checker/kernel-hardening-checker_0.6.17.1.bb new file mode 100644 index 0000000000..b83790ccb7 --- /dev/null +++ b/meta-oe/recipes-security/kernel-hardening-checker/kernel-hardening-checker_0.6.17.1.bb @@ -0,0 +1,41 @@ +SUMMARY = "A tool for checking the security hardening options of the Linux kernel" +DESCRIPTION = "\ + There are plenty of security hardening options for the Linux kernel; Kconfig \ + options (compile-time); Kernel cmdline arguments (boot-time); Sysctl \ + parameters (runtime). A lot of them have to be enabled manually to make the \ + system more secure which is difficult to track. This tool helps with this \ + task by checking and reporting about the settings compared to a list of \ + recommendation. \ +" +HOMEPAGE = "https://github.com/a13xp0p0v/kernel-hardening-checker" +BUGTRACKER = "https://github.com/a13xp0p0v/kernel-hardening-checker/issues" +LICENSE = "GPL-3.0-only" +LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=d32239bcb673463ab874e80d47fae504" + +SRC_URI = "git://github.com/a13xp0p0v/kernel-hardening-checker;protocol=https;branch=master \ + file://0001-pyproject.toml-fix-up-license-information.patch \ + file://0002-pyproject.toml-relax-setuptool-version-requirement.patch" + +SRCREV = "afc376f2a935994793343cfeb05953583cc30191" + +S = "${WORKDIR}/git" + +PACKAGE_ARCH = "${MACHINE_ARCH}" + +RDEPENDS:${PN} = "\ + python3-json \ + python3-misc \ + python3-compression \ + bash \ +" + +# /boot/config is required for the analysis +RRECOMMENDS:${PN}:class-target = "\ + kernel-dev \ +" + +inherit python_setuptools_build_meta + +# allow to run on build host, if you don't want it in the image +# oe-run-native kernel-hardening-checker-native kernel-hardening-checker ... +BBCLASSEXTEND = "native" -- cgit v1.2.3-54-g00ecf