<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/meta-security.git, branch pyro</title>
<subtitle>Mirror of git.yoctoproject.org/meta-security.git</subtitle>
<id>https://git.enea.com/cgit/linux/meta-security.git/atom?h=pyro</id>
<link rel='self' href='https://git.enea.com/cgit/linux/meta-security.git/atom?h=pyro'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/'/>
<updated>2018-07-03T22:35:17+00:00</updated>
<entry>
<title>CVE-2018-11652 nikto: arbitray OS command injection via http server field.</title>
<updated>2018-07-03T22:35:17+00:00</updated>
<author>
<name>Nagalakshmi Veeramallu</name>
<email>nveeramallu@mvista.com</email>
</author>
<published>2018-06-29T10:08:25+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=ca3fbcd57d0f66ef710c2c0b78a1d416d4aec653'/>
<id>urn:sha1:ca3fbcd57d0f66ef710c2c0b78a1d416d4aec653</id>
<content type='text'>
CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers
to inject arbitrary OS commands via the Server field in an HTTP response header,
 which is directly injected into a CSV report.

Signed-off-by: Nagalakshmi Veeramallu &lt;nveeramallu@mvista.com&gt;
Reviewed-by: Jagadeesh Krishnanjanappa &lt;jkrishnanjanappa@mvista.com&gt;
Signed-off-by: Armin Kuster &lt;akuster@mvista.com&gt;
</content>
</entry>
<entry>
<title>apparmor: fix a few build issues</title>
<updated>2017-11-06T21:48:40+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2017-09-10T17:36:59+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=c0f7429d0a56bdb56e296c1758c258af47c4ec60'/>
<id>urn:sha1:c0f7429d0a56bdb56e296c1758c258af47c4ec60</id>
<content type='text'>
 configure.ac:8: http://www.gnu.org/software/automake/manual/automake.html#Modernize-AM_005fINIT_005fAUTOMAKE-invocation
| configure.ac:8: error: version mismatch.  This is Automake 1.15.1,
| configure.ac:8: but the definition used by this AM_INIT_AUTOMAKE

add aclocal

and

 make: Entering directory '/home/akuster/oss/clean/poky/build/tmp/work/mips64-poky-linux/apparmor/2.11.0-r0/apparmor-2.11.0/binutils'
| error: ../libraries/libapparmor//src/.libs/libapparmor.a is missing. Pick one of these possible solutions:

remove --disable-static

and

ERROR: apparmor-2.11.0-r0 do_package_qa: QA Issue: /usr/lib/apparmor/ptest/testsuite/parser/tst/gen-dbus.pl contained in package apparmor-ptest requires /usr/bin/perl, but no providers found in RDEPENDS_apparmor-ptest? [file-rdeps]

add perl to ptest RDEPENDS

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>Apparmor: add apache2 to PACKAGECONF and check for webserver layer</title>
<updated>2017-11-06T21:11:44+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2017-09-10T16:43:01+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=b65097e0336643c7b75e16852837a9fab6ad56cb'/>
<id>urn:sha1:b65097e0336643c7b75e16852837a9fab6ad56cb</id>
<content type='text'>
Don't want to add layer depends for one package unless needed.

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>apparmor: Rework such that the utilities are functional by default</title>
<updated>2017-11-06T20:33:12+00:00</updated>
<author>
<name>Tom Rini</name>
<email>trini@konsulko.com</email>
</author>
<published>2017-06-14T02:18:45+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=2cf7479883c624127e76874e06ed59f16857544e'/>
<id>urn:sha1:2cf7479883c624127e76874e06ed59f16857544e</id>
<content type='text'>
This introduces a number of changes:
- Fix the python PACKAGECONFIG knob
  - The included python support is python3-based, so use those classes.
  - When set, make sure to RDEPEND on the python modules the tools use.
- Fix the perl PACKAGECONFIG knob
  - Add two patches so that configure will find perl and then compile
    will cross-compile the library correctly.
  - So that we place perl modules in the correct location we need cpan
    to be inherited.
  - When disabled, remove the RDEPENDS on perl as the RDEPENDS comes in
    via inherit.
- Default to enabling the python and perl PACKAGECONFIG knobs as the
  majority of the userspace tools are python3 based, and the few that
  aren't that nor C based are perl based.
- Because of the above we must drop the -python package because it's
  required for the utilities in the main package.

Signed-off-by: Tom Rini &lt;trini@konsulko.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>apparmor: fix python packaging issue</title>
<updated>2017-11-06T20:32:08+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster@mvista.com</email>
</author>
<published>2017-05-24T01:13:57+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=3d0bf443a24b694eb2cf6f447d61c084b12de512'/>
<id>urn:sha1:3d0bf443a24b694eb2cf6f447d61c084b12de512</id>
<content type='text'>
WARNING: apparmor-2.11.0-r0 do_package: QA Issue: apparmor: Files/directories were installed but not shipped in any package:
  /usr/lib/python2.7
  /usr/lib/python2.7/site-packages
  /usr/lib/python2.7/site-packages/apparmor-2.11.0-py2.7.egg-info
  /usr/lib/python2.7/site-packages/apparmor
  /usr/lib/python2.7/site-packages/apparmor/regex.py

use python2 instead of python3

Signed-off-by: Armin Kuster &lt;akuster@mvista.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>layer-conf: Use *_FEATURES in LAYERDEPENDS</title>
<updated>2017-05-14T14:56:52+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2017-05-09T14:36:11+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=b20c1242f79873e9da0fc0f5b3902f095dc923e8'/>
<id>urn:sha1:b20c1242f79873e9da0fc0f5b3902f095dc923e8</id>
<content type='text'>
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>security-core package group: add few more apps</title>
<updated>2017-05-14T14:56:52+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2017-05-09T14:34:23+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=08a233b61e4598c9347ce199a7bd66273f1ef21b'/>
<id>urn:sha1:08a233b61e4598c9347ce199a7bd66273f1ef21b</id>
<content type='text'>
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>clamav: fix new build error</title>
<updated>2017-05-14T14:56:52+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2017-05-09T14:28:47+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=6ae8f496a62fee709bbe76f65b397f9d7ea4361e'/>
<id>urn:sha1:6ae8f496a62fee709bbe76f65b397f9d7ea4361e</id>
<content type='text'>
configure: error: The installed zlib version may contain a security bug. Please upgrade to 1.2.2 or later: http://www.zlib.net. You can omit this check with --disable-zlib-vcheck but DO NOT REPORT any stability issues then!

bypass check as our zlib is 1.2.11

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>sssd: update SRC_URI as git.fedorahosted.org shut down</title>
<updated>2017-05-14T14:56:52+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2017-05-09T01:55:44+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=e0e46368e9275f25ff48a878133c3f5493e92b33'/>
<id>urn:sha1:e0e46368e9275f25ff48a878133c3f5493e92b33</id>
<content type='text'>
build fixes too

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>tpm2: package groups fixes</title>
<updated>2017-05-14T14:56:52+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2017-05-08T19:47:42+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=1671f7d7e2111082609247558d17da4deb171b2a'/>
<id>urn:sha1:1671f7d7e2111082609247558d17da4deb171b2a</id>
<content type='text'>
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
</feed>
