<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/meta-security.git/recipes-security/ecryptfs-utils, branch styhead</title>
<subtitle>Mirror of git.yoctoproject.org/meta-security.git</subtitle>
<id>https://git.enea.com/cgit/linux/meta-security.git/atom?h=styhead</id>
<link rel='self' href='https://git.enea.com/cgit/linux/meta-security.git/atom?h=styhead'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/'/>
<updated>2024-06-17T12:25:25+00:00</updated>
<entry>
<title>recipes: WORKDIR -&gt; UNPACKDIR transition</title>
<updated>2024-06-17T12:25:25+00:00</updated>
<author>
<name>Changqing Li</name>
<email>changqing.li@windriver.com</email>
</author>
<published>2024-05-28T05:44:06+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=ceb47a8a39c4cec612db63fab573124960f52a8d'/>
<id>urn:sha1:ceb47a8a39c4cec612db63fab573124960f52a8d</id>
<content type='text'>
* WORKDIR -&gt; UNPACKDIR transition
* Switch away from S = WORKDIR

Signed-off-by: Changqing Li &lt;changqing.li@windriver.com&gt;
[Fixed up the smack changes due to prior patch]
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>*.patch: fix malformed Upstream-Status and SOB lines</title>
<updated>2023-06-25T19:05:28+00:00</updated>
<author>
<name>Martin Jansa</name>
<email>Martin.Jansa@gmail.com</email>
</author>
<published>2023-06-22T14:35:51+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=df8a1eb479170277de354b73af31601eb6f583be'/>
<id>urn:sha1:df8a1eb479170277de354b73af31601eb6f583be</id>
<content type='text'>
* as reported by openembedded-core/scripts/contrib/patchreview.py -v .

Malformed Signed-off-by 'Signed-Off-By:' (./recipes-mac/AppArmor/files/crosscompile_perl_bindings.patch)
Malformed Signed-off-by 'Signed-Off-By:' (./recipes-mac/AppArmor/files/disable_perl_h_check.patch)

Missing Upstream-Status tag (./recipes-compliance/scap-security-guide/files/0001-standard.profile-expand-checks.patch)

Malformed Upstream-Status 'Malformed Upstream-Status in patch ./recipes-ids/samhain/files/samhain-not-run-ptest-on-host.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch ./recipes-ids/samhain/files/samhain-pid-path.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch ./recipes-ids/suricata/files/fixup.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch ./recipes-scanners/clamav/files/fix2_libcurl_check.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch ./recipes-security/ecryptfs-utils/files/ecryptfs-utils-CVE-2016-6224.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch ./recipes-security/isic/files/configure_fix.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch ./recipes-security/krill/files/panic_workaround.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch ./recipes-security/opendnssec/files/libdns_conf_fix.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch ./recipes-security/opendnssec/files/libxml2_conf.patch

Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>*.patch: add Upstream-Status to all patches</title>
<updated>2023-06-25T19:05:28+00:00</updated>
<author>
<name>Martin Jansa</name>
<email>Martin.Jansa@gmail.com</email>
</author>
<published>2023-06-21T10:42:15+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=ea97a23986d26f9d2b96c157964fdfdf5079ec6c'/>
<id>urn:sha1:ea97a23986d26f9d2b96c157964fdfdf5079ec6c</id>
<content type='text'>
There is new patch-status QA check in oe-core:
https://git.openembedded.org/openembedded-core/commit/?id=76a685bfcf927593eac67157762a53259089ea8a

This is temporary work around just to hide _many_ warnings from
optional patch-status (if you add it to WARN_QA).

This just added
Upstream-Status: Pending
everywhere without actually investigating what's the proper status.

This is just to hide current QA warnings and to catch new .patch files being
added without Upstream-Status, but the number of Pending patches is now terrible:

0 (0%)  	meta-parsec
N/A (0%)        meta-hardening
1 (100%)        meta-integrity
15 (68%)        meta-tpm
27 (61%)        meta-security

Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>ecryptfs-utils: add UPSTREAM_CHECK_URI</title>
<updated>2022-08-02T20:45:26+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2022-07-29T23:04:50+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=522c08e98d0190bb72325e355a947b783fb77fac'/>
<id>urn:sha1:522c08e98d0190bb72325e355a947b783fb77fac</id>
<content type='text'>
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>meta-security : Use SPDX style licensing format</title>
<updated>2022-04-02T18:21:42+00:00</updated>
<author>
<name>Ashish Sharma</name>
<email>asharma@mvista.com</email>
</author>
<published>2022-03-23T19:41:56+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=c56ae450c93a1383a1ce800a32a6ef2c3fbbae1c'/>
<id>urn:sha1:c56ae450c93a1383a1ce800a32a6ef2c3fbbae1c</id>
<content type='text'>
WARNING: selinux-sandbox-3.3-r0 do_package_qa: QA Issue: Recipe LICENSE includes obsolete licenses GPLv2+ [obsolete-license] \
WARNING: selinux-gui-3.3-r0 do_package_qa: QA Issue: Recipe LICENSE includes obsolete licenses GPLv2+ [obsolete-license] \
WARNING: semodule-utils-3.3-r0.1 do_package_qa: QA Issue: Recipe LICENSE includes obsolete licenses GPLv2+ [obsolete-license] \
WARNING: selinux-dbus-3.3-r0 do_package_qa: QA Issue: Recipe LICENSE includes obsolete licenses GPLv2+ [obsolete-license] \
WARNING: libwhisker2-perl-2.5-r0 do_package_qa: QA Issue: Recipe LICENSE includes obsolete licenses GPL-1.0+ [obsolete-license] \
WARNING: lib-perl-0.63-r0 do_package_qa: QA Issue: Recipe LICENSE includes obsolete licenses GPL-1.0+ [obsolete-license] \
WARNING: libhtp-0.5.39-r0 do_package_qa: QA Issue: Recipe LICENSE includes obsolete licenses GPLv2 [obsolete-license] \
...

Signed-off-by: Ashish Sharma &lt;asharma@mvista.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>meta-security: Convert to new override syntax</title>
<updated>2021-08-01T15:47:08+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2021-07-29T23:31:12+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=11a67b861af74d59ccfd609d6d943e966ccff731'/>
<id>urn:sha1:11a67b861af74d59ccfd609d6d943e966ccff731</id>
<content type='text'>
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>ecryptfs-utils: fix musl build</title>
<updated>2020-10-10T23:21:48+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2020-10-07T19:29:21+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=b3f10d2285fa68da210c03aaecb21a739a1afd96'/>
<id>urn:sha1:b3f10d2285fa68da210c03aaecb21a739a1afd96</id>
<content type='text'>
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>ecryptfs-utils: search nspr header files in ${STAGING_INCDIR}/nspr directory</title>
<updated>2020-02-02T16:38:43+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2020-02-02T16:38:43+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=2732ab1467cd3d4af4262b773f181022fba00778'/>
<id>urn:sha1:2732ab1467cd3d4af4262b773f181022fba00778</id>
<content type='text'>
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>ecryptfs-utils: fix race condition in do_install</title>
<updated>2019-08-28T15:05:55+00:00</updated>
<author>
<name>Qi.Chen@windriver.com</name>
<email>Qi.Chen@windriver.com</email>
</author>
<published>2019-08-28T01:48:44+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=10ac9f8bff0cad508404ac22d66132115db02d8b'/>
<id>urn:sha1:10ac9f8bff0cad508404ac22d66132115db02d8b</id>
<content type='text'>
The rootsbindir is a self-defined directory. The install-rootsbinPROGRAMS
is actually treated as part of install-data instead of install-exec.

Do making install-exec-am depend on it actually results in the following
Makefile contents.

  install-data-am: install-rootsbinPROGRAMS
  install-exec-am: install-binPROGRAMS install-binSCRIPTS
          @$(NORMAL_INSTALL)
          $(MAKE) $(AM_MAKEFLAGS) install-exec-hook
  install-exec-hook:      install-rootsbinPROGRAMS

And this results in race condition as two install commands of the same
file running at the same time. Error message is like below.

  TOPDIR/tmp-glibc/hosttools/install: cannot create regular file 'TOPDIR/tmp-glibc/work/aarch64-wrs-linux/ecryptfs-utils/111-r0/image/sbin/mount.ecryptfs': File exists

Signed-off-by: Chen Qi &lt;Qi.Chen@windriver.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>ecryptfs-utils: remove openssl PACKAGECONFIG</title>
<updated>2019-08-28T15:05:48+00:00</updated>
<author>
<name>Qi.Chen@windriver.com</name>
<email>Qi.Chen@windriver.com</email>
</author>
<published>2019-08-28T01:48:43+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=bcbd10be8775785c2d03fc768a1f76a6c13ea8b8'/>
<id>urn:sha1:bcbd10be8775785c2d03fc768a1f76a6c13ea8b8</id>
<content type='text'>
ecryptfs-utils does not build with openssl1.1.

Previously this openssl PACKAGECONFIG is disabled by default, so
we are not getting build failures by default. But if we enable it,
we get do_compile failure.

This package is from ubuntu source, and the one ubuntu ships does not
depend on openssl. The development of this package has stopped for about
3 years. I don't see it will fix the build offically.

So remove this PACKAGECONFIG and use '--disable-openssl' directly.

Signed-off-by: Chen Qi &lt;Qi.Chen@windriver.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
</feed>
