<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/meta-security.git/recipes-security, branch hardknott</title>
<subtitle>Mirror of git.yoctoproject.org/meta-security.git</subtitle>
<id>https://git.enea.com/cgit/linux/meta-security.git/atom?h=hardknott</id>
<link rel='self' href='https://git.enea.com/cgit/linux/meta-security.git/atom?h=hardknott'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/'/>
<updated>2021-12-03T22:15:13+00:00</updated>
<entry>
<title>sssd: re-package to fix QA issues</title>
<updated>2021-12-03T22:15:13+00:00</updated>
<author>
<name>Jeremy A. Puhlman</name>
<email>jpuhlman@mvista.com</email>
</author>
<published>2021-11-16T18:28:29+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=c40e1e84da9624b9096a463dbed3b301c01c268e'/>
<id>urn:sha1:c40e1e84da9624b9096a463dbed3b301c01c268e</id>
<content type='text'>
It packages all file in ${libdir} to package sssd, including the .so
symlink files. Then it causes QA issues:

| ERROR: QA Issue: sssd rdepends on dbus-dev [dev-deps]
| ERROR: QA Issue: sssd rdepends on ding-libs-dev [dev-deps]

So re-package sssd then the .so symlink files and .pc files are packaged
to sssd-dev which should be.

File ${libdir}/libsss_sudo.so is not a symlink file but packaged to
sssd-dev too. Then causes another QA issue:

| ERROR: sssd-2.5.2-r0 do_package_qa: QA Issue:
    -dev package sssd-dev contains non-symlink .so '/usr/lib/libsss_sudo.so' [dev-elf]

So create a new sub-package libsss-sudo to package file libsss_sudo.so
and make sssd rdepends on it.

JP: Updated for version differences.

Signed-off-by: Kai Kang &lt;kai.kang@windriver.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
(cherry picked from commit e81c15f851ca5396c78c8737967ee38db0ebe0cd)
Signed-off-by: Jeremy A. Puhlman &lt;jpuhlman@mvista.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>recipes: Update SRC_URI branch and protocols</title>
<updated>2021-12-03T22:15:07+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2021-11-07T19:30:54+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=d1d0b2a6d79878c17e0fe60f04a8f744f7dd6647'/>
<id>urn:sha1:d1d0b2a6d79878c17e0fe60f04a8f744f7dd6647</id>
<content type='text'>
This patch updates SRC_URIs using git to include branch=master if no branch is set
and also to use protocol=https for github urls as generated by the conversion script
in OE-Core.

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>sssd: fix CVE-2021-3621</title>
<updated>2021-09-10T14:23:59+00:00</updated>
<author>
<name>Kai Kang</name>
<email>kai.kang@windriver.com</email>
</author>
<published>2021-09-10T08:36:46+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=16c68aae0fdfc20c7ce5cf4da0a9fff8bdd75769'/>
<id>urn:sha1:16c68aae0fdfc20c7ce5cf4da0a9fff8bdd75769</id>
<content type='text'>
Backport patch to fix CVE-2021-3621.

CVE: CVE-2021-3621

Signed-off-by: Kai Kang &lt;kai.kang@windriver.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>Use libest "main" branch instead of "master".</title>
<updated>2021-04-12T14:00:47+00:00</updated>
<author>
<name>Anton Antonov</name>
<email>anton.antonov@arm.com</email>
</author>
<published>2021-04-07T10:19:54+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=f93595863c268990253ed96353cdfe0c077264a6'/>
<id>urn:sha1:f93595863c268990253ed96353cdfe0c077264a6</id>
<content type='text'>
This patch fixes the issue:

WARNING: libest-3.2.0-r0 do_fetch: Failed to fetch URL git://github.com/cisco/libest, attempting MIRRORS if available
ERROR: libest-3.2.0-r0 do_fetch: Fetcher failure: Unable to find revision 4ca02c6d7540f2b1bcea278a4fbe373daac7103b in branch master even from upstream
ERROR: libest-3.2.0-r0 do_fetch: Fetcher failure for URL: 'git://github.com/cisco/libest'. Unable to fetch URL from any source.

Signed-off-by: Anton Antonov &lt;Anton.Antonov@arm.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>python3-privacyidea: upgrade 3.5.1 -&gt; 3.5.2</title>
<updated>2021-04-02T15:21:34+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2021-03-29T16:10:47+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=549436c511cf5e6cc1ab4d484627d5f0cbd64973'/>
<id>urn:sha1:549436c511cf5e6cc1ab4d484627d5f0cbd64973</id>
<content type='text'>
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>fscryptctl: Fix installation path</title>
<updated>2021-03-18T15:01:19+00:00</updated>
<author>
<name>lukasz plachno</name>
<email>lukasz.plachno@assaabloy.com</email>
</author>
<published>2021-03-10T16:52:41+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=d4e7769be2f1e8950a7ddd3d38bcf5048100b1b5'/>
<id>urn:sha1:d4e7769be2f1e8950a7ddd3d38bcf5048100b1b5</id>
<content type='text'>
 - Without the patch fscryptctl is installed in
   /usr/bin/usr/local/bin instead of /usr/bin.

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>python3-fail2ban: fix building with ptest enabled</title>
<updated>2021-03-09T16:52:21+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2021-03-07T19:49:46+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=fffd85ac87079fedc9fae2c7e211461cd98855ba'/>
<id>urn:sha1:fffd85ac87079fedc9fae2c7e211461cd98855ba</id>
<content type='text'>
Use new structure for testing.

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>python3-fail2ban: update to 0.11.2</title>
<updated>2021-03-02T19:56:27+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2021-02-28T22:32:03+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=6d810428600b84df6cd7f4342963fd3bb58aa73b'/>
<id>urn:sha1:6d810428600b84df6cd7f4342963fd3bb58aa73b</id>
<content type='text'>
drop hard python3 patch and create it dufing compile.

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>opendnssec: update to 2.1.8</title>
<updated>2021-03-02T19:56:27+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2021-02-28T21:36:32+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=7d3704b22c6927a09942b9b9a851bbe8ad7bc379'/>
<id>urn:sha1:7d3704b22c6927a09942b9b9a851bbe8ad7bc379</id>
<content type='text'>
refresh libdns_conf_fix.patch
Drop fix_fprint.patch includd in update

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>python3-scapy: upgrade 2.4.3 -&gt; 2.4.4</title>
<updated>2021-03-02T19:56:27+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2021-02-28T19:40:24+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=53b59e155134948b52779ae3f94d053c168e08cb'/>
<id>urn:sha1:53b59e155134948b52779ae3f94d053c168e08cb</id>
<content type='text'>
</content>
</entry>
</feed>
