linux/meta-security.git/recipes-security, branch master-next

google-authenticator-libpam: update 1.0.9 -> 1.11

2026-05-17T14:44:55+00:00

Changes from 1.09 to 1.10: - Shorten syslog name to work with rsyslog (#172) - Update config file with grace period in all cases (#193) - Remove printing QR code using Google Charts URL (service shut down) Changes from 1.10 to 1.11: - Change secret key bits from 128 to 160 bits (#266, #271) - Add support for black & white terminals (#268, #270) - Fix grace_period for IPv6 link-local addresses (#265) Also fix the .bb recipe: - Fix typo: RDEPNEDS -> RDEPENDS - Use new override syntax: RDEPENDS:pam-google-authenticator (replaces old underscore style RDEPENDS_pam-google-authenticator) Signed-off-by: Haitao Liu Signed-off-by: Scott Murray

firejail: fix COMPATIBLE_MACHINE setting

2026-05-13T05:21:04+00:00

Because "x86_64" and "arm64" aren't valid in bitbake OVERRIDES, they should be corrected to "x86-64" and "aarch64". On the other side, "x86_64" and "arch64" aren't valid MACHINE name. So correct the way to "only allow x86-64 and arm64 to build": COMPATIBLE_MACHINE = "(-)" => disallow all machine first COMPATIBLE_MACHINE:aarch64 = "(.*)" => when arch "aarch64" in OVERRIDES, allow all machines. COMPATIBLE_MACHINE:x86-64 = "(.*)" => when arch "x84-64" in OVERRIDES, allow all machines. Fix 1dd076d3a76f ("firejail: only allow x86-64 and arm64 to build") Signed-off-by: Li Zhou Signed-off-by: Scott Murray

ncrack: Update

2026-04-27T18:47:27+00:00

Bump to HEAD of ncrack's master branch to pick up build fixes for newer gcc's. PV has been updated to indicate that we are now building something newer than the 0.7 tagged commit. License-Update: copyright years refreshed Signed-off-by: Scott Murray

libmhash: Remove

2026-04-27T18:47:27+00:00

Remove libmhash, as it is no longer required to build aide. Signed-off-by: Scott Murray

libmspack: Remove

2026-04-27T18:47:27+00:00

Remove libmspack recipe, and remove it from clamav's DEPENDS. clamav now vendors its own substantially modified copy, so there's no reason to carry a recipe for it. Signed-off-by: Scott Murray

opendnssec: Upgrade to 2.1.14

2026-04-27T18:47:27+00:00

Upgrade to 2.1.14 and add some patches from the github PR queue to fix compilation. Signed-off-by: Scott Murray

aircrack-ng: Upgrade to 1.7

2026-04-27T18:47:27+00:00

Upgrade to the latest release, 1.7, and rework recipe so that it actually builds again. Note that the extra scripts are no longer installed by default as they seem somewhat stale and likely further work is required to have any of them work. A PACKAGECONFIG option, "ext-scripts" has been added to enable installing them if they are required for some reason. Signed-off-by: Scott Murray

krill: fix missing dollar sign in FILES

2026-04-24T21:48:55+00:00

{sysconfdir} -> ${sysconfdir} Signed-off-by: Wenlin Kang Signed-off-by: Scott Murray

isic: fix RDEPNEDS typo

2026-04-14T21:18:23+00:00

Fix typo: RDEPNEDS -> RDEPENDS Signed-off-by: Haiqing Bai (fixed RDEPENDS:${PN}) Signed-off-by: Scott Murray

meta-security: fix incorrect HOMEPAGE variable names

2026-04-14T21:18:23+00:00

Several recipes used non-standard variable names for the homepage URL (HOME_PAGE, HOME_URL, HOMEDIR) which are not recognized by bitbake. Rename them all to the correct HOMEPAGE variable. Affected recipes: - glome: HOME_PAGE -> HOMEPAGE - google-authenticator-libpam: HOME_PAGE -> HOMEPAGE - arpwatch: HOME_PAGE -> HOMEPAGE - openscap: HOME_URL -> HOMEPAGE - scap-security-guide: HOME_URL -> HOMEPAGE - lynis: HOMEDIR -> HOMEPAGE Signed-off-by: Zhang Peng Signed-off-by: Scott Murray