Commit Graph

795 Commits

Author SHA1 Message Date
Yi Zhao d9f86ba48c samba: upgrade 4.18.8 -> 4.18.9
This is the latest stable release of the Samba 4.18 release series.
It contains the security-relevant bugfix CVE-2018-14628:

    Wrong ntSecurityDescriptor values for "CN=Deleted Objects"
    allow read of object tombstones over LDAP
    (Administrator action required!)
    https://www.samba.org/samba/security/CVE-2018-14628.html

Release Notes:
https://www.samba.org/samba/history/samba-4.18.9.html

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f4c3c747d6)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2024-01-16 19:28:29 -05:00
Beniamin Sandu 0b4ea22dd7 mbedtls: upgrade 3.4.1 -> 3.5.0
* Includes security fix for CVE-2023-43615 - Buffer overread in TLS stream cipher suites
* Includes security fix for CVE-2023-45199 - Buffer overflow in TLS handshake parsing with ECDH
* Includes aesce compilation fixes

Full changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.5.0

The extra patch fixes x86 32-bit builds.

Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit ae4e1e70a1)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2023-11-01 08:16:30 -04:00
Khem Raj 81337ccc55 network-manager-applet,networkmanager-openvpn, networkmanager: Apply linker versioning patch when using lld only
This patch caused GNU linker to fail linking, therefore limit it to just
lld.

Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 22889b13f3)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2023-11-01 08:16:30 -04:00
Peter Kjellerstedt c996d57724 mosquitto: Support building for native again
Support for building from native was removed in commit e1b332f2e
(meta-networking: Drop broken BBCLASSEXTEND variants), most likely due
to no support for building libwebsockets-native. That support has now
been added, so it is now possible to build mosquitto-native again.

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit ad27cdd560)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2023-11-01 08:16:30 -04:00
Richard Purdie d92a059e21 meta-networking: Drop broken BBCLASSEXTEND variants
The command "bitbake universe -c fetch" currently throws a ton of warnings
as there are many 'impossible' dependencies.

In some cases these variants may never have worked and were just added by copy
and paste of recipes. In some cases they once clearly did work but became
broken somewhere along the way. Users may also be carrying local bbappend files
which add further BBCLASSEXTEND.

Having universe fetch work without warnings is desireable so clean up the broken
variants. Anyone actually needing something dropped here can propose adding it
and the correct functional dependencies back quite easily. This also then
ensures we're not carrying or fixing things nobody uses.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e1b332f2ef)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2023-11-01 08:16:30 -04:00
Fabien Thomas 178d3067db samba.bb : Disable ad-dc by default
When this feature is enabled by default in packageconfig
this implies a dependency to python3-dnspython which is in meta-python.

Disable ac-dc PACKAGECONFIG by default to avoid adding a layer
dependency only for this feature.

Signed-off-by: Fabien Thomas <fabien.thomas@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c817cf55ae)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2023-10-30 07:14:02 -04:00
Yi Zhao 08ccdf95ee samba: use external cmocka instead of bundled cmocka
Do not use bundled cmocka to get rid of bundled library
libcmocka-samba4.so.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 649f63a235)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2023-10-17 08:23:02 -04:00
Yi Zhao ee13d4533d samba: upgrade 4.18.6 -> 4.18.8
This is a security release in order to address the following defects:

CVE-2023-3961:  Unsanitized pipe names allow SMB clients to connect as root to
                existing unix domain sockets on the file system.
                https://www.samba.org/samba/security/CVE-2023-3961.html

CVE-2023-4091:  SMB client can truncate files to 0 bytes by opening files with
                OVERWRITE disposition when using the acl_xattr Samba VFS
                module with the smb.conf setting
		"acl_xattr:ignore system acls = yes"
                https://www.samba.org/samba/security/CVE-2023-4091.html

CVE-2023-4154:  An RODC and a user with the GET_CHANGES right can view all
                attributes, including secrets and passwords.  Additionally,
                the access check fails open on error conditions.
                https://www.samba.org/samba/security/CVE-2023-4154.html

CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the
                server block for a user-defined amount of time, denying
                service.
                https://www.samba.org/samba/security/CVE-2023-42669.html

CVE-2023-42670: Samba can be made to start multiple incompatible RPC
                listeners, disrupting service on the AD DC.
                https://www.samba.org/samba/security/CVE-2023-42670.html

Release Notes:
https://www.samba.org/samba/history/samba-4.18.8.html

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f674a9d4f9)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2023-10-17 08:23:02 -04:00
Pawel Langowski f748a33d66 recipes-connectivity: Add tayga recipe
Recipe for TAYGA - an out-of-kernel stateless NAT64 implementation for Linux

Signed-off-by: Pawel Langowski <pawel.langowski@3mdeb.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 470b24bc04)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2023-10-12 09:58:05 -04:00
Khem Raj 43f8a0ac20 relayd: Fix build with clang
GNU extention is now in use in 6.5 kernel headers sadly

Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 29a2122393)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2023-10-04 07:52:49 -07:00
Khem Raj 56d748e139 relayd: Update to latest tip of trunk
Drop the patch fixing an issue already addressed upstream

Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 616991508e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2023-10-04 07:52:49 -07:00
Martin Jansa 6bf8258be0 mosquitto, etcd-cpp-apiv3: add missing Upstream-Status
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5488a32d90)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2023-10-04 07:52:48 -07:00
Martin Jansa 78bd023a62 gnome-tweaks, networkmanager-fortisslvpn, libesmtp, json-schema-validator, python3-pybluez, python3-pynetlinux, apache2: Fix Malformed Upstream-Status
* Accepted was replaced with Backport in gatesgarth:
  https://docs.yoctoproject.org/migration-guides/migration-3.2.html#miscellaneous-changes

* as detected with oe-core/scripts/contrib/patchreview.py:

meta-openembedded $ grep -A 3 Malformed *qa-patches
meta-gnome.qa-patches:Malformed Upstream-Status 'Malformed Upstream-Status in patch
meta-gnome.qa-patches-/OE/layers/meta-openembedded/meta-gnome/recipes-gnome/gnome-tweaks/gnome-tweaks/0002-meson-fix-invalid-positional-argument.patch
meta-gnome.qa-patches-Please correct according to https://docs.yoctoproject.org/contributor-guide/recipe-style-guide.html#patch-upstream-status :
meta-gnome.qa-patches-Upstream-Status: Accepted [https://gitlab.gnome.org/GNOME/gnome-tweaks/-/commit/dc9701e18775c01d0b69fabaa350147f70096da8]' (/OE/layers/meta-openembedded/meta-gnome/recipes-gnome/gnome-tweaks/gnome-tweaks/0002-meson-fix-invalid-positional-argument.patch)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a1c3c7f4e8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2023-10-04 07:52:48 -07:00
Gianfranco Costamagna bfed70451d mosquitto: upgrade 2.0.17 -> 2.0.18
Add two patches from Debian, pull requests proposed upstream as 2894 and 2895
to make it start only when board is online, and to fix dynamic websockets link failure

Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 79088766c8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2023-10-04 07:52:48 -07:00
Gianfranco Costamagna 56027584e9 mosquitto: upgrade 2.0.15 -> 2.0.17
Fix for CVE-2023-28366, CVE-2023-0809, CVE-2023-3592

Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-09-13 07:31:33 -07:00
Gianfranco Costamagna 66ec22d090 mosquitto: do not automatically depend on dlt-daemon, it's a non-mandatory logging system
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-09-12 19:34:09 -07:00
Khem Raj 154fc9f5a6 openconnect: Fix build with GnuTLS v3.8.1
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-09-07 11:43:45 -07:00
Khem Raj 42e5af1501 openconnect: Upgrade to 9.12
License-Update: Update LGPL text to match original license verbatim [1]

[1] https://git.infradead.org/users/dwmw2/openconnect.git/commit/8c9a353b4930dc081222ae05b3bcd42d0c78b66f
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-09-07 11:43:45 -07:00
Beniamin Sandu dcafc2c09c mbedtls: upgrade 2.28.3 -> 2.28.4
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-09-07 10:29:42 -07:00
Beniamin Sandu 6cf2f1045a mbedtls: upgrade 3.4.0 -> 3.4.1
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-09-07 10:29:42 -07:00
Khem Raj f709cb0424 networkmanager-openvpn: Fix build with lld on musl
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-09-03 09:04:09 -07:00
Khem Raj 87ae6f0c22 networkmanager: Fix build on musl
musl does not need _IO_stdin_used, since its not provided by toolchain
runtime ( crt files ) lld linker complains about undefined global symbol
on musl

Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-08-31 22:37:05 -07:00
Yi Zhao 00d3a63933 samba: upgrade 4.18.5 -> 4.18.6
Release Notes:
https://www.samba.org/samba/history/samba-4.18.6.html

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-08-22 21:18:05 -07:00
Wang Mingyu ff1d9fb3aa networkmanager: upgrade 1.42.8 -> 1.44.0
Changelog:
==========
* Introduce a new "link" setting that holds properties related to the
  kernel link such as "tx-queue-length", "gso-max-size",
  "gso-max-segments", "gro-max-size".
* Support sending a DHCPv6 prefix delegation hint via the
  "ipv6.dhcp-pd-hint" connection property.
* Support new bond options: "arp_missed_max", "lacp_active",
  "ns_ip6_target".
* Add new "initial-eps-bearer-configure" and "initial-eps-bearer-apn"
  properties in the GSM setting.
* Setting "connection.stable-id=default${CONNECTION}" changed behavior to
  be identical to the built-in default value when the stable-id is not set.
* Add a "[keyfile].rename" option to NetworkManager.conf to force renaming
  profiles on disk when their name changes.
* The ifcfg-rh plugin is deprecated; it will only receive bugfixes and
  no new features. A warning is emitted the log when a connection in
  ifcfg-rh format is found.
* To automatically migrate existing ifcfg-rh connections to the
  keyfile format, a new configuration option "main.migrate-ifcfg-rh"
  is provided. Migration is disabled by default, but the default value
  can be changed at build time via
  "--with-config-migrate-ifcfg-rh-default=yes".
* When configuring hostnames in non-public TLD (like "example.local"), use
  the TLD as default search domain instead of the full hostname.
* Always apply DNS options from the [global-dns] configuration section
* The NetworkManager daemon now acquires the D-Bus name only after
  populating the D-Bus tree. This can add a delay during startup but
  it is required to avoid race conditions with other services
  depending on NM.
* Add a "version-id" argument to the Update2() D-Bus call to guard
  against concurrent modifications of profiles.
* Don't use tentative IPv6 addresses to resolve the system hostname
  via DNS.
* Track the number of autoconnect retries left for each device and
  connection. Previously it was tracked only per connection and this
  lead to unexpected behaviors in case of multiconnect profiles.
* Set VLAN filtering options on bridge via netlink instead of sysfs.
* nm-cloud-setup now supports IMDSv2 on Amazon EC2.
* nmtui now allows to enable or disable Wi-Fi and WWAN radios.
* Honor ignore-carrier=no for bond/bridge/team devices.
* Add version mismatch warning when running nmcli commands.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-08-15 20:07:54 -07:00
Michael Opdenacker c1330b1f53 remove unused AUTHOR variable
No longer used in generating packages
Also creates a possible confusion with the recipe maintainer
name.

Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-08-03 09:14:20 -07:00
Peter Marko ed334821c2 cve_check: fix conversion errors
Conversion from CVE_CHECK_IGNORE to CVE_STATUS had some copy+paste
issues.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-07-31 08:10:34 -07:00
Yi Zhao dd18c5fea7 daq: enable nfq module build
NFQ is the new and improved way to process iptables packets. Snort IPS
mode requires this module in some cases.

Before the patch:
$ snort --daq-list
Available DAQ modules:
pcap(v3): readback live multi unpriv
ipfw(v3): live inline multi unpriv
dump(v3): readback live inline multi unpriv
afpacket(v5): live inline multi unpriv

After the patch:
$ snort  --daq-list
Available DAQ modules:
pcap(v3): readback live multi unpriv
nfq(v7): live inline multi
ipfw(v3): live inline multi unpriv
dump(v3): readback live inline multi unpriv
afpacket(v5): live inline multi unpriv

Also update 0001-correct-the-location-of-unistd.h.patch to fix build
with musl.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-07-28 07:28:03 -07:00
Yi Zhao 65f1009ced samba: upgrade 4.18.4 -> 4.18.5
This is a security release in order to address the following defects:
CVE-2022-2127
CVE-2023-3347
CVE-2023-34966
CVE-2023-34967
CVE-2023-34968

Release Notes:
https://www.samba.org/samba/history/samba-4.18.5.html

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-07-27 08:54:40 -07:00
Andrej Valek 8af2f17a6f cve_check: convert CVE_CHECK_IGNORE to CVE_STATUS
- Try to add convert and apply statuses for old CVEs
- Drop some obsolete ignores, while they are not relevant for current
  version

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-07-27 08:54:40 -07:00
Khem Raj d57c465562 dhcp-relay: Pass cross configure flags to bind build
This ensures that host tools like 'gen' are built for build host and not
target. internal bind build supplies its own options to configuring it,
where it does not pass --host option and as a result it does not deduce
it to be a cross compile and hence these variables are not set property
inside bind build

Fixes
| ./gen: /usr/lib/libc.so.6: version `GLIBC_2.38' not found (required by ./gen)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-07-15 23:43:27 -07:00
Yi Zhao 0d1c621440 samba: upgrade 4.18.3 -> 4.18.4
Release Notes:
https://www.samba.org/samba/history/samba-4.18.4.html

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-07-12 16:19:40 -07:00
Mingli Yu 314ed1c230 snort: Add systemd unit file
Add systemd unit file snort.service.

Reference: https://salsa.debian.org/lts-team/packages/snort/-/blob/debian/buster/debian/snort.service.example

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-07-12 16:19:40 -07:00
Petr Gotthard a789e6dad9 networkmanager: upgrade 1.42.6 -> 1.42.8
Changelog:
==========
* Add support for ppp 2.5.0.
* Fix nft rules for balance-slb bonding.
* Support port priority for bonding.
* Fix regression handling the PKEY_ID for infiniband profiles
  in ifcfg-rh format.
* Fix race in nm-cloud-setup that caused partial configuration
  and loss of connectivity with multiple interfaces.
* Don't touch "net.ipv6.conf.$IFACE.forwarding" unless explicitly
  required for IPv6 sharing.
* Various bugfixes related to team, Wi-Fi P2P, IPv6LL.
* Automatically unblock autoconnect of profiles during reapply.

Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-07-05 10:24:49 -07:00
Yi Zhao b0f7978847 mbedtls: upgrade 2.28.2 -> 2.28.3
Mbed TLS 2.28 is a long-time support branch. It will be supported with
bug-fixes and security fixes until end of 2024.

ChangeLog:
https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.3

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-06-28 13:53:12 -07:00
Wang Mingyu de5b6ddff0 openfortivpn: upgrade 1.20.3 -> 1.20.5
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-06-27 13:44:47 -07:00
Beniamin Sandu bf314d2c57 mbedtls: fix builds with crypto extensions
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-06-26 05:12:55 -07:00
Martin Jansa be8c765c7c *.patch: add Upstream-Status to all patches
There is new patch-status QA check in oe-core:
https://git.openembedded.org/openembedded-core/commit/?id=76a685bfcf927593eac67157762a53259089ea8a

This is temporary work around just to hide _many_ warnings from
optional patch-status (if you add it to WARN_QA).

This just added
Upstream-Status: Pending
everywhere without actually investigating what's the proper status.

This is just to hide current QA warnings and to catch new .patch files being
added without Upstream-Status, but the number of Pending patches is now terrible:

5 (26%) 	meta-xfce
6 (50%) 	meta-perl
15 (42%)        meta-webserver
21 (36%)        meta-gnome
25 (57%)        meta-filesystems
26 (43%)        meta-initramfs
45 (45%)        meta-python
47 (55%)        meta-multimedia
312 (63%)       meta-networking
756 (61%)       meta-oe

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-06-21 09:15:20 -07:00
Beniamin Sandu 9cb5f5c6e9 mbedtls: add support for v3.x
Version 3.4.0 adds a lot of improvements and fixes (a notable one
being initial support for PKCS7 CMS), but since this is a pretty
big jump, let's keep both versions for a while, so the v2.x users
can upgrade to 3.x in a timely manner if needed.

Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-06-19 18:41:19 -07:00
Wang Mingyu 4b30ae8f5d samba: upgrade 4.18.2 -> 4.18.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-06-05 09:29:34 -07:00
Petr Gotthard e987fb2d91 blueman: fix REQUIRED_DISTRO_FEATURES gobject-introspection-data
This fixes the commit 1f04864065.
The correct DISTRO_FEATURE is gobject-introspection-data.

Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-06-01 12:17:15 -07:00
Khem Raj 26842ecc3b vlan: Pass CFLAGS via CCFLAGS
CCFLAGS is used in Make rules which will ensure file remapping options
are used when compiling

Fixes
WARNING: vlan-1.9-r0 do_package_qa: QA Issue: File /usr/sbin/.debug/vconfig.vlan in package vlan-dbg contains reference to TMPDIR [buildpaths]

Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-05-26 08:28:37 -07:00
Ross Burton df8fb32c54 networkmanager: add dependency on pyhthon3-pygobject-native
The build of NM involves running Python that uses PyGObject, so add that
to DEPENDS.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-05-26 08:28:37 -07:00
Ross Burton 1f04864065 blueman: add features_check on gobject-introspection-data
This project uses gobject-introspection, so depend on the DISTRO_FEATURE.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-05-25 08:56:32 -07:00
Zhang Xiao 93892e8413 dhcp-relay: dev subpackage conflicts with bind-dev
dhcp-relay contains a bundled bind thus their development packages
conflict each other.

Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-05-24 07:23:54 -07:00
Thomas Perrot 89245a5b95 networkmanager: Turn ppp support into a packageconfig option
Enable it only if ppp is in distro features

Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-05-23 08:48:17 -07:00
Petr Gotthard 7c6f81ef1f networkmanager-openconnect: add new recipe
Integration of the OpenConnect VPN client to the NetworkManager
https://gitlab.gnome.org/GNOME/NetworkManager-openconnect

Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-05-15 09:37:58 -07:00
Petr Gotthard b7aa66d734 networkmanager-fortisslvpn: add new recipe
Fortinet SSLVPN support for NetworkManager
https://gitlab.gnome.org/GNOME/NetworkManager-fortisslvpn

Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-05-14 22:15:01 -07:00
Petr Gotthard b491d4b983 openfortivpn: add new recipe
A client for PPP+SSL VPN tunnel services, compatible with Fortinet VPNs.
https://github.com/adrienverge/openfortivpn

Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-05-13 13:12:15 -07:00
Wang Mingyu 643386c673 samba: upgrade 4.18.1 -> 4.18.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-04-23 21:55:52 -07:00
Wang Mingyu f2d696e3fc networkmanager: upgrade 1.42.4 -> 1.42.6
Changelog:
==========
* Emit the dhcp-change dispatcher event also after a lease renewal.
* Fix assertion failure on DHCP renewal.
* Add support for EC2 IMDSv2 in nm-cloud-setup.
* Allow setting tunnel flags for ip6gre & ip6gretap connection
  profiles.
* Improve the Wi-Fi hotspot functionality.
* Fix setting the Wi-Fi roaming policy based on the number of seen
  BSSIDs.
* Support the "no-aaaa" resolv.conf option.
* Some oFono fixes.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-04-23 21:55:52 -07:00