Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit 3ca10e7d92)
Bug fix only:
Including these security fixes:
wnpa-sec-2017-13
WBMXL dissector infinite loop (Bug 13477, Bug 13796) CVE-2017-7702, CVE-2017-11410
Note: This is an update for a fix in Wireshark 2.2.6 and 2.0.12.
wnpa-sec-2017-28
openSAFETY dissector memory exhaustion (Bug 13649, Bug 13755) CVE-2017-9350, CVE-2017-11411
Note: This is an update for a fix in Wireshark 2.2.7.
wnpa-sec-2017-34
AMQP dissector crash. (Bug 13780) CVE-2017-11408
wnpa-sec-2017-35
MQ dissector crash. (Bug 13792) CVE-2017-11407
wnpa-sec-2017-36
DOCSIS infinite loop. (Bug 13797) CVE-2017-11406
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Summary for 4.9.1 tcpdump release
CVE-2017-11108/Fix bounds checking for STP.
Make assorted documentation updates and fix a few typos in tcpdump output.
Fixup -C for file size >2GB (GH #488).
Show AddressSanitizer presence in version output.
Fix a bug in test scripts (exposed in GH #613).
On FreeBSD adjust Capsicum capabilities for netmap.
On Linux fix a use-after-free when the requested interface does not exist.
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit 60b4163172)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Fix the following QA issue.
ERROR: open-isns-0.97-r0 do_package: QA Issue: open-isns: Files/directories were installed but not shipped in any package:
/usr/lib
/usr/lib/systemd
/usr/lib/systemd/system
/usr/lib/systemd/system/isnsd.socket
/usr/lib/systemd/system/isnsd.service
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Remove the empty /var/lock to avoid conflict with base-files:
| Error: Transaction check error:
file /var/lock conflicts between attempted installs of
drbd-utils-8.9.6-r0.core2_64 and base-files-3.0.14-r89.qemux86_64
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
* Correct subdir to let the second source file
netcat-openbsd_${PV}-7.debian.tar.gz unpacked
under the correct folder to avoid below error
when do_patch in multilib env.
| DEBUG: Executing python function do_patch
| DEBUG: Executing shell function netcat_do_patch
| No patch removed
| No series file found
| WARNING: exit code 2 from a shell command.
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
strongSwan offers a plugin mechanism therefore it should not be
mandatory to install all of them when installing the package. Each
plugin is now a self-contained package with the library and its
configuration.
To remain compatible with the current configuration, a default set of
plugins has been selected as RDEPENDS of the main package. This default
list is based on the default strongSwan list minus some plugins enabled
via PACKAGECONFIG
(see https://wiki.strongswan.org/projects/strongswan/PluginList).
Signed-off-by: David Vincent <freesilicon@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
When systemd is in DISTRO_FEATURES we have two attempts to create
${localstatedir}/run/openvpn: one at build time with install command and
the other via systemd-tmpfiles at runtime which is enabled by installing
openvpn-volatile.conf. Beside looking redundant, by dropping the build-time
dir creation attempt solves the following error when building images with
both base-files and openvpn:
Error: Transaction check error:
file /var/run conflicts between attempted installs of
openvpn-2.3.9-r0.cortexa7hf_neon_vfpv4 and
base-files-3.0.14-r89.raspberrypi3
Signed-off-by: Andrea Galbusera <gizero@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The file was installed but never packaged, ending up in no systemd-tmpfiles
configuration on the final rootfs.
Signed-off-by: Andrea Galbusera <gizero@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Drop do_compile, default is same
Do not assume that configure is running in S
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
pkgconfig is used so we need to inherit pkgconfig
secondly, base64 support is added for it to work
with musl
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* based on discussion in pndeprecated thread:
https://patchwork.openembedded.org/patch/137573/
update the messages to warn possible users that the
recipe will be removed before the end of the next development
cycle (before Yocto 2.4 is released).
* updated with:
sed -i 's/^\(PNBLACKLIST.*".*\)"/\1 - the recipe will be removed on 2017-09-01 unless the issue is fixed"/g' `git grep PNBLACKLIST | sed 's/:.*//g' | sort -u | xargs`
* then noticed couple recipes being blacklisted only based on
DISTRO_FEATURES, so removed those:
meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.17.bb
meta-oe/recipes-connectivity/bluez/bluez-hcidump_2.5.bb
meta-oe/recipes-connectivity/bluez/bluez4_4.101.bb
meta-oe/recipes-connectivity/bluez/gst-plugin-bluetooth_4.101.bb
meta-oe/recipes-navigation/foxtrotgps/foxtrotgps_1.1.1.bb
meta-oe/recipes-navigation/gypsy/gypsy.inc
meta-oe/recipes-navigation/navit/navit.inc
meta-oe/recipes-support/opensync/libsyncml_0.5.4.bb
* if it isn't fixed by this date, it's fair game to be removed
whenever someone gets around to i
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Upgrade curlpp from 0.7.3 to 0.8.1. The main difference between 0.7.x
and 0.8.0 is that it replaces autotools with cmake, see
https://github.com/jpbarrette/curlpp/releases/tag/v0.8.0
The homepage of curlpp on googlecode is obsoleted, so update it and use
soure code repo on github.
Remove dependency boost which is dropped by upstream. And remove extra
CXXFLAGS which has been fixed by upstream.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Eliminate references to syscalls not available
for ARM_EABI. Also add a dependency on libseccomp
which is needed for scfilter to work.
Set PACKAGECONFIG to not enable scfilter, since
kernel CONFIG_SECCOMP is unlikely to be set. This
aligns the usage of libseccomp with that of other packages.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The info is taken from CentOS which is usefull
when bind (provides named) and dnsmasq are both
installed and one may fail to start:
| dnsmasq: failed to create listening socket for port 53: Address already in use
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Armin Kuster
Armin Kuster
Andre McCurdy
Paul Eggleton
Kai Kang
Wenzong Fan
Khem Raj
fan.xin
Li Zhou
Qi.Chen@windriver.com
Jackie Huang
Yadi.hu
Mingli Yu
David Vincent
Huang Qiyu
Benjamin Gaignard
Andrea Galbusera
Jaap de Jong
Martin Jansa
Joe Slater
Oleksandr Kravchuk
Amarnath Valluri