Note, hostapd and wpa_supplicant use the same sources. This commit is based
on Ross Burton's change to OpenEmbedded-core. Below is Ross's commit message
from OpenEmbedded-Core.
WPA2 is vulnerable to replay attacks which result in unauthenticated users
having access to the network.
* CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
* CVE-2017-13078: reinstallation of the group key in the Four-way handshake
* CVE-2017-13079: reinstallation of the integrity group key in the Four-way
handshake
* CVE-2017-13080: reinstallation of the group key in the Group Key handshake
* CVE-2017-13081: reinstallation of the integrity group key in the Group Key
handshake
* CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation
Request and reinstalling the pairwise key while processing it
* CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
PeerKey (TPK) key in the TDLS handshake
* CVE-2017-13087: reinstallation of the group key (GTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame
* CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
processing a Wireless Network Management (WNM) Sleep Mode Response frame
Backport patches from upstream to resolve these CVEs.
Signed-off-by: Ross Burton <ross.burton@intel.com>
The hunk:
[PATCH 7/8] WNM: Ignore WNM-Sleep Mode Response without pending request
does not apply to hostapd and was removed from the patch.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
(cherry picked from commit ed6b5da874)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
DEBUG: Executing shell function BUILDSPEC
| error: line 109: %package -n mtp-tools: package mtp-tools already exists
Yes, there are two entries in libmtp.spec. Under packages-split, mtp-tools is empty but
libmtp-bin is not.
Removed PKG_${PN}-bin , this alignes how Debian split its packages
Signed-off-by: Armin Kuster <akuster808@gmail.com>
- use release tarball instead of git
- move libevent, python and glib into PACKAGECONFIG
- add NOTICE file to copyright check
- split into multiple packages
- libthrift for libaries
- thrift-compiler for compiler
- thrift pulls in everything as before
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
1) Upgrade hostapd from 2.5 to 2.6.
2) License checksum changed,since the copyright years were updated.
2) Delete patch "0001-WPS-Reject-a-Credential-with-invalid-passphrase.patch", since it is integrated upstream.
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
1) Upgrade krb5 from 1.13.6 to 1.15.1.
2) License checksum changed,since the copyright years were updated.
3) Fix error in the step of do_configure.
| ERROR: krb5-1.15.1-r0 do_package: QA Issue: krb5: Files/directories were installed but not shipped in any package:
| /usr/lib/krb5/plugins/preauth/test.so
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
WARNING: networkmanager-openvpn-1.2.6-r0 do_package: QA Issue: networkmanager-openvpn: Files/directories were installed but not shipped in any package:
/usr/lib/NetworkManager/libnm-vpn-plugin-openvpn.a
Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
* based on discussion in pndeprecated thread:
https://patchwork.openembedded.org/patch/137573/
update the messages to warn possible users that the
recipe will be removed before the end of the next development
cycle (before Yocto 2.4 is released).
* updated with:
sed -i 's/^\(PNBLACKLIST.*".*\)"/\1 - the recipe will be removed on 2017-09-01 unless the issue is fixed"/g' `git grep PNBLACKLIST | sed 's/:.*//g' | sort -u | xargs`
* then noticed couple recipes being blacklisted only based on
DISTRO_FEATURES, so removed those:
meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.17.bb
meta-oe/recipes-connectivity/bluez/bluez-hcidump_2.5.bb
meta-oe/recipes-connectivity/bluez/bluez4_4.101.bb
meta-oe/recipes-connectivity/bluez/gst-plugin-bluetooth_4.101.bb
meta-oe/recipes-navigation/foxtrotgps/foxtrotgps_1.1.1.bb
meta-oe/recipes-navigation/gypsy/gypsy.inc
meta-oe/recipes-navigation/navit/navit.inc
meta-oe/recipes-support/opensync/libsyncml_0.5.4.bb
* if it isn't fixed by this date, it's fair game to be removed
whenever someone gets around to i
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Replace some "+=/=+" with "=" when setting BBCLASSEXTEND, they are
redundant and inconsistent with the same setting in other recipes.
Signed-off-by: Ming Liu <peter.x.liu@external.atlascopco.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Also add support for -native, remove redundent definition of S and
rename the file in DL_DIR ( v1.11.0.tar.gz -> libuv-1.11.0.tar.gz ).
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The provided compatibility layer with libevent is still basic,
so we need to drop event.h for now to avoid conflicting with libevent.
Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>