1221 Commits

Author SHA1 Message Date
Peter Marko fb3726d664 gattlib: mark CVE-2019-6498 as fixed
Our hash does not point to exact tag and CVE patch is already in.

We use: 33a8a275928b186381bb0aea0f9778e330e57ec3
Fix: https://github.com/labapart/gattlib/commit/60b813a770e42fdb0e85c1d2da7a55327784b8d6

git describe --tags --match=v0.2 33a8a275928b186381bb0aea0f9778e330e57ec3 60b813a770e42fdb0e85c1d2da7a55327784b8d6
v0.2-262-g33a8a27
v0.2-85-g60b813a

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e5a12d5252)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2025-01-16 09:17:32 -05:00
Peter Marko 07ef671860 ace: ignore CVE-2009-1147
This CVE is for vmware ace.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9bd6efd135)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2025-01-16 09:17:32 -05:00
Markus Volk 8c4bbc148b iwd: use internal ell
iwd and ell need to be updated in sync. This is regularly neglected.
Also the fact that they reside in different layers compicates the update process.

Beside iwd, there are not a lot of consumers for ell.

Building with internal ell makes iwd updates easier

Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-09-18 16:22:40 -07:00
Markus Volk 73b55e123a iwd: update 2.19 -> 2.20
ver 2.20:
	Fix issue with PKEX timeout and number of frequencies used.
	Fix issue with handling logic for handshake failures.
	Fix issue with handling ConnectedAccessPoint signal.

Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-09-18 16:22:40 -07:00
Khem Raj d9fe74f859 transmission: Link with libatomic on riscv32
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-09-17 07:50:22 -07:00
Khem Raj 3c7a8d38bb mosh: Use libatomic on rv32 for atomics
Fixes
riscv32-yoe-linux-ld.lld: error: undefined reference: __atomic_store_8

Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-09-17 07:50:22 -07:00
Khem Raj 9850a4a000 paho-mqtt-cpp: Use system paho-mqtt-c
It was an overisight during upgrade

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
2024-09-12 23:21:25 -07:00
Wang Mingyu 20d4febb9f gensio: upgrade 2.8.5 -> 2.8.7
Changelog:
==========
- Lots of fixes to unix sockets.
- The addition of unix stream sockets to Windows.
- Unix datagram and seqpacket sockets are now supported.
- For older systems and newer systems whose pselect() operation is non-atomic
  (BSDs, MacOS) there were race conditions and some issues. Most should all be fixed now.
- For MacOS and later BSDs, kevent() is now supported.
- External threads doing gensio calls will now have their signal masks fixed up
  to work properly with gensio.
- gtlsshd was not working on MacOS

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-09-10 07:20:36 -07:00
Khem Raj d4f8a30743 paho-mqtt-cpp: Move to tip of 1.4.x branch
- User git submodule fetcher
- Disable building examples and enable MQTT C module

Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-09-09 08:00:09 -07:00
Khem Raj 0a37700632 paho-mqtt-cpp: Upgrade to 1.4.1 release
License file LICENSE is added, therefore use that for checksums
license still remains same.

Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-09-04 20:48:44 -07:00
Yogita Urade 2cfb80b24c krb5: fix CVE-2024-26458 and CVE-2024-26461
CVE-2024-26458:
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in
/krb5/src/lib/rpc/pmap_rmt.c.

CVE-2024-26461:
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak
vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.

References:
https://nvd.nist.gov/vuln/detail/CVE-2024-26458
https://nvd.nist.gov/vuln/detail/CVE-2024-26461

Upstream Patch:
https://github.com/krb5/krb5/commit/c5f9c816107f70139de11b38aa02db2f1774ee0d

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-08-23 22:35:10 -07:00
Markus Volk a2237eec4d iwd: update 2.18 -> 2.19
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-08-21 08:45:47 -07:00
Khem Raj 0b0511ded8 transmission: Upgrade to 4.0.6 release
Use external libpsl, this also avoids hardcoded buildpaths which
gets into binaries due to inplace vendored libpsl

Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-08-14 21:46:26 -07:00
Wang Mingyu 38a1dba331 hostapd: upgrade 2.10 -> 2.11
License-Update: Copyright updated to 2024.

Changelog:
===========
* Wi-Fi Easy Connect
  - add support for DPP release 3
  - allow Configurator parameters to be provided during config exchange
* HE/IEEE 802.11ax/Wi-Fi 6
  - various fixes
* EHT/IEEE 802.11be/Wi-Fi 7
  - add preliminary support
* SAE: add support for fetching the password from a RADIUS server
* support OpenSSL 3.0 API changes
* support background radar detection and CAC with some additional
  drivers
* support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3)
* EAP-SIM/AKA: support IMSI privacy
* improve 4-way handshake operations
  - use Secure=1 in message 3 during PTK rekeying
* OCV: do not check Frequency Segment 1 Channel Number for 160 MHz cases
  to avoid interoperability issues
* support new SAE AKM suites with variable length keys
* support new AKM for 802.1X/EAP with SHA384
* extend PASN support for secure ranging
* FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP)
  - this is based on additional details being added in the IEEE 802.11
    standard
  - the new implementation is not backwards compatible
* improved ACS to cover additional channel types/bandwidths
* extended Multiple BSSID support
* fix beacon protection with FT protocol (incorrect BIGTK was provided)
* support unsynchronized service discovery (USD)
* add preliminary support for RADIUS/TLS
* add support for explicit SSID protection in 4-way handshake
  (a mitigation for CVE-2023-52424; disabled by default for now, can be
  enabled with ssid_protection=1)
* fix SAE H2E rejected groups validation to avoid downgrade attacks
* use stricter validation for some RADIUS messages
* a large number of other fixes, cleanup, and extensions

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-08-09 14:25:21 -07:00
Faiz HAMMOUCHE a8eb652918 wvdial: Unmaintained upstream, add UPSTREAM_VERSION_UNKNOWN
Add UPSTREAM_VERSION_UNKNOWN in the recipe because it is unmaintained upstream
and the current SRC_URI host (code.google.com/archive) page is generated by
javascript from JSON and does not allow devtool to find the latest version.

Signed-off-by: Faiz HAMMOUCHE <faiz.hammouche@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-08-09 14:25:12 -07:00
Faiz HAMMOUCHE 8d3b4848d0 wvstrams: Unmaintained upstream, add UPSTREAM_VERSION_UNKNOWN
Add UPSTREAM_VERSION_UNKNOWN in the recipe because it is unmaintained upstream
and the current SRC_URI host (code.google.com/archive) page is generated by
javascript from JSON and does not allow devtool to find the latest version.

Signed-off-by: Faiz HAMMOUCHE <faiz.hammouche@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-08-09 14:25:11 -07:00
Yoann Congal 5b33cbfe99 zeromq: update UPSTREAM_CHECK_* variables to fix devtool upgrades
Update UPSTREAM_CHECK_* variables to fix UNKNOWN_BROKEN status with devtool
check-upgrade-status.

Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Reviewed-by: Alexandre Truong <alexandre.truong@smile.fr>
2024-07-24 08:56:53 -07:00
Alexandre Truong d519adfc45 openobex: include UPSTREAM_CHECK_* to fix UNKNOWN_BROKEN status
Adding UPSTREAM_CHECK_URI and UPSTREAM_CHECK_REGEX fix
UNKNOWN_BROKEN status from running devtool check-upgrade-status.

The next version of the package can be found from upstream
sources.

Signed-off-by: Alexandre Truong <alexandre.truong@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
2024-07-24 08:56:46 -07:00
Alexandre Truong 55450af98c obexftp: include UPSTREAM_CHECK_* to fix UNKNOWN_BROKEN status
Adding UPSTREAM_CHECK_URI and UPSTREAM_CHECK_REGEX fix
UNKNOWN_BROKEN status from running devtool check-upgrade-status.

The next version of the package can be found from upstream
sources.

Signed-off-by: Alexandre Truong <alexandre.truong@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
2024-07-24 08:56:45 -07:00
Alexandre Truong 6750fa90a3 libmtp: include UPSTREAM_CHECK_* to fix UNKNOWN_BROKEN status
Adding UPSTREAM_CHECK_URI and UPSTREAM_CHECK_REGEX fix
UNKNOWN_BROKEN status from running devtool check-upgrade-status.

The next version of the package can be found from upstream
sources.

Signed-off-by: Alexandre Truong <alexandre.truong@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
2024-07-24 08:56:38 -07:00
Alexandre Truong 2f8e2c8a45 irssi: include UPSTREAM_CHECK_REGEX to fix UNKNOWN_BROKEN status
Adding UPSTREAM_CHECK_REGEX fix UNKNOWN_BROKEN status
from running devtool check-upgrade-status.

The next version of the package can be found from upstream
sources.

Signed-off-by: Alexandre Truong <alexandre.truong@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
2024-07-24 08:56:35 -07:00
Alexandre Truong 0e353774ef czmq: include UPSTREAM_CHECK_REGEX to fix UNKNOWN_BROKEN status
Adding UPSTREAM_CHECK_REGEX fix UNKNOWN_BROKEN status
from running devtool check-upgrade-status.

The next version of the package can be found from upstream
sources.

Signed-off-by: Alexandre Truong <alexandre.truong@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
2024-07-24 08:56:31 -07:00
Alexandre Truong b2bfb9efca ace: include UPSTREAM_CHECK_* to fix UNKNOWN_BROKEN status
Adding UPSTREAM_CHECK_URI and UPSTREAM_CHECK_REGEX fix
UNKNOWN_BROKEN status from running devtool check-upgrade-status.

The next version of the package can be found from upstream
sources.

Signed-off-by: Alexandre Truong <alexandre.truong@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
2024-07-24 08:56:28 -07:00
Martin Jansa f0c767407d recipes: ignore various issues fatal with gcc-14
work arounds for:
meta-oe/meta-oe/recipes-devtools/nodejs/nodejs_20.12.2.bb:do_compile
meta-oe/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb:do_compile
meta-oe/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb:do_compile
meta-oe/meta-oe/recipes-extended/rrdtool/rrdtool_1.8.0.bb:do_compile
meta-oe/meta-oe/recipes-extended/cmpi-bindings/cmpi-bindings_1.0.4.bb:do_compile
meta-oe/meta-python/recipes-devtools/python/python3-gevent_24.2.1.bb:do_compile
meta-oe/meta-oe/recipes-support/avro/avro-c++_1.11.3.bb:do_compile
meta-oe/meta-python/recipes-devtools/python/python3-h5py_3.10.0.bb:do_compile
meta-oe/meta-oe/recipes-multimedia/cdrkit/cdrkit_1.1.11.bb:do_compile
meta-oe/meta-networking/recipes-connectivity/openthread/ot-br-posix_git.bb:do_compile
meta-oe/meta-oe/recipes-devtools/heaptrack/heaptrack_1.2.0.bb:do_configure
meta-oe/meta-oe/recipes-support/avro/avro-c_1.11.3.bb:do_compile
meta-oe/meta-oe/recipes-core/usleep/usleep_1.2.bb:do_compile
meta-oe/meta-networking/recipes-protocols/openflow/openflow_git.bb:do_compile
meta-oe/meta-oe/recipes-extended/sblim-sfcc/sblim-sfcc_2.2.8.bb:do_compile
meta-oe/meta-networking/recipes-support/linux-atm/linux-atm_2.5.2.bb:do_compile
meta-oe/meta-oe/recipes-kernel/ipmitool/ipmitool_1.8.19.bb:do_compile
meta-oe/meta-networking/recipes-support/ssmping/ssmping_0.9.1.bb:do_compile
meta-oe/meta-oe/recipes-connectivity/wifi-test-suite/wifi-test-suite_10.10.1.bb:do_compile
meta-oe/meta-oe/recipes-extended/zsync/zsync-curl_git.bb:do_compile
meta-oe/meta-python/recipes-devtools/python/python3-kivy_2.3.0.bb:do_compile
meta-oe/meta-oe/recipes-support/openct/openct_0.6.20.bb:do_compile
meta-oe/meta-oe/recipes-benchmark/dhrystone/dhrystone_2.1.bb:do_compile
meta-oe/meta-networking/recipes-daemons/ncftp/ncftp_3.2.7.bb:do_compile
meta-oe/meta-oe/recipes-support/daemontools/daemontools_0.76.bb:do_compile
meta-oe/meta-oe/recipes-devtools/libgee/libgee_0.20.6.bb:do_compile
meta-oe/meta-oe/recipes-devtools/mcpp/mcpp_2.7.2.bb:do_compile
meta-oe/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb:do_compile
meta-oe/meta-networking/recipes-connectivity/dibbler/dibbler_git.bb:do_compile
meta-oe/meta-oe/recipes-devtools/glade/glade_3.22.2.bb:do_compile

http://errors.yoctoproject.org/Errors/Build/183124/

Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-07-08 08:42:43 -07:00
Vijay Anusuri a8953bf9fe krb5: upgrade 1.21.2 -> 1.21.3
CVEs Fixed
CVE-2024-37370, CVE-2024-37371

Release Notes:
https://web.mit.edu/kerberos/krb5-1.21/krb5-1.21.3.html

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-07-03 20:20:16 -07:00
Wang Mingyu ac3dad82a9 libndp: upgrade 1.8 -> 1.9
Changelog:
=========
- ndptool: add support for PREF64 option
- libndp: add support for PREF64 option
- libndp: valid route information option length
- SubmittingPatches: update mailing list

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-07-01 08:01:58 -07:00
Wang Mingyu 83e3d0f3d4 libimobiledevice-glue: upgrade 1.2.0 -> 1.3.0
Changelog:
==========
* Add SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512 functions to interface
* socket: Create an IPv4 compatible IPv6 socket when NULL is passed to socket_create
* socket: Haiku compilation fixes

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-06-27 09:18:54 -07:00
Wang Mingyu 45b606e3a4 gensio: upgrade 2.8.4 -> 2.8.5
Chanelog:
==========
- Fix relinking issue
- README.rst: fix typos
- Add initial EditorConfig support
- .gitignore: ignore ctags generated tags file
- tests:conacc: Add a test for a connection failure
- conacc: Null the connection data if the connection fails
- Fix a compile error when GCC atomics are off
- tools:gtlsshd: Add handling of accepter parmlog events
- tools:agwpe: Fix missing nil termination and uninitialized variable
- Fix some formatting in the README

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-06-27 09:18:51 -07:00
Markus Volk 06eb303345 iwd: update 2.16 -> 2.18
ver 2.18:
	Fix issue with handling BSS with invalid HE capabilities.
	Fix issue with neighbor reports with invalid country codes.
	Fix issue with EAP-TTLS Start packets with L flag set.
	Add support for enabling SAE for AP mode operation.

ver 2.17:
	Fix issue with handling deauthenticate on disconnect.
	Fix issue with handling of rate estimation errors.
	Fix issue with handling EAPOL frame listeners.

Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-06-11 07:46:44 -07:00
Wang Mingyu 2bdba8ba45 libirecovery: upgrade 1.1.0 -> 1.2.0
Changelog:
============
- Allow building --without-tools
- Add KIS (aka Debug USB) support for macOS, Linux, and Windows
  (Windows note: requires up-to-date AppleMobileDeviceSupport64.msi package installed)
- Add Port DFU support (restore procedure is handled externally)
- irecovery: Print detailed mode for -q and -m commands
- Overall code cleanup and de-duplication
- Windows-specific code cleanup and improvements
- Add Mac Pro, Mac Studio (M2) and MacBook Air (M2) models
- Add iPhone 15 family
- Add Apple Watch Series 9 and Ultra 2 models
- Add November 2023 iMac and MacBook Pro models
- Add support for Apple Vision Pro (RealityDevice14,1)
- A few minor Windows-specific bug fixes

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-06-07 21:53:33 -07:00
Wang Mingyu 3e28f9152c libimobiledevice-glue: upgrade 1.0.0 -> 1.2.0
Changelog:
============
* socket: Use poll() - when available - instead of select()
* socket: Allow NULL as address for socket_create() and socket_connect()
* win32: Remove windows.h from public headers
* Add version function to interface
* Add helper code to deal with NSKeyedArchiver plist data
* opack: Fixed 32bit buffer overflow
* opack: Fix parsing of 32 and 64 bit packed values
* socket: Make sure errno is always set on error, and always return a meaningful error code

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-06-07 21:53:33 -07:00
Peter Kjellerstedt 2648f532bf hostapd: Only include the relevant parts from README in LIC_FILES_CHKSUM
Only include the lines from the README that cover the copyright and the
license text.

License-Update: Only include the relevant parts of the README
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-05-30 08:42:03 -07:00
Peter Kjellerstedt ad437d5237 hostapd: Support running "devtool modify hostapd"
For "devtool modify" to work correctly, ${B} needs to match ${S}.

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-05-30 08:42:03 -07:00
Martin Jansa 17a1bb00de libwebsockets: remove STAGING_LIBDIR with /
* after buildpath warnings fix from:
  https://git.openembedded.org/meta-openembedded/commit/?id=eeef1fddd9052bed4b1a91565260518eb042fed2
  the LibwebsocketsTargets.cmake ends with:
  INTERFACE_LINK_LIBRARIES "ssl;crypto;ssl;crypto;/libcap.so;-lpthread"
  instead of:
  INTERFACE_LINK_LIBRARIES "ssl;crypto;ssl;crypto;/OE/build/.../libwebsockets/4.3.3/lib32-recipe-sysroot/usr/lib/libcap.so;-lpthread"
  which causes e.g. mosquitto to fail in do_compile with:
  ninja: error: '/libcap.so', needed by 'src/mosquitto', missing and no known rule to make it

* this happens only when libwebsocket is built with libcap enabled
  (by libcap in DEPENDS)

Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-05-24 14:31:08 -07:00
Khem Raj ffc64e9c6f recipes: Start WORKDIR -> UNPACKDIR transition
Replace references of WORKDIR with UNPACKDIR where it makes sense to do
so in preparation for changing the default value of UNPACKDIR.

Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-05-23 08:44:44 -07:00
Khem Raj ebae86d9dd libndp: Fix build with gcc-14/musl
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-05-19 08:28:01 -07:00
Gerard Salvatella eeef1fddd9 libwebsockets: fix buildpath warnings
In order to remove absolute paths from the cmake artifacts, paths from
the `$lib` folder should also be stripped off, otherwise internally
linked libraries (e.g. libz) may appear.

Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-05-19 08:28:00 -07:00
Khem Raj 88cc44c359 transmission: Upgrade to 4.0.5
License-Update: Copyright Years updated

Add missing MIT license,see COPYING file

Switch to cmake build system as thats the new and only
build system supported.

Use gtk4 when selecting gtk knob, it can support gtk3 as well
however, its not added as knob, if needed someone should send
a patch

Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-05-12 08:43:19 -07:00
Khem Raj c302dc1427 pcapplusplus: Fix build with gcc14
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-05-09 17:10:52 -07:00
Wang Mingyu 7d68ac799c ser2net: upgrade 4.6.1 -> 4.6.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-05-02 07:32:53 -07:00
Wang Mingyu ba36a1b305 gensio: upgrade 2.8.3 -> 2.8.4
Changelog:
==========
-github: Don't run oomtest9 and oomtest11 on windows
-sound: Fix a possible multiply overflow
-gtlsshd: Don't use alloc_sprintf() to duplicate a string

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-04-23 15:15:31 -07:00
Beniamin Sandu 61bcec1215 libtorrent-rasterbar: fix CVE mapping
Set CVE_PRODUCT for this recipe to fix the mapping,
as it was checking against the wrong recipe before.

Log from cve_check after change:
NOTE: libtorrent-rasterbar-2.0.10 is not vulnerable to CVE-2008-0646
NOTE: libtorrent-rasterbar-2.0.10 is not vulnerable to CVE-2009-1760
NOTE: libtorrent-rasterbar-2.0.10 is not vulnerable to CVE-2016-5301
NOTE: libtorrent-rasterbar-2.0.10 is not vulnerable to CVE-2016-7164
NOTE: libtorrent-rasterbar-2.0.10 is not vulnerable to CVE-2017-9847

Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-04-17 23:47:22 -07:00
Beniamin Sandu ffb9e53b12 libtorrent: remove incorrect CVE mapping
The CVE_PRODUCT variable is assigned automatically to BPN.
Unset it for this recipe so the CVEs can be checked
against the correct recipe.

Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-04-17 23:47:22 -07:00
Khem Raj ad340c8fe2 Revert "libtorrent: remove CVE mention"
This reverts commit 0597c931ff.
2024-04-15 21:01:20 -07:00
Beniamin Sandu 00a28f0926 libtorrent-rasterbar: add initial recipe for 2.0.10
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-04-11 23:32:35 -07:00
Beniamin Sandu 0597c931ff libtorrent: remove CVE mention
The CVE mentioned in the recipe applies to a different libtorrent
library, from:
https://github.com/arvidn/libtorrent

Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-04-05 10:21:15 -07:00
Khem Raj b9473d53c3 Revert "libmbim: upgrade 1.30.0 -> 1.31.2"
This reverts commit 770f0b97c0.
2024-04-05 08:07:24 -07:00
Khem Raj 08f8115636 Revert "libqmi: upgrade 1.34.0 -> 1.35.2"
This reverts commit 3d3eea39ab.
2024-04-05 08:07:24 -07:00
Wang Mingyu 2de743efaa thrift: upgrade 0.19.0 -> 0.20.0
Changelog:
==========
-C++ library don't work with HTTP (csharp server, cpp client; need cross test enhancement)
-Swift service generator doesn't support oneway
-LNK4042 and LNK2019 in go_validator_generator.cc

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-04-02 11:28:55 -07:00
Wang Mingyu 3d3eea39ab libqmi: upgrade 1.34.0 -> 1.35.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-04-02 11:28:49 -07:00