Commit Graph

615 Commits

Author SHA1 Message Date
Stefan Lendl 1eef8339ed Update wireshark to 2.4.9
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2019-08-24 19:25:43 -07:00
Changqing Li e70c4b5145 geoip: update SRC_URI
previous database on maxmind website will be removed from January 2, 2019.
and also we met checksum weekly change problem, so update the SRC_URI to
http://sources.openembedded.org/

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2019-01-07 08:26:53 -08:00
Changqing Li f9572d5464 geoip: update geolite database checksum
Geolite database checksum changed today, so update it
to the lastest one.

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2019-01-07 08:26:53 -08:00
Changqing Li 4baf7c0f49 geoip: add downloadfilename for geoip database files
previous change of checksum don't trigger archive to re-downloaded,
, which will cause checksum mismatch. add downloadfilename to
trigger re-download.

1. for user with PREMIRROR, another benefit is it can still compile
success event upstream checksum change frequently.
2. but for user don't use PREMIRROR, if upstream checksum changed,
still might have checksum mismatch problem.

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2019-01-07 08:26:53 -08:00
Changqing Li 1e588b128b geoip: update GeoLite Database checksum
GeoLite Database checksum changed again recently, so
update it.

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2019-01-07 08:26:53 -08:00
Changqing Li 4228d9d358 geoip: update md5sum and sha256sum
Geolite database update periodically, md5sum and sha256sum
have changed, update them

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2019-01-07 08:26:53 -08:00
Changqing Li 610d4e50ed geoip: upgrade 1.6.11 -> 1.6.12
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2019-01-07 08:26:53 -08:00
Armin Kuster 8760facba1 wireshark: 2.4.8 src moved to all-versions
update SRC_URI

Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-11-26 08:48:11 -07:00
Sinan Kaya ca2870ff8e dnsmasq: CVE-2017-15107
* CVE-2017-15107
A vulnerability was found in Dnsmasq's implementation of DNSSEC.
Wildcard synthesized NSEC records could be improperly interpreted
to prove the non-existence of hostnames that actually exist.

Affects dnsmasq <= 2.78

CVE: CVE-2017-15107
Ref: https://access.redhat.com/security/cve/cve-2017-15107
Signed-off-by: Sinan Kaya <okaya@kernel.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-09-26 18:51:17 -07:00
Armin Kuster 4a75fa2690 wireshark: update to 2.4.8
Bug fix update only

includes security fixes:

wnpa-sec-2018-25 The LDSS dissector could crash. (Bug 14615)
wnpa-sec-2018-28 Multiple dissectors could consume excessive memory. (Bug 14678)
wnpa-sec-2018-29 The DNS dissector could crash. (Bug 14681)
wnpa-sec-2018-30 The GSM A DTAP dissector could crash. (Bug 14688)
wnpa-sec-2018-31 The Q.931 dissector could crash. (Bug 14689)
wnpa-sec-2018-33 Multiple dissectors could crash. (Bug 14703)

Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-08-19 07:34:23 -07:00
Armin Kuster 6ae1ddbcb8 wireshark: update to 2.4.7
Bug fix update only
includes:
wnpa-sec-2018-25
The LDSS dissector could crash. (Bug 14615)

wnpa-sec-2018-28
Multiple dissectors could consume excessive memory. (Bug 14678)

wnpa-sec-2018-29
The DNS dissector could crash. (Bug 14681)

wnpa-sec-2018-30
The GSM A DTAP dissector could crash. (Bug 14688)

wnpa-sec-2018-31
The Q.931 dissector could crash. (Bug 14689)

wnpa-sec-2018-33
Multiple dissectors could crash. (Bug 14703)

Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-07-08 14:58:53 -07:00
Trevor Woerner 1e5368d0bf geoip-perl: switch away from github archive
Since we know that github archives which are automatically generated have a
tendency to change their checksums[1], switch to using a git clone.

[1] http://lists.openembedded.org/pipermail/openembedded-devel/2017-September/114916.html

Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit fed506befd)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-06-14 20:10:15 -07:00
Trevor Woerner 738825cf8e ipcalc: switch away from github archive
Since we know that github archives which are automatically generated have a
tendency to change their checksums[1], switch to using a git clone.

[1] http://lists.openembedded.org/pipermail/openembedded-devel/2017-September/114916.html

Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 216652c73b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-06-14 20:09:57 -07:00
Armin Kuster 275dd812d5 ntp: update to 4.2.8.p11
This release addresses five security issues in ntpd:

  LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU#961909: Sybil vulnerability: ephemeral association attack
  INFO/MEDIUM: Sec 3412 / CVE-2018-7182 / VU#961909: ctl_getitem(): buffer read overrun leads to undefined behavior and information leak
  LOW: Sec 3415 / CVE-2018-7170 / VU#961909: Multiple authenticated ephemeral associations
  LOW: Sec 3453 / CVE-2018-7184 / VU#961909: Interleaved symmetric mode cannot recover from bad state
  LOW/MEDIUM: Sec 3454 / CVE-2018-7185 / VU#961909: Unauthenticated packet can reset authenticated interleaved association

one security issue in ntpq:
  MEDIUM: Sec 3414 / CVE-2018-7183 / VU#961909: ntpq:decodearr() can write beyond its buffer limit

Signed-off-by: Armin Kuster <akuster@mvista.com>
(cherry picked from commit 18b4b0ec54)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-06-14 20:04:24 -07:00
Hains van den Bosch 23816d1161 libtevent: refresh patch
WARNING: libtevent-0.9.36-r0 do_patch:
Some of the context lines in patches were ignored. This can lead to incorrectly applied patches.
The context lines in the patches can be updated with devtool:

    devtool modify <recipe>
    devtool finish --force-patch-refresh <recipe> <layer_path>

Then the updated patches and the source tree (in devtool's workspace)
should be reviewed to make sure the patches apply in the correct place
and don't introduce duplicate lines (which can, and does happen
when some of the context is ignored). Further information:
http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html
https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450
Details:
Applying patch avoid-attr-unless-wanted.patch
patching file lib/replace/wscript
Hunk #1 succeeded at 793 with fuzz 2 (offset 175 lines).
Hunk #2 succeeded at 806 with fuzz 2 (offset 178 lines).

Now at patch avoid-attr-unless-wanted.patch

Signed-off-by: Hains van den Bosch <hainsvdbosch@ziggo.nl>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d2760faf82)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-06-14 19:30:57 -07:00
Andreas Müller 1af8c23d50 libtevent: add libtirpc to DEPENDS
musl build fails with:

| Checking for header rpc/rpc.h                                : no
| Checking for header rpc/nettype.h                            : no
| Checking for libtirpc headers                                : not found
| Checking for libntirpc headers                               : not found
| ERROR: No rpc/rpc.h header found, tirpc or libntirpc missing?

Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-05-01 18:15:44 -07:00
Armin Kuster 9318551e5f drbd: BLACKLIST recipe
[v2]
Wrong version sent to list. forgot to refresh

fails do to new kernel headers.

| ../drbd/9.0.8-1-r0/drbd-9.0.8-1/drbd/drbd_receiver.c:1479:7: error: 'struct bio' has no member named 'bi_bdev'; did you mean 'bi_iter'?
|   bio->bi_bdev = device->ldev->backing_bdev;
|        ^~~~~~~
|        bi_iter
| .../drbd/9.0.8-1-r0/drbd-9.0.8-1/drbd/drbd_receiver.c:1484:17: error: assignment from incompatible pointer type [-Werror=incompatible-pointer-types]
|   bio->bi_end_io = drbd_peer_request_endio;

Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-05-01 18:12:49 -07:00
Armin Kuster e71a2522dd wireshark: update to 2.4.6 and add upstream check
[v2]
inherit upstream-version-is-even instead of creating my own regex

Security fixes:

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2018-15
       The MP4 dissector could crash. ([2]Bug 13777)
     * [3]wnpa-sec-2018-16
       The ADB dissector could crash. ([4]Bug 14460)
     * [5]wnpa-sec-2018-17
       The IEEE 802.15.4 dissector could crash. ([6]Bug 14468)
     * [7]wnpa-sec-2018-18
       The NBAP dissector could crash. ([8]Bug 14471)
     * [9]wnpa-sec-2018-19
       The VLAN dissector could crash. ([10]Bug 14469)
     * [11]wnpa-sec-2018-20
       The LWAPP dissector could crash. ([12]Bug 14467)
     * [13]wnpa-sec-2018-21
       The TCP dissector could crash. ([14]Bug 14472)
     * [15]wnpa-sec-2018-22
       The CQL dissector could to into an infinite loop. ([16]Bug 14530)
     * [17]wnpa-sec-2018-23
       The Kerberos dissector could crash. ([18]Bug 14576)
     * [19]wnpa-sec-2018-24
       Multiple dissectors and other modules could leak memory. The TN3270
       ([20]Bug 14480), ISUP ([21]Bug 14481), LAPD ([22]Bug 14482), SMB2
       ([23]Bug 14483), GIOP ([24]Bug 14484), ASN.1 ([25]Bug 14485), MIME
       multipart ([26]Bug 14486), H.223 ([27]Bug 14487), and PCP ([28]Bug
       14488) dissectors were susceptible along with Wireshark and TShark

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-25 15:53:46 -04:00
Khem Raj 20a3435115 lowpan-tools: Switch to using github src_uri and fix build with gcc8
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-25 15:53:46 -04:00
Khem Raj 73d958b50b yp-tools: Upgrade to 4.2.3
Switch to github for SRC_URI

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-25 15:53:45 -04:00
Khem Raj 2bf7775742 wpan-tools: Add recipe
lowpan-utils should be removed in favor of this package

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-25 15:53:45 -04:00
Armin Kuster 807b102f9f openipmi: refresh patches
WARNING: openipmi-2.0.24-r0 do_patch:
Some of the context lines in patches were ignored. This can lead to incorrectly applied patches.
The context lines in the patches can be updated with devtool:

    devtool modify <recipe>
    devtool finish --force-patch-refresh <recipe> <layer_path>

Then the updated patches and the source tree (in devtool's workspace)
should be reviewed to make sure the patches apply in the correct place
and don't introduce duplicate lines (which can, and does happen
when some of the context is ignored). Further information:
http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html
https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450
Details:
Applying patch include_sys_types.patch
patching file ui/ui.c
Hunk #1 succeeded at 42 with fuzz 1.

Now at patch include_sys_types.patch

Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-04-13 12:43:43 -07:00
Armin Kuster aa7b7cd364 strongswan: refresh patches
WARNING:
Some of the context lines in patches were ignored. This can lead to incorrectly applied patches.
The context lines in the patches can be updated with devtool:

    devtool modify <recipe>
    devtool finish --force-patch-refresh <recipe> <layer_path>

Then the updated patches and the source tree (in devtool's workspace)
should be reviewed to make sure the patches apply in the correct place
and don't introduce duplicate lines (which can, and does happen
when some of the context is ignored). Further information:
http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html
https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450
Details:
checking file src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
Hunk #1 succeeded at 192 (offset 50 lines).
Hunk #2 succeeded at 255 with fuzz 1 (offset 58 lines).
checking file src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h
Hunk #1 succeeded at 43 (offset -1 lines).
checking file src/libstrongswan/plugins/openssl/openssl_plugin.c
Hunk #1 succeeded at 609 (offset 221 lines).

Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-04-13 12:43:40 -07:00
Armin Kuster 24af0456ca ctdb: refresh patches
WARNING: ctdb-2.5.6-r0 do_patch:
Some of the context lines in patches were ignored. This can lead to incorrectly applied patches.
The context lines in the patches can be updated with devtool:

    devtool modify <recipe>
    devtool finish --force-patch-refresh <recipe> <layer_path>

Then the updated patches and the source tree (in devtool's workspace)
should be reviewed to make sure the patches apply in the correct place
and don't introduce duplicate lines (which can, and does happen
when some of the context is ignored). Further information:
http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html
https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450
Details:
Applying patch 02-link-rep_snprintf-for-ltdbtool.patch
patching file Makefile.in
Hunk #1 succeeded at 176 with fuzz 2 (offset 6 lines).

Now at patch 02-link-rep_snprintf-for-ltdbtool.patch

Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-04-13 12:43:39 -07:00
Huang Qiyu fd77663ea9 strongswan: 5.5.3 -> 5.6.2
1.Upgrade strongswan from 5.5.3 to 5.6.2.
2.Modify fix-funtion-parameter.patch, since the data has been changed.

Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-09 12:32:07 -04:00
Khem Raj 68847cf10f ndisc6: gold does not work for risc-v here
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-09 12:32:07 -04:00
Khem Raj 80bc976c52 fwknop: Use new config.guess and config.sub
This brings in new architecture support for risc-v

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-09 12:32:07 -04:00
Martin Jansa 5d37441579 ntp: refresh patch
WARNING: ntp-4.2.8p10-r0 do_patch:
Some of the context lines in patches were ignored. This can lead to incorrectly applied patches.
The context lines in the patches can be updated with devtool:

    devtool modify <recipe>
    devtool finish --force-patch-refresh <recipe> <layer_path>

Then the updated patches and the source tree (in devtool's workspace)
should be reviewed to make sure the patches apply in the correct place
and don't introduce duplicate lines (which can, and does happen
when some of the context is ignored). Further information:
http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html
https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450
Details:
Applying patch ntp-4.2.4_p6-nano.patch
patching file include/ntp_syscall.h
Hunk #1 succeeded at 10 with fuzz 2 (offset -4 lines).

Now at patch ntp-4.2.4_p6-nano.patch

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-09 12:32:07 -04:00
Martin Jansa 6b16608c44 tcpdump: refresh patches
WARNING: tcpdump-4.9.2-r0 do_patch:
Some of the context lines in patches were ignored. This can lead to incorrectly applied patches.
The context lines in the patches can be updated with devtool:

    devtool modify <recipe>
    devtool finish --force-patch-refresh <recipe> <layer_path>

Then the updated patches and the source tree (in devtool's workspace)
should be reviewed to make sure the patches apply in the correct place
and don't introduce duplicate lines (which can, and does happen
when some of the context is ignored). Further information:
http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html
https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450
Details:
Applying patch unnecessary-to-check-libpcap.patch
patching file configure.in
Hunk #1 succeeded at 418 with fuzz 2 (offset -149 lines).

Now at patch unnecessary-to-check-libpcap.patch

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-09 12:32:06 -04:00
Mariia Movchan -X \(mmovchan - GLOBALLOGIC INC at Cisco\) 22fa436d29 ipcalc: add initial recipe for version 0.2.2
Signed-off-by: Mariia Movchan <mmovchan@cisco.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-09 12:32:06 -04:00
Johannes Pointner db4763a591 libldb: update to version 1.3.1
Version >= 1.2.3 needed to build samba 4.7.5.

Signed-off-by: Johannes Pointner <johannes.pointner@br-automation.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-06 08:12:20 -04:00
Johannes Pointner ea5c8925c0 libtevent: update to version 0.9.36
Version >= 0.9.34 needed to build samba 4.7.5.

Signed-off-by: Johannes Pointner <johannes.pointner@br-automation.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-06 08:12:20 -04:00
Shrikant Bobade f9c529d0b0 ntp: add libgcc as runtime dependency
libgcc is required by ntpd for execution, so add it as runtime dependency.

ntpd execution ref. log.
~# /etc/init.d/ntpd start
Starting ntpd: libgcc_s.so.1 must be installed for pthread_cancel to work
Aborted
done
~#

Signed-off-by: Shrikant Bobade <shrikant_bobade@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-06 08:12:20 -04:00
Armin Kuster 95370f4af5 wireshark: update to new 2.4.5 series
[v2]
Fix epan/.libs/libwireshark.so: error: undefined reference to 'gpg_strerror'

and update to 2.4.5.

includes:
wnpa-sec-2018-05
The IEEE 802.11 dissector could crash. Bug 14442, CVE-2018-7335

wnpa-sec-2018-06
Multiple dissectors could go into large infinite loops. All ASN.1 BER dissectors (Bug 14444), along with the DICOM (Bug 14411), DMP (Bug 14408), LLTD (Bug 14419), OpenFlow (Bug 14420), RELOAD (Bug 14445), RPCoRDMA (Bug 14449), RPKI-Router (Bug 14414), S7COMM (Bug 14423), SCCP (Bug 14413), Thread (Bug 14428), Thrift (Bug 14379), USB (Bug 14421), and WCCP (Bug 14412) dissectors were susceptible.

wnpa-sec-2018-07
The UMTS MAC dissector could crash. Bug 14339, CVE-2018-7334

wnpa-sec-2018-08
The DOCSIS dissector could crash. Bug 14446, CVE-2018-7337

wnpa-sec-2018-09
The FCP dissector could crash. Bug 14374, CVE-2018-7336

wnpa-sec-2018-10
The SIGCOMP dissector could crash. Bug 14398, CVE-2018-7320

wnpa-sec-2018-11
The pcapng file parser could crash. Bug 14403, CVE-2018-7420

wnpa-sec-2018-12
The IPMI dissector could crash. Bug 14409, CVE-2018-7417

wnpa-sec-2018-13
The SIGCOMP dissector could crash. Bug 14410, CVE-2018-7418

wnpa-sec-2018-14
The NBAP disssector could crash. Bug 14443, CVE-2018-7419

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-06 08:12:19 -04:00
Huang Qiyu af249dae45 geoip: 1.6.9 -> 1.6.11
Upgrade geoip from 1.6.9 to 1.6.11.

Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-06 08:12:19 -04:00
Khem Raj 4048f755f1 libtalloc: Upgrade to 2.1.11
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-06 08:12:18 -04:00
Armin Kuster 07e698cd46 wireshark: Update Package to 2.2.12
Includes:
	wnpa-sec-2018-01,  Multiple dissectors could crash. (Bug 14253) CVE-2018-5336

	wnpa-sec-2018-02, The MRDISC dissector could crash. (Bug 14299, Bug 13707) CVE-2017-17997

	wnpa-sec-2018-03, The IxVeriWave file parser could crash. (Bug 14297) CVE-2018-5334

	wnpa-sec-2018-04, The WCP dissector could crash. (Bug 14251) CVE-2018-5335

Full release notes: https://www.wireshark.org/docs/relnotes/wireshark-2.2.12.html

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-06 08:12:18 -04:00
Huang Qiyu 10d43ff105 geoipupdate: 2.4.0 -> 2.5.0
1.Upgrade geoipupdate from 2.4.0 to 2.5.0.
2.Update the checksum of LIC_FILES_CHKSUM, since ChangeLog.md has been changed. The licence is still GPLv2.

Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-04 13:32:28 -04:00
Huang Qiyu 4ab340c0d7 cim-schema-exper: 2.39.0 -> 2.50.0
Update cim-schema-exper from 2.39.0 to 2.50.0

Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-03-05 11:45:40 -05:00
Maxin John 3b3c4c8426 classes/recipes: Convert SkipPackage -> SkipRecipe
Update following the SkipPackage -> SkipRecipe change in oe-core.

Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-03-05 11:45:40 -05:00
Otavio Salvador 3064819552 nghttp2: Move to meta-networking
The nghttp2 depends on c-ares which is provided by meta-networking
layer, so it should be moved there as well.

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-02-05 10:40:19 -05:00
Denys Dmytriyenko ed9acc9275 ndisc6: need to set USE_NLS="yes" to use gettext.h
Otherwise we can get gettext-minimal-native dependency instead, which does not
provide gettext.h header.

Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-02-05 10:40:19 -05:00
André Draszik 1c4fd55f26 ntimed: use beginline= in LIC_FILES_CHKSUM
'startline' is not a recognised keyword, it's beginline.

  ntimed: The new md5 checksum is 89db8e76f2951f3fad167e7aa9718a44
  ntimed: Here is the selected license text:
  vvvvvvvvvvvvvvvvvvvvvvvvvvvv beginline=2 vvvvvvvvvvvvvvvvvvvvvvvvvvvvv
   * Copyright (c) 2014 Poul-Henning Kamp
   * All rights reserved.
   *
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
   * 1. Redistributions of source code must retain the above copyright
   *    notice, this list of conditions and the following disclaimer.
   * 2. Redistributions in binary form must reproduce the above copyright
   *    notice, this list of conditions and the following disclaimer in the
  ...
   * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
   * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   * SUCH DAMAGE.
  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ endline=24 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Signed-off-by: André Draszik <andre.draszik@jci.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-02-05 10:40:19 -05:00
Huang Qiyu 8c93241538 dovecot: 2.2.29 -> 2.2.33
Upgrade dovecot from 2.2.29 to 2.2.33.

Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-02-05 10:40:18 -05:00
Mingli Yu ea97f6b7db strongswan: add ${PN}-plugin-curve25519 to RDEPENDS
* The default DH group curve25519 depends on
  an optional plugin ${PN}-plugin-curve25519,
  add it to RDEPENDS to avoid below error:

  root@test:~# ipsec up host-lan
  initiating IKE_SA host-lan[1] to 192.168.7.2
  configured DH group CURVE_25519 not supported
  tried to checkin and delete nonexisting IKE_SA
  establishing connection 'host-lan' failed

Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-02-05 10:40:18 -05:00
Yi Zhao 10b7674398 drbd-utils: update SRC_URI
Update the SCR_URI since the original site is not available.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-02-04 19:18:40 -05:00
Armin Kuster e632093ec2 tinyproxy: fix build ERROR
ERROR: tinyproxy-1.8.4-r0 do_prepare_recipe_sysroot: tinyproxy: useradd command did not succeed.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-01-08 12:06:41 -05:00
S. Lockwood-Childs be189dd8c0 tinyproxy: 'nobody' should belong to 'nogroup'
The classic 'nobody' user is supposed to belong to 'nogroup' group.
Without this change, it will get a 'nobody' group created as its
default group instead.

Ensuring the existing 'nogroup' is used as default group solves
following sort of complaint by useradd-staticids.bbclass (when static ids
are enabled):

  tinyproxy: Changing groupname nobody's gid from (65534) to (1000),
             verify configuration files!

Signed-off-by: S. Lockwood-Childs <sjl@vctlabs.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-01-08 12:05:57 -05:00
Armin Kuster f696ff1050 wireshark: Update to 2.2.11
changed --with-ssh to --with-libssh=DIR

includes:

wnpa-sec-2017-47 : CVE-2017-17084
    The IWARP_MPA dissector could crash. (Bug 14236)

wnpa-sec-2017-48 : CVE-2017-17083
    The NetBIOS dissector could crash. (Bug 14249)

wnpa-sec-2017-49 : CVE-2017-17085
    The CIP Safety dissector could crash. (Bug 14250)

release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.11.html

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-01-08 12:05:49 -05:00
S. Lockwood-Childs 0309df9fb4 cifs-utils: mount.cifs should build without samba dependency
fix following build error when cifsidmap and cifsacl are turned off
in PACKAGECONFIG :

| In file included from ../git/mount.cifs.c:64:0:
| ../git/data_blob.h:26:10: fatal error: talloc.h: No such file or directory

cifs-utils 3.7 had an unneeded header creep into mount.cifs source
that pulled in samba headers. This has been cleaned up already
in cifs-utils master, so apply (trivial) upstream patch to fix this
compile error.

Signed-off-by: S. Lockwood-Childs <sjl@vctlabs.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-01-08 12:05:43 -05:00