mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-13 17:39:57 +00:00
Code Issues Projects Releases Wiki Activity
38,186 Commits 64 Branches 0 Tags
wrynose
Commit Graph

21 Commits

Author SHA1 Message Date
Gyorgy Sarvari c789281ecf tinyproxy: patch CVE-2026-3945 
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-3945

Backport the patches which are references by the NVD avisory.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
 2026-04-06 10:03:48 -07:00
Gyorgy Sarvari d8c66c4428 tinyproxy: upgrade 1.11.2 -> 1.11.3 
Drop patch that was merged upstream.

Shortlog: https://github.com/tinyproxy/tinyproxy/compare/1.11.2...1.11.3

Ptests passed successfully:

root@qemux86-64:~# ptest-runner
START: ptest-runner
2026-04-06T15:25
BEGIN: /usr/lib/tinyproxy/ptest
starting web server... done. listening on 127.0.0.3:32123
starting tinyproxy... done (listening on 127.0.0.2:12321)
waiting for 1 seconds. 1  done
checking direct connection to web server... ok
testing connection through tinyproxy... ok
requesting statspage via stathost url... ok
signaling tinyproxy to reload config...ok
checking direct connection to web server... ok
testing connection through tinyproxy... ok
requesting statspage via stathost url... ok
checking bogus request... ok, got expected error code 400
testing connection to filtered domain... ok, got expected error code 403
requesting connect method to denied port... ok, got expected error code 403
testing unavailable backend... ok, got expected error code 502
0 errors
killing tinyproxy... ok
killing webserver... ok
done
PASS: run_tests.sh
DURATION: 2
END: /usr/lib/tinyproxy/ptest
2026-04-06T15:25
STOP: ptest-runner
TOTAL: 1 FAIL: 0

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
 2026-04-06 10:03:48 -07:00
Gyorgy Sarvari 2b444cfaa4 tinyproxy: drop obsolete patch 
The patch removed manual generation completely from the build scripts,
however upstream has added a configure option in version 1.11.0[1] to
do it in a more gentle way.

Drop the patch, and use the configure option instead.

[1]: https://github.com/tinyproxy/tinyproxy/commit/5ba958829f73ecc02658a46f5b1bba5ffed2281d

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-03-17 13:25:13 -07:00
Gyorgy Sarvari 03328f6c73 tinyproxy: add ptest support 
It takes <10s to execute.

Sample output:

root@qemux86-64:~# ptest-runner
START: ptest-runner
2025-12-23T17:45
BEGIN: /usr/lib/tinyproxy/ptest
starting web server... done (listening on 127.0.0.3:32123)
starting tinyproxy... done (listening on 127.0.0.2:12321)
waiting for 1 seconds.. done
checking direct connection to web server... ok
testing connection through tinyproxy... ok
requesting statspage via stathost url... ok
signaling tinyproxy to reload config...ok
checking direct connection to web server... ok
testing connection through tinyproxy... ok
requesting statspage via stathost url... ok
checking bogus request... ok, got expected error code 400
testing connection to filtered domain... ok, got expected error code 403
requesting connect method to denied port... ok, got expected error code 403
testing unavailable backend... ok, got expected error code 502
0 errors
killing tinyproxy... ok
killing webserver... ok
done
PASS: run_tests.sh
DURATION: 1
END: /usr/lib/tinyproxy/ptest
2025-12-23T17:45
STOP: ptest-runner
TOTAL: 1 FAIL: 0

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-24 13:18:25 -08:00
Gyorgy Sarvari 7981f52062 tinyproxy: patch CVE-2025-63938 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-63938

Pick the patch referenced by the nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-24 13:18:25 -08:00
Gyorgy Sarvari 480ac24af3 tinyproxy: upgrade 1.11.1 -> 1.11.2 
This upgrade contains fixes for CVE-2023-49606 and CVE-2022-40468.

Changelog:
https://github.com/tinyproxy/tinyproxy/compare/1.11.1...1.11.2

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-06 14:14:37 -07:00
Khem Raj ffc64e9c6f recipes: Start WORKDIR -> UNPACKDIR transition 
Replace references of WORKDIR with UNPACKDIR where it makes sense to do
so in preparation for changing the default value of UNPACKDIR.

Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-05-23 08:44:44 -07:00
Martin Jansa be8c765c7c *.patch: add Upstream-Status to all patches 
There is new patch-status QA check in oe-core:
https://git.openembedded.org/openembedded-core/commit/?id=76a685bfcf927593eac67157762a53259089ea8a

This is temporary work around just to hide _many_ warnings from
optional patch-status (if you add it to WARN_QA).

This just added
Upstream-Status: Pending
everywhere without actually investigating what's the proper status.

This is just to hide current QA warnings and to catch new .patch files being
added without Upstream-Status, but the number of Pending patches is now terrible:

5 (26%) 	meta-xfce
6 (50%) 	meta-perl
15 (42%)        meta-webserver
21 (36%)        meta-gnome
25 (57%)        meta-filesystems
26 (43%)        meta-initramfs
45 (45%)        meta-python
47 (55%)        meta-multimedia
312 (63%)       meta-networking
756 (61%)       meta-oe

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2023-06-21 09:15:20 -07:00
Chee Yang Lee 795ccdd86c tinyproxy: fix CVE-2022-40468 
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2023-02-10 13:48:53 -08:00
Wang Mingyu 227450e3b0 tinyproxy: upgrade 1.11.0 -> 1.11.1 
Refresh disable-documentation.patch for new version.

Changelog:
Fixes issues detected in 1.11.0, add new fnmatch based filtertype.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-06-06 13:58:43 -07:00
Khem Raj 7d8a0e840d recipes: Update LICENSE variable to use SPDX license identifiers 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-03-04 17:41:45 -08:00
Martin Jansa c61dc077bb Convert to new override syntax 
This is the result of automated script (0.9.1) conversion:

oe-core/scripts/contrib/convert-overrides.py .

converting the metadata to use ":" as the override character instead of "_".

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
 2021-08-03 10:21:25 -07:00
zangrc 03115dcd5f tinyproxy: upgrade 1.10.0 -> 1.11.0 
Refresh the following patch:
disable-documentation.patch

Signed-off-by: Zang Ruochen <zangrc.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2021-04-23 08:56:25 -07:00
Pierre-Jean Texier e36b8381e9 tinyproxy: fix upstream check URL 
Fixes:

$: devtool check-upgrade-status tinyproxy
<...>

INFO: tinyproxy                 1.10.0          UNKNOWN_BROKEN  None

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2020-06-08 22:00:37 -07:00
Stefan Lendl ec0a1b218f tinyproxy: Fix user and group in tinyproxy install 
Signed-off-by: Stefan Lendl <sll@mission-embedded.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2020-01-11 08:39:34 -08:00
Stefan Lendl 2f4b434caa tinyproxy: Install a default tinyproxy.conf 
sets the correct user tinyproxy and group nogroup

Signed-off-by: Stefan Lendl <sll@mission-embedded.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2020-01-11 08:39:34 -08:00
Khem Raj b769242d90 tinyproxy: Refresh patches 
Fixes warnings reported by devtool

Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2018-09-29 02:10:12 -07:00
Jacobo Aragunde Pérez fa1156b91a tinyproxy: upgrade to version 1.10.0 
Highlights of this upgrade:
* tinyproxy binary is not installed to /usr/sbin now.
* removed a deprecated configure parameter.
* reworked disable-documentation.patch.

Signed-off-by: Jacobo Aragunde Pérez <jaragunde@igalia.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2018-09-24 11:49:45 -07:00
Armin Kuster e632093ec2 tinyproxy: fix build ERROR 
ERROR: tinyproxy-1.8.4-r0 do_prepare_recipe_sysroot: tinyproxy: useradd command did not succeed.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
 2018-01-08 12:06:41 -05:00
S. Lockwood-Childs be189dd8c0 tinyproxy: 'nobody' should belong to 'nogroup' 
The classic 'nobody' user is supposed to belong to 'nogroup' group.
Without this change, it will get a 'nobody' group created as its
default group instead.

Ensuring the existing 'nogroup' is used as default group solves
following sort of complaint by useradd-staticids.bbclass (when static ids
are enabled):

  tinyproxy: Changing groupname nobody's gid from (65534) to (1000),
             verify configuration files!

Signed-off-by: S. Lockwood-Childs <sjl@vctlabs.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
 2018-01-08 12:05:57 -05:00
Benjamin Gaignard b9b6ace5a1 tinyproxy: Add recipe 
Signed-off-by: Benjamin Gaignard <benjamin.gaignard@linaro.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
 2017-04-25 16:10:26 -04:00