mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity
36,268 Commits 64 Branches 0 Tags
508aa14cd85ae58c31d2c5264f50c01d910d6836
Commit Graph

4094 Commits

Author SHA1 Message Date
Gyorgy Sarvari 508aa14cd8 frr: patch CVE-2025-61099..61107 
Details:
https://nvd.nist.gov/vuln/detail/CVE-2025-61099
https://nvd.nist.gov/vuln/detail/CVE-2025-61100
https://nvd.nist.gov/vuln/detail/CVE-2025-61101
https://nvd.nist.gov/vuln/detail/CVE-2025-61102
https://nvd.nist.gov/vuln/detail/CVE-2025-61103
https://nvd.nist.gov/vuln/detail/CVE-2025-61104
https://nvd.nist.gov/vuln/detail/CVE-2025-61105
https://nvd.nist.gov/vuln/detail/CVE-2025-61106
https://nvd.nist.gov/vuln/detail/CVE-2025-61107

The NVD advisory refernces a PR[1] that contains only an unfinished, and
ultimately unmerged attempt at the fixes. The actual solution comes from
a different PR[2]. These patches are 3 commits from that PR. The last
commit wasn't backported, because it is just code formatting.

[1]: https://github.com/FRRouting/frr/pull/19480
[2]: https://github.com/FRRouting/frr/pull/19983

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 3cd47f72ad)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-02-02 08:12:52 +05:30
Gyorgy Sarvari 16cd5b1b8d libowfat: update SRC_URI 
The https link does not work anymore, it just refuses the connection.
http still works though.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 8cab2b2977)
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-01-21 10:28:20 +05:30
Gyorgy Sarvari 0f00860e5f ncp: update SRC_URI 
The https link does not work anymore, it just refuses the connection.
http still works though.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 8da9f2fea2)
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-01-21 10:28:09 +05:30
Gyorgy Sarvari a7e34f3531 python3-scapy: set CVE_PRODUCT 
The default ${PN} (python3-scapy) CVE fails to match relevant CVEs,
because they are tracked under the scapy:scapy CPE.

Set CVE_PRODUCT to the correct value.

See CVE db query:
sqlite> select * from products where product like '%scapy%';
CVE-2019-1010142|scapy|scapy|2.4.0|=||

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 6f68f5fce7)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-01-20 10:17:23 +05:30
Gyorgy Sarvari 8c482ca886 tinyproxy: patch CVE-2025-63938 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-63938

Pick the patch referenced by the nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 7981f52062)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-01-20 10:17:23 +05:30
Khem Raj 3c515557c4 dante: Add _GNU_SOURCE for musl builds 
This helps build fixes e.g. cpuset_t definitions etc.
glibc builds have _GNU_SOURCE defined inherently.

Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 848bac20ea)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-01-20 10:17:22 +05:30
Gyorgy Sarvari b42c7fbb73 dante: upgrade 1.4.3 -> 1.4.4 
License-Update: copyright year bump

Changelog:
- Fix potential security issue CVE-2024-54662, related to "socksmethod"
  use in client/hostid-rules.
- Add a missing call to setgroups(2).
- Patch to fix compilation with libminiupnp 2.2.8.
- Client connectchild optimizations.
- Client SIGIO handling improvements.
- Various configure/build fixes.
- Updated to support TCP_EXP1 version of TCP hostid format.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9f12c5fbc6)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-01-20 10:17:22 +05:30
Ankur Tyagi d11b64e25e frr: upgrade 10.4.1 -> 10.4.2 
Release Notes:
https://github.com/FRRouting/frr/releases/tag/frr-10.4.2

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-01-20 10:17:21 +05:30
Peter Marko c870a26c00 libcoap: set CVE version suffix 
CVE metrics currently report CVE-2025-34468 as open.
CPE is <=4.3.5, while recipe version is 4.3.5a which is a higher
version, however by default cve-check only compares numbers.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-01-20 10:15:11 +05:30
Peter Marko 0d737e1419 net-snmp: patch CVE-2025-68615 
Pick patch per [1].

[1] https://security-tracker.debian.org/tracker/CVE-2025-68615

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-01-20 10:15:07 +05:30
Gyorgy Sarvari 303f5afacf openvpn: upgrade 2.6.16 -> 2.6.17 
Contains fix for CVE-2025-13751

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-01-06 18:07:56 +05:30
Gyorgy Sarvari 94e21ed9b5 libcoap: ignore CVE-2025-50518 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-50518

The vulnerability is disputed by upstream, because the vulnerability
requires a user error, incorrect library usage. See also an upstream
discussion in a related (rejected) PR: https://github.com/obgm/libcoap/pull/1726

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 598176e1cb)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-01-06 18:07:55 +05:30
Ankur Tyagi 22b7851cde fetchmail: patch CVE-2025-61962 
Details https://nvd.nist.gov/vuln/detail/CVE-2025-61962

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
(cherry picked from commit 0d9da11052)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-01-06 18:07:52 +05:30
Gyorgy Sarvari 0827d22e4c civetweb: ignore CVE-2025-9648 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-9648

It is already fixed in the currently used version.

Also, update CVE-2025-55763's status to "fixed-version" (so it will be
marked as "Patched" in the CVE report instead of "Ignored")

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit bfb76da63b)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-01-06 18:07:51 +05:30
Gyorgy Sarvari c0a63f5222 dovecot: patch CVE-2025-30189 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-30189

Pick the patches referenced by the advisory[1] from the Full Disclosure list.

[1]: https://seclists.org/fulldisclosure/2025/Oct/29

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-01-06 18:07:48 +05:30
Gyorgy Sarvari 6a2e51e989 cifs-utils: patch CVE-2025-2312 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-2312

Pick the patch that is referenced by the NVD report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-01-06 18:07:47 +05:30
Mingli Yu 7301de982a openipmi: Pass BUILD_CFLAGS to BUILD_CC 
* The option -fcanon-prefix-map is added to CFLAGS after the commit [1]
introduced and result in the below build error.
  Making all in sdrcomp
  make[3]: Entering directory '/tmp/work/cortexa57-wrs-linux/openipmi/2.0.37/sources/OpenIPMI-2.0.37/lanserv/sdrcomp'
aarch64-wrs-linux-gcc  -mcpu=cortex-a57+crc -mbranch-protection=standard -fstack-protector-strong  -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=/tmp/work/cortexa57-wrs-linux/openipmi/2.0.37/recipe-sysroot -DHAVE_CONFIG_H -I. -I../..  -DSTATEDIR='"/var"'  -Wall -Wsign-compare -I../../include -I../../lanserv -I../../utils -O2 -g -fcanon-prefix-map  -ffile-prefix-map=/tmp/work/cortexa57-wrs-linux/openipmi/2.0.37/sources/OpenIPMI-2.0.37=/usr/src/debug/openipmi/2.0.37  -ffile-prefix-map=/tmp/work/cortexa57-wrs-linux/openipmi/2.0.37/sources/OpenIPMI-2.0.37=/usr/src/debug/openipmi/2.0.37  -ffile-prefix-map=/tmp/work/cortexa57-wrs-linux/openipmi/2.0.37/recipe-sysroot=  -ffile-prefix-map=/tmp/work/cortexa57-wrs-linux/openipmi/2.0.37/recipe-sysroot-native=  -pipe -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -c -o sdrcomp.o sdrcomp.c
gcc  -o sdrcomp_build ../../lanserv/sdrcomp/sdrcomp.c -O2 -g -fcanon-prefix-map  -ffile-prefix-map=/tmp/work/cortexa57-wrs-linux/openipmi/2.0.37/sources/OpenIPMI-2.0.37=/usr/src/debug/openipmi/2.0.37  -ffile-prefix-map=/tmp/work/cortexa57-wrs-linux/openipmi/2.0.37/sources/OpenIPMI-2.0.37=/usr/src/debug/openipmi/2.0.37  -ffile-prefix-map=/tmp/work/cortexa57-wrs-linux/openipmi/2.0.37/recipe-sysroot=  -ffile-prefix-map=/tmp/work/cortexa57-wrs-linux/openipmi/2.0.37/recipe-sysroot-native=  -pipe -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Wall -Wsign-compare -I../../include -I../../lanserv -I../../utils -lm
  gcc: error: unrecognized command-line option ‘-fcanon-prefix-map’; did you mean ‘-fmacro-prefix-map=’?

* Pass BUILD_CFLAGS for BUILD_CC to fix the above build issue.

[1] https://git.openembedded.org/openembedded-core/commit/?id=3dbc4a79f01ebfc54da024c1460c06772659088d

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c41fb791fa)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-12-17 14:00:19 +05:30
Peter Marko d80916b4dc libcoap: upgrade 4.3.5 -> 4.3.5a 
Changelog [1]:
  * Fixes the following CVEs
    CVE-2025-59391
    CVE-2025-65494
    CVE-2025-65495
    CVE-2025-65496
    CVE-2025-65497
    CVE-2025-65498
    CVE-2025-65499
    CVE-2025-65500
    CVE-2025-65501
  * CVE-2025-50518 not fixed as user application error.
  * Support for Mbed TLS 3.6.3.
  * Support for RIOT update changes.
  * Fixes for later CI environment builds.
  * Critical reported bugs fixed.

Add tag to SRC_URI for hash verification.

License-Update: copyright years refreshed [2]

[1] https://github.com/obgm/libcoap/blob/v4.3.5a/ChangeLog
[2] https://github.com/obgm/libcoap/commit/993c12ac92ce6a24a409924fe78a5c0fe7246699

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 6a9cc44a92)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-12-17 13:57:21 +05:30
Wang Mingyu 3cadf1e0c7 postfix: upgrade 3.10.5 -> 3.10.6 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit cde1da5ec1)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-12-17 13:57:20 +05:30
Wang Mingyu 10c0a22f9a libdaq: upgrade 3.0.22 -> 3.0.23 
Changelog:
 api: add tcp flag in DAQ flow stats

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 8c3baf61d0)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-12-17 13:57:20 +05:30
Liu Yiding 2e4f464335 pgpool2: 4.6.3 -> 4.6.4 
Drop 0001-snprintf-Add-math.h-to-ensure-isnan-and-isinf-are-de.patch and
v1-0001-Make-time-calculations-always-long-long.patch as those were merged upstream.

Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 7fb4910ccb)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-12-17 13:57:19 +05:30
Wang Mingyu 394b23d027 openvpn: upgrade 2.6.15 -> 2.6.16 
Code maintenance / Compat changes
---------------------------------
- adapt to new "encrypt-then-mac" cipher suites in OpenSSL 3.6.0 - these
  need special handling which we don't do, so the t_lpback self-test
  failed on them.  Exclude from list of allowed ciphers, as there is no
  strong reason today to make OpenVPN use these.
- fix various compile-time warnings

Documentation updates
---------------------
- fix outdated and non-HTTPS URLs throughout the tree (doxygen, warnings,
  manpage, ...)

Bugfixes
--------
- Fix memcmp check for the hmac verification in the 3way handshake.
  This bug renders the HMAC based protection against state exhaustion on
  receiving spoofed TLS handshake packets in the OpenVPN server inefficient.
  CVE: 2025-13086
- fix invalid pointer creation in tls_pre_decrypt() - technically this is
  a memory over-read issue, in practice, the compilers optimize it away
  so no negative effects could be observed.
- Windows: in the interactive service, fix the "undo DNS config" handling.
- Windows: in the interactive service, disallow using of "stdin" for the
  config file, unless the caller is authorized OpenVPN Administrator
- Windows: in the interactive service, change all netsh calls to use
  interface index and not interface name - sidesteps all possible attack
  avenues with special characters in interface names.
- Windows: in the interactive service, improve error handling in
  some "unlikely to happen" paths.
- auth plugin/script handling: properly check for errors in creation on
  $auth_failed_reason_file (arf).
- for incoming TCP connections, close-on-exec option was applied to
  the wrong socket fd, leaking socket FDs to child processes.
- sitnl: set close-on-exec flag on netlink socket
- ssl_mbedtls: fix missing perf_pop() call (optional performance profiling)

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 351ac66213)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-12-17 13:57:19 +05:30
Khem Raj 2d33949443 open-vm-tools: Avoid GLib g_free macro redefinition error 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-21 00:39:01 -08:00
Yi Zhao 2fa9680861 vsomeip: upgrade 3.5.10 -> 3.5.11 
ChangeLog:
https://github.com/COVESA/vsomeip/releases/tag/3.5.11

* Refresh local patches
* Fix build with boost 1.89

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-20 08:37:05 -08:00
Khem Raj 3e44699820 python-scapy: Ignore failing ptests 
These tests fail in OE qemu environment and is sensitive to ISP provider

Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-20 00:34:05 -08:00
Khem Raj 7a25981202 lkcp-tools: Fix test_1_to_1_recvfrom ptest failure 
Build it with fortify disabled to get the intended behavior
of the test

Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-19 12:00:45 -08:00
Khem Raj 5d82ef30be python3-scapy: Upgrade to 2.6.1 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-19 07:45:40 -08:00
Wang Mingyu ea8411366e openipmi: upgrade 2.0.36 -> 2.0.37 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-18 08:23:44 -08:00
Wang Mingyu 989a1651e4 nbdkit: upgrade 1.45.12 -> 1.45.14 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-18 08:23:43 -08:00
Wang Mingyu 6498d5b940 libcpr: upgrade 1.12.0 -> 1.13.0 
Changelog:
==========
- Implement support for CURLOPT_CAINFO_BLOB
- Added support for CURLOPT_SSLCERT_BLOB
- Refactor: Pass std::string_view by value instead of by const reference
- Add connection pool option (V3)
- fix: Calling empty callbacks
- fix: callback function pointer type mismatch in writeFunction
- 1.12.0 CI Fixes
- fix: Cmake config file
- fix: make is_same_v check constexpr in set_option_internal
- cpr::MultiPerform fixes - #1047 and #1186
- Bump actions/setup-python from 5 to 6
- Bump actions/checkout from 3 to 5
- Allow disabling PSL
- Make curl dependency management optional
- curl_container: allow calling GetContent without CurlHolder
- Bump stefanzweifel/git-auto-commit-action from 6 to 7
- Bump actions/upload-artifact from 4 to 5
- Bump actions/setup-python from 1 to 5

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-18 08:23:43 -08:00
Wang Mingyu 7915bcecf5 corosync: upgrade 3.1.9 -> 3.1.10 
CVE-2025-30472.patch
removed since it's included in 3.1.10

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-18 08:23:42 -08:00
Khem Raj 736c792dff samba: Backport fixes to build with glibc 2.43 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-13 23:02:37 -08:00
Vishwas Udupa 89b44b73dc chrony: remove buildtime installation of /var/lib/chrony 
Since commit 3200122d68 (chrony: create /var/lib/chrony by systemd-tmpfiles)
tmpfiles.d mechanism already ensures populating /var/lib/chrony at runtime.
Introduce volatiles mechanism to make sure the directory is created
at runtime for sysvinit as well.
Since /var/lib/chrony is populated at runtime, stop packaging at build time.
this helps to align towards stateless system expectations
or when updates are done via meta-updater.

Signed-off-by: Vishwas Udupa <vudupa@qti.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-13 10:15:06 -08:00
Yi Zhao d5d773469b dhcp-relay: update UPSTREAM_CHECK_REGEX 
Update UPSTREAM_CHECK_REGEX to check the correct latest stable verison.

Before the patch:
$ devtool latest-version dhcp-relay
INFO: Current version: 4.4.3p1
INFO: Latest version: 4.4.3

After the patch:
$ devtool latest-version dhcp-relay
INFO: Current version: 4.4.3p1
INFO: Latest version: 4.4.3-P1

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-13 10:15:06 -08:00
Yi Zhao 686c0625b8 ntp: add UPSTREAM_CHECK_URI 
Add UPSTREAM_CHECK_URI to check the correct latest stable verison.

Before the patch:
$ devtool latest-version ntp
INFO: Current version: 4.2.8p18
INFO: Latest version:

After the patch:
$ devtool latest-version ntp
INFO: Current version: 4.2.8p18
INFO: Latest version: 4.2.8p18

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-13 10:15:06 -08:00
Wang Mingyu 5de3b13849 libdaq: upgrade 3.0.21 -> 3.0.22 
Changelog:
 api: add drop reason in daq flow stats

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-11 10:19:41 -08:00
Khem Raj 64f7fef439 atftp,tftp-hpa,vsftpd,dante,stunnel: Disable and remove tcp-wrapper support 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-11 10:19:40 -08:00
Khem Raj 844f1213d2 libldb: Fix build with glibc 2.43 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-10 20:31:55 -08:00
Khem Raj f2fa2dc3cf snort3: Upgrade to 3.9.7.0 
Fix build with C23 glibc while here

Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-10 20:31:54 -08:00
Moraless Philius 91a1d13cc4 libtalloc: fix pytalloc package ordering 
The libtalloc recipe did not properly populate the pytalloc package
because pytalloc was listed after the main libtalloc package in the
PACKAGES variable. As a result, the pytalloc package contained only
talloc.so and was missing other required files.

Signed-off-by: Moraless Philius <moraless.philius5@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-10 07:50:05 -08:00
Yi Zhao 945ef788cf tunctl: inherit sourceforge-releases class 
Inherit sourceforge-releases class to check the correct latest stable
verison.

Before the patch:
$ devtool latest-version tunctl
INFO: Current version: 1.5
INFO: Latest version:

After the patch:
$ devtool latest-version tunctl
INFO: Current version: 1.5
INFO: Latest version: 1.5

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-09 06:52:52 -08:00
Yi Zhao 85ecfad5b0 tcpreplay: add UPSTREAM_CHECK_REGEX 
Add UPSTREAM_CHECK_REGEX to check the correct latest stable verison.

Before the patch:
$ devtool latest-version tcpreplay
INFO: Current version: 4.5.2
INFO: Latest version:

After the patch:
$ devtool latest-version tcpreplay
INFO: Current version: 4.5.2
INFO: Latest version: 4.5.2

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-09 06:52:52 -08:00
Yi Zhao c65342ce85 radvd: add UPSTREAM_CHECK_URI 
Add UPSTREAM_CHECK_URI and UPSTREAM_CHECK_REGEX to check the correct
latest stable verison.

Before the patch:
$ devtool latest-version radvd
INFO: Current version: 2.20
INFO: Latest version:

After the patch:
$ devtool latest-version radvd
INFO: Current version: 2.20
INFO: Latest version: 2.20

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-09 06:52:51 -08:00
Yi Zhao 2aca5d6cd9 ptpd: inherit sourceforge-releases class 
Inherit sourceforge-releases class to check the correct latest stable
verison.

Before the patch:
$ devtool latest-version ptpd
INFO: Current version: 2.3.1
INFO: Latest version:

After the patch:
$ devtool latest-version ptpd
INFO: Current version: 2.3.1
INFO: Latest version: 2.3.1

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-09 06:52:51 -08:00
Yi Zhao 0586c2e570 postfix: add UPSTREAM_CHECK_URI 
Add UPSTREAM_CHECK_URI and UPSTREAM_CHECK_REGEX to check the correct
latest stable verison.

Before the patch:
$ devtool latest-version postfix
INFO: Current version: 3.10.5
INFO: Latest version:

After the patch:
$ devtool latest-version postfix
INFO: Current version: 3.10.5
INFO: Latest version: 3.10.5

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-09 06:52:51 -08:00
Yi Zhao 7a038a35cc openipmi: inherit sourceforge-releases class 
Inherit sourceforge-releases class to check the correct latest stable
verison.

Before the patch:
$ devtool latest-version openipmi
INFO: Current version: 2.0.36
INFO: Latest version:

After the patch:
$ devtool latest-version openipmi
INFO: Current version: 2.0.36
INFO: Latest version: 2.0.37

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-09 06:52:51 -08:00
Yi Zhao 3eb5d38810 PATCH 2/8] netcat: inherit sourceforge-releases class 
Inherit sourceforge-releases class to check the correct latest stable
verison.

Before the patch:
$ devtool latest-version netcat
INFO: Current version: 0.7.1
INFO: Latest version:

After the patch:
$ devtool latest-version netcat
INFO: Current version: 0.7.1
INFO: Latest version: 0.7.1

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-09 06:52:51 -08:00
Yi Zhao 5f756ae780 ipset: add UPSTREAM_CHECK_URI 
Add UPSTREAM_CHECK_URI and UPSTREAM_CHECK_REGEX to check the correct
latest stable verison.

Before the patch:
$ devtool latest-version ipset
INFO: Current version: 7.24
INFO: Latest version:

After the patch:
$ devtool latest-version ipset
INFO: Current version: 7.24
INFO: Latest version: 7.24

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-09 06:52:51 -08:00
Gyorgy Sarvari 6f2ec3922f netsniff-ng: upgarde 0.6.8 -> 0.6.9 
Source branch was renamed from master to main.
Drop patch that was incorporated in this release.

Changelog:
Use GitHub actions for CI
Allow to manually define CPUs for trafgen
Fix make install and output netsniff-ng stats on stderr
trafgen: Fix for ipv6 header generation when L3-only devices are present
mausezahn: use getopt_long instead of getopt
build: fix install dependencies in Makefile template
trafgen: move cpu stats temp file to /tmp
ring_tx: handle EINTR from sendto

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-08 23:04:38 -08:00
Gyorgy Sarvari f60db58ea4 mbedtls: update SRC_URI branch 
Branch was renamed.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-11-08 06:53:05 -08:00