The monlist feature in ntp_request.c in ntpd in NTP before
4.2.7p26 allows remote attackers to cause a denial of service
(traffic amplification) via forged (1) REQ_MON_GETLIST or
(2) REQ_MON_GETLIST_1 requests, as exploited in the wild
in December 2013.
Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
There is a problem in configure.ac file that whether or not
'--enable-debugging' is specified in configure cmdline, debugging
is always enabled.
We should disable ntp debugging by default.
Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Below error appears as login was auto-detected by default:
| telnetd: /usr/bin/login -p -h 192.168.2.1 : No such file or directory.
| Connection closed by foreign host.
Signed-off-by: Ting Liu <ting.liu@freescale.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The deprecated test code was no longer used, so remove it
to avoid compiling failure with -Werror=unused-function
...
| example21.cpp:51:8: error: 'size_t {anonymous}::readData(char*,
size_t, size_t)' defined but not used [-Werror=unused-function]
| size_t readData(char *buffer, size_t size, size_t nitems)
...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Patches really belong in the recipe, not the .inc, given patches are generally
version-bound.
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* fixes floating dependency:
WARNING: QA Issue: snort rdepends on util-linux-libuuid but it isn't a build dependency? [build-deps]
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The dnsmasq target depends on .configured and $(objs). .configured does an rm
-f *.o. Yet the only thing telling make to build the .configured target before
the $(objs) target was the order of the dependencies of the dnsmasq target. We
can't rely on that order when doing a paralllel make build, so add an explicit
rule to enforce that order.
Signed-off-by: Christopher Larson <kergoth@gmail.com>
Signed-off-by: Shrikant Bobade <Shrikant_Bobade@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Commit 6d781369 warranted a PE bump but didn't include it. Update it,
correct a typo in EXTRA_OECONF and explicitly disable c-ares resolver at
the same time.
Acked-by: Armin Kuster <akuster@mvista.com>
Acked-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Minor tweaks to the README to make the email suggestion follow the format
used in other meta-openembedded README files and adding clarification on
building wireshark in a GUI environment.
Acked-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
There are a few recipes in meta-networking that depend unconditionally on
components in meta-oe, so indicate that in the README.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
This should address issues found in test-dependencies 2014-07-25
wireshark/wireshark/latest lost dependency on libcap libnl libnl-genl libnl-nf libnl-route portaudio-v19 sbc
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* Inital wireshark support on gtk+, gtk3
* README with additional info
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* Dead peer detection (DPD) is a method that network devices use to verify
the current existence and availability of other peer devices.
* NAT traversal (sometimes abbreviated as NAT-T) is a general term for
techniques that establish and maintain Internet protocol connections
traversing network address translation (NAT) gateways
Signed-off-by: Ting Liu <b28495@freescale.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
1. use PACKAGECONFIG
2. add three patches which will add the address check, to avoid SEGFAULT
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
it will lead to QA failure, since .debug dir can not be installed into dbg package
ERROR: QA Issue: non debug package contains .debug directory: openvpn path
/work/core2-64-wrs-linux/openvpn/2.3.4-r0/packages-split/openvpn/usr/lib64i
/openvpn/plugins/.debug/openvpn-plugin-down-root.so [debug-files]
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* otherwise the result isn't deterministic
WARN: packages/armv5te-oe-linux-gnueabi/snort/snort/latest lost dependency on libcrypto
* enable it by default, disabling currently doesn't work, because there are --with flags for
openssl, but then configure.in still checks for sha.h header with
AC_CHECK_HEADERS([openssl/sha.h],, SHA_H="no")
and autodetects it, I'll leave patching configure to someone who
is actually using snort (this issue was reported many times and
nobody seems to care).
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* otherwise m4 eats all memory and is killed by OOMK
[1051138.019784] Out of memory: Kill process 26264 (m4) score 860 or sacrifice child
[1051138.019788] Killed process 26264 (m4) total-vm:23062712kB, anon-rss:15066516kB, file-rss:100kB
* very strange, but m4 and snort sometimes have strange side-effects,
from first google result:
http://www.hipforums.com/newforums/showthread.php?t=466568
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
- Added .bb for version 2.3.4.
- The download URL was broken; it's changed to reflect where the website
points to.
- Force use of iproute2, which is generally recommended when running
OpenVPN as an unprivileged user. Ref:
http://community.openvpn.net/openvpn/wiki/UnprivilegedUser
- Explicitly add libpam to DEPENDS if pam is enabled, and disable the
auth-pam plugin if pam is not enabled.
- Pass the path to the 'ip' utility to the configure script to keep it
from trying to find it on the host.
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com>
Signed-off-by: Ben Shelton <ben.shelton@ni.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
WARNING: QA Issue: vsftpd: Files/directories were installed but not shipped
/run
/run/vsftpd
/run/vsftpd/empty
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
1. update the patch tcpdump_configure_no_-O2.patch
2. do not check libdlpi dependence on cross-compile, or else it will
cause do_qa_configure to fail.
3. do not check libpcap dependence, since the libpcap has been added
into DEPENDS, or else it will cause do_qa_configure to fail
4. make the check of getaddrinfo work on cross-compile
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Postfix is Wietse Venema's mail server that started life at IBM
research as an alternative to the widely-used Sendmail program.
Postfix attempts to be fast, easy to administer, and secure.
The outside has a definite Sendmail-ish flavor, but the inside
is completely different.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Fixed SRC_URI:
* ${PN} -> ${BPN}, use ${BP} if it was ${PN}-${PV}
* ${P} -> ${BP}
Otherwise we would meet do_fetch errors when we do the multilib, native
or nativesdk build.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Zhang Xiao
Xufeng Zhang
lchristina26
Roy Li
Ting Liu
Hongxu Jia
Christopher Larson
Martin Jansa
Shrikant Bobade
Joe MacDonald
Yue Tao
Armin Kuster
Richard Purdie
Ting Liu
Richard Tollerton
Wenzong Fan
Jackie Huang
Robert Yang