This commit updates the RDEPENDS for the ptest package to include
${PN}-python only when the 'python' PACKAGECONFIG option is enabled.
This change will ensure that we dont get below failure when ptest is enabled in the distro features,
and packageconfig is not set.
It causes this error-
ERROR: Nothing RPROVIDES 'nftables-python' (meta-openembedded/meta-networking/recipes-filter/nftables/nftables_1.1.6.bb RDEPENDS on or otherwise requires it)
NOTE: Runtime target 'nftables-python' is unbuildable, removing...
Missing or unbuildable dependency chain was: ['nftables-python']
ERROR: Required build target 'nftables' has no buildable providers.
Missing or unbuildable dependency chain was: ['nftables', 'nftables-python']
Signed-off-by: Naman Jain <namanj1@kpit.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
==========
- Issue 2057 - SQL Injection in mod_wrap2_sql via reverse DNS
hostname (CVE-2026-44331).
- Issue 2056 - Incomplete fix for session management with OpenSSL 3.2.x or
later, when using TLSv1.2 or earlier. This complements the fix for
Issue #1963.
- Issue 2098 - Hard quota limits on uploads do not cause SFTP WRITE requests
to fail as expected.
- Issue 2102 - SSH payload length underflow calculation for ETM/ChaChaPoly
algorithms in mod_sftp.
- Issue 2104 - SSH packet with empty payload triggers null pointer dereference
in mod_sftp.
- Issue 2106 - Bad DSA signatures can lead to out-of-bounds read of heap memory
in mod_sftp.
- Issue 2108 - Mismatched RSA/DSA algorithm signatures can lead to null
dereference in mod_sftp.
- Issue 2115 - SFTP request payload length underflow calculation in mod_sftp.
- Issue 2120 - Several modules fail to build using OpenSSL 4.0.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
After the recent recipe update I see this build error:
| Makefile.linux:67: config.mk: No such file or directory
| make: *** No rule to make target '/configure', needed by 'config.mk'. Stop.
Run the configure script so that config.mk gets created
Also fix LIC_FILE_CHECKSUM. Copyright year has been changed
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Several useful clients are available as part of the overall mDNSResponder
build, package these alongside the main binary.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Be explicit about where we're taking the installation pieces from rather than
having the complexity of mixed build/source pieces based on current directory
and then confusing anyone who tries to append to do_install.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
These three knobs are exposed to reduce the code size for embedded (see
mDNSCore/mDNSEmbeddedAPI.h). If you need them, you'll know you need
them, everyone else almost certainly doesn't.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Drop 0001-Add-OpenEmbedded-cross-compile-case.patch as genconfig.sh
was removed upstream in 2.3.x.
Signed-off-by: Filipe Pires <filipe.pires@konsulko.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
A buffer overflow in dnsmasq’s extract_addresses() function allows
an attacker to trigger a heap out-of-bounds read and crash by
exploiting a malformed DNS response, enabling extract_name()
to advance the pointer past the record’s end.
Reference:
[ https://nvd.nist.gov/vuln/detail/CVE-2026-5172 ]
Signed-off-by: Abhishek Bachiphale <Abhishek.Bachiphale@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
dnsmasqs extract_name() function can be abused to cause a heap buffer
overflow, allowing an attacker to inject false DNS cache entries,
which could result in DNS lookups to redirect to an attacker-controlled
IP address, or to cause a DoS.
Reference:
[ https://nvd.nist.gov/vuln/detail/CVE-2026-2291 ]
Signed-off-by: Abhishek Bachiphale <Abhishek.Bachiphale@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* Refresh patch to mute patch-fuzz
* Remove 0001-makedefs-Account-for-linux-7.x-version.patch
* This upgrade include the following commit, which make postfix can
compile on latest stable ubuntu 26.04, which have Linux 7.x kernel
Postfix works on Linux 7.x kernels. Frank Scheiner. Files:
makedefs, util/sys_defs.h.
Changes:
https://www.ftp.saix.net/MTA/postfix/official/postfix-3.11.2.HISTORY
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Add a systemd PACKAGECONFIG option to install nftables systemd unit files.
When "systemd" is present in DISTRO_FEATURES, the option is enabled and
the service is installed but disabled by default.
Signed-off-by: Piotr Wejman <piotr.wejman@arm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Khem Raj
Naman Jain
Wang Mingyu
Mingli Yu
Abhishek Bachiphale
Ankur Tyagi
Markus Volk
Alex Kiernan
Filipe Pires
Adam Duskett
Changqing Li
Piotr Wejman