Changelog:
==========
* make sure Homebrew packages for macOS are built with --enable-legacy-pppd
* do not print TLS socket options in log (revert change from 1.16.0)
* add option to specify SNI
* change most occurrences of "SSL" to "TLS" in user-visible text
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
-Merge pull request #1444 from yishaih/mlx5_dr
-Merge pull request #1439 from Kamalheib/qedr_pr
-mlx5: DR, Using sq ts format when RoCE is disabled
-Merge pull request #1440 from Honggang-LI/doc
-librdmacm: adjust ECE function name in man page
-providers/qedr: Remove unused debug files
-roviders/qelr: Replace DP_ERR with verbs_err
-providers/qelr: Replace DP_VERBOSE with verbs_debug
-providers/qelr: Remove unused macros
-Merge pull request #1438 from amzn/fix-rdma-tracepoint
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The following paths have been replaced with PYTHON_SITEPACKAGES_DIR:
- "${libdir}/${PYTHON_DIR}/site-packages"
- "${libdir}/python${PYTHON_BASEVERSION}/site-packages"
- "${libdir}/python*/site-packages"
- "${libdir}/python3.*/site-packages"
Signed-off-by: alperak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This also fixes all ptests, therefore move freediameter
out of PTESTS_PROBLEMS_META_NETWORKING to PTESTS_FAST_META_NETWORKING
Signed-off-by: Khem Raj <raj.khem@gmail.com>
CVE-2024-0962:
A vulnerability was found in obgm libcoap 4.3.4. It has been rated as critical. Affected by this issue is the function get_split_entry of the file src/coap_oscore.c of the component Configuration File Handler. The manipulation leads to stack-based buffer overflow.
Upstream-Status: Backport [https://github.com/obgm/libcoap/pull/1311]
WARNING: libcoap-4.3.4-r0 do_cve_check: Found unpatched CVE (CVE-2024-0962)
This vulnerability is only exist in 4.3.4.
Signed-off-by: alperak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
oldincludedir was removed in oe-core by
commit 506c91cbc6a604a84e37e53ccff430436369802e
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
It gets OOMs with memory < 2G on x86_64 qemu
Export NFT variable in run-ptest script its used by few tests
Add required runtime dependencies for ptests to pass
This also requires changes to kernel config
features/nf_tables/nft_test.scc and CONFIG_VETH
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Switch SRC_URI to https (yes, the URI still has ftp in the path!).
Also drop the obsolete SRC_URI[md5sum].
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Switch the SRC_URI from "ftp:" to "https:". Drop the obsolete SRC_URI[md5sum].
Drop ncftp-3.2.5-gcc10.patch since we're using gcc13 and upstream has fixed the build
to work by adding an extern to sh_util/gpshare.c for example.
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The following ShellCheck violations in "run-ptest" are fixed:
- line 4:
SC2164: Use 'cd ... || exit' or 'cd ... || return' in case cd fails.
- line 7:
SC2086: Double quote to prevent globbing and word splitting.
- line 9:
SC2006: Use $(...) notation instead of legacy backticks `...`.
SC2086: Double quote to prevent globbing and word splitting.
SC2126: Consider using 'grep -c' instead of 'grep|wc -l'.
- line 10:
SC2006: Use $(...) notation instead of legacy backticks `...`.
SC2086: Double quote to prevent globbing and word splitting.
SC2126: Consider using 'grep -c' instead of 'grep|wc -l'.
- line 17:
SC2086: Double quote to prevent globbing and word splitting.
Signed-off-by: William Lyu <William.Lyu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fix the following ptest output format issues:
- For "sed" command, change "-e" option to "-E" option. I believe the
previous "-e" option is a typo based on the manual page of "sed":
-e script, --expression=script
add the script to the commands to be executed
"-E" option, on the other hand, makes "sed" "use extended regular
expressions in the script" according to the manual page.
- The test result summary line is being treated as both a passed
testcase and a failed testcase due to this line containing substring
"[OK]" and "[FAILED]". The following is a sample test result summary
line:
I: results: [OK] 379 [SKIPPED] 1 [FAILED] 0 [TOTAL] 380
The fix is to change run-ptest to look for "I: [OK]" and
"W: [FAILED]" when determining which lines correspond to
passed/failed testcases.
- Previously, only "W: [FAILED]" out of the following testcase failure
prompts is parsed:
W: [CHK DUMP]
W: [VALGRIND]
W: [TAINTED]
W: [DUMP FAIL]
W: [FAILED]
Adding parsing for all testcase failure prompts.
Signed-off-by: William Lyu <William.Lyu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* Add --without-rlm_json to fix:
configure: error: set --without-rlm_json to disable it explicitly
* Add --without-rlm_cache_redis to fix:
configure: error: set --without-rlm_cache_redis to disable it explicitly.
* Drop 0017-add-python.m4-for-detecting-python-3.10.patch and add
0017-Add-acinclude.m4-to-include-required-macros.patch to fix python3 related
build errors
* Rebased other patches for 3.2.3.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Bugfix:
=========
-wnpa-sec-2024-06 T.38 dissector crash.
-Extcap with configuration never starts; "Configure all extcaps before start of capture." is shown instead.
-Packet Dissection CSV Export includes last column even if hidden.
-Inject TLS secrets closes Wireshark on Windows.
-Wireshark crashes when adding another port to the HTTP dissector.
-When adding a new row to a table an error report may be inserted.
-'--export-objects' does not work as expected on tshark version later than 3.2.10.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Curl for People C++ Requests is a simple wrapper around
libcurl inspired by the excellent Python Requests project.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The last patch 0012-Fix-configuration-of-NETSNMP_FD_MASK_TYPE.patch
brought in with 5.9.4 upgrade is not sufficient and infact has a regression
introduced for clang+musl builds.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
License-Update: Update copyright years to 2024
ChangeLog:
https://github.com/OpenVPN/openvpn/blob/v2.6.10/Changes.rst
Security fixes:
CVE-2024-27459: Windows: fix a possible stack overflow in the
interactive service component which might lead to a local privilege
escalation.
CVE-2024-24974: Windows: disallow access to the interactive service pipe
from remote computers.
CVE-2024-27903: Windows: disallow loading of plugins from untrusted
installation paths, which could be used to attack openvpn.exe via a
malicious plugin. Plugins can now only be loaded from the OpenVPN
install directory, the Windows system directory, and possibly from a
directory specified by HKLM\SOFTWARE\OpenVPN\plugin_dir.
CVE-2024-1305: Windows TAP driver: Fix potential integer overflow in
!TapSharedSendPacket.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- Improve performance when getting interface status
- update project URL
- Add environment variables to manpage.
- Don't start the daemon if there's nothing to do
- _interface_scan: fix wrong index into iface map
- _interface_scan: force handle_state for new interfaces
- Add missing administrative state 'initialized'
- use os.path.dirname instead of os.path.basename
- make sure scripts are not writeable by non-root users
- don't allow unknown operational/admin states (CVE-2022-29799, CVE-2022-29800)
- Fix missing word in exception message
- fix some new linting issues from pylint
- manpage: fix missing slash in "configured.d" directory name
- Normalize parsed IP address value
- Drop support for Python 3.4
- Add testing for Python 3.10
- README.md: fix code formatting
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Wang Mingyu
Martin Jansa
Alexander Vickberg
Yi Zhao
alperak
Khem Raj
Peter Marko
Randy MacLeod
Beniamin Sandu
Alex Kiernan
William Lyu
Robert Yang
Armin Kuster
Thomas Roos
Jörg Sommer