mirrors/meta-security
1
0
Fork 0
mirror of https://git.yoctoproject.org/meta-security synced 2026-01-12 03:10:13 +00:00
Code Issues Projects Releases Wiki Activity
1,690 Commits 37 Branches 0 Tags
master
Commit Graph

10 Commits

Author SHA1 Message Date
Marta Rybczynska
7bdd0a8b48 bastille: prevent host uids on files 
We get an intermittent QA error about file permissions, happening roughly
on 1 build of 10.

The change adds chown to prevent host ids on files related to the
set_required_questions.py script, to avoid long debugging for now.

Signed-off-by: Marta Rybczynska <marta.rybczynska@ygreky.com>
 2025-07-23 18:45:56 +02:00
Marta Rybczynska
828a78314f checksecurity: update the debian package 
The previously used package (nmu1) is not longer available, use the latest current
one (nmu3). The changelog between the two:

checksecurity (2.0.16+nmu3) unstable; urgency=medium

  * Non-maintainer upload.
  * Fix "missing required debian/rules targets build-arch and/or build-
    indep": Add targets to debian/rules.
    (Closes: #999082)
  * Fix "Removal of obsolete debhelper compat 5 and 6 in bookworm":
    Bump to 7 in debian/{compat,control}.
    (Closes: #965448)
  * Fix some grave packaging errors:
    - move debhelper from Build-Depends-Indep to Build-Depends
    - remove temporary files debian/postrm.debhelper and debian/substvars from
      source package

 -- gregor herrmann <gregoa@debian.org>  Sun, 26 Dec 2021 01:56:10 +0100

checksecurity (2.0.16+nmu2) unstable; urgency=medium

  * Non maintainer upload by the Reproducible Builds team.
  * No source change upload to rebuild on buildd with .buildinfo files.

 -- Holger Levsen <holger@debian.org>  Fri, 01 Jan 2021 19:17:53 +0100

Signed-off-by: Marta Rybczynska <marta.rybczynska@ygreky.com>
 2025-07-23 18:45:56 +02:00
Scott Murray
0272225ccd Adapt to S/UNPACKDIR changes 
Remove or update S definitions as required to work with oe-core
S/UNPACKDIR changes.

Signed-off-by: Scott Murray <scott.murray@konsulko.com>
 2025-07-04 12:41:20 -04:00
J. S.
4e2b318a86 Fix warning : lack of whitespace around assignment 
v2 : also fix some typos while we are here.
v3 : add fixes for isic and checksecurity

Signed-off-by: Jason Schonberg <schonm@gmail.com>
[removed already applied change]
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
 2025-07-04 12:40:38 -04:00
Mikko Rapeli
f261a2b95a bastille: UNPACKDIR fixes 
New poky version uses UNPACKDIR instead of WORKDIR

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-07-29 20:07:01 -04:00
Armin Kuster
7840dd1b53 bastille: bastille/config should not be world writeable. 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-07-31 06:18:36 -04:00
Martin Jansa
f5bc417f32 dynamic-layers: *.patch: fix malformed and missing Upstream-Status lines 
* as reported by openembedded-core/scripts/contrib/patchreview.py -v .

Missing Upstream-Status tag (dynamic-layers/meta-perl/recipes-scanners/checksecurity/files/check-setuid-use-more-portable-find-args.patch)
Missing Upstream-Status tag (dynamic-layers/meta-python/recipes-security/fail2ban/files/0001-To-fix-build-error-of-xrang.patch)

Malformed Upstream-Status 'Malformed Upstream-Status in patch dynamic-layers/meta-perl/recipes-security/bastille/files/accept_os_flag_in_backend.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch dynamic-layers/meta-perl/recipes-security/bastille/files/allow_os_with_assess.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch dynamic-layers/meta-perl/recipes-security/bastille/files/call_output_config.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch dynamic-layers/meta-perl/recipes-security/bastille/files/do_not_apply_config.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch dynamic-layers/meta-perl/recipes-security/bastille/files/edit_usage_message.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch dynamic-layers/meta-perl/recipes-security/bastille/files/find_existing_config.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch dynamic-layers/meta-perl/recipes-security/bastille/files/fix_missing_use_directives.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch dynamic-layers/meta-perl/recipes-security/bastille/files/fix_number_of_modules.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch dynamic-layers/meta-perl/recipes-security/bastille/files/fix_version_parse.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch dynamic-layers/meta-perl/recipes-security/bastille/files/fixed_defined_warnings.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch dynamic-layers/meta-perl/recipes-security/bastille/files/organize_distro_discovery.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch dynamic-layers/meta-perl/recipes-security/bastille/files/remove_questions_text_file_references.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch dynamic-layers/meta-perl/recipes-security/bastille/files/simplify_B_place.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch dynamic-layers/meta-perl/recipes-security/bastille/files/upgrade_options_processing.patch
Malformed Upstream-Status 'Malformed Upstream-Status in patch dynamic-layers/meta-perl/recipes-security/nikto/files/location.patch

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-06-25 15:05:28 -04:00
Armin Kuster
ab80ee71de checksecurity: update to 2.0.16 
Drop setuid-log-folder.patch, using sed instead.
Refresh patch check-setuid-use-more-portable-find-args.patch

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-04-08 10:49:38 -04:00
Armin Kuster
28194e9251 packagegroup-core-security: add perl pkgs grps 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-05-14 10:51:32 -07:00
Armin Kuster
a764533c20 meta-security: move perl and python recipes to dynamic layers structure 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-05-14 10:51:32 -07:00