*Changes*
Bug #1861: Suricata with multi tenancy does not start in 3.1/3.1.1
Bug #1889: Suricata doesn't error on missing semicolon
Bug #1910: libhtp 0.5.23 (3.1.x)
Bug #1912: http.memcap reached condition can lead to dead lock
Bug #1913: af-packet fanout detection broken on Debian Jessie
Bug #1933: unix-command socket created with last character missing (3.1.x)
Bug #1934: make install-full does not install tls-events.rules (3.1.x)
Bug #1941: Can't set fast_pattern on tls_sni content (3.1.x)
Bug #1942: dns - back to back requests results in loss of response (3.1.x)
Bug #1943: Check redis reply in non pipeline mode (3.1.x)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
* Changes:
- New option 'SetAuditdFlags = r|w|x|a' to (re-)define the flags supplied
to auditd.
- New option 'PortCheckDevice = device' for the port check module, to monitor
a device regardless of the address assigned to it.
- Fix for the case sensitivity of the arguments to the Severity/Class options.
- Compiler warnings with gcc 6.2 and a few minor bugs have been fixed.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
.8/src/tpm_mgmt/tpm_present.c
| ../../../tpm-tools-1.3.8/src/tpm_mgmt/tpm_present.c: In function 'main':
| ../../../tpm-tools-1.3.8/src/tpm_mgmt/tpm_present.c:358:5: error: this 'if' clause does not guard... [-Werror=misleading-indentation]
| if (szTpmPasswd && !isWellKnown)
| ^~
| ../../../tpm-tools-1.3.8/src/tpm_mgmt/tpm_present.c:360:2: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the 'if'
| return iRc;
| ^~~~~~
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Commit 217e06badb [clamav: fix gcc 6.x
build failure.] fixed a typo in "PACKAGECONFIG" (was missing the 'G')
but unfortunately the PACKAGECONFIG string was incorrectly formed due
to mismatched quotes. This caused a parsing error:
ERROR: Unable to parse .../meta-security/recipes-security/clamav/clamav_0.99.2.bb
...
Removed the unneeded quotes to fix the parsing issue.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
* update the SRC_URI since it's been moved
from bitbucket to github.
* add ptest support
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
paxctl-native is needed to build paxtest.
Do not use the install target in Makefile for paxctl-native, it will
fail with error:
install: cannot change ownership of '.../sbin/paxctl': \
Operation not permitted
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
1) Upgrade samhain from 4.1.4 to 4.1.5.
2) Add TARGET_CC_ARCH.Fix error.
ERROR: samhain-server-4.1.5-r0 do_package_qa: QA Issue: No GNU_HASH in the elf binary: '/yocto/work001/fnst/wangx/poky/build/tmp/work/i586-poky-linux/samhain-server/4.1.5-r0/packages-split/samhain-server/usr/sbin/yule_setpwd'
No GNU_HASH in the elf binary: '/yocto/work001/fnst/wangx/poky/build/tmp/work/i586-poky-linux/samhain-server/4.1.5-r0/packages-split/samhain-server/usr/sbin/yulectl' [ldflags]
Signed-off-by: Wang Xin <wangxin2015.fnst@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
4.1.4:
- Fix for issues with re-evaluation of paths with wildcard patterns:
- no re-evaluation if no match at process startup
- if same pattern used for a file=.. and dir=.. directive, only
one (the first in config file) is re-evaluated
- Fix for issues with new directories created when inotify is used:
- recursion depth is not properly set for new directory
- directory gets watched even if recursion depth should be below zero
4.1.3:
- Fix for a regression in DNS resolving if samhain is compiled
with '--enable-static'
- On Cygwin/Windows, the default for the 'AvoidBlock' option is now 'off'
because of problems reported for this platform.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
WARNING: nmap-7.12-r0 do_package: QA Issue: nmap: Files/directories were installed but not shipped in any package:
/usr/lib
/usr/bin/ndiff
/usr/bin/nping
/usr/bin/ncat
/usr/lib/python2.7
/usr/lib/python2.7/site-packages
/usr/lib/python2.7/site-packages/ndiff.pyc
/usr/lib/python2.7/site-packages/ndiff.py
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
nmap: 8 installed and not shipped files. [installed-vs-shipped]
remove crazyness and let the system figure out packaging info
remove ndiff.py* as the compiled version is installed in /usr/bin
and remove the leftover python site-package cruft.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
It is better to put necessary work into do_patch task than add a new task.
Otherwise,you can not get correct source code in some functions(such as archiver.bbclass).
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
drop lib version in package name
drop insane and remove broken symlink
Use LEAD_SONAME
Don't hard code lib version in tasks
Use native chrpath not the host provided version
Signed-off-by: Armin Kuster <akuster808@gmail.com>
