mirrors/meta-security
1
0
Fork 0
mirror of https://git.yoctoproject.org/meta-security synced 2026-05-07 04:58:47 +00:00
Code Issues Projects Releases Wiki Activity
519 Commits 39 Branches 0 Tags
78d7a2ef2612532a2fa4efbadcf0e3afdb166a12
Commit Graph

519 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Armin Kuster eb6fa0cf47 lynis: update to 2.7.2 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-16 04:17:29 -07:00
Armin Kuster acd6a1aa9a tpm2-totp: add new package 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-16 04:17:29 -07:00
Armin Kuster a471489ea2 tpm2: move tpm2 apps to recipes-tpm2 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-16 04:17:29 -07:00
Armin Kuster 77740fc3bd tpm2-tss-engine: add new package 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-16 04:17:29 -07:00
Armin Kuster 66d48abff2 tpm2.0-tools: update SRC_URI 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-16 04:17:29 -07:00
Armin Kuster 4e47373858 tpm2-abrmd: updatet to 2.1.1 
switch SRC_URI to upstream

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-16 04:17:19 -07:00
Armin Kuster 712a635f37 suricata: update to 4.1.3 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-12 11:07:55 -07:00
Armin Kuster 0d8f900816 packagegroup-core-security: change fail2ban ptest to reg python pkg 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-12 11:07:46 -07:00
Armin Kuster c4f1c91377 tripwire: fix ptest so more tests pass 
replace relative path with abs path for binaries.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-08 14:51:55 -08:00
Armin Kuster dd6006e8bc keyutils: improve ptests 
Tests need lsb

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-08 14:51:55 -08:00
Yi Zhao d0fc8c6f70 oe-scap: fix inconsistent indentation 
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-08 14:51:55 -08:00
Yi Zhao 70802667ab openscap-daemon: backport patch to fix build error with python 3.7 
Fixes build error:
  | Traceback (most recent call last):
  |   File "setup.py", line 25, in <module>
  |     from openscap_daemon import version
  |   File "/buildarea/build/tmp/work/core2-64-poky-linux/openscap-daemon/0.1.10-r0/git/openscap_daemon/__init__.py", line 22, in <module>
  |     from openscap_daemon.system import System
  |   File "/buildarea/build/tmp/work/core2-64-poky-linux/openscap-daemon/0.1.10-r0/git/openscap_daemon/system.py", line 29
  |     from openscap_daemon import async
  |                                     ^
  | SyntaxError: invalid syntax

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-08 14:51:55 -08:00
Yi Zhao b081fdc807 scap-security-guide: use makefile generator instead of ninja for cmake 
Fixes build error:
  | make: *** No rule to make target 'openembedded'.  Stop.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-08 14:51:55 -08:00
Armin Kuster f3a2f4e04e swtpm: update to stable release 0.1.0 
added PE

split cuse into its own package

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster c17e39b705 libtpm: upate to stable 0.6.0 
Add PE

This update include support for tpm2.0

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster 6a18b6c145 tpm2-abrmd: update to 2.1.0 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster 155c0cb09d tpm2.o-tss: update to 2.4.1 
LIC_FILES_CHKSUM changed to do SPDX ref being removed.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster e7dec926cf tpm2.0-tools: update 3.1.3 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster 49cdcd42e9 keyutils: update to 1.6 
remove patch now included in update:
keyutils-use-relative-path-for-link.patch

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster 6cc71c7d07 suricata: update to 4.0.6 
includes: SMTP crash issue was fixed: CVE-2018-18956

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster 65097a0867 python-fail2ban: update 0.10.4.0 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster d7fc8dd898 libmspack: update to 0.9.1 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster 9c471d4d23 tripwire: update to 2.4.3.7 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster 7b997bdddf samhain: update to 4.3.2 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Changqing Li a4f226edf0 xmlsec1: add PACKAGECONFIG disable-des 
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:25 -08:00
Armin Kuster 455a6412bb libwhisker2-perl: fix QA message 
WARNING: libwhisker2-perl-2.5-r0 do_package: QA Issue: libwhisker2-perl: Files/directories were installed but not shipped in any package:
  /usr/share
  /usr/share/perl
  /usr/share/perl/5.28.1
  /usr/share/perl/5.28.1/LW2.3pm

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:54 -08:00
Armin Kuster 3580a04766 clamav: update llvm to 8.0 
ERROR: Nothing PROVIDES 'llvm6.0'

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:54 -08:00
Armin Kuster 0e8ac771a0 scapy: restore ptest by going to github directly 
The pypi package removed the tests so
go to the git repo directly.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:54 -08:00
Scott Ellis 5e7b4a96ad scapy: Fix shebang for python3 
Both scapy and UTscapy have python in the shebang line
regardless of whether python3-scapy or python-scapy
was built.

Signed-off-by: Scott Ellis <scott@jumpnowtek.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:54 -08:00
Scott Ellis 3d812a22c2 scapy: Add python-cryptography to RDEPENDS 
Signed-off-by: Scott Ellis <scott@jumpnowtek.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:54 -08:00
Scott Ellis 82118c2bd4 Upgrade scapy to 2.4.2 
Upstream MANIFEST.in removed doc and test directories
so remove ptest.

Signed-off-by: Scott Ellis <scott@jumpnowtek.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:54 -08:00
Adrian Bunk 29ef6cccea xmlsec1: upgrade 1.2.26 -> 1.2.27 
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:54 -08:00
Adrian Bunk 73bc1f132e xmlsec1: Make the crypto libraries a PACKAGECONFIG 
Usually one doesn't need variants for all 4 different
crypto libraries installed at the same time.

Also remove a libgpg-error DEPENDS that is not used
directly by xmlsec1.

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:54 -08:00
Adrian Bunk 9e163f6b99 xmlsec1: Include libxmlsec1-*.so in the main package 
They can be dynamically loaded with xmlSecCryptoDLLoadLibrary().

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:54 -08:00
Scott Ellis 7ec577c75b checksec: Remove old script 
Should have been removed in previous patch.

Signed-off-by: Scott Ellis <scott@jumpnowtek.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:46 -08:00
Ross Burton 48ccc9a08d apparmor: backport a patch to fix tool paths instead of sedding 
Sedding is ugly, and as upstream have already fixed this cherry-pick the patch
instead.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton 4918d0b025 apparmor: if Perl is disabled remove perl-using scripts 
aa-notify uses the Perl bindings, so isn't usable when perl is disabled.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton 230ee1fc35 apparmor: systemd.bbclas is useful even when disabled 
The systemd bbclass will remove any systemd files that have been installed if
systemd is disabled, so always install the files and always inherit.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton a648a295dd apparmor: remove pointless ALLOW_EMPTY 
${PN} has content, so there's no need to set ALLOW_EMPTY_${PN}.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton 769b1cc468 apparmor: no need to conditionalise PACKAGES 
A package with no content is not generated, so there's no need to conditionalise
assignments to PACKAGES.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton 448eee287f apparmor: use manpages class 
The manpages class handles enabling/disabling the man pages based on the
api-documentation DISTRO_FEATURE, and ensures that mandb is called.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton 1159085fd1 apparmor: remove redundant S 
This is the default value, so remove it.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton 07fbfa0a6e apparmor: enable static libraries neatly 
No need to fiddle with the configure arguments as we can just neuter
disable-static.inc.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton acd4c16c9e apparmor: add missing bash dependency 
testsuite/parser/tst/minimize.sh is a bash script, so until it is reviewed add a
bash dependency to apparmor-ptest.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton 08ecf1af9e README: remove Saul from maintainers 
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton 8b435f6548 README: add git-config tips 
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:07 -08:00
Scott Ellis 65a163f5fa Add recipe for ncrack 
Ncrack is a network authentication cracking tool.

Signed-off-by: Scott Ellis <scott@jumpnowtek.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:52:58 -08:00
Scott Ellis b4441953a5 nikto: upgrade to 2.1.6 (v2) 
Source now on github.

Signed-off-by: Scott Ellis <scott@jumpnowtek.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-06 08:02:28 -08:00
Scott Ellis 15beceb2bd checksec: Upgrade to 1.11.0 
Switch source to a more up to date github repo.

Signed-off-by: Scott Ellis <scott@jumpnowtek.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-06 08:02:19 -08:00
Armin Kuster d7aecbcc26 ptest: fix testsuite var 
core remove variable used to define ptest test suite.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-05 13:21:51 -08:00