mirrors/meta-security
1
0
Fork 0
mirror of https://git.yoctoproject.org/meta-security synced 2026-05-09 05:29:56 +00:00
Code Issues Projects Releases Wiki Activity
531 Commits 39 Branches 0 Tags
8ccf6cafba538b79aed3e5ce7837a77a2ac08e11
Commit Graph

531 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Armin Kuster 29e847feb3 tpm2.0 prefix: rename to tpm2 
this aligns with the rest of the tpm2 recipes

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-23 09:49:59 -07:00
Armin Kuster eb9e2cde9c tpm2simulator: replaced by ibmswtpm2 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-23 09:15:39 -07:00
Armin Kuster 3406611b12 meta-tpm: add runtime test for tpm2 
This runs a basic tpm test using the simulator

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-23 09:15:39 -07:00
Armin Kuster 30699d6bae ibmswtpm2: Add new recipe 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-23 09:15:39 -07:00
Armin Kuster 09366d63fe packagegroup-security-tpm2: add new packages 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-17 15:39:01 -07:00
Armin Kuster 73e5fb5f4c tpm2-pkcs11: add new package 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-17 15:39:01 -07:00
Armin Kuster dda3e09e5b tpm2-tcti-uefi: add new package 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-17 15:39:01 -07:00
Armin Kuster 5b7c372770 cryptsetup-tpm-incubator: add new package 
[v2]
add missing patch

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-17 15:38:53 -07:00
Armin Kuster 0590bd0520 maintainers: add inc file to work with current schema 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-16 04:17:29 -07:00
Armin Kuster 86d2c0c66a keyutils: fix QA WARNING 
WARNING: keyutils-1.6-r0 do_package: QA Issue: keyutils: Files/directories were installed but not shipped in any package:
  /lib/pkgconfig
  /lib/pkgconfig/libkeyutils.pc

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-16 04:17:29 -07:00
Armin Kuster eae5224fa8 libseccomp: update to 2.4.0 
Update the syscall table for Linux v5.0-rc5.
also a security releated issue;
https://github.com/seccomp/libseccomp/issues/139

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-16 04:17:29 -07:00
Armin Kuster c4f34bc88c tpm2.0-tools: fix protocol 
A commit amend misstep didn't capture the https to git change in
SRC_URI.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-16 04:17:29 -07:00
Armin Kuster eb6fa0cf47 lynis: update to 2.7.2 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-16 04:17:29 -07:00
Armin Kuster acd6a1aa9a tpm2-totp: add new package 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-16 04:17:29 -07:00
Armin Kuster a471489ea2 tpm2: move tpm2 apps to recipes-tpm2 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-16 04:17:29 -07:00
Armin Kuster 77740fc3bd tpm2-tss-engine: add new package 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-16 04:17:29 -07:00
Armin Kuster 66d48abff2 tpm2.0-tools: update SRC_URI 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-16 04:17:29 -07:00
Armin Kuster 4e47373858 tpm2-abrmd: updatet to 2.1.1 
switch SRC_URI to upstream

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-16 04:17:19 -07:00
Armin Kuster 712a635f37 suricata: update to 4.1.3 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-12 11:07:55 -07:00
Armin Kuster 0d8f900816 packagegroup-core-security: change fail2ban ptest to reg python pkg 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-12 11:07:46 -07:00
Armin Kuster c4f1c91377 tripwire: fix ptest so more tests pass 
replace relative path with abs path for binaries.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-08 14:51:55 -08:00
Armin Kuster dd6006e8bc keyutils: improve ptests 
Tests need lsb

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-08 14:51:55 -08:00
Yi Zhao d0fc8c6f70 oe-scap: fix inconsistent indentation 
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-08 14:51:55 -08:00
Yi Zhao 70802667ab openscap-daemon: backport patch to fix build error with python 3.7 
Fixes build error:
  | Traceback (most recent call last):
  |   File "setup.py", line 25, in <module>
  |     from openscap_daemon import version
  |   File "/buildarea/build/tmp/work/core2-64-poky-linux/openscap-daemon/0.1.10-r0/git/openscap_daemon/__init__.py", line 22, in <module>
  |     from openscap_daemon.system import System
  |   File "/buildarea/build/tmp/work/core2-64-poky-linux/openscap-daemon/0.1.10-r0/git/openscap_daemon/system.py", line 29
  |     from openscap_daemon import async
  |                                     ^
  | SyntaxError: invalid syntax

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-08 14:51:55 -08:00
Yi Zhao b081fdc807 scap-security-guide: use makefile generator instead of ninja for cmake 
Fixes build error:
  | make: *** No rule to make target 'openembedded'.  Stop.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-08 14:51:55 -08:00
Armin Kuster f3a2f4e04e swtpm: update to stable release 0.1.0 
added PE

split cuse into its own package

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster c17e39b705 libtpm: upate to stable 0.6.0 
Add PE

This update include support for tpm2.0

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster 6a18b6c145 tpm2-abrmd: update to 2.1.0 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster 155c0cb09d tpm2.o-tss: update to 2.4.1 
LIC_FILES_CHKSUM changed to do SPDX ref being removed.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster e7dec926cf tpm2.0-tools: update 3.1.3 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster 49cdcd42e9 keyutils: update to 1.6 
remove patch now included in update:
keyutils-use-relative-path-for-link.patch

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster 6cc71c7d07 suricata: update to 4.0.6 
includes: SMTP crash issue was fixed: CVE-2018-18956

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster 65097a0867 python-fail2ban: update 0.10.4.0 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster d7fc8dd898 libmspack: update to 0.9.1 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster 9c471d4d23 tripwire: update to 2.4.3.7 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Armin Kuster 7b997bdddf samhain: update to 4.3.2 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:35 -08:00
Changqing Li a4f226edf0 xmlsec1: add PACKAGECONFIG disable-des 
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-03-06 11:49:25 -08:00
Armin Kuster 455a6412bb libwhisker2-perl: fix QA message 
WARNING: libwhisker2-perl-2.5-r0 do_package: QA Issue: libwhisker2-perl: Files/directories were installed but not shipped in any package:
  /usr/share
  /usr/share/perl
  /usr/share/perl/5.28.1
  /usr/share/perl/5.28.1/LW2.3pm

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:54 -08:00
Armin Kuster 3580a04766 clamav: update llvm to 8.0 
ERROR: Nothing PROVIDES 'llvm6.0'

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:54 -08:00
Armin Kuster 0e8ac771a0 scapy: restore ptest by going to github directly 
The pypi package removed the tests so
go to the git repo directly.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:54 -08:00
Scott Ellis 5e7b4a96ad scapy: Fix shebang for python3 
Both scapy and UTscapy have python in the shebang line
regardless of whether python3-scapy or python-scapy
was built.

Signed-off-by: Scott Ellis <scott@jumpnowtek.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:54 -08:00
Scott Ellis 3d812a22c2 scapy: Add python-cryptography to RDEPENDS 
Signed-off-by: Scott Ellis <scott@jumpnowtek.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:54 -08:00
Scott Ellis 82118c2bd4 Upgrade scapy to 2.4.2 
Upstream MANIFEST.in removed doc and test directories
so remove ptest.

Signed-off-by: Scott Ellis <scott@jumpnowtek.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:54 -08:00
Adrian Bunk 29ef6cccea xmlsec1: upgrade 1.2.26 -> 1.2.27 
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:54 -08:00
Adrian Bunk 73bc1f132e xmlsec1: Make the crypto libraries a PACKAGECONFIG 
Usually one doesn't need variants for all 4 different
crypto libraries installed at the same time.

Also remove a libgpg-error DEPENDS that is not used
directly by xmlsec1.

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:54 -08:00
Adrian Bunk 9e163f6b99 xmlsec1: Include libxmlsec1-*.so in the main package 
They can be dynamically loaded with xmlSecCryptoDLLoadLibrary().

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:54 -08:00
Scott Ellis 7ec577c75b checksec: Remove old script 
Should have been removed in previous patch.

Signed-off-by: Scott Ellis <scott@jumpnowtek.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-02-11 18:00:46 -08:00
Ross Burton 48ccc9a08d apparmor: backport a patch to fix tool paths instead of sedding 
Sedding is ugly, and as upstream have already fixed this cherry-pick the patch
instead.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton 4918d0b025 apparmor: if Perl is disabled remove perl-using scripts 
aa-notify uses the Perl bindings, so isn't usable when perl is disabled.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton 230ee1fc35 apparmor: systemd.bbclas is useful even when disabled 
The systemd bbclass will remove any systemd files that have been installed if
systemd is disabled, so always install the files and always inherit.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00