4.1.4:
- Fix for issues with re-evaluation of paths with wildcard patterns:
- no re-evaluation if no match at process startup
- if same pattern used for a file=.. and dir=.. directive, only
one (the first in config file) is re-evaluated
- Fix for issues with new directories created when inotify is used:
- recursion depth is not properly set for new directory
- directory gets watched even if recursion depth should be below zero
4.1.3:
- Fix for a regression in DNS resolving if samhain is compiled
with '--enable-static'
- On Cygwin/Windows, the default for the 'AvoidBlock' option is now 'off'
because of problems reported for this platform.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
WARNING: nmap-7.12-r0 do_package: QA Issue: nmap: Files/directories were installed but not shipped in any package:
/usr/lib
/usr/bin/ndiff
/usr/bin/nping
/usr/bin/ncat
/usr/lib/python2.7
/usr/lib/python2.7/site-packages
/usr/lib/python2.7/site-packages/ndiff.pyc
/usr/lib/python2.7/site-packages/ndiff.py
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
nmap: 8 installed and not shipped files. [installed-vs-shipped]
remove crazyness and let the system figure out packaging info
remove ndiff.py* as the compiled version is installed in /usr/bin
and remove the leftover python site-package cruft.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
It is better to put necessary work into do_patch task than add a new task.
Otherwise,you can not get correct source code in some functions(such as archiver.bbclass).
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
drop lib version in package name
drop insane and remove broken symlink
Use LEAD_SONAME
Don't hard code lib version in tasks
Use native chrpath not the host provided version
Signed-off-by: Armin Kuster <akuster808@gmail.com>
use CC from build not host via EXTRA_OEMAKE
thanks khem
this fixes the below error.
WARNING: paxctl-0.9-r0 do_package_qa: QA Issue: /sbin/paxctl contained in package paxctl requires libc.so.6(GLIBC_2.3.4)(64bit), but no providers found in RDEPENDS_paxctl? [file-rdeps]
minor recipe cleanup
Signed-off-by: Armin Kuster <akuster808@gmail.com>
fixed WARNING: QA Issue: /usr/bin/ndiff_nmap contained in package nmap requires /usr/bin/python2.7, but no providers found in its RDEPENDS [file-rdeps]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Remove recipe for the kernel 3.14 from master branch, to fix a build error.
ERROR: No recipes available for: meta-security/recipes-kernel/linux/linux-yocto_3.14.bbappend
Signed-off-by: Thomas Perrot <thomas.perrot@tupi.fr>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
4.1.1 Changes:
- Fix for broken libwrap support.
- Fix for broken baseline update (-t update) on FreeBSD and maybe other non GNU/Linux systems.
- Fix for ungraceful handling of rotated logiles if logfile content is always zero or constant.
- Fix for timezone offset calculation on month rollover for timezones west of GMT.
4.1.2 Changes:
- Fix for broken rpm / rpm-light makefile targets.
- Fix for the failure to detect open UDP ports sometimes.
- Fix for reporting file changes with the wrong policy if both inotify is
used and the file change occurs during a configuration reload.
- New configure options --enable-posix-acl and --enable-selinux to turn the
soft failure (no support for checking compiled in) into a hard failure
if required headers/libraries are missing for this feature.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
removed integrated patch
Changed LIC_FILES_CHKSUM from generic OE to a file within the package
sources.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Changes
This is a minor bug-fix release:
- Fixed [#120] Trigger request line parsing on
incomplete request [Victor Julien]
- Fixed [#119] Fix uninitialized htp_tx_t::is_last value
in in htp_tx_res_process_body_data_ex() [Fedor Sakharov]
- Fixed [#118] Coverity-identified missing break in switch [Sam Baskinger]
- Fixed [#117] Coverity-identified issue of not checking
malloc() return value [Sam Baskinger]
- Fixed [#116] Fix coverity-identified leaked file descriptors
in unit test [Sam Baskinger]
- Fixed [#113] fix pkgconfig include dir [Eric Leblond]
- Fixed [#111] Connect plain http [Victor Julien]
- Fixed [#105] Do not invoke callbacks in htp_req_run_hook_body_data()
when there is no tx running. [Sam Baskinger]
- Fixed [#104] Modifiying HTTP methods to be rfc3253 compliant [Andreas Moe]
- Fixed [#103] Fixes [Victor Julien]
- Fixed [#101] Make including the autoconf config header safer [Brian Rectanus]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Fixes an error when "samhain -t check" is executed.
The error is like this:
'ERROR: msg=<Record with bad version number in file signature database>,
subroutine=<sh_dbIO_getdataent>, path=<(null)>'
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The source archive was deleted from the debian mirror; get it from
launchpad for now
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
ncat/ncat_lua.c:174: undefined reference to `lua_remove'
ncat/ncat_lua.c:167: undefined reference to `lua_insert'
use internal lua support
Signed-off-by: Armin Kuster <akuster808@gmail.com>
paxctl is a tool that allows PaX flags to be modified on a per-binary
basis. PaX is part of common security-enhancing kernel patches and
secure distributions, such as GrSecurity or Adamantix and Hardened Gen-
too, respectively. Your system needs to be running a properly patched
and configured kernel for this program to have any effect.
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Nano is installed under /usr/bin/, not /bin/.
Installed Tripwire on a Fido image and successfully ran
`tripwire --update` to invoke text editor.
Signed-off-by: Haris Okanovic <haris.okanovic@ni.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
WARNING: QA Issue: /etc/init.d/samhain-server_samhain-server contained in package samhain-server requires /bin/bash, but no providers found in its RDEPENDS [file-rdeps]
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
