mirrors/meta-security
1
0
Fork 0
mirror of https://git.yoctoproject.org/meta-security synced 2026-04-20 11:29:37 +00:00
Code Issues Projects Releases Wiki Activity
1,368 Commits 38 Branches 0 Tags
c00d101befbcd7fb55f72cdec8dff73bab18f95f
Commit Graph

482 Commits

Author SHA1 Message Date
Adrian Zaharia
10a2c9505c libmhash: fix multilib header conflict - mutils/mhash_config.h 
Header file conflict between 32-bit and 64-bit versions

Signed-off-by: Adrian Zaharia <Adrian.Zaharia@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-05-06 07:54:09 -04:00
Armin Kuster
ae23806825 fscryptctl: update to 1.0.1 
Don't build man as it needs pandoc

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-05-06 07:54:09 -04:00
Armin Kuster
415424a706 krill: forced to inclued fetch hashes. 
Now manditory via Poky commit: https://git.yoctoproject.org/poky/commit/bitbake/lib/bb/fetch2?id=4d9886e1435dba3785973cc920865f8ab67e644d

used cargo-update-recipe-crates to fixup

Drop krill.inc in favor of new crate file name

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-04-08 10:49:38 -04:00
Armin Kuster
6f7c5fe13f cryptmout: update to 6.2.0 
Change LIC_FILES_CHKSUM to use COPYING

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-03-20 16:30:29 -04:00
Armin Kuster
883d5e4dd9 krill: update 0.12.3 
refresh patch

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-03-20 16:30:29 -04:00
Armin Kuster
90feb1888d firejail: update 0.9.72 
refresh patch

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-03-20 16:30:29 -04:00
Armin Kuster
d440752461 libmspack: update to 1.11 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-03-20 16:30:29 -04:00
Armin Kuster
206260ffd0 fscrypt: update to 1.1.0 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-03-20 16:30:15 -04:00
Markus Volk
d623fc232b bubblewrap: remove recipe 
It was moved to meta-oe.

Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-01-04 10:46:25 -05:00
Alex Kiernan
f991b20f56 bubblewrap: Update 0.6.2 -> 0.7.0 
Inherit github-releases so that `devtool upgrade` can identify new
versions correctly.

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-11-19 14:01:41 -05:00
Armin Kuster
2893be10d0 chipsec: update to 1.9.1 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-11-19 14:01:41 -05:00
Armin Kuster
e8e7318189 cryptmount: update to 6.0 
LIC_FILES_CHKSUM changed do to yr change
Drop patch remove_linux_fs.patch

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-09-25 15:19:51 -04:00
Armin Kuster
b29ce7d47d libgssglue: update to 0.7 
LIC_FILE_CHKSUM changes to to indentations changes.
use bootstrap to setup config properly.

Drop libgssglue-fix-CVE-2011-2709.patch, libgssglue-g-initialize.patch now included in update.
  and ibgssglue-mglueP.patch now included in update.

Drop libgssglue-gss-inq-cred.patch still pending after 5 yrs.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-09-25 13:37:57 -04:00
Armin Kuster
824d2762f6 update chipsec to 1.8.8 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-09-12 11:11:50 -04:00
Armin Kuster
ee8a51c582 cryptmount: fix systemd service install 
Default is to install the service in /usr/lib

Signed-off-by: Armin Kuster <akuster808@gmail.com>

--
[V2]
Fix typo in subject
 2022-09-12 11:11:50 -04:00
Armin Kuster
aa57a13788 cyptmount: Fix mount.h conflicts seen with glibc 2.36+ 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-08-25 08:15:58 -04:00
John Edward Broadbent
571af37e9c meta-security: Add recipe for Glome 
Generic Low Overhead Message Exchange (GLOME) is a protocol providing
secure authentication and authorization for low dependency environments.

Signed-off-by: John Edward Broadbent <jebr@google.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-08-12 08:32:51 -07:00
Armin Kuster
8e26e9dc7a cryptmount: Add new pkg 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-08-12 08:32:51 -07:00
Armin Kuster
70859e8608 krill: only builds on x86/x86-64 and arm64 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-08-02 13:45:26 -07:00
Armin Kuster
3ccc0bf68a krill: update to 0.9.6 
add UPGRADE_CHECK vars

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-08-02 13:45:26 -07:00
Armin Kuster
522c08e98d ecryptfs-utils: add UPSTREAM_CHECK_URI 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-08-02 13:45:26 -07:00
Armin Kuster
8cf673deaa chipsec: update to 1.8.7 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-07-30 14:11:27 -07:00
Alex Kiernan
f4a4c902ed bubblewrap: Add recipe 
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
 2022-07-30 14:11:27 -07:00
Armin Kuster
a87a1a3e7c chipsec: update to 1.8.5 
minor recipe cleanup

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-06-23 18:47:59 -07:00
Armin Kuster
a68a46ded9 packagegroup-core-security: skip mips firejail 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-06-23 18:47:59 -07:00
Armin Kuster
fec94e6ce4 firejail: Add new package 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-06-23 18:47:59 -07:00
Armin Kuster
80bc8b7133 libmhash: add native pkg support 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-06-23 18:47:59 -07:00
Armin Kuster
db3a3e87a6 sssd:move to dynamic networking-layer 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-06-18 06:48:22 -07:00
Armin Kuster
a764533c20 meta-security: move perl and python recipes to dynamic layers structure 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-05-14 10:51:32 -07:00
Armin Kuster
20c13f6335 fscrypt: add distro_check on pam 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-05-14 10:51:32 -07:00
Joe Slater
93f2146211 LICENSE: update to SPDX standard names 
Use convert-spdx-licenses.py to update LICENSE in recipes.

Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-04-13 13:45:44 -07:00
Davide Gardenal
498ca39cd6 fscrypt: update dependecy from go-dep-native to go-native 
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-04-07 10:26:45 -07:00
Armin Kuster
2be1d069ec python3-fail2ban: fix compile issue on some hosts 
Use python3-native to use 2to3

Fix build issue on some hosts with this error:
 (result, consumed) = self._buffer_decode(data, self.errors, final)
 | UnicodeDecodeError: 'utf-8' codec can't decode byte 0xd8 in position 152: invalid continuation byte

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-04-02 11:21:42 -07:00
Robert Yang
0c41d792cf LICENSE: adopt SPDX standard names 
Modify LICENSE for ding-libs and libmhash.

Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-04-02 11:21:42 -07:00
Ashish Sharma
c56ae450c9 meta-security : Use SPDX style licensing format 
WARNING: selinux-sandbox-3.3-r0 do_package_qa: QA Issue: Recipe LICENSE includes obsolete licenses GPLv2+ [obsolete-license] \
WARNING: selinux-gui-3.3-r0 do_package_qa: QA Issue: Recipe LICENSE includes obsolete licenses GPLv2+ [obsolete-license] \
WARNING: semodule-utils-3.3-r0.1 do_package_qa: QA Issue: Recipe LICENSE includes obsolete licenses GPLv2+ [obsolete-license] \
WARNING: selinux-dbus-3.3-r0 do_package_qa: QA Issue: Recipe LICENSE includes obsolete licenses GPLv2+ [obsolete-license] \
WARNING: libwhisker2-perl-2.5-r0 do_package_qa: QA Issue: Recipe LICENSE includes obsolete licenses GPL-1.0+ [obsolete-license] \
WARNING: lib-perl-0.63-r0 do_package_qa: QA Issue: Recipe LICENSE includes obsolete licenses GPL-1.0+ [obsolete-license] \
WARNING: libhtp-0.5.39-r0 do_package_qa: QA Issue: Recipe LICENSE includes obsolete licenses GPLv2 [obsolete-license] \
...

Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-04-02 11:21:42 -07:00
Armin Kuster
288391edc5 python3-privacyidea: drop old package ref. 
meta-python dropped package via commit:

620689d4efba28bc8dd60e2d82908bfb3531fbd0
python3-backports-functional-lru-cache: remove, not needed for Python 3

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-03-13 08:11:21 -07:00
Ashish Sharma
e5e3dd4877 Subject: [PATCH] Subject: python3-fail2ban: switch to legacy setuptools3 
raise InvalidWheelFilename(f"{filename} is not a valid wheel filename.")
pip._internal.exceptions.InvalidWheelFilename: fail2ban-*-*.whl is not a valid wheel filename.
Removed build tracker: '/tmp/pip-req-tracker-qnepnk46'

ERROR: Failed to pip install wheel. Check the logs.

Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-03-11 21:13:15 -08:00
Armin Kuster
30f34fa990 python3-fail2ban: fix SPDX license. 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-03-11 21:12:56 -08:00
Armin Kuster
be65e1c3ba python3-privacyidea: update to 3.6.2 
Fix license.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-03-11 21:08:22 -08:00
Armin Kuster
dac1280dee python3-privacyidea: fix QA ERROR 
ERROR: python3-privacyidea-3.5.2-r0 do_package: QA Issue: python3-privacyidea: Files/directories were installed but not shipped in any package:
/usr/etc
/usr/etc/privacyidea
/usr/etc/privacyidea/dictionary
/usr/etc/privacyidea/privacyideaapp.wsgi

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-03-11 21:08:22 -08:00
Armin Kuster
8ff2d27721 chipsec: fix WARNING 
distutils3.bbclass is deprecated, please use setuptools3.bbclass instead

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-02-22 08:10:02 -08:00
Armin Kuster
419946655d recipes: Use renamed SKIP_RECIPE varFlag 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-02-22 08:09:54 -08:00
Armin Kuster
b46386395b google-authenticator-libpam: update to 1.09 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-01-30 12:13:54 -08:00
Armin Kuster
cb7778e5ef python3-fail2ban: update to tip 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-12-25 11:29:31 -08:00
Armin Kuster
e740a30c10 libest: does not build with openssl 3.x 
blacklist for now. Remove from pkg grp

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-12-25 11:29:31 -08:00
Armin Kuster
4c19c83ee8 python3-fail2ban: remove /run 
Fixes:

ERROR: python3-fail2ban-0.11.2-r0 do_package_qa: QA Issue: python3-fail2ban installs files in /run, but it is expected to be empty [empty-dirs]

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-11-07 11:26:49 -08:00
Armin Kuster
f6fa9dc1c9 bastille: Create /var/log/Bastille in runtime 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-11-07 11:26:49 -08:00
Armin Kuster
b654040fad sssd: Create /var/log/sssd in runtime 
/var/log is normally a link to /var/volatile/log and /var/volatile is a
tmpfs mount. So anything created in /var/log will not be available when
the tmpfs is mounted.

[Thanks to Peter Kjellerstedt for example]

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-11-07 11:26:49 -08:00
Armin Kuster
7e27eb5fca recipes: Update SRC_URI branch and protocols 
This patch updates SRC_URIs using git to include branch=master if no branch is set
and also to use protocol=https for github urls as generated by the conversion script
in OE-Core.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-11-04 08:18:00 -07:00
Armin Kuster
e5e54135da opendnssec: blacklist do to ldns being blacklisted 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-10-24 19:54:00 -07:00