meta-security

mirror of https://git.yoctoproject.org/meta-security synced 2026-04-20 11:29:37 +00:00

Author	SHA1	Message	Date
Armin Kuster	dc0403042b	linux-yocto-dev: remove "+" Signed-off-by: Armin Kuster <akuster808@gmail.com>	2020-01-28 10:02:36 -08:00
Pierre-Jean Texier via Lists.Yoctoproject.Org	4c98f16973	google-authenticator-libpam: upgrade 1.07 -> 1.08 See changelog: https://github.com/google/google-authenticator-libpam/releases/tag/1.08 Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2020-01-28 10:02:36 -08:00
Yi Zhao	4f65c58251	samhain: fix build with new version attr The attr/xattr.h has been removed from attr 2.4.48 with commit: http://git.savannah.nongnu.org/cgit/attr.git/commit/include?id=7921157890d07858d092f4003ca4c6bae9fd2c38 The xattr syscalls are provided by sys/xattr.h from glibc now. Remove the checking code to adapt it otherwise it would fail to build with selinux support. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2020-01-28 10:02:21 -08:00
Armin Kuster	197d3588b6	Apparmor: fix some runtime depends missing xargs and comm Signed-off-by: Armin Kuster <akuster808@gmail.com>	2020-01-23 19:53:31 -08:00
Armin Kuster	b02f3fae9d	python3-fail2ban: update to latest Signed-off-by: Armin Kuster <akuster808@gmail.com>	2020-01-21 21:41:57 -08:00
Armin Kuster	fa8d29bffc	sssd: drop py2 support Signed-off-by: Armin Kuster <akuster808@gmail.com>	2020-01-21 21:41:20 -08:00
Armin Kuster	4295cfa89e	README: add pull request option Signed-off-by: Armin Kuster <akuster808@gmail.com>	2020-01-19 22:51:11 -08:00
Armin Kuster	b72cc7f87c	fail2ban: fix runtime error use success/failure calls in initd/function Signed-off-by: Armin Kuster <akuster808@gmail.com>	2020-01-05 16:09:44 -08:00
Armin Kuster	5d629ccb54	meta-integrity: fix issues with yocto-check-layer [v2] re-did solutions Signed-off-by: Armin Kuster <akuster808@gmail.com>	2020-01-04 10:55:26 -08:00
Armin Kuster	912ead8099	clamav: update to 0.101.5 Signed-off-by: Armin Kuster <akuster808@gmail.com>	2020-01-03 11:54:58 -08:00
Armin Kuster	6400eba66a	lib/oeqa/runtime: fix clamav test order Signed-off-by: Armin Kuster <akuster808@gmail.com>	2020-01-03 11:54:14 -08:00
Armin Kuster	41506052f6	smack-test: add feature check for smack Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-25 16:04:27 +00:00
Armin Kuster	6b42f1c033	google-authenticator-libpam: update to 1.07 Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-25 16:04:27 +00:00
Armin Kuster	4786213cab	python3-fail2ban: include python-fail2ban.inc Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-25 16:04:27 +00:00
Armin Kuster	36ebd09b06	python-fail2ban: Drop python2 package Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-25 16:04:27 +00:00
Armin Kuster	980bdff22e	smack: add distro check Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-25 16:04:27 +00:00
Armin Kuster	2e5662214d	apparmor: add distro check Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-25 16:04:27 +00:00
Armin Kuster	3001c3ebfc	suricata: update to 4.1.6 Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-16 20:51:47 -08:00
Armin Kuster	0ca8cad641	lib/oeqa/runtime: suricata add tests drop the unit test as it should be run via ptest add more tests for python3-suricata-update Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-16 20:51:35 -08:00
Armin Kuster	79983488a7	libhtp: bugfix only update 0.5.32 Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-16 20:51:13 -08:00
Armin Kuster	195157e5a0	python3-suricata-update: update to 1.1.1 Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-16 20:51:08 -08:00
Yi Zhao	2c2161fbc2	libseccomp: upgrade 2.4.1 -> 2.4.2 Backport a patch to fix ptest build failure on arm64. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-16 20:51:00 -08:00
Armin Kuster	1bad7ebf9c	meta-security-compliance/conf/layer.conf: fix typo Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-15 08:45:49 -08:00
Philip Tricca	4029f92ac8	tpm2-abrmd: Port command line options to new version. These have changed upstream. Signed-off-by: Philip Tricca <flihp@twobit.org> Signed-off-by: Diego Santa Cruz <Diego.SantaCruz@spinetix.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-07 15:31:42 -08:00
Trevor Woerner	6d059a9d34	tpm2-abrmd-init.sh: fix for /dev/tpmrmX Newer kernels, in addition to the traditional /dev/tpmX device nodes, are now also creating /dev/tpmrmX device nodes. This causes this script to get confused and abort, meaning tpm2-abrmd does not get started during boot. Fix for https://github.com/flihp/meta-measured/issues/56 Signed-off-by: Trevor Woerner <twoerner@gmail.com> Signed-off-by: Diego Santa Cruz <Diego.SantaCruz@spinetix.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-07 15:31:42 -08:00
Armin Kuster	72b05edff5	meta-security: add layer index callouts Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-07 15:31:34 -08:00
Armin Kuster	2df7dd9fba	README: update mailing list to new groups.io Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-05 18:00:46 -08:00
Armin Kuster	5b1d0ff414	tpm2-totp: update to 0.2.0 LIC_FILES_CHKSUM update to be true BSD-3-clause text Drop patch included Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-05 18:00:46 -08:00
Armin Kuster	42df7b4eb0	tpm2-tss-engine: update to tip to us tss-tools 4.0.x LIC_FILES_CHKSUM update to be true BSD-3-clause text Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-05 18:00:46 -08:00
Armin Kuster	d49f702580	tpm2-tools: update to 4.0.1 LIC_FILES_CHKSUM added new copyrights Migrate to https d/l from git clone Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-05 18:00:46 -08:00
Armin Kuster	405ad633aa	tpm2-abrmd": update to 2.3.0 Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-05 18:00:46 -08:00
Armin Kuster	02bd1dc6c7	tpm2-pkcs11: update to tip Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-12-05 18:00:37 -08:00
Ming Liu	fa800e5261	meta: inherit features_check instead of distro_features_check distro_features_check has been deprecated in OE. Signed-off-by: Ming Liu <liu.ming50@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-11-27 13:38:58 -08:00
Christopher Larson	36d656fe72	suricata: add tmpfiles.d config This is needed to ensure our /var/log directory is created when using systemd. Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-11-27 13:38:58 -08:00
Christopher Larson	484d13bc59	clamav: add tmpfiles.d config This is needed to ensure freshclam's /var/log directory and file are created when using systemd. Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-11-27 13:38:58 -08:00
Christopher Larson	b111206c4c	checksecurity: use more portable find args Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-11-27 13:38:58 -08:00
Norbert Kaminski	3743c5daae	meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.3.1.bb: add new udev dir to FILES and append EXTRA_OECONF The tpm2 tool freezes in a XEN distro. It stores the udev rules in /lib/udev directory, thus these changes append the FILES and EXTRA_OECONF to make tpm2 work properly. Signed-off-by: Norbert Kaminski <norbert.kaminski@3mdeb.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-11-27 13:38:58 -08:00
Christophe PRIOUZEAU	4dd3835150	cryptsetup tpm incubator: fix installed vs shipped Fix [installed-vs-shipped] by adding /usr/lib/tmpfiles.d on FILES. Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-11-27 13:38:50 -08:00
Armin Kuster	27ddb45554	apparmor: ptest fail to build on arm exclude arm and aarch64 ptest tasks [v2&3] Sent before committing. Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-10-17 13:29:07 -07:00
Armin Kuster	5d049e7ef8	apparmor: fix systemd support so it works [Yocto # 13568] Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-10-16 10:29:21 -07:00
Armin Kuster	c55721b15e	checksec: add missing rdepends to readelf update test to check for depends Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-10-14 22:45:18 -07:00
Armin Kuster	0e612d4c4d	suricata: fix compile issue cp: cannot stat '/...../tmp-glibc/work/core2-32-oe-linux/suricata/4.1.5-r0/rules': No such file or directory \| WARNING: exit code 1 from a shell command. Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-10-14 22:45:09 -07:00
Alexander Kanavin	400eade386	apparmor: make bash dependency optional Bash is only needed by one not particularly important script, so not requiring bash is a useful option for builds that cannot have gpl3 components. Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-10-13 13:22:08 -07:00
Alexander Kanavin	e2612dd58d	apparmor: add PRIVATE_LIBS for ptest package Otherwise, the following occurs: ERROR: apparmor-2.13.3-r0 do_package: apparmor: Multiple shlib providers for libapparmor.so.1: apparmor, apparmor-ptest (used by files: /home/alexander/development/poky/build-metaoe/tmp/work/core2-32-poky-linux/apparmor/2.13.3-r0/packages-split/apparmor/usr/lib/perl5/vendor_perl/5.30.0/i686-linux/auto/LibAppArmor/LibAppArmor.so) ERROR: apparmor-2.13.3-r0 do_package: apparmor: Multiple shlib providers for libapparmor.so.1: apparmor, apparmor-ptest (used by files: /home/alexander/development/poky/build-metaoe/tmp/work/core2-32-poky-linux/apparmor/2.13.3-r0/packages-split/apparmor/usr/lib/python3.7/site-packages/LibAppArmor/_LibAppArmor.cpython-37m-i686-linux-gnu.so) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-10-13 13:22:00 -07:00
Armin Kuster	a0dee993cd	layer.conf: Update for zeus series Signed-off-by: Armin Kuster <akuster808@gmail.com> Acked-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-10-11 07:41:01 -07:00
Armin Kuster	caaeb67863	suricata-update: add package to pull rules Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-10-08 15:54:52 -07:00
Armin Kuster	18de9e5bf9	suricata/libhtp: update to 4.1.5/0.5.31 same sources refresh patch drop rules tar ball Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-10-08 15:54:52 -07:00
Naveen Saini	86ba098074	apparmor: suppress appending of installation to perllocal.pod perl modules when gets installed can produce a perllocal.pod file for documenting a list of locally installed perl modules. This can conflict if multiple packages generate the file. Hits the conflict with apparmor & rrdtool packages. Error: Transaction check error: file /usr/lib/perl5/5.30.0/x86_64-linux/perllocal.pod conflicts between attempted installs of rrdtool-1.7.2-r0.corei7_64 and apparmor-2.13.3-r0.corei7_64 perllocal.pod files are for documentation purpose, so disabling does not harm. Generating perllocal.pod for perl module is disabled by passing NO_PERLLOCAL=1 with ExtUtils::MakeMaker utility. https://perldoc.perl.org/5.30.0/ExtUtils/MakeMaker.html#Using-Attributes-and-Parameters [YOCTO #13491] Signed-off-by: Naveen Saini <naveen.kumar.saini@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-09-29 16:13:37 -07:00
Scott Ellis	46549c0ea5	ncrack: update to tip LIC_FILES_CHKSUM changed do to the date bumped to 2018 to 2019. The license is the same as nmap and the nmap recipe in meta-openembedded has that beginline/endline grab stuff. Went for consistency as ncrack is an nmap project. Signed-off-by: Scott Ellis <scott@jumpnowtek.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-09-29 16:13:30 -07:00
Armin Kuster	76d3625bcf	tpm2-pkcs11: update to tip Signed-off-by: Armin Kuster <akuster808@gmail.com>	2019-09-12 16:04:47 -07:00

1 2 3 4 5 ...

683 Commits