In oe-core commit:
2ce6ef29b9bb4f16ed9d78e166d455b7a6d968bf
cups crossscripts have been fixed to report the correct serverbin folder, so
backend, filters, etc, need to go in ${libexecdir} now.
Signed-off-by: Diego Rondini <diego.rondini@kynetics.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit db7fc115e0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Update SRC_URI to use gitlab git repository. As discussed here gitlab archive
stability is not fully guaranteed, so repository is preferred:
https://forum.gitlab.com/t/gitlab-release-tarball-stability/41888/3
Signed-off-by: Diego Rondini <diego.rondini@kynetics.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a6b2a0c3d0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Bitbucket is no longer the official home of eigen, which has moved to
gitlab. Update SRC_URI to download releases from gitlab, fixing:
WARNING: libeigen-3.3.7-r0 do_fetch: Failed to fetch URL
https://bitbucket.org/eigen/eigen/get/3.3.7.tar.bz2;downloadfilename=libeigen-3.3.7.tar.bz2,
attempting MIRRORS if available
Signed-off-by: Diego Rondini <diego.rondini@kynetics.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 605c28165b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Adjust fuse packageconfig to depend on fuse3, which is the only supported
option in gvfs ≥ 1.41.
7a0a06186b
Signed-off-by: Diego Rondini <diego.rondini@kynetics.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit bc5394b7ae)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The mpv git repository doesn't include a copy of waf, instead there is a
bootstrap script to fetch it.
This recipe calls the bootstrap script in a do_patch postfunc, but
downloading should be done in do_fetch. Instead of calling
./bootstrap.sh simply add waf to the SRC_URI so that Bitbake can use the
mirrors/proxies/caching/checksum functionality.
This is both better code and also works in buildtools environments
where urllib2 can't make secure connections without configuration.
[ YOCTO #14073 ]
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5af46f89fc)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This is security release in order to address CVE-2020-1472
(Unauthenticated domain takeover via netlogon ("ZeroLogon")).
See: https://www.samba.org/samba/history/samba-4.10.18.html
Also remove 3 backported patches.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit bebdea8530)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This slash is redundant and removing it could help pseudo maintain its database
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit fdf7bd0de2)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
remove WORKDIR information from config to improve reproducibility.
libgphoto2_port recheck config during compile will set the WORKDIR
info again, so remove this steps after configure.
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 42c71fae32)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Fix incorrect links and replace the defunct "gitorious" with now popular
"GitLab".
Signed-off-by: Diego Rondini <diego.rondini@kynetics.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d80b5a52fd)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
remove WORKDIR info from config file to improve reproducibility
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit be95549f2e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The wireless-regdb has been moved to oe-core. According the commit
message:
wireless-regdb-static should be used with kernel >= 4.15.
wireless-regdb can be used with older kernels and is mostly
irrelevant here, but keeping it in meta-networking would
create needless recipe duplication.
it should replace runtime dependency wireless-regdb with
wireless-regdb-static.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit ac313b6380)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The Standard output type "syslog" is obsolete, causing a warning since systemd
version 246 [1].
Please consider using "journal" or "journal+console"
[1] https://github.com/systemd/systemd/blob/master/NEWS#L202
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e61b73e6d3)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The Standard output type "syslog" is obsolete, causing a warning since systemd
version 246 [1].
Please consider using "journal" or "journal+console"
[1] https://github.com/systemd/systemd/blob/master/NEWS#L202
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f9f8904623)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
* Since variable was misspelled it was a no-op
* There is no gdbus package (gdbus is in glib-2.0-utils)
* Did not find any pointer in the source that gdbus has to be installed on
target
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 4c97b581f3)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
* it's newaliases not newalias in sbindir
* drop u-a for man pages, because only ssmtp.8 was created which shouldn't
conflict with esmpt
In my build I don't have mailq, sendmail, newaliases as man pages, but binaries in sbindir (and the sbinbinary is called newaliases, not newalias)
tmp-glibc/work/core2-64-oe-linux/ssmtp/2.64-r0/image/
tmp-glibc/work/core2-64-oe-linux/ssmtp/2.64-r0/image/usr
tmp-glibc/work/core2-64-oe-linux/ssmtp/2.64-r0/image/usr/share
tmp-glibc/work/core2-64-oe-linux/ssmtp/2.64-r0/image/usr/share/man
tmp-glibc/work/core2-64-oe-linux/ssmtp/2.64-r0/image/usr/share/man/man8
tmp-glibc/work/core2-64-oe-linux/ssmtp/2.64-r0/image/usr/share/man/man8/ssmtp.8
tmp-glibc/work/core2-64-oe-linux/ssmtp/2.64-r0/image/usr/sbin
tmp-glibc/work/core2-64-oe-linux/ssmtp/2.64-r0/image/usr/sbin/mailq
tmp-glibc/work/core2-64-oe-linux/ssmtp/2.64-r0/image/usr/sbin/sendmail
tmp-glibc/work/core2-64-oe-linux/ssmtp/2.64-r0/image/usr/sbin/newaliases
tmp-glibc/work/core2-64-oe-linux/ssmtp/2.64-r0/image/usr/sbin/ssmtp
tmp-glibc/work/core2-64-oe-linux/ssmtp/2.64-r0/image/etc
tmp-glibc/work/core2-64-oe-linux/ssmtp/2.64-r0/image/etc/ssmtp
tmp-glibc/work/core2-64-oe-linux/ssmtp/2.64-r0/image/etc/ssmtp/revaliases
this added u-a is causing following warnings:
WARNING: ssmtp-2.64-r0 do_package: ssmtp: alternative target (/usr/share/man/man1/mailq.1 or /usr/share/man/man1/mailq.1.ssmtp) does not exist, skipping...
WARNING: ssmtp-2.64-r0 do_package: ssmtp: alternative target (/usr/share/man/man1/newaliases.1 or /usr/share/man/man1/newaliases.1.ssmtp) does not exist, skipping...
WARNING: ssmtp-2.64-r0 do_package: ssmtp: alternative target (/usr/share/man/man1/sendmail.1 or /usr/share/man/man1/sendmail.1.ssmtp) does not exist, skipping...
WARNING: ssmtp-2.64-r0 do_package: ssmtp: alternative target (/usr/sbin/newalias or /usr/sbin/newalias.ssmtp) does not exist, skipping...
WARNING: ssmtp-2.64-r0 do_package: ssmtp: NOT adding alternative provide /usr/share/man/man1/mailq.1: /usr/share/man/man1/mailq.1.ssmtp does not exist
WARNING: ssmtp-2.64-r0 do_package: ssmtp: NOT adding alternative provide /usr/share/man/man1/newaliases.1: /usr/share/man/man1/newaliases.1.ssmtp does not exist
WARNING: ssmtp-2.64-r0 do_package: ssmtp: NOT adding alternative provide /usr/share/man/man1/sendmail.1: /usr/share/man/man1/sendmail.1.ssmtp does not exist
WARNING: ssmtp-2.64-r0 do_package: ssmtp: NOT adding alternative provide /usr/sbin/newalias: /usr/sbin/newalias.ssmtp does not exist
WARNING: ssmtp-2.64-r0 do_package: ssmtp: alt_link == alt_target: /usr/share/man/man1/mailq.1 == /usr/share/man/man1/mailq.1
WARNING: ssmtp-2.64-r0 do_package: ssmtp: alt_link == alt_target: /usr/share/man/man1/newaliases.1 == /usr/share/man/man1/newaliases.1
WARNING: ssmtp-2.64-r0 do_package: ssmtp: alt_link == alt_target: /usr/share/man/man1/sendmail.1 == /usr/share/man/man1/sendmail.1
WARNING: ssmtp-2.64-r0 do_package: ssmtp: alt_link == alt_target: /usr/sbin/newalias == /usr/sbin/newalias
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit bdb964c907)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This includes the following changes:
1.9.10:
- fix ordering cycle with private tmp
1.9.11:
- Fixed wrong version string in v1.9.10
1.9.12:
- Fix a memory leak in havege_destroy
1.9.13:
- Added support for --version
- Updated systemd SystemCallFilter settings
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 7e82d252fa)
[Bug fix only update, also fixes https://github.com/openembedded/meta-openembedded/issues/277]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Changelog:
- Fix issue with handling FT AKMs when not supported.
- Fix issue with handling FILS and RSNE in authenticate.
- Fix issue with handling auto-connection and quick scan.
- Fix issue with sending multiple scan requests.
- Add support for P2P feature and API.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This includes the following changes:
ver 1.7:
Fix issue with APs that send IGTK falsely in big endian.
Fix issue with setting linkmode & operstate for open networks.
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Samba version 4.10.17 which has been already available in Dunfell
depends on version 1.5.8 of libldb.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic
link (symlink) following.
Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE
access to the EXTEND MIB provides the ability to run arbitrary commands as
root.
References:
https://nvd.nist.gov/vuln/detail/CVE-2020-15861https://nvd.nist.gov/vuln/detail/CVE-2020-15862
Upstream patches:
2b3e300ade9cfb38b0aa114e4c2cec2968b455e64fd9a4504477f6c60f57
CVE-2020-15861-0005.patch is the actual fix for CVE-2020-15861 and
CVE-2020-15861-0001.patch through CVE-2020-15861-0004.patch are context
patches needed by the fix to apply cleanly.
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
They got overwritten later with the correct values.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0b22ed995f)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
../babl-0.1.74/babl/babl-fish-reference.c:1064:7: error: ‘for’ loop initial declarations are only allowed in C99 mode
| for (int i = 0; i < n; i++)
| ^
| ../babl-0.1.74/babl/babl-fish-reference.c:1064:7: note: use option -std=c99 or -std=gnu99 to compile your code
Fails on CentOS7 with Arch64
Signed-off-by: Armin Kuster <akuster808@gmail.com>
build issue seen on CentOS7 and Aarch64 machine
Fixes:
../../vlc-3.0.9.2/src/misc/fourcc_gen.c:75:5: error: ‘for’ loop initial declarations are only allowed in C99 mode
| for (size_t i = 0; i < n; i++)
| ^
| ../../vlc-3.0.9.2/src/misc/fourcc_gen.c:75:5: note: use option -std=c99 or -std=gnu99 to compile your code
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Upgrade to release 1.0.5:
- Fix regression in read_parquet() when reading from file-like
objects.
- Fix regression in reading from public S3 buckets.
- Fixed regression in replace() raising an AssertionError when
replacing values in an extension dtype with values of a
different dtype
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5dbc25ea9d)
[ak: fixes build issue on CentOS7: Bug fix only update
https://github.com/pandas-dev/pandas/releases]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
* there is no provider for gcov-native nor gcov-symlinks-native
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e82bb7efa8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
It fails to compile rdist occasionally when system load of build server
is high:
| In file included from common.c:57:
| ../include/defs.h:49:10: fatal error: y.tab.h: No such file or directory
| 49 | #include "y.tab.h"
| | ^~~~~~~~~
| compilation terminated.
Make $(COMMONOBJS) which include common.o to depends on related header files
and y.tab.h to fix the parallel build failure.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1bb990c6ca)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This is a security release in order to address the following defects:
CVE-2020-10730: NULL pointer de-reference and use-after-free in Samba AD
DC LDAP Server with ASQ, VLV and paged_results.
CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
excessive CPU
CVE-2020-10760: LDAP Use-after-free in Samba AD DC Global Catalog with
paged_results and VLV.
CVE-2020-14303: Empty UDP packet DoS in Samba AD DC nbtd.
Also backport 3 patches to fix build error with musl.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1609df1153)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This is seen with glibc 2.32 where these names are also defined
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5cf2665446)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
When starting radvd without any configuration the following errors would
be triggered.
"""
root@intel-x86-64:~# systemctl status radvd
● radvd.service - Router advertisement daemon for IPv6
Loaded: loaded (/lib/systemd/system/radvd.service; enabled; vendor preset:
enabled)
Active: inactive (dead)
Condition: start condition failed at Tue 2019-09-24 13:29:36 UTC; 3s ago
└─ ConditionPathExists=/etc/radvd.conf was not met
"""
Normally the user should create and configrue the /etc/radvd.conf
manually. However the radvd provide a example file for redhad located
at "radvd/redhat/radvd.conf.empty". When installing, it would copy
radvd/redhat/radvd.conf.empty to /etc/radvd.conf. Also add this empty
conf here to used as an example of configuration
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5af77740a4)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
netoprintf() was not handling a case where
return value of vsnprintf is greater than
"size"(2nd argument), results in buffer overflow
while adjusting "nfrontp" pointer to point
beyond "netobuf" buffer.
Here is one such case where "nfrontp"
crossed boundaries of "netobuf", and
pointing to another global variable.
(gdb) p &netobuf[8255]
$5 = 0x55c93afe8b1f <netobuf+8255> ""
(gdb) p nfrontp
$6 = 0x55c93afe8c20 <terminaltype> "\377"
(gdb) p &terminaltype
$7 = (char **) 0x55c93afe8c20 <terminaltype>
(gdb)
This resulted in crash of telnetd service
with segmentation fault.
Signed-off-by: Julius Hemanth Pitti <jpitti@cisco.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 232b82afd4)
[appears to be CVE-2020-10188]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Fixes the occasional error:
# cd /etc/raddb/certs
# ./bootstrap
[snip]
openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr -key 'whatever' -out client.crt -extensions xpclient_ext -extfile xpextensions -config ./client.cnf
Using configuration from ./client.cnf
Check that the request matches the signature
Signature ok
ERROR:There is already a certificate for /C=FR/ST=Radius/O=Example Inc./CN=user@example.org/emailAddress=user@example.org
The matching entry has the following details
Type :Valid
Expires on :200908024833Z
Serial Number :02
File name :unknown
Subject Name :/C=FR/ST=Radius/O=Example Inc./CN=user@example.org/emailAddress=user@example.org
make: *** [Makefile:128: client.crt] Error 1
Add the check to fix the above error and it does the same for server.crt.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0d7522b7df)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Remove systemd service template lvm2-pvscan@.service from
SYSTEMD_SERVICE. It should be started/stopped in udev rules file
69-dm-lvm-metad.rules.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d85613d8d1)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
