diff options
Diffstat (limited to 'meta-openembedded/meta-networking')
13 files changed, 177 insertions, 25 deletions
diff --git a/meta-openembedded/meta-networking/recipes-connectivity/blueman/blueman_2.1.1.bb b/meta-openembedded/meta-networking/recipes-connectivity/blueman/blueman_2.1.3.bb index 0ea7f6de9..9143a67ae 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/blueman/blueman_2.1.1.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/blueman/blueman_2.1.3.bb @@ -11,8 +11,7 @@ SRC_URI = " \ file://0001-Search-for-cython3.patch \ file://0002-fix-fail-to-enable-bluetooth.patch \ " -SRC_URI[md5sum] = "9de89abb31be45bdbf11f7884764a2dc" -SRC_URI[sha256sum] = "f1eab2334e5a1587defa80900901048d14c2e8ffa8c0cff7240bc9937a61dbc3" +SRC_URI[sha256sum] = "3bd02e0cc9e2c1424df1fc2015da710a280ef4c657515727e47eafabf8c2cfde" EXTRA_OECONF = " \ --disable-appindicator \ diff --git a/meta-openembedded/meta-networking/recipes-connectivity/firewalld/firewalld_0.7.3.bb b/meta-openembedded/meta-networking/recipes-connectivity/firewalld/firewalld_0.7.5.bb index 4dea848f4..fbf586f76 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/firewalld/firewalld_0.7.3.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/firewalld/firewalld_0.7.5.bb @@ -8,16 +8,17 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/v${PV}/${BP}.tar.gz \ file://firewalld.init \ " -SRC_URI[md5sum] = "05ec772cbdc0a2b3df081e4beca5599d" -SRC_URI[sha256sum] = "414c46202c12334cd5c986214e5e2575d18e743c5531a97ace1c0cd94341c60d" +SRC_URI[md5sum] = "b1aeede85a72adcf4f79d98019811244" +SRC_URI[sha256sum] = "45a8a7dbc084ef56ce306154d3834922e7f1fc2bf11b6c821f579cad51313226" # glib-2.0-native is needed for GSETTINGS_RULES autoconf macro from gsettings.m4 -DEPENDS = "intltool-native glib-2.0-native libxslt-native docbook-xsl-stylesheets-native" +DEPENDS = "intltool-native glib-2.0-native" inherit gettext autotools bash-completion python3native gsettings systemd update-rc.d PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" PACKAGECONFIG[systemd] = "--with-systemd-unitdir=${systemd_system_unitdir},--disable-systemd" +PACKAGECONFIG[docs] = "--with-xml-catalog=${STAGING_ETCDIR_NATIVE}/xml/catalog,--disable-docs,libxslt-native docbook-xsl-stylesheets-native" PACKAGES += "${PN}-zsh-completion" @@ -37,7 +38,6 @@ EXTRA_OECONF = "\ --without-ebtables \ --without-ebtables-restore \ --disable-sysconfig \ - --with-xml-catalog=${STAGING_ETCDIR_NATIVE}/xml/catalog \ " INITSCRIPT_NAME = "firewalld" @@ -62,6 +62,9 @@ do_install_append() { fi sed -i -e s:${STAGING_BINDIR_NATIVE}:${bindir}:g \ ${D}${bindir}/* ${D}${sbindir}/* ${D}${sysconfdir}/firewalld/*.xml + + # This file contains Red Hat-isms. Modules get loaded without it. + rm -f ${D}${sysconfdir}/modprobe.d/firewalld-sysctls.conf } FILES_${PN} += "\ diff --git a/meta-openembedded/meta-networking/recipes-connectivity/netplan/netplan_0.98.bb b/meta-openembedded/meta-networking/recipes-connectivity/netplan/netplan_0.99.bb index 9f123c70f..67ccddf6a 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/netplan/netplan_0.98.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/netplan/netplan_0.99.bb @@ -11,8 +11,8 @@ LICENSE = "GPLv3" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" S = "${WORKDIR}/git" -SRCREV = "5d22e9d22c4a3724d27b80b0cd9b898ae8f59d2b" -PV = "0.98+git${SRCPV}" +SRCREV = "1ccf7e0e3a7a91edbbe3f9f0669c8bbab8248cd1" +PV = "0.99+git${SRCPV}" SRC_URI = " \ git://github.com/CanonicalLtd/netplan.git \ @@ -20,17 +20,17 @@ SRC_URI = " \ DEPENDS = "glib-2.0 libyaml ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" -RDEPENDS_${PN} = "python3 python3-core python3-pyyaml python3-netifaces python3-nose python3-coverage python3-pycodestyle python3-pyflakes util-linux-libuuid" +RDEPENDS_${PN} = "python3 python3-core python3-pyyaml python3-netifaces python3-nose python3-coverage python3-pycodestyle python3-pyflakes util-linux-libuuid libnetplan" inherit pkgconfig systemd TARGET_CC_ARCH += "${LDFLAGS}" -EXTRA_OEMAKE = "generate" +EXTRA_OEMAKE = "generate netplan/_features.py" EXTRA_OEMAKE =+ "${@bb.utils.contains('DISTRO_FEATURES','systemd','netplan-dbus dbus/io.netplan.Netplan.service','',d)}" do_install() { - install -d ${D}${sbindir} ${D}${base_libdir}/netplan ${D}${datadir}/netplan/netplan/cli/commands ${D}${sysconfdir}/netplan + install -d ${D}${sbindir} ${D}${libdir} ${D}${base_libdir}/netplan ${D}${datadir}/netplan/netplan/cli/commands ${D}${sysconfdir}/netplan install -m 755 ${S}/generate ${D}${base_libdir}/netplan/ install -m 644 ${S}/netplan/*.py ${D}${datadir}/netplan/netplan install -m 644 ${S}/netplan/cli/*.py ${D}${datadir}/netplan/netplan/cli @@ -39,7 +39,6 @@ do_install() { ln -srf ${D}${datadir}/netplan/netplan.script ${D}${sbindir}/netplan install -d ${D}/${systemd_unitdir}/system ${D}${systemd_unitdir}/system-generators - install -m 644 ${S}/src/netplan-wpa@.service ${D}${systemd_unitdir}/system/ ln -srf ${D}/${base_libdir}/netplan/generate ${D}${systemd_unitdir}/system-generators if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then @@ -48,12 +47,13 @@ do_install() { install -m 644 ${S}/dbus/io.netplan.Netplan.conf ${D}${datadir}/dbus-1/system.d install -m 644 ${S}/dbus/io.netplan.Netplan.service ${D}${datadir}/dbus-1/system-services fi -} -SYSTEMD_SERVICE_${PN} = "netplan-wpa@.service" -SYSTEMD_AUTO_ENABLE = "disable" + install -m 755 ${S}/libnetplan.so.0.0 ${D}${libdir} + ln -rfs ${D}${libdir}/libnetplan.so.0.0 ${D}${libdir}/libnetplan.so +} -PACKAGES += "${PN}-dbus" +PACKAGES += "${PN}-dbus libnetplan" +FILES_libnetplan = "${libdir}/libnetplan.so.0.0" FILES_${PN} = "${sbindir} ${base_libdir}/netplan/generate ${datadir}/netplan ${sysconfdir}/netplan ${systemd_unitdir}" FILES_${PN}-dbus = "${base_libdir}/netplan/netplan-dbus ${datadir}/dbus-1" diff --git a/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager/0001-install-firewalld-to-var-libdir-rather-than-hardcod-.patch b/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager/0001-install-firewalld-to-var-libdir-rather-than-hardcod-.patch new file mode 100644 index 000000000..11741897f --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager/0001-install-firewalld-to-var-libdir-rather-than-hardcod-.patch @@ -0,0 +1,30 @@ +From 6388b16b93ba805f8877a94f47509f701250812f Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Mon, 6 Jul 2020 19:33:54 -0700 +Subject: [PATCH] install firewalld to var-libdir rather than hardcod lib + +The oe install firewalld (split packages) to ${libdir}/firewalld/zones + +Upstream-Status: Inappropriate [oe specific] + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + Makefile.am | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Makefile.am b/Makefile.am +index 358b01a..5745339 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -4778,7 +4778,7 @@ data/server.conf: $(srcdir)/data/server.conf.in + $(AM_V_GEN) $(data_edit) $< >$@ + + if WITH_FIREWALLD_ZONE +-firewalldzonedir = $(prefix)/lib/firewalld/zones ++firewalldzonedir = $(libdir)/firewalld/zones + firewalldzone_DATA = data/nm-shared.xml + endif + +-- +2.21.0 + diff --git a/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.22.10.bb b/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.22.14.bb index 33a2b7c0c..5eb2aefa7 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.22.10.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.22.14.bb @@ -26,6 +26,7 @@ SRC_URI = " \ file://${BPN}.initd \ file://0001-Fixed-configure.ac-Fix-pkgconfig-sysroot-locations.patch \ file://0002-Do-not-create-settings-settings-property-documentati.patch \ + file://0001-install-firewalld-to-var-libdir-rather-than-hardcod-.patch \ " SRC_URI_append_libc-musl = " \ file://musl/0001-Fix-build-with-musl-systemd-specific.patch \ @@ -33,7 +34,7 @@ SRC_URI_append_libc-musl = " \ file://musl/0003-Fix-build-with-musl-for-n-dhcp4.patch \ file://musl/0004-Fix-build-with-musl-systemd-specific.patch \ " -SRC_URI[sha256sum] = "2b29ccc1531ba7ebba95a97f40c22b963838e8b6833745efe8e6fb71fd8fca77" +SRC_URI[sha256sum] = "c6893971936a1ce252ba4fdff830c972d2ae93fec6751b57dcfd3ad9f0c949dd" S = "${WORKDIR}/NetworkManager-${PV}" @@ -106,6 +107,7 @@ FILES_${PN} += " \ ${libexecdir} \ ${libdir}/NetworkManager/${PV}/*.so \ ${libdir}/NetworkManager \ + ${libdir}/firewalld/zones \ ${nonarch_libdir}/NetworkManager/conf.d \ ${nonarch_libdir}/NetworkManager/dispatcher.d \ ${nonarch_libdir}/NetworkManager/dispatcher.d/pre-down.d \ diff --git a/meta-openembedded/meta-networking/recipes-filter/nftables/nftables_0.9.5.bb b/meta-openembedded/meta-networking/recipes-filter/nftables/nftables_0.9.6.bb index 0fd187f1b..41f7f4c91 100644 --- a/meta-openembedded/meta-networking/recipes-filter/nftables/nftables_0.9.5.bb +++ b/meta-openembedded/meta-networking/recipes-filter/nftables/nftables_0.9.6.bb @@ -10,7 +10,7 @@ DEPENDS = "libmnl libnftnl bison-native \ UPSTREAM_CHECK_REGEX = "nftables-(?P<pver>\d+(\.\d+){2,}).tar.bz2" SRC_URI = "http://www.netfilter.org/projects/nftables/files/${BP}.tar.bz2" -SRC_URI[sha256sum] = "f2c1957eabc370057c4576b8f33a71d91a6ad019b8b335abafe61c9c42cc7e16" +SRC_URI[sha256sum] = "68d6fdfe8ab02303e6b1f13968a4022da5b0120110eaee3233d806857937b66e" inherit autotools manpages pkgconfig diff --git a/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2019-20892.patch b/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2019-20892.patch new file mode 100644 index 000000000..3e2637eaa --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2019-20892.patch @@ -0,0 +1,118 @@ +From 5f881d3bf24599b90d67a45cae7a3eb099cd71c9 Mon Sep 17 00:00:00 2001 +From: Bart Van Assche <bvanassche@acm.org> +Date: Sat, 27 Jul 2019 19:34:09 -0700 +Subject: [PATCH] libsnmp, USM: Introduce a reference count in struct + usmStateReference + +This patch fixes https://sourceforge.net/p/net-snmp/bugs/2956/. + +Upstream-Status: Backport +[ak: fixup for 5.8 context, changes to library/snmpusm.h] +CVE:CVE-2019-20892 + +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + snmplib/snmp_client.c | 22 +++---------- + snmplib/snmpusm.c | 73 ++++++++++++++++++++++++++++--------------- + 2 files changed, 53 insertions(+), 42 deletions(-) + +Index: net-snmp-5.8/snmplib/snmpusm.c +=================================================================== +--- net-snmp-5.8.orig/snmplib/snmpusm.c ++++ net-snmp-5.8/snmplib/snmpusm.c +@@ -285,12 +285,35 @@ free_enginetime_on_shutdown(int majorid, + struct usmStateReference * + usm_malloc_usmStateReference(void) + { +- struct usmStateReference *retval = (struct usmStateReference *) +- calloc(1, sizeof(struct usmStateReference)); ++ struct usmStateReference *retval; + ++ retval = calloc(1, sizeof(struct usmStateReference)); ++ if (retval) ++ retval->refcnt = 1; + return retval; + } /* end usm_malloc_usmStateReference() */ + ++static int ++usm_clone(netsnmp_pdu *pdu, netsnmp_pdu *new_pdu) ++{ ++ struct usmStateReference *ref = pdu->securityStateRef; ++ struct usmStateReference **new_ref = ++ (struct usmStateReference **)&new_pdu->securityStateRef; ++ int ret = 0; ++ ++ if (!ref) ++ return ret; ++ ++ if (pdu->command == SNMP_MSG_TRAP2) { ++ netsnmp_assert(pdu->securityModel == SNMP_DEFAULT_SECMODEL); ++ ret = usm_clone_usmStateReference(ref, new_ref); ++ } else { ++ netsnmp_assert(ref == *new_ref); ++ ref->refcnt++; ++ } ++ ++ return ret; ++} + + void + usm_free_usmStateReference(void *old) +@@ -3345,6 +3368,7 @@ init_usm(void) + def->encode_reverse = usm_secmod_rgenerate_out_msg; + def->encode_forward = usm_secmod_generate_out_msg; + def->decode = usm_secmod_process_in_msg; ++ def->pdu_clone = usm_clone; + def->pdu_free_state_ref = usm_free_usmStateReference; + def->session_setup = usm_session_init; + def->handle_report = usm_handle_report; +Index: net-snmp-5.8/snmplib/snmp_client.c +=================================================================== +--- net-snmp-5.8.orig/snmplib/snmp_client.c ++++ net-snmp-5.8/snmplib/snmp_client.c +@@ -402,27 +402,15 @@ _clone_pdu_header(netsnmp_pdu *pdu) + return NULL; + } + +- if (pdu->securityStateRef && +- pdu->command == SNMP_MSG_TRAP2) { +- +- ret = usm_clone_usmStateReference((struct usmStateReference *) pdu->securityStateRef, +- (struct usmStateReference **) &newpdu->securityStateRef ); +- +- if (ret) +- { ++ sptr = find_sec_mod(newpdu->securityModel); ++ if (sptr && sptr->pdu_clone) { ++ /* call security model if it needs to know about this */ ++ ret = sptr->pdu_clone(pdu, newpdu); ++ if (ret) { + snmp_free_pdu(newpdu); + return NULL; + } + } +- +- if ((sptr = find_sec_mod(newpdu->securityModel)) != NULL && +- sptr->pdu_clone != NULL) { +- /* +- * call security model if it needs to know about this +- */ +- (*sptr->pdu_clone) (pdu, newpdu); +- } +- + return newpdu; + } + +Index: net-snmp-5.8/include/net-snmp/library/snmpusm.h +=================================================================== +--- net-snmp-5.8.orig/include/net-snmp/library/snmpusm.h ++++ net-snmp-5.8/include/net-snmp/library/snmpusm.h +@@ -43,6 +43,7 @@ extern "C" { + * Structures. + */ + struct usmStateReference { ++ int refcnt; + char *usr_name; + size_t usr_name_length; + u_char *usr_engine_id; diff --git a/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.8.bb b/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.8.bb index 5466649a8..67316db0d 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.8.bb +++ b/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.8.bb @@ -28,6 +28,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/net-snmp/net-snmp-${PV}.tar.gz \ file://reproducibility-accept-configure-options-from-env.patch \ file://0001-net-snmp-fix-compile-error-disable-des.patch \ file://0001-Add-pkg-config-support-for-building-applications-and.patch \ + file://CVE-2019-20892.patch \ " SRC_URI[md5sum] = "63bfc65fbb86cdb616598df1aff6458a" SRC_URI[sha256sum] = "b2fc3500840ebe532734c4786b0da4ef0a5f67e51ef4c86b3345d697e4976adf" diff --git a/meta-openembedded/meta-networking/recipes-support/drbd/drbd-utils_9.12.0.bb b/meta-openembedded/meta-networking/recipes-support/drbd/drbd-utils_9.12.0.bb index b83f68f8c..5dabdd51d 100644 --- a/meta-openembedded/meta-networking/recipes-support/drbd/drbd-utils_9.12.0.bb +++ b/meta-openembedded/meta-networking/recipes-support/drbd/drbd-utils_9.12.0.bb @@ -56,3 +56,5 @@ FILES_${PN} += "${nonarch_base_libdir}/drbd \ ${nonarch_libdir}/drbd \ ${nonarch_libdir}/tmpfiles.d" FILES_${PN}-dbg += "${nonarch_base_libdir}/drbd/.debug" + +CLEANBROKEN = "1" diff --git a/meta-openembedded/meta-networking/recipes-support/netcat/netcat_0.7.1.bb b/meta-openembedded/meta-networking/recipes-support/netcat/netcat_0.7.1.bb index 14d743f82..1e113de51 100644 --- a/meta-openembedded/meta-networking/recipes-support/netcat/netcat_0.7.1.bb +++ b/meta-openembedded/meta-networking/recipes-support/netcat/netcat_0.7.1.bb @@ -16,6 +16,8 @@ SRC_URI[sha256sum] = "b55af0bbdf5acc02d1eb6ab18da2acd77a400bafd074489003f3df0967 inherit autotools +CVE_PRODUCT = "netcat_project:netcat" + do_install_append() { install -d ${D}${bindir} mv ${D}${bindir}/nc ${D}${bindir}/nc.${BPN} diff --git a/meta-openembedded/meta-networking/recipes-support/ntop/ntop_5.0.1.bb b/meta-openembedded/meta-networking/recipes-support/ntop/ntop_5.0.1.bb index d835e399b..13a878412 100644 --- a/meta-openembedded/meta-networking/recipes-support/ntop/ntop_5.0.1.bb +++ b/meta-openembedded/meta-networking/recipes-support/ntop/ntop_5.0.1.bb @@ -138,5 +138,5 @@ FILES_${PN}-dev = "${includedir} ${libdir}/libntop.so \ ${libdir}/libntopreport.so \ ${libdir}/libnetflowPlugin.so ${libdir}/libsflowPlugin.so \ ${libdir}/librrdPlugin.so \ - ${libdir}/*.a ${libdir}/libntopreport.a ${libdir}/*.la" + ${libdir}/*.la" diff --git a/meta-openembedded/meta-networking/recipes-support/ruli/ruli_0.36.bb b/meta-openembedded/meta-networking/recipes-support/ruli/ruli_0.36.bb index f920b592a..90e7fec52 100644 --- a/meta-openembedded/meta-networking/recipes-support/ruli/ruli_0.36.bb +++ b/meta-openembedded/meta-networking/recipes-support/ruli/ruli_0.36.bb @@ -18,8 +18,6 @@ SRC_URI = "http://download.savannah.gnu.org/releases/ruli/ruli_${PV}.orig.tar.gz SRC_URI[md5sum] = "e73fbfdeadddb68a703a70cea5271468" SRC_URI[sha256sum] = "11d32def5b514748fbd9ea8c88049ae99e1bb358efc74eb91a4d268a3999dbfa" -B = "${S}" - EXTRA_OEMAKE = 'CC="${CC}" OOP_BASE_DIR="${STAGING_EXECPREFIXDIR}" \ INSTALL_BASE_DIR="${D}${exec_prefix}" \ OOP_LIB_DIR=${STAGING_EXECPREFIXDIR}/${baselib} \ @@ -34,5 +32,3 @@ do_install() { } PACKAGES =+ "${PN}-bin" - -FILES_${PN} =+ "${bindir}" diff --git a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.2.4.bb b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.2.5.bb index c3caaefde..a6c09d47b 100644 --- a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.2.4.bb +++ b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.2.5.bb @@ -12,8 +12,7 @@ SRC_URI = "https://1.eu.dl.wireshark.org/src/all-versions/wireshark-${PV}.tar.xz UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" -SRC_URI[md5sum] = "4bbee1bdd5b88343733590fabfffddf3" -SRC_URI[sha256sum] = "d17d461e849e2d0b033431c45f71d8ee8ec3c8faa232a6ad63069a47927db8aa" +SRC_URI[sha256sum] = "bd89052a5766cce08b1090df49628567e48cdd24bbaa47667c851bac6aaac940" PE = "1" |