diff options
author | Patrick Williams <patrick@stwcx.xyz> | 2022-04-08 18:23:27 +0300 |
---|---|---|
committer | Patrick Williams <patrick@stwcx.xyz> | 2022-04-08 18:24:52 +0300 |
commit | de0582f0e7de86eaf8c8d90d86ed313273a73774 (patch) | |
tree | 9e7371e33b7eea92fcfff468681fd8396db41388 /meta-security/recipes-security | |
parent | 76d114cab0113c54be8288785cda4ce230ad08a6 (diff) | |
download | openbmc-de0582f0e7de86eaf8c8d90d86ed313273a73774.tar.xz |
subtree updates
meta-raspberrypi: 31c33d155c..cfbb192e5c:
Andrei Gherzan (1):
docs: Add information for RTC devices
Andrew Penner (2):
rpi-cmdline: Add ability to specify CPUs to add to the isolcpus list
extra-build-config: Add documentation for the ISOLATED_CPUS configuration variable
Jan Vermaete (1):
docs: untabify the few tabs in the file
Khem Raj (3):
userland: Update to latest as of 20220323
picamera-libs: Adjust sourcedir
omxplayer: Use internal version of ffmpeg
meta-openembedded: af11f6ce73..b9e440ead8:
Adrian Freihofer (1):
srecord: build fix
Andreas Müller (40):
octave: upgrade 4.4.1 -> 6.4.0 and overhaul recipe
mousepad: upgrade 0.5.8 -> 0.5.9
xfce4-terminal: upgrade 0.8.10 -> 1.0.0
orage: upgrade 4.12.1 -> 4.16.0
orage: enable notify PACKAGECONFIG by default
ristretto: upgrade 0.12.1 -> 0.12.2
xarchiver: upgrade 0.5.4.14 -> 0.5.4.17
xfce4-cpufreq-plugin: upgrade 1.2.5 -> 1.2.7
xfce4-cpugraph-plugin: upgrade 1.2.5 -> 1.2.6
xfce4-diskperf-plugin: upgrade 2.6.3 -> 2.7.0
xfce4-notifyd: upgrade 0.6.2 -> 0.6.3
xfce4-screenshooter: upgrade 1.9.9 -> 1.9.10
xfce4-sensors-plugin: upgrade 1.4.2 -> 1.4.3
Allow several components notification
meta-xfce: Add Andreas Müller back to maintainers list
accountsservice: upgrade 0.6.55 -> 22.08.8
colord-gtk: upgrade 0.2.0 -> 0.3.0
evince: upgrade 41.4 -> 42.1
evolution-data-server: upgrade 3.43.1 -> 3.44.0
file-roller: upgrade 3.40.0 -> 3.42.0
gdm: upgrade 41.0 -> 42.0
gedit: upgrade 41.0 -> 42.0
gfbgraph: upgrade 0.2.4 -> 0.2.5
gnome-calculator upgrade 41.1 -> 42-0
libgweather4: initial add 4.0.0
gnome-calendar 41.2 -> 42.0
gnome-desktop: upgrade 41.2 -> 42.0
libnma: upgrade 1.8.34 -> 1.8.36
gnome-bluetooth4: initial add 42.0
gnome-font-viewer: upgrade 41.0 -> 42.0
yelp-xsl: upgrade 41.1 -> 42.0
yelp-tools: upgrade 41.0 -> 42.0
yelp: upgrade 41.2 -> 42.1
upower: upgrade 0.99.13 -> 0.99.17 / build with mesom
upower: fix location of udev-rules with sysvinit
gnome-commander: initial add 1.14.2
gnome-text-editor: initial add 42.0
evolution-data-server: re-enable gobject-introspection
jack: upgrade 1.19.19 -> 1.19.20
fluidsynth: upgrade 2.2.4 -> 2.2.6
Chen Qi (1):
blueman: fix python site-packages installation issue
Craig McQueen (1):
dnsmasq: Fix a typo in initscript
Davide Gardenal (2):
python3-wxgtk4: add distro feature check to match dependency
fwupd: add COMPATIBLE_HOST to match dependency
Jose Quaresma (2):
srt: 1.4.2 -> 1.4.3
srt: 1.4.3 -> 1.4.4
Khem Raj (2):
xfce4-screenshooter: Add dependency on libxml-parser-perl-native
open-vm-tools: Use specific BSD-2-Clause for license
Matsunaga-Shinji (2):
samba: add 2 cves to allowlist
libzip: add CVE-2017-12858 to allowlist
Minjae Kim (1):
multipath-tools: update SRC_URI
Potin Lai (1):
libimobiledevice-glue: update recipe
Robert Yang (2):
wxwidgets: Fix checking for PACKAGECONFIG and DISTRO_FEATURES
wxwidgets: git -> gitsm to fix build when no x11
Samuli Piippo (1):
python3-qface: upgrade 2.0.6 -> 2.0.7
Xu Huan (5):
python3-cheetah: upgrade 3.2.6.post2 -> 3.2.6
python3-evdev: upgrade 1.4.0 -> 1.5.0
python3-google-api-python-client: upgrade 2.36.0 -> 2.42.0
python3-itsdangerous: upgrade 2.1.1 -> 2.1.2
python3-grpcio: upgrade 1.44.0 -> 1.45.0
Yi Zhao (1):
dracut: upgrade 055 -> 056
wangmy (20):
python3-bitarray: upgrade 2.4.0 -> 2.4.1
python3-click: upgrade 8.0.4 -> 8.1.2
python3-cppy: upgrade 1.2.0 -> 1.2.1
python3-pandas: upgrade 1.4.1 -> 1.4.2
python3-protobuf: upgrade 3.19.4 -> 3.20.0
python3-pychromecast: upgrade 10.3.0 -> 11.0.0
python3-pyparted: upgrade 3.11.7 -> 3.12.0
python3-redis: upgrade 4.2.0 -> 4.2.1
python3-sqlalchemy: upgrade 1.4.32 -> 1.4.34
python3-thrift: upgrade 0.15.0 -> 0.16.0
python3-trafaret: upgrade 2.1.0 -> 2.1.1
python3-twine: upgrade 3.8.0 -> 4.0.0
python3-tzlocal: upgrade 4.1 -> 4.2
python3-websocket-client: upgrade 1.3.1 -> 1.3.2
python3-werkzeug: upgrade 2.0.3 -> 2.1.1
zenity: upgrade 3.41.0 -> 3.42.0
ceres-solver: upgrade 2.0.0 -> 2.1.0
grpc: upgrade 1.45.0 -> 1.45.1
poppler: upgrade 22.03.0 -> 22.04.0
xorg-sgml-doctools: upgrade 1.11 -> 1.12
zhengrq.fnst (2):
python3-jdatetime: upgrade 4.0.0 -> 4.1.0
python3-kiwisolver: upgrade 1.4.0 -> 1.4.2
meta-security: da93339112..498ca39cd6:
Armin Kuster (5):
openscap-daemon: use renamaed python_setuptools_build_meta
python3-fail2ban: fix compile issue on some hosts
lkrg-module: covert to git fetcher
linux-yocto_security.inc: add lkrg kfrags
samhain: update to 4.4.7
Ashish Sharma (1):
meta-security : Use SPDX style licensing format
Davide Gardenal (2):
clamav: add COMPATIBLE_HOST to fix build error
fscrypt: update dependecy from go-dep-native to go-native
Robert Yang (1):
LICENSE: adopt SPDX standard names
poky: 1976521190..ed98f1a1ae:
Abongwa Amahnui Bonalais (1):
oe-init-build-env: add quotes around variables to prevent word splitting
Alessio Igor Bogani (1):
kernel.bbclass: Use KERNEL_IMAGEDEST instead of hardcoded boot path
Alexandre Belloni (1):
pseudo: Fix handling of absolute links
Bruce Ashfield (6):
linux-yocto/5.15: update to v5.15.32
linux-yocto/5.10: update to v5.10.109
linux-yocto/5.15: aufs: fixes and optimization
linux-yocto-rt/5.15: aufs: compile fix
linux-yocto/5.15: features/security: Move x86_64 configs to separate file
linux-yocto/5.10: features/security: Move x86_64 configs to separate file
Carlos Rafael Giani (1):
libsdl2: Disable libunwind dependency in native builds
Claudius Heine (1):
os-release: add os-release-initrd package
Ferry Toth (1):
package_manager: sign DEB package feeds
Joe Slater (1):
unzip: fix CVE-2021-4217
Khem Raj (1):
glib-2.0: Backport patches C++ variant of g_atomic_int_compare_and_exchange()
Oleksandr Kravchuk (1):
tzdata: update to 2022a
Peter Kjellerstedt (5):
python3-jinja2: Correct HOMEPAGE
insane.bbclass: Make do_qa_patch() depend on if patch-fuzz is in ERROR_QA
insane.bbclass: Make changes to QA_EMPTY_DIRS trigger package_qa to rerun
bitbake.conf: Remove ERROR_QA from BB_HASHEXCLUDE_COMMON
bitbake: knotty.py: Show elapsed time also for tasks with progress bars
Richard Purdie (11):
bitbake: parse: Ensure any existing siggen is closed down first
bitbake: data: Ensure vardepsexclude or BB_BASEHASH_IGNORE_VARS covers contains items
bitbake: server/process: Disable gc around critical section
bitbake: cooker: Reset and rebuild inotify watches
bitbake: pyinotify: Handle potential latent bug
mirrors: Switch glibc and binutils to use shallow mirror tarballs
bitbake: data: Fix accidentally added parameter
bitbake.conf: Drop unexports from a different era
vim: Upgrade 8.2.4524 -> 8.2.4681
Revert "meta: rust: Bug fix for target definitions returning 'NoneType'"
build-appliance-image: Update to master head revision
Robert Yang (1):
waffle: The surfaceless-egl and gbm requires opengl
Saul Wold (5):
busybox: Exclude .debug from depmod
kmod: Add an exclude directive to depmod
depmodwrapper: Use nonarch_base_libdir for depmod.d
kmod: Update exclude patch to Accepted
depmodwrapper-cross: Fix missing $
Sean Anderson (1):
u-boot: Fix condition for install_spl_helper
Simone Weiss (1):
popt: add ptest
Sundeep KOKKONDA (3):
gcc: sanitizer: Fix tsan against glibc 2.34
meta: rust: Bug fix for target definitions returning 'NoneType'
meta: scripts - relocation script adapted to support big-endian machines
Xavier Berger (1):
gpg-sign: Add parameters to gpg signature function
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I294af706d7b96796ff360b402b9d011082cf36a7
Diffstat (limited to 'meta-security/recipes-security')
8 files changed, 14 insertions, 7 deletions
diff --git a/meta-security/recipes-security/bastille/bastille_3.2.1.bb b/meta-security/recipes-security/bastille/bastille_3.2.1.bb index 2d82983521..e7852d9f58 100644 --- a/meta-security/recipes-security/bastille/bastille_3.2.1.bb +++ b/meta-security/recipes-security/bastille/bastille_3.2.1.bb @@ -2,7 +2,7 @@ #consult the README file for the meta-security layer for additional information. SUMMARY = "Linux hardening tool" DESCRIPTION = "Bastille Linux is a Hardening and Reporting/Auditing Program which enhances the security of a Linux box, by configuring daemons, system settings and firewalling." -LICENSE = "GPLv2" +LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://${S}/COPYING;md5=c93c0550bd3173f4504b2cbd8991e50b" # Bash is needed for set +o privileged (check busybox), might also need ncurses DEPENDS = "virtual/kernel" diff --git a/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb b/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb index 9aefc32cf2..5f8cf3c2e5 100644 --- a/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb +++ b/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb @@ -6,7 +6,7 @@ DESCRIPTION = "eCryptfs is a stacked cryptographic filesystem \ HOMEPAGE = "https://launchpad.net/ecryptfs" SECTION = "base" -LICENSE = "GPL-2.0" +LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=8ca43cbc842c2336e835926c2166c28b" DEPENDS = "keyutils libgcrypt intltool-native glib-2.0-native" diff --git a/meta-security/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb b/meta-security/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb index 41187326db..96e17b77f5 100644 --- a/meta-security/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb +++ b/meta-security/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb @@ -9,6 +9,8 @@ HOMEPAGE = "http://www.fail2ban.org" LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=ecabc31e90311da843753ba772885d9f" +DEPENDS = "python3-native" + SRCREV ="4fe4ac8dde6ba14841da598ec37f8c6911fe0f64" SRC_URI = " git://github.com/fail2ban/fail2ban.git;branch=0.11;protocol=https \ file://initd \ @@ -21,6 +23,11 @@ S = "${WORKDIR}/git" do_compile () { cd ${S} + + #remove symlink to python3 + # otherwise 2to3 is run against it + rm -f bin/fail2ban-python + ./fail2ban-2to3 } diff --git a/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb b/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb index 66bf429a46..663d8e25d6 100644 --- a/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb +++ b/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://src/${GO_IMPORT}/LICENSE;md5=3b83ef96387f14655fc854dd BBCLASSEXTEND = "native nativesdk" # fscrypt depends on go and libpam -DEPENDS += "go-dep-native libpam" +DEPENDS += "go-native libpam" SRCREV = "92b1e9a8670ccd3916a7d24a06cab1e4c9815bc4" SRC_URI = "git://github.com/google/fscrypt.git;branch=master;protocol=https" diff --git a/meta-security/recipes-security/libdhash/ding-libs_0.6.1.bb b/meta-security/recipes-security/libdhash/ding-libs_0.6.1.bb index 6046fa0b16..843850f6c4 100644 --- a/meta-security/recipes-security/libdhash/ding-libs_0.6.1.bb +++ b/meta-security/recipes-security/libdhash/ding-libs_0.6.1.bb @@ -2,7 +2,7 @@ SUMMARY = "Dynamic hash table implementation" DESCRIPTION = "Dynamic hash table implementation" HOMEPAGE = "https://fedorahosted.org/released/ding-libs" SECTION = "base" -LICENSE = "GPLv3+" +LICENSE = "GPL-3.0-or-later" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" SRC_URI = "https://fedorahosted.org/released/${BPN}/${BP}.tar.gz" diff --git a/meta-security/recipes-security/libmhash/libmhash_0.9.9.9.bb b/meta-security/recipes-security/libmhash/libmhash_0.9.9.9.bb index 9b34cb18ca..35c5ff81da 100644 --- a/meta-security/recipes-security/libmhash/libmhash_0.9.9.9.bb +++ b/meta-security/recipes-security/libmhash/libmhash_0.9.9.9.bb @@ -7,7 +7,7 @@ DESCRIPTION = "\ " HOMEPAGE = "http://mhash.sourceforge.net/" -LICENSE = "LGPLv2.0" +LICENSE = "LGPL-2.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=3bf50002aefd002f49e7bb854063f7e7" S = "${WORKDIR}/mhash-${PV}" diff --git a/meta-security/recipes-security/nikto/nikto_2.1.6.bb b/meta-security/recipes-security/nikto/nikto_2.1.6.bb index 8542d69216..8c21b3072e 100644 --- a/meta-security/recipes-security/nikto/nikto_2.1.6.bb +++ b/meta-security/recipes-security/nikto/nikto_2.1.6.bb @@ -3,7 +3,7 @@ DESCRIPTION = "Nikto is an Open Source web server scanner which performs compreh SECTION = "security" HOMEPAGE = "https://cirt.net/Nikto2" -LICENSE = "GPLv2" +LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0-only;md5=801f80980d171dd6425610833a22dbe6" SRCREV = "f1bbd1a8756c076c8fd4f4dd0bc34a8ef215ae79" diff --git a/meta-security/recipes-security/sssd/sssd_2.5.2.bb b/meta-security/recipes-security/sssd/sssd_2.5.2.bb index 8bc8787b88..9f1d627e1b 100644 --- a/meta-security/recipes-security/sssd/sssd_2.5.2.bb +++ b/meta-security/recipes-security/sssd/sssd_2.5.2.bb @@ -2,7 +2,7 @@ SUMMARY = "system security services daemon" DESCRIPTION = "SSSD is a system security services daemon" HOMEPAGE = "https://pagure.io/SSSD/sssd/" SECTION = "base" -LICENSE = "GPLv3+" +LICENSE = "GPL-3.0-or-later" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" DEPENDS = "acl attr openldap cyrus-sasl libtdb ding-libs libpam c-ares krb5 autoconf-archive" |