aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
24 hourssmack: add 3 cves to allowlistHEADmasterSekine Shigeki1-0/+5
CVE-2014-0363, CVE-2014-0364, CVE-2016-10027 are not for smack of smack-team(https://github.com/smack-team/smack) but other project. Signed-off-by: Sekine Shigeki <sekine.shigeki@fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
24 hoursaircrack-ng: update to 1.6Federico Pellegrin1-3/+5
Signed-off-by: Federico Pellegrin <fede@evolware.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
24 hourssssd: add fix-ldblibdir.patch backKai Kang2-0/+26
The patch fix-ldblibdir.patch has been dropped when update sssd to 2.5.0. But it fails to start sssd without this patch. So add it back. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
24 hourssssd: set pid path with /runKai Kang1-2/+3
/var/run is deprecated and set pid path with /run to store pid files for the SSSD. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-06meta-integrity/recipe-kernel: use sanity checkArmin Kuster2-5/+6
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-06meta-integrity: add sanity checkArmin Kuster3-1/+31
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-06meta-tpm/linux-yocto: use sanity supportArmin Kuster2-17/+18
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-06meta-tpm: add layer sanity checkArmin Kuster3-0/+33
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-06linux-yocto-dev: drop bbappendArmin Kuster1-1/+0
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-06meta-security/recipe-kernel: use sanity checkArmin Kuster3-6/+5
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-06meta-security: add sanity checkArmin Kuster3-0/+32
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-05meta-hardening/initscripts: missed overide.Armin Kuster1-1/+1
Helps pass YCL. Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-05libgssglue: update SRC_URIYi Zhao1-3/+3
Update SRC_URI to use Debian mirror because the original site is unaccessible. Fixes do_fetch error: ERROR: libgssglue-0.4-r0 do_fetch: Fetcher failure for URL: 'http://www.citi.umich.edu/projects/nfsv4/linux/libgssglue/libgssglue-0.4.tar.gz'. Unable to fetch URL from any source. Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
2021-06-05Correct "securiyt" typo in maintainers.incRobert P. J. Day1-1/+1
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-05packagegroup-core-security: drop python3-scapyArmin Kuster1-2/+0
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-05python3-scapy: drop , now in meta-pythonArmin Kuster2-34/+0
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-05initramfs-framework: fix YCL issue.Armin Kuster2-16/+17
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-05linux-%_5.%.bbappend: drop recipeArmin Kuster1-4/+0
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-05busybox: drop as libsecomp is in coreArmin Kuster3-5/+0
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-05tpm2-tss: fix usrmerge udev install pathRicardo Salveti1-2/+2
Update ${base_prefix}/lib to ${nonarch_base_libdir} to fix a package QA issue when usrmerge is enabled in DISTRO_FEATURES. QA Issue: tpm2-tss package is not obeying usrmerge distro feature. /lib should be relocated to /usr. [usrmerge] Signed-off-by: Ricardo Salveti <ricardo@foundries.io> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-05sssd: update to 2.5.0Armin Kuster8-183/+89
Add new depends Drop obsolete patches Signed-off-by: Armin Kuster <akuster808@gmail.com> ---- v2] Fix issue with nsupdate check don't use host bind
2021-06-05ossec-hids: musl not compatableArmin Kuster1-0/+2
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-05packagegroup-core-security: exclude ossec-hids from muslArmin Kuster1-0/+2
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-05lkrg-module: update 0.9.1Armin Kuster1-2/+2
LIC_FILES_CHKSUM updated do to yr change and adding new copyrights Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-05python3-scapy: update to 2.4.5Armin Kuster1-3/+1
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-05opendnssec: upgrade 2.1.8 -> 2.1.9Upgrade Helper1-1/+1
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-05clamav: upgrade to latest revisionUpgrade Helper1-2/+2
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16packagegroup-core-security: add clamav-daemonArmin Kuster1-2/+2
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16clamav: fix systemd startupArmin Kuster2-21/+48
cleanup recipe Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16.gitlab-ci: drop clean up combine alt w baseArmin Kuster1-73/+4
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16packagegroup-core-security: add aide and ossecArmin Kuster1-0/+2
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16aide: Add another idsArmin Kuster2-0/+135
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16Apparmor: fix multi config build issue.Armin Kuster1-1/+2
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16packagegroup-core-security: fix typo for mipsArmin Kuster1-2/+1
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16ibmtpm2tss: update to tipArmin Kuster1-1/+3
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16ibmswtpm2: update to 1661Armin Kuster2-33/+4
Drop patch now included in updated Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16suricata: 4.1.x add UPSTREAM_CHECK_URIArmin Kuster1-0/+2
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16python3-scapy: add UPSTREAM_CHECK_COMMITSArmin Kuster1-0/+2
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16ossec-hids: add UPSTREAM_CHECK_COMMITSArmin Kuster1-0/+2
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16clamav: update to tip.Armin Kuster1-1/+4
Add UPSTEAM_CHECK Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16tpm2-pkcs11: Update to 1.6.0Armin Kuster2-8/+314
Includes gcc11 fix. Added p11-kit Minor cleanup Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16tripwire: Blacklist pkg, upstream seems abandondArmin Kuster2-2/+2
Last update was 2018. Does not build with gcc11. There are other actively maintained IDS options. Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16build cleanup: add iam to base dependArmin Kuster5-80/+120
Drop *.ima.yml Try next Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-04-26libseccomp: drop recipe. In core nowArmin Kuster2-51/+0
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-04-26ossec-hids: add new pkgArmin Kuster3-0/+449
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-04-20kas-security-base: fix feature namespace for tpm*Armin Kuster1-1/+2
They are MACHINE not DISTRO FEATURES Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-04-20.gitlab-ci: use kas shell in some cases.Armin Kuster1-5/+2
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-04-19packagegroup-core-security: exclude apparmor in mips64Armin Kuster1-0/+3
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-04-19kas: cleanup some kas filesArmin Kuster2-10/+1
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-04-19gitlab-ci: add new before scriptArmin Kuster1-11/+20
Signed-off-by: Armin Kuster <akuster808@gmail.com>