Age | Commit message (Collapse) | Author |
|
CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers
to inject arbitrary OS commands via the Server field in an HTTP response header,
which is directly injected into a CSV report.
Signed-off-by: Nagalakshmi Veeramallu <nveeramallu@mvista.com>
Reviewed-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
It solves tpm2-abrmd recipe build failure (as mentioned below) as
none of the tpm2.0-tss header files define MAX_LOADED_OBJECTS1 macro.
The macro name should be MAX_LOADED_OBJECTS.
-- snip --
| from ../tpm2-abrmd/src/include/tabrmd.h:31,
| from ../tpm2-abrmd/src/access-broker.c:31:
| ../tpm2-abrmd/src/access-broker.c: In function 'access_broker_get_trans_object_count':
| ../tpm2-abrmd/src/access-broker.c:549:34: error: 'MAX_LOADED_OBJECTS1' undeclared (first use in this function)
-- snip --
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
*Changes*
Bug #1861: Suricata with multi tenancy does not start in 3.1/3.1.1
Bug #1889: Suricata doesn't error on missing semicolon
Bug #1910: libhtp 0.5.23 (3.1.x)
Bug #1912: http.memcap reached condition can lead to dead lock
Bug #1913: af-packet fanout detection broken on Debian Jessie
Bug #1933: unix-command socket created with last character missing (3.1.x)
Bug #1934: make install-full does not install tls-events.rules (3.1.x)
Bug #1941: Can't set fast_pattern on tls_sni content (3.1.x)
Bug #1942: dns - back to back requests results in loss of response (3.1.x)
Bug #1943: Check redis reply in non pipeline mode (3.1.x)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
* Changes:
- New option 'SetAuditdFlags = r|w|x|a' to (re-)define the flags supplied
to auditd.
- New option 'PortCheckDevice = device' for the port check module, to monitor
a device regardless of the address assigned to it.
- Fix for the case sensitivity of the arguments to the Severity/Class options.
- Compiler warnings with gcc 6.2 and a few minor bugs have been fixed.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
LIC_FILES_CHKSUM change do to yr going from 2015 to 2016 in file.
Added "no update" config option.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
V2:
Fix typo and add LDFLAG to makefile
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
v2:
rebased against master-next which has 3.1
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
latest version does not build either
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
add a few distro feature checks.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
.8/src/tpm_mgmt/tpm_present.c
| ../../../tpm-tools-1.3.8/src/tpm_mgmt/tpm_present.c: In function 'main':
| ../../../tpm-tools-1.3.8/src/tpm_mgmt/tpm_present.c:358:5: error: this 'if' clause does not guard... [-Werror=misleading-indentation]
| if (szTpmPasswd && !isWellKnown)
| ^~
| ../../../tpm-tools-1.3.8/src/tpm_mgmt/tpm_present.c:360:2: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the 'if'
| return iRc;
| ^~~~~~
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
V2:
Change ${S} and add OECMAKE_SOURCEPATH
use ${S} instead of ${WORKDIR} in sed cmd
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
V2:
remove CACHED_CONFIGUREVARS, not needed after all
fix typo in selinux option
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
V2:
- use SRCPV
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
V2:
- drop 1.0 from PV
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Commit 217e06badb146539122732ab0eb27fd17cce09e5 [clamav: fix gcc 6.x
build failure.] fixed a typo in "PACKAGECONFIG" (was missing the 'G')
but unfortunately the PACKAGECONFIG string was incorrectly formed due
to mismatched quotes. This caused a parsing error:
ERROR: Unable to parse .../meta-security/recipes-security/clamav/clamav_0.99.2.bb
...
Removed the unneeded quotes to fix the parsing issue.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
* update the SRC_URI since it's been moved
from bitbucket to github.
* add ptest support
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
WARNING: paxctl-0.9-r0 do_package_qa: QA Issue: No GNU_HASH in the elf binary: '...../build/tmp-glibc/work/core2-64-oe-linux/paxctl/0.9-r0/packages-split/paxctl/sbin/paxctl' [ldflags]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
paxctl-native is needed to build paxtest.
Do not use the install target in Makefile for paxctl-native, it will
fail with error:
install: cannot change ownership of '.../sbin/paxctl': \
Operation not permitted
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
./llvm/include/llvm/Support/AlignOf.h:57:24: error: expected unqualified-id before 'alignof'
static inline unsigned alignof() { return AlignOf<T>::Alignment; }
^~~~~~~
configure --with-system-llvm --with-llvm-linking=dynamic.
define use with meta-oe LLVM3.3 via config option
Fix typo for systemd PACKAGECONFIG
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
1) Upgrade samhain from 4.1.4 to 4.1.5.
2) Add TARGET_CC_ARCH.Fix error.
ERROR: samhain-server-4.1.5-r0 do_package_qa: QA Issue: No GNU_HASH in the elf binary: '/yocto/work001/fnst/wangx/poky/build/tmp/work/i586-poky-linux/samhain-server/4.1.5-r0/packages-split/samhain-server/usr/sbin/yule_setpwd'
No GNU_HASH in the elf binary: '/yocto/work001/fnst/wangx/poky/build/tmp/work/i586-poky-linux/samhain-server/4.1.5-r0/packages-split/samhain-server/usr/sbin/yulectl' [ldflags]
Signed-off-by: Wang Xin <wangxin2015.fnst@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
| DEBUG: Executing shell function do_compile
| make: *** No targets specified and no makefile found. Stop.
add null do_compile
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Thomas Perrot <thomas.perrot@tupi.fr>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
this also fixes clang and gcc 5.3 build issues
remove merged patches
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
4.1.4:
- Fix for issues with re-evaluation of paths with wildcard patterns:
- no re-evaluation if no match at process startup
- if same pattern used for a file=.. and dir=.. directive, only
one (the first in config file) is re-evaluated
- Fix for issues with new directories created when inotify is used:
- recursion depth is not properly set for new directory
- directory gets watched even if recursion depth should be below zero
4.1.3:
- Fix for a regression in DNS resolving if samhain is compiled
with '--enable-static'
- On Cygwin/Windows, the default for the 'AvoidBlock' option is now 'off'
because of problems reported for this platform.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
WARNING: nmap-7.12-r0 do_package: QA Issue: nmap: Files/directories were installed but not shipped in any package:
/usr/lib
/usr/bin/ndiff
/usr/bin/nping
/usr/bin/ncat
/usr/lib/python2.7
/usr/lib/python2.7/site-packages
/usr/lib/python2.7/site-packages/ndiff.pyc
/usr/lib/python2.7/site-packages/ndiff.py
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
nmap: 8 installed and not shipped files. [installed-vs-shipped]
remove crazyness and let the system figure out packaging info
remove ndiff.py* as the compiled version is installed in /usr/bin
and remove the leftover python site-package cruft.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
It is better to put necessary work into do_patch task than add a new task.
Otherwise,you can not get correct source code in some functions(such as archiver.bbclass).
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Signed-off-by: Thomas Perrot <thomas.perrot@tupi.fr>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
remove unused patches.
remove merged patches
move files to /file for easier maintenance
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
NOTE:meta-security/recipes-security/clamav/clamav_0.99.1.bb: base_contains is deprecated, please use bb.utils.contains instead.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
NOTE: meta-security/recipes-tpm/trousers/trousers_0.3.13.bb: base_contains is deprecated, please use bb.utils.contains instead.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
NOTE:meta-security/recipes-security/sssd/sssd_1.13.3.bb: base_contains is deprecated, please use bb.utils.contains instead.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
required by sssd
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
drop lib version in package name
drop insane and remove broken symlink
Use LEAD_SONAME
Don't hard code lib version in tasks
Use native chrpath not the host provided version
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
removed debian patches
brut force remove rpaths
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|