Re: [ptxdist] [PATCH] lldpd: bump version to 0.7.19

2015-11-16 Thread Alexander Dahl 
Hei hei, 

Am 2015-11-16 14:11, schrieb Clemens Gruber:
> did you have time to try my lldpd patch?

Not yet. I try to put it in between somewhere this week.

> It's running on my busybox system since then. So far, no problems!

:-)

> Could you please help me test lldpd in a systemd environment?

We're still using bbinit here, didn't have time to play with systemd for
three years now. :-(

Greets
Alex

-- 
»With the first link, the chain is forged. The first speech censured,
the first thought forbidden, the first freedom denied, chains us all
irrevocably.« (Jean-Luc Picard, quoting Judge Aaron Satie)
*** GnuPG-FP: 02C8 A590 7FE5 CA5F 3601  D1D5 8FBA 7744 CC87 10D0 ***

___
ptxdist mailing list
ptxdist@pengutronix.de

Re: [ptxdist] [PATCH] lldpd: bump version to 0.7.19

2015-11-16 Thread Clemens Gruber 
On Mon, Nov 09, 2015 at 10:58:12AM +0100, Clemens Gruber wrote:
> Hi Alexander,
> 
> On Mon, Nov 09, 2015 at 08:46:09AM +0100, Alexander Dahl wrote:
> > Hei hei, 
> > 
> > Am 2015-11-07 18:26, schrieb Clemens Gruber:
> > > -LLDPD_VERSION:= 0.7.6
> > > -LLDPD_MD5:= dbd90a68b91448dcb94a4a77c5d8ef65
> > > +LLDPD_VERSION:= 0.7.19
> > > +LLDPD_MD5:= 4e924420e00ccd5dc289506f43221820
> > 
> > I'm afraid it's not that simple. Some configure options changed and some
> > where added. This should be adressed in rules/lldpd.make and maybe in
> > rules/lldpd.in as well. I attach a diff of the output of ./configure
> > --help to this mail.
> > 
> > Another point is to check the new pid file handling. There's a new
> > option --with-lldpd-pid-file in the configure output which should be
> > checked against projectroot/etc/init.d/lldpd which is the startup script
> > for bbinit.
> 
> This works out of the box. It uses /var/run/lldpd.pid by default.
> 
> > 
> > The new possibility to link against json-c should be checked. There
> > seems to be some new support for systemd. The with-privsep options
> > should also be checked, there were some upstream changes in lldpd 0.7.8.
> 
> In v2, I added an option to enable the JSON output format (but only with 
> json-c
> as we do not have Jansson in ptxdist)
> 
> > 
> > Maybe the https://github.com/vincentbernat/lldpd/blob/branch-0.7/NEWS
> > could also be helpful.
> 
> Yes, I updated the minimum kernel version in the oldies option and added an
> option for custom TLVs.
> 
> > 
> > I would be happy if you could have a look into this, I'm also interested
> > in an updated package, but didn't have time to investigate this further
> > yet. ;-)
> 
> Privilege separation options are OK.
> I did not enable seccomp because they do not use the syscall directly but
> through libseccomp which is not in ptxdist. Also, it is not yet enabled by
> default by the developer, so I think this can wait a little bit.
> 
> lldpd works on my system with busybox init.
> I do not have a systemd box with ptxdist however. (It should detect the 
> correct
> location via pkg-config, right?)
> Would be great if you could give the v2 patch a try, especially wrt systemd.
> 
> > 
> > Greets
> > Alex
> > 
> > -- 
> > »With the first link, the chain is forged. The first speech censured,
> > the first thought forbidden, the first freedom denied, chains us all
> > irrevocably.« (Jean-Luc Picard, quoting Judge Aaron Satie)
> > *** GnuPG-FP: 02C8 A590 7FE5 CA5F 3601  D1D5 8FBA 7744 CC87 10D0 ***
> 
> Thanks,
> Clemens

Hi Alexander,

did you have time to try my lldpd patch?
It's running on my busybox system since then. So far, no problems!
Could you please help me test lldpd in a systemd environment?

Thanks.
Clemens

___
ptxdist mailing list
ptxdist@pengutronix.de

[ptxdist] libpng security update

2015-11-16 Thread Alexander Dahl 
Hei hei, 

there are two vulnerabilities in libpng fixed with the versions released
today [1]: CVE-2015-7981, CVE-2015-8126. ptxdist is still on 1.2.50,
however there's a version 1.2.54 in that branch fixing the issues. 

I had a quick look into the differences and stumbled over the patch
coming with ptxdist regarding sysroot handling. It links to a discussion
on sourceforge leading to a 404 now, which actually moved to
https://sourceforge.net/p/libpng/feature-requests/17/ – I see no
solution there, but 1.2.54 has a new parameter for ./configure named
--with-sysroot[=DIR] which probably makes the patch obsolete.

Maybe someone has time for looking into this, should be not too hard to
update to 1.2.54. I would have done, but I'm not sure how to use the
--with-sysroot option in rules/libpng.make … O:-)

Greets
Alex

[1]
http://www.heise.de/security/meldung/Programmbibliothek-libpng-verlangt-nach-Sicherheitsupdates-2922089.html

-- 
»With the first link, the chain is forged. The first speech censured,
the first thought forbidden, the first freedom denied, chains us all
irrevocably.« (Jean-Luc Picard, quoting Judge Aaron Satie)
*** GnuPG-FP: 02C8 A590 7FE5 CA5F 3601  D1D5 8FBA 7744 CC87 10D0 ***

___
ptxdist mailing list
ptxdist@pengutronix.de