[oe] [meta-networking][PATCH] python3-scapy: Drop python3-tox from ptest rdeps
python3-tox is only needed if internal driver for running tests is used
which we do not use in OE
Signed-off-by: Khem Raj
---
meta-networking/recipes-devtools/python/python3-scapy_2.5.0.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta-networking/recipes-devtools/python/python3-scapy_2.5.0.bb
b/meta-networking/recipes-devtools/python/python3-scapy_2.5.0.bb
index d5d4850402..d57cb977e4 100644
--- a/meta-networking/recipes-devtools/python/python3-scapy_2.5.0.bb
+++ b/meta-networking/recipes-devtools/python/python3-scapy_2.5.0.bb
@@ -40,5 +40,5 @@ RDEPENDS:${PN} = "tcpdump python3-compression
python3-cryptography python3-netcl
python3-netserver python3-pydoc python3-pkgutil
python3-shell \
python3-threading python3-numbers python3-fcntl
python3-logging \
python3-difflib"
-RDEPENDS:${PN}-ptest += "python3-json python3-mock python3-multiprocessing
python3-tox \
+RDEPENDS:${PN}-ptest += "python3-json python3-mock python3-multiprocessing \
iproute2 tshark"
--
2.44.0
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#109027):
https://lists.openembedded.org/g/openembedded-devel/message/109027
Mute This Topic: https://lists.openembedded.org/mt/104552943/21656
Group Owner: openembedded-devel+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-networking][PATCH] dnsmasq: Upgrade 2.89 -> 2.90
From: Peter Marko
Fixes CVE-2023-50387 and CVE-2023-50868
Remove backported CVE patch.
Remove patch for lua as hardcoding lua version was removed.
Signed-off-by: Peter Marko
---
.../recipes-support/dnsmasq/dnsmasq/lua.patch | 33 -
.../{dnsmasq_2.89.bb => dnsmasq_2.90.bb} | 4 +-
.../dnsmasq/files/CVE-2023-28450.patch| 48 ---
3 files changed, 1 insertion(+), 84 deletions(-)
delete mode 100644 meta-networking/recipes-support/dnsmasq/dnsmasq/lua.patch
rename meta-networking/recipes-support/dnsmasq/{dnsmasq_2.89.bb =>
dnsmasq_2.90.bb} (97%)
delete mode 100644
meta-networking/recipes-support/dnsmasq/files/CVE-2023-28450.patch
diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq/lua.patch
b/meta-networking/recipes-support/dnsmasq/dnsmasq/lua.patch
deleted file mode 100644
index f8697699a..0
--- a/meta-networking/recipes-support/dnsmasq/dnsmasq/lua.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From be1b3d2d0f1608cba5efee73d6aac5ad0709041b Mon Sep 17 00:00:00 2001
-From: Joe MacDonald
-Date: Tue, 9 Sep 2014 10:24:58 -0400
-Subject: [PATCH] Upstream-Status: Inappropriate [OE specific]
-
-Signed-off-by: Christopher Larson
-Signed-off-by: Paul Eggleton
-
-Upstream-Status: Pending
-
- Makefile | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/Makefile b/Makefile
-index 73ea23e..ed3eeb9 100644
a/Makefile
-+++ b/Makefile
-@@ -60,8 +60,8 @@ idn2_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper
HAVE_LIBIDN2 $(PKG_CONFI
- idn2_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LIBIDN2
$(PKG_CONFIG) --libs libidn2`
- ct_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_CONNTRACK
$(PKG_CONFIG) --cflags libnetfilter_conntrack`
- ct_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_CONNTRACK
$(PKG_CONFIG) --libs libnetfilter_conntrack`
--lua_cflags =`echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT
$(PKG_CONFIG) --cflags lua5.2`
--lua_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT
$(PKG_CONFIG) --libs lua5.2`
-+lua_cflags =`echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT
$(PKG_CONFIG) --cflags lua`
-+lua_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT
$(PKG_CONFIG) --libs lua`
- nettle_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC
$(PKG_CONFIG) --cflags 'nettle hogweed' \
- HAVE_CRYPTOHASH
$(PKG_CONFIG) --cflags nettle \
- HAVE_NETTLEHASH
$(PKG_CONFIG) --cflags nettle`
-
---
-2.9.5
-
diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.89.bb
b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.90.bb
similarity index 97%
rename from meta-networking/recipes-support/dnsmasq/dnsmasq_2.89.bb
rename to meta-networking/recipes-support/dnsmasq/dnsmasq_2.90.bb
index 684eb4432..38fa271dc 100644
--- a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.89.bb
+++ b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.90.bb
@@ -11,15 +11,13 @@ DEPENDS += "gettext-native"
#at least versions 2.69 and prior are moved to the archive folder on the server
SRC_URI = "http://www.thekelleys.org.uk/dnsmasq/${@['archive/',
''][float(d.getVar('PV').split('.')[1]) > 69]}dnsmasq-${PV}.tar.gz \
- file://lua.patch \
file://init \
file://dnsmasq.conf \
file://dnsmasq-resolvconf.service \
file://dnsmasq-noresolvconf.service \
file://dnsmasq-resolved.conf \
- file://CVE-2023-28450.patch \
"
-SRC_URI[sha256sum] =
"8651373d000cae23776256e83dcaa6723dee72c06a39362700344e0c12c4e7e4"
+SRC_URI[sha256sum] =
"8fb542403b5ee7ccce66ea73a4a51cf19dd49392aaccd37231a2c51b303b"
inherit pkgconfig update-rc.d systemd
diff --git a/meta-networking/recipes-support/dnsmasq/files/CVE-2023-28450.patch
b/meta-networking/recipes-support/dnsmasq/files/CVE-2023-28450.patch
deleted file mode 100644
index 129c9043e..0
--- a/meta-networking/recipes-support/dnsmasq/files/CVE-2023-28450.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5 Mon Sep 17 00:00:00 2001
-From: Simon Kelley
-Date: Tue, 7 Mar 2023 22:07:46 +
-Subject: [PATCH] Set the default maximum DNS UDP packet size to 1232.
-
-http://www.dnsflagday.net/2020/ refers.
-
-Thanks to Xiang Li for the prompt.
-
-CVE: CVE-2023-28450
-Upstream-Status: Backport
[https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5]
-
-Signed-off-by: Peter Marko
- man/dnsmasq.8 | 3 ++-
- src/config.h | 2 +-
- 2 files changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/man/dnsmasq.8 b/man/dnsmasq.8
-index 41e2e04..5acb935 100644
a/man/dnsmasq.8
-+++ b/man/dnsmasq.8
-@@ -183,7 +183,8 @@ to zero completely disables DNS function, leaving only
DHCP and/or TFTP.
- .TP
- .B \-P, --edns-packet-max=
- Specify the largest EDNS.0 UDP p
[oe] [meta-java][PATCH] jsch,xerces-j: fix CVE_STATUS
From: Peter Marko
Last commit tried to convert CVE_CHECK_IGNORE to CVE_STATUS,
however it was done in wrong way and caused the CVEs
to be reported as open again.
This fixes CVE_STATUS syntax.
Signed-off-by: Peter Marko
---
recipes-core/jcraft/jsch_0.1.40.bb | 3 +--
recipes-core/xerces-j/xerces-j_2.11.0.bb | 2 +-
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/recipes-core/jcraft/jsch_0.1.40.bb
b/recipes-core/jcraft/jsch_0.1.40.bb
index 8ef5c85..aeb04b4 100644
--- a/recipes-core/jcraft/jsch_0.1.40.bb
+++ b/recipes-core/jcraft/jsch_0.1.40.bb
@@ -25,8 +25,7 @@ do_compile() {
SRC_URI[md5sum] = "b59cec19a487e95aed68378976b4b566"
SRC_URI[sha256sum] =
"ca9d2ae08fd7a8983fb00d04f0f0c216a985218a5eb364ff9bee73870f28e097"
-# Ignore the CVE because it only affects Windows platforms
-CVE_STATUS += "CVE-2016-5725"
+CVE_STATUS[CVE-2016-5725] = "not-applicable-platform: Issue only applies on
Windows"
BBCLASSEXTEND = "native"
diff --git a/recipes-core/xerces-j/xerces-j_2.11.0.bb
b/recipes-core/xerces-j/xerces-j_2.11.0.bb
index c7a54ab..45d3c43 100644
--- a/recipes-core/xerces-j/xerces-j_2.11.0.bb
+++ b/recipes-core/xerces-j/xerces-j_2.11.0.bb
@@ -18,7 +18,7 @@ SRC_URI =
"http://archive.apache.org/dist/xerces/j/source/Xerces-J-src.${PV}.tar
# Already fixed with updates and closed.
# https://access.redhat.com/security/cve/CVE-2018-2799
# https://bugzilla.redhat.com/show_bug.cgi?id=1567542
-CVE_STATUS += "CVE-2018-2799"
+CVE_STATUS[CVE-2018-2799] = "not-applicable-platform: Issue only applies on
some Oracle Java SE and Red Hat Enterprise Linux versions"
S = "${WORKDIR}/xerces-2_11_0"
--
2.30.2
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#109025):
https://lists.openembedded.org/g/openembedded-devel/message/109025
Mute This Topic: https://lists.openembedded.org/mt/104544794/21656
Group Owner: openembedded-devel+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-openembedded][PATCH 2/2] snort3: fix snort.pc
* fixes:
ERROR: lib32-snort3-3+git-r0 do_populate_sysroot: QA Issue: snort.pc failed
sanity test (tmpdir) in path lib32-snort3/3+git/sysroot-destdir/usr/lib/pkg
* it's broken for non-multilib builds as well, the issue is that
FLEX_CPPFLAGS points to native include dir, e.g.
FLEX_CPPFLAGS=-I/OE/../lib32-snort3/3+git/recipe-sysroot-native/usr/include
and the work around from:
https://github.com/openembedded/meta-openembedded/commit/973647848049abda6f2adbee0189720109863731
sed -i "s#${RECIPE_SYSROOT}##g" ${D}${libdir}/pkgconfig/snort.pc
strips the "/OE/../lib32-snort3/3+git/recipe-sysroot" part in non-multilib
case, but leaves:
FLEX_CPPFLAGS=-I-native/usr/include
which is still wrong, but not detected by buildpaths QA check anymore
and in multilib case, this didn't strip the first part because the
target sysroot is:
"/OE/../lib32-snort3/3+git/lib32-recipe-sysroot"
so it didn't strip anything from native sysroot:
"/OE/../lib32-snort3/3+git/recipe-sysroot-native"
Signed-off-by: Martin Jansa
---
meta-networking/recipes-connectivity/snort/snort3_git.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta-networking/recipes-connectivity/snort/snort3_git.bb
b/meta-networking/recipes-connectivity/snort/snort3_git.bb
index e9c37c8346..b8826b0682 100644
--- a/meta-networking/recipes-connectivity/snort/snort3_git.bb
+++ b/meta-networking/recipes-connectivity/snort/snort3_git.bb
@@ -21,7 +21,7 @@ PACKAGES =+ "${PN}-scripts"
inherit cmake pkgconfig
do_install:append() {
-sed -i "s#${RECIPE_SYSROOT}##g" ${D}${libdir}/pkgconfig/snort.pc
+sed -i "s#${RECIPE_SYSROOT_NATIVE}##g; s#${RECIPE_SYSROOT}##g"
${D}${libdir}/pkgconfig/snort.pc
}
FILES:${PN} += "${libdir}/snort/daq/*.so"
--
2.43.2
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#109024):
https://lists.openembedded.org/g/openembedded-devel/message/109024
Mute This Topic: https://lists.openembedded.org/mt/104543797/21656
Group Owner: openembedded-devel+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-openembedded][PATCH 1/2] snort3: drop SRCPV from PV
* as other recipes did in:
https://git.openembedded.org/meta-openembedded/commit/?id=21f956598ddb1bb08855fbc9a3293acf957154d1
Signed-off-by: Martin Jansa
---
meta-networking/recipes-connectivity/snort/snort3_git.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta-networking/recipes-connectivity/snort/snort3_git.bb
b/meta-networking/recipes-connectivity/snort/snort3_git.bb
index 4bc2395fae..e9c37c8346 100644
--- a/meta-networking/recipes-connectivity/snort/snort3_git.bb
+++ b/meta-networking/recipes-connectivity/snort/snort3_git.bb
@@ -5,7 +5,7 @@ SECTION = "net"
LICENSE = "GPL-2.0-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=78fa8ef966b48fbf9095e13cc92377c5"
-PV = "3+git${SRCPV}"
+PV = "3+git"
DEPENDS = "flex-native hwloc libdaq libdnet libpcap libpcre libtirpc libunwind
luajit zlib"
--
2.43.2
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#109023):
https://lists.openembedded.org/g/openembedded-devel/message/109023
Mute This Topic: https://lists.openembedded.org/mt/104543796/21656
Group Owner: openembedded-devel+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
