* [meta-security][PATCH 1/7] suricata: update to 4.0.6
@ 2019-03-05 16:46 Armin Kuster
2019-03-05 16:46 ` [meta-security][PATCH 2/7] keyutils: update to 1.6 Armin Kuster
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: Armin Kuster @ 2019-03-05 16:46 UTC (permalink / raw)
To: yocto
includes: SMTP crash issue was fixed: CVE-2018-18956
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../suricata/{libhtp_0.5.27.bb => libhtp_0.5.28.bb} | 0
recipes-security/suricata/suricata.inc | 6 +++---
.../suricata/{suricata_4.0.5.bb => suricata_4.0.6.bb} | 0
3 files changed, 3 insertions(+), 3 deletions(-)
rename recipes-security/suricata/{libhtp_0.5.27.bb => libhtp_0.5.28.bb} (100%)
rename recipes-security/suricata/{suricata_4.0.5.bb => suricata_4.0.6.bb} (100%)
diff --git a/recipes-security/suricata/libhtp_0.5.27.bb b/recipes-security/suricata/libhtp_0.5.28.bb
similarity index 100%
rename from recipes-security/suricata/libhtp_0.5.27.bb
rename to recipes-security/suricata/libhtp_0.5.28.bb
diff --git a/recipes-security/suricata/suricata.inc b/recipes-security/suricata/suricata.inc
index 1f42121..368b2e0 100644
--- a/recipes-security/suricata/suricata.inc
+++ b/recipes-security/suricata/suricata.inc
@@ -2,8 +2,8 @@ HOMEPAGE = "http://suricata-ids.org/"
SECTION = "security Monitor/Admin"
LICENSE = "GPLv2"
-VER = "4.0.5"
+VER = "4.0.6"
SRC_URI = "http://www.openinfosecfoundation.org/download/suricata-${VER}.tar.gz"
-SRC_URI[md5sum] = "ea0cb823d6a86568152f75ade6de442f"
-SRC_URI[sha256sum] = "74dacb4359d57fbd3452e384eeeb1dd77b6ae00f02e9994ad5a7b461d5f4c6c2"
+SRC_URI[md5sum] = "e8e9a401fef3b3ca1027c268c38c8f4b"
+SRC_URI[sha256sum] = "cbab847b33fc625b7a92241fdce2e1ca47b8bb415c9114de70819394229679a4"
diff --git a/recipes-security/suricata/suricata_4.0.5.bb b/recipes-security/suricata/suricata_4.0.6.bb
similarity index 100%
rename from recipes-security/suricata/suricata_4.0.5.bb
rename to recipes-security/suricata/suricata_4.0.6.bb
--
2.17.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [meta-security][PATCH 2/7] keyutils: update to 1.6
2019-03-05 16:46 [meta-security][PATCH 1/7] suricata: update to 4.0.6 Armin Kuster
@ 2019-03-05 16:46 ` Armin Kuster
2019-03-05 16:46 ` [meta-security][PATCH 3/7] tpm2.0-tools: update 3.1.3 Armin Kuster
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Armin Kuster @ 2019-03-05 16:46 UTC (permalink / raw)
To: yocto
remove patch now included in update:
keyutils-use-relative-path-for-link.patch
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../keyutils-use-relative-path-for-link.patch | 28 -------------------
.../{keyutils_1.5.10.bb => keyutils_1.6.bb} | 5 ++--
2 files changed, 2 insertions(+), 31 deletions(-)
delete mode 100644 recipes-security/keyutils/files/keyutils-use-relative-path-for-link.patch
rename recipes-security/keyutils/{keyutils_1.5.10.bb => keyutils_1.6.bb} (86%)
diff --git a/recipes-security/keyutils/files/keyutils-use-relative-path-for-link.patch b/recipes-security/keyutils/files/keyutils-use-relative-path-for-link.patch
deleted file mode 100644
index dde1af4..0000000
--- a/recipes-security/keyutils/files/keyutils-use-relative-path-for-link.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-Subject: [PATCH] keyutils: use relative path for link
-
-The absolute path of the symlink will be invalid
-when populated in sysroot, so use relative path instead.
-
-Upstream-Status: Pending
-
-Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
----
- Makefile | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/Makefile b/Makefile
-index 824bbbf..8ce3a13 100644
---- a/Makefile
-+++ b/Makefile
-@@ -167,7 +167,7 @@ ifeq ($(NO_SOLIB),0)
- $(INSTALL) -D $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(LIBNAME)
- $(LNS) $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(SONAME)
- mkdir -p $(DESTDIR)$(USRLIBDIR)
-- $(LNS) $(LIBDIR)/$(SONAME) $(DESTDIR)$(USRLIBDIR)/$(DEVELLIB)
-+ $(LNS) $(SONAME) $(DESTDIR)$(USRLIBDIR)/$(DEVELLIB)
- endif
- $(INSTALL) -D keyctl $(DESTDIR)$(BINDIR)/keyctl
- $(INSTALL) -D request-key $(DESTDIR)$(SBINDIR)/request-key
---
-2.11.0
-
diff --git a/recipes-security/keyutils/keyutils_1.5.10.bb b/recipes-security/keyutils/keyutils_1.6.bb
similarity index 86%
rename from recipes-security/keyutils/keyutils_1.5.10.bb
rename to recipes-security/keyutils/keyutils_1.6.bb
index a4222b9..1d7427d 100644
--- a/recipes-security/keyutils/keyutils_1.5.10.bb
+++ b/recipes-security/keyutils/keyutils_1.6.bb
@@ -16,14 +16,13 @@ LIC_FILES_CHKSUM = "file://LICENCE.GPL;md5=5f6e72824f5da505c1f4a7197f004b45 \
inherit siteinfo ptest
SRC_URI = "http://people.redhat.com/dhowells/keyutils/${BP}.tar.bz2 \
- file://keyutils-use-relative-path-for-link.patch \
file://keyutils-test-fix-output-format.patch \
file://keyutils-fix-error-report-by-adding-default-message.patch \
file://run-ptest \
"
-SRC_URI[md5sum] = "3771676319bc7b84b1549b5c63ff5243"
-SRC_URI[sha256sum] = "115c3deae7f181778fd0e0ffaa2dad1bf1fe2f5677cf2e0e348cdb7a1c93afb6"
+SRC_URI[md5sum] = "191987b0ab46bb5b50efd70a6e6ce808"
+SRC_URI[sha256sum] = "d3aef20cec0005c0fa6b4be40079885567473185b1a57b629b030e67942c7115"
EXTRA_OEMAKE = "'CFLAGS=${CFLAGS} -Wall' \
NO_ARLIB=1 \
--
2.17.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [meta-security][PATCH 3/7] tpm2.0-tools: update 3.1.3
2019-03-05 16:46 [meta-security][PATCH 1/7] suricata: update to 4.0.6 Armin Kuster
2019-03-05 16:46 ` [meta-security][PATCH 2/7] keyutils: update to 1.6 Armin Kuster
@ 2019-03-05 16:46 ` Armin Kuster
2019-03-05 16:46 ` [meta-security][PATCH 4/7] tpm2.o-tss: update to 2.4.1 Armin Kuster
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Armin Kuster @ 2019-03-05 16:46 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../{tpm2.0-tools_3.1.2.bb => tpm2.0-tools_3.1.3.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta-tpm/recipes-tpm/tpm2.0-tools/{tpm2.0-tools_3.1.2.bb => tpm2.0-tools_3.1.3.bb} (88%)
diff --git a/meta-tpm/recipes-tpm/tpm2.0-tools/tpm2.0-tools_3.1.2.bb b/meta-tpm/recipes-tpm/tpm2.0-tools/tpm2.0-tools_3.1.3.bb
similarity index 88%
rename from meta-tpm/recipes-tpm/tpm2.0-tools/tpm2.0-tools_3.1.2.bb
rename to meta-tpm/recipes-tpm/tpm2.0-tools/tpm2.0-tools_3.1.3.bb
index 3f40eb7..22fae0b 100644
--- a/meta-tpm/recipes-tpm/tpm2.0-tools/tpm2.0-tools_3.1.2.bb
+++ b/meta-tpm/recipes-tpm/tpm2.0-tools/tpm2.0-tools_3.1.3.bb
@@ -6,7 +6,7 @@ SECTION = "tpm"
DEPENDS = "pkgconfig tpm2.0-tss openssl curl autoconf-archive"
-SRCREV = "5e2f1aafc58e60c5050f85147a14914561f28ad9"
+SRCREV = "74ba065e5914bc5d713ca3709d62a5751b097369"
SRC_URI = "git://github.com/01org/tpm2.0-tools.git;name=tpm2.0-tools;destsuffix=tpm2.0-tools;branch=3.X"
--
2.17.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [meta-security][PATCH 4/7] tpm2.o-tss: update to 2.4.1
2019-03-05 16:46 [meta-security][PATCH 1/7] suricata: update to 4.0.6 Armin Kuster
2019-03-05 16:46 ` [meta-security][PATCH 2/7] keyutils: update to 1.6 Armin Kuster
2019-03-05 16:46 ` [meta-security][PATCH 3/7] tpm2.0-tools: update 3.1.3 Armin Kuster
@ 2019-03-05 16:46 ` Armin Kuster
2019-03-05 16:46 ` [meta-security][PATCH 5/7] tpm2-abrmd: update to 2.1.0 Armin Kuster
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Armin Kuster @ 2019-03-05 16:46 UTC (permalink / raw)
To: yocto
LIC_FILES_CHKSUM changed to do SPDX ref being removed.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../{tpm2.0-tss_2.0.1.bb => tpm2.0-tss_2.2.1.bb} | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
rename meta-tpm/recipes-tpm/tpm2.0-tss/{tpm2.0-tss_2.0.1.bb => tpm2.0-tss_2.2.1.bb} (86%)
diff --git a/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss_2.0.1.bb b/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss_2.2.1.bb
similarity index 86%
rename from meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss_2.0.1.bb
rename to meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss_2.2.1.bb
index 9d1ff72..4f9db50 100644
--- a/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss_2.0.1.bb
+++ b/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss_2.2.1.bb
@@ -1,19 +1,22 @@
SUMMARY = "Software stack for TPM2."
DESCRIPTION = "tpm2.0-tss like woah."
LICENSE = "BSD-2-Clause"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=0b1d631c4218b72f6b05cb58613606f4"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=500b2e742befc3da00684d8a1d5fd9da"
SECTION = "tpm"
-DEPENDS = "autoconf-archive-native libgcrypt"
+DEPENDS = "autoconf-archive-native libgcrypt openssl"
-SRCREV = "dc31e8dca9dbc77d16e419dc514ce8c526cd3351"
+SRCREV = "eb69e13559f20a0b49002a685c6f4a39be9503e2"
-SRC_URI = "git://github.com/tpm2-software/tpm2-tss.git;branch=2.0.x"
+SRC_URI = "git://github.com/tpm2-software/tpm2-tss.git;branch=2.2.x"
inherit autotools-brokensep pkgconfig systemd
S = "${WORKDIR}/git"
+PACKAGECONFIG ??= ""
+PACKAGECONFIG[oxygen] = ",--disable-doxygen-doc, "
+
do_configure_prepend () {
./bootstrap
}
@@ -72,3 +75,5 @@ FILES_libtss2-dev = " \
FILES_libtss2-staticdev = "${libdir}/libtss*a"
FILES_${PN} = "${libdir}/udev"
+
+RDEPENDS_libtss2 = "libgcrypt"
--
2.17.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [meta-security][PATCH 5/7] tpm2-abrmd: update to 2.1.0
2019-03-05 16:46 [meta-security][PATCH 1/7] suricata: update to 4.0.6 Armin Kuster
` (2 preceding siblings ...)
2019-03-05 16:46 ` [meta-security][PATCH 4/7] tpm2.o-tss: update to 2.4.1 Armin Kuster
@ 2019-03-05 16:46 ` Armin Kuster
2019-03-05 16:46 ` [meta-security][PATCH 6/7] libtpm: upate to stable 0.6.0 Armin Kuster
2019-03-05 16:46 ` [meta-security][PATCH 7/7] swtpm: update to stable release 0.1.0 Armin Kuster
5 siblings, 0 replies; 7+ messages in thread
From: Armin Kuster @ 2019-03-05 16:46 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../tpm2-abrmd/{tpm2-abrmd_2.0.2.bb => tpm2-abrmd_2.1.0.bb} | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
rename meta-tpm/recipes-tpm/tpm2-abrmd/{tpm2-abrmd_2.0.2.bb => tpm2-abrmd_2.1.0.bb} (97%)
diff --git a/meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.0.2.bb b/meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.1.0.bb
similarity index 97%
rename from meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.0.2.bb
rename to meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.1.0.bb
index 6347379..0120360 100644
--- a/meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.0.2.bb
+++ b/meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.1.0.bb
@@ -18,7 +18,8 @@ SRC_URI = "\
file://tpm2-abrmd-init.sh \
file://tpm2-abrmd.default \
"
-SRCREV = "d0120ace58d97bc9520c0d558657eaca87ae73b1"
+
+SRCREV = "e2f30eebd79079ed92952e78a6f8ab1c2c6194da"
S = "${WORKDIR}/git"
--
2.17.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [meta-security][PATCH 6/7] libtpm: upate to stable 0.6.0
2019-03-05 16:46 [meta-security][PATCH 1/7] suricata: update to 4.0.6 Armin Kuster
` (3 preceding siblings ...)
2019-03-05 16:46 ` [meta-security][PATCH 5/7] tpm2-abrmd: update to 2.1.0 Armin Kuster
@ 2019-03-05 16:46 ` Armin Kuster
2019-03-05 16:46 ` [meta-security][PATCH 7/7] swtpm: update to stable release 0.1.0 Armin Kuster
5 siblings, 0 replies; 7+ messages in thread
From: Armin Kuster @ 2019-03-05 16:46 UTC (permalink / raw)
To: yocto
Add PE
This update include support for tpm2.0
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../recipes-tpm/libtpm/{libtpm_1.0.bb => libtpm_0.6.0.bb} | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
rename meta-tpm/recipes-tpm/libtpm/{libtpm_1.0.bb => libtpm_0.6.0.bb} (70%)
diff --git a/meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb b/meta-tpm/recipes-tpm/libtpm/libtpm_0.6.0.bb
similarity index 70%
rename from meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb
rename to meta-tpm/recipes-tpm/libtpm/libtpm_0.6.0.bb
index a930d7b..a882960 100644
--- a/meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb
+++ b/meta-tpm/recipes-tpm/libtpm/libtpm_0.6.0.bb
@@ -2,8 +2,10 @@ SUMMARY = "LIBPM - Software TPM Library"
LICENSE = "BSD-3-Clause"
LIC_FILES_CHKSUM = "file://LICENSE;md5=e73f0786a936da3814896df06ad225a9"
-SRCREV = "4111bd1bcf721e6e7b5f11ed9c2b93083677aa25"
-SRC_URI = "git://github.com/stefanberger/libtpms.git"
+SRCREV = "9dc915572b51db0714640ba1ddf8cca9c0f24f05"
+SRC_URI = "git://github.com/stefanberger/libtpms.git;branch=stable-${PV}"
+
+PE = "1"
S = "${WORKDIR}/git"
inherit autotools-brokensep pkgconfig
@@ -11,6 +13,4 @@ inherit autotools-brokensep pkgconfig
PACKAGECONFIG ?= "openssl"
PACKAGECONFIG[openssl] = "--with-openssl, --without-openssl, openssl"
-PV = "1.0+git${SRCPV}"
-
BBCLASSEXTEND = "native"
--
2.17.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [meta-security][PATCH 7/7] swtpm: update to stable release 0.1.0
2019-03-05 16:46 [meta-security][PATCH 1/7] suricata: update to 4.0.6 Armin Kuster
` (4 preceding siblings ...)
2019-03-05 16:46 ` [meta-security][PATCH 6/7] libtpm: upate to stable 0.6.0 Armin Kuster
@ 2019-03-05 16:46 ` Armin Kuster
5 siblings, 0 replies; 7+ messages in thread
From: Armin Kuster @ 2019-03-05 16:46 UTC (permalink / raw)
To: yocto
added PE
split cuse into its own package
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../swtpm/{swtpm_1.0.bb => swtpm_0.1.0.bb} | 19 ++++++++++---------
1 file changed, 10 insertions(+), 9 deletions(-)
rename meta-tpm/recipes-tpm/swtpm/{swtpm_1.0.bb => swtpm_0.1.0.bb} (77%)
diff --git a/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb b/meta-tpm/recipes-tpm/swtpm/swtpm_0.1.0.bb
similarity index 77%
rename from meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb
rename to meta-tpm/recipes-tpm/swtpm/swtpm_0.1.0.bb
index 3fe1393..42de8b1 100644
--- a/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb
+++ b/meta-tpm/recipes-tpm/swtpm/swtpm_0.1.0.bb
@@ -9,11 +9,12 @@ DEPENDS = "libtasn1 expect socat glib-2.0 net-tools-native libtpm libtpm-native"
# then swtpm_setup needs them at runtime
DEPENDS += "tpm-tools-native expect-native socat-native"
-SRCREV = "94bb9f2d716d09bcc6cd2a2e033018f8592008e7"
-SRC_URI = "git://github.com/stefanberger/swtpm.git;branch=tpm2-preview.v2 \
+SRCREV = "d803d84575ab3e5dac316bf863c7f569a27ea35f"
+SRC_URI = "git://github.com/stefanberger/swtpm.git;branch=stable-${PV} \
file://fix_fcntl_h.patch \
file://ioctl_h.patch \
"
+PE = "1"
S = "${WORKDIR}/git"
@@ -23,8 +24,9 @@ PARALLEL_MAKE = ""
TSS_USER="tss"
TSS_GROUP="tss"
-PACKAGECONFIG ?= "openssl cuse"
+PACKAGECONFIG ?= "openssl"
PACKAGECONFIG += "${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux', '', d)}"
+PACKAGECONFIG += "${@bb.utils.contains('BBFILE_COLLECTIONS', 'filesystems-layer', 'cuse', '', d)}"
PACKAGECONFIG[openssl] = "--with-openssl, --without-openssl, openssl"
PACKAGECONFIG[gnutls] = "--with-gnutls, --without-gnutls, gnutls"
PACKAGECONFIG[selinux] = "--with-selinux, --without-selinux, libselinux"
@@ -39,12 +41,11 @@ GROUPADD_PARAM_${PN} = "--system ${TSS_USER}"
USERADD_PARAM_${PN} = "--system -g ${TSS_GROUP} --home-dir \
--no-create-home --shell /bin/false ${BPN}"
+PACKAGE_BEFORE_PN = "${PN}-cuse"
+FILES_${PN}-cuse = "${bindir}/swtpm_cuse"
+
+INSANE_SKIP_${PN} += "dev-so"
+
RDEPENDS_${PN} = "libtpm expect socat bash tpm-tools"
BBCLASSEXTEND = "native nativesdk"
-
-python() {
- if 'cuse' in d.getVar('PACKAGECONFIG') and \
- 'filesystems-layer' not in d.getVar('BBFILE_COLLECTIONS').split():
- raise bb.parse.SkipRecipe('Cuse enabled which requires meta-filesystems to be present.')
-}
--
2.17.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
end of thread, other threads:[~2019-03-05 16:46 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-03-05 16:46 [meta-security][PATCH 1/7] suricata: update to 4.0.6 Armin Kuster
2019-03-05 16:46 ` [meta-security][PATCH 2/7] keyutils: update to 1.6 Armin Kuster
2019-03-05 16:46 ` [meta-security][PATCH 3/7] tpm2.0-tools: update 3.1.3 Armin Kuster
2019-03-05 16:46 ` [meta-security][PATCH 4/7] tpm2.o-tss: update to 2.4.1 Armin Kuster
2019-03-05 16:46 ` [meta-security][PATCH 5/7] tpm2-abrmd: update to 2.1.0 Armin Kuster
2019-03-05 16:46 ` [meta-security][PATCH 6/7] libtpm: upate to stable 0.6.0 Armin Kuster
2019-03-05 16:46 ` [meta-security][PATCH 7/7] swtpm: update to stable release 0.1.0 Armin Kuster
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.