* [meta-security][zeus][PATCH 1/9] cryptsetup tpm incubator: fix installed vs shipped
@ 2020-01-05 23:18 Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 2/9] meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.3.1.bb: add new udev dir to FILES and append EXTRA_OECONF Armpit
` (7 more replies)
0 siblings, 8 replies; 9+ messages in thread
From: Armpit @ 2020-01-05 23:18 UTC (permalink / raw)
To: yocto; +Cc: Christophe PRIOUZEAU
From: Christophe PRIOUZEAU <christophe.priouzeau@st.com>
Fix [installed-vs-shipped] by adding /usr/lib/tmpfiles.d
on FILES.
Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../cryptsetup-tpm-incubator/cryptsetup-tpm-incubator_0.9.9.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta-tpm/recipes-tpm2/cryptsetup-tpm-incubator/cryptsetup-tpm-incubator_0.9.9.bb b/meta-tpm/recipes-tpm2/cryptsetup-tpm-incubator/cryptsetup-tpm-incubator_0.9.9.bb
index 8385c94..b706d15 100644
--- a/meta-tpm/recipes-tpm2/cryptsetup-tpm-incubator/cryptsetup-tpm-incubator_0.9.9.bb
+++ b/meta-tpm/recipes-tpm2/cryptsetup-tpm-incubator/cryptsetup-tpm-incubator_0.9.9.bb
@@ -32,6 +32,7 @@ RRECOMMENDS_${PN} = "kernel-module-aes-generic \
kernel-module-xts \
"
+FILES_${PN} += "${libdir}/tmpfiles.d"
RDEPENDS_${PN} += "lvm2 libdevmapper"
RRECOMMENDS_${PN} += "lvm2-udevrules"
--
2.17.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [meta-security][zeus][PATCH 2/9] meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.3.1.bb: add new udev dir to FILES and append EXTRA_OECONF
2020-01-05 23:18 [meta-security][zeus][PATCH 1/9] cryptsetup tpm incubator: fix installed vs shipped Armpit
@ 2020-01-05 23:18 ` Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 3/9] checksecurity: use more portable find args Armpit
` (6 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Armpit @ 2020-01-05 23:18 UTC (permalink / raw)
To: yocto; +Cc: Norbert Kaminski
From: Norbert Kaminski <norbert.kaminski@3mdeb.com>
The tpm2 tool freezes in a XEN distro. It stores the udev rules in
/lib/udev directory,
thus these changes append the FILES and EXTRA_OECONF to make tpm2 work
properly.
Signed-off-by: Norbert Kaminski <norbert.kaminski@3mdeb.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.3.1.bb | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.3.1.bb b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.3.1.bb
index 3e77f71..dfdf734 100644
--- a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.3.1.bb
+++ b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.3.1.bb
@@ -17,6 +17,8 @@ S = "${WORKDIR}/git"
PACKAGECONFIG ??= ""
PACKAGECONFIG[oxygen] = ",--disable-doxygen-doc, "
+EXTRA_OECONF += "--with-udevrulesdir=${base_prefix}/lib/udev/rules.d/"
+
do_configure_prepend () {
./bootstrap
}
@@ -74,6 +76,6 @@ FILES_libtss2-dev = " \
${libdir}/libtss2*so"
FILES_libtss2-staticdev = "${libdir}/libtss*a"
-FILES_${PN} = "${libdir}/udev"
+FILES_${PN} = "${libdir}/udev ${base_prefix}/lib/udev"
RDEPENDS_libtss2 = "libgcrypt"
--
2.17.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [meta-security][zeus][PATCH 3/9] checksecurity: use more portable find args
2020-01-05 23:18 [meta-security][zeus][PATCH 1/9] cryptsetup tpm incubator: fix installed vs shipped Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 2/9] meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.3.1.bb: add new udev dir to FILES and append EXTRA_OECONF Armpit
@ 2020-01-05 23:18 ` Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 4/9] clamav: add tmpfiles.d config Armpit
` (5 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Armpit @ 2020-01-05 23:18 UTC (permalink / raw)
To: yocto; +Cc: Christopher Larson
From: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../checksecurity/checksecurity_2.0.15.bb | 3 ++-
...k-setuid-use-more-portable-find-args.patch | 23 +++++++++++++++++++
2 files changed, 25 insertions(+), 1 deletion(-)
create mode 100644 recipes-security/checksecurity/files/check-setuid-use-more-portable-find-args.patch
diff --git a/recipes-security/checksecurity/checksecurity_2.0.15.bb b/recipes-security/checksecurity/checksecurity_2.0.15.bb
index a961691..030bf25 100644
--- a/recipes-security/checksecurity/checksecurity_2.0.15.bb
+++ b/recipes-security/checksecurity/checksecurity_2.0.15.bb
@@ -5,7 +5,8 @@ LICENSE = "GPL-2.0"
LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
SRC_URI = "http://ftp.de.debian.org/debian/pool/main/c/checksecurity/checksecurity_${PV}.tar.gz \
- file://setuid-log-folder.patch"
+ file://setuid-log-folder.patch \
+ file://check-setuid-use-more-portable-find-args.patch"
SRC_URI[md5sum] = "a30161c3e24d3be710b2fd13fcd1f32f"
SRC_URI[sha256sum] = "67abe3d6391c96146e96f376d3fd6eb7a9418b0f7fe205b465219889791dba32"
diff --git a/recipes-security/checksecurity/files/check-setuid-use-more-portable-find-args.patch b/recipes-security/checksecurity/files/check-setuid-use-more-portable-find-args.patch
new file mode 100644
index 0000000..f1fe8ed
--- /dev/null
+++ b/recipes-security/checksecurity/files/check-setuid-use-more-portable-find-args.patch
@@ -0,0 +1,23 @@
+From f3073b8e06a607677d47ad9a19533b2e33408a4f Mon Sep 17 00:00:00 2001
+From: Christopher Larson <chris_larson@mentor.com>
+Date: Wed, 5 Sep 2018 23:21:43 +0500
+Subject: [PATCH] check-setuid: use more portable find args
+
+Signed-off-by: Christopher Larson <chris_larson@mentor.com>
+---
+ plugins/check-setuid | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+Index: checksecurity-2.0.15/plugins/check-setuid
+===================================================================
+--- checksecurity-2.0.15.orig/plugins/check-setuid 2018-09-06 00:49:23.930934294 +0500
++++ checksecurity-2.0.15/plugins/check-setuid 2018-09-06 00:49:49.694934757 +0500
+@@ -99,7 +99,7 @@
+ ionice -t -c3 \
+ find `mount | grep -vE "$CHECKSECURITY_FILTER" | cut -d ' ' -f 3` \
+ -xdev $PATHCHK \
+- \( -type f -perm +06000 -o \( \( -type b -o -type c \) \
++ \( -type f \( -perm -4000 -o -perm -2000 \) -o \( \( -type b -o -type c \) \
+ $DEVCHK \) \) \
+ -ignore_readdir_race \
+ -printf "%8i %5m %3n %-10u %-10g %9s %t %h/%f\n" |
--
2.17.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [meta-security][zeus][PATCH 4/9] clamav: add tmpfiles.d config
2020-01-05 23:18 [meta-security][zeus][PATCH 1/9] cryptsetup tpm incubator: fix installed vs shipped Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 2/9] meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.3.1.bb: add new udev dir to FILES and append EXTRA_OECONF Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 3/9] checksecurity: use more portable find args Armpit
@ 2020-01-05 23:18 ` Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 5/9] suricata: " Armpit
` (4 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Armpit @ 2020-01-05 23:18 UTC (permalink / raw)
To: yocto; +Cc: Christopher Larson
From: Christopher Larson <chris_larson@mentor.com>
This is needed to ensure freshclam's /var/log directory and file are
created when using systemd.
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
recipes-security/clamav/clamav_0.99.4.bb | 8 +++++++-
recipes-security/clamav/files/tmpfiles.clamav | 3 +++
2 files changed, 10 insertions(+), 1 deletion(-)
create mode 100644 recipes-security/clamav/files/tmpfiles.clamav
diff --git a/recipes-security/clamav/clamav_0.99.4.bb b/recipes-security/clamav/clamav_0.99.4.bb
index 7f04337..a340b48 100644
--- a/recipes-security/clamav/clamav_0.99.4.bb
+++ b/recipes-security/clamav/clamav_0.99.4.bb
@@ -15,6 +15,7 @@ SRC_URI = "git://github.com/vrtadmin/clamav-devel;branch=rel/0.99 \
file://clamd.conf \
file://freshclam.conf \
file://volatiles.03_clamav \
+ file://tmpfiles.clamav \
file://${BPN}.service \
file://freshclam-native.conf \
"
@@ -104,11 +105,15 @@ do_install_append_class-target () {
install -m 666 ${S}/clamav_db/* ${D}/${localstatedir}/lib/clamav/.
if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)};then
install -D -m 0644 ${WORKDIR}/clamav.service ${D}${systemd_unitdir}/system/clamav.service
+ install -d ${D}${sysconfdir}/tmpfiles.d
+ install -m 0644 ${WORKDIR}/tmpfiles.clamav ${D}${sysconfdir}/tmpfiles.d/clamav.conf
fi
}
pkg_postinst_ontarget_${PN} () {
- if [ -e /etc/init.d/populate-volatile.sh ] ; then
+ if command -v systemd-tmpfiles >/dev/null; then
+ systemd-tmpfiles --create ${sysconfdir}/tmpfiles.d/clamav.conf
+ elif [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then
${sysconfdir}/init.d/populate-volatile.sh update
fi
mkdir -p ${localstatedir}/lib/clamav
@@ -140,6 +145,7 @@ FILES_${PN}-daemon = "${bindir}/clamconf ${bindir}/clamdtop ${sbindir}/clamd \
FILES_${PN}-freshclam = "${bindir}/freshclam \
${sysconfdir}/freshclam.conf* \
${sysconfdir}/clamav ${sysconfdir}/default/volatiles \
+ ${sysconfdir}/tmpfiles.d/*.conf \
${localstatedir}/lib/clamav \
${docdir}/${PN}-freshclam ${mandir}/man1/freshclam.* \
${mandir}/man5/freshclam.conf.* \
diff --git a/recipes-security/clamav/files/tmpfiles.clamav b/recipes-security/clamav/files/tmpfiles.clamav
new file mode 100644
index 0000000..fd5adfe
--- /dev/null
+++ b/recipes-security/clamav/files/tmpfiles.clamav
@@ -0,0 +1,3 @@
+#Type Path Mode UID GID Age Argument
+d /var/log/clamav 0755 clamav clamav -
+f /var/log/clamav/freshclam.log 0644 clamav clamav -
--
2.17.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [meta-security][zeus][PATCH 5/9] suricata: add tmpfiles.d config
2020-01-05 23:18 [meta-security][zeus][PATCH 1/9] cryptsetup tpm incubator: fix installed vs shipped Armpit
` (2 preceding siblings ...)
2020-01-05 23:18 ` [meta-security][zeus][PATCH 4/9] clamav: add tmpfiles.d config Armpit
@ 2020-01-05 23:18 ` Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 6/9] README: update mailing list to new groups.io Armpit
` (3 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Armpit @ 2020-01-05 23:18 UTC (permalink / raw)
To: yocto; +Cc: Christopher Larson
From: Christopher Larson <chris_larson@mentor.com>
This is needed to ensure our /var/log directory is created when using
systemd.
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
recipes-ids/suricata/files/tmpfiles.suricata | 2 ++
recipes-ids/suricata/suricata_4.1.5.bb | 28 +++++++++++++-------
2 files changed, 20 insertions(+), 10 deletions(-)
create mode 100644 recipes-ids/suricata/files/tmpfiles.suricata
diff --git a/recipes-ids/suricata/files/tmpfiles.suricata b/recipes-ids/suricata/files/tmpfiles.suricata
new file mode 100644
index 0000000..fbf3784
--- /dev/null
+++ b/recipes-ids/suricata/files/tmpfiles.suricata
@@ -0,0 +1,2 @@
+#Type Path Mode UID GID Age Argument
+d /var/log/suricata 0755 root root
diff --git a/recipes-ids/suricata/suricata_4.1.5.bb b/recipes-ids/suricata/suricata_4.1.5.bb
index e15a9a3..b2700d6 100644
--- a/recipes-ids/suricata/suricata_4.1.5.bb
+++ b/recipes-ids/suricata/suricata_4.1.5.bb
@@ -6,6 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;beginline=1;endline=2;md5=c70d8d3310941dcdfcd
SRC_URI += " \
file://volatiles.03_suricata \
+ file://tmpfiles.suricata \
file://suricata.yaml \
file://suricata.service \
file://run-ptest \
@@ -59,14 +60,19 @@ do_install_append () {
install -m 0644 ${S}/threshold.config ${D}${sysconfdir}/suricata
- install -d ${D}${systemd_unitdir}/system
- sed -e s:/etc:${sysconfdir}:g \
- -e s:/var/run:/run:g \
- -e s:/var:${localstatedir}:g \
- -e s:/usr/bin:${bindir}:g \
- -e s:/bin/kill:${base_bindir}/kill:g \
- -e s:/usr/lib:${libdir}:g \
- ${WORKDIR}/suricata.service > ${D}${systemd_unitdir}/system/suricata.service
+ if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
+ install -d ${D}${sysconfdir}/tmpfiles.d
+ install -m 0644 ${WORKDIR}/tmpfiles.suricata ${D}${sysconfdir}/tmpfiles.d/suricata.conf
+
+ install -d ${D}${systemd_unitdir}/system
+ sed -e s:/etc:${sysconfdir}:g \
+ -e s:/var/run:/run:g \
+ -e s:/var:${localstatedir}:g \
+ -e s:/usr/bin:${bindir}:g \
+ -e s:/bin/kill:${base_bindir}/kill:g \
+ -e s:/usr/lib:${libdir}:g \
+ ${WORKDIR}/suricata.service > ${D}${systemd_unitdir}/system/suricata.service
+ fi
# Remove /var/run as it is created on startup
rm -rf ${D}${localstatedir}/run
@@ -74,7 +80,9 @@ do_install_append () {
}
pkg_postinst_ontarget_${PN} () {
-if [ -e /etc/init.d/populate-volatile.sh ] ; then
+if command -v systemd-tmpfiles >/dev/null; then
+ systemd-tmpfiles --create ${sysconfdir}/tmpfiles.d/suricata.conf
+elif [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then
${sysconfdir}/init.d/populate-volatile.sh update
fi
}
@@ -82,7 +90,7 @@ fi
SYSTEMD_PACKAGES = "${PN}"
PACKAGES =+ "${PN}-socketcontrol"
-FILES_${PN} += "${systemd_unitdir}"
+FILES_${PN} += "${systemd_unitdir} ${sysconfdir}/tmpfiles.d"
FILES_${PN}-socketcontrol = "${bindir}/suricatasc ${PYTHON_SITEPACKAGES_DIR}"
CONFFILES_${PN} = "${sysconfdir}/suricata/suricata.yaml"
--
2.17.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [meta-security][zeus][PATCH 6/9] README: update mailing list to new groups.io
2020-01-05 23:18 [meta-security][zeus][PATCH 1/9] cryptsetup tpm incubator: fix installed vs shipped Armpit
` (3 preceding siblings ...)
2020-01-05 23:18 ` [meta-security][zeus][PATCH 5/9] suricata: " Armpit
@ 2020-01-05 23:18 ` Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 7/9] libseccomp: upgrade 2.4.1 -> 2.4.2 Armpit
` (2 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Armpit @ 2020-01-05 23:18 UTC (permalink / raw)
To: yocto
Also add Zeus keyword
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
README | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/README b/README
index 5abb0e2..634d412 100644
--- a/README
+++ b/README
@@ -52,15 +52,15 @@ other layers needed. e.g.:
Maintenance
-----------
-Send pull requests, patches, comments or questions to yocto@yoctoproject.org
+Send pull requests, patches, comments or questions to yocto@lists.yoctoproject.org
When sending single patches, please using something like:
-'git send-email -1 --to yocto@yoctoproject.org --subject-prefix=meta-security][PATCH'
+'git send-email -1 --to yocto@lists.yoctoproject.org --subject-prefix=meta-security][zeus][PATCH'
These values can be set as defaults for this repository:
-$ git config sendemail.to yocto@yoctoproject.org
-$ git config format.subjectPrefix meta-security][PATCH
+$ git config sendemail.to yocto@lists.yoctoproject.org
+$ git config format.subjectPrefix meta-security][zeus][PATCH
Now you can just do 'git send-email origin/master' to send all local patches.
--
2.17.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [meta-security][zeus][PATCH 7/9] libseccomp: upgrade 2.4.1 -> 2.4.2
2020-01-05 23:18 [meta-security][zeus][PATCH 1/9] cryptsetup tpm incubator: fix installed vs shipped Armpit
` (4 preceding siblings ...)
2020-01-05 23:18 ` [meta-security][zeus][PATCH 6/9] README: update mailing list to new groups.io Armpit
@ 2020-01-05 23:18 ` Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 8/9] libhtp: bugfix only update 0.5.32 Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 9/9] suricata: update to 4.1.6 Armpit
7 siblings, 0 replies; 9+ messages in thread
From: Armpit @ 2020-01-05 23:18 UTC (permalink / raw)
To: yocto; +Cc: Yi Zhao
From: Yi Zhao <yi.zhao@windriver.com>
Backport a patch to fix ptest build failure on arm64.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
...SNR_xxx-instead-of-__NR_xxx-for-sysc.patch | 45 +++++++++++++++++++
...ibseccomp_2.4.1.bb => libseccomp_2.4.2.bb} | 3 +-
2 files changed, 47 insertions(+), 1 deletion(-)
create mode 100644 recipes-security/libseccomp/files/0001-tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch
rename recipes-security/libseccomp/{libseccomp_2.4.1.bb => libseccomp_2.4.2.bb} (90%)
diff --git a/recipes-security/libseccomp/files/0001-tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch b/recipes-security/libseccomp/files/0001-tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch
new file mode 100644
index 0000000..a53433f
--- /dev/null
+++ b/recipes-security/libseccomp/files/0001-tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch
@@ -0,0 +1,45 @@
+From 1ecdddb2a5b61cf527d1f238f88a9d129239f87a Mon Sep 17 00:00:00 2001
+From: Paul Moore <paul@paul-moore.com>
+Date: Tue, 5 Nov 2019 15:11:11 -0500
+Subject: [PATCH] tests: rely on __SNR_xxx instead of __NR_xxx for syscalls
+
+We recently changed how libseccomp handles syscall numbers that are
+not defined natively, but we missed test #15.
+
+Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
+Signed-off-by: Paul Moore <paul@paul-moore.com>
+
+Upstream-Status: Backport
+[https://github.com/seccomp/libseccomp/commit/1ecdddb2a5b61cf527d1f238f88a9d129239f87a]
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ tests/15-basic-resolver.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/tests/15-basic-resolver.c b/tests/15-basic-resolver.c
+index 6badef1..0c1eefe 100644
+--- a/tests/15-basic-resolver.c
++++ b/tests/15-basic-resolver.c
+@@ -55,15 +55,15 @@ int main(int argc, char *argv[])
+ unsigned int arch;
+ char *name = NULL;
+
+- if (seccomp_syscall_resolve_name("open") != __NR_open)
++ if (seccomp_syscall_resolve_name("open") != __SNR_open)
+ goto fail;
+- if (seccomp_syscall_resolve_name("read") != __NR_read)
++ if (seccomp_syscall_resolve_name("read") != __SNR_read)
+ goto fail;
+ if (seccomp_syscall_resolve_name("INVALID") != __NR_SCMP_ERROR)
+ goto fail;
+
+ rc = seccomp_syscall_resolve_name_rewrite(SCMP_ARCH_NATIVE, "openat");
+- if (rc != __NR_openat)
++ if (rc != __SNR_openat)
+ goto fail;
+
+ while ((arch = arch_list[iter++]) != -1) {
+--
+2.17.1
+
diff --git a/recipes-security/libseccomp/libseccomp_2.4.1.bb b/recipes-security/libseccomp/libseccomp_2.4.2.bb
similarity index 90%
rename from recipes-security/libseccomp/libseccomp_2.4.1.bb
rename to recipes-security/libseccomp/libseccomp_2.4.2.bb
index 37a7982..07db82a 100644
--- a/recipes-security/libseccomp/libseccomp_2.4.1.bb
+++ b/recipes-security/libseccomp/libseccomp_2.4.2.bb
@@ -4,9 +4,10 @@ SECTION = "security"
LICENSE = "LGPL-2.1"
LIC_FILES_CHKSUM = "file://LICENSE;beginline=0;endline=1;md5=8eac08d22113880357ceb8e7c37f989f"
-SRCREV = "fb43972ea1aab24f2a70193fb7445c2674f594e3"
+SRCREV = "1b6cfd1fc0b7499a28c24299a93a80bd18619563"
SRC_URI = "git://github.com/seccomp/libseccomp.git;branch=release-2.4 \
+ file://0001-tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch \
file://run-ptest \
"
--
2.17.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [meta-security][zeus][PATCH 8/9] libhtp: bugfix only update 0.5.32
2020-01-05 23:18 [meta-security][zeus][PATCH 1/9] cryptsetup tpm incubator: fix installed vs shipped Armpit
` (5 preceding siblings ...)
2020-01-05 23:18 ` [meta-security][zeus][PATCH 7/9] libseccomp: upgrade 2.4.1 -> 2.4.2 Armpit
@ 2020-01-05 23:18 ` Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 9/9] suricata: update to 4.1.6 Armpit
7 siblings, 0 replies; 9+ messages in thread
From: Armpit @ 2020-01-05 23:18 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
recipes-ids/suricata/{libhtp_0.5.31.bb => libhtp_0.5.32.bb} | 0
1 file changed, 0 insertions(+), 0 deletions(-)
rename recipes-ids/suricata/{libhtp_0.5.31.bb => libhtp_0.5.32.bb} (100%)
diff --git a/recipes-ids/suricata/libhtp_0.5.31.bb b/recipes-ids/suricata/libhtp_0.5.32.bb
similarity index 100%
rename from recipes-ids/suricata/libhtp_0.5.31.bb
rename to recipes-ids/suricata/libhtp_0.5.32.bb
--
2.17.1
^ permalink raw reply [flat|nested] 9+ messages in thread
* [meta-security][zeus][PATCH 9/9] suricata: update to 4.1.6
2020-01-05 23:18 [meta-security][zeus][PATCH 1/9] cryptsetup tpm incubator: fix installed vs shipped Armpit
` (6 preceding siblings ...)
2020-01-05 23:18 ` [meta-security][zeus][PATCH 8/9] libhtp: bugfix only update 0.5.32 Armpit
@ 2020-01-05 23:18 ` Armpit
7 siblings, 0 replies; 9+ messages in thread
From: Armpit @ 2020-01-05 23:18 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
recipes-ids/suricata/suricata.inc | 6 +++---
.../suricata/{suricata_4.1.5.bb => suricata_4.1.6.bb} | 1 -
2 files changed, 3 insertions(+), 4 deletions(-)
rename recipes-ids/suricata/{suricata_4.1.5.bb => suricata_4.1.6.bb} (98%)
diff --git a/recipes-ids/suricata/suricata.inc b/recipes-ids/suricata/suricata.inc
index 1f4baff..3adbcf6 100644
--- a/recipes-ids/suricata/suricata.inc
+++ b/recipes-ids/suricata/suricata.inc
@@ -2,8 +2,8 @@ HOMEPAGE = "http://suricata-ids.org/"
SECTION = "security Monitor/Admin"
LICENSE = "GPLv2"
-VER = "4.1.5"
+VER = "4.1.6"
SRC_URI = "http://www.openinfosecfoundation.org/download/suricata-${VER}.tar.gz"
-SRC_URI[md5sum] = "0dfd68f6f4314c5c2eed7128112eff3b"
-SRC_URI[sha256sum] = "cee5f6535cd7fe63fddceab62eb3bc66a63fc464466c88ec7a41b7a1331ac74b"
+SRC_URI[md5sum] = "da5de1e8053f05cbd295793210117d34"
+SRC_URI[sha256sum] = "8441ac89016106459ade2112fcde58b3f789e4beb2fd8bfa081ffb75eec75fe0"
diff --git a/recipes-ids/suricata/suricata_4.1.5.bb b/recipes-ids/suricata/suricata_4.1.6.bb
similarity index 98%
rename from recipes-ids/suricata/suricata_4.1.5.bb
rename to recipes-ids/suricata/suricata_4.1.6.bb
index b2700d6..9b7122b 100644
--- a/recipes-ids/suricata/suricata_4.1.5.bb
+++ b/recipes-ids/suricata/suricata_4.1.6.bb
@@ -10,7 +10,6 @@ SRC_URI += " \
file://suricata.yaml \
file://suricata.service \
file://run-ptest \
- file://0001-af-packet-fix-build-on-recent-Linux-kernels.patch \
"
inherit autotools-brokensep pkgconfig python3-dir systemd ptest
--
2.17.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
end of thread, other threads:[~2020-01-05 23:18 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-01-05 23:18 [meta-security][zeus][PATCH 1/9] cryptsetup tpm incubator: fix installed vs shipped Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 2/9] meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.3.1.bb: add new udev dir to FILES and append EXTRA_OECONF Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 3/9] checksecurity: use more portable find args Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 4/9] clamav: add tmpfiles.d config Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 5/9] suricata: " Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 6/9] README: update mailing list to new groups.io Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 7/9] libseccomp: upgrade 2.4.1 -> 2.4.2 Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 8/9] libhtp: bugfix only update 0.5.32 Armpit
2020-01-05 23:18 ` [meta-security][zeus][PATCH 9/9] suricata: update to 4.1.6 Armpit
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.