- Nov 04, 2014
-
-
Chong Lu authored
This solves the following warning: squid-3.4.7: squid requires /bin/bash, /usr/bin/perl, but no providers in its RDEPENDS [file-rdeps] Signed-off-by:
Chong Lu <Chong.Lu@windriver.com> Signed-off-by:
Joe MacDonald <joe_macdonald@mentor.com>
-
Chong Lu authored
This solves the following warning: polarssl-1.3.8: polarssl: Files/directories were installed but not shipped /usr/lib /usr/lib/libpolarssl.so.1.3.8 /usr/lib/libpolarssl.so.7 /usr/lib/libpolarssl.so /usr/lib/libpolarssl.a /usr/lib/.debug /usr/lib/.debug/libpolarssl.so.1.3.8 [installed-vs-shipped] polarssl-1.3.8: polarssl requires libpolarssl.so.7()(64bit), but no providers in its RDEPENDS [file-rdeps] Signed-off-by:
-
Roy Li authored
snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3565 Signed-off-by:
Roy Li <rongqing.li@windriver.com> Signed-off-by:
-
Chen Qi authored
Fix the service so that the ntpd daemon is run under ntp:ntp. Signed-off-by:
Chen Qi <Qi.Chen@windriver.com> Acked-by:
Peter A. Bigot <pab@pabigot.com> Signed-off-by:
-
Chong Lu authored
This solves the following warning: lib32-ntp-4.2.6p5: lib32-ntp: Files/directories were installed but not shipped /lib/systemd/system/sntp.service [installed-vs-shipped] Signed-off-by:
-
- Oct 31, 2014
-
-
Chong.Lu@windriver.com authored
The configure.initd.gentoo script is used for gentoo, it is invalid for oe. So remove it to solve the following warning: webmin-1.700: webmin-module-ajaxterm requires /sbin/runscript, but no providers in its RDEPENDS [file-rdeps] Signed-off-by: -
Roy Li authored
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the (1) table search or (2) table structure page, related to libraries/TableSearch.class.php and libraries/Util.class.php. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7217 Signed-off-by:
-
Roy Li authored
Cross-site scripting (XSS) vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5274 Signed-off-by:
-
Roy Li authored
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) browse table page, related to js/sql.js; (2) ENUM editor page, related to js/functions.js; (3) monitor page, related to js/server_status_monitor.js; (4) query charts page, related to js/tbl_chart.js; or (5) table relations page, related to libraries/tbl_relation.lib.php. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5273 Signed-off-by:
-
Kang Kai authored
The patch comes from upstream: http://svn.apache.org/viewvc?view=revision&revision=1610674 SECURITY (CVE-2014-0117): Fix a crash in mod_proxy. In a reverse proxy configuration, a remote attacker could send a carefully crafted request which could crash a server process, resulting in denial of service. Thanks to Marek Kroemeke working with HP's Zero Day Initiative for reporting this issue. Submitted by: Edward Lu, breser, covener Signed-off-by:
Zhang Xiao <xiao.zhang@windriver.com> Signed-off-by:
Kai Kang <kai.kang@windriver.com>
-
- Oct 30, 2014
-
-
Ben Shelton authored
In the commit 'openvpn: use default iproute2 path', the configure flag to explicitly set the iproute2 path was removed, since busybox now provides the 'ip' applet at the default path. However, setting this flag is necessary to bypass the configure-time check for /sbin/ip on the host, which will otherwise fail if iproute2 is not installed on the host. Add back the flag (pointing to the correct path), and add a comment to describe why this is necessary. Signed-off-by:
Ben Shelton <ben.shelton@ni.com> Signed-off-by:
Martin Jansa <Martin.Jansa@gmail.com>
-
MiLo authored
Tested and in use for a while in OpenPLi. Signed-off-by:
Mike Looijmans <milo-software@users.sourceforge.net> Signed-off-by:
-
Roy.Li authored
inherit texinfo to use native command instead of host command Signed-off-by:
-
Chong.Lu@windriver.com authored
This solves the following warning: syslog-ng-3.5.4.1: syslog-ng requires /usr/bin/awk, but no providers in its RDEPENDS [file-rdeps] Signed-off-by:
-
Chong.Lu@windriver.com authored
This solves the following warning: libhugetlbfs-2.18: libhugetlbfs-tests requires /bin/bash, but no providers in its RDEPENDS [file-rdeps] libhugetlbfs-2.18: libhugetlbfs requires /bin/bash, /usr/bin/perl, but no providers in its RDEPENDS [file-rdeps] Signed-off-by:
-
Hongjun.Yang authored
Signed-off-by:
Hongjun.Yang <hongjun.yang@windriver.com> Signed-off-by:
-
Khem Raj authored
original uri seems to be down now Signed-off-by:
Khem Raj <raj.khem@gmail.com> Signed-off-by:
-
Cristian Iorga authored
- Added icu and boost as dependencies; Signed-off-by:
Cristian Iorga <ubik3000@gmail.com> Signed-off-by:
Cristian Iorga <cristian.iorga@intel.com> Signed-off-by:
-
Cristian Iorga authored
Signed-off-by:
-
Cristian Iorga authored
MPD stable download location will contain only the latest stable branch, so fetch will not work in case of an older OE recipe. i.e., mpd 0.18.x recipe will no longer work after 0.19 branch is released (as it is the case now). Signed-off-by:
-
Yue Tao authored
Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3597 Signed-off-by:
Yue Tao <Yue.Tao@windriver.com> Signed-off-by:
-
Yue Tao authored
Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3587 Signed-off-by:
-
Yue Tao authored
gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) imagewebp function. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5120 Signed-off-by:
-
Chong.Lu@windriver.com authored
This solves the following warning: WARNING: QA Issue: squid rdepends on libnetfilter-conntrack, but it isn't a build dependency? [build-deps] Signed-off-by:
-
Hongjun.Yang authored
Add ptest supports for tcpdump Signed-off-by:
-
Chad Nelson authored
Signed-off-by:
Chad Nelson <cnelson@agleader.com> Signed-off-by:
-
- Oct 27, 2014
-
-
A. Varnin authored
TinyXML-2 is a rewrite of TinyXML-1. It provides some advantages over the original. They are covered on the homepage. (http://www.grinninglizard.com/tinyxml2/ ) Signed-off-by:
A. Varnin <fenixk19@mail.ru> Signed-off-by:
-
Paul Barker authored
The patch applied to toybox is rebased onto the new release and updated. Signed-off-by:
Paul Barker <paul@paulbarker.me.uk> Signed-off-by:
-
Paul Barker authored
Signed-off-by:
-
Martin Jansa authored
Signed-off-by: -
-
Martin Jansa authored
* announcements: https://phab.enlightenment.org/phame/live/3/post/terminology_0_6_codename_space_shuttle_just_took_off/ https://phab.enlightenment.org/phame/live/3/post/terminology_0_6_1/ https://phab.enlightenment.org/phame/live/3/post/terminology_0_7/ Signed-off-by:
-
Jackie Huang authored
* disabled by default * fixes: ruby/1.9.3-p547-r1.0/ruby-1.9.3-p547/gc.c:43:32:fatal error: valgrind/memcheck.h: No such file or directory Signed-off-by:
Jackie Huang <jackie.huang@windriver.com> Signed-off-by:
-
A. Varnin authored
Log4c is logging library for C (http://log4c.sourceforge.net/ ) Signed-off-by:
-
Andreas Müller authored
Tested with gumstix overo as access point and connected windows pc and android smartphone. Note that there are are some settings available for AP which do not make sense - see [1] for further details. [1] https://bugzilla.gnome.org/show_bug.cgi?id=734589#c6 Signed-off-by:
Andreas Müller <schnitzeltony@googlemail.com> Signed-off-by:
-
Andreas Müller authored
* set correct path for dnsmasq * add dnsmasq to RRECOMMENDS this popped up when testing access point enabled for network-manager-applet Signed-off-by:
-
Andreas Müller authored
Signed-off-by:
-
Andreas Müller authored
with 1.2.0 pressing power button shuts down independent of the setting in xfce4-power-manager Signed-off-by:
-
Wenzong Fan authored
This change is used for fixing cmd path in rsnapshot.conf.default. The options --without-* disable checking command * on host and get the default path used, otherwise the host path will be injected into target configs. The runtime dependencies to ssh, logger, cp, du are optional and could be customized in rsnapshot.conf, so it's not needed that using PACKAGECONFIG to define the runtime dependencies. Signed-off-by:
Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by:
-
Eduardo Silva authored
This patch add the new Monkey HTTP Server v1.5.4. For more details about software changes please visit: http://monkey-project.com/Announcements/v1.5.4 === Build Tests == This version have been tested on Yocto/Daisy based on RPM. monkey-yocto/a617991e40bd5c3779ad7b3689f78857d3e45248 Signed-off-by:Eduardo Silva <eduardo@monkey.io> Signed-off-by:
-
