From patchwork Mon Feb 21 21:14:53 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: akuster808 X-Patchwork-Id: 3959 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F3CF7C433EF for ; Mon, 21 Feb 2022 21:14:58 +0000 (UTC) Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) by mx.groups.io with SMTP id smtpd.web08.4625.1645478097588902480 for ; Mon, 21 Feb 2022 13:14:57 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=IZLzqpeS; spf=pass (domain: gmail.com, ip: 209.85.210.180, mailfrom: akuster808@gmail.com) Received: by mail-pf1-f180.google.com with SMTP id z15so4199497pfe.7 for ; Mon, 21 Feb 2022 13:14:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=wwq3eWQyM260gFJQy24b4HDdpDmPnjnueLUfc2E5a80=; b=IZLzqpeS9O93SA4zOLz5pWwpXgpEBHvYCfqaO0w2e6vyaHFgZj+kfv6+I0JA7wqGzK cjhzCfoXlVjq+CQZtLN+lhpY9k6jnFbhjZ5RthE1nPyCUztfRKN5t9fkA/A8861ZPOpv aodSsbZSsIvC5J1DVBQhfCVLNFe7a7yp8m3PF6UoTCo7+ROhTCeQE17EyKgS60LUa7Pr ryd3WadwpGSoAFE52m/CanhiJ+en0d81NmsUYAN1lOYMYp+l1Qm49Q21lOuvXmrEjzpR cbPODUPPBkLnGINKyBrFgAvIy/ohKiW+Iki9GE+NBnuWuNt24Ox+nYf831kbYjyF5djl IDmQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=wwq3eWQyM260gFJQy24b4HDdpDmPnjnueLUfc2E5a80=; b=uOUavhqHua1ZKND3HgEUP/h4Za7z8LPv8dF78wok4OdyUXtzfcVpeSYo29P9TgxPg7 UnQuCQEt7e/aSGxGmZAJV+vb9c7Q55qF3/5MZhFbnfTbdrDGuxjQk3W9tiijLxIR/j13 xUE9oGgxKiIc58TU5ylp1FVVp7RJEhZtqfdL/j+3chMY1iWV5MKq5poj29i44eVI3dl0 ARf/i6Hkl0a7GWjUnsp50krDE9s4fzC8YoRQlCj5/uK22YubyrBv4u4io5yOAgk0m2n/ GX6HRCa4h+nQiMMawHJXQbqIgaXmyfCmoIyzW41XveRigiWY2J5sHYspf7fSHBcMsFWA X+vQ== X-Gm-Message-State: AOAM531dENHAFl6UALBrTkT7fizmSEJgj8/imY9FR1M+s4yKZnYNxicG vJi+fnB7kC3kZOFGR15i5GcL1MBVsOI= X-Google-Smtp-Source: ABdhPJxC9899dYSQNro+1iX/uhBZyaCGlxCPx3n02gCe2sc5/QTgQpcTht08hNjIXlO/vqKg/G+f7Q== X-Received: by 2002:a05:6a00:889:b0:4e0:dcc3:5e06 with SMTP id q9-20020a056a00088900b004e0dcc35e06mr21703229pfj.29.1645478096832; Mon, 21 Feb 2022 13:14:56 -0800 (PST) Received: from keaua.caveonetworks.com ([2601:202:4180:a5c0:c5c2:4687:1c77:58fa]) by smtp.gmail.com with ESMTPSA id a9sm18827862pgb.56.2022.02.21.13.14.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 21 Feb 2022 13:14:56 -0800 (PST) From: Armin Kuster To: yocto@lists.yoctoproject.org Subject: [meta-security][PATCH 1/3] recipes: Use renamed SKIP_RECIPE varFlag Date: Mon, 21 Feb 2022 13:14:53 -0800 Message-Id: <20220221211455.1241096-1-akuster808@gmail.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 21 Feb 2022 21:14:58 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto/message/56224 Signed-off-by: Armin Kuster --- recipes-ids/tripwire/tripwire_2.4.3.7.bb | 2 +- recipes-security/libest/libest_3.2.0.bb | 2 +- recipes-security/opendnssec/opendnssec_2.1.10.bb | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/recipes-ids/tripwire/tripwire_2.4.3.7.bb b/recipes-ids/tripwire/tripwire_2.4.3.7.bb index 93cb443..5bb0e3e 100644 --- a/recipes-ids/tripwire/tripwire_2.4.3.7.bb +++ b/recipes-ids/tripwire/tripwire_2.4.3.7.bb @@ -74,4 +74,4 @@ FILES:${PN}-ptest += "${PTEST_PATH}/tests " RDEPENDS:${PN} += " perl nano msmtp cronie" RDEPENDS:${PN}-ptest = " perl lib-perl perl-modules " -PNBLACKLIST[tripwire] ?= "Upsteram project appears to be abondoned, fails to build with gcc11" +SKIP_RECIPE[tripwire] ?= "Upsteram project appears to be abondoned, fails to build with gcc11" diff --git a/recipes-security/libest/libest_3.2.0.bb b/recipes-security/libest/libest_3.2.0.bb index 41a4025..b4c6165 100644 --- a/recipes-security/libest/libest_3.2.0.bb +++ b/recipes-security/libest/libest_3.2.0.bb @@ -27,4 +27,4 @@ PACKAGES = "${PN} ${PN}-dbg ${PN}-dev" FILES:${PN} = "${bindir}/* ${libdir}/libest-3.2.0p.so" # https://github.com/cisco/libest/issues/104 -PNBLACKLIST[libest] ?= "Needs porting to openssl 3.x" +SKIP_RECIPE[libest] ?= "Needs porting to openssl 3.x" diff --git a/recipes-security/opendnssec/opendnssec_2.1.10.bb b/recipes-security/opendnssec/opendnssec_2.1.10.bb index 6b53711..64bacf1 100644 --- a/recipes-security/opendnssec/opendnssec_2.1.10.bb +++ b/recipes-security/opendnssec/opendnssec_2.1.10.bb @@ -33,4 +33,4 @@ do_install:append () { RDEPENDS:${PN} = "softhsm" -PNBLACKLIST[opendnssec] ?= "Needs porting to openssl 3.x" +SKIP_RECIPE[opendnssec] ?= "Needs porting to openssl 3.x" From patchwork Mon Feb 21 21:14:54 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: akuster808 X-Patchwork-Id: 3958 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0162FC433FE for ; Mon, 21 Feb 2022 21:14:58 +0000 (UTC) Received: from mail-pg1-f177.google.com (mail-pg1-f177.google.com [209.85.215.177]) by mx.groups.io with SMTP id smtpd.web08.4626.1645478098142686673 for ; Mon, 21 Feb 2022 13:14:58 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=oMD7nhc0; spf=pass (domain: gmail.com, ip: 209.85.215.177, mailfrom: akuster808@gmail.com) Received: by mail-pg1-f177.google.com with SMTP id 27so10072115pgk.10 for ; Mon, 21 Feb 2022 13:14:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=Tz+Q+7W2igPyuCNfiiRoYqegyOs7aobkXx5NPfmP9bc=; b=oMD7nhc01gcCUj3t8/pNZpYMaiDZ9NBrB56N7kcQtqXCT3mJITsdgoiRxHeASFUopH l7KCtJ8qa1mbh6ei9QZJMqUxKXD/5ewIyOGkDFQB6cTalx3fAhwDxeUdjK2Ss7Zeh0xD A/IwF50oNAuWwbfBoJnXnMFqNXIolvNky95oQMqCPu9Ji6MMMnoicVzLP874BxWClewJ QrTb2pzBF0IAcFOIFdYuVC4Eznx7hZsBCjzPwf3R3txIMszQCJCd81eBoHYwa7sW+yK1 +PdRD5/QWUN6f10o1Whc2Nl1V9sR80akfZruHCPR09TErB90dHgkJqxvDbXFcQuDeJUX 32sQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Tz+Q+7W2igPyuCNfiiRoYqegyOs7aobkXx5NPfmP9bc=; b=0+EkKsxj6MLJB5l1kHjobE1EmZJa1OaaPw2LnoMzdQ/Z3Gp2p6IIvFV1xqQgWnDbsS d31IdAHPNljDnFzBffPFUjgaT1Z7J1iqRd0EVJiMj1cXjOYOxp1TrOjqArYUQ/5I4hav Z15iKABSI0TXWol+ufMPC28y7BwvwtW76NSCf4CylibDDxPvJMYhUWgI/k/C4zcY2/W9 Kw1j7Nwg7aYZqtwtBGY4G5ZG1Oupgw3MI3BrbWvYpjUTaLnFw+6XyzyDZEKnp03C9by0 EDlmFK9JqxIaNVJ/4K4mwaInX3DVKeC5tJIu/wnMNaE9y9NZ2d4uBRy43Ufm7ZDXO7Cn PRWg== X-Gm-Message-State: AOAM531Qxcmo8It5o4NaVhagVGkI+7SuIjFX6sVmDvNCNVaI/bUKyQrG /ITQauCxJnxCM9G188LhkanwDeP0CUM= X-Google-Smtp-Source: ABdhPJzjv8Fowa5yNtF936ifuQcIgQF/uB2f7GayVdXJ/pkVMAKgnh1bPFLui9ViI3ekFGzG66kfIA== X-Received: by 2002:a65:6751:0:b0:363:43a5:c7e3 with SMTP id c17-20020a656751000000b0036343a5c7e3mr17338300pgu.46.1645478097567; Mon, 21 Feb 2022 13:14:57 -0800 (PST) Received: from keaua.caveonetworks.com ([2601:202:4180:a5c0:c5c2:4687:1c77:58fa]) by smtp.gmail.com with ESMTPSA id a9sm18827862pgb.56.2022.02.21.13.14.57 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 21 Feb 2022 13:14:57 -0800 (PST) From: Armin Kuster To: yocto@lists.yoctoproject.org Subject: [meta-security][PATCH 2/3] chipsec: fix WARNING Date: Mon, 21 Feb 2022 13:14:54 -0800 Message-Id: <20220221211455.1241096-2-akuster808@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220221211455.1241096-1-akuster808@gmail.com> References: <20220221211455.1241096-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 21 Feb 2022 21:14:58 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto/message/56225 distutils3.bbclass is deprecated, please use setuptools3.bbclass instead Signed-off-by: Armin Kuster --- recipes-security/chipsec/chipsec_git.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes-security/chipsec/chipsec_git.bb b/recipes-security/chipsec/chipsec_git.bb index e265a08..156be09 100644 --- a/recipes-security/chipsec/chipsec_git.bb +++ b/recipes-security/chipsec/chipsec_git.bb @@ -20,7 +20,7 @@ EXTRA_OEMAKE = "CC='${CC}' LDFLAGS='${LDFLAGS}' CFLAGS='${CFLAGS}'" DEPENDS = "virtual/kernel nasm-native python3-setuptools-native" RDEPENDS:${PN} += "python3 python3-modules" -inherit module distutils3 +inherit module setuptools3 do_compile:append() { cd ${S}/drivers/linux From patchwork Mon Feb 21 21:14:55 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: akuster808 X-Patchwork-Id: 3960 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id BE8CCC4332F for ; Mon, 21 Feb 2022 21:14:59 +0000 (UTC) Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by mx.groups.io with SMTP id smtpd.web12.4582.1645478099121220729 for ; Mon, 21 Feb 2022 13:14:59 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=gHvHzYmq; spf=pass (domain: gmail.com, ip: 209.85.214.178, mailfrom: akuster808@gmail.com) Received: by mail-pl1-f178.google.com with SMTP id w20so13856202plq.12 for ; Mon, 21 Feb 2022 13:14:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=p6Fgk2hG7x1A5Mk4TQo9EUNotrxWqdJoZPV4JudPbfk=; b=gHvHzYmqvmiAF75rrFXyt6Z/J2Sllh0gD167vpPWfZYnkr/fivw7kfneaNaK08mAUY Z2r3Tyfutn9a/8a7FrAtbsadg2auMGpzDCNajY+m5Dh9TopkFfPaKXwfb2mMNCnTj4G7 daOS9mWsxU7dpS7Md09iscQTWZ5X7xZQJzrg9pMAVh2+OT87nsUy1Xfow+rZSBXKot0B lHNwesWiGjFzGmd0hi2jajBqSGrjHFhXQqvqOFgnPTlFv89aaP3u2fz5iOqF674Ecd/F kbyI8hn7ogCmJi2NrtULkNQkyWXNf+xopA6mCvkNJ7XybFm5P2NhbgeKizXn3XRv+wqk RdVg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=p6Fgk2hG7x1A5Mk4TQo9EUNotrxWqdJoZPV4JudPbfk=; b=WBoEXFF6h7ZKVpS2z3e+Qd/7NhgD1lsGKDxCnAOv/585KG017ii/fqfC0XTRSvyOzz PMBgetpZxKvhrb9h8XmGokB0QSjgujzML4UTsWnbUDfXgs1CQGQ4D4LWWXMG+KBoBi0Z Ot1CyrNkTK7FwZOcDNt12cr3ClqoxdrOYKPEE5GQBTF7bCb2dwjcf1IwsUjiN6dU1wKC ZaTcSy586MLgSJVBl63xAl8kbBk3a8BTR7Ymw/X4Ehlvg/XTVbH07KY4HkTpAAuWRBkw XRuj8z4a2xuf4rtNipFeaIFQRfoF+P7YIQtpw7herjsL1i7ZA92rUuxLHedqZ/uZ/mxd aWPQ== X-Gm-Message-State: AOAM530+0Nbffx4243lhPErUFmkHMGalLKRAKiu8kRDL1bqqdsjn50Y5 GDXtcMzn0vlodzsOWfGmc1XH2JbFToI= X-Google-Smtp-Source: ABdhPJyzES5+tFxYHwCKgUyHZ5IZvVdHi4FP9aAhRCn++TPUAl93oQvO9qa3ldjGv8sWTaFNgK6ujg== X-Received: by 2002:a17:90a:c28a:b0:1bc:66fd:b398 with SMTP id f10-20020a17090ac28a00b001bc66fdb398mr774647pjt.153.1645478098317; Mon, 21 Feb 2022 13:14:58 -0800 (PST) Received: from keaua.caveonetworks.com ([2601:202:4180:a5c0:c5c2:4687:1c77:58fa]) by smtp.gmail.com with ESMTPSA id a9sm18827862pgb.56.2022.02.21.13.14.57 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 21 Feb 2022 13:14:57 -0800 (PST) From: Armin Kuster To: yocto@lists.yoctoproject.org Subject: [meta-security][PATCH 3/3] smack: Use new CVE_CHECK_IGNORE variable Date: Mon, 21 Feb 2022 13:14:55 -0800 Message-Id: <20220221211455.1241096-3-akuster808@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220221211455.1241096-1-akuster808@gmail.com> References: <20220221211455.1241096-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 21 Feb 2022 21:14:59 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto/message/56226 Signed-off-by: Armin Kuster --- recipes-mac/smack/smack_1.3.1.bb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/recipes-mac/smack/smack_1.3.1.bb b/recipes-mac/smack/smack_1.3.1.bb index 79a8f5a..7a8ca78 100644 --- a/recipes-mac/smack/smack_1.3.1.bb +++ b/recipes-mac/smack/smack_1.3.1.bb @@ -14,9 +14,9 @@ SRC_URI = " \ PV = "1.3.1" # CVE-2014-0363, CVE-2014-0364, CVE-2016-10027 is valnerble for other product. -CVE_CHECK_WHITELIST += "CVE-2014-0363" -CVE_CHECK_WHITELIST += "CVE-2014-0364" -CVE_CHECK_WHITELIST += "CVE-2016-10027" +CVE_CHECK_IGNORE += "CVE-2014-0363" +CVE_CHECK_IGNORE += "CVE-2014-0364" +CVE_CHECK_IGNORE += "CVE-2016-10027" inherit autotools update-rc.d pkgconfig ptest inherit ${@bb.utils.contains('VIRTUAL-RUNTIME_init_manager','systemd','systemd','', d)}