From patchwork Sat Jun 4 19:02:26 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: akuster808 X-Patchwork-Id: 8861 X-Patchwork-Delegate: akuster808@gmail.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5ABE7C433EF for ; Sat, 4 Jun 2022 19:04:42 +0000 (UTC) Received: from mail-pf1-f174.google.com (mail-pf1-f174.google.com [209.85.210.174]) by mx.groups.io with SMTP id smtpd.web09.13189.1654369475529004421 for ; Sat, 04 Jun 2022 12:04:35 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=GmP30e+I; spf=pass (domain: gmail.com, ip: 209.85.210.174, mailfrom: akuster808@gmail.com) Received: by mail-pf1-f174.google.com with SMTP id x4so1034911pfj.10 for ; Sat, 04 Jun 2022 12:04:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=6AeLROnsbTHBsQBnksNoZmASDLMo/kGBdX9w66bS8sg=; b=GmP30e+IMVpwALhWymhzbBdNkR1nKiOvj3FgXl+hUsUCEvLAfpHM5CQMq0mWbUPoha IXPTlAoQAOcTves1RRyNncMTqsuedjvVKRbCQBHS+gfw7bNPi0umRf8qLJgpDkyBx2DR achGZrr/hj+eYsRxSy+ieUtQEtnQONGcN6ktHMQioLsTNKB1oGEvDabs3+YkPD/b/h+j Y4+bJTs7C53Ymkmegte5lo/1OLcpVB6wuxYhtu25oaGbAiXmW7CG57cDpKu0WsU9+0E2 F3cTjKm5yciuYqyPiWcSVSXBuSdkmW0vGKdIpNDCm4LTNrMaUnFbx2ei13/3Lpx2Mnrm VQ1w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=6AeLROnsbTHBsQBnksNoZmASDLMo/kGBdX9w66bS8sg=; b=j7Uhk9gZDXlj1odeT76msz0UcuMU4nqLX7cRh6/iJGPbOOK5zyWVBafKK5pzLNOLgW OQ1I401wkqLpHE+H0LCG1hCIZPYH/cFEtKVY8R3LfRMSm+7QlFitQ9mYETA2UBZSgTGE z0Y+WA0oOArkrdkkIXa9o1mhXnVDTd03SoYs57BKIU9h39I217W70syUl+CW7jly1Dgu 3+HKLrX/SkuFF72Y/Lg49Tmj4M7xECn1PiEvief3REmSsf/mmpPltouBvEUsna4hmf5p gszQl1XeQs0C4aR3vHb6eMYTs8CcZQGHf51US7PbYvhRV2OzCsgkN3KkrXrzH1K00HMJ gmxQ== X-Gm-Message-State: AOAM532+xNmbO9zJ/XsayYsA5XHUyU0Q+6+vYZ07jLY68dS+FQeIHPvq QdKTb/HtpK9STHegwWGtQETQb7k7/XM= X-Google-Smtp-Source: ABdhPJz2uCGaffzcCugfyXIUhiHZLmzYnobk3U3BUydf3IheXhRqUsX4BFw//PakqDwoCqC0m3GBjA== X-Received: by 2002:a05:6a00:23c4:b0:51c:5e8:e8a9 with SMTP id g4-20020a056a0023c400b0051c05e8e8a9mr602863pfc.62.1654369474530; Sat, 04 Jun 2022 12:04:34 -0700 (PDT) Received: from keaua.caveonetworks.com (c-67-181-203-136.hsd1.ca.comcast.net. [67.181.203.136]) by smtp.gmail.com with ESMTPSA id u1-20020a1709026e0100b0015e8d4eb231sm7633298plk.123.2022.06.04.12.04.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 04 Jun 2022 12:04:32 -0700 (PDT) From: Armin Kuster To: yocto@lists.yoctoproject.org Subject: [meta-security][PATCH 1/5] arpwatch: riscv not supported Date: Sat, 4 Jun 2022 12:02:26 -0700 Message-Id: <20220604190230.3700475-1-akuster808@gmail.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 04 Jun 2022 19:04:42 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto/message/57259 exclude this arch for compat list Signed-off-by: Armin Kuster --- recipes-scanners/arpwatch/arpwatch_3.1.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/recipes-scanners/arpwatch/arpwatch_3.1.bb b/recipes-scanners/arpwatch/arpwatch_3.1.bb index c8d31cf..3d8c5ae 100644 --- a/recipes-scanners/arpwatch/arpwatch_3.1.bb +++ b/recipes-scanners/arpwatch/arpwatch_3.1.bb @@ -80,4 +80,7 @@ CONFFILE_FILES = "${sysconfdir}/${PN}.conf" FILES:${PN} = "${bindir} ${sbindir} ${prefix}/etc/rc.d \ ${sysconfdir} /var/lib/arpwatch" +COMPATIBLE_HOST:riscv32 = "null" +COMPATIBLE_HOST:riscv64 = "null" + RDEPENDS:${PN} = "libpcap" From patchwork Sat Jun 4 19:02:27 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: akuster808 X-Patchwork-Id: 8860 X-Patchwork-Delegate: akuster808@gmail.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 67EF1CCA482 for ; Sat, 4 Jun 2022 19:04:42 +0000 (UTC) Received: from mail-pg1-f179.google.com (mail-pg1-f179.google.com [209.85.215.179]) by mx.groups.io with SMTP id smtpd.web10.13089.1654369477862308897 for ; Sat, 04 Jun 2022 12:04:37 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=YKwuww1H; spf=pass (domain: gmail.com, ip: 209.85.215.179, mailfrom: akuster808@gmail.com) Received: by mail-pg1-f179.google.com with SMTP id y187so9753488pgd.3 for ; Sat, 04 Jun 2022 12:04:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=Ntx3xjw2niW58hcBCJhy9yfD7acWUsTqzw3jM0Nqgzw=; b=YKwuww1H3n+qODHJRpO2cnBY99XIrYCQncwjMPEDwUWyflO/JidsFxzb+Rer/TPc1j joe3t8QrmqB4nKEcpzt4LRnKnv/6rsy96F0ODHkp4ZdEge6V5Om22Gl2nFvMHjEkGs6J nGCzPRUID1KDs1CM6SVW6/uL72IlY9DY7h2KADmG9c9E+kN/hIw+Jm9lJouW5FXVLvre UH3rj3pRfE+uBLVAIUOQFW/SWKhf7dIGzVXi0VFMVTLG6Glhiq+UB93KCyhGpGo5/8DV SDQpWPuPggakQIyz4pbfYP6kw1aE3Q5hQlvMTyAhSb3Iue9wScm1bbGdoGIy4mW7E/WR 42Hw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Ntx3xjw2niW58hcBCJhy9yfD7acWUsTqzw3jM0Nqgzw=; b=KjCke1EapU/ADWUbWFWrChEDGMZyhAqw7mGd7wF9Kwsf9S26lxGnbY5nnjw470rt7n 7iDGGEj/cslIcCZGyFnWqD80KfdYFY1uO0s2+Eh4+KQHn2biAkfsU9DhiBoqrK8zM9MZ MZm98HIb3gn8xmd61Xb4D05BVUmkANF0GcKF2qwusJZ091g9P2xwsnHznuvkVrmtLPah G4VBxGrB6gUQbqkrAXnCWA9U1yNQ01GXCJ2vYkUGg9ls0ElmE7vlx2h1uwQMT2dQ01Or bZcUnotprbViMXC14EFMgsznl24C5tEp2+aZW7lf791KL3QyyIUw/ZuVRPbU+Soa7D4G FH3A== X-Gm-Message-State: AOAM533S/czyqbTBmJw5zYY+mbDgOZeCE25Rj6CpSZmWCBaUKgnFPgYI vwkogkEjWnIQN+4g1sezPnb1ahjzB3I= X-Google-Smtp-Source: ABdhPJwyvyE1WMWQ2rNYyy78eacBGFPh4pmNNYBes1b1CZzh5fMDANXBsPr4qc3cseYm8NrjR+kHsQ== X-Received: by 2002:a63:e348:0:b0:3db:7729:c0fe with SMTP id o8-20020a63e348000000b003db7729c0femr13700763pgj.482.1654369476976; Sat, 04 Jun 2022 12:04:36 -0700 (PDT) Received: from keaua.caveonetworks.com (c-67-181-203-136.hsd1.ca.comcast.net. [67.181.203.136]) by smtp.gmail.com with ESMTPSA id u1-20020a1709026e0100b0015e8d4eb231sm7633298plk.123.2022.06.04.12.04.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 04 Jun 2022 12:04:35 -0700 (PDT) From: Armin Kuster To: yocto@lists.yoctoproject.org Subject: [meta-security][PATCH 2/5] packagegroup-core-security: drop arpwatch for riscv from pkg grp Date: Sat, 4 Jun 2022 12:02:27 -0700 Message-Id: <20220604190230.3700475-2-akuster808@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220604190230.3700475-1-akuster808@gmail.com> References: <20220604190230.3700475-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 04 Jun 2022 19:04:42 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto/message/57260 Signed-off-by: Armin Kuster --- recipes-core/packagegroup/packagegroup-core-security.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes-core/packagegroup/packagegroup-core-security.bb b/recipes-core/packagegroup/packagegroup-core-security.bb index b20ef31..40ff06b 100644 --- a/recipes-core/packagegroup/packagegroup-core-security.bb +++ b/recipes-core/packagegroup/packagegroup-core-security.bb @@ -42,7 +42,7 @@ RDEPENDS:packagegroup-security-utils = "\ SUMMARY:packagegroup-security-scanners = "Security scanners" RDEPENDS:packagegroup-security-scanners = "\ - arpwatch \ + ${@bb.utils.contains_any("TUNE_FEATURES", "riscv32 riscv64", "", " arpwatch",d)} \ chkrootkit \ isic \ ${@bb.utils.contains_any("TUNE_FEATURES", "riscv32 riscv64", "", " clamav clamav-daemon clamav-freshclam",d)} \ From patchwork Sat Jun 4 19:02:28 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: akuster808 X-Patchwork-Id: 8863 X-Patchwork-Delegate: akuster808@gmail.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 63B3BC43334 for ; Sat, 4 Jun 2022 19:04:42 +0000 (UTC) Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) by mx.groups.io with SMTP id smtpd.web09.13190.1654369479388934927 for ; Sat, 04 Jun 2022 12:04:39 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=DCUrg3ia; spf=pass (domain: gmail.com, ip: 209.85.214.181, mailfrom: akuster808@gmail.com) Received: by mail-pl1-f181.google.com with SMTP id q18so9138537pln.12 for ; Sat, 04 Jun 2022 12:04:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=YYPJH9XZSGlZXpbO6gECqjE99O2z8DVO9hVBNuhxkig=; b=DCUrg3iaDBp3hEs9XgsI/5ZC0MSw4nCFWt9iOqwiKHq9yLn/p1ySEqTbhPg+ZIaM3S znPuSmD5/mDcirQ85eh8RK+aCmxPwsWQOUx+7ggbGVAN3ru31VYj9gvgARX6DzmN1EWm Oft1i20gOTdjOUPpVk3K1r6NNEWx/wZvSLcN9Ljo6ECYYPwFJ+nQazIqHgmNUfdogGvG 0o4VSXylbNyIBLSBFnSgfNkmSMtnJ0ZQ1JIH56RiZEOzAuJNcnwK0DdGqc1dAsE+Cn2Y HGI/jFyAR9rqDBkPNAe+3WsI+UBl3vuelbejXTih2uzRjTsT+qVGX3etyIczFZO0Gwqj CtGg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=YYPJH9XZSGlZXpbO6gECqjE99O2z8DVO9hVBNuhxkig=; b=PtRfaDHY8h7DEr+mpNv6MXw+3Iw8u78kF9pTMa3j/njKZbMl2LyQGZsd0QtYtUHmIE ocgY/E+eKGLZdDyV6nODJbx/NP7R5whu5FJ4SHviCrP5C4/yRDhGc0VT/AeCg144nlt5 brq9JU64JFDqF50gikXTMzDHD54oahBwXvPZ6KL/nM6R73h+b0YuRj9ZV+BlAlz3HxUB 7NOxuyHQsOd6tdcKwwu05RT0CQEkDSLOy2DgHQKhifTbTZIRLROuCTlJlarU6bzvD8Dm iKdTufC/JeUTMK44bq1sjiNs3QYkj2W/7z7HhJw7FDUlqAuNSXY5pk1W/Tesu6SazwQp hx0g== X-Gm-Message-State: AOAM532RLWskuHx+2tLJiA5RlyXcG2W3lMC6dAQQinAtBzaDDhw1CTl3 D6HgqmhUVQkNadzIpKxpDrH4OLGi6QY= X-Google-Smtp-Source: ABdhPJxJJNbYmUjCS3JRIATtHmXk2stqjwL+WbOYs1JLx7tRyzZJ6K+yfQ6CzYYQ2d95HgvBis+8Jw== X-Received: by 2002:a17:90b:4b4b:b0:1dc:8724:3f75 with SMTP id mi11-20020a17090b4b4b00b001dc87243f75mr51632826pjb.178.1654369478472; Sat, 04 Jun 2022 12:04:38 -0700 (PDT) Received: from keaua.caveonetworks.com (c-67-181-203-136.hsd1.ca.comcast.net. [67.181.203.136]) by smtp.gmail.com with ESMTPSA id u1-20020a1709026e0100b0015e8d4eb231sm7633298plk.123.2022.06.04.12.04.37 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 04 Jun 2022 12:04:37 -0700 (PDT) From: Armin Kuster To: yocto@lists.yoctoproject.org Subject: [meta-security][PATCH 3/5] chkrootkit: Fix missing includes for musl Date: Sat, 4 Jun 2022 12:02:28 -0700 Message-Id: <20220604190230.3700475-3-akuster808@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220604190230.3700475-1-akuster808@gmail.com> References: <20220604190230.3700475-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 04 Jun 2022 19:04:42 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto/message/57261 Signed-off-by: Armin Kuster --- recipes-scanners/rootkits/chkrootkit_0.55.bb | 3 +- .../rootkits/files/musl_fix.patch | 58 +++++++++++++++++++ 2 files changed, 60 insertions(+), 1 deletion(-) create mode 100644 recipes-scanners/rootkits/files/musl_fix.patch diff --git a/recipes-scanners/rootkits/chkrootkit_0.55.bb b/recipes-scanners/rootkits/chkrootkit_0.55.bb index 4293aec..fe0e989 100644 --- a/recipes-scanners/rootkits/chkrootkit_0.55.bb +++ b/recipes-scanners/rootkits/chkrootkit_0.55.bb @@ -5,7 +5,8 @@ SECTION = "security" LICENSE = "BSD-2-Clause" LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=fdbe53788f7081c63387d8087273f5ff" -SRC_URI = "http://archive.ubuntu.com/ubuntu/pool/universe/c/${BPN}/${BPN}_${PV}.orig.tar.gz" +SRC_URI = "http://archive.ubuntu.com/ubuntu/pool/universe/c/${BPN}/${BPN}_${PV}.orig.tar.gz \ + file://musl_fix.patch" SRC_URI[sha256sum] = "a81c0286ec449313f953701202a00e81b204fc2cf43e278585a11c12a5e0258b" inherit autotools-brokensep diff --git a/recipes-scanners/rootkits/files/musl_fix.patch b/recipes-scanners/rootkits/files/musl_fix.patch new file mode 100644 index 0000000..a33523b --- /dev/null +++ b/recipes-scanners/rootkits/files/musl_fix.patch @@ -0,0 +1,58 @@ +chkrootkit: Fix missing includes for musl + + +Upstream-Status: Backport +https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=07737b95af2452c0055e1ed0660590c1487befdb +https://bugs.gentoo.org/715552 + +Signed-off-by: Armin Kuster + +Index: chkrootkit-0.55/chkdirs.c +=================================================================== +--- chkrootkit-0.55.orig/chkdirs.c ++++ chkrootkit-0.55/chkdirs.c +@@ -33,7 +33,7 @@ + #elif defined(__APPLE__) && defined(__MACH__) + #include + #endif +- ++#include + #include + #include + #include +Index: chkrootkit-0.55/chklastlog.c +=================================================================== +--- chkrootkit-0.55.orig/chklastlog.c ++++ chkrootkit-0.55/chklastlog.c +@@ -41,6 +41,7 @@ int main () { return 0; } + #include + #endif + #include ++#include + #include + #include + #include +Index: chkrootkit-0.55/chkproc.c +=================================================================== +--- chkrootkit-0.55.orig/chkproc.c ++++ chkrootkit-0.55/chkproc.c +@@ -65,6 +65,7 @@ int main (){ return 0; } + #include + #include + #include ++#include + #include + #include + #include +Index: chkrootkit-0.55/chkwtmp.c +=================================================================== +--- chkrootkit-0.55.orig/chkwtmp.c ++++ chkrootkit-0.55/chkwtmp.c +@@ -25,6 +25,7 @@ int main () { return 0; } + #include + #include + #include ++#include + #include + #include + #include From patchwork Sat Jun 4 19:02:29 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: akuster808 X-Patchwork-Id: 8862 X-Patchwork-Delegate: akuster808@gmail.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5C73FCCA47F for ; Sat, 4 Jun 2022 19:04:42 +0000 (UTC) Received: from mail-pg1-f169.google.com (mail-pg1-f169.google.com [209.85.215.169]) by mx.groups.io with SMTP id smtpd.web11.13187.1654369481335005598 for ; Sat, 04 Jun 2022 12:04:41 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=eeaWjszp; spf=pass (domain: gmail.com, ip: 209.85.215.169, mailfrom: akuster808@gmail.com) Received: by mail-pg1-f169.google.com with SMTP id x12so9728897pgj.7 for ; Sat, 04 Jun 2022 12:04:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=MaXtGSZArdK04gNUrBn/0//5nuiNQk+CnpmYeTr+S48=; b=eeaWjszpQIQBe9MnZo3Hq5dyT1XKQaT0fc2R+eM/0MVZRYkIU1aDagUvkp6Ba+Zglw 6r37j5hMyytcNWADuXQVXeZF/O1rSmcctBTfiMvvBhDUmfr6OJzCDvqvLC3jl2MZI+Jf sMu6i72tKC6bXSHBnEYY3UUUi+FdVxltdqeFFSqSA6fldV4EEIIZpz54MvOCPd+uo2GH Me8jh4ooE/1CbC1VYKWaMH3IPS1N094bGin0veSsf3VOmlxf/6p/eHFoZCS/Hx6SQchf VUPMrFQfla79OSHp0M4jcDEd7yFbutUGATNdHABeVG0yHSpIFBI7LzLSteMsUHjfpymV HIjQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=MaXtGSZArdK04gNUrBn/0//5nuiNQk+CnpmYeTr+S48=; b=77p2pEFLAZZJjMGlx/RTCtc6jNhhuAn4gWEiGyw0IJLE1D+s2JIWupwtT0O2X+EnAg mR7+WcVnPfAfxL+0iUmXQAQhvuUoGb7iiFN/Zl9guEnI6L2FXRuxthBnu6J8aZ6p2pxh cEKRpkiTR9vVvO6+sp4gWDPH8oPcs/dcJE1WN6I8tIA7N3UYSVl1WQFL8vJ9TzT6sra3 szZeb37F4m87/0ezsL6/b00t3yO1npSGMt/nZ87rP6r/yCOOpyN+DcNsPg98JeWZEM9w D+nSWhc7y4FCLx5jUOVhEo3wlM8tMyzZvVSp8BixL0B2Op8JWCxJDm9+VeMIo8jTzbcR kJRw== X-Gm-Message-State: AOAM531OY2qgSXIGUJyMV5gG+G43b5qsFoFrlJ9Edri0KfaZbVIFcSA+ XDwYII90fPjuWImqyBlF+zbJpjrJjTY= X-Google-Smtp-Source: ABdhPJzh/g56Tbd/3vNplSZgAyNoaTnDWzC7qTBrKRs/iCRyVoKrXNJHwsoI7Impn0gMmVOsiLlfSw== X-Received: by 2002:a63:296:0:b0:3fc:aa42:5e8b with SMTP id 144-20020a630296000000b003fcaa425e8bmr13866376pgc.519.1654369480432; Sat, 04 Jun 2022 12:04:40 -0700 (PDT) Received: from keaua.caveonetworks.com (c-67-181-203-136.hsd1.ca.comcast.net. [67.181.203.136]) by smtp.gmail.com with ESMTPSA id u1-20020a1709026e0100b0015e8d4eb231sm7633298plk.123.2022.06.04.12.04.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 04 Jun 2022 12:04:39 -0700 (PDT) From: Armin Kuster To: yocto@lists.yoctoproject.org Subject: [meta-security][PATCH 4/5] arpwatch: update to 3.3 Date: Sat, 4 Jun 2022 12:02:29 -0700 Message-Id: <20220604190230.3700475-4-akuster808@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220604190230.3700475-1-akuster808@gmail.com> References: <20220604190230.3700475-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 04 Jun 2022 19:04:42 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto/message/57262 not compatible with musl Signed-off-by: Armin Kuster --- .../arpwatch/{arpwatch_3.1.bb => arpwatch_3.3.bb} | 9 +++++---- recipes-scanners/arpwatch/files/host_contam_fix.patch | 8 ++++---- 2 files changed, 9 insertions(+), 8 deletions(-) rename recipes-scanners/arpwatch/{arpwatch_3.1.bb => arpwatch_3.3.bb} (90%) diff --git a/recipes-scanners/arpwatch/arpwatch_3.1.bb b/recipes-scanners/arpwatch/arpwatch_3.3.bb similarity index 90% rename from recipes-scanners/arpwatch/arpwatch_3.1.bb rename to recipes-scanners/arpwatch/arpwatch_3.3.bb index 3d8c5ae..8efb339 100644 --- a/recipes-scanners/arpwatch/arpwatch_3.1.bb +++ b/recipes-scanners/arpwatch/arpwatch_3.3.bb @@ -1,7 +1,7 @@ SUMARRY = "The ethernet monitor program; for keeping track of ethernet/ip address pairings" LICENSE = "BSD-4-Clause" HOME_PAGE = "http://ee.lbl.gov/" -LIC_FILES_CHKSUM = "file://configure;md5=74ca964ed34fda7b46c6fe3e50bded9d" +LIC_FILES_CHKSUM = "file://configure;md5=0f6cca2f69f384a14e2f5803210ca92e" DEPENDS += "libpcap" @@ -9,10 +9,10 @@ SRC_URI = "https://ee.lbl.gov/downloads/arpwatch/${BP}.tar.gz \ file://arpwatch.conf \ file://arpwatch.default \ file://arpwatch_init \ - file://postfix_workaround.patch \ - file://host_contam_fix.patch " + file://host_contam_fix.patch \ + " -SRC_URI[sha256sum] = "ee1d15d9a07952c0c017908b9dbfd5ac988fed0058c3cc4fa6c13e0be36f3a9f" +SRC_URI[sha256sum] = "d47fa8b291fc37a25a2d0f3e1b64f451dc0be82d714a10ffa6ef8b0b9e33e166" inherit autotools-brokensep update-rc.d useradd @@ -82,5 +82,6 @@ FILES:${PN} = "${bindir} ${sbindir} ${prefix}/etc/rc.d \ COMPATIBLE_HOST:riscv32 = "null" COMPATIBLE_HOST:riscv64 = "null" +OMPATIBLE_HOST:libc-musl = "null" RDEPENDS:${PN} = "libpcap" diff --git a/recipes-scanners/arpwatch/files/host_contam_fix.patch b/recipes-scanners/arpwatch/files/host_contam_fix.patch index 7d7ffac..2e27aa4 100644 --- a/recipes-scanners/arpwatch/files/host_contam_fix.patch +++ b/recipes-scanners/arpwatch/files/host_contam_fix.patch @@ -4,11 +4,11 @@ Upstream-Status: Inappropriate [embedded specific] Signed-off-by: Armin Kuster -Index: arpwatch-3.0/configure +Index: arpwatch-3.3/configure =================================================================== ---- arpwatch-3.0.orig/configure -+++ arpwatch-3.0/configure -@@ -4349,8 +4349,8 @@ fi +--- arpwatch-3.3.orig/configure ++++ arpwatch-3.3/configure +@@ -4353,8 +4353,8 @@ fi CC=cc export CC fi From patchwork Sat Jun 4 19:02:30 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: akuster808 X-Patchwork-Id: 8864 X-Patchwork-Delegate: akuster808@gmail.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 44DDAC43334 for ; Sat, 4 Jun 2022 19:04:52 +0000 (UTC) Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com [209.85.210.176]) by mx.groups.io with SMTP id smtpd.web12.13294.1654369482789323788 for ; Sat, 04 Jun 2022 12:04:42 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=ED/P07eH; spf=pass (domain: gmail.com, ip: 209.85.210.176, mailfrom: akuster808@gmail.com) Received: by mail-pf1-f176.google.com with SMTP id w21so9666708pfc.0 for ; Sat, 04 Jun 2022 12:04:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=qirIJTzVUo5HavJC5hrIaXBMOA94L9/k6p4Eq4xhfio=; b=ED/P07eHofCPtKpSVzjQzXx9qUx1ScCJEUX4RFC+kLfgoABVvqRGuG6uxW3YyDkxM0 pkgGRaxyBSQfDF+tm8hPDKP00RhPVtzqDIhSvNfT06GxmSbZ0XZw4mox5L3R2o0lYSXz iljuNrx98Fmg1QOh5+L9whocWcYBHIyLKqCammAPEAZXWIAN3RjcOpQIXTkF5qaXOT2E JzuptEDTG26R0RPqNyE0DlDwt0CYN1D2HoVdGUzl+8SYFraWn7hfs0d8Q2K4/apjPngW 9YmqnkNvZrK5bSa1k1qNYJYG/M5erewSq/brlK2ksmZKRyA/mLEuYUB7fsIuJOENu/jX gNeQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=qirIJTzVUo5HavJC5hrIaXBMOA94L9/k6p4Eq4xhfio=; b=D+UbqZqJ1ce1BT+y6bKQ9OPrwTTQkf+ZPMtmG8EtLlt6BZC3K0HcJwGEW/vQNoS7Hl TzCUD/vDCmZjyvk1OPvPwFrT224aUdIO/7XaDIVc29gF66qE5cEwML0Y7QL53aTOwUWC 6Prf6sqK7Eq31UHLwSoqS3AvkomK0Pib0s11R5/q3++npeSHOhli+ncoIKUECtLCE1Z+ iP1qhs1vtp6jPIchJ94hmyg0xnUdHNIGp5i3DcT36fVWEB7Zzla5a/rCKiOxLM79fGOn F5Y8mYCpX2p6rjnBlzUDCpkyB7rSnpZ3LY7je1v3TtO2lKdYlnL33LJa5l9qe9rhSov8 n7NA== X-Gm-Message-State: AOAM530x3UI97qaNll0l21yXdXF7N7H5KlsNrOmXub1talLDEoZxM5Vj WxdnKP7gb3nD+DGGiKy1yHDiTuhqbyc= X-Google-Smtp-Source: ABdhPJx4UihJG1wvCrwErSM+iiVXAfmfp+SNTI59l3+lMbLqkxR1d+ct1/hPkQyA3PZ65dmACT/EyA== X-Received: by 2002:a05:6a00:114b:b0:4f7:915:3ec3 with SMTP id b11-20020a056a00114b00b004f709153ec3mr16213378pfm.8.1654369482007; Sat, 04 Jun 2022 12:04:42 -0700 (PDT) Received: from keaua.caveonetworks.com (c-67-181-203-136.hsd1.ca.comcast.net. [67.181.203.136]) by smtp.gmail.com with ESMTPSA id u1-20020a1709026e0100b0015e8d4eb231sm7633298plk.123.2022.06.04.12.04.40 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 04 Jun 2022 12:04:41 -0700 (PDT) From: Armin Kuster To: yocto@lists.yoctoproject.org Subject: [meta-security][PATCH 5/5] packagegroup-core-security: don't include aprwatch for musl Date: Sat, 4 Jun 2022 12:02:30 -0700 Message-Id: <20220604190230.3700475-5-akuster808@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220604190230.3700475-1-akuster808@gmail.com> References: <20220604190230.3700475-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 04 Jun 2022 19:04:52 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto/message/57263 Signed-off-by: Armin Kuster --- recipes-core/packagegroup/packagegroup-core-security.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/recipes-core/packagegroup/packagegroup-core-security.bb b/recipes-core/packagegroup/packagegroup-core-security.bb index 40ff06b..f381d91 100644 --- a/recipes-core/packagegroup/packagegroup-core-security.bb +++ b/recipes-core/packagegroup/packagegroup-core-security.bb @@ -48,6 +48,7 @@ RDEPENDS:packagegroup-security-scanners = "\ ${@bb.utils.contains_any("TUNE_FEATURES", "riscv32 riscv64", "", " clamav clamav-daemon clamav-freshclam",d)} \ " RDEPENDS:packagegroup-security-scanners:remove:libc-musl = "clamav clamav-daemon clamav-freshclam" +RDEPENDS:packagegroup-security-scanners:remove:libc-musl = "arpwatch" SUMMARY:packagegroup-security-audit = "Security Audit tools " RDEPENDS:packagegroup-security-audit = " \