meta-security: subtree update:6053e8b8e2..9504d02694
Armin Kuster (19):
softhsm: drop pkg as meta-oe has it
apparmor: Inherit python3targetconfig
python3-suricata-update: Inherit python3targetconfig
openscap: Inherit python3targetconfig
scap-security-guide: Inherit python3targetconfig
nikito: Update common-licenses references to match new names
kas-security-base.yml: build setting updates
kas-security-base.yml: drop DL_DIR
arpwatch: upgrade 3.0 -> 3.1
checksec: upgrade 2.1.0 -> 2.4.0
ding-libs: upgrade 0.5.0 -> 0.6.1
fscryptctl: upgrade 0.1.0 -> 1.0.0
libseccomp: upgrade 2.5.0 -> 2.5.1
python3-privacyidea: upgrade 3.3 -> 3.5.1
python3-scapy: upgrade 2.4.3 -> 2.4.4
samhain: update to 4.4.3
opendnssec: update to 2.1.8
suricata: update to 4.10.0
python3-fail2ban: update to 0.11.2
Jate Sujjavanich (1):
scap-security-guide: Fix openembedded platform tests and build
Ming Liu (9):
ima-evm-utils: set native REQUIRED_DISTRO_FEATURES to empty
initramfs-framework-ima: fix a wrong path
ima-evm-keys: add recipe
initramfs-framework-ima: RDEPENDS on ima-evm-keys
meta: refactor IMA/EVM sign rootfs
README.md: update according to the refactoring in ima-evm-rootfs.bbclass
initramfs-framework-ima: let ima_enabled return 0
ima-evm-rootfs.bbclass: avoid generating /etc/fstab for wic
ima-policy-hashed: add CGROUP2_SUPER_MAGIC fsmagic
Yi Zhao (1):
ibmswtpm2: disable camellia algorithm
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: Ic7dc6f5425a1493ac0534e10ed682662d109e60c
diff --git a/meta-security/recipes-scanners/arpwatch/arpwatch_3.0.bb b/meta-security/recipes-scanners/arpwatch/arpwatch_3.1.bb
similarity index 93%
rename from meta-security/recipes-scanners/arpwatch/arpwatch_3.0.bb
rename to meta-security/recipes-scanners/arpwatch/arpwatch_3.1.bb
index 9be319a..44aeca0 100644
--- a/meta-security/recipes-scanners/arpwatch/arpwatch_3.0.bb
+++ b/meta-security/recipes-scanners/arpwatch/arpwatch_3.1.bb
@@ -1,7 +1,7 @@
SUMARRY = "The ethernet monitor program; for keeping track of ethernet/ip address pairings"
LICENSE = "BSD-4-Clause"
HOME_PAGE = "http://ee.lbl.gov/"
-LIC_FILES_CHKSUM = "file://configure;md5=212742e55562cf47527d31c2a492411a"
+LIC_FILES_CHKSUM = "file://configure;md5=74ca964ed34fda7b46c6fe3e50bded9d"
DEPENDS += "libpcap postfix"
@@ -12,7 +12,7 @@
file://postfix_workaround.patch \
file://host_contam_fix.patch "
-SRC_URI[sha256sum] = "82e137e104aca8b1280f5cca0ebe61b978f10eadcbb4c4802c181522ad02b25b"
+SRC_URI[sha256sum] = "ee1d15d9a07952c0c017908b9dbfd5ac988fed0058c3cc4fa6c13e0be36f3a9f"
inherit autotools-brokensep update-rc.d useradd
diff --git a/meta-security/recipes-scanners/buck-security/buck-security_0.7.bb b/meta-security/recipes-scanners/buck-security/buck-security_0.7.bb
index 179eeda..20a1fb0 100644
--- a/meta-security/recipes-scanners/buck-security/buck-security_0.7.bb
+++ b/meta-security/recipes-scanners/buck-security/buck-security_0.7.bb
@@ -3,7 +3,7 @@
system. This enables you to quickly overview the security status of your Linux system."
SECTION = "security"
LICENSE = "GPL-2.0"
-LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
+LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0-only;md5=801f80980d171dd6425610833a22dbe6"
SRC_URI = "http://sourceforge.net/projects/buck-security/files/buck-security/buck-security_${PV}/${BPN}_${PV}.tar.gz"
diff --git a/meta-security/recipes-scanners/checksec/checksec_2.1.0.bb b/meta-security/recipes-scanners/checksec/checksec_2.4.0.bb
similarity index 78%
rename from meta-security/recipes-scanners/checksec/checksec_2.1.0.bb
rename to meta-security/recipes-scanners/checksec/checksec_2.4.0.bb
index b67c98b..52bcf7c 100644
--- a/meta-security/recipes-scanners/checksec/checksec_2.1.0.bb
+++ b/meta-security/recipes-scanners/checksec/checksec_2.4.0.bb
@@ -4,9 +4,9 @@
LICENSE = "BSD"
HOMEPAGE="https://github.com/slimm609/checksec.sh"
-LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=93fddcca19f6c897871f9b5f9a035f4a"
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=8d90285f711cf1f378e2c024457066d8"
-SRCREV = "04582bad41589ad479ca8b1f0170ed317475b5a5"
+SRCREV = "c3754e45e04f9104db93b2048afd094427102d48"
SRC_URI = "git://github.com/slimm609/checksec.sh"
S = "${WORKDIR}/git"
diff --git a/meta-security/recipes-scanners/checksecurity/checksecurity_2.0.15.bb b/meta-security/recipes-scanners/checksecurity/checksecurity_2.0.15.bb
index 204123d..0161b4c 100644
--- a/meta-security/recipes-scanners/checksecurity/checksecurity_2.0.15.bb
+++ b/meta-security/recipes-scanners/checksecurity/checksecurity_2.0.15.bb
@@ -2,7 +2,7 @@
DESCRIPTION = "checksecurity is a simple package which will scan your system for several simple security holes."
SECTION = "security"
LICENSE = "GPL-2.0"
-LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
+LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0-only;md5=801f80980d171dd6425610833a22dbe6"
SRC_URI = "http://ftp.de.debian.org/debian/pool/main/c/checksecurity/checksecurity_${PV}.tar.gz \
file://setuid-log-folder.patch \