subtree updates
meta-raspberrypi: 31c33d155c..cfbb192e5c:
Andrei Gherzan (1):
docs: Add information for RTC devices
Andrew Penner (2):
rpi-cmdline: Add ability to specify CPUs to add to the isolcpus list
extra-build-config: Add documentation for the ISOLATED_CPUS configuration variable
Jan Vermaete (1):
docs: untabify the few tabs in the file
Khem Raj (3):
userland: Update to latest as of 20220323
picamera-libs: Adjust sourcedir
omxplayer: Use internal version of ffmpeg
meta-openembedded: af11f6ce73..b9e440ead8:
Adrian Freihofer (1):
srecord: build fix
Andreas Müller (40):
octave: upgrade 4.4.1 -> 6.4.0 and overhaul recipe
mousepad: upgrade 0.5.8 -> 0.5.9
xfce4-terminal: upgrade 0.8.10 -> 1.0.0
orage: upgrade 4.12.1 -> 4.16.0
orage: enable notify PACKAGECONFIG by default
ristretto: upgrade 0.12.1 -> 0.12.2
xarchiver: upgrade 0.5.4.14 -> 0.5.4.17
xfce4-cpufreq-plugin: upgrade 1.2.5 -> 1.2.7
xfce4-cpugraph-plugin: upgrade 1.2.5 -> 1.2.6
xfce4-diskperf-plugin: upgrade 2.6.3 -> 2.7.0
xfce4-notifyd: upgrade 0.6.2 -> 0.6.3
xfce4-screenshooter: upgrade 1.9.9 -> 1.9.10
xfce4-sensors-plugin: upgrade 1.4.2 -> 1.4.3
Allow several components notification
meta-xfce: Add Andreas Müller back to maintainers list
accountsservice: upgrade 0.6.55 -> 22.08.8
colord-gtk: upgrade 0.2.0 -> 0.3.0
evince: upgrade 41.4 -> 42.1
evolution-data-server: upgrade 3.43.1 -> 3.44.0
file-roller: upgrade 3.40.0 -> 3.42.0
gdm: upgrade 41.0 -> 42.0
gedit: upgrade 41.0 -> 42.0
gfbgraph: upgrade 0.2.4 -> 0.2.5
gnome-calculator upgrade 41.1 -> 42-0
libgweather4: initial add 4.0.0
gnome-calendar 41.2 -> 42.0
gnome-desktop: upgrade 41.2 -> 42.0
libnma: upgrade 1.8.34 -> 1.8.36
gnome-bluetooth4: initial add 42.0
gnome-font-viewer: upgrade 41.0 -> 42.0
yelp-xsl: upgrade 41.1 -> 42.0
yelp-tools: upgrade 41.0 -> 42.0
yelp: upgrade 41.2 -> 42.1
upower: upgrade 0.99.13 -> 0.99.17 / build with mesom
upower: fix location of udev-rules with sysvinit
gnome-commander: initial add 1.14.2
gnome-text-editor: initial add 42.0
evolution-data-server: re-enable gobject-introspection
jack: upgrade 1.19.19 -> 1.19.20
fluidsynth: upgrade 2.2.4 -> 2.2.6
Chen Qi (1):
blueman: fix python site-packages installation issue
Craig McQueen (1):
dnsmasq: Fix a typo in initscript
Davide Gardenal (2):
python3-wxgtk4: add distro feature check to match dependency
fwupd: add COMPATIBLE_HOST to match dependency
Jose Quaresma (2):
srt: 1.4.2 -> 1.4.3
srt: 1.4.3 -> 1.4.4
Khem Raj (2):
xfce4-screenshooter: Add dependency on libxml-parser-perl-native
open-vm-tools: Use specific BSD-2-Clause for license
Matsunaga-Shinji (2):
samba: add 2 cves to allowlist
libzip: add CVE-2017-12858 to allowlist
Minjae Kim (1):
multipath-tools: update SRC_URI
Potin Lai (1):
libimobiledevice-glue: update recipe
Robert Yang (2):
wxwidgets: Fix checking for PACKAGECONFIG and DISTRO_FEATURES
wxwidgets: git -> gitsm to fix build when no x11
Samuli Piippo (1):
python3-qface: upgrade 2.0.6 -> 2.0.7
Xu Huan (5):
python3-cheetah: upgrade 3.2.6.post2 -> 3.2.6
python3-evdev: upgrade 1.4.0 -> 1.5.0
python3-google-api-python-client: upgrade 2.36.0 -> 2.42.0
python3-itsdangerous: upgrade 2.1.1 -> 2.1.2
python3-grpcio: upgrade 1.44.0 -> 1.45.0
Yi Zhao (1):
dracut: upgrade 055 -> 056
wangmy (20):
python3-bitarray: upgrade 2.4.0 -> 2.4.1
python3-click: upgrade 8.0.4 -> 8.1.2
python3-cppy: upgrade 1.2.0 -> 1.2.1
python3-pandas: upgrade 1.4.1 -> 1.4.2
python3-protobuf: upgrade 3.19.4 -> 3.20.0
python3-pychromecast: upgrade 10.3.0 -> 11.0.0
python3-pyparted: upgrade 3.11.7 -> 3.12.0
python3-redis: upgrade 4.2.0 -> 4.2.1
python3-sqlalchemy: upgrade 1.4.32 -> 1.4.34
python3-thrift: upgrade 0.15.0 -> 0.16.0
python3-trafaret: upgrade 2.1.0 -> 2.1.1
python3-twine: upgrade 3.8.0 -> 4.0.0
python3-tzlocal: upgrade 4.1 -> 4.2
python3-websocket-client: upgrade 1.3.1 -> 1.3.2
python3-werkzeug: upgrade 2.0.3 -> 2.1.1
zenity: upgrade 3.41.0 -> 3.42.0
ceres-solver: upgrade 2.0.0 -> 2.1.0
grpc: upgrade 1.45.0 -> 1.45.1
poppler: upgrade 22.03.0 -> 22.04.0
xorg-sgml-doctools: upgrade 1.11 -> 1.12
zhengrq.fnst (2):
python3-jdatetime: upgrade 4.0.0 -> 4.1.0
python3-kiwisolver: upgrade 1.4.0 -> 1.4.2
meta-security: da93339112..498ca39cd6:
Armin Kuster (5):
openscap-daemon: use renamaed python_setuptools_build_meta
python3-fail2ban: fix compile issue on some hosts
lkrg-module: covert to git fetcher
linux-yocto_security.inc: add lkrg kfrags
samhain: update to 4.4.7
Ashish Sharma (1):
meta-security : Use SPDX style licensing format
Davide Gardenal (2):
clamav: add COMPATIBLE_HOST to fix build error
fscrypt: update dependecy from go-dep-native to go-native
Robert Yang (1):
LICENSE: adopt SPDX standard names
poky: 1976521190..ed98f1a1ae:
Abongwa Amahnui Bonalais (1):
oe-init-build-env: add quotes around variables to prevent word splitting
Alessio Igor Bogani (1):
kernel.bbclass: Use KERNEL_IMAGEDEST instead of hardcoded boot path
Alexandre Belloni (1):
pseudo: Fix handling of absolute links
Bruce Ashfield (6):
linux-yocto/5.15: update to v5.15.32
linux-yocto/5.10: update to v5.10.109
linux-yocto/5.15: aufs: fixes and optimization
linux-yocto-rt/5.15: aufs: compile fix
linux-yocto/5.15: features/security: Move x86_64 configs to separate file
linux-yocto/5.10: features/security: Move x86_64 configs to separate file
Carlos Rafael Giani (1):
libsdl2: Disable libunwind dependency in native builds
Claudius Heine (1):
os-release: add os-release-initrd package
Ferry Toth (1):
package_manager: sign DEB package feeds
Joe Slater (1):
unzip: fix CVE-2021-4217
Khem Raj (1):
glib-2.0: Backport patches C++ variant of g_atomic_int_compare_and_exchange()
Oleksandr Kravchuk (1):
tzdata: update to 2022a
Peter Kjellerstedt (5):
python3-jinja2: Correct HOMEPAGE
insane.bbclass: Make do_qa_patch() depend on if patch-fuzz is in ERROR_QA
insane.bbclass: Make changes to QA_EMPTY_DIRS trigger package_qa to rerun
bitbake.conf: Remove ERROR_QA from BB_HASHEXCLUDE_COMMON
bitbake: knotty.py: Show elapsed time also for tasks with progress bars
Richard Purdie (11):
bitbake: parse: Ensure any existing siggen is closed down first
bitbake: data: Ensure vardepsexclude or BB_BASEHASH_IGNORE_VARS covers contains items
bitbake: server/process: Disable gc around critical section
bitbake: cooker: Reset and rebuild inotify watches
bitbake: pyinotify: Handle potential latent bug
mirrors: Switch glibc and binutils to use shallow mirror tarballs
bitbake: data: Fix accidentally added parameter
bitbake.conf: Drop unexports from a different era
vim: Upgrade 8.2.4524 -> 8.2.4681
Revert "meta: rust: Bug fix for target definitions returning 'NoneType'"
build-appliance-image: Update to master head revision
Robert Yang (1):
waffle: The surfaceless-egl and gbm requires opengl
Saul Wold (5):
busybox: Exclude .debug from depmod
kmod: Add an exclude directive to depmod
depmodwrapper: Use nonarch_base_libdir for depmod.d
kmod: Update exclude patch to Accepted
depmodwrapper-cross: Fix missing $
Sean Anderson (1):
u-boot: Fix condition for install_spl_helper
Simone Weiss (1):
popt: add ptest
Sundeep KOKKONDA (3):
gcc: sanitizer: Fix tsan against glibc 2.34
meta: rust: Bug fix for target definitions returning 'NoneType'
meta: scripts - relocation script adapted to support big-endian machines
Xavier Berger (1):
gpg-sign: Add parameters to gpg signature function
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I294af706d7b96796ff360b402b9d011082cf36a7
diff --git a/meta-security/meta-security-compliance/recipes-openscap/openscap-daemon/openscap-daemon_0.1.10.bb b/meta-security/meta-security-compliance/recipes-openscap/openscap-daemon/openscap-daemon_0.1.10.bb
index cf6d531..9659323 100644
--- a/meta-security/meta-security-compliance/recipes-openscap/openscap-daemon/openscap-daemon_0.1.10.bb
+++ b/meta-security/meta-security-compliance/recipes-openscap/openscap-daemon/openscap-daemon_0.1.10.bb
@@ -13,7 +13,7 @@
file://0001-Renamed-module-and-variables-to-get-rid-of-async.patch \
"
-inherit setuptools_build_meta
+inherit python_setuptools_build_meta
S = "${WORKDIR}/git"
diff --git a/meta-security/recipes-ids/samhain/samhain.inc b/meta-security/recipes-ids/samhain/samhain.inc
index 077e118..5c1d6f5 100644
--- a/meta-security/recipes-ids/samhain/samhain.inc
+++ b/meta-security/recipes-ids/samhain/samhain.inc
@@ -1,9 +1,9 @@
DESCRIPTION = "Provides file integrity checking and log file monitoring/analysis"
HOMEPAGE = "http://www.la-samhna.de/samhain/"
-LICENSE = "GPLv2"
+LICENSE = "GPL-2.0-or-later"
LIC_FILES_CHKSUM = "file://LICENSE;md5=8ca43cbc842c2336e835926c2166c28b"
-PV = "4.4.6"
+PV = "4.4.7"
SRC_URI = "https://la-samhna.de/archive/samhain_signed-${PV}.tar.gz \
file://${INITSCRIPT_NAME}.init \
@@ -21,7 +21,7 @@
file://samhain-fix-initializer-element-is-not-constant.patch \
"
-SRC_URI[sha256sum] = "0b511a184066759cd864f6d15fe941ed3fe60f0cdc886dab68daa191d567de24"
+SRC_URI[sha256sum] = "0aa978accb635000c2d9170f307bff8a95836f8ec01615a53dbd9c2af9564d44"
UPSTREAM_CHECK_URI = "https://www.la-samhna.de/samhain/archive.html"
UPSTREAM_CHECK_REGEX = "samhain_signed-(?P<pver>(\d+(\.\d+)+))\.tar"
diff --git a/meta-security/recipes-ids/suricata/suricata.inc b/meta-security/recipes-ids/suricata/suricata.inc
index 5754617..906423c 100644
--- a/meta-security/recipes-ids/suricata/suricata.inc
+++ b/meta-security/recipes-ids/suricata/suricata.inc
@@ -1,5 +1,5 @@
HOMEPAGE = "http://suricata-ids.org/"
SECTION = "security Monitor/Admin"
-LICENSE = "GPLv2"
+LICENSE = "GPL-2.0-only"
COMPATIBLE_HOST:powerpc = 'null'
diff --git a/meta-security/recipes-kernel/linux/files/lkrg.cfg b/meta-security/recipes-kernel/linux/files/lkrg.cfg
new file mode 100644
index 0000000..e02bf76
--- /dev/null
+++ b/meta-security/recipes-kernel/linux/files/lkrg.cfg
@@ -0,0 +1,4 @@
+CONFIG_DEBUG_KERNEL=y
+CONFIG_KALLSYMS_ALL=y
+CONFIG_JUMP_LABEL=y
+CONFIG_DEBUG_SECTION_MISMATCH=y
diff --git a/meta-security/recipes-kernel/linux/files/lkrg.scc b/meta-security/recipes-kernel/linux/files/lkrg.scc
new file mode 100644
index 0000000..83397f8
--- /dev/null
+++ b/meta-security/recipes-kernel/linux/files/lkrg.scc
@@ -0,0 +1,5 @@
+# SPDX-License-Identifier: MIT
+define KFEATURE_DESCRIPTION "Enable Support for LKRG"
+define KFEATURE_COMPATIBILITY board
+
+kconf hardware lkrg.cfg
diff --git a/meta-security/recipes-kernel/linux/linux-yocto_security.inc b/meta-security/recipes-kernel/linux/linux-yocto_security.inc
index defca57..b79af80 100644
--- a/meta-security/recipes-kernel/linux/linux-yocto_security.inc
+++ b/meta-security/recipes-kernel/linux/linux-yocto_security.inc
@@ -1,3 +1,6 @@
+FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
+
KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", " features/apparmor/apparmor.scc", "" ,d)}"
KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "smack", " features/smack/smack.scc", "" ,d)}"
KERNEL_FEATURES:append = " ${@bb.utils.contains("IMAGE_CLASSES", "dm-verity-img", " features/device-mapper/dm-verity.scc", "" ,d)}"
+SRC_URI += " ${@bb.utils.contains("DISTRO_FEATURES", "lkrg", "file://lkrg.scc", "" ,d)}"
diff --git a/meta-security/recipes-kernel/lkrg/files/makefile_cleanup.patch b/meta-security/recipes-kernel/lkrg/files/makefile_cleanup.patch
index a4db2d9..799b1a6 100644
--- a/meta-security/recipes-kernel/lkrg/files/makefile_cleanup.patch
+++ b/meta-security/recipes-kernel/lkrg/files/makefile_cleanup.patch
@@ -4,10 +4,10 @@
Signed-off-by: Armin Kuster <akuster808@gmail.com>
-Index: lkrg-0.9.2/Makefile
+Index: git/Makefile
===================================================================
---- lkrg-0.9.2.orig/Makefile
-+++ lkrg-0.9.2/Makefile
+--- git.orig/Makefile
++++ git/Makefile
@@ -4,28 +4,10 @@
# Author:
# - Adam 'pi3' Zabrocki (http://pi3.com.pl)
diff --git a/meta-security/recipes-kernel/lkrg/lkrg-module_0.9.2.bb b/meta-security/recipes-kernel/lkrg/lkrg-module_0.9.2.bb
index e055fbe..85f7d44 100644
--- a/meta-security/recipes-kernel/lkrg/lkrg-module_0.9.2.bb
+++ b/meta-security/recipes-kernel/lkrg/lkrg-module_0.9.2.bb
@@ -3,18 +3,18 @@
kernel and detection of security vulnerability exploits against the kernel."
SECTION = "security"
HOMEPAGE = "https://www.openwall.com/lkrg/"
-LICENSE = "GPLv2"
+LICENSE = "GPL-2.0-only"
LIC_FILES_CHKSUM = "file://LICENSE;md5=5105ead24b08a32954f34cbaa7112432"
DEPENDS = "virtual/kernel elfutils"
-SRC_URI = "https://download.openwall.net/pub/projects/lkrg/lkrg-${PV}.tar.gz \
+SRCREV = "43db5f19fca259feb1962f6db33382348cbc8320"
+
+SRC_URI = "git://github.com/lkrg-org/lkrg.git;protocol=https;branch=main \
file://makefile_cleanup.patch "
-SRC_URI[sha256sum] = "c2b501c47089cce3ec3114cef6520b73aa3a098836183186b9bb5e097c99ac27"
-
-S = "${WORKDIR}/lkrg-${PV}"
+S = "${WORKDIR}/git"
inherit module kernel-module-split
diff --git a/meta-security/recipes-perl/perl/libwhisker2-perl_2.5.bb b/meta-security/recipes-perl/perl/libwhisker2-perl_2.5.bb
index 5889a05..42c0b42 100644
--- a/meta-security/recipes-perl/perl/libwhisker2-perl_2.5.bb
+++ b/meta-security/recipes-perl/perl/libwhisker2-perl_2.5.bb
@@ -1,7 +1,7 @@
DESCRIPTION = "Libwhisker is a Perl module geared specificly for HTTP testing."
SECTION = "libs"
-LICENSE = "Artistic-1.0 | GPL-1.0+"
+LICENSE = "Artistic-1.0 | GPL-1.0-or-later"
LIC_FILES_CHKSUM = "file://LICENSE;md5=254b8e29606fce6d1c1a4c9e32354573"
diff --git a/meta-security/recipes-scanners/clamav/clamav_0.104.0.bb b/meta-security/recipes-scanners/clamav/clamav_0.104.0.bb
index f0889de..3bcb5eb 100644
--- a/meta-security/recipes-scanners/clamav/clamav_0.104.0.bb
+++ b/meta-security/recipes-scanners/clamav/clamav_0.104.0.bb
@@ -2,10 +2,12 @@
DESCRIPTION = "ClamAV is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats."
HOMEPAGE = "http://www.clamav.net/index.html"
SECTION = "security"
-LICENSE = "LGPL-2.1"
+LICENSE = "LGPL-2.1-only"
DEPENDS = "glibc llvm libtool db openssl zlib curl libxml2 bison pcre2 json-c libcheck"
+COMPATIBLE_HOST:libc-musl:class-target = "null"
+
LIC_FILES_CHKSUM = "file://COPYING.txt;beginline=2;endline=3;md5=f7029fbbc5898b273d5902896f7bbe17"
# July 27th
diff --git a/meta-security/recipes-security/bastille/bastille_3.2.1.bb b/meta-security/recipes-security/bastille/bastille_3.2.1.bb
index 2d82983..e7852d9 100644
--- a/meta-security/recipes-security/bastille/bastille_3.2.1.bb
+++ b/meta-security/recipes-security/bastille/bastille_3.2.1.bb
@@ -2,7 +2,7 @@
#consult the README file for the meta-security layer for additional information.
SUMMARY = "Linux hardening tool"
DESCRIPTION = "Bastille Linux is a Hardening and Reporting/Auditing Program which enhances the security of a Linux box, by configuring daemons, system settings and firewalling."
-LICENSE = "GPLv2"
+LICENSE = "GPL-2.0-only"
LIC_FILES_CHKSUM = "file://${S}/COPYING;md5=c93c0550bd3173f4504b2cbd8991e50b"
# Bash is needed for set +o privileged (check busybox), might also need ncurses
DEPENDS = "virtual/kernel"
diff --git a/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb b/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
index 9aefc32..5f8cf3c 100644
--- a/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
+++ b/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
@@ -6,7 +6,7 @@
HOMEPAGE = "https://launchpad.net/ecryptfs"
SECTION = "base"
-LICENSE = "GPL-2.0"
+LICENSE = "GPL-2.0-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=8ca43cbc842c2336e835926c2166c28b"
DEPENDS = "keyutils libgcrypt intltool-native glib-2.0-native"
diff --git a/meta-security/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb b/meta-security/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb
index 4118732..96e17b7 100644
--- a/meta-security/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb
+++ b/meta-security/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb
@@ -9,6 +9,8 @@
LICENSE = "GPL-2.0-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=ecabc31e90311da843753ba772885d9f"
+DEPENDS = "python3-native"
+
SRCREV ="4fe4ac8dde6ba14841da598ec37f8c6911fe0f64"
SRC_URI = " git://github.com/fail2ban/fail2ban.git;branch=0.11;protocol=https \
file://initd \
@@ -21,6 +23,11 @@
do_compile () {
cd ${S}
+
+ #remove symlink to python3
+ # otherwise 2to3 is run against it
+ rm -f bin/fail2ban-python
+
./fail2ban-2to3
}
diff --git a/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb b/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb
index 66bf429..663d8e2 100644
--- a/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb
+++ b/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb
@@ -11,7 +11,7 @@
BBCLASSEXTEND = "native nativesdk"
# fscrypt depends on go and libpam
-DEPENDS += "go-dep-native libpam"
+DEPENDS += "go-native libpam"
SRCREV = "92b1e9a8670ccd3916a7d24a06cab1e4c9815bc4"
SRC_URI = "git://github.com/google/fscrypt.git;branch=master;protocol=https"
diff --git a/meta-security/recipes-security/libdhash/ding-libs_0.6.1.bb b/meta-security/recipes-security/libdhash/ding-libs_0.6.1.bb
index 6046fa0..843850f 100644
--- a/meta-security/recipes-security/libdhash/ding-libs_0.6.1.bb
+++ b/meta-security/recipes-security/libdhash/ding-libs_0.6.1.bb
@@ -2,7 +2,7 @@
DESCRIPTION = "Dynamic hash table implementation"
HOMEPAGE = "https://fedorahosted.org/released/ding-libs"
SECTION = "base"
-LICENSE = "GPLv3+"
+LICENSE = "GPL-3.0-or-later"
LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
SRC_URI = "https://fedorahosted.org/released/${BPN}/${BP}.tar.gz"
diff --git a/meta-security/recipes-security/libmhash/libmhash_0.9.9.9.bb b/meta-security/recipes-security/libmhash/libmhash_0.9.9.9.bb
index 9b34cb1..35c5ff8 100644
--- a/meta-security/recipes-security/libmhash/libmhash_0.9.9.9.bb
+++ b/meta-security/recipes-security/libmhash/libmhash_0.9.9.9.bb
@@ -7,7 +7,7 @@
"
HOMEPAGE = "http://mhash.sourceforge.net/"
-LICENSE = "LGPLv2.0"
+LICENSE = "LGPL-2.0-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=3bf50002aefd002f49e7bb854063f7e7"
S = "${WORKDIR}/mhash-${PV}"
diff --git a/meta-security/recipes-security/nikto/nikto_2.1.6.bb b/meta-security/recipes-security/nikto/nikto_2.1.6.bb
index 8542d69..8c21b30 100644
--- a/meta-security/recipes-security/nikto/nikto_2.1.6.bb
+++ b/meta-security/recipes-security/nikto/nikto_2.1.6.bb
@@ -3,7 +3,7 @@
SECTION = "security"
HOMEPAGE = "https://cirt.net/Nikto2"
-LICENSE = "GPLv2"
+LICENSE = "GPL-2.0-only"
LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0-only;md5=801f80980d171dd6425610833a22dbe6"
SRCREV = "f1bbd1a8756c076c8fd4f4dd0bc34a8ef215ae79"
diff --git a/meta-security/recipes-security/sssd/sssd_2.5.2.bb b/meta-security/recipes-security/sssd/sssd_2.5.2.bb
index 8bc8787..9f1d627 100644
--- a/meta-security/recipes-security/sssd/sssd_2.5.2.bb
+++ b/meta-security/recipes-security/sssd/sssd_2.5.2.bb
@@ -2,7 +2,7 @@
DESCRIPTION = "SSSD is a system security services daemon"
HOMEPAGE = "https://pagure.io/SSSD/sssd/"
SECTION = "base"
-LICENSE = "GPLv3+"
+LICENSE = "GPL-3.0-or-later"
LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
DEPENDS = "acl attr openldap cyrus-sasl libtdb ding-libs libpam c-ares krb5 autoconf-archive"