diff options
author | Andrii Davydenko <andrii.davydenko@globallogic.com> | 2022-12-14 12:08:42 +0200 |
---|---|---|
committer | Mykyta Dorokhin <mykyta.dorokhin@globallogic.com> | 2023-01-24 12:41:29 +0200 |
commit | 2eaa3fd064097eb221b56d5df0e7136ba705a0cd (patch) | |
tree | 2ca46c9a625d6f743933b1ea7e2fc6bd2581e6eb /recipes-support/nettle/nettle_3.8.1.bb | |
parent | 1e52890ac41318d28923787af35541a8f9ee0653 (diff) | |
download | meta-mlinux-2eaa3fd064097eb221b56d5df0e7136ba705a0cd.tar.gz meta-mlinux-2eaa3fd064097eb221b56d5df0e7136ba705a0cd.tar.bz2 meta-mlinux-2eaa3fd064097eb221b56d5df0e7136ba705a0cd.zip |
CVE Packages Update
Move libfastjson to the rsyslog directory
rsyslog 8.2002.0 -> 8.2206.0
add ntp4.2.8 recipe with fixed CVEs
update cryptsetup to 2.4.3
fix libxml2 CVE-2016-3709
curl 7.75.0 -> 7.86.0
strongswan 5.8.4 -> 5.9.8
libmodbus 3.1.6 -> 3.1.7
libesmtp 1.0.6 -> 1.1.0
cifs-utils 6.1 -> 7.0
update libtirpc to version 1.3.3
update rsync to version 3.2.5
Add zlib 1.2.13
upgrade gnutls to 3.7.8
upgrade openssh to 8.9p1
Add cmake 3.24.2 and cmake-native 3.24.2 to avoid loop dependecies building expat
Add expat 2.5.0 to fix CVE-2022-40674 and CVE-2022-43680
openvpn 2.4.9 -> 2.4.12
hostapd 2.9 -> 2.10
[GP-1837] mPower R.6.3.X (Fall'22): CVE Upgrade (after 2022-12-28)
Openssh 8.9p1 no longer needed, because all necessary CVE fixes, backports and whitelists are present for current Openssh 8.4p1. There are no new CVE's in report.
[GP-1837] mPower R.6.3.X (Fall'22): CVE Upgrade (after 2022-12-28)
Backported CVE patches for python3 component. Need to remove after upgrading Yocto to version more than 3.1.21.
[GP-1837] mPower R.6.3.X (Fall'22): CVE Upgrade (after 2022-12-28)
Backported CVE patch for sudo component.
Added 2 CVE's to whitelist for OpenVPN component.
Diffstat (limited to 'recipes-support/nettle/nettle_3.8.1.bb')
-rw-r--r-- | recipes-support/nettle/nettle_3.8.1.bb | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/recipes-support/nettle/nettle_3.8.1.bb b/recipes-support/nettle/nettle_3.8.1.bb new file mode 100644 index 0000000..bf49132 --- /dev/null +++ b/recipes-support/nettle/nettle_3.8.1.bb @@ -0,0 +1,57 @@ +SUMMARY = "A low level cryptographic library" +DESCRIPTION = "Nettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languages (C++, Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel space." +HOMEPAGE = "http://www.lysator.liu.se/~nisse/nettle/" +DESCRIPTION = "It tries to solve a problem of providing a common set of \ +cryptographic algorithms for higher-level applications by implementing a \ +context-independent set of cryptographic algorithms" +SECTION = "libs" +LICENSE = "LGPL-3.0-or-later | GPL-2.0-or-later" + +LIC_FILES_CHKSUM = "file://COPYING.LESSERv3;md5=6a6a8e020838b23406c81b19c1d46df6 \ + file://COPYINGv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ + file://serpent-decrypt.c;beginline=14;endline=36;md5=ca0d220bc413e1842ecc507690ce416e \ + file://serpent-set-key.c;beginline=14;endline=36;md5=ca0d220bc413e1842ecc507690ce416e" + +DEPENDS += "gmp" + +SRC_URI = "${GNU_MIRROR}/${BPN}/${BP}.tar.gz \ + file://Add-target-to-only-build-tests-not-run-them.patch \ + file://run-ptest \ + file://check-header-files-of-openssl-only-if-enable_.patch \ + " + +SRC_URI:append:class-target = "\ + file://dlopen-test.patch \ + " + +SRC_URI[sha256sum] = "364f3e2b77cd7dcde83fd7c45219c834e54b0c75e428b6f894a23d12dd41cbfe" + +UPSTREAM_CHECK_REGEX = "nettle-(?P<pver>\d+(\.\d+)+)\.tar" + +inherit autotools ptest multilib_header + +EXTRA_AUTORECONF += "--exclude=aclocal" + +EXTRA_OECONF = "--disable-openssl" + +do_compile_ptest() { + oe_runmake buildtest +} + +do_install:append() { + oe_multilib_header nettle/version.h +} + +do_install_ptest() { + install -d ${D}${PTEST_PATH}/testsuite/ + install ${S}/testsuite/gold-bug.txt ${D}${PTEST_PATH}/testsuite/ + install ${S}/testsuite/*-test ${D}${PTEST_PATH}/testsuite/ + # tools can be found in PATH, not in ../tools/ + sed -i -e 's|../tools/||' ${D}${PTEST_PATH}/testsuite/*-test + install ${B}/testsuite/*-test ${D}${PTEST_PATH}/testsuite/ +} + +RDEPENDS:${PN}-ptest += "${PN}-dev" +INSANE_SKIP:${PN}-ptest += "dev-deps" + +BBCLASSEXTEND = "native nativesdk" |