xinetd does not enforce the user and group configuration directives
for TCPMUX services, which causes these services to be run as root
and makes it easier for remote attackers to gain privileges by
leveraging another vulnerability in a service.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4342
the patch come from:
https://bugzilla.redhat.com/attachment.cgi?id=799732&action=diff
(From OE-Core master rev: c6ccb09cee54a7b9d953f58fbb8849fd7d7de6a9)
(From OE-Core rev: 478b7f533c6664f1e4cab9950f257d927d32bb28)
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
do_install needs to reference files in ${B} and we need to run
do_configuze in ${S}.
(From OE-Core rev: 5a5aff6a77dfc0bae66077589a93ba6d1755bcdc)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It is considered good practice to use the build system provided
variables instead of directly specify hardcoded paths.
(From OE-Core rev: 6f0eebbd12d79a86dd4a79f87b6be4758439a3f5)
Signed-off-by: Javier Martinez Canillas <javier@dowhile0.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Currently, xinetd cannot start if no service enabled.
# /etc/init.d/xinetd start
# ps aux | grep xinetd
# cat /var/log/syslog
xinetd[862]: 862 {init_services} no services. Exiting...
So add -stayalive option by default, as most distos do.
(From OE-Core rev: 53b6da085bfa78885f68b5d7db40d8c4e3f2f5bb)
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is a quick audit of only the most obviously wrong licenses
found within OECore. These fixes fall into four areas:
- LICENSE field had incorrect format so that the parser choked
- LICENSE field has a license with no version
- LICENSE field was actually incorrect
- LICENSE field has an imaginary license that didn't exist
This fixes most of the LICENSE warnings thrown, along with my prior
commit adding additional licenses to common-licenses and additional
SPDXLICENSEMAP entries.
HOWEVER..... there is much to be done on the license front.
For a list of recipes with licenses that need obvious fixing see:
https://wiki.yoctoproject.org/wiki/License_Audit
That said, I would suggest another license audit as I've found
enough inconsistencies. A good suggestion is when in doubt, look at
how openSuse or Gentoo or Debian license the package.
(From OE-Core rev: 3083dd70b3a9fa01fcc3cf00373b05502505996e)
Signed-off-by: Elizabeth Flanagan <elizabeth.flanagan@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Having one monolithic packages directory makes it hard to find things
and is generally overwhelming. This commit splits it into several
logical sections roughly based on function, recipes.txt gives more
information about the classifications used.
The opportunity is also used to switch from "packages" to "recipes"
as used in OpenEmbedded as the term "packages" can be confusing to
people and has many different meanings.
Not all recipes have been classified yet, this is just a first pass
at separating things out. Some packages are moved to meta-extras as
they're no longer actively used or maintained.
Signed-off-by: Richard Purdie <rpurdie@linux.intel.com>
Li Wang
Richard Purdie
Roy.Li
Marcin Juszkiewicz
Javier Martinez Canillas
Xin Ouyang
Saul Wold
Elizabeth Flanagan
Yu Ke
Richard Purdie