Fixes:
CVE-2016-0777 - Client Information leak from use of roaming connection
feature.
CVE-2016-0778 - A buffer overflow flaw was found in the way the OpenSSH
client roaming feature was implemented. A malicious server could
potentially use this flaw to execute arbitrary code on a successfully
authenticated OpenSSH client if that client used certain non-default
configuration options.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: James Knight <james.knight@rockwellcollins.com>
Tested-by: James Knight <james.knight@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Firefox recently activated mixing content mode protection
(http elements in an https page). This patch changes
the external slides service to https.
Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Also remove merged patches.
So, autoreconf is no longer needed.
Signed-off-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The apply-patches.sh script was using a mix of tabs and spaces, and
some three-space indentation. Normalize everything to four-space
indentation.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Match the systemd service file and set time immediately on startup
rather than small steps when it differs a lot.
On embedded scenarios this is better since boards that lack a
battery-backed RTC might start at unix epoch and the time set will delay
for quite a while otherwise.
For boards that do have a battery-backed RTC the behaviour will be
practically the same unless the RTC drifts a lot.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
A copy/paste error in the ArgumentParser() constructor call disclosed
the fact that the author of the script has shamefully based his work
on the existing graph-build-time script. This commit fixes this
mistake, therefore hiding in a better way how size-stats was
vampirized from graph-build-time.
Reported-by: Thomas De Schampheleire <patrickdepinguin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Commit e7d04dd2d replaced /etc/dropbear with a symlink to /var/run and
updated the start scripts to replace it with a real directory, so the
keys would be persistent. However, it turns out that this is pretty
confusing even for expert users, who don't know how to make the keys
really persistent now.
Update the help text explaining what the issue is, and telling the user
to replace the /etc/dropbear symlink with a symlink to a persistent
directory. Also mention the possiblity of unionfs.
Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The revision 18153 dates from 2012-01-20. Lets update to latest changed revision
19427 which dates from 2015-01-07.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update to 1.0.11. Contains a lot of bugfixes
and some new features:
* mips{32r6,64r6} enablement
* argp support
* support for very simple /etc/gai.conf
* Xtensa nommu vfork fix
* systemd portability fixes
Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
mraa provides a unified interface for IO on Galileo, Edison,
Raspberry Pi and others.
Signed-off-by: Pieterjan Camerlynck <pieterjan.camerlynck@gmail.com>
Tested-by: Samuel Martin <s.martin49@gmail.com>
Acked-by: Samuel Martin <s.martin49@gmail.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Follow the upstream EOL cycle and mark 4.2 as deprecated for 2016.02.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The generated $(TARGET_DIR)/etc/network/interfaces mixes spaces and
tabs. Fix by using tabs only.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>