[yocto] [meta-security][PATCH] samhain: update to 4.3.3

Armin Kuster akuster808 at gmail.com
Sat Jul 20 19:41:22 PDT 2019 

remove PV from recipes names to make package update easier.

PV set in include file now

drop samhain-cross-compile.patch as stripping appears to have been removed.

Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
 .../samhain/files/samhain-cross-compile.patch      | 51 ----------------------
 .../{samhain-client_4.3.2.bb => samhain-client.bb} |  0
 .../{samhain-server_4.3.2.bb => samhain-server.bb} |  0
 ...n-standalone_4.3.2.bb => samhain-standalone.bb} |  0
 recipes-ids/samhain/samhain.inc                    |  6 +--
 5 files changed, 3 insertions(+), 54 deletions(-)
 delete mode 100644 recipes-ids/samhain/files/samhain-cross-compile.patch
 rename recipes-ids/samhain/{samhain-client_4.3.2.bb => samhain-client.bb} (100%)
 rename recipes-ids/samhain/{samhain-server_4.3.2.bb => samhain-server.bb} (100%)
 rename recipes-ids/samhain/{samhain-standalone_4.3.2.bb => samhain-standalone.bb} (100%)

diff --git a/recipes-ids/samhain/files/samhain-cross-compile.patch b/recipes-ids/samhain/files/samhain-cross-compile.patch
deleted file mode 100644
index 7f80a5c..0000000
--- a/recipes-ids/samhain/files/samhain-cross-compile.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-From f63908427b2adb1792c59edbe38618e14ef5bc7b Mon Sep 17 00:00:00 2001
-From: Jackie Huang <jackie.huang at windriver.com>
-Date: Fri, 15 Jan 2016 00:48:58 -0500
-Subject: [PATCH] Enable obfuscating binaries natively.
-
-Enable obfuscating binaries natively.
-
-The samhain build process involves an obfuscation step that attempts to
-defeat decompilation or other binary analysis techniques which might reveal
-secret information that should be known only to the system administrator.
-The obfuscation step builds several applications which run on the build host
-and then generate target code, which is then built into target binaries.
-
-This patch creates a basic infrastructure that supports building the
-obfuscation binaries natively then cross-compiling the target code by adding
-a special configure option.  In the absence of this option the old behaviour
-is preserved.
-
-Upstream-Status: Inappropriate [cross compile specific]
-    
-Signed-off-by: Aws Ismail <aws.ismail at windriver.com>
-Signed-off-by: Jackie Huang <jackie.huang at windriver.com>
----
- Makefile.in | 4 +---
- 1 file changed, 1 insertion(+), 3 deletions(-)
-
-diff --git a/Makefile.in b/Makefile.in
-index 684e92b..fb090e2 100644
---- a/Makefile.in
-+++ b/Makefile.in
-@@ -54,7 +54,7 @@ selectconfig = @selectconfig@
- top_builddir = .
- 
- INSTALL = @INSTALL@
--INSTALL_PROGRAM = @INSTALL@ -s -m 700
-+INSTALL_PROGRAM = @INSTALL@ -m 700
- INSTALL_SHELL = @INSTALL@ -m 700
- INSTALL_DATA = @INSTALL@ -m 600
- INSTALL_MAN = @INSTALL@ -m 644
-@@ -525,8 +525,6 @@ install-program: $(PROGRAMS) sstrip
- 	      echo " $(INSTALL_PROGRAM) $$p $$target"; \
- 	      $(INSTALL_PROGRAM) $$p $$target; \
- 	      chmod 0700 $$target; \
--	      echo " ./sstrip $$target"; \
--	      ./sstrip $$target; \
- 	    else \
- 	      echo " $(INSTALL_SHELL) $$p $$target"; \
- 	      $(INSTALL_SHELL) $$p $$target; \
--- 
-1.9.1
-
diff --git a/recipes-ids/samhain/samhain-client_4.3.2.bb b/recipes-ids/samhain/samhain-client.bb
similarity index 100%
rename from recipes-ids/samhain/samhain-client_4.3.2.bb
rename to recipes-ids/samhain/samhain-client.bb
diff --git a/recipes-ids/samhain/samhain-server_4.3.2.bb b/recipes-ids/samhain/samhain-server.bb
similarity index 100%
rename from recipes-ids/samhain/samhain-server_4.3.2.bb
rename to recipes-ids/samhain/samhain-server.bb
diff --git a/recipes-ids/samhain/samhain-standalone_4.3.2.bb b/recipes-ids/samhain/samhain-standalone.bb
similarity index 100%
rename from recipes-ids/samhain/samhain-standalone_4.3.2.bb
rename to recipes-ids/samhain/samhain-standalone.bb
diff --git a/recipes-ids/samhain/samhain.inc b/recipes-ids/samhain/samhain.inc
index 1b9af39..16222ba 100644
--- a/recipes-ids/samhain/samhain.inc
+++ b/recipes-ids/samhain/samhain.inc
@@ -3,9 +3,9 @@ HOMEPAGE    = "http://www.la-samhna.de/samhain/"
 LICENSE     = "GPLv2"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=8ca43cbc842c2336e835926c2166c28b"
 
+PV = "4.3.3"
 
 SRC_URI = "http://la-samhna.de/archive/samhain_signed-${PV}.tar.gz \
-           file://samhain-cross-compile.patch \
            file://samhain-mips64-aarch64-dnmalloc-hash-fix.patch \
            file://samhain-samhainrc.patch \
            file://samhain-samhainrc-fix-files-dirs-path.patch \
@@ -19,8 +19,8 @@ SRC_URI = "http://la-samhna.de/archive/samhain_signed-${PV}.tar.gz \
            file://samhain.service \
            "
 
-SRC_URI[md5sum] = "eae4674164d7c78f5bb39c72b7029c8b"
-SRC_URI[sha256sum] = "0582864ef56ab796031e8e611ed66c48adeb3a30ec34e1a8d0088572442035fc"
+SRC_URI[md5sum] = "7be46ae7d03f53ba21afafd41cff8926"
+SRC_URI[sha256sum] = "33ad4bc3dad4699694553bd9635a6b5827939f965d1f0f05fce0b4e9cdadf21b"
 
 UPSTREAM_CHECK_URI = "https://www.la-samhna.de/samhain/archive.html"
 UPSTREAM_CHECK_REGEX = "samhain_signed-(?P<pver>(\d+(\.\d+)+))\.tar"
-- 
2.7.4

More information about the yocto mailing list