There is an image unique to most the meta-security sub layers used to building & testing. In this IMA case its "integrity-image-minimal" To run the test suite, add to your local.conf: ################

Signed-off-by: Armin Kuster <akuster808@...> --- meta-integrity/recipes-core/images/integrity-image-minimal.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-integrity/re

Signed-off-by: Armin Kuster <akuster808@...> --- meta-integrity/lib/oeqa/runtime/cases/ima.py | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/meta-integrity/lib/oeqa

Stefan, Thanks for the patches. Its nice to have a Content expert contribute. There is a test suite I am using to double check things and its not passing. I think it needs to be adapted to some of the

Don't build man as it needs pandoc Signed-off-by: Armin Kuster <akuster808@...> --- .../{fscryptctl_1.0.0.bb => fscryptctl_1.1.0.bb} | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) re

Signed-off-by: Armin Kuster <akuster808@...> --- recipes-ids/suricata/{suricata_6.0.10.bb => suricata_6.0.11.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename recipes-ids/suricata/

Signed-off-by: Armin Kuster <akuster808@...> --- recipes-ids/suricata/{libhtp_0.5.42.bb => libhtp_0.5.43.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename recipes-ids/suricata/{lib

Signed-off-by: Armin Kuster <akuster808@...> --- recipes-ids/ossec/ossec-hids_3.7.0.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes-ids/ossec/ossec-hids_3.7.0.bb b/r

include: CVE-2023-1017 & CVE-2023-1018 Signed-off-by: Armin Kuster <akuster808@...> --- .../recipes-tpm/libtpm/{libtpm_0.9.5.bb => libtpm_0.9.6.bb} | 2 +- 1 file changed, 1 insertion(+), 1 delet

includes CVE-2022-23645 Signed-off-by: Armin Kuster <akuster808@...> --- meta-tpm/recipes-tpm/swtpm/{swtpm_0.7.3.bb => swtpm_0.8.0.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) re

a bit of re-org Signed-off-by: Armin Kuster <akuster808@...> --- .../libtpm/files/Convert-another-vdprintf-to-dprintf.patch | 0 .../libtpm/files/Use-format-s-for-call-to-dprintf.patch | 0 .../li

a bit of re-org. Signed-off-by: Armin Kuster <akuster808@...> --- meta-tpm/{recipes-tpm => recipes-tpm1}/hoth/libhoth_git.bb | 0 .../libtpm/files/Convert-another-vdprintf-to-dprintf.patch | 0 ..

Hello Peter, Thanks for the write up and bringing it to my attention. If you didn't know already, there are some basic QA tests for TPM2. I ran those with your changes above and they pass. any plans o

This gets testing working again. Thanks, - Armin

Something in latest master may have introduced another issue, this time the runtime testing. I am see this new error: self.check_packageconfig("TS") File "/home/akuster/oss/maint/meta-security/meta-pa

Fixes: ERROR: Missing SRC_URI checksum, please add those to the recipe: SRC_URI[parsec-service-1.2.0.sha256sum] = "f58e7ba859c22cc1904dc8298b1a7d94ee1ba3b4d4808f28e4cc0c96ddb149c9" Needed to S dir too

Just hit this one too. ERROR: parsec-service-1.2.0-r0 do_patch: Applying patch 'systemd.patch' on target directory '/home/akuster/oss/clean/poky/build/tmp/work/cortexa53-poky-linux/parsec-service/1.2.

Ignore. Found another build issus

Fixes: ERROR: Missing SRC_URI checksum, please add those to the recipe: SRC_URI[parsec-service-1.2.0.sha256sum] = "f58e7ba859c22cc1904dc8298b1a7d94ee1ba3b4d4808f28e4cc0c96ddb149c9" Signed-off-by: Armi

FIxes: ERROR: Missing SRC_URI checksum, please add those to the recipe: SRC_URI[parsec-tool-0.6.0.sha256sum] = "f51d5d7f0caca1c335324b52482fa5edbf6c9cfd2e6865e5cb22716d52dcb367" Needed to have the pac