Age | Commit message (Collapse) | Author |
|
License-Update: email of authors changed to <info@libzip.org>
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Changelog:
=========
This release adds optimizations for Loongarch, adds support for vp8 in the
real-time rate control library, upgrades GoogleTest to v1.11.0, updates
libwebm to libwebm-1.0.0.28-20-g206d268, and includes numerous bug fixes.
- Upgrading:
This release is ABI compatible with the previous release.
vp8 support in the real-time rate control library.
New codec control VP8E_SET_RTC_EXTERNAL_RATECTRL is added.
Configure support for darwin21 is added.
GoogleTest is upgraded to v1.11.0.
libwebm is updated to libwebm-1.0.0.28-20-g206d268.
- Enhancement:
Numerous improvements on checking memory allocations.
Optimizations for Loongarch.
Code clean-up.
- Bug fixes:
Fix to a crash related to {vp8/vp9}_set_roi_map.
Fix to compiling failure with -Wformat-nonliteral.
Fix to integer overflow with vp9 with high resolution content.
Fix to AddNoiseTest failure with ARMv7.
Fix to libvpx Null-dereference READ in vp8.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Changelog:https://github.com/bats-core/bats-core/releases/tag/v1.7.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Firewalld:
This is a feature release. It also includes all bug fixes since v1.1.0.
Details are here: https://firewalld.org/2022/07/firewalld-1-2-0-release
Recipe:
Firewalld defaults to create a log file for debug messages. This is
basically an empty file until firewalld's log level is configured to
debug level. Writing log files requies something like log-rotate to
prevent full disks. The default for OE is to not create files and send
all log messages to syslog (journald).
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This is useful for selinux distro feature.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The systemd support had been integrated to openvpn for a long time. Add
PACKAGECONFIG for it and use its own service files and volatile file.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Changelog:
=========
* Close broken link message dialog on response (António Fernandes)
* Fix crash when opening new window from pathbar (Corey Berla)
* Fix remote filesystem check (Corey Berla)
* Translation updates (GNOME Translation Project contributors)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fixes linking errors e.g.
parallel.cpp:(.text._ZN3tbb6detail2d19start_forINS1_13blocked_rangeIiEEN2cv12_GLOBAL__N_113ProxyLoopBodyEKNS1_16auto_partitionerEE8finalizeERKNS1_14execution_dataE+0xe8): undefined reference to `__atomic_fetch_add_8'
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade to release 1.3.0:
- Convert the metadata into PEP 621 format
- Use pyproject.toml only
- Memory leak when multiple field is set to true in ack
- No exception raised when heartbeat timed out
- Wrong return type for basic_get
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
CVE-2016-4049 is not affecting our version, so we can ignore it.
This is caused because the CPE in the NVD database doesn't specify
a vulnerable version range.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The following CVEs are already patched so we can ignore them:
- CVE-2016-0749
- CVE-2016-2150
- CVE-2018-10893
This is caused by inaccurate CPE in the NVD database.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade to release 5.29.2:
- Only thread lock methods attempting to access the cache for the
caching middleware.
- Socket timeout when pushing a significant amount of data
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade to release 1.41:
- support for python 3.11 added (__getstate__ behavior change)
- replaced travis CI by Github actions
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade to release 0.3.3 and add runtime dependencies:
- Keccak backend was initialized every time it was called.
Now it's initialized only the first time it's called.
- Prune venv files from the release via MANIFEST.in
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Without CVE_PRODUCT set to apache:thrift cve-check was catching
CVEs form facebook:thrift that are not related with this product.
Now the report is correct.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Switch build system to cmake
Add patch to avoid hardcoding build paths in scripts
Forward port musl patch
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Needed by recent fontforge
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade from 2021.8.22 to 2022.5.17.
This upgrade mainly include CVE fixes.
According to https://github.com/tuxera/ntfs-3g/releases:
"""
Changelog:
* Improved defence against maliciously tampered NTFS partitions
* Improved defence against improper use of options
* Updated the documentation
"""
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This upgrade includes the following CVE fixes:
- CVE-2021-4190
- CVE-2022-0581
- CVE-2022-0582
- CVE-2022-0583
- CVE-2022-0585
- CVE-2022-0586
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade to release 2.5.3:
- Fix unary path step operator
- Fix sphinx warnings 'reference target not found'
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade to release 22.5.1:
- new: WAMP Flatbuffers IDL and schema processing (experimental)
- new: WAMP-cryptosign trustroot (experimental)
- new: add wrapper type for CryptosignAuthextra
- fix: stricted type checking of Challenge; fix cryposign unit test
- new: more test coverage
- fix: reduce log noise
- fix: forward channel_binding selected in Component client
- new: expand ISigningKey to provide security_module/key_id
- fix: Component cryptosign test
- fix: add type hints; fix channel_binding
- new: work on federated realms and secmods
- new: rename to and work on a.w.CryptosignKey
- new: add bip44 for cryptosign test
- fix: remove all txaio.make_logger refs from generic code
- new: initial support for federated WAMP realms via
a.x.FederatedRealm/Seeder
- new: moved utility functions and unit tests for WAMP realm name
checking from Crossbar.io
- new: allow list of URLs for transports in a.t.component.Component
- new: add websocket_options to a.t.wamp.ApplicationRunner
- new: add stop_at_close flag in a.t.component.run
- fix: reduce log noise (regression) on ApplicationRunner Twisted
- new: allow max_retry_delay==0 for always-immediate auto-reconnect
in ApplicationRunner on Twisted
- new: add websocket_options to WAMP ApplicationRunner on Twisted
- new: more type hints and docs
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
attacker to execute arbitrary SQL commands
Source: https://github.com/cyrusimap/cyrus-sasl
MR: 118497
Type: Security Fix
Disposition: Backport from https://github.com/cyrusimap/cyrus-sasl/commit/9eff746c9daecbcc0041b09a5a51ba30738cdcbc
ChangeID: 4736aae2b7d8986787b1666cfd6eecd590915120
Description:
CVE-2022-24407 cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands.
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This upgrade includes patches for the following CVEs:
- CVE-2020-13902
- CVE-2020-27829
- CVE-2020-29599
- CVE-2021-20176
- CVE-2021-20241
- CVE-2021-20243
- CVE-2021-20244
- CVE-2021-20245
- CVE-2021-20246
- CVE-2021-3596
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The upstream commit fcb676a79d introduced new option
WITH_DLT_ADAPTOR_UDP to select dlt-adaptor-udp.service instread of
WITH_DLT_ADAPTOR, so update the PACKAGECONFIG.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This product is not present in the NVD database but another
one with exactly the same name is in fact present. For that
reason cve-check is outputting CVEs that are unrelated so they
can be ignored.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Native python module of flatbuffer exists before it is split from
flatbuffers. So add it back.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Update interpreter on shebang line of script yapp to fix qa error:
ERROR: QA Issue: : /work/x86_64-linux/libparse-yapp-perl-native/1.21-r0/sysroot-destdir
/work/x86_64-linux/libparse-yapp-perl-native/1.21-r0/recipe-sysroot-native/usr/bin/yapp
maximum shebang size exceeded, the maximum size is 128. [shebang-size]
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Update interpreter on shebang line in script use-devel-checklib to fix
QA error:
ERROR: QA Issue: : /work/x86_64-linux/libdev-checklib-perl-native/1.14-r0/sysroot-destdir/
work/x86_64-linux/libdev-checklib-perl-native/1.14-r0/recipe-sysroot-native/usr/bin/use-devel-checklib
maximum shebang size exceeded, the maximum size is 128. [shebang-size]
It also replace option '-w' on shebang line with 'use warnings;' that
old version env doesn't support multiple arguments.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Update interpreter on shebang line in scripts to fix error:
ERROR: QA Issue: : /work/x86_64-linux/libdbi-perl-native/1.643-r0/sysroot-destdir/work/x86_64-linux/libdbi-perl-native/1.643-r0/recipe-sysroot-native/usr/bin/dbiproxy maximum shebang size exceeded, the maximum size is 128. [shebang-size]
ERROR: QA Issue: : /work/x86_64-linux/libdbi-perl-native/1.643-r0/sysroot-destdir/work/x86_64-linux/libdbi-perl-native/1.643-r0/recipe-sysroot-native/usr/bin/dbiprof maximum shebang size exceeded, the maximum size is 128. [shebang-size]
ERROR: QA Issue: : /work/x86_64-linux/libdbi-perl-native/1.643-r0/sysroot-destdir/work/x86_64-linux/libdbi-perl-native/1.643-r0/recipe-sysroot-native/usr/bin/dbilogstrip maximum shebang size exceeded, the maximum size is 128. [shebang-size]
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Changelog:
=========
new features:
--------------
Add archive writing support for devices with composite firmware
Add a way to read device composite firmware in fwupdtool
Allow clients to opt-in to showing updates with user-solvable problems
Allow the device to pause polling when writing firmware
Export the system and device battery levels on the D-Bus interface
Log errors and warnings to the win32 eventlog when required
Add X-UsbReceiver as an update category with icon usb-receiver
fixes bugs:
-------------
Accurately return the last-set status to client tools
Allow dumping flashrom firmware using fwupdtool
Allow specifying a non-file D-Bus transport
Allow to request post actions from fwupdtool
Always be arch-explicit when installing OS deps
Be more resilient when restarting the Redfish BMC
Do not mark all Redfish updates as UPDATABLE
Do not use 'dongle' to describe USB receiver hardware
Download in-process when using fwupdtool
Fix a critical warning on failed modem update
Fix regression when probing PS175 devices
Hardcode the Redfish filedata name to firmware.bin
Set the Bluetooth version if REV has been set
Switch the Windows installer from NSIS to MSI
Use StartServiceCtrlDispatcherA for the daemon on Windows
Use the native certificate store on Windows
new support:
------------
Corsair KATAR PRO XT, SABRE PRO and KATAR PRO Wireless
HP Thunderbolt Dock G4
Lenovo ThinkPad Universal USB-C Dock
More PixArt wireless devices
More SunplusIT USB cameras
Some UFS devices
Steelseries Aerox 3 Wireless and Rival 3 Wireless
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
0001-absl-always-use-asm-sgidefs.h.patch
refreshed for new verion.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
CVE-2018-1078 is not for openflow but in the NVD database the
CVE is for a specific implementation that we don't have so we
can ignore it.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
cve-check is not able to correctly identify many of the patched
CVEs because of the non standard version number. All the ignored
CVEs were manually checked with the NVD database and deemed not
applicable to the current version.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The current version of usrsctp is not a release so cve-check
is not able to find the product version. CVE_VERSION is now set
to 0.9.3.0 that is the nearest version in the past starting from
the revision we have.
This is done because we don't have the complete 0.9.4.0 release.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Changelog:
==========
* smb: Rework anonymous handling to avoid EINVAL
* http: Unescape prefix to fix handling of encoded URIs
* build: Fix build without Avahi support
* dav: Drop user from URI as a workaround for Nextcloud bug
* dav: Port DNS-SD resolver to async API to fix hangs when mounting
* smb: Ignore EINVAL for kerberos/ccache login
* dav: Rewrite to libsoup async API to fix crashes
* dav: Do not lose userinfo when copying URIs
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
News in 5.4.2, 2022-06-12
-------------------------
* Updated languages: c.lang, perl.lang
* Updated style-schemes: Adwaita-dark, solarized-light, solarized-dark
* Updated translations: Friulian
* Gutter renderers are now provided a prelight quark for lines when the
pointer is over the gutter.
* Hover assistants now avoid synthesized motion which is used much more
often in GTK 4 when dealing with crossing-events.
* Hover assistants will now dismiss themselves when the cursor moves.
* GtkSourceMap has reduced how often it needs to do allocation by ignoring
spurious notify::upper and value-changed signals from GtkTextView's
vertical GtkAdjustment.
* The testsuite has gained some correctness improvements thanks to
issues pointed out by Sébastien Wilmet.
* The Vim emulation's register implementation is now shared between buffers
as it would be expected in Vim.
* Snippets have gained some robustness improvements including the ability
to simplify results from the snippet parser, more defensive behavior,
and being lazier when possible.
* Tabbing through focus-positions in snippets will now immediately jump
to the new position if scrolling is required instead of animating as
it results in better placement of tooltip assistants.
* Assistants including completion, hover, and interactive tooltips now
reduce how often they request presentation and position calculation from
GDK and ultimately display servers such as Wayland.
* Completion windows now take the size of the gutter into account when
calculating their position relative to the parent GtkWindow so that the
typed-text column remains aligned with typed text in the source view.
* Completion has gained robustness improvements to do less work when
possible and avoid spinning the frame-clock which could happen in
certain scenarios.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Changelog:
==========
* Fix translations in GTKs own ui files
* Wayland:
- Fix a problem with the activation protocol
- Don't force the HighContrast icontheme
- Ensure that our cursor surfaces don't violate
protocol constraints
* Windows:
- Fix a problem with builtin icons if the
hicolor icontheme is not installed
* GtkFileChooser:
- Fix pasting text into the name field
* GtkText:
- Remove an assertion that is sometimes hit
* Accssibility:
- Fix a problem in the accessibility tree
* Translation updates:
Brazilian Portuguese
German
Persian
Polish
Portuguese
Russian
Swedish
Turkish
Ukrainian
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Changelog:
==========
• Fix a crash at shutdown after saving state. This didn't cause any data
loss, but could be annoying.
• Spellcheck underline fixes for various languages
• Various robustness fixes for GTK 4
• Fixes for inconsistent line-endings
• Translation updates
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Changelog:
==========
* Updated translations
* Fixed incorrect history with bits toggling #281
* Fixed crash when typing in variable popover #282
* Fixed incorrect libxml usage #283
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This version fixes the display of devices with '&' in their names, and contains
updated translations.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Changelog:
===========
This release adds support for libsoup 3.x. To use the libsoup 3.x build,
applications will need to be adapted to look for the "-2.0" version of the API.
This allows both native and interpreted applications to select which version
of libsoup they want geocode-glib to use as the backend, and for both versions
to be installed in distributions.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Remove the backported patch mariadb-openssl3.patch as the logic
is included in the new version.
Add zstd to DEPENDS as below commit [1] introduced.
770cf22 CONC-575: Support for MySQL zstd compression
[1] https://github.com/mariadb-corporation/mariadb-connector-c/commit/770cf2286ab4819ae698356541d4fa14578f3ca6
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This patch is not only needed for target but also needed for native and
nativesdk variants.
Fixes
do_populate_sysroot: QA Issue: : /work/x86_64-linux/php-native/8.1.7-r0/sysroot-destdir/
work/x86_64-linux/php-native/8.1.7-r0/recipe-sysroot-native/usr/bin/phar.phar maximum shebang size exceeded, the ma
ximum size is 128. [shebang-size]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|