summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* xrdp: upgrade 0.9.19 -> 0.9.20Jason Schonberg2025-01-175-24/+15
| | | | | | | | | Patches updated with devtool Changelog: https://github.com/neutrinolabs/xrdp/releases/tag/v0.9.20 Signed-off-by: Jason Schonberg <schonm@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* audiofile: mark CVE-2020-18781 as patchedPeter Marko2025-01-171-0/+1
| | | | | | | | | | | | | | | | | | | | | | Per [1] this CVE is already patched by commit [2]. This can be also verified with yocto build. Running without this patch: root@qemux86-64:~# sfconvert poc.wav output format wave malloc(): corrupted top size Aborted Running with it: root@qemux86-64:~# sfconvert poc.wav output format wave Audio File Library: Bad number of coefficients [error 62] Could not open file 'poc.wav' for reading. [1] https://github.com/mpruett/audiofile/issues/56 [2] https://github.com/antlarr/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0 Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-pyserial: update recipe to use the ptest-python-pytest classDerek Straka2025-01-172-18/+3
| | | | | Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-pytest-localserver: update recipe to use the ptest-python-pytest classDerek Straka2025-01-172-15/+1
| | | | | Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-python-multipart: update recipe to use the ptest-python-pytest classDerek Straka2025-01-172-14/+1
| | | | | Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-pytoml: update recipe to use the ptest-python-pytest classDerek Straka2025-01-172-17/+3
| | | | | Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-pyyaml-include: update recipe to use the ptest-python-pytest classDerek Straka2025-01-172-12/+1
| | | | | Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-rapidjson: update recipe to use the ptest-python-pytest classDerek Straka2025-01-172-16/+1
| | | | | Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-requests-file: update recipe to use the ptest-python-pytest classDerek Straka2025-01-172-18/+1
| | | | | Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-requests-toolbelt: update recipe to use the ptest-python-pytest classDerek Straka2025-01-172-8/+3
| | | | | Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-scrypt: update recipe to use the ptest-python-pytest classDerek Straka2025-01-172-14/+2
| | | | | Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-semver: update recipe to use the ptest-python-pytest classDerek Straka2025-01-172-16/+1
| | | | | Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* vorbis-tools: patch CVE-2023-43361Peter Marko2025-01-172-0/+39
| | | | | | | | | | | | | | | | | | | | | | | | | This is inactive project, so no official CVE fix will be available anymore. That however does not mean that there is no fix available. Following tries to prove that patch provided here is valid. NVD CVE report [1] links issue [2] where this is reported. Based on the report, fix was proposed in [3]. There was some review however the patch autor was not active. [4] was later created trying to adddress the comments, but the project was not active anymore. In this PR the patch was shrunk to a one-liner in discussion. I have tested the poc and it is real. The patch fixes it, while not breaking the execution if good file path is provided as argument. [1] https://nvd.nist.gov/vuln/detail/CVE-2023-43361 [2] https://github.com/xiph/vorbis-tools/issues/41 [3] https://gitlab.xiph.org/xiph/vorbis-tools/-/merge_requests/7 [4] https://gitlab.xiph.org/xiph/vorbis-tools/-/merge_requests/8 Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* polkit: dont add mozjs PACKAGECONFIGMarkus Volk2025-01-171-1/+0
| | | | | | | | | fixes: ERROR: polkit-126-r0 do_configure: QA Issue: polkit: invalid PACKAGECONFIG: mozjs [invalid-packageconfig] ERROR: polkit-126-r0 do_configure: Fatal QA errors were found, failing task. Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* polkit: update 125 -> 126Luca Boccassi2025-01-162-60/+3
| | | | | | | Patch merged upstream. mozjs support dropped, remove PACKAGECONFIG. Signed-off-by: Luca Boccassi <luca.boccassi@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* jansson: fix a symbol clash when building with cmakeJaeyoon Jung2025-01-162-0/+31
| | | | | | | | | | | | It exports all symbols globally which results in a symbol clash, for example "hashtable_del" of ulogd2. It has been revealed because the recipe inherits cmake over autotools since Langdale. This fixes it by specifying visibility scope of symbols in its version script which matches what is given with the libtool flag '-export-symbols-regex' in Makefile.am. Signed-off-by: Jaeyoon Jung <jaeyoon.jung@lge.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libde265: switch to cmake buildsystemMarkus Volk2025-01-161-7/+5
| | | | | | | This fixes build issues with clang/qemuarm Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* gphoto2: Fix /usr/bin/gphoto2 runtime errorHieu Van Nguyen2025-01-161-4/+2
| | | | | | | | | | | | | | After fixing the TMPDIR [buildpaths] warning, a segmentation fault while running gphoto2 command. It seems 'sed' is primarily designed for text processing. When running 'sed' on a binary, it may overwrite or corrupt critical parts of the binary. > root@qemux86-64:~# gphoto2 -v > Segmentation fault Signed-off-by: Hieu Van Nguyen <hieu2.nguyen@lge.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cxxopts: add new recipeBartosz Szostak2025-01-161-0/+20
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* yyjson: force build shared libraryBartosz Szostak2025-01-161-0/+1
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* pistache : add initial recipeAyoub Zaki2025-01-151-0/+39
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* c-ares: upgrade 1.31.0 -> 1.32.0Jason Schonberg2025-01-151-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: https://github.com/c-ares/c-ares/releases/tag/v1.32.0 Features: Add support for DNS 0x20 to help prevent cache poisoning attacks, enabled by specifying ARES_FLAG_DNS0x20. Disabled by default. PR #800 Rework query timeout logic to automatically adjust timeouts based on network conditions. The timeout specified now is only used as a hint until there is enough history to calculate a more valid timeout. PR #794 Changes: DNS RR TXT strings should not be automatically concatenated as there are use cases outside of RFC 7208. In order to maintain ABI compliance, the ability to retrieve TXT strings concatenated is retained as well as a new API to retrieve the individual strings. This restores behavior from c-ares 1.20.0. PR #801 Clean up header inclusion logic to make hacking on code easier. PR #797 GCC/Clang: Enable even more strict warnings to catch more coding flaws. 253bdee MSVC: Enable /W4 warning level. PR #792 Bugfixes: Tests: Fix thread race condition in test cases for EventThread. PR #803 Windows: Fix building with UNICODE. PR #802 Thread Saftey: ares_timeout() was missing lock. 74a64e4 Fix building with DJGPP (32bit protected mode DOS). PR #789 Signed-off-by: Jason Schonberg <schonm@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* proftpd: define suffix for CVE version comparisonPeter Marko2025-01-151-0/+1
| | | | | | | | Similarly to old openssl versions, proftpd has patch releases with characters instead of numbers. Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* proftpd: upgrade 1.3.8b -> 1.3.8cPeter Marko2025-01-153-15/+15
| | | | | | | See https://github.com/proftpd/proftpd/blob/1.3.8/RELEASE_NOTES Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* proftpd: define UPSTREAM_CHECK_GITTAGREGEXPeter Marko2025-01-151-0/+3
| | | | | | | | | Patch releases have character after version devtool upgrade would currently downgrade 1.3.8b -> 1.3.8 This will make it upgrade 1.3.8b -> 1.3.8c Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* polkit: fix permissions of /usr/share/polkit-1/rules.d/ againLuca Boccassi2025-01-151-1/+1
| | | | | | | | | | | Commit d89fc818b716d099f83a5a9a973be428e2b66806 changed the permissions back to 700, which is wrong for /usr/share, these files are intended to be world readable. Change it back. Fixes: d89fc818b716 ("polkit: Install rules in subdir") Signed-off-by: Luca Boccassi <luca.boccassi@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mariadb: Upgrade to 11.4.4Khem Raj2025-01-1417-70/+80
| | | | | | Its the latest LTS supported release series Signed-off-by: Khem Raj <raj.khem@gmail.com>
* xdg-desktop-portal-gtk: upgrade 1.15.1 -> 1.15.2Wang Mingyu2025-01-141-1/+1
| | | | | | | | | | | | | | | | Changelog: ========== - Plug memory leak in the notification portal backend - Implement the contrast setting - Set correct platform data for notification activation - Drop use of private GNOME Shell notification API - Depend on the graphical-session target - Ensure proper shutdown target - Build against xdg-desktop-portal >= 1.19.1 - Translation updates Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wpan-tools: upgrade 0.9 -> 0.10Wang Mingyu2025-01-141-2/+2
| | | | | | | | | | License-Update: Delete unnecessary blank lines Changelog: https://github.com/linux-wpan/wpan-tools/releases/tag/wpan-tools-0.10 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* thingsboard-gateway: upgrade 3.5.3.1 -> 3.6.3Wang Mingyu2025-01-141-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ser2net: upgrade 4.6.2 -> 4.6.3Wang Mingyu2025-01-141-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-zeroconf: upgrade 0.136.2 -> 0.139.0Wang Mingyu2025-01-141-1/+1
| | | | | | | | | | | | | | Changelog: ========= - feat: implement heapq for tracking cache expire times - fix: ensure cache does not return stale created and ttl values - feat: improve performance of processing incoming records - fix: split wheel builds to avoid timeout - fix: move wheel builds to macos-13 - feat: speed up parsing incoming records Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-wrapt: upgrade 1.17.0 -> 1.17.1Wang Mingyu2025-01-141-2/+2
| | | | | | | | | | | Changelog: =========== - Due to GitHub actions changes, binary wheels were missing for macOS Intel. - Not implemented error for __reduce__() on ObjectProxy was incorrectly displaying the error as being on __reduce_ex__(). Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-sqlalchemy: upgrade 2.0.36 -> 2.0.37Wang Mingyu2025-01-141-2/+2
| | | | | | | | | | Changelog: https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.37 License-Update: Copyright year updated to 2025. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-sh: upgrade 2.1.0 -> 2.2.1Wang Mingyu2025-01-141-1/+1
| | | | | | | | Changelog: Bugfix where async and return_cmd does not raise exceptions Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-pdm: upgrade 2.22.1 -> 2.22.2Wang Mingyu2025-01-141-1/+1
| | | | | | | | | | | | | | | | | | | | Changelog: ============ - Write installer metadata like INSTALLER and REQUESTED to dist-info directory when installing packages. - Respect .python-version file in the project root directory when selecting the Python interpreter. By default, it will be written when running pdm use command. - Fix a problem of missing dependencies when adding to dev dependencies if both editable and non-editable dependencies exist. - Use stdlib for URL <-> Path conversions. - shellingham.detect_shell() returns ('tcsh', '/bin/tcsh') for tcsh on FreeBSD, so the current code tries to use the Bash venv activation script and fails due to syntax error. This change fixes the issue. - Fix a performance issue because pypi source credentials were being queried many times from keyring. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-mlcommons-loadgen: upgrade 5.0.4 -> 5.0.5Wang Mingyu2025-01-141-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-marshmallow: upgrade 3.24.1 -> 3.25.1Wang Mingyu2025-01-141-1/+1
| | | | | | | | | | | | | | | | | | | | | Changelog: =========== - Typing: Fix type annotations for Tuple <marshmallow.fields.Tuple>, Boolean <marshmallow.fields.Boolean>, and Pluck <marshmallow.fields.Pluck> constructors - Typing: Fix overload for marshmallow.class_registry.get_class - Various documentation improvements - Add top-level API back to docs - Typing: Improve type annotations for SchemaMeta.get_declared_fields - Typing: Relax type annotation for Schema.opts to allow subclasses to define their own options classes - Restore marshmallow.base.SchemaABC for backwards-compatibility - Don't override __new__ to avoid breaking usages of inspect.signature with Field <marshmallow.fields.Field> classes. This allows marshmallow-sqlalchemy users to upgrade marshmallow without upgrading to marshmallow-sqlalchemy>=1.1.1. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-gnupg: upgrade 0.5.3 -> 0.5.4Wang Mingyu2025-01-141-1/+1
| | | | | | | | Changelog: Fix #242: Handle exceptions in the on_data callable. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-flask-marshmallow: upgrade 1.2.1 -> 1.3.0Wang Mingyu2025-01-141-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-dirty-equals: upgrade 0.8.0 -> 0.9.0Wang Mingyu2025-01-141-1/+1
| | | | | | | | | | Changelog: =========== - fix problem with functools.singledispatch - uprev to v0.9 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-cmake: upgrade 3.31.2 -> 3.31.4Wang Mingyu2025-01-141-1/+1
| | | | | | | | | | | Changelog: =========== - chore(deps): bump the actions group across 1 directory with 2 updates - chore(deps): update pre-commit hooks - [Bot] Update to CMake 3.31.4 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-aniso8601: upgrade 9.0.1 -> 10.0.0Wang Mingyu2025-01-142-8/+8
| | | | | | | | | | | | | | Changelog: ========== - Reduced accuracy representations of years when parsing a calendar date are now only allowed to be [YY] - No longer specify a Python interpreter version to Black - Cleanup unsupported Pylint configuration options - Fix used-before-assignment errors - Fix coverage issue caused by unreachable conditional in _parse_interval_end Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* pugixml: upgrade 1.14 -> 1.15Wang Mingyu2025-01-141-2/+2
| | | | | | | | | | | | | | | | | | | | | License-Update: Copyright year updated to 2025. Changelog: ========== - Many xml_attribute:: and xml_node:: functions now transparently support std::string_view and std::string when C++17 support is detected. - Improve pkg-config file generation for NixOS - PUGIXML_BUILD_APPLE_FRAMEWORK CMake option can be used to build pugixml as .xcframework - PUGIXML_INSTALL CMake option can be used to disable installation targets - Fix clang/gcc warnings -Wzero-as-null-pointer-constant, -Wuseless-cast, -Wshorten-64-to-32 - Fix unreferenced function warnings in PUGIXML_NO_STL configuration - Fix CMake 3.31 deprecation warnings - Stop using deprecated throw() when noexcept is available Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* paho-mqtt-c: upgrade 1.3.13 -> 1.3.14Wang Mingyu2025-01-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Changelog: =========== - Update CMake toolchain link in README file - CMake cleanup, bump to v3.5, and submodule improvements - Fix usage of memset - Assigned Client Identifier constant misspelled - Exporting the -static CMake targets when both shared and static libraries built. - Some minor hardening of MQTTProperties functions - Zero out MQTTProperty before reading - Fix doc comment for MQTTAsync_disconnected - Small cleanup of OpenSSL/LibreSSL CMake - Fix usage of realloc - Fix compiler warnings - Small cleanup of OpenSSL/LibreSSL CMake (2nd try) - Fix IpV6 link local address connections - Added support for UNIX-domain sockets for v1.3.x - Build all the sample applications for the static library - Fix possible memory leak Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* monit: upgrade 5.34.3 -> 5.34.4Wang Mingyu2025-01-141-1/+1
| | | | | | | | | | | | | | | | | | | Changelog: ========== - If the Monit configuration file contains a string with unbalanced escape sequences, Monit may crash upon startup. - If the password in the set mmonit URL contains only binary characters, syntax check passed (-t), but Monit aborts after start and reports error - If the every <cron> statement contained a syntax error, syntax check passed (-t), but Monit aborts after start and reports error - If the timeout option value was set to 0, the syntax check was successful (-t), but Monit aborts after starting and reports error - The set syslog statement's facility option did not permit the specification of the log_user. - Double interpretation of format strings during RETHROW Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* lldpd: upgrade 1.0.18 -> 1.0.19Wang Mingyu2025-01-141-1/+1
| | | | | | | | | | | | | | | Changelog: ========= - Support of both Apple Silicon and Intel for macOS package. - Add cvlan/svlan/tpmr capabilities. - Disable LLDP in firmware for Intel X7xx cards on FreeBSD. - Add lldpctl_watch_sync_unblock to liblldpctl. - Add C++ wrapper for lldpctl. - Fix AppArmor policy for /run/lldpd/lldpd.socket.lock. - Do not query stats for a down interface on Linux. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libserialport: upgrade 0.1.1 -> 0.1.2Wang Mingyu2025-01-141-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libdbi-perl: upgrade 1.644 -> 1.646Wang Mingyu2025-01-142-33/+3
| | | | | | | | | | | | | | | | | | | | | 0001-Fix-building-on-Fedora-40-with-GCC-14.2.1.patch removed since it's included in 1.646 License-Update: Copyright year updated to 2025 Changelog: =========== * Remove "experimental" tag from statistics_info () * RT tickets moved to github issues * Fix install issue * Move developer tests to xt/ * Make Changes match CPAN::Changes::Spec and regen DBI::Changes from that * Fixes for modern gcc i.c.w. recent perl * Small code & doc cleanups for recent perl * See TODO in `perldoc DBI` to see where you can help with documentation Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libconfig-general-perl: upgrade 2.65 -> 2.67Wang Mingyu2025-01-141-1/+1
| | | | | | | | | | | | | Changelog: ========== - fixing tests (add missing file to dist tarball) - created gitignore file. - add support to quote values containing whitespace using the new flag -AlwaysQuoteOutput. - fix exporter setup, use "our" where appropriate. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>