| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CVE is fixed in current libsass recipe version.
So wrapper around it will also not show this problem.
It's usual usecase is to be statically linked with libsass which is
probably the reason why this is listed as vulnerable component.
[1] links [2] as issue tracker which points to [3] as fix.
[4] as base repository for the recipe is not involved and files from [3]
are not present in this repository.
[1] https://nvd.nist.gov/vuln/detail/CVE-2022-43357
[2] https://github.com/sass/libsass/issues/3177
[3] https://github.com/sass/libsass/pull/3184
[4] https://github.com/sass/sassc/
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Solves dozens of vulnerabilities. See
https://php.watch/versions/8.2/releases/8.2.21
https://php.watch/versions/8.2/releases/8.2.22
https://php.watch/versions/8.2/releases/8.2.23
https://php.watch/versions/8.2/releases/8.2.24
https://php.watch/versions/8.2/releases/8.2.25
https://php.watch/versions/8.2/releases/8.2.26
Removes CVE-2024-11233, CVE-2024-11234 and CVE-2024-11236 from
current cve metrics.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NVD tracks this CVE as version-less.
Per [1] this is fixed by following commits:
$ git tag --contains b28a3cef416fcfb92fbb9ea7fd3c71df52c6c9fc
0.26.0
0.26.0-rc1
$ git tag --contains 02e847458369c08421fd2d5e9a16a5f272c2de9e
0.26.0
0.26.0-rc1
[1] https://github.com/OpenSC/OpenSC/wiki/CVE-2024-8443
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Solves CVE-2024-45615, CVE-2024-45616, CVE-2024-45617, CVE-2024-45618,
CVE-2024-45619 and CVE-2024-45620.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Includes fix for CVE-2024-10976, CVE-2024-10977, CVE-2024-10978
and CVE-2024-10979
Changelog:
https://www.postgresql.org/docs/release/16.5/
0003-configure.ac-bypass-autoconf-2.69-version-check.patch
Refreshed for 16.5
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
This will remove false-positive CVE-2024-50655 from reports.
There are different emlog components from other vendors around.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
This is Debian-specific CVE.
NVD tracks this CVE as version-less.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Our hash does not point to exact tag and CVE patch is already in.
We use: 33a8a275928b186381bb0aea0f9778e330e57ec3
Fix: https://github.com/labapart/gattlib/commit/60b813a770e42fdb0e85c1d2da7a55327784b8d6
git describe --tags --match=v0.2 33a8a275928b186381bb0aea0f9778e330e57ec3 60b813a770e42fdb0e85c1d2da7a55327784b8d6
v0.2-262-g33a8a27
v0.2-85-g60b813a
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
This CVE is for vmware ace.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
for cross-compilation
Refresh local patch to remove '-L/usr/lib/p7zip'
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Due to commit [Use 7zip 2409 to replace p7zip 16.02] applied,
update affected recipes
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to DOC/readme.txt [1]:
7-Zip and p7zip
===============
Now there are two different ports of 7-Zip for Linux/macOS:
1) p7zip - another port of 7-Zip for Linux, made by an independent developer.
The latest version of p7zip now is 16.02, and that p7zip 16.02 is outdated now.
http://sourceforge.net/projects/p7zip/
2) 7-Zip for Linux/macOS - this package - it's new code with all changes from latest 7-Zip for Windows
Add recipe 7-zip [2] to instead of recipe p7zip[3] in which the upstream is dead since 2016
Use git repo to instead of tarball
Drop obsolete patches
- CVE-2016-9296.patch
- CVE-2017-17969.patch
- CVE-2018-5996.patch
- change_numMethods_from_bool_to_unsigned.patch
- 0001-Fix-two-buffer-overflow-vulnerabilities.patch
- 0001-Fix-narrowing-errors-Wc-11-narrowing.patch
License-Update: DOC/License.txt: Add BSD-2-Clause & BSD-3-Clause
The codec libraries was removed since 21.02 [4]
Refer debian to compile 7-zip [5]
Add link 7z.so to lib7z.so and create wrapper to command 7z
which required running with absolute path to link the library 7z.so
[1] https://salsa.debian.org/debian/7zip/-/blob/master/DOC/readme.txt?ref_type=heads
[2] https://sourceforge.net/projects/p7zip/
[3] https://www.7-zip.org/
[4] https://github.com/p7zip-project/p7zip/commit/6c6ed1eba9ff0c0ded9323600f1f3c686d6b6692
[5] https://salsa.debian.org/debian/7zip/-/blob/master/debian/rules
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
| |
It does not build without it.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
0001-detect-correct-openssl-3.x.patch
removed since it's included in 0.4.13
Changelog:
=========
- Increased maximum PIN length
- Fixed several memory leaks
- Don't include libp11.rc VERSIONINFO into pkcs11
- Reimplement CI with GitHub Actions
- Improved tests
- Added static ENGINE (libpkcas11.a) build
- Added a workaround broken foreign key handling in OpenSSL
3.0.12-3.0.13, 3.1.4-3.1.5, 3.2.0-3.2.1
- Added a workaround for conflicting atexit() callbacks
- Always login with PIN If FORCE_LOGIN is specified in openssl config
- Added OAEP support to RSA_private_decrypt
- Added PKCS11_enumerate_*_ext functions
- Fixed non-null-terminated label padding
- Fixed several object management issues
- Deferred libp11 initialization until needed
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
| |
all libpeas recipes are in meta-gnome now.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
- Use _stricmp() instead of strcasecmp() on Windows
- Accept --help & --version as aliases to -help & -version
- evargs.c: constify pointer arguments that aren't modified
- evargs.c: Use standard strchr() instead of deprecated index()
- Remove detectableRepeat variable
- Assume target platforms have strcasecmp now
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Changelog:
https://github.com/uclouvain/openjpeg/blob/v2.5.3/NEWS.md
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
- Fix memory not released on error return from pb_decode_ex()
- Fix deprecated MakeClass() call in generator
- Fix compiler error with enums and --c-style
- Fix version conflict with bazel build rules
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
- Fixed: If the ping statement did not explicitly specify an outgoing address
but a previous ping statement did, the same address was shared by both
statements.
- Fixed: Monit may crash upon stopping if the ping statement is used in
conjunction with the address option.
- Fixed: If a directory is set in the 'allow' option of the 'set httpd'
statement, instead of file or string, Monit hangs on start.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
0001-fix-command-bin-findmnt-bin-lsblk-bin-sort-not-found.patch
removed since it's included in 2.03.29
Changelog:
===========
* Fix renaming of raid sub LVs when converting a volume to raid (2.03.28).
* Fix segfault/VG write error for raid LV 'lvextend -i|--stripes -I|--stripesize'.
* Add configure --enable/disable-sd-notify to control lvmlockd build with sd-notify.
* Allow test mode when lvmlockd is built without dlm support.
* Add a note about RAID + integrity synchronization to lvmraid(7) man page.
* Add a function for running lvconvert --repair on RAID LVs to lvmdbusd.
* Improve option section of man pages for listing commands ({pv,lv,vg}{s,display}).
* And some cleanup mostly in test code.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
- Socket code has been moved to libimobiledevice-glue library
- Code cleanup (clang-tidy) and improvements
- autoconf: Fix clang-16 breakage
- Add libusbmuxd_version() function to interface
- iproxy: Use updated socket_create API to listen on IPv4 and IPv6 with a single socket
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Changes:
* Revert back API change around PLIST_DATA to use char* again
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
0001-CMakeLists.txt-respect-CMAKE_INSTALL_LIBDIR-for-mult.patc
refreshed for 6.0.2
0001-cmake-Test-for-sys-uio.h.patch
removed since it's included in 6.0.2
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
- Support for building the SWIG-generated R language bindings has been
integrated into the CMake build system. This is controllable by the
'-DENABLE_R={AUTO|ON|OFF}' option.
- A sandboxing wrapper, 'dot_sandbox', is now included with Graphviz. Users
should prefer their platform's native security solutions, but if nothing
better is available this wrapper offers safe processing of untrusted inputs in
some scenarios.
- JPEG images without an 'APP0' leading segment are supported for use in 'src'
fields and friends. Previously Graphviz was overly strict with the types of
JPEGs it would recognize.
- The GVPR library program 'depath' no longer acts on previously deleted nodes,
causing unpredictable results.
- Void-typed function parameters ('int foo(void bar)') and variables 'void baz;'
in GVPR are gracefully rejected.
- Input that induce a set node height but no set node width no longer crash with
the failure "Assertion failed: '(r->boundary[i] <= r->boundary[NUMDIMS + i])',
function RTreeInsert". It is typically not obvious to users when their input
falls into this situation, hence why the assertion message is quoted here.
- Strings containing double quote characters preceded by escape sequences (e.g.
'\n"') are once again correctly escaped in dot or canonical output.
- 'dot_builtins' no longer lists duplicate format options in its error messages.
- A precision error that resulted in truncated edge lines has been corrected.
This was a regression in Graphviz 12.0.0.
- The xlib plugin ('-Tx11') resets its initialization state during finalization.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
============
- Removed ACE_make_checked_array_iterator that used deprecated stdext::checked_array_iterator
- Embarcadero C++ Builder bcc64x compiler support has been updated to match the C++Builder 12.2 release
- Added support for Linux platforms that use musl-libc instead of glibc
- Improved QNX support
- Add support for std::string_view to CDR classes
- Define ACE_HAS_CPP23 when we have a C++23 capable C++ compiler
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Drop 0001-Remove-builddir-and-srcdir-paths-from-test-binaries.patch
peas-demo is not built anymore
- Add patch to disable the broken check for lgi
lgi does not support pkgconfig but it hasn't changed version since 2017
- Remove gtk+3 from depends and dont inherit gtk-icon-cache to not pull it
in again indirectly
- g-i is not required anymore and will be built depending on DISTRO_FEATURES
- Dont package the loaders into separate packages to reduce required RDEPENDS.
If a loader is not wanted on target it will be better to remove the according
PACKAGECONFIG option to also remove the dependencies?
- Move libpeas recipe to meta-gnome
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
* fix xz decompression
* add zstd decompression
Signed-off-by: ayoub.zaki@embetrix.com
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
gobject bindings for lua
Required to build the lua51 loader for libpeas-2
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
mozjs-128 is the current esr release based on firefox 128
Add a new recipe and keep mozjs-115 as its still supported and used by polkit
- Remove two backported patches
- Remove a (hopefully) unneeded patches for musl (build for qemuarm/musl succeeded)
- Add dependency for cbindgen-native
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
cbindgen creates C/C++11 headers for Rust libraries which expose a public C API
It is a required dependency for the current mozjs esr release
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ver 3.2:
Fix issue with GCC 15 and -std=c23 build errors.
Add support for using PMKSA over SAE if available.
Add support for HighUtilization/StationCount thresholds.
Add support for disabling Multicast RX option.
ver 3.1:
Fix issue with handling OWE transition BSS selection.
Fix issue with handling oper class 136 starting frequency.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
The lvm2-udevrules package has not actually been created since commit
c37c867e1adddd6fa39cf3f3d4c6688ea6dc825a.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Newer version of tclap integrates the changes from 0001-tclap-add-pkg-config-file.patch.
Signed-off-by:
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Also enable arm64 support
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Add a PACKAGECONFIG option for polkit. Activate it when
DISTRO_FEATURES contains 'polkit'.
Signed-off-by: Marc Ferland <marc.ferland@sonatest.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Marc Ferland <marc.ferland@sonatest.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
upower releases are available as tar.bz2 archives let's use them
instead off cloning the whole repo.
Also, fix the UPSTREAM_CHECK regex that changed after revision
0.99.13. The format went from:
UPOWER_0_99_13
to
v0.99.14
Signed-off-by: Marc Ferland <marc.ferland@sonatest.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
- Add PHP 8.4 support to Smarty
- Fixed that using count() would trigger a deprecation notice.
- Fixed argument must be passed by reference error introduced in v4.5.1
- Using PHP functions and static class methods in expressions now also triggers a deprecation notice
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This update fixes the build against kernel 6.12+
Also, to fix the following warning:
WARNING: vboxguestdrivers-7.0.22-r0 do_unpack: vboxguestdrivers: the directory ${WORKDIR}/${BP}
(build/tmp/work/qemux86_64-poky-linux/vboxguestdrivers/7.0.22/vboxguestdrivers-7.0.22) pointed
to by the S variable doesn't exist - please set S within the recip
We can set S for the unpack task, much the same way we do for
patch. Alternate solutions should work (do_unpack[dirs], etc), but
they didn't work in my testing.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Patch reported issue observed on ARM32 based HW during bump
from Langdale to Scarthgap
Signed-off-by: Martin Siegumfeldt <mns@gomspace.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This removes false positive CVE-2024-21485 from cve reports.
$ sqlite3 nvdcve_2-2.db
sqlite> select * from products where product = 'dash';
CVE-2009-0854|dash|dash|0.5.4|=||
CVE-2024-21485|plotly|dash|||2.13.0|<
CVE-2024-21485|plotly|dash|2.14.0|>=|2.15.0|<
Our dash:dash did not reach major version 1 yet.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to version 6.9.0:
- Generated bindings now require Python v3.9 or later.
- Type hints now conform to PEP 585.
- The latest sip module ABI versions are v12.16 and v13.9.
- Added support for the deprecated() decorator in .pyi files.
- PyQt-specific support for registering QFlags types.
- The handling of the SIP versions timeline was fixed.
- Annotations are now only validated if they are known to be needed.
- The buffer protocol support for byte objects was fixed.
- All outstanding compiler warnings were eliminated when building
the sip module.
- Redundant % in trace output of this pointer in were removed.
The work was sponsored by GOVCERT.LU.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
