| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Release Notes:
https://github.com/vmware/open-vm-tools/blob/stable-12.4.0/ReleaseNotes.md
https://github.com/vmware/open-vm-tools/blob/stable-12.4.5/ReleaseNotes.md
ChangeLog:
https://github.com/vmware/open-vm-tools/blob/stable-12.4.0/open-vm-tools/ChangeLog
https://github.com/vmware/open-vm-tools/blob/stable-12.4.5/open-vm-tools/ChangeLog
Drop --without-xerces configuration option as it has been removed since
12.4.0.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
ChangeLog:
https://github.com/FRRouting/frr/commit/dbf8dac1cea2b1235746e2d966a8ded9cffd5dc3
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
0.44.0 (stable)
===============
All:
- Translation updates
All contributors to this release:
- Sabri Ünal <yakushabb@gmail.com>
- Chao-Hsiung Liao <j_h_liau@yahoo.com.tw>
Added/updated translations:
- tr.po, courtesy of Sabri Ünal
- zh_TW.po, courtesy of Cheng-Chia Tseng
0.43.0 (unstable)
=================
Minimum Soup version required is now 3.2
Tracker:
- Plugin removed, please use Tracker3
LMS:
- Plugin removed
All contributors to this release:
- Jens Georg <mail@jensge.org>
- Piotr Drąg <piotrdrag@gmail.com>
- Scrambled 777 <weblate.scrambled777@simplelogin.com>
Added/updated translations:
- hi.po, courtesy of Scrambled777
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Re-include packages that are seen reproducible in the last 3 AB runs:
https://autobuilder.yoctoproject.org/typhoon/#/builders/155/builds/41/steps/12/logs/stdio
https://autobuilder.yoctoproject.org/typhoon/#/builders/155/builds/42/steps/12/logs/stdio
https://autobuilder.yoctoproject.org/typhoon/#/builders/155/builds/43/steps/12/logs/stdio
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
| |
Allocated 5G RAM to qemu when running the ptest to avoid OOMs
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Drop the patch to disable strip instead set the env variable.
set UJSON_BUILD_NO_STRIP=1 and get rid of one pending patch
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
| |
Needed for 'this', 'abc' modules
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
46.1 - September 03, 2024
=========================
Alexandre Franke:
* metainfo: fix URLs
* metainfo: replace screenshots
Athmane MOKRAOUI:
* Add Kabyle translation
Updated translations:
* Alexandre Franke (fr), Anders Jonsson (sv), Andi Chandler (en_GB),
Andika Triwidada (id), Artur S0 (ru), Asier Sarasua Garmendia (eu),
Athmane MOKRAOUI (kab), Aurimas Černius (lt), Balázs Úr (hu), Boyuan
Yang (zh_CN), Danial Behzadi (fa), Daniel Rusek (cs), Daniel Șerbănescu
(ro), Efstathios Iosifidis (el), Ekaterine Papava (ka), Guntupalli
Karunakar (hi), Hugo Carvalho (pt), Jordi Mas i Hernandez (ca), Juliano de
Souza Camargo (pt_BR), Jürgen Benvenuti (de), Martin (sl), Matej Mrenica
(sk), Piotr Drąg (pl), Rachida SACI (kab), Sabri Ünal (tr), Seong-ho Cho
(ko), Vasil Pupkin (be), Vincent Chatelain (fr), Yaron Shahrabani (he),
Yuri Chornoivan (uk)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
ChangeLog:
https://salsa.debian.org/installer-team/debootstrap/-/blob/1.0.137/debian/changelog
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
ChangeLog:
https://github.com/open-source-parsers/jsoncpp/releases/tag/1.9.6
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
* Drop 0001-libgcrypt.c-Fix-prototype-of-des3_encrypt-des3_decry.patch
as the issue has been fixed upstream.
* Add a patch to fix build with clang.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
ChangeLog:
https://github.com/canonical/netplan/releases/tag/1.1
* Drop the following patches as the issues have been fixed upstream:
0001-meson.build-drop-unnecessary-build-dependencies.patch
0001-networkd.c-define-scope-specific-to-case-statement.patch
* Set build option -Dtesting=false to skip testing.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
ChangeLog:
https://github.com/uclouvain/openjpeg/blob/v2.5.2/NEWS.md
* Refresh 0002-Do-not-ask-cmake-to-export-binaries-they-don-t-make-.patch
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Release Notes:
https://www.fltk.org/articles.php?L1898
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Those are the non-reproducible packages from:
https://autobuilder.yoctoproject.org/typhoon/#/builders/155/builds/43
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Github pull requests are not recommended. When a Github contributor
wants to send patches from its repo, hint at "git request-pull"
generated emails to guide them on the right way.
Cc: Dmitry Baryshkov <dbaryshkov@gmail.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Those are the non-reproducible packages from:
https://autobuilder.yoctoproject.org/typhoon/#/builders/155/builds/43
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Jan Vermaete <jan.vermaete@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
WirePlumber 0.5.6
~~~~~~~~~~~~~~~~~
Additions:
- Implemented before/after dependencies for components, to ensure correct
load order in custom configurations (#600)
- Implemented profile inheritance in the configuration file. This allows
profiles to inherit all the feature specifications of other profiles, which
is useful to avoid copying long lists of features just to make small changes
- Added multi-instance configuration profiles, tested and documented them
- Added a ``main-systemwide`` profile, which is now the default for instances
started via the system-wide systemd service and disables features that
depend on the user session (#608)
- Added a ``wp_core_connect_fd`` method, which allows making a connection to
PipeWire via an existing open socket (useful for portal-based connections)
Fixes:
- The Bluetooth auto-switch script now uses the common event source object
managers, which should improve its stability (!663)
- Fix an issue where switching between Bluetooth profiles would temporarily
link active audio streams to the internal speakers (!655)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Thanks Martin to point the latest commit, see [1]
[1] https://git.ideasonboard.org/yavta.git/commit/?id=52c975e5542504ac10bed8b1d68df5c75951d202
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Martin Jansa <martin.jansa@gmail.com>
Cc: Ryan Eatmon <reatmon@ti.com>
Cc: Einar Jon Gunnarsson <tolvupostur@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes vs 3.3a are located at
https://raw.githubusercontent.com/tmux/tmux/3.4/CHANGES. However, the most
pressing reason to upgrade is that tmux crashes on copy, see
https://github.com/tmux/tmux/issues/3699.
tmux's config parser was rewritten to use yacc, which necessitates DEPENDS +=
bison-native.
drop md5sum
Signed-off-by: Rich Tollerton <rich.tollerton@ni.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Import the patch from pending MR to fix the way flags are being handled
by SConsript. Otherwise CXXFLAGS being added to CCFLAGS, masking test
results because of the -fvisibility-inlines-hidden warning turning into
error.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2024-45230: Potential denial-of-service vulnerability in
django.utils.html.urlize()
urlize and urlizetrunc were subject to a potential denial-of-service attack
via very large inputs with a specific sequence of characters.
CVE-2024-45231: Potential user email enumeration via response status on
password reset
Due to unhandled email sending failures, the
django.contrib.auth.forms.PasswordResetForm class allowed remote attackers to
enumerate user emails by issuing password reset requests and observing the
outcomes.
To mitigate this risk, exceptions occurring during password reset email
sending are now handled and logged using the django.contrib.auth logger.
CVE-2024-41989: Memory exhaustion in django.utils.numberformat.floatformat()
The floatformat template filter is subject to significant memory consumption
when given a string representation of a number in scientific notation with
a large exponent.
CVE-2024-41990: Potential denial-of-service in django.utils.html.urlize()
The urlize() and urlizetrunc() template filters are subject to a potential
denial-of-service attack via very large inputs with a specific sequence of
characters.
CVE-2024-41991: Potential denial-of-service vulnerability in
django.utils.html.urlize() and AdminURLFieldWidget
The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget,
are subject to a potential denial-of-service attack via certain inputs with
a very large number of Unicode characters.
CVE-2024-42005: Potential SQL injection in QuerySet.values() and values_list()
QuerySet.values() and values_list() methods on models with a JSONField are
subject to SQL injection in column aliases via a crafted JSON object key as
a passed *arg.
CVE-2024-38875: Potential denial-of-service in django.utils.html.urlize()
urlize() and urlizetrunc() were subject to a potential denial-of-service
attack via certain inputs with a very large number of brackets.
CVE-2024-39329: Username enumeration through timing difference for users with
unusable passwords
The django.contrib.auth.backends.ModelBackend.authenticate() method allowed
remote attackers to enumerate users via a timing attack involving login
requests for users with unusable passwords.
CVE-2024-39330: Potential directory-traversal in
django.core.files.storage.Storage.save()
Derived classes of the django.core.files.storage.Storage base class which
override generate_filename() without replicating the file path validations
existing in the parent class, allowed for potential directory-traversal via
certain inputs when calling save().
Built-in Storage sub-classes were not affected by this vulnerability.
CVE-2024-39614: Potential denial-of-service in
django.utils.translation.get_supported_language_variant()
get_supported_language_variant() was subject to a potential denial-of-service
attack when used with very long strings containing specific characters.
To mitigate this vulnerability, the language code provided to
get_supported_language_variant() is now parsed up to a maximum length of
500 characters.
Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2024-45230: Potential denial-of-service vulnerability in
django.utils.html.urlize()
urlize and urlizetrunc were subject to a potential denial-of-service attack
via very large inputs with a specific sequence of characters.
CVE-2024-45231: Potential user email enumeration via response status on
password reset
Due to unhandled email sending failures, the
django.contrib.auth.forms.PasswordResetForm class allowed remote attackers to
enumerate user emails by issuing password reset requests and observing the
outcomes.
To mitigate this risk, exceptions occurring during password reset email
sending are now handled and logged using the django.contrib.auth logger.
CVE-2024-41989: Memory exhaustion in django.utils.numberformat.floatformat()
The floatformat template filter is subject to significant memory consumption
when given a string representation of a number in scientific notation with
a large exponent.
CVE-2024-41990: Potential denial-of-service in django.utils.html.urlize()
The urlize() and urlizetrunc() template filters are subject to a potential
denial-of-service attack via very large inputs with a specific sequence of
characters.
CVE-2024-41991: Potential denial-of-service vulnerability in
django.utils.html.urlize() and AdminURLFieldWidget
The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget,
are subject to a potential denial-of-service attack via certain inputs with
a very large number of Unicode characters.
CVE-2024-42005: Potential SQL injection in QuerySet.values() and values_list()
QuerySet.values() and values_list() methods on models with a JSONField are
subject to SQL injection in column aliases via a crafted JSON object key as
a passed *arg.
CVE-2024-38875: Potential denial-of-service in django.utils.html.urlize()
urlize() and urlizetrunc() were subject to a potential denial-of-service
attack via certain inputs with a very large number of brackets.
CVE-2024-39329: Username enumeration through timing difference for users with
unusable passwords
The django.contrib.auth.backends.ModelBackend.authenticate() method allowed
remote attackers to enumerate users via a timing attack involving login
requests for users with unusable passwords.
CVE-2024-39330: Potential directory-traversal in
django.core.files.storage.Storage.save()
Derived classes of the django.core.files.storage.Storage base class which
override generate_filename() without replicating the file path validations
existing in the parent class, allowed for potential directory-traversal via
certain inputs when calling save().
Built-in Storage sub-classes were not affected by this vulnerability.
CVE-2024-39614: Potential denial-of-service in
django.utils.translation.get_supported_language_variant()
get_supported_language_variant() was subject to a potential denial-of-service
attack when used with very long strings containing specific characters.
To mitigate this vulnerability, the language code provided to
get_supported_language_variant() is now parsed up to a maximum length of
500 characters.
Fixed a crash in Django 4.2 when validating email max line lengths with content
decoded using the surrogateescape error handling scheme (#35361)
Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
| |
Add missing six and attrs modules to runtime deps
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
It was an overisight during upgrade
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
grl-type-builtins.* are generated by glib-mkenums which leave full paths
in comment and #include directives. Rewrite those before *-src packaging.
Previous fix did not correct the .c file and did not work in the
"devtool modify" case.
Fix these errors:
ERROR: grilo-0.3.16-r0 do_package_qa: QA Issue: File /usr/src/debug/grilo/0.3.16/src/grl-type-builtins.c in package grilo-src contains reference to TMPDIR [buildpaths]
ERROR: grilo-0.3.16-r0 do_package_qa: QA Issue: File /usr/src/debug/grilo/0.3.16/src/grl-type-builtins.h in package grilo-src contains reference to TMPDIR [buildpaths]
ERROR: grilo-0.3.16-r0 do_package_qa: Fatal QA errors were found, failing task.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
The fix is required to deal with absolute paths when using genimage in
openembedded context.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Building autotools packages from git can be a bit tricky and requires
manual invocations of autogen.sh, etc.
An attempt to build for native build fails with:
| autoreconf: running: autopoint --force
| Can't exec "autopoint": No such file or directory at [..]/tmp/work/x86_64-linux/libconfuse-native/3.3/recipe-sysroot-native/usr/share/autoconf/Autom4te/FileUtils.pm line 318.
| autoreconf: error: autopoint failed with exit status: 2
| WARNING: exit code 2 from a shell command.
Since the project itself states
> Please ensure you download a versioned archive from:
> https://github.com/libconfuse/libconfuse/releases/
simply switch this recipe to using release archives and thus simplify it
and fix the automake issue.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
DESCRIPTION will default to SUMMARY, but not the other way round.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Allows to use libconfuse in native tools like 'genimage'.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This prepares for using libconfuse for the 'genimage' recipe which
should reside in meta-oe.
Also libftdi (which is in meta-oe already) optionally requires
libconfuse when PACKAGECONFIG option 'ftdi-eeprom' is enabled.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
bpftool is supported for riscv64 and tested on qemuriscv64.
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
9d11fc3e05ea tprctl: enhance sighandler to explicitly print si_code
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
7668d820cadc simulate a MCE event happened during TDX guest context
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
ChangeLog:
https://crash-utility.github.io/changelog/ChangeLog-8.0.5.txt
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
