| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
=============
- Added Share Name character check.
- Implemented cmake package version checking.
- Fixed broker tool not delivering all retained messages when wildcard
subscription matches multiple topics.
- Added get_qos2_publish_handled_pids(), restore_qos2_publish_handled_pids(),
restore_packets(), and get_stored_packets() to client for convenient.
- get_endpoint() can be omitted now.
- Refined reconnect examples.
- Added websocket async_close timeout.
- Added documentation regarding stream reuse restrictions for TLS-related
streams.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
- Fix license checksum: Copyright year has been changed
- Add support for av1 and jxl
- libavif is in meta-multimedia -> disable av1 by default
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Fix the following error:
ERROR: core-image-minimal-1.0-r0 do_rootfs: Postinstall scriptlets of ['tigervnc'] have failed. If the intention is to defer them to first boot,
then please place them into pkg_postinst_ontarget:${PN} ().
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
CPEs are registered for iperf_project2:iperf2 in addition to
iperf_project:iperf. By changing CVE_PRODUCT to an appends, this ensures
that both iperf and iperf2 CPEs are used for CVE matching.
Signed-off-by: Colin Pinnell McAllister <colin.mcallister@garmin.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Contains fix for CVE-2026-14009.
Changelog:
* Fix CVE-2025-14009: secure ZIP extraction in nltk.downloader
* Block path traversal/arbitrary reads in nltk.data for protocol-less refs
* Block path traversal/abs paths in corpus readers and FS pointers
* Validate external StanfordSegmenter JARs using SHA256
* Add optional sandbox enforcement for filestring()
* Maintenance: downloader/zipped models, CI/tooling updates
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-23532
The related Github advisory[1] contains a detailed analysis about
the vulnerability. Pick the patch that describes the same
issue in its description.
[1]: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fq8c-87hj-7gvr
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-23530
The related Github advisory[1] contains an amalysis of the
vulenrability, describing the issue and the root cause also.
Backported the commit that implemented the solution described
in the advisory.
[1]: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-r4hv-852m-fq7p
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 4.7.1:
- Add controls for verify_sub option in PyJWT
From release 4.7.0:
- Drop support for python 3.7 and 3.8, add 3.13
- Fix documentation around identity needing to be a string
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 3.0.1:
- Fix link rendering in readme
- Fix handling of _version.py file
From release 3.0.0:
- Support Flask 3.0+ and PyMongo 4.0+.
- Support Python 3.9-3.13.
- Support MongoDB 4.4+.
- Add support for ~flask.json.jsonify().
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 5.6.1:
- Session fixes for Flask >= 3.1.3
- Update SocketIO constructor documentation
- Switch to the Furo documentation template
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 6.0.2:
- Update license pyproject.toml
From 6.0.1:
- Invert regex sorting to make it correctly match the intent
(sorting by specificity descending)
- Fix README file extension in pyproject.toml
From 6.0.0:
- [CVE-2024-6839] Sort Paths by Regex Specificity
- [CVE-2024-6844] Replace use of (urllib) unquote_plus with unquote
- [CVE-2024-6866] Case Sensitive Request Path Matching
License-Update: Use line 6 from PKG-INFO
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Upgrade to release 1.4.0:
- Add missing commas in error message for validate.FileType
- Support Python 3.10-3.14
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Upgrade to release 3.1.3:
- The session is marked as accessed for operations that only access
the keys but not the values, such as in and len.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Upgrade to release 4.1.0:
- Accept arguments such as --directory in environment variables
- Fix minor typos in documentation
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 0.10.0:
- Drop support for Python < 3.8.
- Use pyproject.toml for packaging metadata.
- Use flit_core as build backend.
- Apply code formatting and linting tools.
- Add static type annotations.
- Deprecate the __version__ attribute. Use feature detection or
importlib.metadata.version("flask-mail") instead.
- Indicate that the deprecated is_bad_headers will be removed in
the next version.
- Fix the email_dispatched signal to pass the current app as the
sender and message as an argument, rather than the other way around.
- Attachment.data may not be None.
- Attachment.content_type will be detected based on filename and
data and will not be None.
License-Update: Use LICENSE.txt
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The recipe has been moved to oe-core[1].
[1] https://git.openembedded.org/openembedded-core/commit/?id=4212392ca7ebf890e1e192ddd0e7dbe1f8dabcf2
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Add HOMEPAGE in python3-appdirs.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2020-37065
The vulnerability is about a 3rd party Windows-only GUI frontend for
the streamripper library, and not for the CLI application that the
recipe builds. Due to this ignore this CVE.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Contains fix for CVE-2026-27199
Changelog: safe_join on Windows does not allow special devices names in multi-segment paths
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Contains fix for CVE-2026-25990
Ptests passed successfully:
Testsuite summary
TOTAL: 5024
PASS: 4587
SKIP: 434
XFAIL: 3
FAIL: 0
XPASS: 0
ERROR: 0
Changelog:
Patch libavif for svt-av1 4.0 compatibility
Fix OOB Write with invalid tile extents
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-0994
The vulnerability impacts only the python bindings of protobuf, which
is in a separate recipe (python3-protobuf, where it is patched).
Ignore this CVE in this recipe due to this.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2016-2568
This commit mostly just tries to add some info to this issue, in the
hope that it will save some time for others who try to investigate it.
This CVE most probably will stay open in meta-oe in the foreseeable future,
although it can be mitigated reasonably easily by the users of the layer.
The description of the vulnerability is short enough that it can be
reproduced here: "pkexec, when used with --user nonpriv, allows local
users to escape to the parent session via a crafted TIOCSTI ioctl call,
which pushes characters to the terminal's input buffer."
The general consensus amongst developers/major distros[1][2][3] seems to be that
it should be mitigated on the kernel side, to not allow non-privileged
users to fake input.
To this end, the kernel has introduced a new config in v6.2, called
CONFIG_LEGACY_TIOCSTI - when it is enabled, non-privileged used can
also fake input. It is however by default enabled (and it is also enabled
in the kernels shipped in oe-core, at least at the time of writing this).
Disabling this kernel config is considered to be the mitigation, to allow
input-faking only by privileged users.
[1]: https://security-tracker.debian.org/tracker/CVE-2016-2568
[2]: https://bugzilla.suse.com/show_bug.cgi?id=968674
[3]: https://marc.info/?t=145694748900001&r=1&w=2 / https://marc.info/?l=util-linux-ng&m=145702209921574&w=2
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2023-39327
Take the patch that is used by OpenSUSE to mitigate this vulnerability.
Upstream seems to be unresponsive to this issue.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-51442
The description of the vulnerability says "attacker [...] execute arbitrary
OS commands via a specially crafted minidlna.conf configuration file".
There is no official fix for this CVE, and upstream seems to be inactive
for the past 3 years.
The reason for ignoring this CVE is that the referenced minidlna.conf
file is in the /etc folder, and the file is not world-writable. Which
means that this vulnerability can be exploited only when someone is
root - but if the attacker is already root, they don't need to resort
to minidlna config-file modifications to execute any command they want.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-36600
The vulnerability is fixed since 2.2.1.rc1[1], and officially
since v2.3.0. However NVD tracks it like v2.3.0 was still vulnerable.
Mark the CVE explicitly patched.
[1]: https://github.com/libcdio/libcdio/blob/master/NEWS.md
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2021-3982
The vulnerability is about a privilege escalation, in case
the host distribution sets CAP_SYS_NICE capability on the
gnome-shell binary.
OE distros don't do that, and due to this this recipe is not
affected by this issue. The CVE is ignored.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-0797
https://nvd.nist.gov/vuln/detail/CVE-2026-2044
https://nvd.nist.gov/vuln/detail/CVE-2026-2045
https://nvd.nist.gov/vuln/detail/CVE-2026-2047
https://nvd.nist.gov/vuln/detail/CVE-2026-2048
All these CVEs are already fixed in the recipe version, however
NVD tracks them currently without CPE info. Ignore them.
Relevant upstream commits:
CVE-2026-0797: https://gitlab.gnome.org/GNOME/gimp/-/commit/ca449c745d58daa3f4b1ed4c2030d35d401a009d
Note that the commit referenced by NVD is incorrect. This commit
was identified from the relevant upstream Gitlab issue:
https://gitlab.gnome.org/GNOME/gimp/-/issues/15555
CVE-2026-2044: https://gitlab.gnome.org/GNOME/gimp/-/commit/3b5f9ec2b4c03cf4a51a5414f2793844c26747e5
CVE-2026-2045: https://gitlab.gnome.org/GNOME/gimp/-/commit/bb896f67942557658b3fbfc67a1c073775c002c7
CVE-2026-2047: https://gitlab.gnome.org/GNOME/gimp/-/commit/5873e16f80cf4152d25a4c86b08553008a331e90
CVE-2026-2048: https://gitlab.gnome.org/GNOME/gimp/-/commit/fa69ac5ec5692f675de5c50a6df758f7d3e45117
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-22853
The vulnerable feature was introduced in v3.9.0[1], the
recipe version is not affected. Ignore this CVE.
[1]: https://github.com/FreeRDP/FreeRDP/commit/a4bd5ba8863c0959501d4604159042a311dae85a
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-22852
The related github advisory[1] comes with an analysis of the
vulnerability, including pointing to the vulnerable code
snippet. Backported the commit that touched the mentioned
code part in the fixed version, and is in line with the
description of the issue.
Ptests passed successfully.
[1]: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 25.1.0:
- Control Interface (gunicornc): Add interactive control interface
for managing running Gunicorn instances, similar to birdc for
BIRD routing daemon
- Unix socket-based communication with JSON protocol
- Interactive mode with readline support and command history
- Commands: show all/workers/dirty/config/stats/listeners
- Worker management: worker add/remove/kill, dirty add/remove
- Server control: reload, reopen, shutdown
- New settings: --control-socket, --control-socket-mode,
--no-control-socket
- New CLI tool: gunicornc for connecting to control socket
- Dirty Stash: Add global shared state between workers via dirty.stash
- In-memory key-value store accessible by all workers
- Supports get, set, delete, clear, keys, and has operations
- Useful for sharing state like feature flags, rate limits, or
cached data
- Dirty Binary Protocol: Implement efficient binary protocol for
dirty arbiter IPC using TLV (Type-Length-Value) encoding
- More efficient than JSON for binary data
- Supports all Python types: str, bytes, int, float, bool, None,
list, dict
- Better performance for large payloads
- Dirty TTIN/TTOU Signals: Add dynamic worker scaling for dirty
arbiters
- Send SIGTTIN to increase dirty workers
- Send SIGTTOU to decrease dirty workers
- Respects minimum worker constraints from app configurations
- ASGI Worker: Promoted from beta to stable
- Dirty Arbiters: Now marked as beta feature
License-Update: Update years
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 8.0.0:
- Update CHANGELOG for version 8.0.0
- Fix edge case of __future__ import
- Fix the Plone profile to be compatible with black
- Remove the setuptools plugin
- Turn some warnings into errors in test suite
- chore: replace black with ruff in clean.sh
- feat!: remove old finders flag and legacy finder logic
- Fix whitespace insensitive check triggering on tabs
- Fix line separator detection not considering form feed as white space
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 1.4.0:
- Support underscores as digit separators per PEP 515
- Add rationals converter for mpf's
- Rewrite bernpoly/eulerpoly to avoid dependency on bernoulli(1)
convention
- Support base kwarg for from_str()
- Support randmatrix() for mp.iv and mp contexts
- Added rank() function for matrices
- Add plus flag to select the B_1 sign convention for
bernoulli/bernfrac
- Add mpf.as_integer_ratio() method, support construction of mpf
from Decimal objects
- Expose lower/upper_gamma functions
- Support mpc initialization from string
- Support asinh/acosh/atanh in the fp context
- Support binary/octal/hexadecimal string output
- Support pickling for matrices and mpi
- Support matrix.__array__() dunder method
- Support more number syntaxes
- Run mpmath as a module for interactive work
- Add signed option to to_man_exp()
- Add fp.hypot
- Support inf/nan's in ctx.almosteq()
- Implement mpf.__format__()
- Support conversion from scalar ndarray's
- Support rounding modes in mpf.__format__
- Support '%' presentation type for mpf
- Support gmpy2-like rounding modes in to_str()
- Implement 'a'/'A' formating types for mpf.__format__
- Add mpc.__format__()
- Now mpf.__round__() returns mpf
- Support 'b' (binary) format type for mpf/mpc
- Implement mpf.__floordiv__() and mpf.__divmod__()
- Add parameters for MPContext constructor
- Add MPFR-compatible aliases for rounding modes
- Support negative indexes in matrix
- Better introspection support for decorated functions
- Add moving sofa demo
- Support spherical Bessel functions (jn/yn)
- Add pretty_dps context property to control number of printed digits
- Support thousands separators for formatting of fractional part
- Use PyREPL, as fallback (no IPython)
- Add exp2() and log2()
- Support rounding property for the mp context
- Add Fox H-function with rational A/B parameters (foxh())
- Provide experimental support for free-threading builds
License-Update: Update years
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Bug-fix release addressing a couple problems in gpio-manager and tests.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Changelog: https://github.com/webmin/webmin/releases/tag/2.520
Changelog: https://github.com/webmin/webmin/releases/tag/2.510
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
This reverts commit 0d686b2c5bbe92f4acadb2547b6fc81bf21979de.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This recipe gets CVEs with two CPEs: hplip and linux_imaging_and_printing.
Set the CVE_PRODUCT accordingly.
See CVE db query:
sqlite> select * from PRODUCTs where PRODUCT in ('hplip', 'linux_imaging_and_printing');
CVE-2009-0122|hp|hplip|2.7.7|=||
CVE-2009-0122|hp|hplip|2.8.2|=||
CVE-2015-0839|hp|linux_imaging_and_printing|||3.17.7|<=
CVE-2025-43023|hp|linux_imaging_and_printing|||3.25.2|<
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 1.9.3:
- Drop support for Python 3.8 and raise setuptools version to 77.0
- Use an SPDX license
- Fix memory leaks
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 5.7.0:
- Add typing classifier
- Enable logging related ruff checks to extend the enforced format
rules related to logging.
- Delay string interpolations at logging calls
- Remove reference to tag framework because the framework was
removed.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PipeWire 1.6.0 (2026-02-19)
This is is the 1.6 release that is API and ABI compatible with previous
1.4.x releases.
This release contains some of the bigger changes that happened since
the 1.4 release last year, including:
* An LDAC decoder was added for bluetooth.
* SpanDSP for bluetooth packet loss concealment.
* Safe parsing and building of PODs in shared memory.
* Added support for metadata features. This is used to signal that
the sync_timeline metadata supports the RELEASE operation.
* Node commands and events can contain extra user data.
* Support for more compressed format helper functions to create
and parse formats.
* Support for compile time max channels. The max channels was
increased to 128.
* Support for audio channel layouts was added. This makes it possible
to set "audio.layout" = "5.1" instead of the more verbose
audio.position = [ FL, FR, FC, LFE, SL, SR ]
* Support for Capability Params was added. This can be used to
negotiate capabilities on a link before format and buffer
negotiation takes place.
* More HDR colortypes are added.
* Loops now have locking with priority inversion. Most code was adapted
to use the faster locks instead of epoll/eventfd to update shared state.
* Channel position are parsed from EDID data.
* Channel maps are now set on ALSA.
* The resampler now supports configurable window functions such
as blackman and kaiser windows. The phases are now also calculated
with fixed point math, which makes it more accurate.
* Many bluetooth updates and improvements.
* The filter-graph has an ffmpeg and ONNX plugin. The ffmpeg plugin
can run an audio AVFilterGraph. The ONNX plugin can run some models
such as the silero VAD.
* Many AVB updates. Work is ongoing to merge the Milan protocol.
* Support for v0 clients was removed.
* The jack-tunnel module can now autoconnect ports.
* ROC support multitrack layouts now.
* Many RTP updates.
* rlimits can now be set in the config file.
* Thread reset on fork can now be configured. JACK clients expect this
to be disabled.
* node.exclusive is now enforced.
* node.reliable enables reliable transport.
* pw-cat supports sysex and midiclip as well as some more uncompressed
formats. Options were added to set the container and codec formats
as well as list the supported containers, codecs, layouts and channel
names.
* Documentation updates.
Highlights (since the previous 1.5.85 prerelease)
- Fix a 64 channel limit in the channel mixer.
- Fix an fd leak in pulse-server in some error cases.
- Some small fixes and improvements.
PipeWire
- Fix Capability leaks.
- Return an error in pw-stream get-time when not STREAMING.
- Set the current time in the driver position before starting.
Some followers might look at it.
Modules
- Improve default channel handling in module-filter-chain.
- Support source and sink only module-filter-chain.
- Tweak the filter-chain spatializer example gains.
- Handle new snapcast service type. (#5104)
- Implement socket activation without depending on libsystemd.
- Support ipv4 link-local addresses in RAOP and snapcast. (#4830)
- Forward ROC-toolkit logs to pipewire.
SPA
- Improve default channel handling in filter-graph. (#5084)
- Clamp control values to min/max. (#5088)
- Support mode JBL gaming headsets.
- Handle some SOFA errors and add gain option.
- Really handle more than 64 channels in the channelmixer. (#5118)
- Allow removal in ALSA-udev of ignored cards.
pulse-server
- Fix mono mixdown query.
- Expose headset autoswitch message.
- Handle EPROTO errors by disconnecting.
- Handle timeouts in play-sample streams. (#5099)
GStreamer
- Fix crop metadata.
- Fix a race in the buffer release function.
Tools
- Improve format support and detection in pw-cat.
- Add some more options to pw-cat to list supported containers
and formats. (#5117)
Older versions:
PipeWire 1.5.85 (2026-01-19)
This is the fifth and hopefully last 1.6 release candidate that
is API and ABI compatible with previous 1.4.x, 1.2.x and 1.0.x
releases.
Highlights
- Fix errors in older clients that blindly mmap buffer data.
- ALSA channel mapping should work in more cases.
- Fix an overflow in the resampler with some sample rates.
- Device ID negotiation for DMABUF was added.
- The channelmixer can now also downmix most REAR and TOP
channel positions.
- Various small fixes and improvements.
PipeWire
- Avoid doing flushing invoke in pw-stream. (#5010)
- Fix stream time delay calculations in some cases. (#4957)
- Avoid suspending a node when the ports are busy.
Modules
- Mode AVB module updates.
- Remove MAPPABLE flag from memptr data in client-node. This avoids
errors in older clients that blindly map buffers. (#5003)
- Don't leak the filter-chain module in module-parametric-equalizer.
(#5045)
- make it possible to run pulse tunnel sink and source with the same
name. (#5079)
SPA
- The delay filter in filter-graph now has feedback and feedforward
options to make it possible to implement comb and allpass filters.
- The resampler can be compiled with a custom default quality.
- Firewire latency is scaled correctly now. (#4977)
- The mixer will only passthrough dynamic data.
- Fix filter-graph state in audioconvert after flush.
- Set the channel map in ALSA nodes to tell ALSA our channel layout
and avoid wrong channels.
- Fix AVX2 function, make sure they don't run on AVX-only CPUs.
(#5072)
- Fix an overflow and crash when too many phases are used in the
resampler. (#5073)
- Add some more channel downmix positions, mostly REAR and TOP
channels.
pulse-server
- Add a message to enable mono mixdown.
Tools
- Support filenames in raw mode in pw-cat. (#5012)
- Enable clipping in spa-resample.
examples
- Update device ID negotiation examples.
Docs
- Document the resampler properties better.
PipeWire 1.5.84 (2025-11-27)
This is the fourth 1.6 release candidate that is API and ABI
compatible with previous 1.4.x, 1.2.x and 1.0.x releases.
Changes since the last pre-release:
Highlights
- Capabilities wer added to improve negotiation over links.
- The audio resampler now has a configurable window function to better
tune the resampler quality. A kaiser and blackman window was added
and the default parameters were tuned.
- Various small fixes and improvements.
PipeWire
- Capabilities and PeerCapabilities were added to exchange key/value
pairs between consumer and producer right after a link is made. This
can be used to detect how the negotiation of formats and buffers
should be done.
Modules
- Avoid segfaults in RTP source. (#4970)
- The AVB module has seen some improvements.
Pulse-server
- @NONE@ can now be used to clear the default sink/source.
SPA
- Support longer convolver filenames and also support inline
IRs.
- The audio resampler window function is now selectable and
configurable. A kaiser window and blackman window was added
and the default qualities were tweaked to improve quality.
- The filter-graph convolver latency is now set by default to
something more sensible. (0 by default and N/2 for hilbert).
(#4980)
Bluetooth
- Better xrun and error handling for iso streams.
- The +CNUM reply was fixed.
- The CIEC call status was fixed. (#1744)
- Add BAP context metadata to improve compatibility.
- Improve compatiblity with Creative Zen Hybrid Pro by releasing
transports simultaneously.
PipeWire 1.5.83 (2025-11-06)
This is the third 1.6 release candidate that is API and ABI
compatible with previous 1.4.x, 1.2.x and 1.0.x releases.
Changes since the last pre-release:
Highlights
- Include the NEWS and updated version number.
PipeWire 1.5.82 (2025-11-06)
This is the second 1.6 release candidate that is API and ABI
compatible with previous 1.4.x, 1.2.x and 1.0.x releases.
Changes since the last pre-release:
Highlights
- The max channel limit is now a compile time option.
- The SAP and RTP module have seen some robustness improvements.
- Add audio.layout propperty.
- Cleanups to the code here and there.
PipeWire
- Handle Tags more like Latency with a NULL param when no ports are linked
and some sort of (empty) Tag when the ports are linked.
Modules
- Improve the echo-cancel module to keep the streams more aligned
and cause less latency.
- Improve format parsing errors in most modules.
- The RTP module now has extra code for better network robustness, including
cases when network interfaces are not yet up and running, and multicast
sockets are silently kicked out of IGMP groups.
- The direct timestamp mode in the RTP module was effectively broken and is
now fixed.
- Add support for audio.layout.
- Add multichannel support to ROC.
SPA
- Rework the maximum number of channel handling. Because this is a
potential ABI break, it is now a compile time option with new
functions to handle more than the previous 64 channels.
- The 64 channel limit was removed from the noise shaper.
- spa_strbuf is used in more places instead of custom snprintf code.
- The volume ramp code was simplified.
- The driver node now has properties to configure the clock.
- The adapter will try to renegotiate when the driver changes.
- Fix relaxed array parsing with od number of elements. (#4944)
- audio.layout was added to set the channel positions to some
predefined layouts.
- Added more POD choice checks to ensure the right amount of values
are present in the choice.
- Fix __has_attribute usage. (#4962)
- Thread RESET_ON_FORK is now disabled for JACK application so that
forking will preserve any real-time thread priorities, like JACK.
(#4966)
- Fix some compilation issues. (#4960 and #4961).
Pulse-server
- Fix missing subscription events on device port changes.
- Increase min.quantum to 256/48000. (#4875)
GStreamer
- Avoid overflow in clock time calculations.
- Fix renegotiation.
Docs
- Swap the name and id of device.product
PipeWire 1.5.81 (2025-10-16)
This is the first 1.6 release candidate that is API and ABI
compatible with previous 1.4.x, 1.2.x and 1.0.x releases.
In addition to all the changes backported to 1.4.x, this release
also contains some new features:
Highlights
- The link negotiation code was refactored and improved.
Applications now have more options for selecting the default
values and restricting the available options. The default
negotiation code will now attempt to better match the application
suggested values.
- The loop now has support for locking with priority inversion. Most
of the code was updated to use the locks instead of invoke to
get proper concurrent updates with the loop. The Thread loop
functionality of locks, signal and wait was moved to the SPA loop.
This guarantees better real-time behaviour because inter-thread
synchronization does not have to pass eventfd/epoll.
- The control stream parser was rewritten to be safe against concurrent
updates while parsing, which can occur when parsing shared memory.
It also has extra checks to avoid integer overflows and undefined
behaviour.
- MIDI 2.0 clip support was added to the tools.
- Bluetooth ASHA (Audio Streaming for Hearing Aid) support was added.
- The ALSA node setup was tweaked to provide low latency with the ALSA
Firewire driver.
- Better support for explicit sync. It is now possible to negotiate
extra features to know if a consumer will signal the sync objects and
implement a fallback using a reliable transport.
- Many bug fixes and improvements.
PipeWire
- Avoid process calls in disconnect in pw-stream. (#3314)
- Disable PipeWire services for root.
- The link negotiation was refactored and improved. Drivers now
always have a lower priority in deciding the final format.
- Backwards compatibility with the v0 protocol was removed.
- pw-stream and pw-filter will now refuse to queue a buffer that
was not dequeued before.
- Object properties will now be updated on the global as well.
- The priority of config overrides is correct now. (#4816)
- Async links now correctly report 1 extra quantum of latency.
- node.exclusive and the new port.exclusive flag are now enforced
by PipeWire itself.
- A new timer-queue helper was added to schedule timeouts.
- node.terminal and node.physical properties are now copied to the
ports to make it possible to create virtual sources and sinks
for JACK applications.
- Port properties will now be dynamically updated when the node
properties they depend on are updated.
- Passive leaf nodes are now handled better. Now they will also
run when the peer is active. (#4915)
- Reliable transport has been added for output ports. This can be
used in some cases if the producer wants to ensure buffers are
consumed by a consumer. (#4885)
- Context properties now support rlimit.<resource> properties to
configure rlimits. (#4047)
Modules
- Close SyncObj fds.
- module-combine-stream has better Latency reporting.
- The JACK tunnel can now optionally connect ports.
- module-loopback has better Latency reporting.
- A Dolby Surround and Dolby Pro Logic II example filter config
was added.
- Filter-chain can now resample to a specific rate before running the
filters. This is useful when the filter-graph needs to run at a
specific rate.
- Avahi-poll now uses the timer-queue to schedule timeouts.
- Modules are ported to timer-queue instead of using timerfd directly
for non-realtime timers.
SPA
- The loop now has support for locking with priority inversion. Most
of the code was updated to use the locks instead of invoke to
get proper concurrent updates with the loop. The Thread loop
functionality of locks, signal and wait was moved to the SPA loop.
- UMP to Midi 1.0 conversion was improved, some UMP events are now
converted to multiple Midi 1.0 messages. (#4839)
- The POD filter was refactored and improved. It is now possible to
use the default value of the output by specifying an invalid input
default value.
- The POD parser was made safe for concurrent updates of the memory
it is parsing. This is important when the POD is in shared memory
and the parser should not access invalid memory.
- Some hardcoded channel limits were removed and now use the global
channel limit. More things can dynamically adapt to this global
limit. The max number of channels was then bumped to 128.
- The POD builder is safe to use on shared memory now and tries to
avoid many integer overflows.
- Most debug functions are safe to be used on shared memory.
- User specified Commands and Events are now possible.
- The SPA_IO_CLOCK_FLAG_DISCONT was added to spa_io_clock to signal
a discont in the clock due to clock change.
- AC3, DTS, EAC3, TRUEHD and MPEGH now have helper parser functions.
- H265 was added as a video format. (#4674)
- SPA_PARAM_PeerFormats was added to let a port know about its peer
formats in order to better filter possible conversions.
- More color matrices, transfer functions and color primaries.
- The echo-canceler is enabled now.
- Pro-Audio mode now uses 3 periods by default. This lowers the
latency on some drivers (Firewire). The latency of Firewire is
also reported correctly now.
- The ALSA DLL bandwidth is configurable now.
- The resampler now uses fixed point for the phases and is a little
faster when updating adaptive rates.
- The convolver is a little faster by swapping buffers instead of
copying samples.
- Latency and ProcessLatency support was added to filter-graph.
(#4678)
- Audio channel position support was added to filter-graph.
- A new ffmpeg avfilter plugin was added to filter-graph.
- A new ONNX filter was added to filter-graph.
- A debug, pipe, zeroramp and noisegate filter was added to the
filter-graph. (#4745)
- The filter-graph lv2 plugin now supports options and state.
- videoconvert was greatly improved.
- The v4l2 plugin can negotiate DMABUF with modifiers.
- Colorimetry information was added to v4l2 and libcamera.
- Audioconvert can handle empty buffers more efficiently.
- Improve the POD compare functions for Rectangle.
- There is now a SPA_POD_PROP_FLAG_DROP flag to drop the property when
the property is missing from one side.
- A new FEATURE choice was added that is basically a flags choice with
a FLAG_DROP property.
- Metadata features were added. This is a way to negotiate new features
for the metadata. (#4885)
- DSD playback with pw-cat has been improved.
- Compatibility and xrun prevention for the SOF driver has been
improved. (#4489)
- The filter-graph max plugin can now have 8 input channels.
- Buffer Negotiation between the mixer port and the node ports is much
improved. (#4918)
- An offline AEC benchmark was added.
- Channel positions are now read from HDMI ELD when possible.
- Audioconvert and filter-graph now also support properties of Long
and String types.
ACP
- It's possible to disable the pro-audio profile.
- Support for Logitech Z407 PC Speakers was improved.
- Support for Razer BlackShark v3.
- Fix volume rounding down causing mute. (#4890)
Tools
- pw-cat can now play and record MIDI 2.0 Clips, which is the
official format for storing MIDI 2.0 UMP data. pw-midi2play
and pw-midi2record were added as aliases.
- pw-cat can now upload sysex files. The pw-sysex alias was
added for this.
- The pw-link tool now has a -t option to list port latencies.
It also has better monitor support.
- pw-top can now clear the ERR column with the c key.
- pw-cli now keeps the types of the variables it stores and avoid
using wrongly typed variables that can crash things. It can now
also list the available variables.
- pw-dump can now output raw JSON and SPA JSON.
- pw-dump has configurable indentation level.
- pw-mididump can be forced to output MIDI 1.0 messages.
- pw-profiler now uses doubles for extra precision.
- pw-top now marks the async nodes with =.
Bluetooth
- Telephony improvements.
- ASHA support was added.
- Packet loss concealment was added.
- Improved synchronisation between LE Audio streams in the same group.
- Improved LE Audio device compatibility.
- LC3-24kHz voice codec was added (used by Airpods)
- LDAC decoding support added (requires separate decoder library)
Pulse-server
- The SUSPEND event is now correctly generated. fail-on-suspend is
now implemented.
- PA_STREAM_DONT_INHIBIT_AUTO_SUSPEND is now implemented. (#4255)
(#4726)
- RTP streams now have stream.properties for extra configuration.
- Timed out streams are now destroyed instead of lingering. (#4901)
- A new help and pipewire-pulse:list-modules core message was added.
JACK
- Port rename callbacks are now emitted correctly.
- Use safe POD parsing for the control sequences.
V4l2
- The wrapper now avoids a race while initializing PipeWire. (#4859)
GStreamer
- Colorimetry support was added.
- Cursor metadata is now exposed as ROI metadata.
- Many more updates.
Docs
- Document the client-node flow a bit more.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This out-of-tree kernel module was mainlined in Linux 5.10.
The previous LTS kernel, 5.4 is EOL, and oe-core ships with newer
kernels - there is no need to keep this recipe around.
It also has an explicit SKIP_RECIPE tag, it wasn't tested since
a long time.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The recent workaround for https://github.com/swiftlang/swift/issues/69311
breaks python3-m2crypto-native, with error about missing e_os2.h file in
recipe-sysroot-native.
Apply do_configure:prepend to class-target only to fix.
Signed-off-by: Geoff Parker <geoffrey.parker@arthrex.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Fix errors like:
ERROR: python3-matplotlib-3.10.8-r0 do_package_qa: QA Issue: File
/usr/lib/python3.14/site-packages/matplotlib/backends/.debug/
_backend_agg.cpython-314-arm-linux-gnueabihf.so
in package python3-matplotlib-dbg contains reference to TMPDIR
[buildpaths]
Signed-off-by: Geoff Parker <geoffrey.parker@arthrex.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog: https://github.com/cfengine/core/blob/3.26.0/ChangeLog
License-Update: The project switched from pcre to pcre2. This small
change is incorporated in the license, where the dependencies are listed.
libpcre2 and OpenSSL is now a mandatory dependencies, the corresponding
PACKAGECONFIGs are dropped.
Patch that was incorporated in this release is also dropped.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
The recipe compiles fine with OpenSSL 3, compatibility has been added in
version 3.20.
While here, fix some broken PACKAGECONFIGs too.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Look at the correct URL for new tags and exclude incorrectly tagged [1]
2.15.10 release.
[1] https://github.com/intel/thermal_daemon/issues/504
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
thermald now supports ARM platforms [1], so move it out of meta-intel
to allow broader reuse.
This version remains compatible only with x86 but a future recipe
upgrade should fix COMPATIBLE_MACHINE.
[1] thermal_daemon 1931a12e7e ("Add ARM backend and enable ARM platform detection")
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vlc can be compiled again against modern ffmpeg - the SKIP_RECIPE tag is removed.
Drop patches that became obsolete, because the underlying problems were solved.
Was able to build it successfully with meta-qt5, and also play a video in core-image-sato.
Some (opt-in) PACKAGECONFIGs are broken (not removed as part of this patch):
- freerdp - it requires a too old freerdp codebase
- opencv - it requires a too old opencv codebase
- vdpau - compilation fails (undefined symbol av_vdpau_get_surface_parameters),
not really sure about the reason
Changelog: https://github.com/videolan/vlc/blob/3.0.23/NEWS
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
