summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* raptor2: set CVE_PRODUCTGyorgy Sarvari2026-01-121-0/+2
| | | | | | | | | | | | | | | | | All relevant CVEs are files against these CPEs. See CVE db query (zediious vendor is not relevant): sqlite> select * from PRODUCTs where PRODUCT like '%raptor%' and vendor <> 'symantec' and product <> 'velociraptor'; CVE-2012-0037|librdf|raptor|||2.0.7|< CVE-2017-18926|librdf|raptor_rdf_syntax_library|2.0.15|=|| CVE-2020-25713|librdf|raptor_rdf_syntax_library|2.0.15|=|| CVE-2023-49078|zediious|raptor-web|0.4.4|=|| CVE-2024-57822|librdf|raptor_rdf_syntax_library|||2.0.16|<= CVE-2024-57823|librdf|raptor_rdf_syntax_library|||2.0.16|<= Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* pavucontrol: update 5.0 -> 6.2Markus Volk2026-01-123-139/+22
| | | | | | | | | | | | | - switch to meson buildsystem - pavucontrol now requires gtk4 and thus requires gpu acceleration - remove patch. Meanwhile libcanberra is optional and build doesn't fail without anymore - pavucontrol was migrated from intltool to gettext - add packageconfigs for libcanberra and lynx to have both disabled by default Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* xfce4-pulseaudio-plugin: unbreak build with pavucontrol6Markus Volk2026-01-121-4/+4
| | | | | | | | | | | 'pavucontrol-6' requires gtk4 and thus also needs gpu acceleration Only recommend to install pavucontrol if it would run - remove x11 from DISTRO_FEATURES. There's no direct dependency on it - add PACKAFECONFIG for libcanberra Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* imlib2: upgrade 1.12.5 -> 1.12.6Wang Mingyu2026-01-121-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: ========== - Y4M loader: add support for 10-bit 4:4:4 - Y4M loader: add support for 10-bit 4:2:2 - Y4M loader: add example for 8-bit mono - Y4M loader: add support for 10-bit mono - Y4M loader: fix support for full-range mono - Y4M loader: fix support for odd dimensions - Y4M loader: add support for 12/14/16-bit mono - test/images: Remove intermediate generated file - imlib2_view: Set title - imlib2_view: Scale image when resizing window - imlib2_view: A couple of fixes to previous commit - test_load_2: Add new y4m test images - test_load_2: Add more new y4m test images - test_load_2: Add more new y4m test images - autofoo: Use AM_LIBTOOLFLAGS, not LIBTOOLFLAGS - gradients: Fix rendering of gradients in larger images - imlib2_conv: Fix constness warning - gradients: Better gradients with angles - Compile cleanly with -Wdouble-promotion - XPM loader: Add missing progress callback on incomplete image data Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libsdl3: upgrade 3.2.28 -> 3.2.30Liu Yiding2026-01-121-1/+1
| | | | | | | | Changelog: https://github.com/libsdl-org/SDL/releases/tag/release-3.2.30 Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* xfce4-session: upgrade 4.20.0 -> 4.20.3Jason Schonberg2026-01-121-2/+7
| | | | | | | | | | | | | | | | | | | | | | checking for glib-compile-resources... configure: error: could not find glib-compile-resources. Fix configure failure by adding to EXTRA_OECONF parameters. ERROR: xfce4-session-4.20.2-r0 do_package: QA Issue: xfce4-session: Files/directories were installed but not shipped in any package: /usr/share/xfce4 /usr/share/xfce4/labwc /usr/share/xfce4/labwc/labwc-environment /usr/share/xfce4/labwc/labwc-rc.xml Update FILES to fix QA error. Changelog: https://gitlab.xfce.org/xfce/xfce4-session/-/tags/xfce4-session-4.20.3 Changelog: https://gitlab.xfce.org/xfce/xfce4-session/-/tags/xfce4-session-4.20.2 Changelog: https://gitlab.xfce.org/xfce/xfce4-session/-/tags/xfce4-session-4.20.1 Signed-off-by: Jason Schonberg <schonm@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-h2: remove ptest execution deadlineGyorgy Sarvari2026-01-121-0/+6
| | | | | | | | | | | | | | | Hypothesis Python module applies a 200ms default timeout value on the tests, that can be violated too easily in qemu without kvm support. Hypothesis however also has a feature, that in case it is running in a CI environment, it expects that the host has more load, and it removes this deadline. To switch to the CI profile and relax the execution timeouts, this patch defines the "CI" environment variable in the run-ptest script. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libjxl: Fix build error with arm and muslAnkur Tyagi2026-01-121-0/+3
| | | | | | | | | Build fails for qemuarm with musl with following error: /build/tmp/work/cortexa15t2hf-neon-poky-linux-musleabi/libjxl/0.11.1/sources/libjxl-0.11.1/lib/jxl/convolve_separable5.cc | error: out of range pc-relative fixup value Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mozjs-128: Fix build error with arm and muslAnkur Tyagi2026-01-1214-32/+75
| | | | | | | | | | | | | Build fails for qemuarm with musl with following error: mozglue/misc/StackWalk.o: in function `unwind_callback(_Unwind_Context*, void*)': | /usr/src/debug/mozjs-128/128.5.2/mozglue/misc/StackWalk.cpp:810:(.text._ZL15unwind_callbackP15_Unwind_ContextPv+0x4): undefined reference to `_Unwind_GetIP' Referenced commit[1] for the fix, also refreshed patches. [1] https://github.com/OSSystems/meta-browser/commit/bb8662912354dae13634c0ec35c3803c344b1e72 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-bleak: upgrade 2.0.0 -> 2.1.1Wang Mingyu2026-01-122-2/+8
| | | | | | | | | | | | | | | 1. Changelog: https://github.com/hbldh/bleak/blob/v2.1.1/CHANGELOG.rst 2. Skip integration tests in ptest After upgrade to 2.1.1, a new test set integration was added. https://github.com/hbldh/bleak/tree/v2.1.1/tests/integration According to the description, the tests need kernel module hci_vhci, but hci_vhci is disabled in yocto, so skip these tests. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-m2crypto: mark CVE-2020-25657 as patchedGyorgy Sarvari2026-01-121-0/+1
| | | | | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2020-25657 The commit[1] that fixes the vulnerability has been part of the package since version 0.39.0 [1]: https://git.sr.ht/~mcepl/m2crypto/commit/84c53958def0f510e92119fca14d74f94215827a Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-m2crypto: ignore CVE-2009-0127Gyorgy Sarvari2026-01-121-0/+2
| | | | | | | | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2009-0127 The vulnerability is disputed[1] by upstream: "There is no vulnerability in M2Crypto. Nowhere in the functions are the return values of OpenSSL functions interpreted incorrectly. The functions provide an interface to their users that may be considered confusing, but is not incorrect, nor it is a vulnerability." [1]: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-0127 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* tcpdump: upgrade 4.99.5 -> 4.99.6Wang Mingyu2026-01-122-7/+4
| | | | | | | | add-ptest.patch refreshed for 4.99.6 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* spdlog: upgrade 1.16.0 -> 1.17.0Wang Mingyu2026-01-121-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | License-Update: updated contributors. Changelog: ========== - Bump bundled {fmt} library to 12.1.0 - Fix the %z formatter (UTC offset): - Windows: Replaced implementation for better accuracy and speed - FreeBSD: Fixed incorrect implementation - Fixed issue where the offset was not displaying as +00:00 when the formatter was configured to show UTC time. - Removed unreliable fallback for Unix systems lacking tm_gmtoff. If compilation fails on such platforms, use SPDLOG_NO_TZ_OFFSET=ON (%z will display +??:?? instead of compilation error). - Set CMAKE_BUILD_TYPE only in top-level project - Change access scope for ANSI target_file_ from private to protected - Fix UWP detection - Fix include <fcntl.h> in tcp_client.h to avoid compilation failures - Tests: Fix unit tests to respect default level names - Docs: Fix misleading comment in blocking_queue header - Fix sign-compare warning - Fix sign conversion warnings in qt_sinks.h Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* rtorrent: upgrade 0.16.5 -> 0.16.6Wang Mingyu2026-01-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | Features --------- Added timestamp helper commands Use separate thread for saving session data Run multiple session save requests in parallel Changed magnet metadata handling and added 'magnet.path.set' Optimizations ------------- Use map rather than vector for Poll tables Bug Fixes ----------- Convert IPv4in6 addresses to IPv4 in outgoing handshakes Force clear bitfield ranges of downloads that get hashed Use CURLOPT_CLOSESOCKETFUNCTION to properly handle libcurl closing sockets before CURL_POLL_REMOVE Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-types-psutil: upgrade 7.1.1.20251122 -> 7.2.1.20251231Wang Mingyu2026-01-121-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-pillow: upgrade 12.0.0 -> 12.1.0Wang Mingyu2026-01-121-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-nocaselist: upgrade 2.1.0 -> 2.2.0Wang Mingyu2026-01-121-1/+1
| | | | | | | | Changelog: https://nocaselist.readthedocs.io/en/2.2.0/changes.html Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-nocasedict: upgrade 2.1.0 -> 2.2.0Wang Mingyu2026-01-121-1/+1
| | | | | | | | Changelog: https://nocasedict.readthedocs.io/en/2.2.0/changes.html Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-moteus: upgrade 0.3.96 -> 0.3.97Wang Mingyu2026-01-121-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-marshmallow: upgrade 4.1.2 -> 4.2.0Wang Mingyu2026-01-121-1/+1
| | | | | | | | Changelog: many argument of Nested properly overrides schema instance value. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nbdkit: upgrade 1.46.0 -> 1.47.1Wang Mingyu2026-01-121-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libtracefs: upgrade 1.8.2 -> 1.8.3Wang Mingyu2026-01-121-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libtorrent: upgrade 0.16.5 -> 0.16.6Wang Mingyu2026-01-121-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libsdl3-image: upgrade 3.2.4 -> 3.2.6Wang Mingyu2026-01-121-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libmbim: upgrade 1.33.1 -> 1.34.0Wang Mingyu2026-01-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Changelog: ========== * Build: ** New "-Dmbim_groupname=<name>" meson build option to restrict MBIM kernel device access to a given Unix group and root. The access check works in parallel to the "-Dmbim_username" option; passing either check allows access to the kernel device (eg, logical OR). * New Intel AT Tunnel service, including the following operations: * MBIM_CID_INTEL_AT_TUNNEL_AT_COMMAND * Extended the SMS service: * MBIM_CID_SMS_CONFIGURATION now supports notifications * mbimcli: ** New '--sms-query-configuration' and '--sms-query-message-store-status' actions ** New '--atds-query-rat' and '--atds-query-operators' actions Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libio-socket-ssl-perl: upgrade 2.095 -> 2.096Wang Mingyu2026-01-121-1/+1
| | | | | | | | | | Changelog: - Allow stacking TLS layers with SSL_usebio This also allows LWP (after patches) to access https site through TLS enabled proxy Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libdbd-sqlite-perl: upgrade 1.76 -> 1.78Wang Mingyu2026-01-121-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* gpsd: upgrade 3.27.2 -> 3.27.3Wang Mingyu2026-01-121-1/+1
| | | | | | | | Changelog: Fix API major value. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* fping: upgrade 5.4 -> 5.5Wang Mingyu2026-01-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: =========== - New option -J / --json for JSON output. See doc/fping-json.md for the JSON schema. This feature is still in alpha and the schema might change in future releases - The -g, --generate option now also supports IPv6 addresses - New option --seqmap-timeout to control the time after which sequence numbers can be used again - Fix OpenBSD sprintf() warning - Fix fallback to SO\_TIMESTAMP if SO\_TIMESTAMPNS is not available - When reading target names from file or standard input, lines longer than the static buffer are no longer interpreted as more than one line - Typo fix in error message when SO\_BINDTODEVICE fails - Options --print-tos and --print-ttl now also work for IPv6, and no longer require privileges - Report received ICMPv6 error messages - Suppress duplicate reports in count mode with -q, --quiet or -Q, --squiet - Switch to alpine-based multi-stage Docker build to reduce image size and improve build performance; add OpenContainers-compatible labels - Print receive ping moved to new functions - Avoid unsigned overflow when determining the memory size to save response times on systems where size\_t is the same as unsigned int - Document the new minimum value for the -p option - Fix build without IPv6 support - Fix debug build use of dbg_printf in fping.c - Remove MacOS-specific test for -I option - GitHub Actions fixes - Fix measurement of time for timed reports (-Q) to start after DNS name resolution. - Updated autoconf from 2.71 to 2.72 - Updated automake from 1.16.5 to 1.18.1 - Updated libtool from 2.4.6 to 2.5.4 - Implemented verification of autotools tarballs in Github actions. - Implemented stricter flag value checking (e.g. -c 10xyz is not accepted anymore). Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ddrescue: upgrade 1.29.1 -> 1.30Wang Mingyu2026-01-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | Changelog: =========== * Replace pass 5 of copying with a sweeping phase after trimming. * New option '-N, --no-sweep' to disable reading of skipped areas. Reassign short name '-N' from option '--no-trim' to '--no-sweep'. * main.cc. Make '--size=output' use the size of outfile. (do_rescue): Make '-x 0' extend outfile to size of infile. * main_common.cc (strtoll_): New function accepting underscores. * rescuebook.cc (fcopy_non_tried, rcopy_non_tried): Limit pass 2 to blocks adjacent to a finished block. (Delimit bad area as a whole). (trim_errors): Trim only edges adjacent to a finished block. Initial skip size now defaults to (infile_size / 32_768). Only retrim blocks adjacent to a non-tried or finished block. (update_rates): Don't force update of a_rate, c_rate, ts. (Rescuebook): Estimate remaining time from last 60 seconds. * genbook.cc (format_time), loggers.cc (format_time_dhms): Add years. * loggers.cc (Event_logger): Add finished_size, a_rate, read errors. * ddrescuelog.cc: New option '-H, --make-test'. * ddrescue.texi: Document rescue with lziprecover's recovery record. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ctags: upgrade 6.2.20251130.0 -> 6.2.20260104.0Wang Mingyu2026-01-121-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-waitress: add ptest supportGyorgy Sarvari2026-01-123-1/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It takes <10s to execute. Some (54) tests are not compatible with musl[1] - due to this the tests are on the problem-list. Sample output snippet: root@qemux86-64:~# ptest-runner START: ptest-runner 2026-01-07T09:57 BEGIN: /usr/lib/python3-waitress/ptest PASS: tests.test_adjustments.TestAdjustments.test_bad_port PASS: tests.test_adjustments.TestAdjustments.test_badvar PASS: tests.test_adjustments.TestAdjustments.test_default_listen [...many lines...] PASS: tests.test_wasyncore.Test_readwrite.test_socketerror_in_disconnected PASS: tests.test_wasyncore.Test_readwrite.test_socketerror_not_in_disconnected PASS: tests.test_wasyncore.Test_write.test_gardenpath PASS: tests.test_wasyncore.Test_write.test_non_reraised PASS: tests.test_wasyncore.Test_write.test_reraised ============================================================================ Testsuite summary \# TOTAL: 783 \# PASS: 775 \# SKIP: 8 \# XFAIL: 0 \# FAIL: 0 \# XPASS: 0 \# ERROR: 0 DURATION: 7 END: /usr/lib/python3-waitress/ptest 2026-01-07T09:57 STOP: ptest-runner TOTAL: 1 FAIL: 0 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* modemmanager: upgrade 1.22.0 -> 1.24.2Viswanath Kraleti2026-01-121-2/+2
| | | | | | | | Changelog: https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/blob/mm-1-24/NEWS Signed-off-by: Viswanath Kraleti <viswanath.kraleti@oss.qualcomm.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libqmi: upgrade 1.34.0 -> 1.38.0Viswanath Kraleti2026-01-121-2/+2
| | | | | | | | Changelog: https://gitlab.freedesktop.org/mobile-broadband/libqmi/-/blob/qmi-1-38/NEWS Signed-off-by: Viswanath Kraleti <viswanath.kraleti@oss.qualcomm.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-termcolor: Upgrade 3.2.0 -> 3.3.0Leon Anavi2026-01-071-1/+1
| | | | | | | | | | Upgrade to release 3.3.0: - Add support for italic - can_colorize: Expect fileno() to raise OSError, as documented Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-behave: Upgrade 1.3.2 -> 1.3.3Leon Anavi2026-01-071-2/+2
| | | | | | | | | Upgrade to release 1.3.3: - FIXED: Broke Python 2.7 support Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-astroid: Upgrade 4.0.2 -> 4.0.3Leon Anavi2026-01-071-1/+1
| | | | | | | | | | | | Upgrade to release 4.0.3: - Fix inference of IfExp (ternary expression) nodes to avoid prematurely narrowing results in the face of inference ambiguity. - Fix base class inference for dataclasses using the PEP 695 typing syntax. Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-anyio: Upgrade 4.12.0 -> 4.12.1Leon Anavi2026-01-071-1/+1
| | | | | | | | | | | | Upgrade to release 4.12.1: - Changed all functions currently raising the private NoCurrentAsyncBackend exception (since v4.12.0) to instead raise the public NoEventLoopError exception - Fixed anyio.functools.lru_cache not working with instance methods Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-bumble: Upgrade 0.0.220.bb -> 0.0.221Leon Anavi2026-01-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | Upgrade to release 0.0.221: - Cancel l2cap connection result future on abort - Implement extended advertising emulation - Rust: Fix cargo-all-features to 1.11.0 - L2CAP Enhanced Retransmission mode - Add some docs about Android and Hardware - bump pdl dependencies versions - android-netsim transport enhancements - Upgrade GitHub Actions for Node 24 compatibility - Upgrade GitHub Actions to latest versions - GATT: fix redefinition of GATT_CONTENT_CONTROL_ID_CHARACTERISTIC - Remove unused imports - Fix missing type hints on Device.notify_subscribers() - L2CAP: Enhanced Credit-based Flow Control Mode - use ruff for linting and import sorting - hot fix: remove unused import - Ruff: Add and fix UP rules - add support for multiple concurrent broadcasts - Add EATT Support - Fix some typos and annotations Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* net-snmp: Update to 5.9.5.2Peter Kjellerstedt2026-01-061-1/+1
| | | | | | | | | | | 5.9.5.1: * Only a version numbering fix. 5.9.5.2: * Fix an issue with needing limits.h included. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-fastapi: Upgrade 0.124.4 -> 0.128.0Leon Anavi2026-01-061-1/+1
| | | | | | | | | | Upgrade to release 0.128.0: - Drop support for pydantic.v1 - Run performance tests only on Pydantic v2 Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-networkx: Upgrade 3.6 -> 3.6.1Leon Anavi2026-01-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Upgrade to release 3.6.1: API Changes - Add spectral bipartition community finding and greedy bipartition using node swaps Enhancements - Nodelists for from_biadjacency_matrix - Add spectral bipartition community finding and greedy bipartition using node swaps - Fix draw_networkx_nodes with list node_shape and add regression test Bug Fixes - Fix: allow graph subclasses to have additional arguments Documentation - DOC: Improve benchmarking readme - DOC: More details re: RC releases in the release process devdocs - DOC: clarify difference between G.nodes/G.nodes() and G.edges/G.edges() in tutorial - DOC: Add blurb to contributor guide about drawing tests - DOC: Fix underline lens in docstrings - Rolling back shortest paths links Maintenance - MAINT: Replace string literal with comment - Bump actions/checkout from 5 to 6 in the actions group - pin python 3.14 to be version 3.14.0 until dataclasses are fixed - Blocklist Python 3.14.1 Other - TST: add tests for unsupported graph types in MST algorithms - TST: clean up isomorphism tests Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-brotli: Upgrade 1.1.0 -> 1.2.0Leon Anavi2026-01-061-3/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Upgrade to release 1.2.0: SECURITY - python: added Decompressor::can_accept_more_data method and optional output_buffer_limit argument Decompressor::process; that allows mitigation of unexpectedly large output; reported by Charles Chan (https://github.com/charleswhchan) Added - decoder/encoder: added static initialization to reduce binary size - python: allow limiting decoder output (see SECURITY section) - CLI: brcat alias; allow decoding concatenated brotli streams - kt: pure Kotlin decoder - cgo: support "raw" dictionaries - build: Bazel modules Removed - java: dropped finalize() for native entities Fixed - java: in compress pass correct length to native encoder Improved - build: install man pages - build: updated / fixed / refined Bazel buildfiles - encoder: faster encoding - cgo: link via pkg-config - python: modernize extension / allow multi-phase module initialization Changed - decoder / encoder: static tables use "small" model (allows 2GiB+ binaries) Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-parse-type: Upgrade 0.6.3 -> 0.6.6Leon Anavi2026-01-061-1/+3
| | | | | | | | | Upgrade to release 0.6.6: - Disable setuptools-scm: Too many side-effects Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-pyro5: Upgrade 5.15 -> 5.16Leon Anavi2026-01-061-2/+2
| | | | | | | | | | | | | | | | Upgrade to release 5.16: - project going into super low maintenance mode, I don't plan on working on it any longer unless nasty bugs are reported. - properties can now be a streaming generator too - loopCondition is relayed from start_ns_loop() to its daemon - removed Python 3.8 and 3.9 from the support list (they are EOL). Now supported on Python 3.10 or newer. - docs: clarify @expose on a class not automatically exposing base class(es). Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* xfce4-panel: upgrade 4.20.0 -> 4.20.1Jason Schonberg2026-01-051-1/+1
| | | | | | | Changelog: https://gitlab.xfce.org/xfce/xfce4-panel/-/tags/xfce4-panel-4.20.1 Signed-off-by: Jason Schonberg <schonm@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-ldap: upgrade 3.4.4 -> 3.4.5Gyorgy Sarvari2026-01-051-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Contains fixes for CVE-2025-61911 and CVE-2025-61912 Changelog: Security fixes: - CVE-2025-61911 (GHSA-r7r6-cc7p-4v5m): Enforce str input in ldap.filter.escape_filter_chars with escape_mode=1; ensure proper escaping. - CVE-2025-61912 (GHSA-p34h-wq7j-h5v6): Correct NUL escaping in ldap.dn.escape_dn_chars to \00 per RFC 4514. Fixes: - ReconnectLDAPObject now properly reconnects on UNAVAILABLE, CONNECT_ERROR and TIMEOUT exceptions (previously only SERVER_DOWN), fixing reconnection issues especially during server restarts - Fixed syncrepl.py to use named constants instead of raw decimal values for result types - Fixed error handling in SearchNoOpMixIn to prevent a undefined variable error Tests: - Added comprehensive reconnection test cases including concurrent operation handling and server restart scenarios Doc: - Updated installation docs and fixed various documentation typos - Added ReadTheDocs configuration file Infrastructure: - Add testing and document support for Python 3.13 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-flask-cors: upgrade 4.0.0 -> 5.0.0Gyorgy Sarvari2026-01-052-117/+2
| | | | | | | Contains fix for CVE-2024-6221 and CVE-2024-1681 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-configobj: ignore CVE-2023-26112Gyorgy Sarvari2026-01-051-0/+2
| | | | | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2023-26112 The fix[1] is already included in the recipe version (5.0.9), the CVE can be marked as patched. [1]: https://github.com/DiffSK/configobj/commit/7c618b0bbaff6ecaca51a6f05b29795d1377a4a5 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2026-04-22 10:40:44 +0000