| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are currently 2 related CVEs in the NIST db, both of them are tracked with
html5lib:html5lib CPE, so the default python:html5lib CPE doesn't match.
See CVE db query:
sqlite> select * from products where PRODUCT like '%html5lib%';
CVE-2016-9909|html5lib|html5lib|||0.99999999|<=
CVE-2016-9910|html5lib|html5lib|||0.99999999|<=
Set the CVE_PRODUCT accordingly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The relevant CVEs are tracked using palletsprojects:werkzeug CPE, which makes
the the default python:werkzeug CPE to not match anything.
See CVE db query:
sqlite> select * from products where PRODUCT like 'werkzeug';
CVE-2016-10516|palletsprojects|werkzeug|||0.11.11|<
CVE-2019-14322|palletsprojects|werkzeug|||0.15.5|<
CVE-2019-14806|palletsprojects|werkzeug|||0.15.3|<
CVE-2020-28724|palletsprojects|werkzeug|||0.11.6|<
CVE-2022-29361|palletsprojects|werkzeug|||2.1.0|<=
CVE-2023-23934|palletsprojects|werkzeug|||2.2.3|<
CVE-2023-25577|palletsprojects|werkzeug|||2.2.3|<
CVE-2023-46136|palletsprojects|werkzeug|||2.3.8|<
CVE-2023-46136|palletsprojects|werkzeug|3.0.0|=||
CVE-2024-34069|palletsprojects|werkzeug|||3.0.3|<
CVE-2024-49766|palletsprojects|werkzeug|||3.0.6|<
CVE-2024-49767|palletsprojects|werkzeug|||3.0.6|<
CVE-2025-66221|palletsprojects|werkzeug|||3.1.4|<
Set the CVE_PRODUCT so it matches the relevant entries.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The only related CVE to this recipe is tracked using tqdm_project:tqdm
CPE, so the default python:tqdm CPE doesn't match it.
See relevant CVE db query:
sqlite> select * from products where PRODUCT like 'tqdm';
CVE-2016-10075|tqdm_project|tqdm|4.4.1|=||
CVE-2016-10075|tqdm_project|tqdm|4.10|=||
Set the CVE_PRODUCT so it can match related CVEs.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ipython CVEs are tracked using ipython:ipython CPE, so the default
python:ipython CVE_PRODUCT doesn't match relevant CPEs.
See CVE db query:
sqlite> select * from products where PRODUCT like 'ipython';
CVE-2015-4706|ipython|ipython|3.0.0|=||
CVE-2015-4706|ipython|ipython|3.1.0|=||
CVE-2015-4707|ipython|ipython|||3.2.0|<
CVE-2015-5607|ipython|ipython|2.0.0|=||
CVE-2015-5607|ipython|ipython|2.1.0|=||
CVE-2015-5607|ipython|ipython|2.2.0|=||
CVE-2015-5607|ipython|ipython|2.3.0|=||
CVE-2015-5607|ipython|ipython|2.3.1|=||
CVE-2015-5607|ipython|ipython|2.4.0|=||
CVE-2015-5607|ipython|ipython|2.4.1|=||
CVE-2015-5607|ipython|ipython|3.0.0|=||
CVE-2015-5607|ipython|ipython|3.1.0|=||
CVE-2015-5607|ipython|ipython|3.2.0|=||
CVE-2015-5607|ipython|ipython|3.2.1|=||
CVE-2015-5607|ipython|ipython|3.2.2|=||
CVE-2015-5607|ipython|ipython|3.2.3|=||
CVE-2022-21699|ipython|ipython|||5.10.0|<=
CVE-2022-21699|ipython|ipython|6.0.0|>=|7.16.3|<
CVE-2022-21699|ipython|ipython|7.17.0|>=|7.31.1|<
CVE-2022-21699|ipython|ipython|8.0.0|>=|8.0.1|<
CVE-2023-24816|ipython|ipython|||8.10.0|<
Set the CVE_PRODUCT accordingly to match the relevant entries.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NIST currently tracks CVEs under at least 2 different CPEs for this recipe,
but neither of them is python:m2crypto (the default CVE_PRODUCT).
See CVE db query:
sqlite> select * from products where PRODUCT like '%m2crypto%';
CVE-2009-0127|heikkitoivonen|m2crypto|-|||
CVE-2020-25657|m2crypto_project|m2crypto|-|||
CVE-2023-50781|m2crypto_project|m2crypto|-|||
Set the CVE_PRODUCT to match the relevant CPEs.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The related CVEs are tracked with twisted:twisted CPE, so the
default python:twisted CPE doesn't match any entries.
See CVE db query:
sqlite> select * from products where PRODUCT = 'twisted';
CVE-2014-7143|twisted|twisted|14.0.0|=||
CVE-2016-1000111|twisted|twisted|||16.3.1|<
CVE-2019-12387|twisted|twisted|||19.2.1|<
CVE-2019-12855|twisted|twisted|||19.2.1|<=
CVE-2020-10108|twisted|twisted|||19.10.0|<=
CVE-2020-10109|twisted|twisted|||19.10.0|<=
CVE-2022-21712|twisted|twisted|11.1.0|>=|22.1.0|<
CVE-2022-21716|twisted|twisted|21.7.0|>=|22.2.0|<
CVE-2022-24801|twisted|twisted|||22.4.0|<
CVE-2022-39348|twisted|twisted|0.9.4|>=|22.10.0|<
CVE-2023-46137|twisted|twisted|||22.8.0|<=
CVE-2024-41810|twisted|twisted|||24.3.0|<=
Set the CVE_PRODUCT accordingly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The relevant CVEs are tracked with python-ldap:python-ldap CPE, not
python:python-ldap.
See CVE db query:
sqlite> select * from products where PRODUCT like '%python-ldap%';
CVE-2021-46823|python-ldap|python-ldap|||3.4.0|<
CVE-2025-61911|python-ldap|python-ldap|||3.4.5|<
CVE-2025-61912|python-ldap|python-ldap|||3.4.5|<
Set the CVE_PRODUCT accordingly
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is one relevant CVE tracked using the simplejson_prject:simplejson
CPE, and no entries tracked with python:simplejson.
See CVE db query:
sqlite> select * from products where PRODUCT like '%simplejson%';
CVE-2014-4616|simplejson_project|simplejson|||2.6.1|<
Set the CVE_PRODUCT accordingly
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relevant CVEs are tracked with pywbem_project:pywbem CPE instead of
the (previously) expected python:pywbem.
See CVE db query:
sqlite> select * from products where PRODUCT = 'pywbem';
CVE-2013-6418|pywbem_project|pywbem|||0.7|<=
CVE-2013-6444|pywbem_project|pywbem|||0.7|<=
Set the CVE_PRODUCT accordingly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are relevant CVEs tracked under two different CPEs:
python:virtualenv (the default in OE), and virtualenv:virtualenv (these were missed).
See CVE db query:
sqlite> select * from products where PRODUCT = 'virtualenv';
CVE-2011-4617|python|virtualenv|||1.4.9|<=
CVE-2011-4617|python|virtualenv|0.8|=||
CVE-2011-4617|python|virtualenv|0.8.1|=||
CVE-2011-4617|python|virtualenv|0.8.2|=||
CVE-2011-4617|python|virtualenv|0.8.3|=||
CVE-2011-4617|python|virtualenv|0.8.4|=||
CVE-2011-4617|python|virtualenv|0.9|=||
CVE-2011-4617|python|virtualenv|0.9.1|=||
CVE-2011-4617|python|virtualenv|0.9.2|=||
CVE-2011-4617|python|virtualenv|1.0|=||
CVE-2011-4617|python|virtualenv|1.1|=||
CVE-2011-4617|python|virtualenv|1.1.1|=||
CVE-2011-4617|python|virtualenv|1.2|=||
CVE-2011-4617|python|virtualenv|1.3|=||
CVE-2011-4617|python|virtualenv|1.3.1|=||
CVE-2011-4617|python|virtualenv|1.3.2|=||
CVE-2011-4617|python|virtualenv|1.3.3|=||
CVE-2011-4617|python|virtualenv|1.3.4|=||
CVE-2011-4617|python|virtualenv|1.4|=||
CVE-2011-4617|python|virtualenv|1.4.1|=||
CVE-2011-4617|python|virtualenv|1.4.2|=||
CVE-2011-4617|python|virtualenv|1.4.3|=||
CVE-2011-4617|python|virtualenv|1.4.4|=||
CVE-2011-4617|python|virtualenv|1.4.5|=||
CVE-2011-4617|python|virtualenv|1.4.6|=||
CVE-2011-4617|python|virtualenv|1.4.7|=||
CVE-2011-4617|python|virtualenv|1.4.8|=||
CVE-2013-5123|virtualenv|virtualenv|12.0.7|=||
CVE-2024-53899|virtualenv|virtualenv|||20.26.6|<
Set the CVE_PRODUCT so both are matched.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are no CVEs tracked with python:httplib2 CPE, but there
are multiple ones tracked under httplib2_project:hgttplib2 CPE
(and they are related to this recipe).
See CVE db query:
sqlite> select * from products where PRODUCT = 'httplib2';
CVE-2013-2037|httplib2_project|httplib2|||0.7.2|<=
CVE-2013-2037|httplib2_project|httplib2|0.8|=||
CVE-2020-11078|httplib2_project|httplib2|||0.18.0|<
CVE-2021-21240|httplib2_project|httplib2|||0.19.0|<
Set the CVE_PRODUCT accordingly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
At least one CVE is tracked by debian:matplotlib CPE (and no CVEs are
tracked by the defaul python:matplotlib CPE).
See CVE db query:
sqlite> select * from products where PRODUCT = 'matplotlib';
CVE-2013-1424|debian|matplotlib|0.99.3-1|>=|1.4.2-3.1|<
Set the CVE_PRODUCT accordingly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
NIST tracks related CVEs with pyrad_project CPE vendor instead of "python".
Set the CVE_PRODUCT to pyrad, so both can be matched.
See CVE db query:
sqlite> select * from products where PRODUCT = 'pyrad';
CVE-2013-0294|pyrad_project|pyrad|||2.1|<
CVE-2013-0342|pyrad_project|pyrad|||2.1|<
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Set the correct CVE_PRODUCT for the recipe.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The product's CPE doesn't use "python" as the vendor, set the CVE_PRODUCT
accordingly.
See CVE db query:
sqlite> select * from products where PRODUCT = 'tweepy';
CVE-2012-5825|tweepy|tweepy|-|||
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The default python:sqlalchemy CPE fails to match CVEs, because the CVEs
are associated with sqlalchemy:sqlalchemy CPE.
See CVE db query:
sqlite> select * from products where PRODUCT = 'sqlalchemy';
CVE-2012-0805|sqlalchemy|sqlalchemy|||0.7.0|<=
CVE-2012-0805|sqlalchemy|sqlalchemy|0.6.0|=||
CVE-2012-0805|sqlalchemy|sqlalchemy|0.6.0_beta1|=||
CVE-2012-0805|sqlalchemy|sqlalchemy|0.6.0_beta2|=||
CVE-2012-0805|sqlalchemy|sqlalchemy|0.6.0_beta3|=||
CVE-2012-0805|sqlalchemy|sqlalchemy|0.6.1|=||
CVE-2012-0805|sqlalchemy|sqlalchemy|0.6.2|=||
CVE-2012-0805|sqlalchemy|sqlalchemy|0.6.3|=||
CVE-2012-0805|sqlalchemy|sqlalchemy|0.6.4|=||
CVE-2012-0805|sqlalchemy|sqlalchemy|0.6.5|=||
CVE-2012-0805|sqlalchemy|sqlalchemy|0.6.6|=||
CVE-2012-0805|sqlalchemy|sqlalchemy|0.6.7|=||
CVE-2012-0805|sqlalchemy|sqlalchemy|0.7.0_b1|=||
CVE-2012-0805|sqlalchemy|sqlalchemy|0.7.0_b2|=||
CVE-2019-7164|sqlalchemy|sqlalchemy|||1.2.17|<=
CVE-2019-7164|sqlalchemy|sqlalchemy|1.3.0_beta1|=||
CVE-2019-7164|sqlalchemy|sqlalchemy|1.3.0_beta2|=||
CVE-2019-7548|sqlalchemy|sqlalchemy|1.2.17|=||
Set the CVE_PRODUCT accordingly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Set correct CVE_PRODUCT for paramiko. The default python:paramiko value
doesn't match CVEs, because the product has its own set of CPEs associated
with CVEs.
See CVE db query:
sqlite> select * from products where PRODUCT = 'paramiko';
CVE-2008-0299|python_software_foundation|paramiko|1.7.1|=||
CVE-2018-1000805|paramiko|paramiko|1.17.6|=||
CVE-2018-1000805|paramiko|paramiko|1.18.5|=||
CVE-2018-1000805|paramiko|paramiko|2.0.8|=||
CVE-2018-1000805|paramiko|paramiko|2.1.5|=||
CVE-2018-1000805|paramiko|paramiko|2.2.3|=||
CVE-2018-1000805|paramiko|paramiko|2.3.2|=||
CVE-2018-1000805|paramiko|paramiko|2.4.1|=||
CVE-2018-7750|paramiko|paramiko|||1.17.6|<
CVE-2018-7750|paramiko|paramiko|1.18.0|>=|1.18.5|<
CVE-2018-7750|paramiko|paramiko|2.0.0|>=|2.0.8|<
CVE-2018-7750|paramiko|paramiko|2.1.0|>=|2.1.5|<
CVE-2018-7750|paramiko|paramiko|2.2.0|>=|2.2.3|<
CVE-2018-7750|paramiko|paramiko|2.3.0|>=|2.3.2|<
CVE-2018-7750|paramiko|paramiko|2.4.0|=||
CVE-2022-24302|paramiko|paramiko|||2.10.1|<
CVE-2023-48795|paramiko|paramiko|||3.4.0|<
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The default "python:tornado" CVE_PRODUCT doesn't match relevant CVEs, because
the project's CPE is "tornadoweb:tornado".
See cve db query (docmosis is an irrelevant vendor):
sqlite> select * from products where PRODUCT = 'tornado';
CVE-2012-2374|tornadoweb|tornado|||2.2|<=
CVE-2012-2374|tornadoweb|tornado|1.0|=||
CVE-2012-2374|tornadoweb|tornado|1.0.1|=||
CVE-2012-2374|tornadoweb|tornado|1.1|=||
CVE-2012-2374|tornadoweb|tornado|1.1.1|=||
CVE-2012-2374|tornadoweb|tornado|1.2|=||
CVE-2012-2374|tornadoweb|tornado|1.2.1|=||
CVE-2012-2374|tornadoweb|tornado|2.0|=||
CVE-2012-2374|tornadoweb|tornado|2.1|=||
CVE-2012-2374|tornadoweb|tornado|2.1.1|=||
CVE-2014-9720|tornadoweb|tornado|||3.2.2|<
CVE-2023-25264|docmosis|tornado|||2.9.5|<
CVE-2023-25265|docmosis|tornado|||2.9.5|<
CVE-2023-25266|docmosis|tornado|||2.9.5|<
CVE-2023-28370|tornadoweb|tornado|||6.3.2|<
CVE-2024-42733|docmosis|tornado|||2.9.7|<=
CVE-2024-52804|tornadoweb|tornado|||6.4.2|<
CVE-2025-47287|tornadoweb|tornado|||6.5.0|<
CVE-2025-67724|tornadoweb|tornado|||6.5.3|<
CVE-2025-67725|tornadoweb|tornado|||6.5.3|<
CVE-2025-67726|tornadoweb|tornado|||6.5.3|<
Set the CVE_PRODUCT accordingly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The default, "python:cbor2" CVE_PRODUCT is not appropriate for this
recipe, because most associated CVEs use "agronholm:cbor2" CPE.
Set the CVE_PRODUCT to cbor2, so it will match the currently used
CPE, and in case there will be future python:cbor2 CPEs also, they
will be matched too.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Changelog:
https://github.com/fastapi/fastapi-cli/releases/tag/0.0.20
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
| |
It needs go compiler and runtime which is missing on rv32
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
| |
Not all arches e.g. rv32 support kexec atm, reflect that here
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-14425
Backport the patch referenced by the nvd report.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-14424
Pick the patch referenced by the NVD report.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-14423
Pick the patch references by the NVD report.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-14422
Pick the patch referenced by the NVD report.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
=============
- Simplify code for osdetect
- Fix and improve configuration for cmake builds
- Modernize some for loops and fix some signed/unsigned issues
- Cmake optimization with warp2
- Update checkout action
- chore: fix cyrillic typo
- Move version info. to appropriate ALTO element
- CI: Remove unneeded export statements from cmake workflow for macOS
- Bump actions/checkout from 5 to 6
- Bump github/codeql-action from 2 to 4
- Bump actions/upload-artifact from 4 to 5
- Bump mikepenz/action-junit-report from 4 to 6
- Bump actions/upload-artifact from 5 to 6
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Changelog:
Merge error store messages without rebuilding collections.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
License-Update: Copyright year updated to 2025.
Changelog:
===========
- Drop Python 3.9 compatibility and add Pyton 3.15 support
- Improve XPath sequence internal processing with a list derived type xlist
- Extensions and fixes for XSD datatypes
- Add XSequence datatype for external representation of XPath sequences
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
============
- Added: the JSON report now includes a "start_line" key for function and class
regions, indicating the first line of the region in the source.
- Added: The debug data command now takes file names as arguments on the
command line, so you can inspect specific data files without needing to set
the COVERAGE_FILE environment variable.
- Fix: the JSON report used to report module docstrings as executed lines,
which no other report did, as described in issue 2105.
- Fix: coverage.py uses a more disciplined approach to detecting where
third-party code is installed, and avoids measuring it.
- Performance: data files that will be combined now record their hash as part
of the file name. This lets us skip duplicate data more quickly, speeding the
combining step.
- Docs: added a section explaining more about what is considered a missing
branch and how it is reported: Examples of missing branches, as requested in
issue 1597.
- Tests: the test suite misunderstood what core was being tested if
COVERAGE_CORE wasn't set on 3.14+.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Changelog:
Fix a gpsd.rules warning.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
- packaging: script: Use rockylinux prefix on package testing script
- security: Update supporting timeline
- out_cloudwatch_logs: increase MAX_EVENT_LEN to 1MB with tests
- aws: Implement simple_aggregation operation
- out_kinesis_firehose: enable HTTP debugging for AWS client requests
- http_client: add ipv6 bracket if missing from host address
- lib: updates 20251223
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
- Added a number of new values for some Sony tags
- Added a few new button functions for the Nikon Z9
- Added some Nikon subject detection values
- Added a new Canon SubjectSwitching value
- Decode Ricoh APP7 maker notes
- Patched to allow a specific PreviewImage to be written to a DNG file
containing multiple previews
- Fixed minor error when writing some DJI DNG files
- Fixed bug reading large Protobuf integers on 32-bit systems
- API Changes:
- Added SystemTimeRes option
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
One big change that comes with this update is the build system change:
the project removed autotools and now uses meson.
Dropped 0001-Use-stdbool.h-for-booleans.patch because it is included
in this release.
Changelog: https://github.com/containers/bubblewrap/releases/tag/v0.11.0
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update SRC_URI because the previous one became inaccessible.
Slightly update do_install - now it is in line with the installation
script from the project's own RPM file (previous some files were not
installed)
Shortlog:
[logwatch] Preparation for Release 7.13
[rsyslogd] De-duplicate lines with time calculations
[sendmail] Removed invalid commented-out code.
[logstash] Remove script - needs update to Logwatph.pm
[sendmail] Improved detection of "Command unrecognized" strings.
[rsyslogd] Ignore "GnuTLS error: Error in the push function" - paired with other errors
[omsa] Handle peak power and new Unexpected sense messages
[systemd] Add ignore_messages option to ignore messages matching a regex
[kernel] Fix EDAC regex
[rsyslogd] Ignore additional rate-limiting message paired with other messages
[rsyslogd] Ignore additional omfwd messages paired with other messages
[nut] Ignore upsnotify message about tech that we already know about
[pam_unix] Add nx to services; Allow for username in session opened by messages for cron
[pam_unix] Add kde to dektop services; Hande "User info message"
[systemd] Update for newer systemd
[logstash] Initial version
[systemd] Ignore "Unnecessary job was removed for .*" - appears informational
[systemd] Ignore State timed out messages - followed by a failed message
[named] No need for unconfineds variable, not used
[clam-update] Added comments about syslog format.
[logwatch.8] Clarified use of debug.
Fix Dir glob issue Iridos2 bug report.
[postfix] Added support for postfix version 3.10
[zypp] Added support for patch statements; reported by leithh.
[dovecot] Added better detail granularity, and support logformat 2.3
[systemd] Relax LSM BPF program attached regex
[dirsrv] Relax ACL target does not exist regex; Ignore schema-compat-plugin info messages that are at ERR level
[dovecot] Script and configuration file updated with granular detail options and improved report grouping
[clam-update] Fixed typo.
[clam-update] Check for empty LogFile strings and adjust error messages
[onlyservice,removeheaders] Allow RFC 3164 Log Format with named facility.severity
[http] Setting default http_rc code for when not specified in LogFormat
[logwatch.pl,syslog-ng] Removed HTML Entity encoding for xml, as all strings are now UTF-8
(tag: 7.12) [logwatch] Updating release version
[http] Replace hyphen with "Unidentified agent,"
[named] Handle "zone not loaded due to errors; Handle "journal file is out of date; removed" separately; Ignore "New key observered for zone"
[named] handle "TCP client quota reached" messages; Expand limit regex
Remove trailing whitespace
[nut] Handle battery needs to be replaced message
[nut] Update for 2.8.2
[postfix] Support for aliased mailboxes
[zz-zfs] Added 'Cap' column header
[sudo] Add sudo_detail
[omsa] Ignored Administrator stopped message
[omsa] Update Patrol Read regex
[sssd] Ignore "exec_child_ex command" messages
[secure] relax regex around "gkr-pam: no password is available for user"
[secure] Ignore sshd-session messages
[sendmail] Added filter for new pre-greeting message.
[postfix] Added DNSBL rank display
[sshd] Added 'drop connection' counter.
[rsyslogd] Handle stdout/stderr sent to journal which ends up with an extra prefix
[named] Add option to ignore denied zone trasfter; Move limit reporting to detail >= 1
[systemd] Handle new Watchdog and Reexecuting requested messages
[dnf-automatic] New script contributed by Clive Lin.
[mdadm] Check if hash of 'good devices' is undefined or empty.
[sshd,secure] Added support for OpenSSH 9.8 (sshd-session, port number), per tomop.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
The url from where this icon was sourced origiannly has been inaccessible
since a while (the domain seems to be parked). Instead of displaying the
fetcher warning, just vendor this image from the layer directly - it's
only a 4kB icon.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Also update the SRC_URI, the previous one became inaccessible.
Changelog:
- Update project's website.
- /usr/lib/tomoyo/init_policy
Remove rewrite rules handled by commit bdc35f164b0f ("tomoyo: use better
patterns for procfs in learning mode").
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TigerVNC compiles its own xserver from a separate tarball, it doesn't
use oe-core's xserver for most of the compilation.
The vendored xserver code should be still kept in sync with oe-core
to minimize incompatibilities, feature and bug-discrepepancies (...)
However it is easy to miss when xserver is updated in oe-core, TigerVNC's
xserver gets out of sync frequently.
This change adds a small check before do_configure that compares the
vendored and oe-core's xserver version, and issues a warning if
TigerVNC recipe needs to be synced to oe-core.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
The https link does not work anymore, it just refuses the connection.
http still works though.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
The https link does not work anymore, it just refuses the connection.
http still works though.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop the patches that were merged in this release.
Shortlog:
show why files can't be open using errno
Fix memory free
Allow force to execute script, and keep upper dir while merge
Fix broken long option for ignore
Change program_name to have const attribute
always use glibc basename()
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It takes about a second to execute the suite.
Sample output (the "ERRORs" are coming from negative tests):
root@qemux86-64:~# ptest-runner
START: ptest-runner
2025-12-26T20:19
BEGIN: /usr/lib/exfatprogs/ptest
Running ./bad_file_size
-----------------------------------
exfatprogs version : 1.2.6
ERROR: /dir_01/bad_child_01: less clusters are allocated. truncates to 8192 bytes at 0x206060. Truncate (y/N)? y
ERROR: /dir_02/bad_child_02: more clusters are allocated. truncate to 8192 bytes at 0x209060. Truncate (y/N)? y
exfat.img: clean. directories 3, files 9
exfat.img: files corrupted 0, files fixed 1
exfatprogs version : 1.2.6
exfat.img: clean. directories 4, files 10
PASS: ./bad_file_size
[...many lines...]
PASS: ./bad_num_chain
Running ./loop_chain
-----------------------------------
exfatprogs version : 1.2.6
ERROR: /dir_01/bad_child_01: more clusters are allocated. truncate to 16384 bytes at 0x206060. Truncate (y/N)? y
ERROR: /dir_02/bad_child_02: cluster is already allocated for the other file. truncated to 8192 bytes at 0x209060. Truncate (y/N)? y
exfat.img: clean. directories 3, files 9
exfat.img: files corrupted 0, files fixed 1
exfatprogs version : 1.2.6
exfat.img: clean. directories 4, files 10
PASS: ./loop_chain
PASS: 17 of 17
DURATION: 1
END: /usr/lib/exfatprogs/ptest
2025-12-26T20:21
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
License-Update: small formatting changes and copyright year update. License hasn't changed.
The previous version of the recipe, 3.0.2 was released in 2019. The last release, 3.2.0 was
done in 2022.
However the project is still actively developed (it just moved to Github) - fetch the latest
revision, at least until there is a new release.
Shortlog:
https://github.com/icculus/physfs/commits/main?since=2019-03-19&until=2025-12-26
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
The "develop" branch doesn't exist anymore, the used revision can be
found on the "main" branch.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
