summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* README.md: fix typosGyorgy Sarvari2026-03-026-7/+7
| | | | | | | Correct a couple of typos in the various readme files. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-autoflake: upgrade 2.3.1 -> 2.3.3Wang Mingyu2026-03-021-1/+1
| | | | | | | | | | | | | | | | | Changelog: =========== - Update README.md - Drop Python 3.8 - pre-commit-config: --py39-plus - github/workflows: add Python 3.13 to the test matrix - Fix TypeError in is_literal_or_name on unhashable set literals - Fix IndexError in extract_package_name on malformed import lines - pre-commit: update hooks and formatting - github/workflows/upload-to-pypi: oidc - pyproject: fix packaging Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-asyncinotify: upgrade 4.3.2 -> 4.4.0Wang Mingyu2026-03-021-1/+1
| | | | | | | | Changelog: Add support for FreeBSD Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-astroid: upgrade 4.0.3 -> 4.1.1Wang Mingyu2026-03-021-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-asgiref: upgrade 3.11.0 -> 3.11.1Wang Mingyu2026-03-021-1/+1
| | | | | | | | | | | Changelog: ============ - SECURITY FIX CVE-2025-14550 - Fixed a regression in 3.11.0 in "sync_to_async" when wrapping a callable with an attribute named "context". Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* postfix: upgrade 3.10.6 -> 3.10.8Wang Mingyu2026-03-021-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* pcsc-tools: upgrade 1.7.3 -> 1.7.4Wang Mingyu2026-03-021-1/+1
| | | | | | | | | | Changelog: =========== - 282 new ATRs - pcsc_scan: display what the program expect from the user Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* parallel: upgrade 20251122 -> 20260222Wang Mingyu2026-03-021-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nautilus: upgrade 49.3 -> 49.4Wang Mingyu2026-03-021-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nano: upgrade 8.7 -> 8.7.1Wang Mingyu2026-03-021-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mstpd: upgrade 0.1.0 -> 0.1.1Wang Mingyu2026-03-021-4/+2
| | | | | | | | | | | | | | | | | | Changelog: =========== - mstpctl: add showportparams cmd - bridge-stp.in: use short-hand arguments for logger command - bridge-stp.in: support different versions of pidof - mstpctl-utils-functions.sh: fix shellcheck warnings - Update bridge_track.c - netif_utils: fix speeds > 65G - ifupdown.sh.in: fix new shellcheck warnings - libnetlink: fix socket file descriptor leak on error paths - fix compilation for with GCC 15 / C23 - do not leak stack memory via struct holes Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mpich: upgrade 4.3.2 -> 5.0.0Wang Mingyu2026-03-021-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mctp: upgrade 2.4 -> 2.5Wang Mingyu2026-02-251-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libspdm: upgrade 3.8.1 -> 3.8.2Wang Mingyu2026-02-251-2/+2
| | | | | | | | | | | Changelog: ============ - os_stub/openssllib: Allow building with older OpenSSL versions - Ignore MSVC warning when compiling OpenSSL - Bring fixes from main to 3.8 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libpanel: upgrade 1.10.3 -> 1.10.4Wang Mingyu2026-02-251-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libgsf: upgrade 1.14.54 -> 1.14.55Wang Mingyu2026-02-251-1/+1
| | | | | | | | | | Changelog: ========= * Reduce stack usage. * Documentation fixes. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libdnet: upgrade 1.18.0 -> 1.18.2Wang Mingyu2026-02-251-2/+2
| | | | | | | | | | | | | Changelog: =========== - fix copyright typo - Fix encoding (iso-8859 -> utf-8) and add GL CI config - config.h.in: Fix wrong return type - Update master from devel branch - Pull in latest development changes Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* jwt-cpp: upgrade 0.7.1 -> 0.7.2Wang Mingyu2026-02-251-2/+2
| | | | | | | | | | | | | | | | | | | | | Changelog: =========== - Improve as_date narrowing conversion from C4244 warning - update trait dependencies to support CMake v4 - Fix linter error - Update workflows for new GitHub Action Runner Images - Support passing ssl library key handles to algorithms - Update CMP0135 to new behaviour - Fix error in CMake config-file package - CMake: synchronize cmake_minimum_required from main CMakeLists.txt - Reduce usage of std::time_t, std::chrono::system_clock::to_time_t and system_clock::from_time_t in order to get correct dates when working with a 32bit application - Fix set_expires_in not accepting non-default Period - AppVeyor Warnings Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* imagemagick: upgrade 7.1.2-13 -> 7.1.2-15Wang Mingyu2026-02-251-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* gtksourceview5: upgrade 5.18.0 -> 5.19.0Wang Mingyu2026-02-251-1/+1
| | | | | | | | | | | | | | | | Changelog: ========= * Annotations: draw a background behind annotations; align to the right when they fit (e.g. for diagnostics) * GObject Introspection: fix nullable and callback destroy annotations (get_location, get_match_style, scheduler, callbacks) * Fix gutter text renderer text layout snapshot deprecation * PHP language: highlight PHP 8.0 attributes and add new keywords * New language: Cornish * Translation updates Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* gensio: upgrade 3.0.1 -> 3.0.2Wang Mingyu2026-02-251-2/+2
| | | | | | | | | | | | Changelog: ========= - Fix afskmdm shutdown issues - Fix a crash if gensio_acc_disable() is called more than once. - Allow the pcre2 package to be used. - Fix a locking issue in cm108gpio. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* feh: upgrade 3.11.2 -> 3.11.3Wang Mingyu2026-02-251-1/+1
| | | | | | | | | | | | | Changelog: ========== * Support DOS-style \r\n line breaks when loading filelists. Note that they will be saved with UNIX-style \n line breaks regardless of input format. This is intentional. * Fix --action, --info, --title and similar commands hard-coding the maximum length of the formatted output to 4095 characters. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ctags: upgrade 6.2.20260125.0 -> 6.2.20260222.0Wang Mingyu2026-02-251-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cmark: upgrade 0.31.1 -> 0.31.2Wang Mingyu2026-02-251-2/+2
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* catch2: upgrade 3.12.0 -> 3.13.0Wang Mingyu2026-02-251-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* byacc: upgrade 20241231 -> 20260126Wang Mingyu2026-02-251-2/+2
| | | | | | | License-Update: Copyright year updated to 2026. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* bdwgc: upgrade 8.2.10 -> 8.2.12Wang Mingyu2026-02-251-2/+2
| | | | | | | License-Update: Copyright year updated to 2025. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* asyncmqtt: upgrade 10.2.6 -> 10.3.0Wang Mingyu2026-02-251-1/+1
| | | | | | | | | | | | | | | | | | | Changelog: ============= - Added Share Name character check. - Implemented cmake package version checking. - Fixed broker tool not delivering all retained messages when wildcard subscription matches multiple topics. - Added get_qos2_publish_handled_pids(), restore_qos2_publish_handled_pids(), restore_packets(), and get_stored_packets() to client for convenient. - get_endpoint() can be omitted now. - Refined reconnect examples. - Added websocket async_close timeout. - Added documentation regarding stream reuse restrictions for TLS-related streams. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* abseil-cpp: upgrade 20260107.0 -> 20260107.1Wang Mingyu2026-02-251-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libsdl3-image: update 3.2.6 -> 3.4.0Markus Volk2026-02-242-15/+19
| | | | | | | | | - Fix license checksum: Copyright year has been changed - Add support for av1 and jxl - libavif is in meta-multimedia -> disable av1 by default Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* tigervnc: Fix do_rootfs ErrorLiu Yiding2026-02-241-1/+3
| | | | | | | | | Fix the following error: ERROR: core-image-minimal-1.0-r0 do_rootfs: Postinstall scriptlets of ['tigervnc'] have failed. If the intention is to defer them to first boot, then please place them into pkg_postinst_ontarget:${PN} (). Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* iperf2: Update CVE_PRODUCTColin McAllister2026-02-241-1/+1
| | | | | | | | | CPEs are registered for iperf_project2:iperf2 in addition to iperf_project:iperf. By changing CVE_PRODUCT to an appends, this ensures that both iperf and iperf2 CPEs are used for CVE matching. Signed-off-by: Colin Pinnell McAllister <colin.mcallister@garmin.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-nltk: upgrade 3.9.2 -> 3.9.3Gyorgy Sarvari2026-02-241-1/+1
| | | | | | | | | | | | | | | Contains fix for CVE-2026-14009. Changelog: * Fix CVE-2025-14009: secure ZIP extraction in nltk.downloader * Block path traversal/arbitrary reads in nltk.data for protocol-less refs * Block path traversal/abs paths in corpus readers and FS pointers * Validate external StanfordSegmenter JARs using SHA256 * Add optional sandbox enforcement for filestring() * Maintenance: downloader/zipped models, CI/tooling updates Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* freerdp: patch CVE-2026-23532Gyorgy Sarvari2026-02-242-0/+50
| | | | | | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2026-23532 The related Github advisory[1] contains a detailed analysis about the vulnerability. Pick the patch that describes the same issue in its description. [1]: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fq8c-87hj-7gvr Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* freerdp: patch CVE-2026-23530Gyorgy Sarvari2026-02-242-0/+29
| | | | | | | | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2026-23530 The related Github advisory[1] contains an amalysis of the vulenrability, describing the issue and the root cause also. Backported the commit that implemented the solution described in the advisory. [1]: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-r4hv-852m-fq7p Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-flask-jwt-extended: Upgrade 4.6.0 -> 4.7.1Leon Anavi2026-02-241-2/+2
| | | | | | | | | | | | | | Upgrade to release 4.7.1: - Add controls for verify_sub option in PyJWT From release 4.7.0: - Drop support for python 3.7 and 3.8, add 3.13 - Fix documentation around identity needing to be a string Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-flask-pymongo: Upgrade 2.3.0 -> 3.0.1Leon Anavi2026-02-241-4/+8
| | | | | | | | | | | | | | | | | Upgrade to release 3.0.1: - Fix link rendering in readme - Fix handling of _version.py file From release 3.0.0: - Support Flask 3.0+ and PyMongo 4.0+. - Support Python 3.9-3.13. - Support MongoDB 4.4+. - Add support for ~flask.json.jsonify(). Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-flask-socketio: Upgrade 5.6.0 -> 5.6.1Leon Anavi2026-02-241-1/+1
| | | | | | | | | | | Upgrade to release 5.6.1: - Session fixes for Flask >= 3.1.3 - Update SocketIO constructor documentation - Switch to the Furo documentation template Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-flask-cors: Upgrade 5.0.0 -> 6.0.2Leon Anavi2026-02-241-3/+3
| | | | | | | | | | | | | | | | | | | | | | | Upgrade to release 6.0.2: - Update license pyproject.toml From 6.0.1: - Invert regex sorting to make it correctly match the intent (sorting by specificity descending) - Fix README file extension in pyproject.toml From 6.0.0: - [CVE-2024-6839] Sort Paths by Regex Specificity - [CVE-2024-6844] Replace use of (urllib) unquote_plus with unquote - [CVE-2024-6866] Case Sensitive Request Path Matching License-Update: Use line 6 from PKG-INFO Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-flask-marshmallow: Upgrade 1.3.0 -> 1.4.0Leon Anavi2026-02-241-1/+1
| | | | | | | | | | Upgrade to release 1.4.0: - Add missing commas in error message for validate.FileType - Support Python 3.10-3.14 Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-flask: Upgrade 3.1.2 -> 3.1.3Leon Anavi2026-02-241-2/+2
| | | | | | | | | | Upgrade to release 3.1.3: - The session is marked as accessed for operations that only access the keys but not the values, such as in and len. Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-flask-migrate: Upgrade 4.0.7 -> 4.1.0Leon Anavi2026-02-241-2/+2
| | | | | | | | | | Upgrade to release 4.1.0: - Accept arguments such as --directory in environment variables - Fix minor typos in documentation Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-flask-mail: Upgrade 0.9.1 -> 0.10.0Leon Anavi2026-02-241-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | Upgrade to release 0.10.0: - Drop support for Python < 3.8. - Use pyproject.toml for packaging metadata. - Use flit_core as build backend. - Apply code formatting and linting tools. - Add static type annotations. - Deprecate the __version__ attribute. Use feature detection or importlib.metadata.version("flask-mail") instead. - Indicate that the deprecated is_bad_headers will be removed in the next version. - Fix the email_dispatched signal to pass the current app as the sender and message as an argument, rather than the other way around. - Attachment.data may not be None. - Attachment.content_type will be detected based on filename and data and will not be None. License-Update: Use LICENSE.txt Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* blueprint-compiler: remove recipeYi Zhao2026-02-241-16/+0
| | | | | | | | | The recipe has been moved to oe-core[1]. [1] https://git.openembedded.org/openembedded-core/commit/?id=4212392ca7ebf890e1e192ddd0e7dbe1f8dabcf2 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-appdirs:Add HOMEPAGELiu Yiding2026-02-241-0/+1
| | | | | | | Add HOMEPAGE in python3-appdirs. Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* streamripper: ignore CVE-2020-37065Gyorgy Sarvari2026-02-241-0/+2
| | | | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2020-37065 The vulnerability is about a 3rd party Windows-only GUI frontend for the streamripper library, and not for the CLI application that the recipe builds. Due to this ignore this CVE. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-werkzeug: upgrade 3.1.5 -> 3.1.6Gyorgy Sarvari2026-02-241-1/+1
| | | | | | | | | Contains fix for CVE-2026-27199 Changelog: safe_join on Windows does not allow special devices names in multi-segment paths Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-pillow: upgrade 12.1.0 -> 12.1.1Gyorgy Sarvari2026-02-241-2/+2
| | | | | | | | | | | | | | | | | | | | | | Contains fix for CVE-2026-25990 Ptests passed successfully: Testsuite summary TOTAL: 5024 PASS: 4587 SKIP: 434 XFAIL: 3 FAIL: 0 XPASS: 0 ERROR: 0 Changelog: Patch libavif for svt-av1 4.0 compatibility Fix OOB Write with invalid tile extents Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* live555: upgrade 20210824 -> 20260112Gyorgy Sarvari2026-02-242-2/+2
| | | | | Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* protobuf: ignore CVE-2026-0994Gyorgy Sarvari2026-02-241-0/+2
| | | | | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2026-0994 The vulnerability impacts only the python bindings of protobuf, which is in a separate recipe (python3-protobuf, where it is patched). Ignore this CVE in this recipe due to this. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2026-04-22 05:04:09 +0000