| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
- Non-animated images can now be loaded as single frame animations
- Fixed animated WebP frame composition
- Fixed potential buffer overflow in tRNS handling
- Fixed out of bounds read in XCF image loader (CVE-2026-35444)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
0001-Bug-fix-Faulty-signal-handler-prototype-spoiled-comp.patch
removed since it's included in 1.5.8
Changelog:
=============
* Bug fix: burn_offst_source_new() parameter "size" rolled over at 2 exp 31
* Bug fix: ATA and SATA drives under sg did not register their SCSI address
tuple
* Bug fix: WAVE files with unsuitable audio format were read as raw audio file.
* New API calls use and return off_t sizes instead of int or uint32_t
* Augmented struct burn_toc_entry by new off_t block addresses and counters
* New struct burn_progress_v2 and API call burn_drive_get_status_v2()
* New API call burn_disc_track_lba_nwa_v2()
* New API calls burn_disc_get_sectors_v2(), burn_session_get_sectors_v2(),
burn_track_get_sectors_v2()
* New API call burn_get_read_capacity_v2()
* New API call burn_drive_release_v2()
* New API call burn_write_opts_set_perform_opc_v2
* New cdrskin option --audio_not_raw
* New cdrskin options --perform_opc and --perform_opc_growisofs
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
- Fix: unmap when surface is immediately requested to close after opening
- Fix: time out after 1 second of waiting for configure
- Fix: edge cases around montiros changing while being mapped
- gtk-priv: rename ast.py -> c_ast.py to avoid name collision with std lib
- Compat: bump supported GTK to v3.24.52
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
* Update tests to reflect the %f/%F changes implemented in v3.12
* Disallow %f and %n format specifiers in --action and --info strings;
abort with an error message if those are encountered. Use %F and %N
instead. Rationale: %f and %n do not escape shell-specific syntax and
are thus a security risk when passing untrusted file names to feh. %F and
%N, which have been available since v2.3 (Feb 2012), do escape
shell-specific syntax. Migration path: Replace %f (or '%f') and %n (or
'%n') with %F and %N (without '') in --action and --info commands.
* Fix formatting in man page for groff 1.23.0+
* Do not skip URLs when '--sort mtime' or similar are used
* Define '_GNU_SOURCE' macro for mkstemps usage (if enabled)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes
======
- Added missing <cstdint> includes.
- Fixed suppression of empty variadic macro arguments warning on Clang <19.
- Fixed catch_discover_tests failing during PRE_TEST discovery if a target does
not have discoverable tests.
- Fixed build of the main library failing with CATCH_CONFIG_PREFIX_ALL defined.
- JUnit reporter outputs single failed (errored/skipped) assertion per test
case.
Improvements =============
- The default implementation of --list-tags and --list-listeners has a quiet
variant.
- Suppressed the new Clang warning about __COUNTER__ usage.
- Line-wrapping counts utf-8 codepoints instead of bytes.
- Combining character sequences are still miscounted, but Catch2 does not aim
to fully support Unicode.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
Changelog:
Updated NHI PCI IDs: added Maple Ridge, ADL, TGL-H, RPL, MTL, and AMD Strix Point USB4 Routers.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Changes[1]:
* Chase compatibility issues with Google protobuf 30.0-rc1 by @edmonds in https://github.com/protobuf-c/protobuf-c/pull/762
* protoc-gen-c: Explicitly construct strings where needed for protobuf 30.x by @edmonds in https://github.com/protobuf-c/protobuf-c/pull/768
Remove protobuf-30.patch, this patch already included in 1.5.2
[1] https://github.com/protobuf-c/protobuf-c/compare/v1.5.1...v1.5.2
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is a bug (see https://github.com/jqlang/jq/issues/434), which
results in an empty version being used if autoreconf is run on the jq
sources when using a release tar ball. The incorrect assumption is that
autoreconf is only used when fetching the code using Git.
The empty version results in an incorrect libjq.pc file being created
where the version is not set, which results in, e.g.,
`pkgconf --libs 'libjq > 1.6'` failing even if version 1.8.1 of jq is
actually installed.
Switch to fetching the code using Git to workaround the bug.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Here is the setting in bcc recipe:
COMPATIBLE_HOST = "(x86_64.*|aarch64.*|powerpc64.*|riscv64.*)-linux"
bcc only support 64 bit arch, so add it into NON_MULTILIB_RECIPES
to avoid expanding lib32- variant
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
| |
Patches have been refreshed to apply to the new version.
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
1.Changelog:
https://github.com/ethereum/c-kzg-4844/releases/tag/v2.1.7
2.Remove python-ckzg-0001-Let-override-CC.patch as it was merged upstream
3.Remove python-ckzg-0002-Disable-Werror.patch as it was dropped in the Fedora package
https://src.fedoraproject.org/rpms/python-ckzg/blob/rawhide/f/python-ckzg.spec
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
| |
It is a new feature in 1.15.0, enabled upstream by default.
It is part of Foundation library.
So this makes it possible to disable it.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
Add patch which was also submitted upstream to quill.
Poco should get it when they update quill component.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Those systemd services were added in 1.54 upstream
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2089
According the comments we can see they are meant for the inird
other than using for rootfs. They will conflict with the main
services and can lead to potentially confusing error messages.
So remove them for now to avoid the following issue.
>$systemd-analyze --man=false verify \
> /lib/systemd/system/NetworkManager-wait-online-initrd.service
Failed to put bus name to hashmap: File exists
NetworkManager-initrd.service: Two services allocated for the \
same bus name org.freedesktop.NetworkManager, refusing operation.
Test:
PASS: bitbake core-image-minimal
PASS: runqemu qemux86-64
PASS: systemd-analyze --man=false verify \
/lib/systemd/system/NetworkManager.service
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
gkt-doc build uses the deprecated gtkdoc-mktmpl tool, which was dropped by upstream
in version 1.26 of gtk-doc and fails if 'api-documentation' is in DISTRO_FEATURES.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
| |
Change SRC_URI to https://codeberg.org/sanlock/sanlock.git as sanlock source moved to it.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
Changelog:
https://tox.wiki/en/latest/changelog.html
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
Changelog:
https://setuptools-git-versioning.readthedocs.io/en/v3.0.1/changelog/3.0.x.html
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
Add do_install function to resolve following issue.
python3-legacy-cgi-2.6.4-r0 do_package_qa: QA Issue: /usr/lib/python3.14/site-packages/.pc/0001-cgi.py-fixup-interpreter-according-to-OE.patch/cgi.py contained in package python3-legacy-cgi requires /usr/local/bin/python, but no providers found in RDEPENDS:python3-legacy-cgi? [file-rdeps]
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
| |
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
1. Changelog
https://github.com/Ettercap/ettercap/releases/tag/v0.8.4.1
2. Remove following patches as they were merged upstream
CVE-2026-3606.patch
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
| |
Current code fails to parse meta-oe layer for machine with unsupported
architecture.
This is too restrictive as it requires downstream layers to play tricks
with masking the recipe. Usual way is to skip the recipe instead.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
Changelog:
https://www.django-rest-framework.org/community/release-notes/#deprecation-policy
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
Changelog:
https://github.com/pallets-eco/croniter/blob/main/CHANGELOG.rst
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
| |
1. Changelog
https://github.com/cucumber/tag-expressions/blob/main/CHANGELOG.md
2. LIC_FILES_CHKSUM changed as line of License info changed in PKG-INFO file.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
| |
See release notes at https://github.com/uutils/coreutils/releases/tag/0.8.0
Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 812f091414b34dbebe4a3990c9039cbaadc4dd71.
The runtime dependency on python3-setuptools is no longer needed
since the patch 0001-Drop-the-deprecated-pkg_resources.patch
replaced the pkg_resources usage with importlib.metadata, which
is part of the Python 3.8+ standard library. Keeping this RDEPENDS
pulls in an unnecessary dependency on the target system.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
| |
pkg_resources is deprecated as an API. The pkg_resources package
has been removed from setuptools, so the way of obtaining the
version needs to be replaced with importlib.metadata module.
Signed-off-by: Bai, Haiqing <Haiqing.Bai@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
it depends on thunar-> thunar-panel, which currently depends on libwnck3 which
only works on x11, thunar technically can replace it with libxfce4windowing
but its not done yet.
fixes
WARNING: Nothing PROVIDES 'thunar' (but /home/ubuntu/yoe/sources/meta-openembedded/meta-xfce/recipes-thunar-plugins/shares/thunar-shares-plugin_0.5.0.bb DEPENDS on or otherwise requires it)
thunar was skipped: using DISTRO 'yoe', which is missing required DISTRO_FEATURES: 'x11'
WARNING: Nothing RPROVIDES 'thunar-shares-plugin-dev' (but /home/ubuntu/yoe/sources/meta-openembedded/meta-xfce/recipes-thunar-plugins/shares/thunar-shares-plugin_0.5.0.bb RDEPENDS on or otherwise requires it)
No eligible RPROVIDERs exist for 'thunar-shares-plugin-dev'
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Cc: Changqing Li <changqing.li@windriver.com>
|
| |
|
|
|
|
|
|
| |
Service multipathd depends on kernel module dm_multipath,
so add it as RRECOMMENDS.
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
Runtime command line atmtcp depends on kernel module atmtcp,
so add it as RRECOMMENDS.
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-3945
Backport the patches which are references by the NVD avisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop patch that was merged upstream.
Shortlog: https://github.com/tinyproxy/tinyproxy/compare/1.11.2...1.11.3
Ptests passed successfully:
root@qemux86-64:~# ptest-runner
START: ptest-runner
2026-04-06T15:25
BEGIN: /usr/lib/tinyproxy/ptest
starting web server... done. listening on 127.0.0.3:32123
starting tinyproxy... done (listening on 127.0.0.2:12321)
waiting for 1 seconds. 1 done
checking direct connection to web server... ok
testing connection through tinyproxy... ok
requesting statspage via stathost url... ok
signaling tinyproxy to reload config...ok
checking direct connection to web server... ok
testing connection through tinyproxy... ok
requesting statspage via stathost url... ok
checking bogus request... ok, got expected error code 400
testing connection to filtered domain... ok, got expected error code 403
requesting connect method to denied port... ok, got expected error code 403
testing unavailable backend... ok, got expected error code 502
0 errors
killing tinyproxy... ok
killing webserver... ok
done
PASS: run_tests.sh
DURATION: 2
END: /usr/lib/tinyproxy/ptest
2026-04-06T15:25
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These CVEs are tracked without a version by NVD, but all of them
have been fixed in the current recipe version.
The relevant fixes (from the NVD reports):
CVE-2026-0819: https://github.com/wolfSSL/wolfssl/commit/2d3941056b6b961828947a2f159200df7f7d1cb2
CVE-2026-2646: https://github.com/wolfSSL/wolfssl/commit/7245ad02bb1a41235d923288fd640d40c1ecb2ea
and https://github.com/wolfSSL/wolfssl/commit/67abcc6f2d0cc45f918325c4ae6fe2b8d5bc8f72
CVE-2026-3503: https://github.com/wolfSSL/wolfssl/commit/cc2fdda54cd6387e554b444eb2844fa840bd9d5d
CVE-2026-3548: https://github.com/wolfSSL/wolfssl/commit/84ca4a05fac9c6c055a514f05880c448ecbbed56
and https://github.com/wolfSSL/wolfssl/commit/b3f08f33b845d2d6bb523f0f38d191ca25635e1c
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
The CVE is fixed in the current version already, however
NVD tracks it without version - suppress the report explicitly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All these CVEs have been fixed already, the relevant NVD
reports mention it explicitly that 3.13.4 is fixed, along
with referencing the commit that fixes the respective
vulnerabilities. However each of these are tracked without
version info by NVD -.-
Due to this, mark them explicitly as patched.
Relevant reports:
https://nvd.nist.gov/vuln/detail/CVE-2026-22815
https://nvd.nist.gov/vuln/detail/CVE-2026-34513
https://nvd.nist.gov/vuln/detail/CVE-2026-34514
https://nvd.nist.gov/vuln/detail/CVE-2026-34515
https://nvd.nist.gov/vuln/detail/CVE-2026-34516
https://nvd.nist.gov/vuln/detail/CVE-2026-34517
https://nvd.nist.gov/vuln/detail/CVE-2026-34518
https://nvd.nist.gov/vuln/detail/CVE-2026-34519
https://nvd.nist.gov/vuln/detail/CVE-2026-34520
https://nvd.nist.gov/vuln/detail/CVE-2026-34525
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
| |
Changelog:
Skipped the duplicate singleton header check in lax mode (the default for response
parsing). In strict mode (request parsing, or -X dev), all RFC 9110 singletons
are still enforced.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
All these CVEs are fixed in v22.22.2[1], except for CVE-2026-21712,
which does not affect v22 series, because it was introduced in a
later version[2]. All these CVEs are tracked without version info
by NVD at the time of creating this patch.
[1]: https://github.com/nodejs/node/blob/v22.x/doc/changelogs/CHANGELOG_V22.md
[2]: https://nodejs.org/en/blog/vulnerability/march-2026-security-releases
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Contains fixes for CVE-2026-25833, CVE-2026-25834, CVE-2026-25835,
CVE-2026-34872, CVE-2026-34873, CVE-2026-34874 and CVE-2026-34875.
Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.6
Ptests passed successfully:
root@qemux86-64:~# ptest-runner
START: ptest-runner
2026-04-06T14:04
BEGIN: /usr/lib/mbedtls/ptest
PASS: test_suite_aes.cbc
PASS: test_suite_aes.cfb
PASS: test_suite_aes.ctr
...
PASS: test_suite_version
PASS: test_suite_x509parse
PASS: test_suite_x509write
DURATION: 24
END: /usr/lib/mbedtls/ptest
2026-04-06T14:04
STOP: ptest-runner
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
It has been unmaintained/EOL for over a year - there is
a recipe for a newer, still supported version.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Contains fixes for CVE-2026-5318[1] and CVE-2026-5318[2] (both are tracked without
a version by NVD, so they are explicitly marked as patched)
License-update: copyright year bump
Changelog: https://github.com/LibRaw/LibRaw/blob/0.22-stable/Changelog.txt
[1]: https://github.com/LibRaw/LibRaw/commit/5357bb5fc67ac616838fb84de67260d45987489b
[2]: https://github.com/LibRaw/LibRaw/commit/2468614a9cbcab6b75ca279ab60cac62156f7aeb
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Contains fix for CVE-2026-34610 (which is however tracked without
a version by NVD, so it is marked as patched explicitly)
Changelog:
- Offer a means to select the AES-C constant time / S-Box
implementation via lc_init API
- use the AES-C constant time implementation by default - it is
about 3 times slower than the AES-C S-Box implementation, but
more secure. As the leancrypto library is about secure by default,
the CT implementation is just right. Furthermore, if a caller
wants to have the faster AES-C S-Box, he can call
lc_init(LC_INIT_AES_SBOX) at the beginning.
- X.509: fix security issue (CVE-2026-34610)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
| |
The fix[1] that is referenced by the NVD advisory is
already included in the current recipe version.
[1]: https://sourceforge.net/p/giflib/code/ci/f5b7267aed3665ef025c13823e454170d031c106/
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
The CVE is tracked by NVD without version info. It's description
confirms that it is fixed in version 1.6.17.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
