| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
The introduction of DISTRO_FEATURES_OPTED_OUT allows rewriting the
DISTRO_FEATURES by removing whatever is in DISTRO_FEATURES_OPTED_OUT
from DISTRO_FEATURES.
Thus, the logic of vala can be negated, and it can changed be to
see if gobject-introspection-data is available in DISTRO_FEATURES.
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In Linux, memcached relies on transparent huge pages, and even if
libhugetlbfs is enabled by the PACKAGECONFIG (and detected during
do_configure, of course), it is simply not used:
root@qemuriscv64:~# ldd $(which memcached)
linux-vdso.so.1 (0x0000003fa4358000)
libevent-2.1.so.7 => /lib/libevent-2.1.so.7 (0x0000003fa42b0000)
libc.so.6 => /lib/libc.so.6 (0x0000003fa4157000)
/usr/lib/ld-linux-riscv64-lp64d.so.1 (0x0000003fa435a000)
The main reason is the fact that the only call to a function coming from
libhugetlbfs is here:
https://github.com/memcached/memcached/blob/master/memcached.c#L4274
and getpagesizes() is only called if the #if block evaluates to true:
int ret = -1;
size_t sizes[32];
int avail = getpagesizes(sizes, 32);
(...)
/* check if transparent hugepages is compiled into the kernel */
/* RH based systems possibly uses a different path */
static const char *mm_thp_paths[] = {
"/sys/kernel/mm/transparent_hugepage/enabled",
"/sys/kernel/mm/redhat_transparent_hugepage/enabled",
NULL
};
(...)
This block relies on HAVE_MEMCNTL, which is a Solaris-specific feature.
Therefore, the dependency link between memcached and libhugetlbfs
doesn't exist in Linux.
Drop libhugetlbfs from memcached's recipe.
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
| |
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Apr 21st, 2026
New API fftw_copy_plan()
Support for SVE SIMD instructions.
Support for LoongArch LSX and LASX SIMD instructions.
Support for Apple ARM, RISCV, and LoongArch cycle counters.
Enabling the cycle counters needs a
kernel module to permit access from user space. We need to add
SVE (and other architectures) support to the recipe.
Signed-off-by: Philip Balister <philip@balister.org>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Test result:
root@qemux86-64:/usr/lib/tbb/ptest# ptest-runner tbb
START: ptest-runner
2026-04-23T01:21
BEGIN: /usr/lib/tbb/ptest
PASS: test_tick_count
PASS: test_allocators
PASS: test_arena_priorities
PASS: test_dynamic_link
PASS: test_collaborative_call_once
PASS: test_concurrent_lru_cache
PASS: test_concurrent_unordered_map
PASS: test_concurrent_unordered_set
PASS: test_concurrent_map
PASS: test_concurrent_set
PASS: test_concurrent_priority_queue
PASS: test_partitioner
PASS: test_parallel_for
PASS: test_parallel_for_each
PASS: test_parallel_reduce
PASS: test_parallel_sort
PASS: test_parallel_invoke
PASS: test_parallel_scan
PASS: test_parallel_pipeline
PASS: test_eh_algorithms
PASS: test_blocked_range
PASS: test_concurrent_vector
PASS: test_task_group
PASS: test_concurrent_hash_map
PASS: test_task_arena
PASS: test_parallel_phase
PASS: test_enumerable_thread_specific
PASS: test_concurrent_queue
PASS: test_resumable_tasks
PASS: test_mutex
PASS: test_function_node
PASS: test_multifunction_node
PASS: test_broadcast_node
PASS: test_buffer_node
PASS: test_composite_node
PASS: test_continue_node
PASS: test_eh_flow_graph
PASS: test_flow_graph
PASS: test_flow_graph_priorities
PASS: test_flow_graph_whitebox
PASS: test_indexer_node
PASS: test_join_node
PASS: test_join_node_key_matching
PASS: test_join_node_key_matching_n_args
PASS: test_join_node_msg_key_matching
PASS: test_join_node_msg_key_matching_n_args
PASS: test_join_node_preview
PASS: test_limiter_node
PASS: test_priority_queue_node
PASS: test_queue_node
PASS: test_sequencer_node
PASS: test_split_node
PASS: test_tagged_msg
PASS: test_overwrite_node
PASS: test_write_once_node
PASS: test_async_node
PASS: test_input_node
PASS: test_profiling
PASS: test_concurrent_queue_whitebox
PASS: test_intrusive_list
PASS: test_semaphore
PASS: test_environment_whitebox
PASS: test_hw_concurrency
PASS: test_eh_thread
PASS: test_tbb_version
PASS: test_global_control
PASS: test_task
PASS: test_concurrent_monitor
PASS: test_scheduler_mix
PASS: test_handle_perror
PASS: test_arena_constraints
PASS: test_tbbbind
PASS: test_tbb_fork
PASS: test_tbb_header
PASS: test_openmp
PASS: conformance_tick_count
PASS: conformance_allocators
PASS: conformance_mutex
PASS: conformance_task_group
PASS: conformance_task_group_context
PASS: conformance_task_arena
PASS: conformance_collaborative_call_once
PASS: conformance_concurrent_lru_cache
PASS: conformance_concurrent_unordered_map
PASS: conformance_concurrent_unordered_set
PASS: conformance_concurrent_map
PASS: conformance_concurrent_set
PASS: conformance_concurrent_priority_queue
PASS: conformance_parallel_for
PASS: conformance_parallel_for_each
PASS: conformance_parallel_reduce
PASS: conformance_parallel_scan
PASS: conformance_parallel_sort
PASS: conformance_parallel_pipeline
PASS: conformance_parallel_invoke
PASS: conformance_blocked_range
PASS: conformance_blocked_range2d
PASS: conformance_blocked_range3d
PASS: conformance_blocked_nd_range
PASS: conformance_concurrent_vector
PASS: conformance_global_control
PASS: conformance_concurrent_hash_map
PASS: conformance_enumerable_thread_specific
PASS: conformance_combinable
PASS: conformance_concurrent_queue
PASS: conformance_resumable_tasks
PASS: conformance_version
PASS: conformance_function_node
PASS: conformance_multifunction_node
PASS: conformance_input_node
PASS: conformance_continue_node
PASS: conformance_async_node
PASS: conformance_overwrite_node
PASS: conformance_write_once_node
PASS: conformance_buffer_node
PASS: conformance_queue_node
PASS: conformance_priority_queue_node
PASS: conformance_sequencer_node
PASS: conformance_limiter_node
PASS: conformance_broadcast_node
PASS: conformance_composite_node
PASS: conformance_indexer_node
PASS: conformance_split_node
PASS: conformance_join_node
PASS: conformance_graph
PASS: conformance_arena_constraints
PASS: test_scalable_allocator
PASS: test_malloc_pools
PASS: test_malloc_init_shutdown
PASS: test_malloc_regression
PASS: test_malloc_shutdown_hang
PASS: test_malloc_compliance
PASS: test_malloc_used_by_lib
PASS: test_malloc_lib_unload
PASS: test_malloc_pure_c
PASS: test_malloc_whitebox
PASS: test_malloc_atexit
PASS: test_malloc_overload
PASS: test_malloc_overload_disable
PASS: test_malloc_new_handler
DURATION: 153
END: /usr/lib/tbb/ptest
2026-04-23T01:23
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Note:
The test will fail/timeout if executed on qemu target without kvm enabled.
Signed-off-by: Zeming LIU <zeming.liu@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
| |
Backport fix[1] for MGMT crash on first start on ARM32 platforms[2].
[1] https://github.com/FRRouting/frr/pull/21651
[2] https://github.com/FRRouting/frr/issues/20087
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
ChangeLog:
https://github.com/FRRouting/frr/releases/tag/frr-10.6.0
https://github.com/FRRouting/frr/releases/tag/frr-10.6.1
Drop backport patches.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
| |
Enable debug build flag in jemalloc to avoid error as below:
inlining failed in call to 'always_inline' 'heap_ph_cmp':
function not considered for inlining
Signed-off-by: Xiaozhan Li <Xiaozhan.Li.CN@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
libpam and systemd require the settings below:
INIT_MANAGER = "systemd"
DISTRO_FEATURES:append = " pam systemd usrmerge"
So remove hardcoded libpam and systemd dependencies from DEPENDS.
Add conditional logic to include these dependencies only when
the corresponding DISTRO_FEATURES are enabled.
Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The commit adding update-alternatives support omitted
ALTERNATIVE_TARGET[ebtables], causing the bbclass to fall back to
constructing the target as ${sbindir}/ebtables.ebtables which does
not exist. The binary is installed as ebtables-legacy, so set
ALTERNATIVE_TARGET accordingly.
fixes QA warnings:
ebtables: alternative target does not exist, skipping
ebtables: NOT adding alternative provide /usr/sbin/ebtables
ebtables: alt_link == alt_target: /usr/sbin/ebtables == /usr/sbin/ebtables
Fixes: 584fec0f74ad ("ebtables: Use update alternatives for "ebtables"")
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- This patch incorporates all previously suggested changes
- Introduced a new API function: print_result()
- Added support for configuring a dynamic number of filters when
executing replay.lua
- Added script to interact with the STM32 CAN bootloader (stm32.lua)
- Add Unified Diagnostic Services (ISO 14229-1) script written in Lua
(uds.lua)
- Various updates and fixes required by the Debian package and to be able
to get certified by Microsoft
- Added manpages
Signed-off-by: Michael Fitzmayer <mail@michael-fitzmayer.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
Add a recipe for pyfuse3 - a python package providing high-level bindings
to libfuse3.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@oss.qualcomm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
| |
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
Variable DISTRO_FEATURES_BACKFILL_CONSIDERED has been renamed
to DISTRO_FEATURES_OPTED_OUT.
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
| |
The initial 3.8.2 tag pointing at 5cf0acb8 ("Update version for 3.8.2
release") was actually a pre-release and that tag has since moved.
Now that 3.8.2 has offically been released we can update the SRCREV.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix packing of missed installed file:
| ERROR: opensc-0.27.1-r0 do_package: QA Issue: opensc: Files/directories were installed but not shipped in any package:
| /usr/share/p11-kit
| /usr/share/p11-kit/modules
| /usr/share/p11-kit/modules/opensc.module
| Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
| opensc: 3 installed and not shipped files. [installed-vs-shipped]
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
Add a recipe for pyfuse3 - a python package providing high-level bindings
to libfuse3.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@oss.qualcomm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix CVE-2026-1539,CVE-2026-1761,CVE-2026-1801,CVE-2026-2443,
CVE-2026-2369,CVE-2026-1760,CVE-2025-14523,CVE-2025-32049,CVE-2026-1467
Refer:
CVE-2026-1801 https://gitlab.gnome.org/GNOME/libsoup/-/issues/481
CVE-2026-1761 https://gitlab.gnome.org/GNOME/libsoup/-/issues/493
CVE-2026-2443 https://gitlab.gnome.org/GNOME/libsoup/-/issues/487
CVE-2026-1539 https://gitlab.gnome.org/GNOME/libsoup/-/issues/489
CVE-2026-2369 https://gitlab.gnome.org/GNOME/libsoup/-/issues/498
CVE-2026-1760 https://gitlab.gnome.org/GNOME/libsoup/-/issues/475
CVE-2025-14523 https://gitlab.gnome.org/GNOME/libsoup/-/issues/472
CVE-2025-32049 https://gitlab.gnome.org/GNOME/libsoup/-/issues/390
CVE-2026-1467 https://gitlab.gnome.org/GNOME/libsoup/-/issues/488
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
| |
This is a bug fix release.
Changelog: https://www.webkitgtk.org/2026/03/12/webkitgtk2.50.6-released.html
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
* Add a PACKAGECONFIG for glog. If it is disabled, then miniglog, which
is provided by ceres-solver, will be used instead.
* Disable CUDA and gflags. They are not expected to be found, but this
makes it explicit.
* Disable building tests and examples as they are not used anyway.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
WirePlumber 0.5.14
~~~~~~~~~~~~~~~~~~
Additions & Enhancements:
- Added per-device default volume configuration via the
``device.routes.default-{source,sink}-volume`` property, allowing device-specific volume
defaults (e.g. a comfortable default for internal speakers or no attenuation for HDMI) (!772)
- Added Lua 5.5 support; the bundled Lua subproject wrap has also been updated to 5.5.0
(!775, !788)
- Enhanced libcamera monitor to load camera nodes locally within the WirePlumber
process instead of the PipeWire daemon, eliminating race conditions that could occur
during initial enumeration and hotplug events (!790)
- Enhanced Bluetooth loopback nodes to always be created when a device supports both
A2DP and HSP/HFP profiles, simplifying the logic and making the BT profile autoswitch
setting take effect immediately without requiring device reconnection (!782)
- Enhanced Bluetooth loopback nodes to use ``target.object`` property instead of smart
filters, fixing issues that prevented users from setting them as default nodes and
also allowing smart filters to be used with them (#898; !792)
- Enhanced Bluetooth profile autoswitch logic with further robustness improvements,
including better headset profile detection using profile name patterns and resolving
race conditions by running profile switching after ``device/apply-profile`` in a
dedicated event hook (#926, #923; !776, !777, !808)
- Enhanced wpctl ``set-default`` command to accept virtual nodes (e.g.
``Audio/Source/Virtual``) in addition to regular device nodes (#896; !787)
- Improved stream linking to make the full graph rescan optional when linkable items
change, saving CPU on low-end systems and reducing audio startup latency when
connecting multiple streams in quick succession (!800)
- Allowed installation of systemd service units without libsystemd being present,
useful for distributions like Alpine Linux that allow systemd service subpackages
(!793)
- Allowed the ``mincore`` syscall in the WirePlumber systemd sandbox, required for
Mesa/EGL (e.g. for the libcamera GPUISP pipeline)
- Allowed passing ``WIREPLUMBER_CONFIG_DIR`` via the ``wp-uninstalled`` script,
useful for passing additional configuration paths in an uninstalled environment (!801)
Fixes:
- Removed Bluetooth sink loopback node, which was causing issues with KDE and GNOME (!794)
- Fixed default audio source selection to never automatically use ``Audio/Sink`` nodes
as the default source unless explicitly selected by the user (#886; !781)
- Fixed crash in ``state-stream`` when the Format parameter has a Choice for the
number of channels (#903; !795)
- Fixed BAP Bluetooth device set channel properties, where ``audio.position`` was
incorrectly serialized as a pointer address instead of the channel array (!786)
- Fixed memory leaks in ``wp_interest_event_hook_get_matching_event_types`` and in
the Lua ``LocalModule()`` implementation (!784, !810)
- Fixed HFP HF stream media class being incorrectly assigned due to
``api.bluez5.internal=true`` being set on HFP HF streams (!809)
- Fixed Lua 5.4 compatibility in ``state-stream`` script
- Updated translations: Bulgarian, Georgian, Kazakh, Swedish
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- remove backport patch
PipeWire 1.6.3 (2026-04-09)
Highlights
- Fix some RAOP compatibility regressions.
- Fix segfault in the mixer in some cases.
- Most nodes now produce and consume MIDI1 again and avoid
conversions to and from UMP.
- Various small fixes and improvements.
PipeWire
- Fix regression with sample rate changes. (#5207)
- Fix a potential integer overflow in the memory mapping.
Modules
- Align RTP timestamps to make RAOP work on more devices. (#5167)
- Avoid crashes in RTP streams because of concurrent event
emmission.
- Avoid invalid fd usage in native-protocol with special crafted
messages.
- Fix properties and params enumeration in filter-chain (#5202).
SPA
- Fix compilation with -Werror=discarded-qualifiers
- Avoid OOB read in mix matrix. (#5176)
- Avoid loading plugins from absolute paths that are not in the
search path.
- Avoid MIDI conversions to and from UMP. (#5183)
Bluetooth
- Backport some fixes and avoid some crashes.
JACK
- Make sure timebase callback is never called with 0 frames.
- Increase the notify queue to avoid losing notifications.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some headers come from 'mm' (in the top source directory, i.e. the root of
Linux's sources), as in the exampels below:
Makefile:LOCAL_HDRS += $(selfdir)/mm/local_config.h $(top_srcdir)/mm/gup_test.h
cow.c:#include "../../../../mm/gup_test.h"
gup_longterm.c:#include "../../../../mm/gup_test.h"
gup_test.c:#include <mm/gup_test.h>
hmm-tests.c:#include <mm/gup_test.h>
uffd-unit-tests.c:#include "../../../../mm/gup_test.h"
Add this directory to KERNEL_SELFTEST_SRC if 'mm' PACKAGECONFIG is enabled.
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add numa (numactl), as required by rmap, migration, and others.
Add liburing, otherwise some tests would be disabled.
Moreover, liburing's availability is checked in a shell script executed
prior to the compilation of the individual test cases. This script,
however, does not read CFLAGS.
Backport a fix [1] from mainline to address this issue.
[1] https://github.com/torvalds/linux/commit/7f532d19c8be76ad2fcd7ab6b0c9eb618f70966b
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The support of libhugetlbfs was removed from mainline Linux a while ago,
since v6.1 [1].
Since libhugetlbfs was the main reason to remove 'mm' selftests for some
specific architectures, the respective operations should only remove bpf.
Update the recipe to remove libhugetlbfs as a dependency of mm, and thus
unblock this test category for some targets.
[1] https://github.com/torvalds/linux/commit/6f83d6c74ea5a5b267be85206822da280cae110a
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since v6.10 [1], this category of selftests was renamed
to 'mm'.
Update the recipe accordingly.
I left a mention to the previous name (i.e., 'vm') just in case.
[1]: https://github.com/torvalds/linux/commit/baa489fabd01596d5426d6e112b34ba5fb59ab82
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mark fixed CVEs explicitly patched,because NVD tracks them without version info.
Changelog:
Security fixes:
CVE-2026-32105
CVE-2026-32107
CVE-2026-32623
CVE-2026-32624
CVE-2026-33145
CVE-2026-33516
CVE-2026-33689
CVE-2026-35512
New features:
Support for xorgxrdp bug fixes
Bug fixes:
Honour pass_shell_as_env setting only if user sets a shell
We no longer try to create a NULL authentication file when using VNC over UDS
Problems with the Brazilian ABNT2 keyboard mapping have been corrected
A 'file exists' error when installing xrdp over an existing installation has been addressed
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2026-40354: https://github.com/flatpak/xdg-desktop-portal/releases/tag/1.20.4
Also mark the CVE explicitly patched, as it is tracked without version info
at this time.
The project now has a dependency on libglnx, which by default it tries to download
from the internet during configuring. To avoid that error, this dependency is added to the SRC_URI.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-5188
https://nvd.nist.gov/vuln/detail/CVE-2026-5392
https://nvd.nist.gov/vuln/detail/CVE-2026-5393
https://nvd.nist.gov/vuln/detail/CVE-2026-5447
https://nvd.nist.gov/vuln/detail/CVE-2026-5448
https://nvd.nist.gov/vuln/detail/CVE-2026-5460
https://nvd.nist.gov/vuln/detail/CVE-2026-5466
https://nvd.nist.gov/vuln/detail/CVE-2026-5479
https://nvd.nist.gov/vuln/detail/CVE-2026-5500
All of these CVEs are fixed in the current recipe version, however
NVD tracks them without version. Each NVD advisory references the
corresponding fix, and each of them are contained in 5.9.1.
Mark all of them as patched explicitly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Contains fix for CVE-2026-40192
License-update: Copyright holder's name is spelled out fully instead of using abbreviation.
Changelog: https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-33186
The vulnerability only affects the Go implememtation of the library,
not the Python one. Ignore this CVE due to this.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-6409
The vulnerability impacts only the PHP library component, not the
cpp/python one. Ignore this CVE due to this.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-6192
Backport the patch referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
| |
Contains fix for CVE-2026-40170 (which is tracked without version
by NVD, so also mark explicitly as patched).
Changelog: https://github.com/ngtcp2/ngtcp2/releases/tag/v1.22.1
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Minizip release v1.3.2 is missing required ints.h header that
causes build failure on components using it:
| ../../../../../recipe-sysroot/usr/include/minizip/ioapi.h:74:10: fatal error: ints.h: No such file or directory
| 74 | #include "ints.h"
| | ^~~~~~~~
Backport fix from https://github.com/madler/zlib/commit/cb14dc9ade3759352417a300e6c2ed73268f1d97
Signed-off-by: Samuli Piippo <samuli.piippo@qt.io>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These patches are about a number of CVEs files against the application:
CVE-2025-63649, CVE-2025-63650, CVE-2025-63651, CVE-2025-63652, CVE-2025-63653, CVE-2025-63655,
CVE-2025-63656, CVE-2025-63657 and CVE-2025-63658.
These patches are taken from a pull request[1] that is referenced in the relevant bug report[2].
The patches don't target specific CVEs on separately, but they fix a number of CVEs altogether.
Based on upstream analysis (in the linked issue) a number of these CVEs are duplicates of each
other and/or not exploitable. The valid CVEs are fixed by these patches.
I haven't added specific CVE info to the patches, one hand because of the above, it is hard to
separate the patches by CVE, and secondarily because NVD tracks these CVEs with incorrect version
info: NVD considers 1.8.6 fully fixed, even though the patches are only in the master branch,
untagged at this time. After updating the recipe to 1.8.6+, the vulnerabilites will disappear
from the CVE report due to this.
[1]: https://github.com/monkey/monkey/pull/434
[2]: https://github.com/monkey/monkey/issues/426
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
Shortlog:
https://github.com/monkey/monkey/compare/v1.8.4...v1.8.7
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- add patches to fix compilation
- add runtime dependency for python3-pycairo
Overview of Changes from GIMP 3.2.2 to GIMP 3.2.4
=================================================
Core:
- The "edit-fill-*" actions will now behave accordingly on specific
cases. E.g. it will skip layers which can't be filled (content-lock
layers and link layers) and it will fill the expected way
non-rasterized text and vector layers.
- Images opened through command lines are not considered stray images
anymore on exit when run without a GUI (scripts, etc.).
- We improved the support of the process temporary folder, so that we
can avoid clashes when several users run GIMP on a same computer.
Furthermore the temporary folder is now deleted at startup (unless
it is not empty, which it should be).
- XCF opened as layers will now always create new layers named as in
the source XCF, even if the source XCF had only a single layer.
- The "layers-resize" now only works on raster layers.
- The "Layers to Image Size" and "Resize Layer to Selection" actions
will only work on raster layers too.
Tool
- Text tool:
* When editing text, prioritize our global actions when a
shortcut matches, before sending the hit keys to the IME (Input
Method Engine). Otherwise some IME may consume our keys and block
custom shortcuts (e.g. Alt+key events are often used to trigger
special characters on macOS or Windows and may block core
actions).
* Prevent font size jumping to 0 when using shortcuts on selected
text.
- Selection tools: when moving a floating layer or selection,
temporarily disable the marching ants outline. Among other reasons,
it improves performance.
- Select by Color tool: optimized processing when working in Intersect
mode.
- Crop tool: non-raster layers are not rasterized anymore.
- Text tool: on-canvas GUI is now properly positioned when rotating
the canvas.
Plug-Ins:
- Improve import of: APNG, PAA, PNG, DDS, PSP, PNM, PSD, JIF, PVR
texture, TIM, XWD, SFW, ORA.
- Improved PDF export.
- file-compressor: improved error messaging.
- New Windows WIA scanner plug-in, replacing the now deprecated TWAIN
scanner plug-in (which is not shipped in our Windows packages
anymore as it depends on dropped 32-bit Windows platform).
- Script-Fu: several deprecated functions now cleaned out from
scripts.
- Filmstrip: the created image will now have the dirty flag set.
API:
- libgimp/PDB:
* libgimp/PDB functions gimp_context_set_line_width_unit() and
gimp_vector_layer_set_stroke_width_unit() now accept pixel as input unit.
* Improved error handling in gimp_temp_file().
* New function: gimp_resources_loaded()
- libgimp:
* A function gimp_env_exit() was added, but same as gimp_env_init(),
it is not declared in public headers and should never be used by
plug-ins. It is considered private.
* gimp_quit() function is deprecated.
- PDB:
* (gimp-quit) procedure (without libgimp wrapper) is deprecated.
Translations:
- New Lao translation.
Build:
- Many build warnings are being cleaned out.
- New jobs are being set up with -Werror progressively as we weed out
existing build warnings.
- The issue bot will now run and create reports when specific jobs
fail.
- New rules to generate Markdown versions of our man pages for the
website.
Overview of Changes from GIMP 3.2.0 to GIMP 3.2.2
=================================================
Core:
- We removed support for a separate folder for loading 32-bit binaries
on 64-bit Windows. This was being used for core plug-ins for the
TWAIN plug-in only.
- Various fixes related to the new non-destructive layer types, or to
non-destructive layer effects.
- More robust handling of Procreate and SwatchBooker palettes.
- Fix scaling paths when importing SVG as paths.
- We now support reading the documentation being installed in the user
config directory in the `help/` subdirectory.
- Histogram dialog: the unique color count feature now takes into
account any selection.
Graphical User Interface:
- Theme fixes.
- Various text fixed for better localization.
- Display the "Tab" shortcut for the "Hide Docks" action, even though
it is not a real global shortcut (it only works on the canvas).
- Metadata Rotation import dialog: you can now click the preview for
Original and Rotated images in the Metadata Rotation Import Dialog,
and have it open the image rotated as shown in the preview.
Plug-Ins:
- Tile: carry over the source image's profile to the newly created
image.
- Improve support of: FITS, TIM, PAA, ICNS, PVR, SFW, JIF, PSP, PSD
Translations:
- Serbian Cyrillic now has upstream support in InnoSetup (in their
"Unofficial" list still, which means it is less verified). Our
installer now has Serbian Cyrillic localization too.
Build:
- NM environment variable is now used in priority for the `nm` tool
used for the build. This check is stored from configure-time
environment.
- Windows x86 32-bit pipeline has now been decommissioned from our CI.
This implies that 32-bit builds won't be available anymore in our
Windows installer, just as was already the case on the Windows Store.
- Meson build:
* New boolean option -Dtwain-unmaintained: this puts our TWAIN
plug-in behind a disabled-by-default flag, because this plug-in
only made sense in 32-bit. The next step will be to replace it by
a WIA plug-in.
* Option -Dwin32-32bits-dll-folder removed.
- GIMP can now be built fully without patches on macOS. The in-house
macOS build is slowly moving to become our main CI for this OS and
for making the release DMGs.
- Snap: enable MIDI (Alsa) support.
- AppImage: enable "Send by email".
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
SRC_URI[md5sum] has been deprecated and replace it with
SRC_URI[sha256sum] for proper integrity verification.
Signed-off-by: Haiqing Bai <haiqing.bai@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-20911
https://nvd.nist.gov/vuln/detail/CVE-2026-21413
Both CVEs are tracked with incorrect version info: NVD indicates that
0.22.1 is explicitly vulnerable, but the fixes are actually included
in this release.
Relevant commits:
CVE-2026-20911: https://github.com/LibRaw/LibRaw/commit/5357bb5fc67ac616838fb84de67260d45987489b
CVE-2026-21413: https://github.com/LibRaw/LibRaw/commit/75ed2c12a35b765b3b6ad695cc1f044f19efe644
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-40341
Backport the patch referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-40340
Backport the patch referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-40339
Backport the patch referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-40338
Backport the patch referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-40336
Backport the patch referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-40335
Backport the patch that is referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-40334
Backport the patch that is referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-40333
Backport the patch referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Drop patches that were merged in this release.
Changelog:
- --get-exif , --get-all-exif added
- --reverse modifier option added for fileoperations commands
- kill -USR2 can now stop --capture-movie
- updated translations
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
|
