| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
Includes fix for CVE-2026-21863, CVE-2025-67733 and various bug fixes.
Also include tag in the SRC_URI.
https://github.com/valkey-io/valkey/releases/tag/8.1.5
https://github.com/valkey-io/valkey/releases/tag/8.1.6
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bugfix release, mostly with patches applied from other distros.
Also fixes the SRC_URI which became inaccessible over time.
Drop patches that are included in this release.
Shortlog:
https://gitlab.archlinux.org/grawlinson/libx86/-/compare/v1.1...v1.1.1
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 19fdc49db3a41b1380c387bf9b5dbbf631048a64)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-46686
Upstream disputes that it is a security violation, and says that
implementing a mitigation for this would negatively affect the rest
of the application, so they elected to ignore it.
See Github advisory about the same vulnerability:
https://github.com/redis/redis/security/advisories/GHSA-2r7g-8hpc-rpq9
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 868b4b2959c1f6be13693e31eae5b27a1fa697e6)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
| |
The old URL is gone - set a working mirror.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 47efd1f9b8c61d4516cc4f6937431e004c5de856)
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2013-2018
According to oss-security email[1], version 7.0.45 included
the fixes[2][3][4]
[1]: https://www.openwall.com/lists/oss-security/2013/04/29/11
[2]: https://github.com/BOINC/boinc/commit/6e205de096da83b12ffb2f0183b43e51261eb0c4
[3]: https://github.com/BOINC/boinc/commit/e8d6c33fe158129a5616e18eb84a7a9d44aca15f
[4]: https://github.com/BOINC/boinc/commit/ce3110489bc139b8218252ba1cb0862d69f72ae3
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2a78ad8813845677132ad0f1552fcaa4961c3e15)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The relevant CVEs are tracked with underscore in their name.
See CVE db query:
sqlite> select vendor, product, count(*) from PRODUCTs where product like '%boinc%' group by 1, 2;
berkeley|boinc_client|2
berkeley|boinc_forum|1
universityofcalifornia|boinc_client|165
universityofcalifornia|boinc_server|5
Set the CVE_PRODUCT accordingly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 31de060b48c57194ea2e6c6844d746eb59a0d056)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Build fails for qemuarm with musl with following error:
mozglue/misc/StackWalk.o: in function `unwind_callback(_Unwind_Context*, void*)':
| /usr/src/debug/mozjs-128/128.5.2/mozglue/misc/StackWalk.cpp:810:(.text._ZL15unwind_callbackP15_Unwind_ContextPv+0x4): undefined reference to `_Unwind_GetIP'
Referenced commit[1] for the fix, also refreshed patches.
[1] https://github.com/OSSystems/meta-browser/commit/bb8662912354dae13634c0ec35c3803c344b1e72
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 30942cebe8997dbadcd8bcd81ed0e55d42b48677)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change log
==========
Version 2.0.8, 2025-12-04
- fix potential segfault on some platforms
Thanks to Julian Thomas for a fix
- fix memory leak when a custom type in rules does not match
Thanks to Meric Sentunali for the fix and Julian Thomas for alerting
me of the missing merge.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c627784366f53c880719994e09f393265d894d35)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c9c4b5a88718822697ad41d86b8b89961fb23c10)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The minio umbrella covers multiple projects. The recipe itself builds
"minio client", which is a set of basic tools to query data from
"minio server" - like ls, mv, find...
The CVEs were files against minio server. Looking at the go mod list,
this recipe doesn't use minio server even as a build dependency - so ignore
the CVEs.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit df462075be855c60117af661dbce1836c652fc16)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Ankur Tyagi <ankur.tyagi85@gmail.com>
(cherry picked from commit 3a6b83c075e606c1bf2b46b9c51bbe22ff4c72c6)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
|
| |
|
|
|
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e4003aed557365f89368a102190f67a6414271bf)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
| |
This avoid overridding the original PACKAGE_BEFORE_PN value could be
set in bbclasses.
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 3.4.0:
- bd_nvme_connect() now defaults to port 4420 or 8009 for discovery
NQN respectively when
- configure.ac: fix bashism
- smart: Use drive self-assessment as an overall status
- nvme: Default to well-known tr_svcid values when not specified
- nvme: Handle memory allocation failures from _nvme_alloc()
- crypto: Add a function to set persistent flags for LUKS
- tests: Various minor mptovements
Drop CVE-2025-6019.patch because the change has been merged in
the upstream and it is included in version 3.4.0.
This work was sponsored by GOVCERT.LU.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Changelog:
https://raw.githubusercontent.com/tmux/tmux/3.5a/CHANGES
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update UPSTREAM_CHECK_REGEX to check the correct latest stable verison.
Before the patch:
$ devtool latest-version tmux
INFO: Current version: 3.5
INFO: Latest version: 3.5
After the patch:
INFO: Current version: 3.5
INFO: Latest version: 3.5a
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
0001-checkpc-Do-not-define-Mail_fd-multiple-times.patch
removed since it's included in 3.9.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Changelog:
https://github.com/flatpak/flatpak/releases/tag/1.17.0
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2015-3243
The issue is about file permissions: by default rsyslog creates world-readable
files. In case a log message contains some sensitive information, then that's
exposed to every user on the system.
However the rsyslog.conf file that is shipped with the recipe solves it: it
already sets non-world-readable default permissions on all files, so this
vulnerability is fixed in the default OE recipe.
See also this package in OpenSuse[1], where it is solved the same way.
[1]: https://build.opensuse.org/requests/619439/changes (rsyslog.conf.in)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Changelog:
https://github.com/redis/redis/releases/tag/6.2.21
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add UPSTREAM_CHECK_URI and UPSTREAM_CHECK_REGEX to check the correct
latest stable verison.
Before the patch:
$ devtool latest-version smartmontools
INFO: Current version: 7.5
INFO: Latest version:
After the patch:
$ devtool latest-version smartmontools
INFO: Current version: 7.5
INFO: Latest version: 7.5
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Replace '/usr/bin/env python' with '/usr/bin/env python3' in the scripts
under ${libexecdir}/minifi-python-examples.
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Fixes for CVE 46817[1], 46818[2], 47819[3] are included in the used version
[1] https://github.com/redis/redis/commit/fc282edb61b56e7fe1e6bacf9400252145852fdc
[2] https://github.com/redis/redis/commit/dccb672d838f05c940f040c27b74fde6fb47b2a7
[3] https://github.com/redis/redis/commit/2802b52b554cb9f0f249a24474c9fba94e933dbb
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
and refresh patches
Changelog:
https://github.com/redis/redis/releases/tag/7.2.12
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When xxhash was included indirectly, there is a QA issue
at do_package_qa
...
|ERROR: QA Issue: /usr/lib64/libyang.so.3.9.13 contained in package
libyang requires libxxhash.so.0()(64bit), but no providers found in
RDEPENDS:libyang? [file-rdeps]
...
Explicitly add xxhash to DEPENDS, then:
...log.do_configure...
-- Found XXHash: build/tmp/work/x86-64-v3-wrs-linux/libyang/3.13.5/recipe-sysroot/usr/include
-- Hash algorithm: xxhash
...log.do_configure...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The --with-smart option behind the feature "smart" relies on the drivedb.h
header, provided by smartmontools package (/usr/share/smartmontools/drivedb.h).
However the dependencies (DEPENDS) miss this package. Furthermore, if the
--with-drivedb option is not used, the configuration step will search for the
file first on the host's rootfs. This may result in the wrong header being picked,
or the --with-smart option being silently disabled due to incomplete dependencies
(causing missing header).
The header is now guaranteed to be present due to an added dependency in the
"smart" feature, and its location is specified by the --with-drivedb option.
Signed-off-by: Corentin Guillevic <corentin.guillevic@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 8.1.4:
Security fixes:
- (CVE-2025-49844) A Lua script may lead to remote code execution
- (CVE-2025-46817) A Lua script may lead to integer overflow and
potential RCE
- (CVE-2025-46818) A Lua script can be executed in the context of
another user
- (CVE-2025-46819) LUA out-of-bound read
Bug fixes:
- Fix accounting for dual channel RDB bytes in replication stats
- Fix EVAL to report unknown error when empty error table is
provided
- Fix use-after-free when active expiration triggers hashtable
to shrink
- Fix MEMORY USAGE to account for embedded keys
- Fix memory leak when shrinking a hashtable without entries
- Prevent potential assertion in active defrag handling large
allocations
- Prevent bad memory access when NOTOUCH client gets unblocked
- Converge divergent shard-id persisted in nodes.conf to primary's
shard id
- Fix client tracking memory overhead calculation
- Fix RDB load per slot memory pre-allocation when loading from RDB
snapshot
- Don't use AVX2 instructions if the CPU doesn't support it
- Fix bug where active defrag may be unable to defrag sparsely
filled pages
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
CVE-2022-3734 only affects Windows.
CVE-2022-0543 affects only packages that were packaged for Debian and
Debian-derivative distros.
Neither of these issues is present in upstream Redis.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
The fix has been backported by upstream, and it is included in the used
version: https://github.com/redis/redis/commit/d0eeee6e31f0fefb510007a8cfdf5dce729a8be9
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The fix has been backported to both redis versions by upstream, and
both versions contain it already.
For 6.2.20 [1] contains the backported fix.
For 7.2.11 [2] contains the backported fix.
[1]: https://github.com/redis/redis/commit/5e93f9cb9dbc3e7ac9bce36f2838156cbc5c9e62
[2]: https://github.com/redis/redis/commit/42fb340ce426364d64f5dccc9c2549e58f48ac6f
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Changelog:
(CVE-2025-49844) A Lua script may lead to remote code execution
(CVE-2025-46817) A Lua script may lead to integer overflow and potential RCE
(CVE-2025-46818) A Lua script can be executed in the context of another user
(CVE-2025-46819) LUA out-of-bound read
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
6.2.19:
(CVE-2025-32023) Fix out-of-bounds write in HyperLogLog commands
(CVE-2025-48367) Retry accepting other connections even if the accepted connection reports an error
6.2.20:
(CVE-2025-49844) A Lua script may lead to remote code execution
(CVE-2025-46817) A Lua script may lead to integer overflow and potential RCE
(CVE-2025-46818) A Lua script can be executed in the context of another user
(CVE-2025-46819) LUA out-of-bound read
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This upgrade includes fixes for the following vulnerabilities:
CVE-2025-31176
CVE-2025-31178
CVE-2025-31179
CVE-2025-31180
CVE-2025-31181
This release supports qt4, qt5 and qt6 (the last one is new in this release).
There are 2 qt PACKAGECONFIGs now: qt5 and qt6 - they are mutually exclusive.
Since it is being touched, also fix lua PACKAGECONFIG, which requires lua-native
at build time.
Changelog:
http://gnuplot.info/ReleaseNotes_6_0_3.html
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
The project started to outsource the source hosting to Google storage
and Github.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop 0001-update-cmake_minimum_required-to-3.5.patch, because it is
included in this release.
Add back 0001-CMakeLists.txt-fix-substitution-for-static-libs.patch
to SRC_URI, because it was removed accidentally during a previous
update.
Changelog:
- Support cmake FetchContent feature
- Support more hash commands
- Make variant parser more efficient
- Fix event loop crash: avoid closing handle opened by hiredis
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
- CI and release builds are now reproducible if same SOURCE_DATE_EPOCH,
build recipes and toolchains are used.
- smartctl '-j -A': New JSON value 'endurance_used' (ATA/SCSI/NVMe).
- smartctl '-j -A': New JSON value 'spare_available' (ATA/NVMe).
- smartctl '-j -i': Re-added the JSON value 'model_name' also for SCSI
devices (regression).
- smartctl '-j -c': NVMe support.
- smartctl '-j -n ...': New JSON values 'power_mode.*' (ATA only).
- smartctl '-H -A': Support for NVMe SMART/Health Information per
namespace.
- smartctl '-i': ATA ACS-6 updates.
- smartctl '-x': No longer includes '-g wcreorder'.
- smartctl '-x', '-l scterc': No longer returns exit status 4 if SCT ERC
is not supported by the device.
- smartctl '-l error': No longer prints bogus ATA error log entries if
the error index is nonzero but the error count is zero.
- smartctl '-l ssd': Fixed corruption of the output of the SCSI Format
Status log page.
- smartctl '-l ssd': Now detects 'no format since manufacture' from the
SCSI Format Status log page.
- smartctl '-l farm': Fixed the unit of 'Write Power On' time.
- smartctl '-l farm': Fixed the byte order of ATA 'Assembly Date'.
- smartctl '-l farm': Fixed a possible segfault.
- smartctl '-l farm -q noserial': Suppresses serial and WWN also from FARM.
- smartctl '-l farm -T permissive': Overrides false negative FARM support
check for rebranded drives.
- smartctl '-t TEST': Fixed self-tests of single namespace NVMe devices.
- smartd '-A': NVMe attribute log support.
- smartd: Ignores NSID in duplicate check of single namespace devices.
- smartd: No longer issues LOG_CRIT warnings for 'Set Feature' related
NVMe error information log entries.
- smartd: No longer hangs on systems with large file descriptor limits.
- smartd: No longer logs invalid "old test ... not run" messages if
staggered self-tests are used.
- smartd.conf '-l selftest[sts] -s ...': NVMe self-test support.
- smartd.conf '-H MASK': Ability to ignore specific bits of NVMe
SMART/Health value 'Critical Warning'.
- smartd.conf '-p': Checks NVMe SMART/Health value 'Available Spare'.
- smartd.conf '-u [-f]': Checks NVMe SMART/Health values 'Percentage Used'
and 'Media and Data Integrity Errors'.
- smartd.conf '-W ...': No longer includes individual sensors in NVMe
temperature check as some devices report other values there.
- ATA: Device type '-d jmb39x-q2,N' for another JMB39x protocol variant
used by QNAP-TR002 NAS devices.
- SCSI: Fixed range checks of mode page offset and VPD inquiry.
- SCSI: Fixed buffer overflow parsing of VPD page.
- SCSI: Fixed handling of multiple designators in VPD page.
- USB/NVMe: '-d sntjmicron' no longer triggers USB resets on queries of
the self-test log.
- USB/NVMe: '-d sntasmedia' now supports log pages > 512 bytes.
- USB/NVMe/SAT: New experimental NVMe/SAT autodetection options
'-d snt*/sat'.
- Fixed segfault on missing option argument on systems using musl libc.
- HDD, SSD and USB additions to drive database.
- automake < 1.13 are no longer supported.
- Custom make rules are now silenced if 'make V=0' is used.
- Enhanced makefile targets 'dist-*' to create reproducible source
tarballs if SOURCE_DATE_EPOCH is set.
- The makefile no longer uses GNU make specific syntax elements
(exception: reproducible builds for macOS).
- Dropped support for platforms without 'sigaction()'.
- configure: Now also detects MidnightBSD.
- configure: Dropped option '--with-signal-func'.
- configure: Default for '--with-nvme-devicescan' is now 'yes' also on
NetBSD.
- Version information is now also set if build from GH R/O mirror.
- Linux: 'smartd.service' now avoids a warning about an unset environment
variable.
- Linux: Dropped autodetection of deprecated device type '-d marvell'.
- macOS: Support for reproducible builds of the DMG image.
- OpenBSD: NVMe support.
- Windows: Increased WMI timeout.
- Windows: Support for reproducible builds of the installer.
- Windows: Uninstaller is no longer damaged if the installer is signed.
- Windows 'update-smartd-drivedb.ps1': Fixed call of 'gpg.exe' if it
appears more than once in the PATH.
- Windows 'update-smartd-drivedb.ps1 -Verbose': Now also prints the
download command.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop 0001-Fix-builds-with-recent-gettext.patch - it built fine for me without it.
Building requires full makeinfo, not only a lite version, so switched the texinfo
class to texinfo-replacement-native dependency.
Changelog:
- Fix buffer overflows and use after free bugs
- Recognize binary integer literals
- New and updated translations, thanks to our translators:
- Updated translations:
Catalan, Croatian, French, Galician, German, Greek, Hungarian,
Indonesian, Italian, Romanian, Serbian, Spanish, Turkish, Ukrainian
- New translation: Portuguese
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Backport a fix from upstream to resolve CVE-2024-0911
https://git.savannah.gnu.org/git/indent.git feb2b646e6c3a05018e132515c5eda98ca13d50d
(cherry picked from commit 26ef6a9c2da06b7de4116c483f9197fd4cf2a4cb)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GNU indent 2.2.13 has a heap-based buffer overflow in search_brace
in indent.c via a crafted file.
Reference:
https://savannah.gnu.org/bugs/index.php?64503
(cherry picked from commit 7da6cb848bc42b3e6bd5d2b37b52ba75510a6ca0)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Switched to cmake. Added a backported patch to be able to use
the latest version of cmake.
Also, add a new patch to avoid overwritingg all the CFLAGS set by Yocto,
which helps with avoiding the inclusion of TMPDIR in the generated files.
License-Update: License changed to Apache2:
https://github.com/HardySimpson/zlog/commit/1a7b1a6fb956b92a4079ccc91f30da21f34ca063
Changelog:
1.2.18:
- patched severe vulnerability CVE-2024-22857
- restructured build system
1.2.17:
- Change Lience to Apache 2.0, for more people
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Minifi-cpp will add a build identifier to the binary. If not specified,
a random build identifier will be generated for each build. This breaks
reproducibility. Set BUILD_IDENTIFIER to ${PV} to ensure the identifier
remains constant across builds.
Additionally, set BUILD_DATE to SOURCE_DATE_EPOCH to use reproducible
timestamp.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
