- This patch incorporates all previously suggested changes
- Introduced a new API function: print_result()
- Added support for configuring a dynamic number of filters when
executing replay.lua
- Added script to interact with the STM32 CAN bootloader (stm32.lua)
- Add Unified Diagnostic Services (ISO 14229-1) script written in Lua
(uds.lua)
- Various updates and fixes required by the Debian package and to be able
to get certified by Microsoft
- Added manpages
Signed-off-by: Michael Fitzmayer <mail@michael-fitzmayer.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
It has fixes for C23 and Clang-22 added also fixes/workarounds for
libstdc++-14 combinations with different versions of gcc and clang.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Running "dlt-example-user 'test'",
Check "dlt-control -j localhost", will not get application description:
APID:LOG-
Expected:
APID:LOG- Test Application for Logging
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Set ac_cv_prog_cc_c23=no to prevent autoconf from detecting C23
compiler support, avoiding potential build failures as the package
is not yet fully ported to support C23 standard.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Contains fixes for CVE-2026-34078 and CVE-2026-34079
Add explicit CVE_STATUS tags for these CVEs, because they are tracked
without version info by NVD at this time.
Changelog:
17.6:
Bug fixes:
- Fix the remaining regression for Chromium based browsers by not leaking file
descriptors down to wrapped command
- Fix a regression when installing extra-data without a runtime, which is the
case for openh264
- Fix the remaining regression for Epiphany by ignoring unusable sandbox-expose
paths for sub-sandboxes in the portal
- Fix the installed tests by allowing to add a new ref to an existing temporary
ostree repo
- Avoid closing fds 0/1/2 when they are used as a bad argument to flatpak-run,
and reduce duplication in handling file descriptor arguments
Enhancements:
- Disable auto-pin in flatpak-repair to preserve the pin state across
re-installs
- Small improvements for the tests
17.5:
Bug fixes:
- Fix regressions caused by the sandbox escape security fix, which impact some
browsers, browser-based apps and Steam (#6577, #6569, #6576, #6574)
Enhancements:
- Expand test coverage of flatpak-run features used by flatpak-portal (#6573)
17.4:
Security fixes:
- Fix a complete sandbox escape which leads to host file access and code
execution in the host context (CVE-2026-34078)
- Prevent arbitrary file deletion on the host filesystem (CVE-2026-34079)
- Prevent arbitrary read-access to files in the system-helper context
(GHSA-2fxp-43j9-pwvc)
- Prevent orphaning cross-user pull operations (GHSA-89xm-3m96-w3jg)
Enhancements:
- Enable ntsync unconditionally
- Automatic branch following for extensions to ensure that "no-autodownload"
extensions stay functional after an update that requires a new branch
- Translation updates: eo, kk, sr, zh_CN
Bug fixes:
- Prevent CPR sequence from showing up in the terminal
- Fix a crash for apps/runtimes with multiarch permission
- Fixes for Coverity warnings
- Add test-preinstall.sh to the test matrix source
- Fix a test message to refer to "systemd-localed" instead of "located"
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The not aligned value of CONFIGURATION_FILES_DIR makes the configuration
file install path is different with the default configuration file path
from where the application to read, then make the service dlt/dlt-system
not works well.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
- Switched to a new versioning scheme: 1.0.13 -> 2.00
- Reworked CAN interface handling by migrating to the CANvenient abstraction layer
- Improved/updated auto-completion using isocline
- Various bug fixes
Signed-off-by: Michael Fitzmayer <mail@michael-fitzmayer.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* libsoup-2.4 is deprecated, and some recipes already stop support of
soup2, soup2 and soup3 cannot be used together
* ostree upstream already stop test of soup2, refer [1]
* Remove unnecessary comments, PACKAGECONFIG for ptest already set in bb
[1] https://github.com/ostreedev/ostree/pull/3531
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Enhancements:
* Improve check for --filesystem paths pointing to a parent folder (#6473)
* Fail if non-interactive and multiple refs, remotes or installations match
(#5754)
* Default to text auth on WSL (#6491)
* Add build instructions for Ubuntu 24.04 (#6498)
* Show a better message when there are no refs to update (#6521)
* Silence AppStream refresh output on non-interactive runs (#6521)
* Translation updates: pt_BR (#6483), sl (#6468, #6475), sv (#6514), tr (#6528),
zh_CN (#6469, #6477)
Bug fixes:
* Map the font-dirs.xml file more selectively (#6450)
* Change const pointers. This fixes build issues with glibc 2.43. (#6490)
* Add custom type flatpak_home_t for ~/.local/share/flatpak for SELinux (#6437)
* Fix build warnings when compiling with -Wanalyzer-null-argument and with
-Wanalyzer-null-dereference (#6527)
* Use raw string for regular expression in the flatpak-bisect script (#6519)
Internal changes:
* Set the `FLATPAK_TRIGGERSDIR` environment variable when running
installed tests. This fixes a regression with autopkg tests in
Debian. (#6444)
* Add translator comments for some translatable strings (#6462)
* Fix typos in translatable strings (#6463)
* Fix lots of typos in code comments (#6482)
* Remove an unused function (#6529)
* Update two strings (#6464)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Fix do_install failure:
sed: can't read ../dlt-daemon/3.0.0/image/usr/lib/pkgconfig/automotive-dlt.pc: No such file or directory
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
sd is a fast, intuitive, and user-friendly alternative to sed, written in Rust.
Add recipe for the latest release (1.1.0).
- Uses a simple and readable search-and-replace syntax, reducing the complexity
of sed commands.
- Fully supports regular expressions, Unicode, and preserves line endings.
- Faster, safer, and easier to use than traditional sed for common text
manipulation tasks.
More information: https://github.com/chmln/sd
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Just remapping TMPDIR to TARGET_DBGSRC_DIR results in the files that
end up in the -src package containing lines such as
#line 196 "/usr/src/debug/fluentbit/4.0.1//work/cortexa76-oe-linux/fluentbit/4.0.1/sources/fluentbit-4.0.1/lib/cmetrics/src/cmt_decode_prometheus.l"
#line 1561 "/usr/src/debug/fluentbit/4.0.1//work/cortexa76-oe-linux/fluentbit/4.0.1/build/lib/cmetrics/cmt_decode_prometheus_parser.c"
By instead remapping both B and S, we strip more of the irrelevant
part of WORKDIR, and one ends up with line directives in the -src
package that actually match the source files' location in that
package:
#line 196 "/usr/src/debug/fluentbit/4.0.1/lib/cmetrics/src/cmt_decode_prometheus.l"
#line 1561 "/usr/src/debug/fluentbit/4.0.1/lib/cmetrics/cmt_decode_prometheus_parser.c"
$ find packages-split/fluentbit-src/ -name cmt_decode_prometheus*.[cl] | sort
packages-split/fluentbit-src/usr/src/debug/fluentbit/4.0.1/lib/cmetrics/cmt_decode_prometheus_lexer.c
packages-split/fluentbit-src/usr/src/debug/fluentbit/4.0.1/lib/cmetrics/cmt_decode_prometheus_parser.c
packages-split/fluentbit-src/usr/src/debug/fluentbit/4.0.1/lib/cmetrics/src/cmt_decode_prometheus.c
packages-split/fluentbit-src/usr/src/debug/fluentbit/4.0.1/lib/cmetrics/src/cmt_decode_prometheus.l
packages-split/fluentbit-src/usr/src/debug/fluentbit/4.0.1/lib/cmetrics/src/cmt_decode_prometheus_remote_write.c
and that also matches the remapping that the compiler is instructed to
do via the -ffile-prefix-map mechanism.
Signed-off-by: Rasmus Villemoes <ravi@prevas.dk>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Upgrade sysdig to solve build failure after upgrading valijson to 1.1.0.
1.Changelog
https://github.com/draios/sysdig/releases/tag/0.39.0
2.Update 0001-cmake-Pass-PROBE_NAME-via-CFLAGS.patch for 0.39.0
3.Remove following patches as merged upstream
0001-Add-cstdint-for-uintXX_t-types.patch
0001-libsinsp-fix-build-with-gcc-15.patch
4.Add 0001-Avoid-duplicate-operations-of-add_library.patch to fix do_configure errors
-- Existing strlcat found, will *not* use local definition
CMake Error at falcosecurity-libs/userspace/libscap/CMakeLists.txt:64 (add_library):
add_library cannot create target "scap_error" because another target with
the same name already exists. The existing target is a static library
5.Add CMAKE option -DBUILD_SYSDIG_MODERN_BPF=OFF to fix bpf header file not found issue
sysdig/0.39.0/recipe-sysroot/usr/include/bits/syscall.h:23:10: fatal error: 'bits/syscall-32.h' file not found
| 23 | #include <bits/syscall-32.h>
6.Add do_configure:prepend() function and CFLAGS/CXXFLAGS to fix header file not found issue
sysdig/0.39.0/sources/sysdig-0.39.0/falcosecurity-libs/userspace/libscap/engine/kmod/scap_kmod.c:30:10: fatal error: driver_config.h: No such file or directory
| 30 | #include <driver_config.h>
7.Add do_compile:append() function to fix do_package QA Issue
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Redis 8.0 and later are tri-licensed, the licence options are:
* Redis Source Available License v2
* Server Side Public License v1.0
* GNU Affero GPL v3.0
Signed-off-by: Daniel McGregor <daniel.mcgregor@vecima.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
In this new version, we need to 'rewrite-time' first as
it's a build host tool that is used during the actual build.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Remove patch, the change is already in code.
Changelog:
https://github.com/PJK/libcbor/releases/tag/v0.13.0
Changed:
- Fix small typo in release script
- Fix failing 32 bit tests due to cmocka macro repeating stack pushes
- Set cmake_minimum_required to 3.5
- Fix float_ctrl ctrl assertions failing in debug mode
- Check in vscode setup
- Add CBOR sequences example
- Add riscv64 config to CircleCI
- Add a test for malformed definite maps
- Add [[nodiscard]] support and auto-update to C23 in cmake
- Configure ctest on to export the test results to CircleCI
- Revamp the introduction doc into a more useful crash course
- Add OSX asan/lsan supression config
- Add cbor_copy_definite
- Improve handling and coverage reporting of exhaustive enum switches
- Add references to readme
- Update python deps and related docs
- Link tutorial in readme (and fix embedded RST formatting)
- Add a doc note on lto linking
- Add a doc for the reference count in cbor_array_set().
- Add gh link to docs
- Add #355 to changelog
- Bump version to 0.13.0
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
1. Changelog:
https://github.com/rikyoz/bit7z/releases/tag/v4.0.11
2. Drop following patches as they were merged upstream.
0001-Fix-reinterpret-cast-compiler-errors.patch
0001-Fix-int8_t-storage-in-BitPropVariant-on-Arm-architec.patch
0001-Allow-running-tests-on-target-when-cross-compiling.patch
0001-Allow-specifying-path-to-7z-library-in-tests.patch
0001-Fix-tests-with-musl.patch
3. Adjust Ptest SRCREV to adopt to latest bit7z
SRCREV_filesystem refer to bit7z-4.0.11/cmake/Dependencies.cmake
SRCREV_catch2 refer to bit7z-4.0.11/tests/CMakeLists.txt
SRCHASH_CPM and TAG_CPM refer to bit7z-4.0.11/cmake/Dependencies.cmake
4.cmake/Dependencies.cmake has redefined to check and download CPM_${CPM_DOWNLOAD_VERSION}.cmake file to
CPM_SOURCE_CACHE, so it will show error in do_configure as ./build/cpm_cache/cpm/CPM_0.42.0.cmake is empty
| -- Downloading CPM.cmake to ...bit7z/4.0.11/build/cpm_cache/cpm/CPM_0.42.0.cmake
| CMake Error at cmake/Dependencies.cmake:15 (file):
| file DOWNLOAD cannot compute hash on failed download
|
| from url: "https://github.com/cpm-cmake/CPM.cmake/releases/download/v0.42.0/CPM.cmake"
| status: [6;"Could not resolve hostname"]
So change ${B}/cmake to ${B}/cpm_cache/cpm/ to fix this issue.
./build/cpm_cache/cpm/CPM_0.42.0.cmake
5. Add 0001-cmake-disable-filesystem-gitclone.patch to fix filesystem git clone error
Fix error log as following:
| fatal: unable to access 'https://github.com/rikyoz/filesystem.git/': Could not resolve host: github.com
| Had to git clone more than once: 3 times.
| CMake Error at bit7z/4.0.11/build/_deps/ghc_filesystem-subbuild/ghc_filesystem-populate-prefix/tmp/ghc_filesystem-populate-gitclone.cmake:50 (message):
| Failed to clone repository: 'https://github.com/rikyoz/filesystem.git'
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Add 'tag' to SRC_URI
Changelog:
https://github.com/stephane/libmodbus/releases/tag/v3.1.12
Changes:
- Fix FD_SET overflow when socket fd >= FD_SETSIZE.
- Check dest pointer not null and nb in read functions.
- NULL check for src and nb < 1 validation in write functions.
- modbus_reply: don't compute address for FC 0x07/0x11.
- Use O_NONBLOCK instead of deprecated O_NDELAY
- Explicit cast for Coverity CID 416366.
- Document required buffer size of modbus_receive.
- Document macros for error codes corresponding to Modbus exceptions
- Fix example of modbus_rtu_set_serial_mode
- Test filesystem provides symlink in autogen.sh
- Sync API signatures with the documentation.
- Many documentation fixes and typo corrections.
- Add coverage target and helper script.
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Removed patch included in this release
Changelog: https://github.com/akheron/jansson/releases/tag/v2.15.0
Features:
- Add support for realloc by adding json_set_alloc_funcs2, json_get_alloc_funcs2
Fixes:
- Optimize serializatio
- Fix docstrings in hashtable.h
Build:
- Use target-based cmake settings
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The tag is not on any branch.
Changelog:
https://github.com/fluent/fluent-bit/releases?q=4.2.3.1
Changes:
- release: update to 4.2.3
- copyright: update year to 2026
- filter_kubernetes: fix parser annotation leak
- github: scripts: commit_linter: Handle bin prefix for fluent-bit.c
- bin: Handle CONT signal properly under leaks command
- filter_wasm: Handle group metadata
- cmake: kafka: fix OAuth Bearer detection on Windows
- maintenance: update branch and security EOL info
- github: scripts: commit_prefix_check: add config format rules on linter
- readme: update active branch 4.2
- out_opentelemetry: on HTTP/2, read and process gRPC status code
- config_format: cf_yaml: Align the behavior of dirname against POSIX [Backport to 4.2]
- filter_log_to_metrics: fix initialization and exception cleanup
- out_stackdriver: clean up oauth2 cache lifecycle
- filter_kubernetes: Adjust cleanup ordering to avoid use-after-free [4.2 backport]
- in_winevtlog: Add text format for event rendering [Backport to 4.2]
- in_tail: Add skipped_lines counter [Backport to 4.2]
- in_splunk: Implement handling remote addr feature [Backport to 4.2]
- aws: switch AWS Endpoints for European Souvereign Cloud [4.2 backport]
- plugin_proxy: enable event_type specification for proxy plugins (4.2 Backport)
- in_splunk: Plug memory issues [Backport to 4.2]
- dockerfiles: install minimum components and avoiding to use includeRecommended
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
These CVEs were ignored because they were tracked by NVD using
incorrect version information. Since then this information seems
to be reflected correctly, it is not needed to ignore them explicitly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
License-Update:
- Upstream has removed incorrect gplv3 text from the license (because agplv3
is the correct), which changed the checksum
- The recipe had incorrect license indication. Redis 8 is not BSD licensed,
but depending on the user's choice, it's agplv3 or sspl (or custom redis
license, which is not added to the list)
Changelogs:
8.0.6:
- Security fix: A user can manipulate data read by a connection by
injecting \r\n sequences into a Redis error reply
8.0.5:
Bugfixes:
- HGETEX - potential crash when FIELDS is used and numfields is missing
- Potential crash on HyperLogLog with 2GB+ entries
- Cuckoo filter - Division by zero in Cuckoo filter insertion
- Cuckoo filter - Counter overflow
- Bloom filter - Arbitrary memory read/write with invalid filter
- Bloom filter - Out-of-bounds access with empty chain
- Bloom filter - Restore invalid filter [We thank AWS security for
responsibly disclosing the security bug]
- Top-k - Out-of-bounds access
8.0.4:
Security fixes
- (CVE-2025-49844) A Lua script may lead to remote code execution
- (CVE-2025-46817) A Lua script may lead to integer overflow and potential RCE
- (CVE-2025-46818) A Lua script can be executed in the context of another user
- (CVE-2025-46819) LUA out-of-bound read
New Features
- VSIM: new EPSILON argument to specify maximum distance
Bug fixes
- Potential use-after-free after pubsub and Lua defrag
- Potential crash on Lua script defrag
- HINCRBYFLOAT removes field expiration on replica
- Prevent CLIENT UNBLOCK from unblocking CLIENT PAUSE
- Endless client blocking for blocking commands
- Vector sets - RDB format is not compatible with big endian machines
- EVAL crash when error table is empty
- Gracefully handle short read errors for hashes with TTL during full sync
8.0.3:
Security fixes
- (CVE-2025-32023) Fix out-of-bounds write in HyperLogLog commands
- (CVE-2025-48367) Retry accepting other connections even if the accepted connection reports an error
New Features
- VSIM: Add new WITHATTRIBS to return the JSON attribute associated with an element
Bug fixes
- A short read may lead to an exit() on a replica
- db->expires is not defragmented
8.0.2:
Security fixes
- (CVE-2025-27151) redis-check-aof may lead to stack overflow and potential RCE
Bug fixes
- Cron-based timers run twice as fast when active defrag is enabled
Other general improvements
- LOLWUT for Redis 8
8.0.1:
Performance and resource utilization improvements
- Vector sets - faster VSIM FILTER parsing
Bug fixes
- Query Engine - revert default policy search-on-timeout to RETURN
- Query Engine - @__key on FT.AGGREGATE used as reserved field name preventing access to Redis keyspace
- Query Engine - crash when calling FT.CURSOR DEL while retrieving from the CURSOR
Notes
- Fixed wrong text in the license files
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This version has been EOL since the end of February. There is a recipe
available for v8, which is still supported.
Drop this version.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Nushell is a modern, cross-platform shell and programming language.
It is designed to work with structured data rather than plain text, and takes
inspiration from traditional shells like bash, object-based shells like
PowerShell, gradually typed languages such as TypeScript, functional
programming, and systems programming.
Add recipe for the latest release
- Written in Rust
- Combines a full-featured shell with a rich, structured programming language
- Operates on structured data instead of plain text
- Provides clear error messages and strong IDE support
- Designed for modern, cross-platform workflows
More information: https://crates.io/crates/nu
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The riscv64 is now in COMPATIBLE_HOST of valgrind.
The armv4/armv5/armv6 are not in COMPATIBLE_HOST of valgrind.
Update the settings accordingly.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Michael Fitzmayer
Khem Raj
Changqing Li
Wang Mingyu
Gyorgy Sarvari
Pascal Bach
Liu Yiding
Hongxu Jia
Markus Volk
Deepesh Varatharajan
Rasmus Villemoes
Daniel McGregor
Chen Qi
Andrej Kozemcak