zlib compression was introduced in version 9.3.3. However, when
cross-compiling kmscon for an architecture other than x86_64, the
genunifont executable tries to use the build-systems zlib instead
of the hosts zlib.
This leads to the following error during compiling:
libz.so: error adding symbols: file in wrong format
Fix this by adding a new native zlib dependency specifically for the
genunifont executable.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
(cherry picked from commit 72154f38fc)
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
PipeWire 1.6.5 (2026-05-13)
This is a bugfix release that is API and ABI compatible with the previous
1.6.x releases.
Highlights
- Fix muted output in some cases.
- Removed the pipe filter in filter-graph.
- More fixes and improvements.
PipeWire
- Fix an issue in pw-filter where it could end up in a loop where buffers
are stuck on a port and the port becomes silent. (#5249)
Modules
- Improve ROC receiver start/stop, fixes memory leaks. (#5250)
- Remove the pipe filter from filter-graph, it's broken by design and a
security nightmare.
- Fix the midi buffer size in jack-tunnel.
SPA
- Rate limit out-of-buffers errors. (#5249)
- Partially revert the line-out mute patch, it seems to break things and leave
audio muted when plugging-unplugging jacks. (#5246)
- Improve renegotiation in audioconvert when the graph rate changes and the
resampler was disabled. (#4933).
- Fix potential crash in alsa when logging.
Pulse-server
- A whole bunch of extra security checks and hardening fixes.
Older versions:
PipeWire 1.6.4 (2026-04-22)
This is a bugfix release that is API and ABI compatible with the previous
1.6.x releases.
Highlights
- Small improvements and seqfault fixes.
- Try to not emit ports that JACK doesn't understand. Fixes glitches in
ardour and other JACK apps.
PipeWire
- Refuse to load plugins and crash when pw_init() was not called. (!2784)
SPA
- Fix LADSPA plugin loading, support LADSPA_PATH ending with /
- Fix segfault in alsa-seq when removing devices in some cases. (#5221)
- Allow negative gain in mixer. (#5228)
- Improve alsa-seq port names, add : between client and port. (#5229)
- ACP: don’t override user-selected port on availability changes.
Bluetooth
- Backport some important fixes and minor improvements.
JACK
- Ignore non DSP ports to avoid emitting extra callbacks.
GStreamer
- Fix crop metadata.
Tools
- Fix WAVEX saving in pw-cat. (#5233)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
(cherry picked from commit babcd87414)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Changelog:
==============
* Fixed: [CVE-2026-44927]
Stop truncating 'ptrdiff_t' to 'int'
* Fixed: [CVE-2026-44928]
Fix 'EqualsUri' with regard to '.absolutePath'
* Fixed: Fix OOM related memory leak in 'CopyUriMm'
* Improved: Simplify internal function 'CompareRange' into 'RangeEquals'
* Improved: Make function 'RangeEquals' use size_t' internally
* Soname: 3:2:2 - see https://verbump.de/ for what these numbers do
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
(cherry picked from commit a0589ae5a4)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Changelog:
==========
- Fix bug in redis version parsing when using Elasticache or any other that
sends major/minor. redis-py incorrectly parses these as floats because
there's only a single decimal, so the version check was breaking.
- Rename max task option --max-tasks (previously was --max_tasks).
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
(cherry picked from commit c14a56b358)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Changelog:
============
- Fixed snapshot comparison for dicts where keys are dataclass instances (or
other custom objects used as dict keys), which previously caused corrupted
snapshots - either collapsing multiple entries into one or appending duplicate
keys on subsequent runs
- Fixed tuple snapshot updates to compare elements positionally rather than
using sequence alignment, so existing expressions (e.g. 3 + 3) are preserved
when elements are removed from or added to a tuple.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
(cherry picked from commit fe086de31a)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Changelog:
=============
- Support for terminal bell and keyboard LEDs
- Fix build musl
- test/vte: fix memory leak in vte tests
- Refactor scrollback and selection
- screen: Fix wrong attribute for new cells when resizing
- Fix remove from sb
- Fix get next line
- Fix scrollback position
- test: robustness, make the test faster.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
(cherry picked from commit 6d7794e799)
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Changelog:
==========
- Fix encoding ref leak with non-English character
- Fix memory leak when ujson.dump() is unable to write to its file
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
(cherry picked from commit 6887661fec)
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Changelog:
=============
- Fix build with SWIG 4.4.
- Fix build in the event some parts of Boost are installed but Boost.Locale is not.
- Make GetClient() work in the OnClientGetSASLMechanisms module callback.
- Stop accidentally requiring new perl 5.35.1, regression from 1.10.0.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
(cherry picked from commit 8b4ce3276c)
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
[Added]
- Documentation for the security layer
[Fixed]
- CVE-2025-40918 (Insecure source of randomness),
required addition of dependency on Crypt::URandom
- Several public functions missing from the API documentation
[Changed]
- Modules Authen::SASL::Perl::CRAM_MD5, Authen::SASL::Perl::DIGEST_MD5
and Authen::SASL::CRAM_MD5 marked as deprecated based on the respective
RFC documents; thanks to @robrwo for the suggestion and @neustradamus
for the pointers to the documentation
- Update module metadata to point to the new 'perl-authen-sasl' org
on GitHub to which the modules moved
- Use VERSION declarations in 'package' statements, since our minimum
Perl version is 5.14 anyway
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
(cherry picked from commit bfd93bafbb)
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Doing wifi without the regulatory database is not good, so add a runtime
dependency to iwd to ensure that it gets pulled into the image for the
kernel drivers to use.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
(cherry picked from commit 51ed0fcecd)
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
$ echo 'MACHINE = "qemux86"' >> conf/local.conf
$ bitbake thin-provisioning-tools
```
error[E0080]: index out of bounds: the length is 1 but the index is 4
--> tmp/work/core2-32-wrs-linux/thin-provisioning-tools/1.3.1/build/target/release/build/devicemapper-sys-f88f57f28cd965d2/out/dm-bindings.rs:3:8718
|
3 | ...usize] ; ["Alignment of dm_ioctl"] [:: std :: mem :: align_of :: < dm_ioctl > () - 4usize] ; ["Offset of field: dm_ioctl::version"...
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ evaluation of `_` failed here
```
Inherit siteinfo to use SITEINFO_BITS replace TUNE_FEATURES
to test 32bit BSPs
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
(cherry picked from commit 4fe6bf337a)
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
When jsoncpp is built with C++17, 1.9.7 drops several legacy overloads
that C++11 consumers can still link against.
Backport the upstream fix to restore compatibility.
Fixes errors such as:
| undefined reference to `Json::Value::operator[](char const*)'
Patch can be dropped when we move to 1.9.8.
Signed-off-by: Ernest Van Hoecke <ernest.vanhoecke@toradex.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
(cherry picked from commit 9be9388574)
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Commit 1ca8df16af fixed a build problem in
wrong way. Relevant rules from lvm2-udevrules were merged into
libdevmapper (which was previously pulled by the rules package), however
instead of that, the whole lvm2 package was added as dependency (which
then pulls the needed libdevmapper).
That is a huge package completely unneeded and due to that, this new
dependency was later changed to recommendation.
Switch to libdevmapper instead of whole lvm2.
Keep recommendation for now as it gives more flexibility.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
(cherry picked from commit a5e9c8141a)
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Changelog:
===========
- CVE-2026-35328 - Fixed a vulnerability in libtls related to the processing of
the supported_versions extension in TLS that can result in an infinite loop.
- CVE-2026-35329 - Fixed a vulnerability in libstrongswan and the pkcs7 plugin
related to the processing of encrypted PKCS#7 containers that can result in
a crash.
- CVE-2026-35330 - Fixed a vulnerability in in libsimaka related to the
processing of certain EAP-SIM/AKA attributes that can result in an infinite
loop or a heap-based buffer overflow and potentially remote code execution.
- CVE-2026-35331 - Fixed a vulnerability in the constraints plugin related to
the processing of X.509 name constraints that can allow authentication with
certificates that violate the constraints.
- CVE-2026-35332 - Fixed a vulnerability in libtls related to the processing of
ECDH public values in TLS < 1.3 that can result in a crash.
- CVE-2026-35333 - Fixed a vulnerability in libradius related to the processing
of RADIUS attributes that can result in an infinite loop or an out-of-bounds
read that may cause a crash.
- CVE-2026-35334 - Fixed a vulnerability in the gmp plugin related to RSA
decryption that can result in a crash.
- Made the Botan RNG types used/provided by the botan plugin configurable.
- The fix for the vulnerability in the constraints plugin now causes all
certificates that contain excluded name constraints of type directoryName (DN)
to get rejected.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
(cherry picked from commit b05b177ae5)
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Changelog:
===========
- bug fix: CVE-2026-41163
- enhancement : New build option -Dsupport_setuid, which if set to false (which
is the default) disables the support for setuid.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
(cherry picked from commit 8cb0926b53)
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Anuj Mittal
Jiaying Song
Adam Duskett
Jason Schonberg
Ankur Tyagi
Markus Volk
Abhishek Bachiphale
Wang Mingyu
Guocai He
Yi Zhao
Ross Burton
Hongxu Jia
Fabian Pflug
Ernest Van Hoecke
Peter Marko
Changqing Li
Liyin Zhang
Liu Yiding