This CVE is officially disputed by Redhat with official statement in
https://nvd.nist.gov/vuln/detail/CVE-2007-0086
Red Hat does not consider this issue to be a security vulnerability.
The pottential attacker has to send acknowledgement packets periodically
to make server generate traffic. Exactly the same effect could be
achieved by simply downloading the file. The statement that setting the
TCP window size to arbitrarily high value would permit the attacker to
disconnect and stop sending ACKs is false, because Red Hat Enterprise
Linux limits the size of the TCP send buffer to 4MB by default.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
These were not updated on recipe upgrade.
To make maintenance easier, remove exact versions.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade xfdesktop from 4.18.1 to 4.20.0:
* add dependency libxfce4windowing
* set variables from glib-2.0.pc in EXTRA_OECONF since paths have been
removed from the .pc file in oe-core
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Add recipe for libxfce4windowing 4.20.0 which is required by other xfce4
components such as xfce4-session, xfdesktop etc.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-detect-correct-openssl-3.x.patch
removed since it's included in 0.4.13
Changelog:
=========
- Increased maximum PIN length
- Fixed several memory leaks
- Don't include libp11.rc VERSIONINFO into pkcs11
- Reimplement CI with GitHub Actions
- Improved tests
- Added static ENGINE (libpkcas11.a) build
- Added a workaround broken foreign key handling in OpenSSL
3.0.12-3.0.13, 3.1.4-3.1.5, 3.2.0-3.2.1
- Added a workaround for conflicting atexit() callbacks
- Always login with PIN If FORCE_LOGIN is specified in openssl config
- Added OAEP support to RSA_private_decrypt
- Added PKCS11_enumerate_*_ext functions
- Fixed non-null-terminated label padding
- Fixed several object management issues
- Deferred libp11 initialization until needed
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- Use _stricmp() instead of strcasecmp() on Windows
- Accept --help & --version as aliases to -help & -version
- evargs.c: constify pointer arguments that aren't modified
- evargs.c: Use standard strchr() instead of deprecated index()
- Remove detectableRepeat variable
- Assume target platforms have strcasecmp now
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
fix-openssl-no-des.patch
refreshed for 5.74
* Bugfixes
- Fixed a stapling cache deallocation crash.
- Fixed "redirect" with protocol negotiation.
* Features
- "protocolHost" support for "socks" protocol clients.
- More detailed logs in OpenSSL 3.0 or later.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- Avoid crash when converting dict with circular reference
- ci: use pixi in CI
- Mention nanobind's solution
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- Fix memory not released on error return from pb_decode_ex()
- Fix deprecated MakeClass() call in generator
- Fix compiler error with enums and --c-style
- Fix version conflict with bazel build rules
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- Fixed: If the ping statement did not explicitly specify an outgoing address
but a previous ping statement did, the same address was shared by both
statements.
- Fixed: Monit may crash upon stopping if the ping statement is used in
conjunction with the address option.
- Fixed: If a directory is set in the 'allow' option of the 'set httpd'
statement, instead of file or string, Monit hangs on start.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-fix-command-bin-findmnt-bin-lsblk-bin-sort-not-found.patch
removed since it's included in 2.03.29
Changelog:
===========
* Fix renaming of raid sub LVs when converting a volume to raid (2.03.28).
* Fix segfault/VG write error for raid LV 'lvextend -i|--stripes -I|--stripesize'.
* Add configure --enable/disable-sd-notify to control lvmlockd build with sd-notify.
* Allow test mode when lvmlockd is built without dlm support.
* Add a note about RAID + integrity synchronization to lvmraid(7) man page.
* Add a function for running lvconvert --repair on RAID LVs to lvmdbusd.
* Improve option section of man pages for listing commands ({pv,lv,vg}{s,display}).
* And some cleanup mostly in test code.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
Fix database inconsistency resulting from some patterns of folder
updates, and possible resulting CPU churn.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- Socket code has been moved to libimobiledevice-glue library
- Code cleanup (clang-tidy) and improvements
- autoconf: Fix clang-16 breakage
- Add libusbmuxd_version() function to interface
- iproxy: Use updated socket_create API to listen on IPv4 and IPv6 with a single socket
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changes:
* Revert back API change around PLIST_DATA to use char* again
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-CMakeLists.txt-respect-CMAKE_INSTALL_LIBDIR-for-mult.patc
refreshed for 6.0.2
0001-cmake-Test-for-sys-uio.h.patch
removed since it's included in 6.0.2
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
- Support for building the SWIG-generated R language bindings has been
integrated into the CMake build system. This is controllable by the
'-DENABLE_R={AUTO|ON|OFF}' option.
- A sandboxing wrapper, 'dot_sandbox', is now included with Graphviz. Users
should prefer their platform's native security solutions, but if nothing
better is available this wrapper offers safe processing of untrusted inputs in
some scenarios.
- JPEG images without an 'APP0' leading segment are supported for use in 'src'
fields and friends. Previously Graphviz was overly strict with the types of
JPEGs it would recognize.
- The GVPR library program 'depath' no longer acts on previously deleted nodes,
causing unpredictable results.
- Void-typed function parameters ('int foo(void bar)') and variables 'void baz;'
in GVPR are gracefully rejected.
- Input that induce a set node height but no set node width no longer crash with
the failure "Assertion failed: '(r->boundary[i] <= r->boundary[NUMDIMS + i])',
function RTreeInsert". It is typically not obvious to users when their input
falls into this situation, hence why the assertion message is quoted here.
- Strings containing double quote characters preceded by escape sequences (e.g.
'\n"') are once again correctly escaped in dot or canonical output.
- 'dot_builtins' no longer lists duplicate format options in its error messages.
- A precision error that resulted in truncated edge lines has been corrected.
This was a regression in Graphviz 12.0.0.
- The xlib plugin ('-Tx11') resets its initialization state during finalization.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
- Removed ACE_make_checked_array_iterator that used deprecated stdext::checked_array_iterator
- Embarcadero C++ Builder bcc64x compiler support has been updated to match the C++Builder 12.2 release
- Added support for Linux platforms that use musl-libc instead of glibc
- Improved QNX support
- Add support for std::string_view to CDR classes
- Define ACE_HAS_CPP23 when we have a C++23 capable C++ compiler
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Peter Marko
Hongxu Jia
Kai Kang
Khem Raj
Wang Mingyu
Bartosz Golaszewski
Markus Volk
Wang Mingyu