Changelog:
============
- os_stub/openssllib: Allow building with older OpenSSL versions
- Ignore MSVC warning when compiling OpenSSL
- Bring fixes from main to 3.8
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
- Improve as_date narrowing conversion from C4244 warning
- update trait dependencies to support CMake v4
- Fix linter error
- Update workflows for new GitHub Action Runner Images
- Support passing ssl library key handles to algorithms
- Update CMP0135 to new behaviour
- Fix error in CMake config-file package
- CMake: synchronize cmake_minimum_required from main CMakeLists.txt
- Reduce usage of std::time_t, std::chrono::system_clock::to_time_t and
system_clock::from_time_t in order to get correct dates when working with a
32bit application
- Fix set_expires_in not accepting non-default Period
- AppVeyor Warnings
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=========
* Annotations: draw a background behind annotations; align to the right
when they fit (e.g. for diagnostics)
* GObject Introspection: fix nullable and callback destroy annotations
(get_location, get_match_style, scheduler, callbacks)
* Fix gutter text renderer text layout snapshot deprecation
* PHP language: highlight PHP 8.0 attributes and add new keywords
* New language: Cornish
* Translation updates
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=========
- Fix afskmdm shutdown issues
- Fix a crash if gensio_acc_disable() is called more than once.
- Allow the pcre2 package to be used.
- Fix a locking issue in cm108gpio.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
* Support DOS-style \r\n line breaks when loading filelists. Note that
they will be saved with UNIX-style \n line breaks regardless of input
format. This is intentional.
* Fix --action, --info, --title and similar commands hard-coding the
maximum length of the formatted output to 4095 characters.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Fix license checksum: Copyright year has been changed
- Add support for av1 and jxl
- libavif is in meta-multimedia -> disable av1 by default
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fix the following error:
ERROR: core-image-minimal-1.0-r0 do_rootfs: Postinstall scriptlets of ['tigervnc'] have failed. If the intention is to defer them to first boot,
then please place them into pkg_postinst_ontarget:${PN} ().
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
CPEs are registered for iperf_project2:iperf2 in addition to
iperf_project:iperf. By changing CVE_PRODUCT to an appends, this ensures
that both iperf and iperf2 CPEs are used for CVE matching.
Signed-off-by: Colin Pinnell McAllister <colin.mcallister@garmin.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 4.7.1:
- Add controls for verify_sub option in PyJWT
From release 4.7.0:
- Drop support for python 3.7 and 3.8, add 3.13
- Fix documentation around identity needing to be a string
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 3.0.1:
- Fix link rendering in readme
- Fix handling of _version.py file
From release 3.0.0:
- Support Flask 3.0+ and PyMongo 4.0+.
- Support Python 3.9-3.13.
- Support MongoDB 4.4+.
- Add support for ~flask.json.jsonify().
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 6.0.2:
- Update license pyproject.toml
From 6.0.1:
- Invert regex sorting to make it correctly match the intent
(sorting by specificity descending)
- Fix README file extension in pyproject.toml
From 6.0.0:
- [CVE-2024-6839] Sort Paths by Regex Specificity
- [CVE-2024-6844] Replace use of (urllib) unquote_plus with unquote
- [CVE-2024-6866] Case Sensitive Request Path Matching
License-Update: Use line 6 from PKG-INFO
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 1.4.0:
- Add missing commas in error message for validate.FileType
- Support Python 3.10-3.14
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 3.1.3:
- The session is marked as accessed for operations that only access
the keys but not the values, such as in and len.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 4.1.0:
- Accept arguments such as --directory in environment variables
- Fix minor typos in documentation
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 0.10.0:
- Drop support for Python < 3.8.
- Use pyproject.toml for packaging metadata.
- Use flit_core as build backend.
- Apply code formatting and linting tools.
- Add static type annotations.
- Deprecate the __version__ attribute. Use feature detection or
importlib.metadata.version("flask-mail") instead.
- Indicate that the deprecated is_bad_headers will be removed in
the next version.
- Fix the email_dispatched signal to pass the current app as the
sender and message as an argument, rather than the other way around.
- Attachment.data may not be None.
- Attachment.content_type will be detected based on filename and
data and will not be None.
License-Update: Use LICENSE.txt
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Contains fix for CVE-2026-27199
Changelog: safe_join on Windows does not allow special devices names in multi-segment paths
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Details: https://nvd.nist.gov/vuln/detail/CVE-2016-2568
This commit mostly just tries to add some info to this issue, in the
hope that it will save some time for others who try to investigate it.
This CVE most probably will stay open in meta-oe in the foreseeable future,
although it can be mitigated reasonably easily by the users of the layer.
The description of the vulnerability is short enough that it can be
reproduced here: "pkexec, when used with --user nonpriv, allows local
users to escape to the parent session via a crafted TIOCSTI ioctl call,
which pushes characters to the terminal's input buffer."
The general consensus amongst developers/major distros[1][2][3] seems to be that
it should be mitigated on the kernel side, to not allow non-privileged
users to fake input.
To this end, the kernel has introduced a new config in v6.2, called
CONFIG_LEGACY_TIOCSTI - when it is enabled, non-privileged used can
also fake input. It is however by default enabled (and it is also enabled
in the kernels shipped in oe-core, at least at the time of writing this).
Disabling this kernel config is considered to be the mitigation, to allow
input-faking only by privileged users.
[1]: https://security-tracker.debian.org/tracker/CVE-2016-2568
[2]: https://bugzilla.suse.com/show_bug.cgi?id=968674
[3]: https://marc.info/?t=145694748900001&r=1&w=2 / https://marc.info/?l=util-linux-ng&m=145702209921574&w=2
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-51442
The description of the vulnerability says "attacker [...] execute arbitrary
OS commands via a specially crafted minidlna.conf configuration file".
There is no official fix for this CVE, and upstream seems to be inactive
for the past 3 years.
The reason for ignoring this CVE is that the referenced minidlna.conf
file is in the /etc folder, and the file is not world-writable. Which
means that this vulnerability can be exploited only when someone is
root - but if the attacker is already root, they don't need to resort
to minidlna config-file modifications to execute any command they want.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Details: https://nvd.nist.gov/vuln/detail/CVE-2021-3982
The vulnerability is about a privilege escalation, in case
the host distribution sets CAP_SYS_NICE capability on the
gnome-shell binary.
OE distros don't do that, and due to this this recipe is not
affected by this issue. The CVE is ignored.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 25.1.0:
- Control Interface (gunicornc): Add interactive control interface
for managing running Gunicorn instances, similar to birdc for
BIRD routing daemon
- Unix socket-based communication with JSON protocol
- Interactive mode with readline support and command history
- Commands: show all/workers/dirty/config/stats/listeners
- Worker management: worker add/remove/kill, dirty add/remove
- Server control: reload, reopen, shutdown
- New settings: --control-socket, --control-socket-mode,
--no-control-socket
- New CLI tool: gunicornc for connecting to control socket
- Dirty Stash: Add global shared state between workers via dirty.stash
- In-memory key-value store accessible by all workers
- Supports get, set, delete, clear, keys, and has operations
- Useful for sharing state like feature flags, rate limits, or
cached data
- Dirty Binary Protocol: Implement efficient binary protocol for
dirty arbiter IPC using TLV (Type-Length-Value) encoding
- More efficient than JSON for binary data
- Supports all Python types: str, bytes, int, float, bool, None,
list, dict
- Better performance for large payloads
- Dirty TTIN/TTOU Signals: Add dynamic worker scaling for dirty
arbiters
- Send SIGTTIN to increase dirty workers
- Send SIGTTOU to decrease dirty workers
- Respects minimum worker constraints from app configurations
- ASGI Worker: Promoted from beta to stable
- Dirty Arbiters: Now marked as beta feature
License-Update: Update years
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 8.0.0:
- Update CHANGELOG for version 8.0.0
- Fix edge case of __future__ import
- Fix the Plone profile to be compatible with black
- Remove the setuptools plugin
- Turn some warnings into errors in test suite
- chore: replace black with ruff in clean.sh
- feat!: remove old finders flag and legacy finder logic
- Fix whitespace insensitive check triggering on tabs
- Fix line separator detection not considering form feed as white space
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 1.4.0:
- Support underscores as digit separators per PEP 515
- Add rationals converter for mpf's
- Rewrite bernpoly/eulerpoly to avoid dependency on bernoulli(1)
convention
- Support base kwarg for from_str()
- Support randmatrix() for mp.iv and mp contexts
- Added rank() function for matrices
- Add plus flag to select the B_1 sign convention for
bernoulli/bernfrac
- Add mpf.as_integer_ratio() method, support construction of mpf
from Decimal objects
- Expose lower/upper_gamma functions
- Support mpc initialization from string
- Support asinh/acosh/atanh in the fp context
- Support binary/octal/hexadecimal string output
- Support pickling for matrices and mpi
- Support matrix.__array__() dunder method
- Support more number syntaxes
- Run mpmath as a module for interactive work
- Add signed option to to_man_exp()
- Add fp.hypot
- Support inf/nan's in ctx.almosteq()
- Implement mpf.__format__()
- Support conversion from scalar ndarray's
- Support rounding modes in mpf.__format__
- Support '%' presentation type for mpf
- Support gmpy2-like rounding modes in to_str()
- Implement 'a'/'A' formating types for mpf.__format__
- Add mpc.__format__()
- Now mpf.__round__() returns mpf
- Support 'b' (binary) format type for mpf/mpc
- Implement mpf.__floordiv__() and mpf.__divmod__()
- Add parameters for MPContext constructor
- Add MPFR-compatible aliases for rounding modes
- Support negative indexes in matrix
- Better introspection support for decorated functions
- Add moving sofa demo
- Support spherical Bessel functions (jn/yn)
- Add pretty_dps context property to control number of printed digits
- Support thousands separators for formatting of fractional part
- Use PyREPL, as fallback (no IPython)
- Add exp2() and log2()
- Support rounding property for the mp context
- Add Fox H-function with rational A/B parameters (foxh())
- Provide experimental support for free-threading builds
License-Update: Update years
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Wang Mingyu
Markus Volk
Liu Yiding
Colin McAllister
Gyorgy Sarvari
Leon Anavi
Yi Zhao
Bartosz Golaszewski