This update contains minor bugfixes.
Changelog:
3.0.17.4:
Service Discovery: Fix UPnP regression on Windows
3.0.17.3:
Demux: Fix a regression causing a lack of audio in adaptive streaming
3.0.17.2:
Interface: Qt: Fix right click support on video
Misc: Update YouTube script
This commit has been detached from all branches. The version format
change does not cause version-going-backwards issues.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The actual patch was identified by checking the file that was modified
in the tag 6.0.42, and also by looking at the Jira item referenced by it:
the patch references DEV-4466, the same ID that is referenced in the
Jira ticket[1] referenced by the NVD report (look in the "All Activity" tab).
[1]: https://support.zabbix.com/browse/ZBX-27284
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The CVE_PRODUCT is set with a weak default assignment in the cve-check.bbclass,
which means that when the recipe uses +=, it overrides the original weak adefault
value instead of appending to it.
Set all applicable values in CVE_PRODUCT variable explicitly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
This update contains many bugfixes.
Changelog: https://xdebug.org/updates#x_3_1_5
3.1.5:
- Install documentation gives wrong arch for installation on M1 Macs
- phpize --clean removes required clocks.m4 file
- Constant defined with an enum case produce double "facet" attribute in context_get response
- Crash when used with source guardian encoded files
- Segfault in __callStatic() after FFI initialization
3.1.4:
- Removing second call breakpoint with same function name
- XDebug breaks the Symfony "PhpFilesAdapter" cache adapter
- Possible use after free with GC Stats
- Can't inspect ArrayObject storage elements
- Segmentation fault in symfony cache
- Debug session can be started with "XDEBUG_SESSION_START=anything" when xdebug.trigger_value is set
- Warn when profiler_append is used together with zlib compression
- Code coverage misses static array assignment lines
3.1.3:
- evaling broken code (still) causes unhandled exception in PHP 7.4
- Memory leak when a trace file can't be opened because xdebug.trace_output_name is invalid
- Slowdown when calling a function with long string parameters
- Debugger creates XML with double facet attribute
3.1.2:
- Segfault on fiber switch in finally block in garbage collected fiber
- Crash when profile file can not be created
- __debugInfo is not used for var_dump output
- Segault on xdebug_get_function_stack inside a Fiber
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Last bugfix release of the 5.1.x series.
Changelog:
- Fixed sorting the database list with "statistics" enabled on "Data" column creates a PHP type error
- Fix for invalid cache when losing access to config storage after it being cached
- Fix session cookie not respecting the CookieSameSite configuration directive in PHP 7.2
- Fix create index form accepting too many columns
- Disable editing to system schemas
- Add better error handling when IndexedDB is not working
- Fixed incorrect escaping of special MySQL characters on some pages
- Fix GIS visualization with an edited query
- Remove the use of the deprecated `strftime` function in OpenDocument exports
- Enable tabindex recompute on preview button while insert new rows
- Fix invalid SQL generated when PRIMARY/UNIQUE key contains a POINT column
- Fix setup's CSS not loading when the URL doesn't have a trailing slash
- Remove jQuery SVG JavaScript dependency
- Fix column visibility dropdown when the column name is too long
- Fix issue when exporting using Firefox or Safari on PHP 8.1.4
- Update JavaScript dependencies
- Fix case where errors were thrown when browsing a table
- Fix UI issue when user accounts page has the initials navigation bar
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Changelog:
4.6.11:
- Dont reload the view when text is copied
- NULL checks to prevent crash on malformed bookmark URI
- Use 'g_timeout_add_full' to set tree-view cursor
- Fix signal disconnect in thunar_window_unrealize
- Don't go beyond THUNAR_N_VISIBLE_COLUMNS while parsing col widths
- Translation Updates:
4.16.10:
- Fix signal disconnect to prevent crash
- Don't go beyond THUNAR_N_VISIBLE_COLUMNS while parsing col widths
https://gitlab.xfce.org/xfce/thunar/-/blob/thunar-4.16.11/NEWS
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Changelog:
- Resolve deadlock on background change
- Allocate memory after error processing
- Remove unused function call
- autoconf: Remove AC_HEADER_STDC
- Do not delete property not set
- Set a pixmap XID, not the XID of the root window
- Fix next background
- build: Fix intltool lock file problem during make distcheck
- Increase opacity of xfce-verticals bg
- Fix Applications Menu memory leak
- Fix gettext extraction from settings/xfce-backdrop-settings.desktop.in.in
- Translation Updates
https://github.com/xfce-mirror/xfdesktop/releases/tag/xfdesktop-4.16.1
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Fix "audit" set in CVE_PRODUCT to "linux:audit" to detect only vulnerabilities where the vendor is "linux".
Currently, CVE_PRODUCT also detects vulnerabilities where the vendor is "visionsoft",
which are unrelated to the "audit" in this recipe.
https://www.opencve.io/cve?vendor=visionsoft&product=audit
In addition, all the vulnerabilities currently detected in "audit" have the vendor of "visionsoft" or "linux".
Therefore, fix "audit" set in CVE_PRODUCT to "linux:audit".
Signed-off-by: Shinji Matsunaga <shin.matsunaga@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e87e51da49)
Adapted to Kirkstone.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
CVE-2025-47917 is that the function mbedtls_x509_string_to_names() takes
a head argument and performs a deep free() on it.
Backport patch to fix CVE-2025-47917 and drop the modification in doc
file and comment in header file which lack of context.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The recipe fetches from multiple repositories, however the SRCREV_FORMAT
variable wasn't set. Due to this the recipe couldn't reuse sstate artifacts from
a mirror, only threw warnings:
WARNING: gosu-1.14-r0 do_package_qa_setscene: ExpansionError('SRCPV',
'${@bb.fetch2.get_srcrev(d)}', FetchError('The SRCREV_FORMAT variable
must be set when multiple SCMs are used.\nThe SCMs are:
git://github.com/tianon/gosu.git;branch=master;protocol=https
git://github.com/opencontainers/runc;name=runc;branch=main;protocol=https', None))
WARNING: Setscene task (/cocto/kirkstone-next/meta-openembedded/meta-oe/recipes-support/
gosu/gosu_1.14.bb:do_package_qa_setscene) failed with exit code '1' - real task
will be run instead
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
It fetches from multiple repositories, but didn't have SRCREV_FORMAT
set. Because of this, the recipe couldn't use sstate artifacts from
a mirror, just threw many warnings:
WARNING: sysdig-0.28.0-r0 do_package_qa_setscene: ExpansionError('SRCPV',
'${@bb.fetch2.get_srcrev(d)}', FetchError('The SRCREV_FORMAT variable
must be set when multiple SCMs are used.\nThe SCMs
are:\ngit://github.com/draios/sysdig.git;branch=dev;protocol=https;name=sysdig
git://github.com/falcosecurity/libs;protocol=https;branch=master;name=falco;subdir=git/falcosecurity-libs',
None))
WARNING: Setscene task (/cocto/kirkstone-next/meta-openembedded/meta-oe/recipes-extended/sysdig/sysdig_0.28.0.bb
:do_package_qa_setscene) failed with exit code '1' - real task will be run instead
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Update SRC_URI to use the 'main' branch instead of 'master' since
the upstream GitHub repository has renamed its default branch.
Signed-off-by: Viswanath Kraleti <viswanath.kraleti@oss.qualcomm.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Gyorgy Sarvari
Ninette Adhikari
Hitendra Prajapati
Haixiao Yan
Shinji Matsunaga
Kai Kang
Divyanshu Rathore
Viswanath Kraleti
Valeria Petrov