mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-05-30 00:50:00 +00:00
Code Issues Projects Releases Wiki Activity
35,831 Commits 64 Branches 0 Tags
517f03237b89a0496304de1d83adbd862cc52e2f
Commit Graph

35831 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gyorgy Sarvari 62f033d97d hdf5: patch CVE-2025-2924 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-2924

Pick the patch that is marked to resolve the issue linked in the
nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:26 -07:00
Gyorgy Sarvari de5693d6d9 hdf5: patch CVE-2025-2914 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-2914

Pick the patch that is linked in the issue from the nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:26 -07:00
Gyorgy Sarvari 5961c0dc6e hdf5: patch CVE-2025-2310 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-2310

Pick the patch that mentions the CVE in its description.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:26 -07:00
Gyorgy Sarvari a66568152a hdf5: patch CVE-2025-2153 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-2153

Pick the patch that resolved the issue from the nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:26 -07:00
Wang Mingyu 32bbc37d2a swagger-ui: upgrade 5.29.0 -> 5.29.4 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:25 -07:00
Wang Mingyu 8ed2257dcc spdlog: upgrade 1.15.3 -> 1.16.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:25 -07:00
Wang Mingyu 0040e2fb74 sip: upgrade 6.12.0 -> 6.13.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:25 -07:00
Wang Mingyu c78cf4b1f0 sanlock: upgrade 4.0.0 -> 4.1.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:25 -07:00
Wang Mingyu e590bf142a python3-virtualenv: upgrade 20.34.0 -> 20.35.3 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:25 -07:00
Wang Mingyu 62ee842b4b python3-tomli: upgrade 2.2.1 -> 2.3.0 
Changelog:
=========
- Binary wheels for Python 3.14 (also free-threaded)
- Reduced import time

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:25 -07:00
Wang Mingyu 70f791e9dc python3-sqlalchemy: upgrade 2.0.43 -> 2.0.44 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:24 -07:00
Wang Mingyu 803edda764 python3-rich: upgrade 14.1.0 -> 14.2.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:24 -07:00
Wang Mingyu abce3f440f python3-pyzstd: upgrade 0.17.0 -> 0.18.0 
Changelog:
==========
- Support for Python 3.14
- Deprecate the read_size and write_size parameters of ZstdFile and SeekableZstdFile
- Deprecate richmem_compress and RichMemZstdCompressor
- Rework documentation to suggest using compression.zstd from Python stdlib, and provide a migration guide
- Include the zstd library license in package distributions

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:24 -07:00
Wang Mingyu 4d1a509145 python3-pyunormalize: upgrade 16.0.0 -> 17.0.0 
Changelog:
==========
- Upgrade to Unicode 17.0.0.
- Drop support for Python versions earlier than 3.8.

License-Update: Copyright year uptedto 2025

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:24 -07:00
Wang Mingyu e28a4cdbcf python3-pyudev: upgrade 0.24.3 -> 0.24.4 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:24 -07:00
Wang Mingyu 9bb50cd898 python3-pyproject-api: upgrade 1.9.1 -> 1.10.0 
Changelog:
===========
- Fix CI for pytest-cov 7
- Add support for 3.14 and drop 3.9

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:24 -07:00
Wang Mingyu 9767dfa3d4 python3-pymongo: upgrade 4.15.1 -> 4.15.3 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:23 -07:00
Wang Mingyu 04b9291848 python3-propcache: upgrade 0.3.2 -> 0.4.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:23 -07:00
Wang Mingyu 957250d8a7 python3-platformdirs: upgrade 4.4.0 -> 4.5.0 
Changelog:
===========
- Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.13.0 in the all group
- Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.13.0 in /.github/workflows
- Add support for Python 3.14
- Update Windows file paths in README
- Bump astral-sh/setup-uv from 6 to 7 in the all group
- Drop 3.9 support

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:23 -07:00
Wang Mingyu 73fce7c769 python3-nltk: upgrade 3.9.1 -> 3.9.2 
Changelog:
=============
* Update download checksums to use SHA256 in built index
* Fix percentage escape in new-style string formatting
* replace shortened URLs using goo.gl
* Make Wordnet interoperable with various taggers and tagged corpora
* Fix saving PerceptronTagger
* Document how to reproduce old Wordnet studies
* properly initialize Portuguese corpus reader
* support for mixed rules conversion into Chomsky Normal Form
* only import tkinter if a GUI is needed
* issue #2112 with Corenlp
* new environment variable NLTK_DOWNLOADER_FORCE_INTERACTIVE_SHELL
* Lesk defaults to most frequent sense in case of ties

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:23 -07:00
Wang Mingyu 520fd28252 python3-matplotlib: upgrade 3.10.6 -> 3.10.7 
Changelog:
 the minimum version of pyparsing has been updated to version 3.0.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:23 -07:00
Wang Mingyu d893ee2ae1 python3-isort: upgrade 6.0.1 -> 7.0.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:23 -07:00
Wang Mingyu 275f38ee20 python3-ipython: upgrade 9.5.0 -> 9.6.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:22 -07:00
Wang Mingyu d63a8b7e3b python3-invoke: upgrade 2.2.0 -> 2.2.1 
Changelog:
- Python 3.14 tweaked the behavior of fcntl to raise SystemError on buffer
  overflows, which our interpretation of termios.TIOCGWINSZ technically was

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:22 -07:00
Wang Mingyu a1f21ad013 python3-inline-snapshot: upgrade 0.29.1 -> 0.29.3 
Changelog:
=============
- fixed string formatting with black which caused invalid snapshots
- xdist is now detected properly.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:22 -07:00
Wang Mingyu 5bdc3be2d5 python3-greenstalk: upgrade 2.1.0 -> 2.1.1 
Changelog:
==========
- Adds the ability to initialize a Client with an already connected
  socket to provide full control over socket configuration.
- TCP keepalive is now enabled by default to help detect broken TCP
  connections.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:22 -07:00
Wang Mingyu 7d7484b452 python3-frozenlist: upgrade 1.7.0 -> 1.8.0 
Changelog:
==========
- The :file:'reusable-cibuildwheel.yml' workflow has been refactored to be more
  generic and :file:'ci-cd.yml' now holds all the configuration toggles
- When building wheels, the source distribution is now passed directly to the cibuildwheel invocation
- Builds and tests have been added to ci-cd.yml for arm64 Windows wheels
- Started building wheels for CPython 3.14
- Removed --config-settings=pure-python=false from :file:'requirements/dev.txt'.
  Developers on CPython still get accelerated builds by default. To explicitly
  build a pure Python wheel, use pip install -e . --config-settings=pure-python=true

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:22 -07:00
Wang Mingyu baafad0fa9 python3-cantools: upgrade 40.7.0 -> 40.7.1 
Changelog:
==========
- Add typing to bus.py
- fix(database): broken caching when loading dbc file

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:22 -07:00
Wang Mingyu 9c7a665bc5 python3-cachetools: upgrade 6.2.0 -> 6.2.1 
Changelog:
=========
- Add support for Python 3.14.
- Improve documentation.
- Update CI environment.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:21 -07:00
Wang Mingyu 41e1e8c9c0 python3-astroid: upgrade 3.3.11 -> 4.0.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:21 -07:00
Wang Mingyu ed1d64656e python3-asgiref: upgrade 3.9.2 -> 3.10.0 
Changelog:
- Added AsyncSingleThreadContext context manager to ensure multiple AsyncToSync
  invocations use the same thread.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:21 -07:00
Wang Mingyu ff832a1a96 python3-alembic: upgrade 1.16.5 -> 1.17.0 
Changelog:
============
* The top-level test runner has been changed to use nox, adding a noxfile.py as well as some included modules.
* The minimum Python version is now 3.10, as Python 3.9 is EOL.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:21 -07:00
Wang Mingyu 44694fc206 pv: upgrade 1.9.34 -> 1.9.42 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:21 -07:00
Wang Mingyu 0ab638edac ndctl: upgrade v82 -> v83 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:21 -07:00
Wang Mingyu 2e2c7e592e mpich: upgrade 4.3.1 -> 4.3.2 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:20 -07:00
Wang Mingyu 08f550957f mcelog: upgrade 206 -> 207 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:20 -07:00
Wang Mingyu 1ac5317002 libsdl3: upgrade 3.2.22 -> 3.2.24 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:20 -07:00
Wang Mingyu 2b21756c75 libcgi-perl: upgrade 4.70 -> 4.71 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:20 -07:00
Wang Mingyu 49b0da0186 jsoncons: upgrade 1.4.1 -> 1.4.3 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:20 -07:00
Wang Mingyu fd78534983 graphviz: upgrade 14.0.0 -> 14.0.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:20 -07:00
Wang Mingyu 5a295b41ba gnome-system-monitor: upgrade 49.0 -> 49.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:19 -07:00
Wang Mingyu f0760799c8 gegl: upgrade 0.4.62 -> 0.4.64 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:19 -07:00
Wang Mingyu 8a41ee7454 cukinia: upgrade 0.9.0 -> 0.9.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:19 -07:00
Wang Mingyu 0c42664867 ctags: upgrade 6.2.20250921.0 -> 6.2.20251012.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:19 -07:00
Wang Mingyu 301650531a bindfs: upgrade 1.18.2 -> 1.18.3 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:19 -07:00
Wang Mingyu b880338f70 babl: upgrade 0.1.114 -> 0.1.116 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:19 -07:00
Wang Mingyu 9668f1bec9 b4: upgrade 0.14.2 -> 0.14.3 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-14 09:00:18 -07:00
Peter Kjellerstedt e1915f54f1 libeigen: Backport a patch to make eigen_packet_wrapper trivial for c++11 
A corresponding patch was removed with the upgrade to 3.4.1 since it had
been integrated upstream. However, it had also been reverted again,
which was not noticed.

This backports a subsequent fix for the problem.

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-13 23:47:41 -07:00
Gyorgy Sarvari 2ac3baccd8 gimp: ignore CVE-2007-3741 (again) 
During the last update of the recipe the CVE_STATUS for this CVE
was incorrectly removed by me due to misreading the version info.

Rectify this issue by re-adding this deleted CVE_STATUS flag.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-13 23:47:40 -07:00
Gyorgy Sarvari a637a72182 dovecot: ignore CVE-2016-4983 (again) 
I removed the CVE_STATUS setting for CVE-2016-4983 when this recipe was
updated to 2.4.1-4 - but that was a mistake, the CVE database considers
(incorrectly) even the latest version as vulnerable.

Revert that mistake by adding back the correct CVE_STATUS to the recipe.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-10-13 23:47:40 -07:00