Changelog:
Fixed IndexError raised from check_signature_compatible when the subject method has no positional parameters
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
===========
- test(conftest): strip broken nspkg.pth files under py3.15
- feat(packaging): declare tox.pytest deps via a testing extra
- fix(schema): cover every replace form in the TOML schema
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
Reverse matching with full unicode casefolding could lead to out-of-range string indexes.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
New Features
============
- Add "alert" syntax extension for GFM alerts (e.g. > [!NOTE])
- Add "gfm_autolink" syntax extension for GFM autolinks
- Add myst_strikethrough_single_tilde config option to allow single tilde (~)
for strikethrough
- Add myst_colon_fence_exact_match config option to require the closing colon
fence to have exactly the same number of colons as the opening
Improvements =============
- Update myst_gfm_only mode to use the unified gfm_plugin, which now includes
GFM autolinks, alerts, and improved strikethrough/tasklist handling
- Improve MathJax 4 compatibility for Sphinx 9
- Stop directive-option parsing at colon fences, fixing nested colon fence
directives
Bug Fixes ===========
- Use docname instead of source path in warning locations
- Correctly encode & in Markdown URLs by not HTML-escaping refuri
- Fix RemovedInSphinx10Warning for inventory item iteration
- Pin mdit-py-plugins>=0.6.1 for nested field list fix
Dependency Upgrades ====================
- Upgrade to markdown-it-py~=4.2 and mdit-py-plugins~=0.6
- Update pygments requirement from <2.20 to <2.21
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
==========
- Fix bug in redis version parsing when using Elasticache or any other that
sends major/minor. redis-py incorrectly parses these as floats because
there's only a single decimal, so the version check was breaking.
- Rename max task option --max-tasks (previously was --max_tasks).
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
setup.py: bump PyJWT floor to >=2.11.0 to match the actual runtime requirement
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
=============
- MIX_DestroyTrack may now be called from a mixer callback
- Fixed WAV decoding on big-endian systems
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
==========
- Fixed sonames generation when using autotools
- Recovered an undocumented memory write feature lost because a "security" report.
- Fixed documentation pointers on visual studio project.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
==========
- Fixes media length detection for Chrome on Linux (Media, Linux)
- Fixes segmentation fault when specifying unsupported modules on command line
- Disables usage of Netlink for Wi-Fi detection on s390x architectures (Wifi, Linux)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
QA Issue: inherits setuptools3 but has pyproject.toml with setuptools.build_meta, use the correct class [pep517-backend]
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The dynamic-layers/clang-layer/ directory does not exist under meta-oe.
Remove the stale BBFILES_DYNAMIC references as they match nothing.
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
A buffer overflow in dnsmasq’s extract_addresses() function allows
an attacker to trigger a heap out-of-bounds read and crash by
exploiting a malformed DNS response, enabling extract_name()
to advance the pointer past the record’s end.
Reference:
[ https://nvd.nist.gov/vuln/detail/CVE-2026-5172 ]
Signed-off-by: Abhishek Bachiphale <Abhishek.Bachiphale@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
dnsmasqs extract_name() function can be abused to cause a heap buffer
overflow, allowing an attacker to inject false DNS cache entries,
which could result in DNS lookups to redirect to an attacker-controlled
IP address, or to cause a DoS.
Reference:
[ https://nvd.nist.gov/vuln/detail/CVE-2026-2291 ]
Signed-off-by: Abhishek Bachiphale <Abhishek.Bachiphale@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
PipeWire 1.6.5 (2026-05-13)
This is a bugfix release that is API and ABI compatible with the previous
1.6.x releases.
Highlights
- Fix muted output in some cases.
- Removed the pipe filter in filter-graph.
- More fixes and improvements.
PipeWire
- Fix an issue in pw-filter where it could end up in a loop where buffers
are stuck on a port and the port becomes silent. (#5249)
Modules
- Improve ROC receiver start/stop, fixes memory leaks. (#5250)
- Remove the pipe filter from filter-graph, it's broken by design and a
security nightmare.
- Fix the midi buffer size in jack-tunnel.
SPA
- Rate limit out-of-buffers errors. (#5249)
- Partially revert the line-out mute patch, it seems to break things and leave
audio muted when plugging-unplugging jacks. (#5246)
- Improve renegotiation in audioconvert when the graph rate changes and the
resampler was disabled. (#4933).
- Fix potential crash in alsa when logging.
Pulse-server
- A whole bunch of extra security checks and hardening fixes.
Older versions:
PipeWire 1.6.4 (2026-04-22)
This is a bugfix release that is API and ABI compatible with the previous
1.6.x releases.
Highlights
- Small improvements and seqfault fixes.
- Try to not emit ports that JACK doesn't understand. Fixes glitches in
ardour and other JACK apps.
PipeWire
- Refuse to load plugins and crash when pw_init() was not called. (!2784)
SPA
- Fix LADSPA plugin loading, support LADSPA_PATH ending with /
- Fix segfault in alsa-seq when removing devices in some cases. (#5221)
- Allow negative gain in mixer. (#5228)
- Improve alsa-seq port names, add : between client and port. (#5229)
- ACP: don’t override user-selected port on availability changes.
Bluetooth
- Backport some important fixes and minor improvements.
JACK
- Ignore non DSP ports to avoid emitting extra callbacks.
GStreamer
- Fix crop metadata.
Tools
- Fix WAVEX saving in pw-cat. (#5233)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Drop patches to support newer toolchains added overtime
Add consolidated patch to support cross compiling
Use github for SRC_URI
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
libhandy was removed when g-s-m ported to GTK 4.
Update the DISTRO_FEATURES checks to use GTK3DISTROFEATURES.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
libhandy was removed when g-s-m ported to GTK 4.
gnome-common is not required now that g-s-m uses Meson not autoconf.
polkit was removed in g-s-m 3.36 (March 2020).
Update the DISTRO_FEATURES check, polkit isn't required but opengl is
via GTK 4.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Remove obsolete libdazzle and geocode-glib dependencies, these have been
removed upstream.
Change the DISTRO_FEATURES check so that opengl is required and any of
the GTK3DISTROFEATURES (x11 wayland) are present, as GTK 4 needs opengl
and supports either x11 or wayland.
Drop the sed on the generated enums, the generated files have relative
paths in now.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
This was previously in oe-core but is being removed as it is no longer
used by anything in that layer. Some changes were made in the process of
moving the recipe to meta-oe:
- Inherit gnomebase, as this is a GNOME package
- Download the release tarball instead of a git clone
- Set the correct license, this is -or-later not -only. Add handy.h to
the license checksum to provide verification.
The final output is identical to the recipe in oe-core.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
This was previously in oe-core but is being removed as it is no longer
used by anything in that layer.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Wang Mingyu
Jiaying Song
Abhishek Bachiphale
Adam Duskett
Markus Volk
Khem Raj
Ross Burton