Changelog:
==========
* Update tests to reflect the %f/%F changes implemented in v3.12
* Disallow %f and %n format specifiers in --action and --info strings;
abort with an error message if those are encountered. Use %F and %N
instead. Rationale: %f and %n do not escape shell-specific syntax and
are thus a security risk when passing untrusted file names to feh. %F and
%N, which have been available since v2.3 (Feb 2012), do escape
shell-specific syntax. Migration path: Replace %f (or '%f') and %n (or
'%n') with %F and %N (without '') in --action and --info commands.
* Fix formatting in man page for groff 1.23.0+
* Do not skip URLs when '--sort mtime' or similar are used
* Define '_GNU_SOURCE' macro for mkstemps usage (if enabled)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Fixes
======
- Added missing <cstdint> includes.
- Fixed suppression of empty variadic macro arguments warning on Clang <19.
- Fixed catch_discover_tests failing during PRE_TEST discovery if a target does
not have discoverable tests.
- Fixed build of the main library failing with CATCH_CONFIG_PREFIX_ALL defined.
- JUnit reporter outputs single failed (errored/skipped) assertion per test
case.
Improvements =============
- The default implementation of --list-tags and --list-listeners has a quiet
variant.
- Suppressed the new Clang warning about __COUNTER__ usage.
- Line-wrapping counts utf-8 codepoints instead of bytes.
- Combining character sequences are still miscounted, but Catch2 does not aim
to fully support Unicode.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
There is a bug (see https://github.com/jqlang/jq/issues/434), which
results in an empty version being used if autoreconf is run on the jq
sources when using a release tar ball. The incorrect assumption is that
autoreconf is only used when fetching the code using Git.
The empty version results in an incorrect libjq.pc file being created
where the version is not set, which results in, e.g.,
`pkgconf --libs 'libjq > 1.6'` failing even if version 1.8.1 of jq is
actually installed.
Switch to fetching the code using Git to workaround the bug.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Here is the setting in bcc recipe:
COMPATIBLE_HOST = "(x86_64.*|aarch64.*|powerpc64.*|riscv64.*)-linux"
bcc only support 64 bit arch, so add it into NON_MULTILIB_RECIPES
to avoid expanding lib32- variant
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
It is a new feature in 1.15.0, enabled upstream by default.
It is part of Foundation library.
So this makes it possible to disable it.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Add patch which was also submitted upstream to quill.
Poco should get it when they update quill component.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Those systemd services were added in 1.54 upstream
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2089
According the comments we can see they are meant for the inird
other than using for rootfs. They will conflict with the main
services and can lead to potentially confusing error messages.
So remove them for now to avoid the following issue.
>$systemd-analyze --man=false verify \
> /lib/systemd/system/NetworkManager-wait-online-initrd.service
Failed to put bus name to hashmap: File exists
NetworkManager-initrd.service: Two services allocated for the \
same bus name org.freedesktop.NetworkManager, refusing operation.
Test:
PASS: bitbake core-image-minimal
PASS: runqemu qemux86-64
PASS: systemd-analyze --man=false verify \
/lib/systemd/system/NetworkManager.service
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
gkt-doc build uses the deprecated gtkdoc-mktmpl tool, which was dropped by upstream
in version 1.26 of gtk-doc and fails if 'api-documentation' is in DISTRO_FEATURES.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Add do_install function to resolve following issue.
python3-legacy-cgi-2.6.4-r0 do_package_qa: QA Issue: /usr/lib/python3.14/site-packages/.pc/0001-cgi.py-fixup-interpreter-according-to-OE.patch/cgi.py contained in package python3-legacy-cgi requires /usr/local/bin/python, but no providers found in RDEPENDS:python3-legacy-cgi? [file-rdeps]
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Current code fails to parse meta-oe layer for machine with unsupported
architecture.
This is too restrictive as it requires downstream layers to play tricks
with masking the recipe. Usual way is to skip the recipe instead.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
This reverts commit 812f091414.
The runtime dependency on python3-setuptools is no longer needed
since the patch 0001-Drop-the-deprecated-pkg_resources.patch
replaced the pkg_resources usage with importlib.metadata, which
is part of the Python 3.8+ standard library. Keeping this RDEPENDS
pulls in an unnecessary dependency on the target system.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
pkg_resources is deprecated as an API. The pkg_resources package
has been removed from setuptools, so the way of obtaining the
version needs to be replaced with importlib.metadata module.
Signed-off-by: Bai, Haiqing <Haiqing.Bai@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
it depends on thunar-> thunar-panel, which currently depends on libwnck3 which
only works on x11, thunar technically can replace it with libxfce4windowing
but its not done yet.
fixes
WARNING: Nothing PROVIDES 'thunar' (but /home/ubuntu/yoe/sources/meta-openembedded/meta-xfce/recipes-thunar-plugins/shares/thunar-shares-plugin_0.5.0.bb DEPENDS on or otherwise requires it)
thunar was skipped: using DISTRO 'yoe', which is missing required DISTRO_FEATURES: 'x11'
WARNING: Nothing RPROVIDES 'thunar-shares-plugin-dev' (but /home/ubuntu/yoe/sources/meta-openembedded/meta-xfce/recipes-thunar-plugins/shares/thunar-shares-plugin_0.5.0.bb RDEPENDS on or otherwise requires it)
No eligible RPROVIDERs exist for 'thunar-shares-plugin-dev'
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Cc: Changqing Li <changqing.li@windriver.com>
The CVE is fixed in the current version already, however
NVD tracks it without version - suppress the report explicitly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
Skipped the duplicate singleton header check in lax mode (the default for response
parsing). In strict mode (request parsing, or -X dev), all RFC 9110 singletons
are still enforced.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
It has been unmaintained/EOL for over a year - there is
a recipe for a newer, still supported version.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Contains fix for CVE-2026-34610 (which is however tracked without
a version by NVD, so it is marked as patched explicitly)
Changelog:
- Offer a means to select the AES-C constant time / S-Box
implementation via lc_init API
- use the AES-C constant time implementation by default - it is
about 3 times slower than the AES-C S-Box implementation, but
more secure. As the leancrypto library is about secure by default,
the CT implementation is just right. Furthermore, if a caller
wants to have the faster AES-C S-Box, he can call
lc_init(LC_INIT_AES_SBOX) at the beginning.
- X.509: fix security issue (CVE-2026-34610)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The CVE is tracked by NVD without version info. It's description
confirms that it is fixed in version 1.6.17.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Both CVEs were fixed in version 3.11.0, however NVD tracks them
without version/CPE info.
Relevant commits:
CVE-2026-32877: 798a332e11
CVE-2026-32883: 6ecc62a4e3
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Contains fixes for CVE-2026-35580 and CVE-2026-35582
Changelog: https://botan.randombit.net/news.html#version-3-11-1-2026-03-31
-CVE-2026-35580: Resolve certificate verification bypass bug introduced in 3.11.0
-CVE-2026-35582: Resolve TLS 1.3 client authentication bypass
-Add optimized Argon2 implementation using AVX512
-Add optimized and constant-time Twofish implementation using AVX512/GFNI
-Add optimized and constant-time SEED implementation using AVX512/GFNI
-Add optimized and constant-time Whirlpool implementations using AVX2 and AVX512
-Add SSSE3/NEON and AVX2 optimized codepaths for CTR
-Add constant time implementations of Camellia, ARIA, SEED and SM4 using
AES-NI or ARMv8 AES instructions to implement sbox lookups
-Improve performance of the AVX512 implementation of SHA-512 especially for Clang
-Optimizations for the IDEA modular multiplication
-Fix various minor TLS conformance issues flagged by TLS-Anvil
-Fix bug in Ed25519 where an invalid signature checked with PK_Verifier
might cause a later valid signature to be rejected.
-Fix a bug in handling of ECDSA DER-encode signatures where an invalid
signature checked with PK_Verifier might cause a later valid signature to be rejected.
-Fix a problem introduced in 3.11.0 which could cause crashes on processors without
SSSE3 support, particularly when compiled by GCC.
-Fix various new warnings from clang-tidy 22
-Fix a compilation error introduced in 3.11.0 which prevented using ffi
unless bcrypt was also enabled.
-Avoid a macro collision with Microsoft headers that could cause a compilation
problem in amalgamation mode.
-Enable explicit_bzero, getentropy, getrandom on Hurd
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Fixes errors e.g.
error: assigning to 'char *' from 'const char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
131 | dot = strrchr(filename, '.');
| ^ ~~~~~~~~~~~~~~~~~~~~~~
1 error generated.
They are latent and brought to fore with autoconf 2.73 which switches
defaults to use -std=gnu23
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Without it, it will throw "ModuleNotFoundError: No module named
'unittest'" from pyroute2/netlink/rtnl/iprsocket.py" line 6.
Signed-off-by: Jeroen Hofstee <jhofstee@victronenergy.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
