NVD tracks this CVE as version-less.
Per [1] this is fixed by following commits:
$ git tag --contains b28a3cef416fcfb92fbb9ea7fd3c71df52c6c9fc
0.26.0
0.26.0-rc1
$ git tag --contains 02e847458369c08421fd2d5e9a16a5f272c2de9e
0.26.0
0.26.0-rc1
[1] https://github.com/OpenSC/OpenSC/wiki/CVE-2024-8443
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This will remove false-positive CVE-2024-50655 from reports.
There are different emlog components from other vendors around.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-detect-correct-openssl-3.x.patch
removed since it's included in 0.4.13
Changelog:
=========
- Increased maximum PIN length
- Fixed several memory leaks
- Don't include libp11.rc VERSIONINFO into pkcs11
- Reimplement CI with GitHub Actions
- Improved tests
- Added static ENGINE (libpkcas11.a) build
- Added a workaround broken foreign key handling in OpenSSL
3.0.12-3.0.13, 3.1.4-3.1.5, 3.2.0-3.2.1
- Added a workaround for conflicting atexit() callbacks
- Always login with PIN If FORCE_LOGIN is specified in openssl config
- Added OAEP support to RSA_private_decrypt
- Added PKCS11_enumerate_*_ext functions
- Fixed non-null-terminated label padding
- Fixed several object management issues
- Deferred libp11 initialization until needed
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- Use _stricmp() instead of strcasecmp() on Windows
- Accept --help & --version as aliases to -help & -version
- evargs.c: constify pointer arguments that aren't modified
- evargs.c: Use standard strchr() instead of deprecated index()
- Remove detectableRepeat variable
- Assume target platforms have strcasecmp now
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- Fix memory not released on error return from pb_decode_ex()
- Fix deprecated MakeClass() call in generator
- Fix compiler error with enums and --c-style
- Fix version conflict with bazel build rules
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- Fixed: If the ping statement did not explicitly specify an outgoing address
but a previous ping statement did, the same address was shared by both
statements.
- Fixed: Monit may crash upon stopping if the ping statement is used in
conjunction with the address option.
- Fixed: If a directory is set in the 'allow' option of the 'set httpd'
statement, instead of file or string, Monit hangs on start.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-fix-command-bin-findmnt-bin-lsblk-bin-sort-not-found.patch
removed since it's included in 2.03.29
Changelog:
===========
* Fix renaming of raid sub LVs when converting a volume to raid (2.03.28).
* Fix segfault/VG write error for raid LV 'lvextend -i|--stripes -I|--stripesize'.
* Add configure --enable/disable-sd-notify to control lvmlockd build with sd-notify.
* Allow test mode when lvmlockd is built without dlm support.
* Add a note about RAID + integrity synchronization to lvmraid(7) man page.
* Add a function for running lvconvert --repair on RAID LVs to lvmdbusd.
* Improve option section of man pages for listing commands ({pv,lv,vg}{s,display}).
* And some cleanup mostly in test code.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- Socket code has been moved to libimobiledevice-glue library
- Code cleanup (clang-tidy) and improvements
- autoconf: Fix clang-16 breakage
- Add libusbmuxd_version() function to interface
- iproxy: Use updated socket_create API to listen on IPv4 and IPv6 with a single socket
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changes:
* Revert back API change around PLIST_DATA to use char* again
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-CMakeLists.txt-respect-CMAKE_INSTALL_LIBDIR-for-mult.patc
refreshed for 6.0.2
0001-cmake-Test-for-sys-uio.h.patch
removed since it's included in 6.0.2
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
- Support for building the SWIG-generated R language bindings has been
integrated into the CMake build system. This is controllable by the
'-DENABLE_R={AUTO|ON|OFF}' option.
- A sandboxing wrapper, 'dot_sandbox', is now included with Graphviz. Users
should prefer their platform's native security solutions, but if nothing
better is available this wrapper offers safe processing of untrusted inputs in
some scenarios.
- JPEG images without an 'APP0' leading segment are supported for use in 'src'
fields and friends. Previously Graphviz was overly strict with the types of
JPEGs it would recognize.
- The GVPR library program 'depath' no longer acts on previously deleted nodes,
causing unpredictable results.
- Void-typed function parameters ('int foo(void bar)') and variables 'void baz;'
in GVPR are gracefully rejected.
- Input that induce a set node height but no set node width no longer crash with
the failure "Assertion failed: '(r->boundary[i] <= r->boundary[NUMDIMS + i])',
function RTreeInsert". It is typically not obvious to users when their input
falls into this situation, hence why the assertion message is quoted here.
- Strings containing double quote characters preceded by escape sequences (e.g.
'\n"') are once again correctly escaped in dot or canonical output.
- 'dot_builtins' no longer lists duplicate format options in its error messages.
- A precision error that resulted in truncated edge lines has been corrected.
This was a regression in Graphviz 12.0.0.
- The xlib plugin ('-Tx11') resets its initialization state during finalization.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
- Removed ACE_make_checked_array_iterator that used deprecated stdext::checked_array_iterator
- Embarcadero C++ Builder bcc64x compiler support has been updated to match the C++Builder 12.2 release
- Added support for Linux platforms that use musl-libc instead of glibc
- Improved QNX support
- Add support for std::string_view to CDR classes
- Define ACE_HAS_CPP23 when we have a C++23 capable C++ compiler
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Drop 0001-Remove-builddir-and-srcdir-paths-from-test-binaries.patch
peas-demo is not built anymore
- Add patch to disable the broken check for lgi
lgi does not support pkgconfig but it hasn't changed version since 2017
- Remove gtk+3 from depends and dont inherit gtk-icon-cache to not pull it
in again indirectly
- g-i is not required anymore and will be built depending on DISTRO_FEATURES
- Dont package the loaders into separate packages to reduce required RDEPENDS.
If a loader is not wanted on target it will be better to remove the according
PACKAGECONFIG option to also remove the dependencies?
- Move libpeas recipe to meta-gnome
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
gobject bindings for lua
Required to build the lua51 loader for libpeas-2
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
mozjs-128 is the current esr release based on firefox 128
Add a new recipe and keep mozjs-115 as its still supported and used by polkit
- Remove two backported patches
- Remove a (hopefully) unneeded patches for musl (build for qemuarm/musl succeeded)
- Add dependency for cbindgen-native
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
cbindgen creates C/C++11 headers for Rust libraries which expose a public C API
It is a required dependency for the current mozjs esr release
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ver 3.2:
Fix issue with GCC 15 and -std=c23 build errors.
Add support for using PMKSA over SAE if available.
Add support for HighUtilization/StationCount thresholds.
Add support for disabling Multicast RX option.
ver 3.1:
Fix issue with handling OWE transition BSS selection.
Fix issue with handling oper class 136 starting frequency.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Add a PACKAGECONFIG option for polkit. Activate it when
DISTRO_FEATURES contains 'polkit'.
Signed-off-by: Marc Ferland <marc.ferland@sonatest.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
upower releases are available as tar.bz2 archives let's use them
instead off cloning the whole repo.
Also, fix the UPSTREAM_CHECK regex that changed after revision
0.99.13. The format went from:
UPOWER_0_99_13
to
v0.99.14
Signed-off-by: Marc Ferland <marc.ferland@sonatest.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
- Add PHP 8.4 support to Smarty
- Fixed that using count() would trigger a deprecation notice.
- Fixed argument must be passed by reference error introduced in v4.5.1
- Using PHP functions and static class methods in expressions now also triggers a deprecation notice
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This update fixes the build against kernel 6.12+
Also, to fix the following warning:
WARNING: vboxguestdrivers-7.0.22-r0 do_unpack: vboxguestdrivers: the directory ${WORKDIR}/${BP}
(build/tmp/work/qemux86_64-poky-linux/vboxguestdrivers/7.0.22/vboxguestdrivers-7.0.22) pointed
to by the S variable doesn't exist - please set S within the recip
We can set S for the unpack task, much the same way we do for
patch. Alternate solutions should work (do_unpack[dirs], etc), but
they didn't work in my testing.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Patch reported issue observed on ARM32 based HW during bump
from Langdale to Scarthgap
Signed-off-by: Martin Siegumfeldt <mns@gomspace.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This removes false positive CVE-2024-21485 from cve reports.
$ sqlite3 nvdcve_2-2.db
sqlite> select * from products where product = 'dash';
CVE-2009-0854|dash|dash|0.5.4|=||
CVE-2024-21485|plotly|dash|||2.13.0|<
CVE-2024-21485|plotly|dash|2.14.0|>=|2.15.0|<
Our dash:dash did not reach major version 1 yet.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Wang Mingyu
Peter Marko
Yogita Urade
Khem Raj
Hongxu Jia
Wang Mingyu
Markus Volk
Ayoub Zaki
Peter Kjellerstedt
van Veen, Stephan
Gianfranco Costamagna
Marc Ferland
Bruce Ashfield
Martin Siegumfeldt