a38694da2b
nopoll: upgrade 0.4.7.b429 -> 0.4.9.b462
...
0.4.9
-----
Stable release with bug fixing, support for Debian Buster, Debian Bullseye and Ubuntu Focal
https://github.com/ASPLes/nopoll/blob/master/doc/release-notes/nopoll-0.4.9.txt
0.4.8
-----
Stable release with bug fixing, support for Debian Buster, Debian Bullseye and Ubuntu Focal
https://github.com/ASPLes/nopoll/blob/master/doc/release-notes/nopoll-0.4.8.txt
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-09 17:14:05 +05:30
5672114d58
nopoll: Upgrade to 0.4.7.b429
...
Signed-off-by: Jason Schonberg <schonm@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 5f7c5c6641https://github.com/ASPLes/nopoll/blob/master/doc/release-notes/nopoll-0.4.7.txt
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-09 17:14:05 +05:30
32ad58ec4e
frr: upgrade 10.4.2 -> 10.4.3
...
Release Notes:
https://github.com/FRRouting/frr/releases/tag/frr-10.4.3
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-09 17:14:05 +05:30
467427d3af
zabbix: mark CVE-2026-23925 as patched
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-23925
The vulnerability has been fixed since 7.0.18[1], however NVD
tracks this CVE without version information.
[1]: https://github.com/zabbix/zabbix/commit/89dec866ec7f8230b25f06ac000575e3b7bd4025
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-09 17:14:04 +05:30
9f2fe367d8
libjxl: mark CVE-2025-12474 and CVE-2026-1837 patched
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-12474
https://nvd.nist.gov/vuln/detail/CVE-2026-1837
Both CVEs have been fixed in v0.11.2, but NVD tracks these
vulnerabilities without version information.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-09 17:14:04 +05:30
2216b029ff
pipewire: update 1.4.9 -> 1.4.10
...
PipeWire 1.4.10 (2026-01-16)
This is a small bugfix release that is API and ABI compatible with
previous 1.x releases.
Highlights
- Fix a regression in restoring volumes on nodes.
- Clean up timed out stream on pulse-server.
- Backport filter-graph channel support.
- More small fixes and improvements.
PipeWire
- Backport the timer queue from 1.5.
modules
- Fix module leak in module-eq. (#5045 )
- Fix profiling of multiple drivers when profile.interval.ms is
set. (#5061 )
- Allow both sink and source pulse tunnels with the same name.
(#5079 )
SPA
- Emit props events in all cases. (#4610 )
- Backport some filter-graph changes to make it adapt better to the
number of channels of the stream.
- Fix some port errors in filter-graph. (#4700 )
- Avoid a memcpy in the convolver.
- Handle some DBus errors better instead of crashing.
- Fix AVX2 functions and flags. (#5072 )
- Limit resampler phases to avoid crashes (#5073 )
- Support some more channel downmix positions.
pulse-server
- Clean up timed out streams. (#4901 )
- Add message to force mono mixdown.
GStreamer
- Avoid scaling overflow in the clock.
Signed-off-by: Markus Volk <f_l_k@t-online.de >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit b7bd06e9b4ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-09 17:14:03 +05:30
b4c7c6ca2a
libmediaart-2.0: upgrade 1.9.6 -> 1.9.7
...
This is a bugfix release, fixing some memory leaks and compiler warning
(and it also has a couple of commits related to the project's own CI system,
which doesn't affect the application)
Changelog: https://gitlab.gnome.org/GNOME/libmediaart/-/blob/master/NEWS
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 3f6b25f18aankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-09 17:14:03 +05:30
3e7a57da7f
libde265: upgrade 1.0.15 -> 1.0.16
...
Also included tag in the SRC_URI.
This release fixes some rare decoding errors and some build issues.
Changelog:
https://github.com/strukturag/libde265/compare/v1.0.15...v1.0.16
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 625a2be8a8ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-09 17:13:59 +05:30
f4dca597c9
exiftool: ignore CVE-2026-3102
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-3102
The vulnerability impacts only MacOS - ignore it.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-09 07:49:33 +05:30
6bb74fff88
python3-protobuf: mark CVE-2026-0994 patched
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-0994
It is fixed already in the currently used version, however NVD tracks
it without any version info, so it still shows up in CVE reports.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-09 07:49:32 +05:30
7b418ef060
unbound: patch CVE-2025-5994
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-5994
Backport the patch[1] provided by upstream, which is linked in
the upstream advisory[2] referenced by the NVD report.
Tests passed successfully in a locally prepared ptest image.
[1]: https://nlnetlabs.nl/downloads/unbound/patch_CVE-2025-5994_2.diff
[1]: https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-09 07:49:32 +05:30
c3185de08d
streamripper: ignore CVE-2020-37065
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2020-37065
The vulnerability is about a 3rd party Windows-only GUI frontend for
the streamripper library, and not for the CLI application that the
recipe builds. Due to this ignore this CVE.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 1571c1a8e5skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-09 07:49:31 +05:30
9fcdfa8b22
python3-pillow: patch CVE-2026-25990
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-25990
Backport the patch referenced by the NVD advisory.
Note that the patch contain some new binary test data, which
requires "git" PATCHTOOL - other tools fail to apply binary patches.
All ptests passed successfully:
Testsuite summary
TOTAL: 5011
PASS: 4577
SKIP: 431
XFAIL: 3
FAIL: 0
XPASS: 0
ERROR: 0
DURATION: 59
END: /usr/lib/python3-pillow/ptest
2026-03-06T17:58
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-09 07:49:31 +05:30
a892f6cfc9
python3-nltk: upgrade 3.9.2 -> 3.9.3
...
Contains fix for CVE-2026-14009.
Changelog:
* Fix CVE-2025-14009: secure ZIP extraction in nltk.downloader
* Block path traversal/arbitrary reads in nltk.data for protocol-less refs
* Block path traversal/abs paths in corpus readers and FS pointers
* Validate external StanfordSegmenter JARs using SHA256
* Add optional sandbox enforcement for filestring()
* Maintenance: downloader/zipped models, CI/tooling updates
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 14d464c150skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-09 07:49:30 +05:30
7d3016495f
libheif: patch CVE-2025-68431
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-68431
Backport the patch referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-09 07:49:30 +05:30
258cdd1e07
imagemagick: upgrade 7.1.2-13 -> 7.1.2-15
...
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 853aecb2f9skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-09 07:49:26 +05:30
843542472e
ceres-solver: Don't fail if .git/hooks/commit-msg can't be touched
...
The .git/hooks/commit-msg Git hook may already exist and not be
writable. E.g., in our environment it is a symbolic link to a script in
/usr/share.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit a22fe21c59anuj.mittal@oss.qualcomm.com >
2026-03-06 10:13:27 +05:30
d925b85aee
python3-flask: Upgrade 3.1.2 -> 3.1.3
...
Upgrade to release 3.1.3:
- The session is marked as accessed for operations that only access
the keys but not the values, such as in and len.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 0badc6de53ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:14 +05:30
b75a502874
python3-werkzeug: upgrade 3.1.5 -> 3.1.6
...
Contains fix for CVE-2026-27199
Changelog: safe_join on Windows does not allow special devices names in multi-segment paths
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 9cbc4befe5ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:14 +05:30
34c62e2edf
python3-sqlparse: upgrade 0.5.4 -> 0.5.5
...
Changelog:
==========
* Fix DoS protection to raise SQLParseError instead of silently returning None
when grouping limits are exceeded
* Fix splitting of BEGIN TRANSACTION statements
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 48617f7032ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:13 +05:30
f21e5cdea1
python3-greenlet: upgrade 3.2.4 -> 3.2.5
...
Fix a crash on Python 3.9 if there are active greenlets during interpreter shutdown
https://greenlet.readthedocs.io/en/latest/changes.html#id4
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:13 +05:30
6928c475f2
python3-filelock: Upgrade 3.20.2 -> 3.20.3
...
Upgrade to release 3.20.3:
- Fix TOCTOU symlink vulnerability in SoftFileLock
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:12 +05:30
21f3c64e8e
python3-filelock: Upgrade 3.20.1 -> 3.20.2
...
Upgrade to release 3.20.2:
- Support Unix systems without O_NOFOLLOW
- [pre-commit.ci] pre-commit autoupdate
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 8b5e1f5dbfankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:12 +05:30
6829eda4e2
python3-filelock: upgrade 3.20.0 -> 3.20.1
...
Changelog:
CVE-2025-68146: Fix TOCTOU symlink vulnerability in lock file creation
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit c2710a2df9ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:11 +05:30
d25f3ab33a
valkey: upgrade 8.1.4 -> 8.1.6
...
Includes fix for CVE-2026-21863, CVE-2025-67733 and various bug fixes.
Also include tag in the SRC_URI.
https://github.com/valkey-io/valkey/releases/tag/8.1.5
https://github.com/valkey-io/valkey/releases/tag/8.1.6
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:11 +05:30
78a373916b
nbench-byte: Fix sysinfo generation in parallel build
...
The project Makefile uses a script (sysinfo.sh) to non-atomically generate
two .c files (sysinfo.c, sysinfoc.c) which are then included in the build.
Since the script always overwrites both .c files, the Makefile should only
invoke it once, not twice in parallel. Otherwise the .c files may be
corrupted and cause random build failures in parallel builds.
Requires at least GNU make 4.3, for Grouped Targets support [1].
[1] https://lists.gnu.org/archive/html/info-gnu/2020-01/msg00004.html
Reviewed-by: Silvio Fricke <silvio.fricke@gin.de >
Signed-off-by: Daniel Klauer <daniel.klauer@gin.de >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit add2d94ab7anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:10 +05:30
9783e418db
xrdp: patch CVE-2025-68670
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-68670
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:10 +05:30
24abd61c54
minidlna: ignore CVE-2024-51442
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-51442
The description of the vulnerability says "attacker [...] execute arbitrary
OS commands via a specially crafted minidlna.conf configuration file".
There is no official fix for this CVE, and upstream seems to be inactive
for the past 3 years.
The reason for ignoring this CVE is that the referenced minidlna.conf
file is in the /etc folder, and the file is not world-writable. Which
means that this vulnerability can be exploited only when someone is
root - but if the attacker is already root, they don't need to resort
to minidlna config-file modifications to execute any command they want.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:09 +05:30
4660316de2
gimp: ignore already fixed CVEs
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-0797
https://nvd.nist.gov/vuln/detail/CVE-2026-2044
https://nvd.nist.gov/vuln/detail/CVE-2026-2045
https://nvd.nist.gov/vuln/detail/CVE-2026-2047
https://nvd.nist.gov/vuln/detail/CVE-2026-2048
All these CVEs are already fixed in the recipe version, however
NVD tracks them currently without CPE info. Ignore them.
Relevant upstream commits:
CVE-2026-0797: https://gitlab.gnome.org/GNOME/gimp/-/commit/ca449c745d58daa3f4b1ed4c2030d35d401a009d
Note that the commit referenced by NVD is incorrect. This commit
was identified from the relevant upstream Gitlab issue:
https://gitlab.gnome.org/GNOME/gimp/-/issues/15555
CVE-2026-2044: https://gitlab.gnome.org/GNOME/gimp/-/commit/3b5f9ec2b4c03cf4a51a5414f2793844c26747e5
CVE-2026-2045: https://gitlab.gnome.org/GNOME/gimp/-/commit/bb896f67942557658b3fbfc67a1c073775c002c7
CVE-2026-2047: https://gitlab.gnome.org/GNOME/gimp/-/commit/5873e16f80cf4152d25a4c86b08553008a331e90
CVE-2026-2048: https://gitlab.gnome.org/GNOME/gimp/-/commit/fa69ac5ec5692f675de5c50a6df758f7d3e45117
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:09 +05:30
12845752e1
gnome-shell: ignore CVE-2021-3982
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2021-3982
The vulnerability is about a privilege escalation, in case
the host distribution sets CAP_SYS_NICE capability on the
gnome-shell binary.
OE distros don't do that, and due to this this recipe is not
affected by this issue. The CVE is ignored.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:09 +05:30
592de481e6
libjxl: upgrade 0.11.1 -> 0.11.2
...
- fix tile dimension in low memory rendering pipeline (CVE-2025-12474)
- fix number of channels for gray-to-gray color transform (CVE-2026-1837)
- djxl: reject decoding JXL files if "packed" representation size overflows
size_t
https://github.com/libjxl/libjxl/releases/tag/v0.11.2
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:08 +05:30
1a18d1ac74
protobuf: ignore CVE-2026-0994
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-0994
The vulnerability impacts only the python bindings of protobuf, which
is in a separate recipe (python3-protobuf, where it is patched).
Ignore this CVE in this recipe due to this.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:08 +05:30
3ad174f956
postgresql: upgrade 17.7 -> 17.8
...
License-Update: Update license year to 2026
Refreshed patches for version 17.8
Includes fix for CVE-2026-2003, CVE-2026-2004, CVE-2026-2005, CVE-2026-2006
Release Notes:
https://www.postgresql.org/docs/release/17.8/
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:07 +05:30
fdddf2bdd3
openjpeg: patch CVE-2023-39327
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2023-39327
Take the patch that is used by OpenSUSE to mitigate this vulnerability.
Upstream seems to be unresponsive to this issue.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:07 +05:30
d811647686
nginx: patch CVE-2026-1642
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-1642
Note: this is only for v1.29.1.
v1.28.x recipe contains this fix already.
Pick the commit that was identified by the reporter on the oss-sec
mailing list[1]
[1]: https://www.openwall.com/lists/oss-security/2026/02/05/1
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:06 +05:30
ed8e7c6fb5
wolfssl: patch CVE-2025-7394
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-7394
Backport patches from the PR[1][2][3] mentioned in the changelog[4].
[1] https://github.com/wolfSSL/wolfssl/pull/8849
[2] https://github.com/wolfSSL/wolfssl/pull/8867
[3] https://github.com/wolfSSL/wolfssl/pull/8898
[4] https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-582-july-17-2025
Dropped changes to github workflow and tests during backport.
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:06 +05:30
4243e66245
wolfssl: patch CVE-2025-7395
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-7395
Backport patches from the PR[1] mentioned in the changelog[2]
[1] github.com/wolfSSL/wolfssl/pull/8833
[2] https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-582-july-17-2025
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:05 +05:30
6781da83ae
wolfssl: patch CVE-2025-13912
...
Backport changes from PR[1] mentioned in nvd[2]
[1] https://github.com/wolfSSL/wolfssl/pull/9148
[2] https://nvd.nist.gov/vuln/detail/CVE-2025-13912
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:05 +05:30
9039381ef0
systemd-netlogd: upgrade 1.4.4 -> 1.4.5
...
Fixes build with 32 bit machines.
- Fix build on 32-bit with 64-bit time_t by @cgzones in #136
- Misc by @cgzones in #137
- Add terminating newline also for TLS connections by @Googulator in #139
- Add RFC5425 length field by @derobert in #140
- Correct examples for ExcludeSyslogFacility and ExcludeSyslogLevel by @ngraziano in #141
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:04 +05:30
a82f3ae1f3
python3-pybind11-json: fix Targets.cmake trying to reference host
...
The resulting pybind11_jsonTargets.cmake in the dev-package adds an
absolute path to python include directories in the target properties:
set_target_properties(pybind11_json PROPERTIES
INTERFACE_INCLUDE_DIRECTORIES "/usr/include/python3.13;${_IMPORT_PREFIX}/include"
)
The patch removes ${PYTHON_INCLUDE_DIRS} which is set by pybind11 from
set_target_properties to remove the poisonous host path.
Signed-off-by: Tafil Avdyli <tafil@tafhub.de >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 0332dae9bbtafil@tafhub.de >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-03-06 10:09:01 +05:30
12fc4c6584
tomoyo-tools: update SRC_URI
...
The previous one became inaccessible.
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-02-24 18:46:45 +05:30
35db95f565
nginx: upgrade 1.28.1 -> 1.28.2
...
Changelog:
- Security: an attacker might inject plain text data in the response
from an SSL backend (CVE-2026-1642).
- Bugfix: use-after-free might occur after switching to the next gRPC
or HTTP/2 backend.
- Bugfix: fixed warning when compiling with MSVC 2022 x86.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-02-19 08:36:46 +05:30
24a99d095d
php: upgrade 8.4.17 -> 8.4.18
...
This is a bug fix release.
Changelog: https://www.php.net/ChangeLog-8.php#8.4.18
Signed-off-by: Jason Schonberg <schonm@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-02-19 08:36:42 +05:30
6763e7828d
libtracefs: upgrade 1.8.2 -> 1.8.3
...
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 0fbbddd537https://git.kernel.org/pub/scm/libs/libtrace/libtracefs.git/tag/?h=libtracefs-1.8.3
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-02-19 08:20:34 +05:30
980fca8629
usbids: upgrade 2025.09.15 -> 2025.12.13
...
Signed-off-by: Jason Schonberg <schonm@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 5aca0a216dankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-02-19 08:20:34 +05:30
f11e6285f8
minizip-ng: 4.0.8 -> 4.0.10
...
1.Changelog:
https://github.com/zlib-ng/minizip-ng/releases/tag/4.0.10
2.Remove 0001-crypt.h-Remove-register-keyword.patch as it was merged upstream.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 5f6dbb284aankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-02-19 08:20:33 +05:30
a96f3a8194
paho-mqtt-c: upgrade 1.3.14 -> 1.3.15
...
Drop patch to fix gcc15 compatibility - the problem has been solved by upstream.
Changelog:
- Update getaddrinfo options to support IPv6 hostname resolution
- Removed unnecessary _WIN64 conditional checks
- Fixed condition variable timed wait
- Support tls:// prefix
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit cb9d043f46ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-02-19 08:20:33 +05:30
0831fc038d
libx86-1: upgrade 1.1 -> 1.1.1
...
Bugfix release, mostly with patches applied from other distros.
Also fixes the SRC_URI which became inaccessible over time.
Drop patches that are included in this release.
Shortlog:
https://gitlab.archlinux.org/grawlinson/libx86/-/compare/v1.1...v1.1.1
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 19fdc49db3ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-02-19 08:20:32 +05:30
1597f7ba50
libsdl2-compat: update 2.32.58 -> 2.32.62
...
Changelog:
2.32.62:
This is a stable bugfix release, with the following changes:
Improved support for GNU/Hurd
Fixed crash if hidapi strings are not available
2.32.60:
This is a stable bugfix release, with the following changes:
Fixed crash at startup in Dwarf Fortress
Fixed crash at startup in Stellaris
Fixed mouse stuttering in Amiberry
Fixed the viewport not being reset when the window is resized
Signed-off-by: Markus Volk <f_l_k@t-online.de >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
Adapted for Whinlatter to keep x11 in REQUIRED_DISTRO_FEATURES
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-02-19 08:20:32 +05:30
f195fb8e78
cryptsetup: upgrade 2.8.3 -> 2.8.4
...
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
Stable bug-fix release
https://gitlab.com/cryptsetup/cryptsetup/-/blob/v2.8.4/docs/v2.8.4-ReleaseNotes?ref_type=tags
(cherry picked from commit 9111684d67ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2026-02-19 08:20:31 +05:30
Ankur Tyagi
Jason Schonberg
Gyorgy Sarvari
Markus Volk
Wang Mingyu
Peter Kjellerstedt
Leon Anavi
Daniel Klauer
Anuj Mittal
Tafil Avdyli
Liu Yiding