The previously used repo was moved to freedesktop's gitlab instance,
causing fetching failures.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Changelog:
Changes for 6.2.9
- fixed unauthorised file system access when using cURL
- increased TimescaleDB maximum supported version to 2.10
- increased MariaDB maximum supported version to 10.11
- fixed broken database upgrade if started more than one Zabbix server at the same time on one database
- fixed a crash when testing item with aggregated function count containing invalid argument
- fixed race condition when starting Zabbix agent 2 with loadable plugins
- changed global script name validation to include menu path in its scope of uniqueness check
- fixed HttpRequest limit in JavaScript being reached even if all objects are destroyed
Changes for 6.2.8
- fixed data sending to Zabbix server from Zabbix agent2 persistent buffer
- implemented API token authentication in user.checkAuthentication method
- added support of PHP 8.2
- fixed selects of history, trends blocking drop_chunks and housekeeping
- fixed success message when disabling hosts in host groups
- fixed the crash in calculated items when using tag filter on 32-bit systems
- optimized JSONPaths in the Nginx Plus template
- fixed discover status not being updated for templated graph prototype
- fixed misplaced error messages in the edit forms for host groups and template groups
- fixed template dashboard availability to users without permissions to the templates
- fixed Zabbix server crash appearing when only item tags change between LLD runs
- optimized Nginx Plus by HTTP template to spread the load across worker porcesses
- added the cookie engine to HTTP checks
- optimized Remote Zabbix server health template to spread the load across worker processes, updated descriptions
- optimized Zabbix server health template to spread the load across worker processes, updated descriptions
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
The original download location, jfrog's artifactory stopped
providing any kind of free service, and the source code is not
downloadable anymore.
The project however has an official github repository also -
change the SRC_URI to this to make it work again.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
The old repository was moved to a new freedesktop gitlab instance,
causing fetching faulres.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
The previous repository was moved to freedesktop's gitlab instance,
and was causing fetching failures.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Pick patches according to oe-core patch for this CVE in wpa-supplicant.
Leave out commit which patched only files not present in hostapd.
Note that Debian just picked the last commit (actually fixing the CVE)
and removed not-applicable parts, but it is probably better to be
consistent with oe-core status.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
This is a header only package. It may be useful to the native machine
but it is definitely useful for the nativesdk machine.
Signed-off-by: Randolph Sapp <rs@ti.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
* According to latest comment [1] and the mentioned pull request [2],
build an ENABLE(WEBASSEMBLY) && !ENABLE(JIT) configuration is
supported, so original issue already fixed in current version, the
EXTRA_OECMAKE setting is not needed anymore.
* This EXTRA_OECMAKE setting causes following configure error on
beaglebone-yocto, remove the setting to let the configure process
decide the configuration:
CMake Error at Source/cmake/WebKitFeatures.cmake:312 (message):
ENABLE_JIT conflicts with ENABLE_C_LOOP. You must disable one or the other.
[YOCTO #15254]
[1] https://github.com/WebKit/WebKit/pull/17447
[2] https://github.com/WebKit/WebKit/pull/17688
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Poppler ia a library for rendering PDF files, and examining or
modifying their structure. A use-after-free (write) vulnerability
has been detected in versions Poppler prior to 25.10.0 within the
StructTreeRoot class. The issue arises from the use of raw pointers
to elements of a `std::vector`, which can lead to dangling pointers
when the vector is resized. The vulnerability stems from the way that
refToParentMap stores references to `std::vector` elements using raw
pointers. These pointers may become invalid when the vector is resized.
This vulnerability is a common security problem involving the use of
raw pointers to `std::vectors`. Internally, `std::vector `stores its
elements in a dynamically allocated array. When the array reaches its
capacity and a new element is added, the vector reallocates a larger
block of memory and moves all the existing elements to the new location.
At this point if any pointers to elements are stored before a resize
occurs, they become dangling pointers once the reallocation happens.
Version 25.10.0 contains a patch for the issue.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-52885
Upstream patch:
https://gitlab.freedesktop.org/poppler/poppler/-/commit/4ce27cc826bf90cc8dbbd8a8c87bd913cccd7ec0
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Changelog:
6.2.19:
(CVE-2025-32023) Fix out-of-bounds write in HyperLogLog commands
(CVE-2025-48367) Retry accepting other connections even if the accepted connection reports an error
6.2.20:
(CVE-2025-49844) A Lua script may lead to remote code execution
(CVE-2025-46817) A Lua script may lead to integer overflow and potential RCE
(CVE-2025-46818) A Lua script can be executed in the context of another user
(CVE-2025-46819) LUA out-of-bound read
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1a22715b82)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-26623
Apply the first to PRs from the relevant issue.
(The second PR adds a test, and the 3rd PR tries to reimplement
correctly the feature that introduced the vulnerability:
it is switching some raw pointers to smart pointers. It was not picked
because the
1. In the original issue it is stated that the first PR itself
fixes the vulnerability
2. The patch doesn't apply clean due to the time gap between our
and their version
3. The behavior of the application does not change
)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
(cherry picked from commit 7907a3e206)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
This removes false positive CVE-2024-21485 from cve reports.
$ sqlite3 nvdcve_2-2.db
sqlite> select * from products where product = 'dash';
CVE-2009-0854|dash|dash|0.5.4|=||
CVE-2024-21485|plotly|dash|||2.13.0|<
CVE-2024-21485|plotly|dash|2.14.0|>=|2.15.0|<
Our dash:dash did not reach major version 1 yet.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e1427013e0)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Gyorgy Sarvari
Etienne Cordonnier
Peter Marko
Ankur Tyagi
Vijay Anusuri
Randolph Sapp
Praveen Kumar
Divya Chellam
Hitendra Prajapati
Jiaying Song
Yogita Urade
Saravanan
Yi Zhao
Ninette Adhikari
Khem Raj