Update status for:
CVE-2016-7534, CVE-2016-7535, CVE-2016-7536, CVE-2016-7537, CVE-2016-7538, CVE-2017-5506, CVE-2017-5509, CVE-2017-5510, CVE-2017-5511, CVE-2007-1667
CPE is incorrect, the current version (7.1.1) is not affected.
Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
libee had been used by rsyslog but the library never relly panned out.
It has been declared to be obsolete:
Early versions of rsyslog and liblognorm used it for representing structured content.
However, this is long gone. We do not know of any other user. So libee should be of
no further interest and is provided here solely for historical reasons.
https://github.com/rsyslog/libee
Also remove references to libee in:
meta-oe/conf/include/ptest-packagelists-meta-oe.inc
meta-oe/recipes-core/packagegroups/packagegroup-meta-oe.bb
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Following warning occurs when building with ptests enabled:
WARNING: cjson-1.7.17-r0 do_package_qa: QA Issue: File /usr/lib/cjson/ptest/CTestTestfile.cmake in package cjson-ptest contains reference to TMPDIR
File /usr/lib/cjson/ptest/tests/CTestTestfile.cmake in package cjson-ptest contains reference to TMPDIR
File /usr/lib/cjson/ptest/fuzzing/CTestTestfile.cmake in package cjson-ptest contains reference to TMPDIR [buildpaths]
The cmake files also contain full paths to original CMakeLists.txt file
in _BACKTRACE_TRIPLES property;
These are not needed for successful ptests as we don't install the
CMakeLists.txt files anyway.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
* Avoid FP overflow in NormEvidenceOf
* Small build fixes and code improvements
* Fix setup of datadir on installations with Conda
* Fix FP exception in Wordrec::angle_change
* Build fixes, code refactoring and other smaller changes.
* Fix grey result of indexed PNG in pdfrenderer.
* Rename frk -> deu_latf (ISO 639-3, ISO 15924).
* Remove broken Dockerfile.
* Fixes for several issues reported by Coverity Scan.
* Remove unsupported OpenCL code and related API functions
* Facilitate vectorization for generic build
* Add PAGE XML renderer / export
* Support training without lstmf files.
* Improve CCUtil::main_setup (fixes issue #4230 related to Coda).
* Allow for text angle/gradient to be retrieved
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
* Rewrite a recursive function to be iterative in linearization to
enable more complex files to be linearized, especially on Windows.
* Avoid non-standard use of 'std::basic_string_view'.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
License-Update: Copyright year updated to 2024.
Changelog:
============
* 1.15.0 will be the last release to support OpenSSL 1.1.
* bio, credman: improved CTAP 2.1 support.
* hid_osx: fix issue where fido_hid_read() may block unnecessarily
* fido2-token -I: print maxcredbloblen.
* hid_linux: improved support for uhid devices.
* New API calls:
- fido_cred_set_attobj;
- fido_cred_x5c_list_count;
- fido_cred_x5c_list_len;
- fido_cred_x5c_list_ptr.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
- Add launchable tag in io.github.gtkwave.GTKWave.metainfo.xml.
- Fix memory leak on name in build_hierarchy_array().
- Fix memory leak in ptranslate/ttranslate.
- Fix case of missing newline at EOF for VCD loaders.
- Add escape handling state machine for vars in FST loader.
- Remove escape check on coalesce in FST loader.
- CreateFileMapping() warning fix for win32 compiles.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Chanelog:
==========
- Fix relinking issue
- README.rst: fix typos
- Add initial EditorConfig support
- .gitignore: ignore ctags generated tags file
- tests:conacc: Add a test for a connection failure
- conacc: Null the connection data if the connection fails
- Fix a compile error when GCC atomics are off
- tools:gtlsshd: Add handling of accepter parmlog events
- tools:agwpe: Fix missing nil termination and uninitialized variable
- Fix some formatting in the README
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- Added ability to write Google Container XMP tags (using the namespace prefix
'GContainer' to avoid conflict with the Google Device Container prefix)
- Decode a few new tags for the Canon EOS R5
- Decode battery information for the Pentax K-3 III
- Decode RAFCompression from FujiFilm RAF images
- Avoid reporting FileSize of 0 for pipes
- Updated Geolocation databases from current geonames.org files
- Skip over Matroska Cluster if necessary to read Tags if referenced in
SeekHead
- Changed conversion for Matroska SeekID (now in hex with tag name in
brackets) and SeekPosition (now returns an absolute offset)
- Fixed problem writing XMP-Device:EarthPos coordinates
- Fixed typo in a value of Canon:DigitalLensOptimizer
- Fixed decoding of Matroska VideoScanType
- Fixed misleading error message when -o option was used to write to an
unsupported file type
- Added a new value for a couple of Olympus tags
- Improved handling of ID3 user-defined tags
- Decode all JPEG segments from RICO box in Ricoh MOV videos
- Decode a few new values for some tags written by Canon EOS R cameras
- Patched some Olympus WB_RBLevels tags to allow 4 values to be written as per
some newer models
- Fixed issue when writing IPTC date tags with a date/time value containing
subseconds with 4 or more digits
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
+ modify configure script to ease deprecation of libtool-bin package
+ update dialog.map, dialog.sym for 2023/10/02 changes.
+ improve dialog-config.in,
+ suppressing several special cases of linker options, and
+ adding support for --cflags-only-I, --cflags-only-other
+ fix a few cppcheck warnings
+ improvements to NLS configuration.
+ add configure check for PIC vs PIE, needed for linking to libraries
which lack pkg-config scripts to specify LDFLAGS.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
* Do not allow formatting LUKS2 with Opal SED (hardware encryption)
* Fixes to wiping LUKS2 headers after Opal locking area erase.
* Mention the need for possible PSID revert before Opal format for some
drives (man page).
* Fix Bitlocker-compatible code to ignore newly seen metadata entries.
* Fix interactive query retry if LUKS2 unbound keyslot is present.
* Detect unsupported zoned devices for LUKS header devices.
* Allow "capi" cipher format for benchmark command and fix parsing
of plain IV in "capi" format.
* Add support for HCTR2 encryption mode.
* Source code now uses SPDX license identifiers instead of full
license preambles.
* Fix missing includes for cryptographic backend that could cause
compilation errors for some systems.
* Fix tests to work correctly in FIPS mode with recent OpenSSL 3.2.
* Fix various (mostly false positive) issues detected by Coverity.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Remove outdated comment
- Switch to git fetcher. Otherwise the official download location leads to:
WARNING: exiv2-0.28.2-r0 do_recipe_qa: QA Issue: exiv2: SRC_URI uses unstable GitHub/GitLab
archives, convert recipe to use git protocol [src-uri-bad]
- Remove reproducibility hack. Theres no buildpath leakage in exiv2Config.cmake
anymore.
Changes from version 0.28.1 to 0.28.2
-------------------------------------
Release Notes:
* https://github.com/Exiv2/exiv2/issues/2914
* https://github.com/Exiv2/exiv2/milestone/13?closed=1
This release also fixes two low-severity security issues in quicktimevideo.cpp:
* [CVE-2024-24826](https://github.com/Exiv2/exiv2/security/advisories/GHSA-g9xm-7538-mq8w):
out-of-bounds read in QuickTimeVideo::NikonTagsDecoder.
* [CVE-2024-25112](https://github.com/Exiv2/exiv2/security/advisories/GHSA-crmj-qh74-2r36):
denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder.
These vulnerabilities are in a new feature (quicktime video) that was added in version 0.28.0,
so earlier versions of Exiv2 are not affected.
Changes from version 0.28.0 to 0.28.1
-------------------------------------
Release Notes:
https://github.com/Exiv2/exiv2/issues/2813
This release also fixes [CVE-2023-44398](https://github.com/Exiv2/exiv2/security/advisories/GHSA-hrw9-ggg3-3r4r),
an out-of-bounds write in `BmffImage::brotliUncompress`. The vulnerability is in new code that was added in
version 0.28.0, so earlier versions of Exiv2 are not affected.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fix the warning by pointing S to ${WORKDIR}/sources and UNPACKDIR to ${S}. Since recent UNPACKDIR work, default S directory is not created anymore. By setting UNPACKDIR to S, S in indirectly created in do_unpack.
Signed-off-by: alperak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
magic-enum is a header-only C++17 library provides static reflection
for enums, works with any enum type without any macro or boilerplate
code.
Signed-off-by: Ricardo Simoes <ricardo.simoes@pt.bosch.com>
Signed-off-by: Mark Jonas <mark.jonas@de.bosch.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* with multilib lib32-lvgl installs all headers except lv_conf.h into:
${includedir}/lvgl only lv_conf.h ends in ${includedir}/lib32-lvgl/
which is wrong and not included in any includepaths:
$ cat lib32-lvgl/9.1.0/image/usr/lib32/pkgconfig/lvgl.pc
prefix="/usr"
includedir="${prefix}/include/lvgl"
libdir=${prefix}/lib
Name: lvgl
Description: Light and Versatile Graphics Library
URL: https://lvgl.io/
Version: 9.1.0
Cflags: -I${includedir}
Libs: -L${libdir} -llvgl
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Remove the CXX flag "-O2" for GCC 13 and 14. There's a bug with ARM GCC
that breaks the iteration of "types" in the createMeshShaderMiscTestsEXT
function. This issue is not present for clang or x86_64 GCC 14.
It seems that the array is not initialized before the first iteration.
In testing this can result in a random value being used. This can
manifest in LINES type being processed twice, resulting in the following
error:
FATAL ERROR: Failed to initialize dEQP: Test case with non-unique name
'no_lines' added to group 'misc'.
Signed-off-by: Randolph Sapp <rs@ti.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This change consolidates the output format of the ptest command
into a single common format.
The format selected is the automake "simple test" format:
"result: testname"
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This is cleaner way how to package unversioned libraries
which was suggested during review of the last commit.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Some packages require to activate LVGL_CONFIG_LV_USE_GRIDNAV, so let
configure it.
Signed-off-by: Stefano Babic <sbabic@denx.de>
Reviewed-by: Marek Vasut <marex@denx.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Attempting to install nvme-cli on a read-only system fails because of
the post-install script that creates /etc/nvme/hostnqn and hostid.
These files aren't actually needed for 99% of nvme-cli functionality.
Split the postinstall into a separate package, nvme-cli-user and also
move the unwanted util-linux-uuidgen dependency to that package.
This allows to install and use nvme-cli on a read-only rootfs. If
someone wants to run nvme-stas it will need a dependency on nvme-cli-user
to create the files.
Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Ninette Adhikari
alperak
Wang Mingyu
Randy MacLeod
Peter Marko
Anuj Mittal
Markus Volk
Neel Gandhi
Khem Raj
Soumya Sambu
Etienne Cordonnier
Benjamin Szőke
Vijay Anusuri
Ricardo Simoes
Alexander Kanavin
Martin Jansa
Randolph Sapp
Zhang Peng
Yoann Congal
Stefano Babic
Sven Fischer
Nikhil R
Mike Looijmans