Drop patch that was merged upstream.
License update: a copyright line was removed. The license is still MIT.
Changes:
Version 6.1.2
=============
Code Fixes
----------
* Fix for low-severity CVE-2026-23868 affecting gifponge, giftool, and gifbuild,
but not the core library - library clients need not be alarned.
Version 6.1.1
=============
This release bumps the major version, but only one entry point -
EGifSpew() - has changed signature and behavior (in order to be able
to pass out a detailed error code). The internal error
codes in the E_GIF_ERR series have changed value so none of them
collides with GIF_ERROR.
This code has been systematically audited and hardened wuth
ChatGPT-5.2. The only library fixes reported by users or found by
robot were for some memory leaks that could only triggered by severely
malformed GIFs. Other bugs are edge-case failures in the CLI tools.
The gif2rbg CLI tool has been moved to the "obsolete" bin, because its
only deployment case in 2026 is as a piñata at fuzzer parties.
Warning: the CLI tools in the obsolete category will soon be removed
from the distribution entirely. The maintainer is tired of fielding
junk bugs filed against them by would-be coup-counters who found yet
another edge case, and the rest of the world doesn't need noisy CVEs
that aren't actually DoS or security issues for giflib clients.
Code Fixes
----------
* Fix for CVE-2021-40633.
* Fix SF bug #165 EGifSpew leaks GifFileOut->SColorMap
* Fix SF bug #171 ImageMagick required to build giflib on non-Darwin Platforms
* Fix SF bug #172 Incorrect object files in shared libutil on darwin
* Fix SF bug #173 installation of manual pages and html documentation
* Fix SF bug #175 Memory leaks in gifecho.c's main() and in gifalloc.c's GifMakeMapObject
* Fix SF bug #177 wrong pointer used in giftool getbool
* Fix SF bug #179 Path Traversal vulnerability
* Fix SF bug #180: -Wformat-truncation likely pointing out an actual bug
* Fix SF bug #182 out‐of‐bounds writes in Icon2Gif
* Fix SF bug #184 uninitialized buffer in DumpScreen2RGB
* Fix SF bug #185 integer overflow in gifbg.c
* Fix SF bug #186 integer overflow in Icon2Gif
* Fix SF bug #187: CVE-2025-31344
* Fix SF bug #170 Tests failing on Ubuntu Noble, giftext buffer overflow
* Fix SF bug #165 EGifSpew leaks GifFileOut->SColorMap
* Fix SF bug #162 detected memory leaks in GifMakeSavedImage giflib/gifalloc.c
* Fix SF bug #161 detected memory leaks in EGifOpenFileHandle giflib/egif_lib.c
* Fix SF bug #142 ABI break public symbol GifQuantizeBuffer
Other bugs that duplicate these have breen addressesed by these fixes
* SF bug #156 EGifSpew leaks SavedImages (and more); won't fix, caller
might want to write a GIF, modify the in-memory data, then write
again.
Tests
-----
Test suite now emits TAP (Test Anything Protocol).
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
- Switched to a new versioning scheme: 1.0.13 -> 2.00
- Reworked CAN interface handling by migrating to the CANvenient abstraction layer
- Improved/updated auto-completion using isocline
- Various bug fixes
Signed-off-by: Michael Fitzmayer <mail@michael-fitzmayer.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
- Add versioning
- New version to be able to use a proper version tag
in the Yocto recipe
Signed-off-by: Michael Fitzmayer <mail@michael-fitzmayer.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
- reverted the custom-on-fail discard value behavior so that it now correctly
discards the value instead of resetting the error state and recalculating dependent items
- added possibility to switch SSO user on internal login failures
- improved trigger-related postprocessing after configuration cache sync
- fixed graph rendering for items using throttling
- updated man page and help message for zabbix_js
- improved Device status mapping and added trigger for Meraki template
- updated maximum supported TimescaleDB version to 2.25
- fixed script macros expanding via Zabbix proxy during autoregistration
- fixed dependent item error message clearing in preprocessing
- fixed incorrect filter being applied when switching subfilters in multiple tabs
in Data collection->Hosts->Items, Monitoring->Hosts->Graphs
- fixed regexp runtime error when processing log* items with unspecified encoding
by sanitizing invalid UTF-8
- fixed inability to delete host, user, or template groups when accordingly hosts,
users, or templates belonging to them were previously deleted in parallel requests
- improved Teams Workflow webhook to use ALERT.SENDTO macro
- fixed redirect link when deleting host or template from item or item prototype list
- fixed snmp cache housekeeping not to interrupt scheduling
- fixed system.run not terminating commands correctly on Zabbix agent 2
- fixed showing some selected value by default for Map navigation tree
widget if listener does not exist
- fixed multiple event generation not to generate changelog entries on new events
- fixed compilation of Zabbix agent on HP-UX 11.23 (ia64)
- fixed "daylight saving time" error for scheduled reports
- fixed inability to return "not supported" via user parameters
- fixed discovery uniqueness criteria bug
- updated documentation links for Create template group and Create host group
- fixed checkboxes "SSL verify peer" and "SSL verify host" not being selected
when corresponding label is clicked in media type form
- fixed message box display bug in Monitoring problems page
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Fix following error when multilib is used.
configure: WARNING: using cross tools not prefixed with host triplet
checking pkg-config is at least version 0.9.0... yes
configure: error: cannot find pkg-config package for libpcre
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Radiusd fails to start because the openssl legacy provider is no longer
built by default[1]:
$ radiusd -C -X
FreeRADIUS Version 3.2.8
[snip]
(TLS) Failed loading legacy provider
Add PACKAGECONFIG[legacy-openssl] to enable openssl legacy provider
support. When disabled, pass --enable-fips-workaround to configure
instead.
Backport two patches to fix the --enable-fips-workaround option.
[1] https://git.openembedded.org/openembedded-core/commit/?id=a150c3580f7f4962152444272c0fe07cfdb72df5
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changes:
o Fix exploitable buffer overflows in the following ipmi-oem commands:
- ipmi-oem dell get-last-post-code
- ipmi-oem supermicro extra-firmware-info
- ipmi-oem wistron read-proprietary-string
o Support --proxy in ipmiconsole.
o Fix mem-leak within libfreeipmi locate api.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* Use git instead of tarball in SRC_URI.
* Update configuration options.
* Clean up and refresh local patches.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The CVE is now tracked with a version by NVD, it is not needed
to ignore it explicitly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The CVE is now tracked by NVD with a version that is earlier than
the recipe, the vulnerability doesn't show up in the CVE report
anymore.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changes:
* Support Python 3.14
* Fix bug in Levenshtein distance when substitution_cost > 2
* Fix bug in Treebank detokeniser re quote ordering
* Fix bug in Jaro similarity for empty strings
* Several security enhancements
* Fix GHSA-rf74-v2fm-23pw: unbounded recursion in JSONTaggedDecoder
* Implement TextTiling vocabulary introduction method (Hearst 1997)
* Fix ALINE feature matrix errors and add comprehensive tests
* Support multiple VerbNet versions, fix longid/shortid regex for VerbNet ids
* Let downloader fallback to md5 when sha256 is unavailable
* Several other minor bugfixes and code cleanups
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
This CVE is disputed, and it is now tracked with an old version
of the application, it doesn't show up in the CVE report anymore.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Drop patch which is included in this release, and add a patch that
adapts a lua api call to the lua version that is used in OE.
License-Change: the unicode license text has been updated, there should
be no material change. However while examining these changes, I noticed
that some parts of the code are covered by licenses not mentined in the
recipe. It should reflect all licenses now.
Tis version contains fixes fox CVE-2025-59028, CVE-2025-59031, CVE-2026-24031,
CVE-2026-27859, CVE-2026-27860, CVE-2026-27857, CVE-2026-27856 and CVE-2026-27855
Changelog: https://github.com/dovecot/core/blob/main/NEWS
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
1.Changelog
https://github.com/arvidn/libtorrent/releases/tag/v2.0.12
2. Add 0001-Fix-Python3-site-packages-path-to-fix-package-QA-Iss.patch to fix package QA Issue:
libtorrent-rasterbar-2.0.12-r0 do_package: QA Issue: libtorrent-rasterbar: Files/directories were installed but not shipped in any package:
/lib/python3.14/site-packages/libtorrent.so
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Version 1.84.2
--------------
- Closed bugs and merge requests:
* GtkNotebook.pages GListModel is inaccessible from GJS [#686, !992, Philip
Chimento]
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
While in this case `SYSROOT_PREPROCESS_FUNCS:class-target +=` wouldn't
result in any unwanted override, there is no guarantee there won't be a
change, which would be hidden by this override. To avoid any surprises
in the future let's use `:append:class-target =` syntax here.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
While in this case `RPROVIDES:${PN}:class-native +=` wouldn't
result in any unwanted override, there is no guarantee there won't be a
change, which would be hidden by this override. To avoid any surprises
in the future let's use `:append:class-native =` syntax here.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Those LIC_FILES_CHKSUM:class-native(sdk) were actually overriding the
rest of LIC_FILES_CHKSUM.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
It actually overrides value of FILES:${PN} instead of appending.
In this case SDKPATHNATIVE is the prefix so everything was still
working, but let's convert it to a proper conditional append.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
`EXTRA_OECONF:sh4 += "--disable-spinlocks"` was supposed to simply
disable unsupported spinlocks, but was also overriding other
configuration defined in EXTRA_OECONF above.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
While in this case override caused by `EXTRA_OEMESON:class-native +=` is
desirable, the `+=` can be confusing. Let's avoid that and use explicit
assignment.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
While in this case `RDEPENDS:class-target +=` wouldn't result in any
unwanted override, there is no guarantee there won't be a change, which
would be hidden by this override. To avoid any surprises in the future
let's use `:append:class-target =` syntax here.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
While in this case `RRECOMMENDS:class-target +=` wouldn't result in any
unwanted override, there is no guarantee there won't be a change, which
would be hidden by this override. To avoid any surprises in the future
let's use `:append:class-target =` syntax here.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
While in this case `EXTRA_OEMESON:libc-musl +=` wouldn't result in any
unwanted override, there is no guarantee there won't be a change, which
would be hidden by this override. To avoid any surprises in the future
let's use `:append:libc-musl =` syntax here.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
While in this case `RRECOMMENDS:class-target +=` wouldn't result in any
unwanted override, there is no guarantee there won't be a change, which
would be hidden by this override. To avoid any surprises in the future
let's use `:append:class-target =` syntax here.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
While in this case `RDEPENDS:class-target +=` wouldn't result in any
unwanted override, there is no guarantee there won't be a change, which
would be hidden by this override. To avoid any surprises in the future
let's use `:append:class-target =` syntax here.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Isocline is a pure C library that can be used as an alternative to the GNU readline library.
Signed-off-by: Michael Fitzmayer <mail@michael-fitzmayer.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Fixes the below error during do_configure:
../sources/xfce4-session-4.21.1/meson.build:50:21: ERROR: Program '/usr/bin/gdk-pixbuf-csource' not found or not executable
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
When ndiff was disabled by default in 51e070301e ("nmap: disable
ndiff"), the python3 RDEPENDS were left unconditional on the main
package. This causes python3-difflib, python3-asyncio and python3-xml
to be pulled into every image that includes nmap, even though ndiff is
not built and the core nmap binary (C++) does not need Python.
Gate the RDEPENDS behind the ndiff PACKAGECONFIG so that Python is only
required when ndiff is actually enabled.
Signed-off-by: Paolo Barbolini <paolo.barbolini@m4ss.net>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
License-Update: Re-scope secondary licenses [1]
Release information [2]:
This is release 1.80.0 (glimmering) of gRPC Core.
Core
* [ssl] Implement TLS private key signer in Python. (#41701)
* [TLS Credentials]: Private Key Offload Implementation. (#41606)
* Fix max sockaddr struct size on OpenBSD. (#40454)
* [core] Enable EventEngine for Python by default, and EventEngine fork support in Python and Ruby. (#41432)
* [TLS Credentials]: Create InMemoryCertificateProvider to update certificates independently. (#41484)
* [Ruby] Build/test ruby 4.0 and build native gems with Ruby 4.0 support. (#41324)
* [EventEngine] Remove an incorrect std::move in DNSServiceResolver constructor. (#41502)
* [RR and WRR] enable change to connect from a random index. (#41472)
* [xds] Implement gRFC A101. (#41051)
C++
* [C++] Add SNI override option to C++ channel credentials options API. (#41460)
[1] https://github.com/grpc/grpc/commit/fb53717dfa6b264e7f930bb5e9a7e5c86a31ed9e
[2] https://github.com/grpc/grpc/releases/tag/v1.80.0
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changes in 50.0
=================
- Make the Clipboard portal return errors instead of succeeding
- Fix a bug in the Print portal where it was accidentally closing fd 0
- Translation updates
Changes in 50.rc
=================
- Translation updates
Changes in 50.beta
=================
- Update libgxdp
- Remove ellipse from the app chooser list header
- Fix a memory leak in the Print portal implementation
- Fix icon size in the Dynamic Launcher portal
- Various fixes in the Remote Desktop portal
- Fix monitor identification in VMs
- Fix an issue with mismatching GVariant type unwrapping
- Translation updates
Changes in 50.alpha
=================
- Fix a potential source of crashes in the ScreenCast portal code
- Properly send the Global Shortcut activation token to the portal frontend
- Update libgxdp to override GTK settings
- Use a GNOME OS based CI template
- Translation updates
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Gyorgy Sarvari
Michael Fitzmayer
Zheng Ruoqin
Yi Zhao
Anuj Mittal
Adam Duskett
Liu Yiding
Swamil Jain
Changqing Li
Mingli Yu
Michal Sieron
Paolo Barbolini
Peter Marko
Markus Volk