Upgrade to release 13.42:
- Added warning if tag arguments come before -csv= or -json= in
a command
- Added a new CanonModelID and RFLensType (thanks Norbert Wasser)
- Added ability to read XML as a block from Sony MP4 videos
- Added "EOS" to the R5 Mark II CanonModelID string
- Decode ReEditData in Samsung trailer
- Decode a couple more Sony rtmd tags from MP4 videos
- Tolerate some types of trailer corruption as caused by Samsung
Gallery
- Restrict decoding of MetaImageSize to HEIC files only
- Fixed issue writing Keys tags to Sony PMW-EX1R videos
- Fixed behaviour of CSV/JSON import when specifying tags to import
into an existing list, or when importing ValueConv values (ie.
"TAG#"), or when specifying a group name of "All"
This work was sponsored by GOVCERT.LU.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Some post-processing options require an argument, otherwise a segfault
will occur:
root@qemux86-64:~# rasdaemon -p --status --ipid
Segmentation fault (core dumped) rasdaemon -p --status --ipid
Backport a patch to fix this issue.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
[snip of Makefile]
# bison will create both sqlhist.tab.c and sqlhist.tab.h
sqlhist.tab.h:
sqlhist.tab.c: sqlhist.y sqlhist.tab.h
bison --debug -v --report-file=bison.report -d -o $@ $<
[snip]
sources of libtracefs is fetched by git, the mtime of sqlhist.y,
sqlhist.tab.c is random. so sometimes, sqlhist.tab.c is regenerated,
sometimes, sqlhist.tab.c in original sources in used. bison used to
gernerate sqlhist.tab.c by upstream libtracefs maybe has different
version with the build host one. This make the final libtracefs.so not
reproducible. This fix touch sqlhist.tab.c to make it has the newest
mtime, and sqlhist.tab.c is not regenerated during build.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
There is a timezone related ptest that fails using musl-libc.
This has been reported to the mariadb developers[1], who came up with
the backported patch that's the subject of this change.
This patch skips the timezone related tests with musl, in case the
testcase uses a timezone that behaves differently with musl than on
other platforms.
[1]: https://jira.mariadb.org/browse/MDEV-38029
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 3.4.0:
- bd_nvme_connect() now defaults to port 4420 or 8009 for discovery
NQN respectively when
- configure.ac: fix bashism
- smart: Use drive self-assessment as an overall status
- nvme: Default to well-known tr_svcid values when not specified
- nvme: Handle memory allocation failures from _nvme_alloc()
- crypto: Add a function to set persistent flags for LUKS
- tests: Various minor mptovements
Drop CVE-2025-6019.patch because the change has been merged in
the upstream and it is included in version 3.4.0.
This work was sponsored by GOVCERT.LU.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
According to [1][2], generate phar.php during cross-compile can't be
done, but upstream test res of $(TEST_PHP_EXECUTABLE) is not suitable
for Yocto.
Explicitly set TEST_PHP_EXECUTABLE_RES = "1" to not generate phar.php
for target recipe
Drop 0005-sapi-cli-config.m4-fix-build-directory.patch which is obsolete
for generating phar.php
After apply this commit
...log.do_compile...
Generating phar.php
Skipping phar.php generating during cross compilation
Generating phar.phar
Skipping phar.phar generating during cross compilation
...log.do_compile...
Then php supports reproducible build
[1] https://github.com/php/php-src/issues/11099
[2] 93fa9613e1
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-checkpc-Do-not-define-Mail_fd-multiple-times.patch
removed since it's included in 3.9.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
### Changed
- Internal timing operations now use 'clock()' on all platforms (previously this
was only used on Windows). This should result in more accurate timing in
verbose informational messages.
- Building Graphviz with expat < 2.2.8 is no longer supported on MinGW.
### Fixed
- 'diffimg' now notices failures when calling Ghostscript to convert PS images
to PNG and exits instead of continuing.
- 'dtstat' no longer reads/writes out of bounds memory on platforms where
'sizeof(int) < sizeof(size_t)'. This was a regression in Graphviz 7.0.1.
- Some incorrect variable types in the libcdt man page have been corrected.
- 'gvgen' no longer triggers Undefined Behavior when asked to generate a binary
tree with depth >= 32 (e.g. 'gvgen -t32').
- 'gvgen' no longer triggers Undefined Behavior when asked to generate a
hypercube with depth >= 32 (e.g. 'gvgen -h32').
- A null pointer dereference in edge pair analysis within the circo algorithm
has been fixed.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ChangeLog:
==========
build: avoid a warning when configured with --disable-multibuffer
bump version numbers and add a news item for the 8.7 release
display: regenerate the screen after a resize during a spell check
display: regenerate the screen only before and after waiting for input
display: upon resize, redraw the subwindows only when fully initialized
docs: add example of copy-to-clipboard-with-OSC52 to the sample nanorc
docs: mention that `execute` can pipe buffer or region to the command
gnulib: update to its current upstream state
moving: prevent a negative relative jump from going beyond top of buffer
new feature: execute a command without capturing the output
startup: register the handler for SIGWINCH much earlier
text: when blanking a line due to --autoindent, keep the mark in sync
tweaks: improve a few comments, drop one, and unwrap some lines
tweaks: improve the punctuation of one item in the sample nanorc
tweaks: replace a remaining double dash with a true emdash
tweaks: reshuffle some #ifdefs, and rename a function
tweaks: unwrap three lines, for esthetics
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Remove 0001-scripts-common.m4-Insert-spaces-in-shell-lists.patch as it was merged in upstream.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
core:
* NSS Signatures: Tweak the logic that decides which firefox profile to use
* NSS Signatures: call PORT_GetError() only if the preceding CERT_PKIXVerifyCert() fails
* Splash: Performance improvements
* Fix crashes in malformed documents
glib:
* Fix ocsp check for signatures validation
* Fix warning when running glib-mkenums
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
There are multiple vendors for yasm:
$ sqlite3 ./nvdcve_2-2.db "select distinct vendor, product from products where product = 'yasm';"
tortall|yasm
yasm_project|yasm
Both products refer to the same application
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
There are some unrelated software called "links", which cases
false-positive CVEs to be reported by the CVE checker.
Set the vendor/product pairs that were historically used with
CVEs for this software.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Details: https://nvd.nist.gov/vuln/detail/CVE-2015-3243
The issue is about file permissions: by default rsyslog creates world-readable
files. In case a log message contains some sensitive information, then that's
exposed to every user on the system.
However the rsyslog.conf file that is shipped with the recipe solves it: it
already sets non-world-readable default permissions on all files, so this
vulnerability is fixed in the default OE recipe.
See also this package in OpenSuse[1], where it is solved the same way.
[1]: https://build.opensuse.org/requests/619439/changes (rsyslog.conf.in)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
