Fixes
======
- Added missing <cstdint> includes.
- Fixed suppression of empty variadic macro arguments warning on Clang <19.
- Fixed catch_discover_tests failing during PRE_TEST discovery if a target does
not have discoverable tests.
- Fixed build of the main library failing with CATCH_CONFIG_PREFIX_ALL defined.
- JUnit reporter outputs single failed (errored/skipped) assertion per test
case.
Improvements =============
- The default implementation of --list-tags and --list-listeners has a quiet
variant.
- Suppressed the new Clang warning about __COUNTER__ usage.
- Line-wrapping counts utf-8 codepoints instead of bytes.
- Combining character sequences are still miscounted, but Catch2 does not aim
to fully support Unicode.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
There is a bug (see https://github.com/jqlang/jq/issues/434), which
results in an empty version being used if autoreconf is run on the jq
sources when using a release tar ball. The incorrect assumption is that
autoreconf is only used when fetching the code using Git.
The empty version results in an incorrect libjq.pc file being created
where the version is not set, which results in, e.g.,
`pkgconf --libs 'libjq > 1.6'` failing even if version 1.8.1 of jq is
actually installed.
Switch to fetching the code using Git to workaround the bug.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Here is the setting in bcc recipe:
COMPATIBLE_HOST = "(x86_64.*|aarch64.*|powerpc64.*|riscv64.*)-linux"
bcc only support 64 bit arch, so add it into NON_MULTILIB_RECIPES
to avoid expanding lib32- variant
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
It is a new feature in 1.15.0, enabled upstream by default.
It is part of Foundation library.
So this makes it possible to disable it.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Add patch which was also submitted upstream to quill.
Poco should get it when they update quill component.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
gkt-doc build uses the deprecated gtkdoc-mktmpl tool, which was dropped by upstream
in version 1.26 of gtk-doc and fails if 'api-documentation' is in DISTRO_FEATURES.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Current code fails to parse meta-oe layer for machine with unsupported
architecture.
This is too restrictive as it requires downstream layers to play tricks
with masking the recipe. Usual way is to skip the recipe instead.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Contains fix for CVE-2026-34610 (which is however tracked without
a version by NVD, so it is marked as patched explicitly)
Changelog:
- Offer a means to select the AES-C constant time / S-Box
implementation via lc_init API
- use the AES-C constant time implementation by default - it is
about 3 times slower than the AES-C S-Box implementation, but
more secure. As the leancrypto library is about secure by default,
the CT implementation is just right. Furthermore, if a caller
wants to have the faster AES-C S-Box, he can call
lc_init(LC_INIT_AES_SBOX) at the beginning.
- X.509: fix security issue (CVE-2026-34610)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The CVE is tracked by NVD without version info. It's description
confirms that it is fixed in version 1.6.17.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Contains fixes for CVE-2026-35580 and CVE-2026-35582
Changelog: https://botan.randombit.net/news.html#version-3-11-1-2026-03-31
-CVE-2026-35580: Resolve certificate verification bypass bug introduced in 3.11.0
-CVE-2026-35582: Resolve TLS 1.3 client authentication bypass
-Add optimized Argon2 implementation using AVX512
-Add optimized and constant-time Twofish implementation using AVX512/GFNI
-Add optimized and constant-time SEED implementation using AVX512/GFNI
-Add optimized and constant-time Whirlpool implementations using AVX2 and AVX512
-Add SSSE3/NEON and AVX2 optimized codepaths for CTR
-Add constant time implementations of Camellia, ARIA, SEED and SM4 using
AES-NI or ARMv8 AES instructions to implement sbox lookups
-Improve performance of the AVX512 implementation of SHA-512 especially for Clang
-Optimizations for the IDEA modular multiplication
-Fix various minor TLS conformance issues flagged by TLS-Anvil
-Fix bug in Ed25519 where an invalid signature checked with PK_Verifier
might cause a later valid signature to be rejected.
-Fix a bug in handling of ECDSA DER-encode signatures where an invalid
signature checked with PK_Verifier might cause a later valid signature to be rejected.
-Fix a problem introduced in 3.11.0 which could cause crashes on processors without
SSSE3 support, particularly when compiled by GCC.
-Fix various new warnings from clang-tidy 22
-Fix a compilation error introduced in 3.11.0 which prevented using ffi
unless bcrypt was also enabled.
-Avoid a macro collision with Microsoft headers that could cause a compilation
problem in amalgamation mode.
-Enable explicit_bzero, getentropy, getrandom on Hurd
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Fixes errors e.g.
error: assigning to 'char *' from 'const char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
131 | dot = strrchr(filename, '.');
| ^ ~~~~~~~~~~~~~~~~~~~~~~
1 error generated.
They are latent and brought to fore with autoconf 2.73 which switches
defaults to use -std=gnu23
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The directx-headers dependency is no longer required and got removed
from CMakeLists.txt
Signed-off-by: Tafil Avdyli <tafil@tafhub.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
===========
- TTF security fixes
- Fix#334 - HPDF_FAILD_TO_ALLOC_MEM missing
- Compatibility with Higher version of Delphi
- Remove restriction on user password to be different from owner password
- Fix various typos
- Fix Build error for Win32 (x86) due to modifier mismatch #350
- CMakeLists.txt: install docs and bindings to DOCDIR
- Adapt CMake scripts for WebAssembly compilation
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
============
- Git PR #673: Fix warning for non clang builds on linux
- Git Issue #675: std::chrono conversion does not compile with libc++
- Git PR #679: Fix double colon in url generator
- Git PR #680: Added missing space after "found" in maximum_validator
- Git PR #685: optimize semantic_tag::noesc write_string
- Git PR #687: jmespath: allow rhs_expression in a keyvalue - expression
- Git PR #688,#689: jmespath: where possible without losing information,
- store the result of ceil and floor as basic_json integer values
- rather than double values.
- Added toon-format extension
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Improvements
=============
error_on_missing_array_elements option
Glaze vs Boost.Beast HTTP server benchmarks and optimizations
custom optional support
Add clang-cl CI workflow
Make REST router more like a map and allow overwriting routes
Fixes
======
YAML fix for generic_u64 and generic_i64
format_context to support specifying YAML in opts format field
glz::patch support for all glz::generic_ types
Avoid erroring on nullable value types
Fix GNU-style flag passing to MSVC frontend
Nullable value write skipping
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
0001-Fixed-swig-host-contamination-issue.patch
refreshed for 4.1.4
Changelog:
===========
- Update syscalls and io_uring tables for the 7.0 kernel
- Code cleanups
- Avoid blocking auditd while handling disk space alerts
- Tighten auditctl permission checks and rule deletion handling
- Fix ausearch and auparse parsing for several newer record types
- Prevent queue resize races in audisp and oversize records in af_unix
- Fix memory safety issues in auparse and the audisp filter plugin
- Improve reliability of audisp-remote, auplugin, and the ids plugin
- Fix stats collection and parsing in the audisp-statsd plugin
- Refresh ausearch and aureport man pages
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Drop patch that was merged upstream.
License update: a copyright line was removed. The license is still MIT.
Changes:
Version 6.1.2
=============
Code Fixes
----------
* Fix for low-severity CVE-2026-23868 affecting gifponge, giftool, and gifbuild,
but not the core library - library clients need not be alarned.
Version 6.1.1
=============
This release bumps the major version, but only one entry point -
EGifSpew() - has changed signature and behavior (in order to be able
to pass out a detailed error code). The internal error
codes in the E_GIF_ERR series have changed value so none of them
collides with GIF_ERROR.
This code has been systematically audited and hardened wuth
ChatGPT-5.2. The only library fixes reported by users or found by
robot were for some memory leaks that could only triggered by severely
malformed GIFs. Other bugs are edge-case failures in the CLI tools.
The gif2rbg CLI tool has been moved to the "obsolete" bin, because its
only deployment case in 2026 is as a piñata at fuzzer parties.
Warning: the CLI tools in the obsolete category will soon be removed
from the distribution entirely. The maintainer is tired of fielding
junk bugs filed against them by would-be coup-counters who found yet
another edge case, and the rest of the world doesn't need noisy CVEs
that aren't actually DoS or security issues for giflib clients.
Code Fixes
----------
* Fix for CVE-2021-40633.
* Fix SF bug #165 EGifSpew leaks GifFileOut->SColorMap
* Fix SF bug #171 ImageMagick required to build giflib on non-Darwin Platforms
* Fix SF bug #172 Incorrect object files in shared libutil on darwin
* Fix SF bug #173 installation of manual pages and html documentation
* Fix SF bug #175 Memory leaks in gifecho.c's main() and in gifalloc.c's GifMakeMapObject
* Fix SF bug #177 wrong pointer used in giftool getbool
* Fix SF bug #179 Path Traversal vulnerability
* Fix SF bug #180: -Wformat-truncation likely pointing out an actual bug
* Fix SF bug #182 out‐of‐bounds writes in Icon2Gif
* Fix SF bug #184 uninitialized buffer in DumpScreen2RGB
* Fix SF bug #185 integer overflow in gifbg.c
* Fix SF bug #186 integer overflow in Icon2Gif
* Fix SF bug #187: CVE-2025-31344
* Fix SF bug #170 Tests failing on Ubuntu Noble, giftext buffer overflow
* Fix SF bug #165 EGifSpew leaks GifFileOut->SColorMap
* Fix SF bug #162 detected memory leaks in GifMakeSavedImage giflib/gifalloc.c
* Fix SF bug #161 detected memory leaks in EGifOpenFileHandle giflib/egif_lib.c
* Fix SF bug #142 ABI break public symbol GifQuantizeBuffer
Other bugs that duplicate these have breen addressesed by these fixes
* SF bug #156 EGifSpew leaks SavedImages (and more); won't fix, caller
might want to write a GIF, modify the in-memory data, then write
again.
Tests
-----
Test suite now emits TAP (Test Anything Protocol).
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
- Switched to a new versioning scheme: 1.0.13 -> 2.00
- Reworked CAN interface handling by migrating to the CANvenient abstraction layer
- Improved/updated auto-completion using isocline
- Various bug fixes
Signed-off-by: Michael Fitzmayer <mail@michael-fitzmayer.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
- Add versioning
- New version to be able to use a proper version tag
in the Yocto recipe
Signed-off-by: Michael Fitzmayer <mail@michael-fitzmayer.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
- reverted the custom-on-fail discard value behavior so that it now correctly
discards the value instead of resetting the error state and recalculating dependent items
- added possibility to switch SSO user on internal login failures
- improved trigger-related postprocessing after configuration cache sync
- fixed graph rendering for items using throttling
- updated man page and help message for zabbix_js
- improved Device status mapping and added trigger for Meraki template
- updated maximum supported TimescaleDB version to 2.25
- fixed script macros expanding via Zabbix proxy during autoregistration
- fixed dependent item error message clearing in preprocessing
- fixed incorrect filter being applied when switching subfilters in multiple tabs
in Data collection->Hosts->Items, Monitoring->Hosts->Graphs
- fixed regexp runtime error when processing log* items with unspecified encoding
by sanitizing invalid UTF-8
- fixed inability to delete host, user, or template groups when accordingly hosts,
users, or templates belonging to them were previously deleted in parallel requests
- improved Teams Workflow webhook to use ALERT.SENDTO macro
- fixed redirect link when deleting host or template from item or item prototype list
- fixed snmp cache housekeeping not to interrupt scheduling
- fixed system.run not terminating commands correctly on Zabbix agent 2
- fixed showing some selected value by default for Map navigation tree
widget if listener does not exist
- fixed multiple event generation not to generate changelog entries on new events
- fixed compilation of Zabbix agent on HP-UX 11.23 (ia64)
- fixed "daylight saving time" error for scheduled reports
- fixed inability to return "not supported" via user parameters
- fixed discovery uniqueness criteria bug
- updated documentation links for Create template group and Create host group
- fixed checkboxes "SSL verify peer" and "SSL verify host" not being selected
when corresponding label is clicked in media type form
- fixed message box display bug in Monitoring problems page
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Fix following error when multilib is used.
configure: WARNING: using cross tools not prefixed with host triplet
checking pkg-config is at least version 0.9.0... yes
configure: error: cannot find pkg-config package for libpcre
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Wang Mingyu
Changqing Li
Peter Kjellerstedt
Harish Sadineni
Pascal Bach
Peter Marko
Markus Volk
Liu Yiding
Etienne Cordonnier
Zheng Ruoqin
Gyorgy Sarvari
Khem Raj
Ayoub Zaki
Tafil Avdyli
Jason Schonberg
Michael Fitzmayer