Changelog:
https://github.com/rakshasa/rtorrent/releases/tag/v0.16.2
Remove 0001-scripts-common.m4-Insert-spaces-in-shell-lists.patch as it was merged in upstream.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Remove 0001-scripts-common.m4-Insert-spaces-in-shell-lists.patch as it was merged in upstream.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
core:
* NSS Signatures: Tweak the logic that decides which firefox profile to use
* NSS Signatures: call PORT_GetError() only if the preceding CERT_PKIXVerifyCert() fails
* Splash: Performance improvements
* Fix crashes in malformed documents
glib:
* Fix ocsp check for signatures validation
* Fix warning when running glib-mkenums
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
There are multiple vendors for yasm:
$ sqlite3 ./nvdcve_2-2.db "select distinct vendor, product from products where product = 'yasm';"
tortall|yasm
yasm_project|yasm
Both products refer to the same application
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
There are some unrelated software called "links", which cases
false-positive CVEs to be reported by the CVE checker.
Set the vendor/product pairs that were historically used with
CVEs for this software.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Switch back to fetch tarballs instead of the git repository.
The project has switched from appstream-glib to appstream as a dependency,
due to the prior isn't actively developed anymore[1].
This update also contains fixes for CVE-2025-10920, CVE-2025-10921, CVE-2025-10922,
CVE-2025-10923, CVE-2025-10924, CVE-2025-10925 and CVE-2025-10934.
[1]: c27096db9e
Release notes:
Core:
- Many false-positive build warnings have been cleaned out (and proper
issues fixed).
- Various crashes fixed.
- When creating a layer mask from the layer's alpha, but the layer has
no alpha, simply fill the mask with complete opacity instead of
a completely transparent layer.
- Various core infrastructure code reviewed, cleaned up, refactored
and improved, in drawable, layer and filter handling code, tree view
code, and more.
- GIMP_ICONS_LIKE_A_BOSS environment variable is not working anymore
(because "gtk-menu-images" and "gtk-button-images" have been
deprecated in GTK3 and removed in GTK4) and was therefore removed.
- Lock Content now shows as an undo step.
- Add alpha channel for certain transforms.
- Add alpha channel on filter merge, when necessary.
- Filters can now be applied non-destructively on channels.
- Improved Photoshop brush support.
- After deleting a palette entry, the next entry is automatically
selected. This allows easily deleting several entries in a row,
among other usage.
- Resize image to layers irrespective to selections.
- Improved in-GUI release notes' demo script language:
* We can now set a button value to click it:
"toolbox:text,
tool-options:outline=1,
tool-options:outline-direction"
* Color selector's module names can be used as identifiers:
"color-editor,color-editor:CMYK=1,color-editor:total-ink-coverage"
- Fixed Alpha to Selection on single layers with no transparency.
- Various code is slowly ported to newer code, preparing for GTK4 port
(in an unplanned future step):
* Using g_set_str() (optionally redefining it in our core code to
avoid bumping the GLib minimum requirement).
* Start using GListModel in various pieces of code, in particular
getting rid of more and more usage of GtkTreeView when possible
(as it will be deprecated with GTK4).
* New GimpRow class for all future row widgets.
* Use more of G_DECLARE_DERIVABLE_TYPE and G_DECLARE_FINAL_TYPE
where relevant.
* New GimpContainerListView using a GtkListBox.
* New GimpRowSeparator, GimpRowSettings, GimpRowFilter and
GimpRowDrawableFilter widgets.
- (Experimental) GEX Format was updated.
- Palette import:
* Set alpha value for image palette imports.
* Fix Lab & CMYK ACB palette import.
* Add palette format filters to import dialog, making it more
apparent what palette formats are supported, and giving the
ability to hide irrelevant files.
- Improved filter actions' sensitivity to make sure they are set
insensitive when relevant. In particular filters which cannot be run
non-destructively (e.g. filters with aux inputs, non-interactive
filters and GEGL Graph) must be insensitive when trying to run them
on group layers.
- Fix bad axis centering on zoom out.
- Export better SVG when exporting paths.
Tools:
- Text tool: make sure the default color is only changed when the user
confirms the color change.
- Foreground Selection tool: do not create a selection when no strokes
has been made. In particular this removes the unnecessary delay
which happened when switching to another tool without actually
stroking anything.
- All Transform tools: transform boundaries for preview is now
multi-layers aware.
- (Experimental) Seamless Clone tool: made to work again, though it is
still too slow to get out of Playground.
Graphical User Interface:
- Various improvements to window management:
* Keep-Above windows are set with the Utility hint.
* Utility windows are not made transient to a parent.
* Transient factory dialogs follow the active display, ensuring that
new image windows would not hide your toolbox and dock windows.
- Various CSS improvements for styling of the interface. Some theme
leaks were also fixed.
- New toggle button in Brushes and Fonts dockable, allowing brush and
font previews to optionally follow the color theme. For instance,
when using a dark theme, the brush and font previews could be drawn
on the theme background, using the theme foreground colors. By
default, these data previews are still drawn as black on white.
- Palette grid is now drawn with the theme's background color.
- Consistent naming patterns on human-facing options (first word only
capitalized).
- About dialog:
* We will now display the date and time of the last
check in a "Up to date as of <date> at <time>" string, differing
from the "Last checked on <date> at <time>" string. The former
will be used to indicate that GIMP is indeed up-to-date whereas
the latter when a new version was released and that you should
update.
* We now respect the system time/date format on macOS and Windows.
- The search popup won't pop up without an image.
- Better zoom step algorithm for data previews in container popup
(e.g. the brush popup in paint Tool Options).
- Disable animation in the Input Controller, Preferences and Welcome
dialogs for stack transition when animation are disabled in system
settings.
- Fixed crosshair hotspot on Windows (crosshair cursor for brushes was
offset with a non-100% display scale factor).
- Debug/CRITICAL dialog:
* Make sure it is non-modal.
* Follow the theme mode under Windows.
- While loading images, all widgets in the file dialog are made
insensitive, except for the Cancel button and the progress bar.
- Both grid and list views can now zoom via scroll and zoom gestures
(it used to only work in list views).
- Pop an error message up on startup when GIO modules to read HTTPS
links are not found and that we therefore fail to load the remote
gimp_versions.json file. With the AppImage package in particular, we
depend on an environment daemon which cannot be shipped in the
package. So the next best thing is to warn people and tell them what
they should install to get version checks.
- Welcome dialog:
* The "Community Tutorials" link is now shown after the
"Documentation" link.
* The "Learn more" link in Release Notes tab leads to the actual
release news for this version.
Plug-ins:
- PDF export: do not draw disabled layer masks.
- Jigsaw: the plug-in can now draw on transparent layers.
- Various file format fixes and improvements: JPEG 2000 import, TIFF
import, DDS import, SVG import, PSP import, FITS export, ICNS
import, Dicom import, WBMP import, Farbfeld import, XWD import, ILBM
import.
- Sphere Designer: use spin scale instead of spin entries (the latter
is unusable with little horizontal space).
- Animation Play: frames are shown again in the playback progress bar.
- Vala Goat Exercise: ignoring C warning in this Vala plug-in as it is
generated code and we cannot control it.
- file-gih: brush pipe selection modes now have nice, translatable
names.
- Metadata viewer: port from GtkTreeView to GtkListBox.
- File Raw Data: reduce Raw Data load dialogue height by moving to a
2-column layout.
- SVG import: it is now possible to break aspect ratio with specific
width/height arguments, when calling the PDB procedure
non-interactively (from other plug-ins).
- Print: when run through a portal print dialog, the "Image Settings"
will be exposed as a secondary dialog, outputted after the portal
dialog, instead of a tab on the main print dialog (because it is not
possible to tweak the print dialog when it is created by a portal).
This will bring back usable workflow of printing with GIMP when run
in a sandbox (e.g. Flatpak or Snap).
- Recompose: fixed for YCbCr decomposed images.
- Fixed vulnerabilities: ZDI-CAN-27684, ZDI-CAN-27863, ZDI-CAN-27878,
ZDI-CAN-27836, ZDI-CAN-27823, ZDI-CAN-27793.
- C Source and HTML export can now be run non-interactively too (e.g.
from other plug-ins).
- Map Object: fix missing spin boxes.
- Small Tiles: fix display lag.
API:
- libgimpui:
* new function: gimp_prop_toggle_new()
* updated widget default for GimpChoice in GimpProcedureDialog: when
the number of choices is below 3, a radio frame is used, and a
combo box otherwise (it used to always be a combo box).
* GimpExportProcedureDialog: comment text area will be made
(in)sensitive depending on the checked state of "Save Comment"
option.
* Use arrows for GimpSpinScale cursors.
* GimpColorScales: no decimal for u8 RGB color selector. This change
will help further distinguish between the 0...100 and 0..255 views
in the Color Selectors.
* Internal color drags now use a "application/x-geglcolor" target
since "application/x-color" is standard and should not be used for
our more powerful color formats.
- libgimp:
* new enum type: GimpTRCType
* gimp_file_save() sets the XCF or exported files accordingly.
* Metadata:
+ Favor existing image comment instead of always loading comment
from metadata.
+ Fix handling of "charset=" in comments.
+ Better heuristic to choose the comment to export, especially
when it has been edited in the export dialog comment field.
+ XMP modification date format fix and Exif.Image.DateTime
metadata has been modernized, also adding the timezone.
- PDB/libgimp:
* Allow nullable sample points and guide types for some
functions.
* GeglParamFilePath can now be passed across the wire.
- macOS: improve dock icon flashing issue.
Build:
- CI scripts synced to latest `master` state.
- Windows file format association list is now generated at build time,
avoiding discrepancies.
- Build scripts are made POSIX-compliant for better portability across
platforms.
- New nightly Snap package.
- New nightly Aarch64 flatpak.
- Core code ported from appstream-glib to libappstream.
- Windows installer now uses the latest InnoSetup again.
- New option -Dwin-debugging=dwarf to generate DWARF symbols on
Windows (defaults to CodeView symbols).
- Compilation should work again fine with older librsvg (before the
Rust port).
- release-stats.sh script updated to generate text directly pastable
into our release news.
- CI:
* Linux builds ported from unmaintained Kaniko to Buildah.
* Colored output and .pdb support for builds of dependency using
CMake.
* Ability to apply remote patches on dependency builds.
* New job "branches-check" to warn about dead branches.
* Our Debian jobs are now built with GCC again (the CLang builds are
switched to weekly scheduled jobs).
- Clean out deprecation warnings on GLib and GTK/GDK based on our
minimum requirement of these dependencies thanks to
GLIB_VERSION_MIN_REQUIRED() and GLIB_VERSION_MAX_ALLOWED() macros
(and equivalent GDK macros).
- We now build Exiv2 ourselves on Windows as a temporary workaround to
issue #12626.
- Improved packages binary caching with ORAS for Flatpak.
- AppImage: we now depend on Debian Trixie.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
they were sent for meta-security long time ago in 2021:
https://lists.yoctoproject.org/g/yocto/message/54470
but never merged there, now there are lief, docopt, rich, asttokens
already in meta-python and checksec-py depends on lief version, e.g.
976d530867
is needed to fixcompatibility with newer lief currently in meta-python
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Details: https://nvd.nist.gov/vuln/detail/CVE-2015-3243
The issue is about file permissions: by default rsyslog creates world-readable
files. In case a log message contains some sensitive information, then that's
exposed to every user on the system.
However the rsyslog.conf file that is shipped with the recipe solves it: it
already sets non-world-readable default permissions on all files, so this
vulnerability is fixed in the default OE recipe.
See also this package in OpenSuse[1], where it is solved the same way.
[1]: https://build.opensuse.org/requests/619439/changes (rsyslog.conf.in)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
When tests are enabled additional C++ code is compiled and clang does
not like the code.
Cc: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This is a backported patch from opensuse, which contains a testcase
for CVE-2015-7747 (which is already patched in ths recipe, but not
tested explicitly).
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The clang does not need option -flax-vector-conversions to
avoid build failure for 32bit arm target
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
When compressing docs, do not save the original file name and
timestamp by default (gzip -n). Make archives be reproducible
at each build
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fex is a fast usermode x86 and x86-64 emulator for Arm64 Linux
It is used by 'valve' to run windows games on snapdragon
Compilation requires TOOLCHAIN = "clang"
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
remmina has a hard dependency on curl [1]. This doesn't result in an
error on branches with gtk4 because curl gets pulled in via vte ->
gtk4 -> gstreamer-plugins-bad -> curl.
Add an explicit DEPENDS on curl to reflect the dependency.
[1] a8afdd728d/src/CMakeLists.txt (L259)
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Moved the recipe from meta-homeassistant to meta-openembedded.
@see: https://github.com/meta-homeassistant/meta-homeassistant/pull/177#issuecomment-3510619876
- version bump from 0.35.0 to 0.38.0 (current latest release)
- added ptests
- patch to skip 5 tests that did not pass the run
- added tests to PTESTS_SLOW_META_PYTHON
Signed-off-by: Jan Vermaete <jan.vermaete@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Drop patches that were incorporated in this release.
License-Update: Switched to 3-clause BSD license:
edd7bea821
Release notes:
https://github.com/HDFGroup/hdf5/releases/tag/2.0.0
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Since commit 3200122d68 (chrony: create /var/lib/chrony by systemd-tmpfiles)
tmpfiles.d mechanism already ensures populating /var/lib/chrony at runtime.
Introduce volatiles mechanism to make sure the directory is created
at runtime for sysvinit as well.
Since /var/lib/chrony is populated at runtime, stop packaging at build time.
this helps to align towards stateless system expectations
or when updates are done via meta-updater.
Signed-off-by: Vishwas Udupa <vudupa@qti.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Drop backported patches which have already been integrated into this version.
0001-libxfce4ui-Avoid-deprecated-functions.patch
9115037ed7
0002-parsers-Generalise-input-to-array-of-gchar.patch
c0653a903c
0003-libsoup-Port-to-libsoup-3.0.patch
279c975dc1
0004-Report-UPower-Glib-support.patch
3bfb13249d
0005-Make-libsoup-v3-support-optional.patch
5116b68b45
Use meson as that is now the supported build system.
Changelog: https://gitlab.xfce.org/panel-plugins/xfce4-weather-plugin/-/tags/xfce4-weather-plugin-0.12.0
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
