it depends on accountservice package which already needs this
DISTRO_FEATURE
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Andreas Müller <schnitzeltony@gmail.com>
Fixed regressions
Fixed regression in DataFrame constructor failing to broadcast for defined Index and len one list of Timestamp
Fixed regression in GroupBy.agg() incorrectly raising in some cases
Fixed regression in GroupBy.apply() where nan values were dropped even with dropna=False
Fixed regression in GroupBy.quantile() which was failing with pandas.NA
Fixed regression in merge() where on columns with ExtensionDtype or bool data types were cast to object in right and outer merge
Fixed regression in RangeIndex.where() and RangeIndex.putmask() raising AssertionError when result did not represent a RangeIndex
Fixed regression in read_parquet() where the fastparquet engine would not work properly with fastparquet 0.7.0
Fixed regression in DataFrame.loc.__setitem__() raising ValueError when setting array as cell value
Fixed regression in is_list_like() where objects with __iter__ set to None would be identified as iterable
Fixed regression in DataFrame.__getitem__() raising error for slice of DatetimeIndex when index is non monotonic
Fixed regression in Resampler.aggregate() when used after column selection would raise if func is a list of aggregation functions
Fixed regression in DataFrame.corr() where Kendall correlation would produce incorrect results for columns with repeated values
Fixed regression in DataFrame.groupby() where aggregation on columns with object types dropped results on those columns
Fixed regression in Series.fillna() raising TypeError when filling float Series with list-like fill value having a dtype which couldn’t cast lostlessly (like float32 filled with float64)
Fixed regression in read_csv() raising AttributeError when the file handle is an tempfile.SpooledTemporaryFile object
Fixed performance regression in core.window.ewm.ExponentialMovingWindow.mean()
Performance improvements
Performance improvement for DataFrame.__setitem__() when the key or value is not a DataFrame, or key is not list-like
Bug fixes
Fixed bug in DataFrameGroupBy.agg() and DataFrameGroupBy.transform() with engine="numba" where index data was not being correctly passed into func
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Bugfixes
Ignore blank ignored in existing Data Validations
Add support for cell protection for merged cell ranges
Timezone-aware datetimes raise an Exception
Improved normalisation of chart series
Catch OverflowError for out of range datetimes
Alignment.relativeIndent can be negative
Incorrect default value groupBy attribute
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Added a function `decoratorx` using the `FunctionMaker` and thus
preserving the signature of `__code__` objects. Then fixed three small bugs:
- Sphinx was printing a few warnings when building the documentation, as
signaled by Tomasz Kłoczko
- functions decorated with `decorator.contextmanager` were one-shot,
as discovered by Alex Pizarro.
- `decorator.decorator` was not passing the kwsyntax argument.
Signed-off-by: Zang Ruochen <zangrc.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
2021-09-12 2.3.4:
-------------------
* Fix `util.ba2int()` for frozenbitarrays. A bug was introduced in 2.3.0
as `.tobytes()` no longer treats pad bits for read-only buffers as zero.
* add tests
Signed-off-by: Zang Ruochen <zangrc.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
= 4.10.0 (20210907)
* This is the first release of Beautiful Soup to only support Python
3. I dropped Python 2 support to maintain support for newer versions
(58 and up) of setuptools. See:
https://github.com/pypa/setuptools/issues/2769 [bug=1942919]
* The behavior of methods like .get_text() and .strings now differs
depending on the type of tag. The change is visible with HTML tags
like <script>, <style>, and <template>. Starting in 4.9.0, methods
like get_text() returned no results on such tags, because the
contents of those tags are not considered 'text' within the document
as a whole.
But a user who calls script.get_text() is working from a different
definition of 'text' than a user who calls div.get_text()--otherwise
there would be no need to call script.get_text() at all. In 4.10.0,
the contents of (e.g.) a <script> tag are considered 'text' during a
get_text() call on the tag itself, but not considered 'text' during
a get_text() call on the tag's parent.
Because of this change, calling get_text() on each child of a tag
may now return a different result than calling get_text() on the tag
itself. That's because different tags now have different
understandings of what counts as 'text'. [bug=1906226] [bug=1868861]
* NavigableString and its subclasses now implement the get_text()
method, as well as the properties .strings and
.stripped_strings. These methods will either return the string
itself, or nothing, so the only reason to use this is when iterating
over a list of mixed Tag and NavigableString objects. [bug=1904309]
* The 'html5' formatter now treats attributes whose values are the
empty string as HTML boolean attributes. Previously (and in other
formatters), an attribute value must be set as None to be treated as
a boolean attribute. In a future release, I plan to also give this
behavior to the 'html' formatter. Patch by Isaac Muse. [bug=1915424]
* The 'replace_with()' method now takes a variable number of arguments,
and can be used to replace a single element with a sequence of elements.
Patch by Bill Chandos. [rev=605]
* Corrected output when the namespace prefix associated with a
namespaced attribute is the empty string, as opposed to
None. [bug=1915583]
* Performance improvement when processing tags that speeds up overall
tree construction by 2%. Patch by Morotti. [bug=1899358]
* Corrected the use of special string container classes in cases when a
single tag may contain strings with different containers; such as
the <template> tag, which may contain both TemplateString objects
and Comment objects. [bug=1913406]
* The html.parser tree builder can now handle named entities
found in the HTML5 spec in much the same way that the html5lib
tree builder does. Note that the lxml HTML tree builder doesn't handle
named entities this way. [bug=1924908]
* Added a second way to pass specify encodings to UnicodeDammit and
EncodingDetector, based on the order of precedence defined in the
HTML5 spec, starting at:
https://html.spec.whatwg.org/multipage/parsing.html#parsing-with-a-known-character-encoding
Encodings in 'known_definite_encodings' are tried first, then
byte-order-mark sniffing is run, then encodings in 'user_encodings'
are tried. The old argument, 'override_encodings', is now a
deprecated alias for 'known_definite_encodings'.
This changes the default behavior of the html.parser and lxml tree
builders, in a way that may slightly improve encoding
detection but will probably have no effect. [bug=1889014]
* Improve the warning issued when a directory name (as opposed to
the name of a regular file) is passed as markup into the BeautifulSoup
constructor. [bug=1913628]
Signed-off-by: Zang Ruochen <zangrc.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
This commit aims to update the version of boost-url to latest, and to
make compatibility changes to make the latest version build.
As of 0b96da0e4727c692c48cc95a32d82634cb41aaaf on the boost url repo,
the standalone build type has been removed, which breaks this recipe. A
quick discussion with the maintainers [1] shows that the cmake was never
really intended to be used for installation, even if it worked in the
past, and in the future only intended for use within the boost
superproject. They recommended that since this is a header only
library, that a simple copy would be a better way to stay up to date
with this library. As such, this commit removes the cmake bbclass, and
replaces it with a simple do_install that is a simply copy into the
include directories.
At the same time, the previous patch to add GNUInstallDirs support to
the cmake no longer applies, and is no longer needed, so it is removed
at the same time.
The SHA1 is also updated to the latest available.
[1] https://cpplang.slack.com/archives/C01JR6C9C4U/p1631654296241200
Signed-off-by: Ed Tanous <ed@tanous.net>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fixes
pahole-1.22: /usr/bin/ostra-cg contained in package pahole-extra requires /usr/bin/python3, but no providers found in RDEPENDS:pahole-extra? [file-rdeps]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Matteo Croce <mcroce@microsoft.com>
add DefaultOff option to RenderFont resource, as part of
the session-management feature.
add auto-scroll-lock feature (patch by add Stelios Bounanos).
update the window-size information returned via TIOCGWINSZ when
rows/columns are unchanged but the font-size changes (report by Nick Black).
improve session-management feature by saving/restoring the font settings.
update config.guess, config.sub
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Features
Merge PR #317: ZONEMD Zone Verification, with RFC 8976 support.
ZONEMD records are checked for zones loaded as auth-zone, with DNSSEC if available. There is an added option zonemd-permissive-mode that makes it log but not fail wrong zones. With zonemd-reject-absence for an auth-zone the presence of a zonemd can be mandated for specific zones.
Fix: Resolve interface names on control-interface too.
Merge #470 from edevil: Allow configuration of persistent TCP connections.
Fix#474: always_null and others inside view.
Add that log-servfail prints an IP address and more information about one of the last failures for that query.
Merge #478: Allow configuration of TCP timeout while waiting for response.
Add ./configure --with-deprecate-rsa-1024 that turns off RSA 1024.
Move the NSEC3 max iterations count in line with the 150 value used by BIND, Knot and PowerDNS. This sets the default value for it in the configuration to 150 for all key sizes.
zonemd-check: yesno option, default no, enables the processing of ZONEMD records for that zone.
Merge #486 by fobster: Make VAL_MAX_RESTART_COUNT configurable.
Merge PR #491: Add SVCB and HTTPS types and handling according to draft-ietf-dnsop-svcb-https.
Introduce 'http-user-agent:' and 'hide-http-user-agent:' options.
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
version 2.86
Handle DHCPREBIND requests in the DHCPv6 server code.
Thanks to Aichun Li for spotting this omission, and the initial
patch.
Fix bug which caused dnsmasq to lose track of processes forked
to handle TCP DNS connections under heavy load. The code
checked that at least one free process table slot was
available before listening on TCP sockets, but didn't take
into account that more than one TCP connection could
arrive, so that check was not sufficient to ensure that
there would be slots for all new processes. It compounded
this error by silently failing to store the process when
it did run out of slots. Even when this bug is triggered,
all the right things happen, and answers are still returned.
Only under very exceptional circumstances, does the bug
manifest itself: see
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q2/014976.html
Thanks to Tijs Van Buggenhout for finding the conditions under
which the bug manifests itself, and then working out
exactly what was going on.
Major rewrite of the DNS server and domain handling code.
This should be largely transparent, but it drastically
improves performance and reduces memory foot-print when
configuring large numbers domains of the form
local=/adserver.com/
or
local=/adserver.com/#
Lookup times now grow as log-to-base-2 of the number of domains,
rather than greater than linearly, as before.
The change makes multiple addresses associated with a domain work
address=/example.com/1.2.3.4
address=/example.com/5.6.7.8
It also handles multiple upstream servers for a domain better; using
the same try/retry algorithms as non domain-specific servers. This
also applies to DNSSEC-generated queries.
Finally, some of the oldest and gnarliest code in dnsmasq has had
a significant clean-up. It's far from perfect, but it _is_ better.
Revise resource handling for number of concurrent DNS queries. This
used to have a global limit, but that has a problem when using
different servers for different upstream domains. Queries which are
routed by domain to an upstream server which is not responding will
build up and trigger the limit, which breaks DNS service for
all other domains which could be handled by other servers. The
change is to make the limit per server-group, where a server group
is the set of servers configured for a particular domain. In the
common case, where only default servers are declared, there is
no effective change.
Improve efficiency of DNSSEC. The sharing point for DNSSEC RR data
used to be when it entered the cache, having been validated. After
that queries requiring the KEY or DS records would share the cached
values. There is a common case in dual-stack hosts that queries for
A and AAAA records for the same domain are made simultaneously.
If required keys were not in the cache, this would result in two
requests being sent upstream for the same key data (and all the
subsequent chain-of-trust queries.) Now we combine these requests
and elide the duplicates, resulting in fewer queries upstream
and better performance. To keep a better handle on what's
going on, the "extra" logging mode has been modified to associate
queries and answers for DNSSEC queries in the same way as ordinary
queries. The requesting address and port have been removed from
DNSSEC logging lines, since this is no longer strictly defined.
Connection track mark based DNS query filtering. Thanks to
Etan Kissling for implementing this It extends query filtering
support beyond what is currently possible
with the `--ipset` configuration option, by adding support for:
1) Specifying allowlists on a per-client basis, based on their
associated Linux connection track mark.
2) Dynamic configuration of allowlists via Ubus.
3) Reporting when a DNS query resolves or is rejected via Ubus.
4) DNS name patterns containing wildcards.
Disallowed queries are not forwarded; they are rejected
with a REFUSED error code.
Allow smaller than 64 prefix lengths in synth-domain, with caveats.
--synth-domain=1234:4567::/56,example.com is now valid.
Make domains generated by --synth-domain appear in replies
when in authoritative mode.
Ensure CAP_NET_ADMIN capability is available when
conntrack is configured. Thanks to Yick Xie for spotting
the lack of this.
When --dhcp-hostsfile --dhcp-optsfile and --addn-hosts are
given a directory as argument, define the order in which
files within that directory are read (alphabetical order
of filename). Thanks to Ed Wildgoose for the initial patch
and motivation for this.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
STABLE RELEASE 1.0.5:
- Add --no-solicit option to skip sending the discovery packet.
- Ignore multicast advertisements when discovery was sent as unicast
- Since its point release, no need to use +git${SRCPV} in PV it can be
absolute
Signed-off-by: William A. Kennington III <wak@google.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Currently, viewing the help text with snmpd -h results in snmpd being
started in the background.
$ snmpd -h
Usage: snmpd [OPTIONS] [LISTENING ADDRESSES]
[snip]
$ ps -ef | grep snmpd
root 1477 1 0 05:46 ? 00:00:00 snmpd -h
Backport a patch to fix this issue.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Add the pahole host tool which is needed to generate BTF debugging
symbols from the kernel image.
Signed-off-by: Matteo Croce <mcroce@microsoft.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The patch file CVE-2020-15945.patch does cause a segfault in the lua ptest (db.lua test).
According to upstream developers the patch is not correct and causes the segfault.
Reproduce: build core-image-minimal with lua and ptest-pkgs on .
Run: ptest-runner lua
This test passes if the patch is removed.
Please also backport to dunfell as well.
Signed-off-by: Jan-Simon Moeller <dl9pf@gmx.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Version 0.3.2
~~~~~~~~~~~~~
Released: 2021-05-24
Bugfixes:
- Respect XB_BUILDER_NODE_FLAG_IGNORE when exporting (Richard Hughes)
- Use the chosen chunk size when reading from a stream (Richard Hughes)
- Use the correct pkgconfig export package name in the GIR file (Richard Hughes)
Signed-off-by: Zang Ruochen <zangrc.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2021/09/08:
Release v1.3.
1.When installing with package list, add the function of detecting whether the package exists.
2.Added the function of generating installed package info csv file.
3.Delete the pseudo directory in each init phase.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
CVE-2021-37750:
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before
1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in
kdc/do_tgs_req.c via a FAST inner body that lacks a server field.
References:
https://nvd.nist.gov/vuln/detail/CVE-2021-37750
Patches from:
d775c95af7
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Release 0.8.8 is a minor release and contains a bugfix for HSM, a feature for `GraphSupport` and changes internal cache handling:
- Bugfix #544: `NestedEvent` now wraps the machine's scope into partials passed to `HierarchicalMachine._process`. This prevents queued transitions from losing their scope.
- Feature #533: `(A)Graph.draw` function (object returned by `GraphMachine.get_graph()`) can be passed a file/stream object as first parameter or `None`. The later will result in `draw` returning a binary string. (thanks @Blindfreddy).
- Feature #532: Use id(model) instead of model for machine-bound caches in `LockedMachine`, `AsyncMachine` and `GraphMachine`. This might influence pickling (thanks @thedrow).
Signed-off-by: Zang Ruochen <zangrc.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
From the release notes:
- CVE-2021-23437: Avoid a potential ReDoS (regular expression denial
of service) in ImageColor’s getrgb() by raising ValueError if the
color specifier is too long. Present since Pillow 5.2.0.
- Fix 6-byte out-of-bounds (OOB) read. The previous bounds check in
FliDecode.c incorrectly calculated the required read buffer size when
copying a chunk, potentially reading six extra bytes off the end of
the allocated buffer from the heap. Present since Pillow 7.1.0. This
bug was found by Google’s OSS-Fuzz CIFuzz runs.
- Pillow now includes binary wheels for Python 3.10.
- Ensure TIFF RowsPerStrip is multiple of 8 for JPEG compression
(#5588).
- Updates for ImagePalette channel order (#5599).
- Hide FriBiDi shim symbols to avoid conflict with real FriBiDi
library (#5651).
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
