Changelog:
============
- More makework thanks to the ass-clowns running Python. Fix issue with deprecation of datetime.utcnow() in 3.12.
- Add API for customizing the TaskWrapper implementation, suitably named get_task_wrapper_class().
- Make the revoke_all(), restore_all() and is_revoked() more robust for various input types.
- Fix bug that could occur in the event of a SIGHUP followed by a SIGINT when using thread workers.
- Added new experimental contrib module for SQS queue and S3 result storage.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
- Email addresses with internationalized local parts could, with rare Unicode
characters, be returned as valid but actually be invalid in their
normalized form (returned in the normalized field).
- The length check for email addresses with internationalized local parts is
now also applied to the original address string prior to Unicode NFC
normalization, which may be longer and could exceed the maximum email address
length, to protect callers who do not use the returned normalized address.
- Improved error message for IDNA domains that are too long or have invalid
characters after Unicode normalization.
- A new option to parse My Name <address@domain> strings
- Improvements to Python typing.
- Some additional tests added.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
- Fix potential XSS vulnerability in browsable API.
- Revert "Ensure CursorPagination respects nulls in the ordering field".
- Use warnings rather than logging a warning for DecimalField.
- Remove unused code.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
- If you attempt to combine statement coverage data with branch coverage data,
coverage.py used to fail with the message "Can't combine arc data with line
data" or its reverse, "Can't combine line data with arc data." These messages
used internal terminology, making it hard for people to understand the problem.
They are now changed to mention "branch coverage data" and "statement coverage data."
- Fixed a minor branch coverage problem with wildcard match/case cases using names or guard clauses.
- Started testing on 3.13 free-threading (nogil) builds of Python. I'm not claiming full support yet.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- [pre-commit.ci] pre-commit autoupdate
- New logo for Bandit based on raccoon
- Start testing on Python 3.13
- Updates banner logo so it renders well in dark mode
- Add a sponsor section to README
- Ensure sarif extra is included as part of doc build
- Guard against empty call argument list
- Support configfile in .bandit file
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
- No stdin for python calls from bash completion functions
- Localize shell variable REPLY to avoid overwriting users' value
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-configure.ac-eliminate-build-path-from-openvpn-versi.patch
refreshed for 2.6.11
Changelog:
=============
- Implement server_poll_timeout for socks
- Use snprintf instead of sprintf for get_ssl_library_version
- Add bracket in fingerprint message and do not warn about missing verification
- Replace macos11 with macos14 in github runners
- Only run coverity scan in OpenVPN/OpenVPN repository
- Workaround issue in LibreSSL crashing when enumerating digests/ciphers
- Properly handle null bytes and invalid characters in control messages
- Allow to set ifmode for existing DCO interfaces in FreeBSD
- samples: Update sample configurations
- documentation: make section levels consistent
- phase2_tcp_server: fix Coverity issue 'Dereference after null check'
- script-options.rst: Update ifconfig_* variables
- LZO: do not use lzoutils.h macros
- Remove "experimental" denotation for --fast-io
- Implement Windows CA template match for Crypto-API selector
- misc.c: remove unused code
- interactive.c: Improve access control for gui<->service pipe
- Only schedule_exit() once
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
* Adapt to the new way of handling the 2FA secret by the
daemon, needed by it to fix a bug with certain clients.
Requires NetworkManager >= 1.46.2.
* Update Slovenian and Hungarian translations.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
License-Update: Copyright year updated to 2024.
Changelog:
============
* 1.15.0 will be the last release to support OpenSSL 1.1.
* bio, credman: improved CTAP 2.1 support.
* hid_osx: fix issue where fido_hid_read() may block unnecessarily
* fido2-token -I: print maxcredbloblen.
* hid_linux: improved support for uhid devices.
* New API calls:
- fido_cred_set_attobj;
- fido_cred_x5c_list_count;
- fido_cred_x5c_list_len;
- fido_cred_x5c_list_ptr.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
api: Add DIOCTL_GET_CPU_PROFILE_DATA ioctl to get cpu profile data
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- fix older aix with missing -lz dependencies
- minor ci fixes
License-Update:
"(Some other Free Software Foundation software is covered by the GNU Library General Public License instead.)"
removed from license file.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
- Add launchable tag in io.github.gtkwave.GTKWave.metainfo.xml.
- Fix memory leak on name in build_hierarchy_array().
- Fix memory leak in ptranslate/ttranslate.
- Fix case of missing newline at EOF for VCD loaders.
- Add escape handling state machine for vars in FST loader.
- Remove escape check on coalesce in FST loader.
- CreateFileMapping() warning fix for win32 compiles.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Chanelog:
==========
- Fix relinking issue
- README.rst: fix typos
- Add initial EditorConfig support
- .gitignore: ignore ctags generated tags file
- tests:conacc: Add a test for a connection failure
- conacc: Null the connection data if the connection fails
- Fix a compile error when GCC atomics are off
- tools:gtlsshd: Add handling of accepter parmlog events
- tools:agwpe: Fix missing nil termination and uninitialized variable
- Fix some formatting in the README
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- Added ability to write Google Container XMP tags (using the namespace prefix
'GContainer' to avoid conflict with the Google Device Container prefix)
- Decode a few new tags for the Canon EOS R5
- Decode battery information for the Pentax K-3 III
- Decode RAFCompression from FujiFilm RAF images
- Avoid reporting FileSize of 0 for pipes
- Updated Geolocation databases from current geonames.org files
- Skip over Matroska Cluster if necessary to read Tags if referenced in
SeekHead
- Changed conversion for Matroska SeekID (now in hex with tag name in
brackets) and SeekPosition (now returns an absolute offset)
- Fixed problem writing XMP-Device:EarthPos coordinates
- Fixed typo in a value of Canon:DigitalLensOptimizer
- Fixed decoding of Matroska VideoScanType
- Fixed misleading error message when -o option was used to write to an
unsupported file type
- Added a new value for a couple of Olympus tags
- Improved handling of ID3 user-defined tags
- Decode all JPEG segments from RICO box in Ricoh MOV videos
- Decode a few new values for some tags written by Canon EOS R cameras
- Patched some Olympus WB_RBLevels tags to allow 4 values to be written as per
some newer models
- Fixed issue when writing IPTC date tags with a date/time value containing
subseconds with 4 or more digits
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
+ modify configure script to ease deprecation of libtool-bin package
+ update dialog.map, dialog.sym for 2023/10/02 changes.
+ improve dialog-config.in,
+ suppressing several special cases of linker options, and
+ adding support for --cflags-only-I, --cflags-only-other
+ fix a few cppcheck warnings
+ improvements to NLS configuration.
+ add configure check for PIC vs PIE, needed for linking to libraries
which lack pkg-config scripts to specify LDFLAGS.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
* Do not allow formatting LUKS2 with Opal SED (hardware encryption)
* Fixes to wiping LUKS2 headers after Opal locking area erase.
* Mention the need for possible PSID revert before Opal format for some
drives (man page).
* Fix Bitlocker-compatible code to ignore newly seen metadata entries.
* Fix interactive query retry if LUKS2 unbound keyslot is present.
* Detect unsupported zoned devices for LUKS header devices.
* Allow "capi" cipher format for benchmark command and fix parsing
of plain IV in "capi" format.
* Add support for HCTR2 encryption mode.
* Source code now uses SPDX license identifiers instead of full
license preambles.
* Fix missing includes for cryptographic backend that could cause
compilation errors for some systems.
* Fix tests to work correctly in FIPS mode with recent OpenSSL 3.2.
* Fix various (mostly false positive) issues detected by Coverity.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Remove outdated comment
- Switch to git fetcher. Otherwise the official download location leads to:
WARNING: exiv2-0.28.2-r0 do_recipe_qa: QA Issue: exiv2: SRC_URI uses unstable GitHub/GitLab
archives, convert recipe to use git protocol [src-uri-bad]
- Remove reproducibility hack. Theres no buildpath leakage in exiv2Config.cmake
anymore.
Changes from version 0.28.1 to 0.28.2
-------------------------------------
Release Notes:
* https://github.com/Exiv2/exiv2/issues/2914
* https://github.com/Exiv2/exiv2/milestone/13?closed=1
This release also fixes two low-severity security issues in quicktimevideo.cpp:
* [CVE-2024-24826](https://github.com/Exiv2/exiv2/security/advisories/GHSA-g9xm-7538-mq8w):
out-of-bounds read in QuickTimeVideo::NikonTagsDecoder.
* [CVE-2024-25112](https://github.com/Exiv2/exiv2/security/advisories/GHSA-crmj-qh74-2r36):
denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder.
These vulnerabilities are in a new feature (quicktime video) that was added in version 0.28.0,
so earlier versions of Exiv2 are not affected.
Changes from version 0.28.0 to 0.28.1
-------------------------------------
Release Notes:
https://github.com/Exiv2/exiv2/issues/2813
This release also fixes [CVE-2023-44398](https://github.com/Exiv2/exiv2/security/advisories/GHSA-hrw9-ggg3-3r4r),
an out-of-bounds write in `BmffImage::brotliUncompress`. The vulnerability is in new code that was added in
version 0.28.0, so earlier versions of Exiv2 are not affected.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Commit 9389d63fdd removed a previous patch
that caused the recipe to install the header and library files. Restore
this behavior to the new meson based build system.
Signed-off-by: Neel Gandhi <neel.gandhi@amd.com>
Signed-off-by: Mark Hatle <mark.hatle@amd.com>
Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Includes fix for CVE-2024-5458 and other bugs
Changelog:
https://www.php.net/ChangeLog-8.php#PHP_8_2
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
File "/usr/lib/python3.12/site-packages/google/protobuf/internal/type_checkers.py", line 25, in <module>
import ctypes
ModuleNotFoundError: No module named 'ctypes'
tested on qemu86-64
Signed-off-by: Jan Vermaete <jan.vermaete@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- use utime to notify workers liveness
- migrate setup to pyproject.toml
- fix numerous security vulnerabilities in HTTP parser (closing
some request smuggling vectors)
- parsing additional requests is no longer attempted past
unsupported request framing
- on HTTP versions < 1.1 support for chunked transfer is refused
(only used in exploits)
- requests conflicting configured or passed SCRIPT_NAME now
produce a verbose error
- Trailer fields are no longer inspected for headers indicating
secure scheme
- support Python 3.12
License-Update: Update license year
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 5.6.4:
- Fixed compilation of C extension failing on GCC 14
- Fixed compiler warnings when building C extension
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to version 2.0.8:
- Wheel files that support numpy 2.0
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
