Changelog:
============
- Add an extra check for completeness only.
- Fix a signed integer overflow which could trigger a FPE_INTOVF
- Fix Microsoft'2 MHC2 private tag
- Added projects for XCode 26 & Visual Studio 2026
- Added documentation for PCS illuminants and chromatic adaptation
- Check for a possible out-of-bounds in softproofing transforms when using cmsCreateExtendedTransform
- Fix for a out-of-bound read, issue #522
- Add an extra check for out-of-bounds read when misusing a support function
- avoid divide by zero, special case from spec. notes on CAM02
- Fix CGATS parser bug when number has a "+" sign
- Fix a typo when handling a special case for BPC
- Fixed a loss of precision when Lab16 is used as input color space on integer transforms
- Fixes hypotetical corrupted pointer in non-happy path. Cannot happen in real world
- Fix a theoretical memory leak.
- Add support of localized descriptions in v2 profiles for MacOS
- Mark some tables as const
- Make the param of cmsCreateLab4Profile() to refer to the media white instead of the illuminant
- fix a warning in unit tests
- Remove redundant check. Fixes#497
- Update autotools
- fix plugins soname + add oklab to transicc (experimental)
- meson: ability to disable .so.version libraries
- Fix black point detection when using darker colorant.
- testcms2.c: Fix incorrect string comparisons
- Fix CICp tag size.
- Fix broken linkicc
- meson: Bump minimum Meson version to 0.52 for visibility:hidden
- meson: Disable unused fs import
- Add a guard against a wrong use of flags
- Fix for #469 heap buffer overflow on convert_utf16_to_utf32()
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
- Fix frequent crashes when with gdk-pixbuf 2.44
- Add image/avif to the MimeType list in the .desktop
- appdata: Add missing developer name
- Set prgname to application ID
- data: Rename appdata to metainfo and use rDNS app id
- metadata: Hide unreachable help URL
- desktop: Add more keywords
- content type to mime type conversion
- Official website has been retired
- org.gnome.eog.desktop should list image/heic as MimeType
- Segfault SIGSEGV when switching images
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Add ptest and upgrade to release 0.13.1:
- pyproject.toml: add pytest as dev dependency
- Import Self from type_checking if needed to be compat with 3.9
- CI: run pytest via uv
- CI: test against multiple python versions
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 2.6.0:
- "Modernize" build system to use pyproject.toml and github actions.
Fixes:
WARNING: python3-huey-2.6.0-r0 do_check_backend: QA Issue: inherits
setuptools3 but has pyproject.toml with setuptools.build_meta, use
the correct class [pep517-backend]
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 4.0.4:
- Fixed false positive for ``invalid-name`` where module-level
constants were incorrectly classified as variables when a
class-level attribute with the same name exists.
- Fix a false positive for ``invalid-name`` on an UPPER_CASED
name inside an ``if`` branch that assigns an object.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
1. Changelog
Features:
* Add a systemd service to run xdg-user-dirs-update
* Add initial Meson buildsystem support
Bugfixes:
* Fix autopoint invocation
Miscellaneous:
* Updated translations
* Update automake boilerplate
* Update information in README
2. Add pkgconfig to solvo following configure error:
../sources/xdg-user-dirs-0.19/configure: line 9319: syntax error near unexpected token `systemd,'
../sources/xdg-user-dirs-0.19/configure: line 9319: `PKG_CHECK_EXISTS(systemd,'
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Source code for gtksourceview will be unpacked to a directory called
'gtksourceview-${PV}'. But as the recipes have added part of PV to the
name of the recipe the default setting of variable S will be wrong.
This is fixed by explicitly setting it.
Fixing issues like:
WARNING: gtksourceview3-3.24.11-r0 do_unpack: gtksourceview3: the directory ${UNPACKDIR}/${BP} (<snip>/gtksourceview3/3.24.11/sources/gtksourceview3-3.24.11) pointed to by the S variable doesn't exist - please set S within the recipe to point to where the source has been unpacked to
WARNING: gtksourceview3-3.24.11-r0 do_populate_lic: Could not copy license file <snip>/gtksourceview3/3.24.11/sources/gtksourceview3-3.24.11/COPYING to <snip>/gtksourceview3/3.24.11/license-destdir/corei7-64/gtksourceview3/COPYING: [Errno 2] No such file or directory: '<snip>/gtksourceview3/3.24.11/sources/gtksourceview3-3.24.11/COPYING'
ERROR: gtksourceview3-3.24.11-r0 do_populate_lic: QA Issue: gtksourceview3: LIC_FILES_CHKSUM points to an invalid file: <snip>/gtksourceview3/3.24.11/sources/gtksourceview3-3.24.11/COPYING [license-checksum]
ERROR: gtksourceview3-3.24.11-r0 do_populate_lic: Fatal QA errors were found, failing task.
WARNING: gtksourceview4-4.8.4-r0 do_unpack: gtksourceview4: the directory ${UNPACKDIR}/${BP} (<snip>/gtksourceview4/sources/gtksourceview4-4.8.4) pointed to by the S variable doesn't exist - please set S within the recipe to point to where the source has been unpacked to
ERROR: gtksourceview4-4.8.4-r0 do_patch: Applying patch '0001-remove-pointless-check.patch' on target directory '<snip>/gtksourceview4/4.8.4/sources/gtksourceview4-4.8.4'
WARNING: gtksourceview5-5.18.0-r0 do_unpack: gtksourceview5: the directory ${UNPACKDIR}/${BP} (<snip>/gtksourceview5/5.18.0/sources/gtksourceview5-5.18.0) pointed to by the S variable doesn't exist - please set S within the recipe to point to where the source has been unpacked to
WARNING: gtksourceview5-5.18.0-r0 do_populate_lic: Could not copy license file <snip>/gtksourceview5/5.18.0/sources/gtksourceview5-5.18.0/COPYING to <snip>/gtksourceview5/5.18.0/license-destdir/corei7-64/gtksourceview5/COPYING: [Errno 2] No such file or directory: '<snip>/gtksourceview5/5.18.0/sources/gtksourceview5-5.18.0/COPYING'
ERROR: gtksourceview5-5.18.0-r0 do_populate_lic: QA Issue: gtksourceview5: LIC_FILES_CHKSUM points to an invalid file: <snip>/gtksourceview5/5.18.0/sources/gtksourceview5-5.18.0/COPYING [license-checksum]
ERROR: gtksourceview5-5.18.0-r0 do_populate_lic: Fatal QA errors were found, failing task.
Signed-off-by: Peter Bergin <peter@berginkonsult.se>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Disable build-testing for now, as this would require 'googletest' dependency
v1.4.6
References | Description | Author(s)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The old SRC_URI stopped working (its certificate expired), and the recipe
defaulted to OE mirrors.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The underscores and hyphens in the product name are used randomly in the CVE
database:
sqlite> select * from PRODUCTs where vendor = 'gnome' and product like '%keyr%';
CVE-2012-3466|gnome|gnome-keyring|3.4.0|=||
CVE-2012-3466|gnome|gnome-keyring|3.4.1|=||
CVE-2012-6111|gnome|gnome_keyring|3.2|=||
CVE-2012-6111|gnome|gnome_keyring|3.4|=||
CVE-2018-19358|gnome|gnome-keyring|||3.28.2|<=
CVE-2018-20781|gnome|gnome_keyring|||3.27.2|<
Set CVE_PRODUCT so that both versions are matched.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The related CVEs are tracked with "xerces-c\+\+" (sic).
See CVE db query:
sqlite> select vendor, product, count(*) from PRODUCTs where product like '%xerces%' group by 1, 2;
apache|xerces-c\+\+|29
apache|xerces-j|2
apache|xerces2_java|3
redhat|xerces|3
Set CVE_PRODUCT accordingly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 5.0.1:
- Use Literal for type
- Use CMake for compiling c-ares
- Move project metadata to pyproject.toml
- Remove gethostbyname
- Remove getsock
- Replace ares_{get,set}servers with ares_{get,set}_servers_csv
- Remove ares_init and ares_mkquery, they are unused
- Make c-ares thread-safety mandatory
- Migrate API to c-ares' dnsrec variants
- Build wheels in parallel
- Update bundled c-ares to v1.34.6
- Make callback a mandatory kwarg-only argument
- Return bytes data for TXT records
- Add support for TLSA, HTTP and URI queries
- Remove event_thread option, make it implicit
- Fix IDNA 2008 test
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 0.0.69:
- Add Georgian console fonts
- Add Adlm script to SN
- Add dra, Tutg, ath, cmc, Cham, tai
- Remove License classifier (license tag with SPDX license
expression is already there)
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
1.Changelogs
https://github.com/opencv/opencv/wiki/OpenCV-Change-Logs#version4130
2.Remove following patches as they have been merged in upstream.
27691.patch
0001-Renamed-templated-BlocksCompensator-feed-method-to-e.patch
3.After upgrading to 4.13.0, WITH_KLEIDICV is ON as default in aarch64,
so build kleidicv along with openCV in aarch64.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Use pip 25.3 to install failed
...
Traceback (most recent call last):
File "menulibre-2.4.0/setup.py", line 245, in <module>
DistUtilsExtra.auto.setup(
~~~~~~~~~~~~~~~~~~~~~~~~~^
name='menulibre',
^^^^^^^^^^^^^^^^^
...<12 lines>...
cmdclass={'install': InstallAndUpdateDataDirectory}
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
)
^
File "recipe-sysroot-native/usr/lib/python3.13/site-packages/DistUtilsExtra/auto.py", line 98, in setup
__requires(attrs, src_all)
~~~~~~~~~~^^^^^^^^^^^^^^^^
File "recipe-sysroot-native/usr/lib/python3.13/site-packages/DistUtilsExtra/auto.py", line 471, in __requires
__add_imports(imports, s, attrs)
~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^
File "recipe-sysroot-native/usr/lib/python3.13/site-packages/DistUtilsExtra/auto.py", line 405, in __add_imports
if alias.name and __external_mod(cur_module, alias.name, attrs):
~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "recipe-sysroot-native/usr/lib/python3.13/site-packages/DistUtilsExtra/auto.py", line 377, in __external_mod
return 'dist-packages' in mod.__file__ or 'site-packages' in mod.__file__ or \
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
TypeError: argument of type 'NoneType' is not iterable
...
Refer [1] to correct one line in setup.py
[1] 81be63961a
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The relevant CVEs are tracked with underscore in their name.
See CVE db query:
sqlite> select vendor, product, count(*) from PRODUCTs where product like '%boinc%' group by 1, 2;
berkeley|boinc_client|2
berkeley|boinc_forum|1
universityofcalifornia|boinc_client|165
universityofcalifornia|boinc_server|5
Set the CVE_PRODUCT accordingly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The CVEs are tracked with an underscore in the product name:
sqlite> select * from PRODUCTs where product like '%async%mq%';
CVE-2025-65503|redboltz|async_mqtt|10.2.5|=||
This patch sets the correct CVE_PRODUCT.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ChangeLog:
https://github.com/nanomsg/nanomsg/releases/tag/1.2.2
Drop 0001-allow-build-with-cmake-4.patch as the issue has been fixed
upstream.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The tests take less than a second to execute.
The current source distribution is missing a test file,
which I added with a patch. The problem is already solved
by upstream just not tagged yet - the patch can be dropped
with the next update.
Sample output:
root@qemux86-64:~# ptest-runner
START: ptest-runner
2026-01-09T17:11
BEGIN: /usr/lib/python3-send2trash/ptest
SKIP: tests/test_plat_win.py:tests/test_plat_win.py # SKIP Skipping windows-only tests
PASS: tests/test_plat_other.py:test_trash
PASS: tests/test_plat_other.py:test_multitrash
PASS: tests/test_plat_other.py:test_trash_bytes
PASS: tests/test_plat_other.py:test_trash_unicode
PASS: tests/test_plat_other.py:test_trash_topdir
PASS: tests/test_plat_other.py:test_trash_topdir_fallback
PASS: tests/test_plat_other.py:test_trash_topdir_failure
PASS: tests/test_plat_other.py:test_trash_symlink
PASS: tests/test_script_main.py:test_trash
PASS: tests/test_script_main.py:test_no_args
============================================================================
Testsuite summary
DURATION: 1
END: /usr/lib/python3-send2trash/ptest
2026-01-09T17:11
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Lennart Poettering stopped maintaining libcanberra over a decade ago but it is still
maintained by the debian gnome-team.
Most notable improvement is that building the libcanberra-gtk3-module doesn't depend
on gtk2 anymore and thus libcanberra isn't dependent on x11 to build support for gtk3
- fetch source from salsa.debian.org, use git for it
- remove outdated patches
- dont build gtk+ module by default anymore
- simplify packaging
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 8.5:
Breaking changes:
- The option --lcov-test-name doesn't accept values with spaces
anymore.
- The option --lcov-format-1.x is deprecated and mapped to
--lcov-format-version=1.x.
- Changes to HTML templates.
New features and notable changes:
- Due to added support for LLVM source based code coverage format
some configuration file keys got changed. The old gcov named
options are still supported but they also affect the LLVM
toolchain.
Bug fixes and small improvements:
- Fix coveralls report if there are several coverage elements per
line.
- Fix not excluded conditions if branches are excluded by comments.
- Fix reported excluded branches in LCOV report.
- Fix exclusion filter --gcov-exclude.
- Add --json-trace-data-source to include the trace data source in
the JSON report independent from --verbose.
- Remove generated gcov files on error and catch additional gcov
error message.
- Change default HTML theme excluded line color.
- Move theme colors to a separate CSS file so they can be overridden
with a simple --html-template-dir directory with only the
style.colors.css file.
- Fix regular expression for detecting a version mismatch between
gcc and gcov.
- Improve logging messages for GCOV execution errors to not print
information twice and add trace messages for gcov execution.
- Fix handling of lines after function specialization.
- Improve performance by changing logging messages (level and lazy
interpolation).
- Fix text report for covered decisions.
- Fix runtime problem introduced with 8.4.
- Fix wrong entries in data source attribute of JSON report.
- Fix nested HTML report without coverage data.
- Add warning if coverage data is empty.
- Add warning if function lines are missing in external generated
GCOV files.
- Extend support for zipped reports. If last suffix is .xz then
LZMA is used to compress the report.
- Fix function exclusion in report generation.
- Do not ignore lines without functions, e.g. from inlined code.
- Ignore all whitespaces instead of only spaces for detection of
noncode lines.
- Add support for temporary merging line coverage objects without
modifying the data model.
- Change internal behavior of --exclude-function-lines to exclude
the line of function definition instead of removing it completely.
- Ensure that all functions have a line coverage element in LCOV
report.
License-Update: Update years
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 4.3.0:
- Add arguments validation for schemas and validation methods (by
validation contexts)
- Add custom XPath parser for find/findall/iterfind APIs on schemas
for match singleton sequence also if position is a number greater
than 1 in predicate expression
- Improve build of XSD elements and groups, using a three-state
built flag for components
- Extend and fix memory tests (Python 3.14+ seems to consume more
memory)
- Drop support for Python 3.9 and add development support for
Python 3.15
License-Update: Update years
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 2025.12.0:
- fsspec.parquet to support filters and multiple files
- passing withdirs in aync _glob()
- fix _rm_file/_rm redirection in async
- allow arrowFile to be seekable
- add size attribute to arrowFile
- support py3.14 and drop 3.9
- avoid ruff warning
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 0.21.1:
- Fix escaping in help text when rich is installed but not used.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Details: https://nvd.nist.gov/vuln/detail/CVE-2012-5825
The Debian bugtracker[1] indicated that the issue is tracked by
upstream in github[2] (with a difference CVE ID, but same issue),
where the vulnerability was confirmed. Later in the same github issue
the solution is confirmed: the project switched to use the requests
library, which doesn't suffer from this vulnerability.
Due to this mark the CVE as patched.
[1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692444
[2]: https://github.com/tweepy/tweepy/issues/279
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Details: https://nvd.nist.gov/vuln/detail/CVE-2020-7694
The vulnerability was reported to the project[1], and the commit[2] that
resolved the issue has been part of the project since version 0.11.7.
Mark the CVE as patched due to this.
[1]: https://github.com/Kludex/uvicorn/issues/723
[2]: 895807f94e
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The relevant CVEs are associated with usc:cereal CPE.
See CVE db query:
sqlite> select * from PRODUCTS where PRODUCT like '%cereal%';
CVE-2020-11104|usc|cereal|||1.3.0|<=
CVE-2020-11105|usc|cereal|||1.3.0|<=
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
