Wang Mingyu [Tue, 26 Sep 2023 08:29:02 +0000 (16:29 +0800)]
python3-pycryptodomex: upgrade 3.18.0 -> 3.19.0
Changelog:
===========
-The update() methods of TupleHash128 and TupleHash256 objects can now hash
multiple items (byte strings) at once. Thanks to Sylvain Pelissier.
-Added support for ECDH, with Crypto.Protocol.DH.
-GH#754: due to a bug in cffi, do not use it on Windows with Python 3.12+.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Wang Mingyu [Tue, 26 Sep 2023 08:28:21 +0000 (16:28 +0800)]
python3-pycryptodome: upgrade 3.18.0 -> 3.19.0
Changelog:
==========
- The update() methods of TupleHash128 and TupleHash256 objects can now hash
multiple items (byte strings) at once. Thanks to Sylvain Pelissier.
- Added support for ECDH, with Crypto.Protocol.DH.
- GH#754: due to a bug in cffi, do not use it on Windows with Python 3.12+.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Wang Mingyu [Tue, 26 Sep 2023 08:28:00 +0000 (16:28 +0800)]
python3-hypothesis: upgrade 6.84.3 -> 6.86.2
Changelog:
===========
-Hotfix for issue #3747, a bug in explain mode which is so rare that we missed
it in six months of dogfooding.
-This patch improves the documentation of @example(...).xfail() by adding a
note about PEP 614, similar to @example(...).via(), and adds a warning when a
strategy generates a test case which seems identical to one provided by an
xfailed example.
-This release enables the explain phase by default.
-This patch switches some of our type annotations to use typing.Literal when
only a few specific values are allowed, such as UUID or IP address versions.
-This release deprecates the old whitelist/blacklist arguments to characters(),
in favor of include/exclude arguments which more clearly describe their
effects on the set of characters which can be generated.
-You can use Hypothesis; codemods to automatically upgrade to the new argument names.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Wang Mingyu [Tue, 26 Sep 2023 08:24:48 +0000 (16:24 +0800)]
python3-numpy: upgrade 1.25.2 -> 1.26.0
License-Update: split license file in standard BSD 3-clause and bundled.
Changelog:
==========
Python 3.12.0 support.
Cython 3.0.0 compatibility.
Use of the Meson build system
Updated SIMD support
f2py fixes, meson and bind(x) support
Support for the updated Accelerate BLAS/LAPACK library
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Wang Mingyu [Tue, 26 Sep 2023 08:23:50 +0000 (16:23 +0800)]
libsecret: upgrade 0.21.0 -> 0.21.1
Changelog:
===========
* Fix updating credentials by another process in the same Flatpak sandbox [#62, !99]
* Migrate to g_memdup2 [!121]
* Print error logs in CI [!125]
* Updated translations
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Wang Mingyu [Tue, 26 Sep 2023 08:22:45 +0000 (16:22 +0800)]
enchant2: upgrade 2.5.0 -> 2.6.1
Changelog:
==========
-This version tweaks normalization of language tags so that only the part of
the tag that specifies country and language is altered; any extra that is
not removed is left alone.
-This version removes validation of language tags; dictionary names no longer
have to be valid language tags.
-Debug output now uses GLib's debug system, and can be enabled at run-time by
setting the environment variable G_MESSAGES_DEBUG to 'libenchant'.
-The Aspell back-end has a fix to let it work with language variants such as
"en_GB-ize".
-There's more code clean-up, build system updates, and a couple of null
-pointer dereference fixes
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Wang Mingyu [Tue, 26 Sep 2023 08:20:03 +0000 (16:20 +0800)]
at-spi2-core: upgrade 2.48.4 -> 2.50.0
Changelog:
===========
* Fix at-spi2-atk test when running under a non-English locale.
* collection: Avoid locking up if an object has a very large child count
* Fix possible NULL pointer dereference when deregistering an event listener.
* Various fixes for the new key grabbing API.
* Don't wait for a reply when registering or deregistering keystroke
listeners.
* Add a meson option to exclude the gtk2 atk-bridge module.
* Fix a test failure/timeout.
* Add atspi_get_version() to return the runtime version of the library.
* Collection: fix match testing for attributes.
* Fix a NULL pointer dereference when deregistering an event listener that
doesn't include a detail.
* Fix the documentation for interfaces in collection match rules.
* Add an AtspiLive enum to specify the politeness level for live regions,
and document that this should be used for Announcement signals. Also add a
notification signal in atk to replace the announcement signal that lacks
the politeness information.
* Add an asynchronous version of atspi_generate_mouse_event.
* TableCell.xml: Add Get{Column,Row}HeaderCells methods
* atspi_accessible_get_localized_role_name: Use internal names when possible.
* Add a non-recursive function to clear a single object's cache.
* Code clean-ups.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
* 481358974fb0 [GVN] Also remove phi nodes from VN table (PR65447)
* 9f77e96186be [GVN] Invalidate MDA when deduplicating phi nodes
* a13a89402f53 Bump version to 17.0.2
* 2c04bdb24677 [SVE] Ensure SVE call operands passed via memory are correctly initialised. (#66070)
* 701620d58cdf [SVE] Precommit test to show missing initialisation of call operand.
FAIL: glib/convert.test (Child process killed by signal 6)
FAIL: glib/collate.test (Child process killed by signal 6)
FAIL: glib/gdatetime.test (Child process killed by signal 6)
FAIL: glib/date.test (Child process killed by signal 6)
FAIL: glib/converter-stream.test (Child process killed by signal 6)
FAIL: glib/option-context.test (Child process killed by signal 6)
maintainers.inc: add python3-spdx-tools and dependencies
Add maintainers for new packages and also some copied from meta-python:
python3-beartype, python3-booleanpy, python3-click, python3-isodate,
python3-license-expression, python3-rdflib, python3-spdx-tools,
python3-uritools, python3-xmltodict
Signed-off-by: Marta Rybczynska <mrybczynska@syslinbit.com> Signed-off-by: Samantha Jalabert <samantha.jalabert@syslinbit.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ptest-packagelists.inc: add python test license-expression
Adding test to the list of tests with problems. It comes as a
copy from meta-python to satisfy dependencies of python3-spdx-tools
and throws and exception on execution.
Signed-off-by: Marta Rybczynska <mrybczynska@syslinbit.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
LABELS from poky are by default without any suffixes like "boot install", so default entry
does not have the .conf suffix as well and systemd-boot is not able to use this information
and it's starting in any case the first entry. To be able to start another entry by default,
.conf suffix is required.
With this change, LABELS variable can still be used by other bootloaders and being used as description
field.
Ross Burton [Mon, 25 Sep 2023 11:35:08 +0000 (12:35 +0100)]
webkitgtk: reduce size of -dbg package
Unless DEBUG_BUILD is enabled, pass -g1 to massively reduce the size of
the debug symbols (4.3GB to 700M at time of writing):
Level 1 produces minimal information, enough for making backtraces in
parts of the program that you don't plan to debug. This includes
descriptions of functions and external variables, and line number
tables, but no information about local variables.
This makes the sstate objects a lot more manageable, and packaging
faster. On my machine:
Previously, sending a specially crafted message over the control channel
could cause the packet-parsing code to run out of available stack
memory, causing named to terminate unexpectedly. This has been fixed.
(CVE-2023-3341)
ISC would like to thank Eric Sesterhenn from X41 D-Sec GmbH for bringing
this vulnerability to our attention. [GL #4152]
A flaw in the networking code handling DNS-over-TLS queries could cause
named to terminate unexpectedly due to an assertion failure under
significant DNS-over-TLS query load. This has been fixed.
(CVE-2023-4236)
ISC would like to thank Robert Story from USC/ISI Root Server Operations
for bringing this vulnerability to our attention. [GL #4242]
Removed Features
The dnssec-must-be-secure option has been deprecated and will be removed
in a future release. [GL #4263]
Feature Changes
If the server command is specified, nsupdate now honors the nsupdate -v
option for SOA queries by sending both the UPDATE request and the
initial query over TCP. [GL #1181]
Bug Fixes
The value of the If-Modified-Since header in the statistics channel was
not being correctly validated for its length, potentially allowing an
authorized user to trigger a buffer overflow. Ensuring the statistics
channel is configured correctly to grant access exclusively to
authorized users is essential (see the statistics-channels block
definition and usage section). [GL #4124]
This issue was reported independently by Eric Sesterhenn of X41 D-Sec
GmbH and Cameron Whitehead.
The Content-Length header in the statistics channel was lacking proper
bounds checking. A negative or excessively large value could potentially
trigger an integer overflow and result in an assertion failure. [GL
This issue was reported by Eric Sesterhenn of X41 D-Sec GmbH.
Several memory leaks caused by not clearing the OpenSSL error stack were
fixed. [GL #4159]
This issue was reported by Eric Sesterhenn of X41 D-Sec GmbH.
The introduction of krb5-subdomain-self-rhs and ms-subdomain-self-rhs
UPDATE policies accidentally caused named to return SERVFAIL responses
to deletion requests for non-existent PTR and SRV records. This has been
fixed. [GL #4280]
The stale-refresh-time feature was mistakenly disabled when the server
cache was flushed by rndc flush. This has been fixed. [GL #4278]
BIND’s memory consumption has been improved by implementing dedicated
jemalloc memory arenas for sending buffers. This optimization ensures
that memory usage is more efficient and better manages the return of
memory pages to the operating system. [GL #4038]
Previously, partial writes in the TLS DNS code were not accounted for
correctly, which could have led to DNS message corruption. This has been
fixed. [GL #4255]
Known Issues
There are no new known issues with this release. See above for a list of
all known issues affecting this BIND 9 branch.
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Kai Kang [Fri, 22 Sep 2023 08:04:12 +0000 (16:04 +0800)]
adwaita-icon-theme: 43 -> 45.0
Update adwaita-icon-theme from 43 to 45.0.
* meson is used to replace autotools, then the patch is redundant
* not overwrite PACKAGES, and remove sub-packages ${PN}-hires and
${PN}-symbolic-hires which are created to handle big icon files which
do not exist in adwaita-icon-theme 45.0
* update FILES of ${PN}-symbolic and split license files to ${PN}-doc
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Mon, 25 Sep 2023 13:28:21 +0000 (14:28 +0100)]
create-spdx: Ensure it is clear where the message comes from
This message can appear in do_rootfs and the users tend to think this is
some kind of packaging issue. Add SPDX to the message so users like me
think in the right direction.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Sat, 23 Sep 2023 13:04:11 +0000 (14:04 +0100)]
oeqa/runtime/parselogs: parse the logs with Python, not grep
Instead of constructing huge grep statements, we can simply open the logs
in Python and do the relevant string operations directly.
The trick is to remember to casefold() all of the strings, so that the
"in" operator can be used.
Just one of the ignores needs to be adjusted because it uses a regular
expression and the new logic doesn't support that. This is handled
by simply reducing the size of the ignore match.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Sat, 23 Sep 2023 13:04:07 +0000 (14:04 +0100)]
oeqa/runtime/parselogs: improve find call
getLogList() uses remote find invocations to find the logs. Instead of
relying on shell expansion of wildcards and redundant use of -maxdepth
(pointless as the shell expansion means the find is passed the files to
return), invoke find idiomatically by telling it what directory to
search for and escape the glob so find processes it.
Also remove many pointless str() calls.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
spdx: use TOOLCHAIN_OUTPUTNAME for SDK filename prefix
Replace SDK_NAME with TOOLCHAIN_OUTPUTNAME when naming SDK host and
target SPDX archives.
In most cases TOOLCHAIN_OUTPUTNAME is almost identical to SDK_NAME,
but sometimes custom meta-toolchain recipes have some variations and
populate_sdk_base.bbclass already uses TOOLCHAIN_OUTPUTNAME to name
corresponding host and target manifests:
This avoids file conflicts in deploy/sdk/ when building multiple
machines (either manually or via multiconfig), where sdk/toolchain
installers, manifests and now SPDX archives will overlap otherwise.
Robert Joslyn [Sat, 23 Sep 2023 17:17:43 +0000 (10:17 -0700)]
curl: Update from 8.2.1 to 8.3.0
NSS support was removed, so adjust PACKAGECONFIG options.
The --enable-crypto-auth option was removed and split into separate
options for basic-auth, bearer-auth, digest-auth, kerberos-auth,
negotiate-auth, and aws. Enable these new options since upstream enables
them by default.
Disable test 1279 since this requires libcurl and hangs the tests.
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / thirdparty / openembedded / openembedded-core-contrib.git / log
