Samba has a new build-time dependency, libquic[1]. The repository
builds an out-of-tree kernel module and a regular userspace library
with the same build script, however the Makefile seems to be fairly
hostile to cross-compilation. The Samba tarball also vendors the
same with their own build script - for now, this venodred version is used.
There are some efforts that the kernel part is mainlined[2], once it
happens it should be possible to easily remove this from the recipe.
pyldb was removed from RDEPENDS, as it seems that samba now builds its
own version of it.
Patches updated, unneeded patches dropped. Some patches contained a
considerable amount of whitespace changes - those were trimmed for
the ease of rebasing.
Added a backported patch to avoid infinite recursion during the generation
of the man pages.
Changelog:
https://gitlab.com/samba-team/samba/-/blob/samba-4.23.5/WHATSNEW.txt?ref_type=tags
(Switch to other branches to see earlier changelogs)
[1]: https://github.com/lxin/quic/
[2]: https://github.com/lxin/net-next/commits/quic/
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Fix following error when multilib is used:
Running transaction test
Error: Transaction test error:
file /etc/pam.d/vsftpd conflicts between attempted installs of vsftpd-3.0.5-r0.x86_64_v3 and lib32-vsftpd-3.0.5-r0.core2_32
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
============
- Popup menu at tab label on keybord activated
- Add keyboard support for context menu on terminal
- Add keyboard support for history menu on back and forward buttons
- Add keyboard support for context menu on toolbar
- Popup menu on tree view item for keyboard activated
- Popup menu at focused widget on keyboard activated
- Disable overlay scrolling by default (#367)
- Wrap long filenames in error dialogs (#1412)
- Limit filname length for create/rename (#1812)
- Add fallback for backdrop highlight color
- Properties dialog - add separator for fs data
- Show filesystem type in preferences
- At tooltips to 'Capacity' and 'Usage' (#1806)
- Show as well 'usable' size in 'Capacity' row (#1806)
- Differ between total and usable fs space (#1806)
- Add help text for URL arguments
- Call xfconf_shutdown before exit
- Store pending column size changes on close (#1318)
- Use GtkTreeModelFilter for tree view side pane (#1460)
- Tree-view pane: Fix wrong selection on open new window
- Prevent shortcuts view focus lost (#1675)
- Add 'grab_focus' parameter to 'set directory' calls (#1675)
- Expose drag-drop-mode in preferences
- Init media_fs_uuids on startup
- Never ask twice on replace/overwrite (#1794)
- Fix translations for XML file (#1790)
- Improve statusbar loading text (#1787)
- Detect CDROM media changes using ID_FD_UUID udev property
- Add %d to strings to fix some transl. (#939)
- Pass current dir to catfish (#1785)
- Ignore G_IO_ERROR_NOT_SUPPORTED (#1782)
- Show selection busy information on statusbar
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
==========
- parse_list_header preserves partially quoted items, discards empty items, and
returns empty for unclosed quoted values.
- WWWAuthenticate.to_header does not produce a trailing space when there are no
parameters.
- Transfer-Encoding is parsed as a set.
- Request.host, get_host, and host_is_trusted validate the characters of the
value. An empty value is no longer allowed. A Unix socket server address is
ignored. The trusted_list argument to host_is_trusted is optional.
- Fix multipart form parser handling of newline at boundary.
- Response.make_conditional sets the Accept-Ranges header even if it is not a
satisfiable range request.
- merge_slashes merges any number of consecutive slashes.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
Limit number of parts of a TOML key to address quadratic time complexity
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
=========
- (asgi) Add option to disable suppressing chained exceptions
- (logging) Separate ignore lists for events/breadcrumbs and sentry logs
- Set exception info on streaming span when applicable
- Patch AsyncStream.close() and AsyncMessageStream.close() to finish spans
- Patch Stream.close() and MessageStream.close() to finish spans
- (starlette) Catch Jinja2Templates ImportError
- Add note on AI PRs to CONTRIBUTING.md
- Pin GitHub Actions to full-length commit SHAs
- Add -latest alias for each integration test suite
- Use date-based branch names for toxgen PRs
- Update test matrix with new releases (03/19)
- Add client report tests for span streaming
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
==========
- Fix AttributeError in cluster metrics recording when connection is None or
ClusterNode object instance is used to extract the connection info (#3999)
- Fixing security concern in repr methods for ConnectionPools - passwords might
leak in plain text logs (#3998)
- Refactored connection count and SCH metric collection (#4001)
- Refactored health check logic for MultiDBClient (#3994)
- Expose basic Otel classes and functions to be importable through
redis.observability to match the examples in the readthedocs
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
===========
- Make marshmallow.fields.Number and marshmallow.fields.Mapping abstract base
classes to prevent using them within Schemas
- Allow required to be set on marshmallow.fields.Contant
- Fix marshmallow.validate.OneOf emitting extra pairs when labels outnumber
choices
- Fix behavior when passing a dot-delimited attribute name to partial for a key
with data_key set
- Fix Enum field by-name lookup to only return actual members
- marshmallow.fields.DateTime with format="timestamp_ms" properly rejects bool
values
- Fix typing of error_essages argument to marshmallow.fields.Field
- Add ipaddress.* to marshmallow.Schema.TYPE_MAPPING
-
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Bug Fixes
==========
- HTTP/2 ASGI Body Duplication: Fix request body being received twice in HTTP/2
ASGI requests, causing JSON parsing errors with "Extra data" messages (#3558)
- ASGI Chunked EOF Handling: Add finish() method to callback parser to handle
chunked encoding edge case where connection closes before final CRLF after
zero-chunk
- HTTP/2 Documentation: Fix http_protocols examples to use comma-separated
string instead of list syntax (#3561)
- Chunked Encoding: Reject chunk extensions containing bare CR bytes per RFC
9112 (#3556)
- Request Line Limit: Fix --limit-request-line 0 to mean unlimited as
documented, instead of using default maximum. Works with both Python and fast
C parser. (#3563)
- uWSGI Async Workers: Fix InvalidUWSGIHeader: incomplete header error when
using gevent or gthread workers with uwsgi protocol behind nginx.
- FileWrapper Iterator Protocol: Add __iter__ and __next__ methods to
FileWrapper for full PEP 3333 compliance. Previously only supported old-style
__getitem__ iteration which broke code explicitly using iter() or next().
Security =============
- ASGI Parser Header Validation: Add security checks per RFC 9110/9112:
- Reject duplicate Content-Length headers
- Reject requests with both Content-Length and Transfer-Encoding
- Reject chunked transfer encoding in HTTP/1.0
- Reject stacked chunked encoding
- Validate Transfer-Encoding values
- Strict chunk size validation
Changes ==========
- Fast HTTP Parser: Update to gunicorn_h1c >= 0.6.3 for asgi_headers property
and InvalidChunkExtension validation for bare CR rejection
- ASGI PROXY Protocol: Add PROXY protocol v1/v2 support to callback parser
- Docker Images: Update to Python 3.14
New Features ============
- Fast HTTP Parser (gunicorn_h1c 0.6.0): Integrate new exception types and
limit parameters from gunicorn_h1c 0.6.0 for both WSGI and ASGI workers
- Requires gunicorn_h1c >= 0.6.0 for http_parser='fast'
- Falls back to Python parser in auto mode if version not met
- Proper HTTP status codes for limit errors (414, 431)
Performance ============
- ASGI HTTP Parser Optimizations: Improve ASGI worker HTTP parsing performance
- Callback-based parsing with direct bytearray buffer operations
- Use bytearray.find() directly instead of converting to bytes first
- Use index-based iteration for header parsing instead of list.pop(0) (O(1) vs
O(n))
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Security fixes:
=================
- Remove import-time loading of timezone offset data from pickle to prevent
unsafe deserialization from packaged data
- Replace eval() use when parsing no_word_spacing with strict boolean
parsing to prevent code execution from locale metadata (#1056)
New features:
=============
- Add support for expressions like "N {interval} from now" in English (#1271)
- Add support for the en-US locale (#1222)
Fixes:
========
- Honor REQUIRE_PARTS for ambiguous month-number inputs by retrying with a
year-biased DATE_ORDER (#1298)
- Fix parsing word-number relative phrases such as "two days later" (#1316)
- Allow md5hash to work in FIPS environments (#1267)
Improvements:
=============
- Add Bosnian Cyrillic (ijekavica) date translations (#1293)
- Add a new browser-based demo to the project documentation (#1306)
- Update installation documentation to replace setup.py install guidance
- Add a project security policy
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
Fixed AttributeError in start_notify() and stop_notify() on Android.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
===========
- Dropped support for Python 3.9
- Added a ttl parameter to the anyio.functools.lru_cache wrapper
- Widened the type annotations of file I/O streams to accept IO[bytes] instead
of just BinaryIO
- Fixed anyio.Path not being compatible with Python 3.15 due to the removal of
pathlib.Path.is_reserved() and the addition of pathlib.Path.__vfspath__()
- Fixed the BrokenResourceError raised by the asyncio SocketStream not having
the original exception as its cause
- Fixed the TypeError raised when using "func" as a parameter name in
pytest.mark.parametrize when using the pytest plugin
- Fixed the pytest plugin not running tests that had the anyio marker added
programmatically via pytest_collection_modifyitems
- Fixed cancellation exceptions leaking from a CancelScope on asyncio when they
are contained in an exception group alongside non-cancellation exceptions
- Fixed Condition.wait() not passing on a notification when the task is
cancelled but already received a notification
- Fixed inverted condition in the process pool shutdown phase which would cause
still-running pooled processes not to be terminated
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
===========
- TTF security fixes
- Fix#334 - HPDF_FAILD_TO_ALLOC_MEM missing
- Compatibility with Higher version of Delphi
- Remove restriction on user password to be different from owner password
- Fix various typos
- Fix Build error for Win32 (x86) due to modifier mismatch #350
- CMakeLists.txt: install docs and bindings to DOCDIR
- Adapt CMake scripts for WebAssembly compilation
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
============
- Git PR #673: Fix warning for non clang builds on linux
- Git Issue #675: std::chrono conversion does not compile with libc++
- Git PR #679: Fix double colon in url generator
- Git PR #680: Added missing space after "found" in maximum_validator
- Git PR #685: optimize semantic_tag::noesc write_string
- Git PR #687: jmespath: allow rhs_expression in a keyvalue - expression
- Git PR #688,#689: jmespath: where possible without losing information,
- store the result of ceil and floor as basic_json integer values
- rather than double values.
- Added toon-format extension
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Improvements
=============
error_on_missing_array_elements option
Glaze vs Boost.Beast HTTP server benchmarks and optimizations
custom optional support
Add clang-cl CI workflow
Make REST router more like a map and allow overwriting routes
Fixes
======
YAML fix for generic_u64 and generic_i64
format_context to support specifying YAML in opts format field
glz::patch support for all glz::generic_ types
Avoid erroring on nullable value types
Fix GNU-style flag passing to MSVC frontend
Nullable value write skipping
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
0001-Fixed-swig-host-contamination-issue.patch
refreshed for 4.1.4
Changelog:
===========
- Update syscalls and io_uring tables for the 7.0 kernel
- Code cleanups
- Avoid blocking auditd while handling disk space alerts
- Tighten auditctl permission checks and rule deletion handling
- Fix ausearch and auparse parsing for several newer record types
- Prevent queue resize races in audisp and oversize records in af_unix
- Fix memory safety issues in auparse and the audisp filter plugin
- Improve reliability of audisp-remote, auplugin, and the ids plugin
- Fix stats collection and parsing in the audisp-statsd plugin
- Refresh ausearch and aureport man pages
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Drop patch that was merged upstream.
License update: a copyright line was removed. The license is still MIT.
Changes:
Version 6.1.2
=============
Code Fixes
----------
* Fix for low-severity CVE-2026-23868 affecting gifponge, giftool, and gifbuild,
but not the core library - library clients need not be alarned.
Version 6.1.1
=============
This release bumps the major version, but only one entry point -
EGifSpew() - has changed signature and behavior (in order to be able
to pass out a detailed error code). The internal error
codes in the E_GIF_ERR series have changed value so none of them
collides with GIF_ERROR.
This code has been systematically audited and hardened wuth
ChatGPT-5.2. The only library fixes reported by users or found by
robot were for some memory leaks that could only triggered by severely
malformed GIFs. Other bugs are edge-case failures in the CLI tools.
The gif2rbg CLI tool has been moved to the "obsolete" bin, because its
only deployment case in 2026 is as a piñata at fuzzer parties.
Warning: the CLI tools in the obsolete category will soon be removed
from the distribution entirely. The maintainer is tired of fielding
junk bugs filed against them by would-be coup-counters who found yet
another edge case, and the rest of the world doesn't need noisy CVEs
that aren't actually DoS or security issues for giflib clients.
Code Fixes
----------
* Fix for CVE-2021-40633.
* Fix SF bug #165 EGifSpew leaks GifFileOut->SColorMap
* Fix SF bug #171 ImageMagick required to build giflib on non-Darwin Platforms
* Fix SF bug #172 Incorrect object files in shared libutil on darwin
* Fix SF bug #173 installation of manual pages and html documentation
* Fix SF bug #175 Memory leaks in gifecho.c's main() and in gifalloc.c's GifMakeMapObject
* Fix SF bug #177 wrong pointer used in giftool getbool
* Fix SF bug #179 Path Traversal vulnerability
* Fix SF bug #180: -Wformat-truncation likely pointing out an actual bug
* Fix SF bug #182 out‐of‐bounds writes in Icon2Gif
* Fix SF bug #184 uninitialized buffer in DumpScreen2RGB
* Fix SF bug #185 integer overflow in gifbg.c
* Fix SF bug #186 integer overflow in Icon2Gif
* Fix SF bug #187: CVE-2025-31344
* Fix SF bug #170 Tests failing on Ubuntu Noble, giftext buffer overflow
* Fix SF bug #165 EGifSpew leaks GifFileOut->SColorMap
* Fix SF bug #162 detected memory leaks in GifMakeSavedImage giflib/gifalloc.c
* Fix SF bug #161 detected memory leaks in EGifOpenFileHandle giflib/egif_lib.c
* Fix SF bug #142 ABI break public symbol GifQuantizeBuffer
Other bugs that duplicate these have breen addressesed by these fixes
* SF bug #156 EGifSpew leaks SavedImages (and more); won't fix, caller
might want to write a GIF, modify the in-memory data, then write
again.
Tests
-----
Test suite now emits TAP (Test Anything Protocol).
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
- Intermediate release to be able to use a proper version tag
in the Yocto recipe.
Signed-off-by: Michael Fitzmayer <mail@michael-fitzmayer.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
- Switched to a new versioning scheme: 1.0.13 -> 2.00
- Reworked CAN interface handling by migrating to the CANvenient abstraction layer
- Improved/updated auto-completion using isocline
- Various bug fixes
Signed-off-by: Michael Fitzmayer <mail@michael-fitzmayer.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
- Add versioning
- New version to be able to use a proper version tag
in the Yocto recipe
Signed-off-by: Michael Fitzmayer <mail@michael-fitzmayer.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The incompatible pointer warning/error has been fixed upstream[1],
no need for custom CFLAGS for this anymore.
[1]: 43bcfbcdf5
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Compilation with musl has been fixed by upstream[1], no need for custom
CFLAGS for this anymore.
[1]: d38b5d92ee
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
