meta-openembedded

mirror of git://git.openembedded.org/meta-openembedded synced 2026-04-02 02:49:12 +00:00

Author	SHA1	Message	Date
Gyorgy Sarvari	67d0242d70	gimp: add additional patch for CVE-2026-0797 There is an additional patch for CVE-2026-0797, which is not mentioned in the CVE advisory, nor in the related issue nor in the related PR, however both the change, and the commit message shows that this is a continuation of the original fix, which was incomplete. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-24 08:52:05 +05:30
Gyorgy Sarvari	ad6ea218ae	gnome-shell: ignore CVE-2021-3982 Details: https://nvd.nist.gov/vuln/detail/CVE-2021-3982 The vulnerability is about a privilege escalation, in case the host distribution sets CAP_SYS_NICE capability on the gnome-shell binary. OE distros don't do that, and due to this this recipe is not affected by this issue. The CVE is ignored. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 4d6e24106c78eed3b9d9a36115df8d2f057f5178) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-24 08:52:01 +05:30
Gyorgy Sarvari	1a6816e20f	gimp: patch CVE-2026-2048 Details: https://nvd.nist.gov/vuln/detail/CVE-2026-2048 Pick the patch from the relevant upstream issue[1]; [1]: https://gitlab.gnome.org/GNOME/gimp/-/issues/15554 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-24 08:52:00 +05:30
Gyorgy Sarvari	fb8e5b9659	gimp: ignore CVE-2026-2047 Details: https://nvd.nist.gov/vuln/detail/CVE-2026-2047 The vulnerability exists in ICNS importer, which was first introduced in version 3.0 [1], and the code is not present in the recipe version. Due to this, ignore this CVE. [1]: `00232e1787` Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-24 08:51:51 +05:30
Gyorgy Sarvari	210ce6945c	gimp: patch CVE-2026-2045 Details: https://nvd.nist.gov/vuln/detail/CVE-2026-2045 Pick the patch associated with the relevant upstream issue[1]. [1]: https://gitlab.gnome.org/GNOME/gimp/-/issues/15293 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-24 08:47:06 +05:30
Gyorgy Sarvari	276a3b7195	gimp: patch CVE-2026-2044 Details: https://nvd.nist.gov/vuln/detail/CVE-2026-2044 Pick the patch referenced by the NVD advisory. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-24 08:47:05 +05:30
Gyorgy Sarvari	74f6a2e5ac	gimp: patch CVE-2026-0797 Details: https://nvd.nist.gov/vuln/detail/CVE-2026-0797 The patch referenced in the NVD report looks incorrect. This change in this patch was taken from the related upstream issue[1]. [1]: https://gitlab.gnome.org/GNOME/gimp/-/issues/15555 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-24 08:47:05 +05:30
Gyorgy Sarvari	3dd2d0dc98	gimp: patch CVE-2025-2761 Details: https://nvd.nist.gov/vuln/detail/CVE-2025-2761 Pick the patch from the relevant upstream bug[1]. [1]: https://gitlab.gnome.org/GNOME/gimp/-/issues/13073 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-24 08:47:04 +05:30
Gyorgy Sarvari	50d7ec475b	gimp: patch CVE-2025-2760 Details: https://nvd.nist.gov/vuln/detail/CVE-2025-2760 Use the fixes from Debian. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-24 08:47:04 +05:30
Gyorgy Sarvari	42d1f2f681	gimp: patch CVE-2025-15059 Details: https://nvd.nist.gov/vuln/detail/CVE-2025-15059 Backport the patch that is referenced by the NVD advisory. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-24 08:47:03 +05:30
Gyorgy Sarvari	077dad4b6d	gimp: ignore CVE-2025-14424 Details: https://nvd.nist.gov/vuln/detail/CVE-2025-14424 The vulnerbaility was introduced in version 3.0.0, with commit[1]. The recipe version isn't vulnerable - ignore this CVE. [1]: `a0fc5a025a` Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-24 08:47:03 +05:30
Anuj Mittal	6ce6448ebc	README: update listed maintainer Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-25 13:58:47 +05:30
Gyorgy Sarvari	11dfc31f83	gnome-commander: upgrade 1.16.1 -> 1.16.2 Drop patch that is included in this version. Changes: - Fix double g_error_free call in remote_close_callback - Fix build with taglib 2.0 - Set project gnu++11 c++ language version explicitely Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:13 +05:30
Wang Mingyu	b64c7c68a0	gnome-text-editor: upgrade 46.1 -> 46.3 Changelog: =========== - Fix a trivial build error when -Werror=implicit-function-declaration is - specified. - Fix an issue with cancellation of closing a page - Try harder to ensure a buffer disposes associated resources when the page is closed. - Translation updates Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 05627552612ead8bec55ebac7633ff6a017aaa6e) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:13 +05:30
Wang Mingyu	fe4ef3f878	eog: upgrade 45.3 -> 45.4 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 4181632bc18930e6b92f14f058e154681e57e0a0) Changes: - Regenerate thumbnails on save - Use "fast" content type as fallback if normal content type is unavailable - docs: Replace dead links to developer-old.gnome.org (Andre Klapper) - Updated translations Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:13 +05:30
Markus Volk	acebc13ce7	gnome-disk-utility: update 46.0 -> 46.1 46.1 - September 03, 2024 ========================= Alexandre Franke: * metainfo: fix URLs * metainfo: replace screenshots Athmane MOKRAOUI: * Add Kabyle translation Updated translations: * Alexandre Franke (fr), Anders Jonsson (sv), Andi Chandler (en_GB), Andika Triwidada (id), Artur S0 (ru), Asier Sarasua Garmendia (eu), Athmane MOKRAOUI (kab), Aurimas Černius (lt), Balázs Úr (hu), Boyuan Yang (zh_CN), Danial Behzadi (fa), Daniel Rusek (cs), Daniel Șerbănescu (ro), Efstathios Iosifidis (el), Ekaterine Papava (ka), Guntupalli Karunakar (hi), Hugo Carvalho (pt), Jordi Mas i Hernandez (ca), Juliano de Souza Camargo (pt_BR), Jürgen Benvenuti (de), Martin (sl), Matej Mrenica (sk), Piotr Drąg (pl), Rachida SACI (kab), Sabri Ünal (tr), Seong-ho Cho (ko), Vasil Pupkin (be), Vincent Chatelain (fr), Yaron Shahrabani (he), Yuri Chornoivan (uk) Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 8233ca7595d2ce05a8ace6ffdc3dfb2ba031681e) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:13 +05:30
Gyorgy Sarvari	c7e6992a39	gnome-tweaks: upgrade 40.0 -> 40.10 Changes (note that there were no intermediate releases): 40.10: This release includes a fix for the broken GNOME Extensions link and several translation updates. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +05:30
Gyorgy Sarvari	6c2b2225c5	nautilus: upgrade 45.1 -> 45.2.1 Changes: 45.2.1: * Fix a crash in sidebar code * Fix build without optional cloudproviders dependency 45.2: * Bugfixes: - Don't crash when reconnecting to remove server - Actually detect unmount on some non-native mounts - Don't crash on image properties - Allow types and sizes in Properties to expand - Don't corrupt toast messages * Translation updates Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +05:30
Gyorgy Sarvari	3f350dbe1a	gnome-shell-extensions: upgrade 46.1 -> 46.4 Changes: 46.4: * Update template CI images to fix release pipeline 46.3: * places-menu: Fix a11y labelling * places-menu: Fix opening drives with mount operations * window-list: Fix hiding when entering overview with gestures * workspace-indicator: Only show previews of regular windows * Misc. bug fixes and cleanups 46.2: * apps-menu: Fix a11y of category labels * window-list: Fix long-press support * Misc. bug fixes and cleanups Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +05:30
Gyorgy Sarvari	82e02ae980	gnome-bluetooth: upgrade 46.0 -> 46.2 Changes: ver 46.2: This version contains a fix for the devices page staying empty on load in some circumstances, as well as translation updates. ver 46.1: This version contains translation updates and a bug fix for some device icons not appearing correctly. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +05:30
Gyorgy Sarvari	cdde87bb97	mutter: fix profiler PACKAGECONFIG In case "profiler" PACKAGECONFIG is enabled, the build fails with the following error: \| ninja: error: '/usr/share/dbus-1/interfaces/org.gnome.Sysprof3.Profiler.xml', needed by 'src/meta-dbus-sysprof3-profiler.c', missing and no known rule to make it meson.build script is looking explicitly for a required file using the sysroot of the build system instead of ${RECIPE_SYSROOT}. To avoid this, patch meson.build to prefix this path with ${RECIPE_SYSROOT}. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit ead8f7b3273965f383ec4999bb38e87ba37daf61) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +05:30
Gyorgy Sarvari	fe7623f3bb	mutter: upgrade 46.1 -> 46.9 Contains many bugfixes: https://gitlab.gnome.org/GNOME/mutter/-/blob/46.9/NEWS 46.9 ==== * Support presentation-time version 2 * Honor wl_surface.offset on cursor surfaces * Fix crash 46.8 ==== * Use BT709 coefficients and limited range for YUV conversion by defaults * Also request high priority secondary EGL context * Fix applying initial _NET_WM_WINDOW_OPACITY on Xwayland * Misc. bug fixes and cleanups 46.7 ==== * Default to high thread instead of realtime priority for KMS thread * Fix updating cursor immediately when starting window drag * Prefer GPUs with built-in panels connected as primary GPU * Fix cursor glitches when using virtual monitors * Ensure frame events are sent for cursor surfaces * Allow BGRX8888 format on big endian * Fix touchscreen drag-and-drop on wayland * Fixed crashes * Misc. bug fixes and cleanups 46.6 ==== * Fix grabbing tablet devices * Fix explicit sync with virtual monitors w/o pipewire streams * Improve detecting preferred primary devices * Fixed crashes * Misc. bug fixes and cleanups 46.5: * Fix drag and drop between X11 and wayland clients * Fix drag and drop from grabbing popups * Fix EGLDevice support * Fix frozen cursor on some hybrid machines * Fix touch window dragging with pointer lock enabled * Fix propagating tablet device removals to clients * Fix tablet input in maximized windows * Reduce damage on window movement * Fix frozen cursor after suspend * Fix using modifiers on multi-GPU setups * Fixed crashes * Misc. bug fixes and cleanups 46.4: * Fix nested popovers on wayland * Misc. bug fixes and cleanups 46.3.1: * Fix visibility of Xwayland windows * Misc. bug fixes 46.3: * Fix performance issues with second virtual monitor * Fix missing unmap animation of some windows * Fix placement/resizing regression * Fix possible out of sync primary selections and clipboard * Fix ibus support in popups * Fix hardware accelerated rendering when headless * Add back support for legacy X11 cursor themes * Fix preedit offsets * Use character offsets to specify surrounding text * Don't force titlebar on screen on all interactive resizes * Fixed crashes * Misc. bug fixes and cleanups 46.2: * Fix hardware cursor with non-atomic KMS drivers * Fix night light state getting stuck on monitor changes * Fix sending preferred buffer transform * Fix key press events with immediate release being ignored * Fix unsetting clipboard on screen lock * Fix wrong input region of undecorated X11 windows * Fix windows potentially shrinking unexpectedly on configure * Fix popup menus sometimes closing immediately * Fixed crashes * Misc. bug fixes and cleanups Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +05:30
Wang Mingyu	01f91cef8d	gnome-keyring: upgrade 46.1 -> 46.2 Changelog: ========= * Don't use 'bool' as variable name * autogoo: replace AC_HELP_STRING with AS_HELP_STRING * Default "automatically unlock" checkbox to false * build: Fix distcheck with systemd unit * rpc-layer: Fix undefined reference to g_strlcpy * Updated translations Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 0e55ce901a9697f273b1b04dc6daa15b81d4173f) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +05:30
Khem Raj	4808353b95	libgweather4: Upgrade to 4.4.4 - Fix deprecation warnings [!300] - Fix introspection annotation for async functions [!318] - Plug some memory leaks [!321] - Translation updates Use GI_TYPELIB_PATH to point to typlib paths in target sysroot Fixes \| FAILED: data/Locations.bin \| /mnt/b/yoe/master/build/tmp/work/core2-64-yoe-linux-musl/libgweather4/4.4.4/libgweather-4.4.4/build-aux/meson/gen_locations_variant.py ../libgweather-4.4.4/data/Locations.xml data/Locations.bin \| Traceback (most recent call last): \| File "/mnt/b/yoe/master/build/tmp/work/core2-64-yoe-linux-musl/libgweather4/4.4.4/libgweather-4.4.4/build-aux/meson/gen_locations_variant.py", line 7, in <module> \| from gi.repository import GLib \| File "/mnt/b/yoe/master/build/tmp/work/core2-64-yoe-linux-musl/libgweather4/4.4.4/recipe-sysroot-native/usr/lib/python3.13/site-packages/gi/importer.py", line 133, in create_module \| raise ImportError('cannot import name %s, ' \| 'introspection typelib not found' % namespace) \| ImportError: cannot import name GLib, introspection typelib not found Signed-off-by: Khem Raj <raj.khem@gmail.com> Cc: Andreas Müller <schnitzeltony@gmail.com> (cherry picked from commit 054716edca0ed56c171b5cb8d375c6bdf53eaa4b) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +05:30
Wang Mingyu	35c2478920	tracker-miners: upgrade 3.7.2 -> 3.7.3 0001-fix-reproducibility.patch refreshed for 3.7.3 Changelog: ============ * Fix possible crashes handling live changes to extractor configuration * Make it easier to run tracker-extract-3 under Valgrind * Plug a leak on misdetected JPEG files * Many further metadata extraction tests Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 9cc20a0203ebbf052aa70856436a6b265cd3fbeb) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +05:30
Wang Mingyu	4ee962960c	tracker-miners: upgrade 3.7.1 -> 3.7.2 0001-Set-header-file-to-a-fixed-path-instead-of-a-host-pa.patch 0001-fix-reproducibility.patch refreshed for 3.7.2 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 59c62576b40da737703a0b7a42c63c927d95a7c5) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +05:30
Wang Mingyu	d6304f05b0	tracker: upgrade 3.7.2 -> 3.7.3 Changelog: ========= * Bump database version to fix SQLite 3.45.3 issues in existing installs * Fixed possible infinite loop on incomplete/unterminated Turtle/Trig data. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit c6a9b1559cc5b10d61b552d947da83ac81396654) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +05:30
Wang Mingyu	87b5388983	tracker: upgrade 3.7.1 -> 3.7.2 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 3142a9ca94fca2ab8c36ac5f6b7fe435cfb9a5ef) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +05:30
Peter Marko	4e51b7c2ac	gdm: add missing json-glib dependency Fixes do_configure error: \| Run-time dependency json-glib-1.0 found: NO (tried pkgconfig) \| \| ../gdm-46.0/meson.build:64:12: ERROR: Dependency "json-glib-1.0" not found, tried pkgconfig Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 97eaa95cf36ab224047650e5fea58cbbf5bac30d) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +05:30
Gyorgy Sarvari	ef886925f7	gdm: upgrade 46.0 -> 46.2 Changes (note that there was no 46.1 release): 46.2: - Block suspend when remote displays are active - Support S0ix suspend when deciding if nvidia should use wayland - Misc fixes - Translation updates Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +05:30
Gyorgy Sarvari	1388fe826b	gnome-calculator: upgrade 46.0 -> 46.2 Changes: 46.2: * Updated translations * Fixed currency conversions not working 46.1: * Updated translations * Disable undo action if nothing to undo * Keep last conversion options at launch * Fixed event controller propagation phase Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +05:30
Gyorgy Sarvari	4bf3abf1ec	gnuchess: upgrade 6.2.9 -> 6.2.11 Drop patch that was incorporated in this release. Also, switch to GNU ftp servers to fetch the source from. Changes: 6.2.11: No changes. 6.2.10: - Tempo bonus added in the evaluation function. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +05:30
Gyorgy Sarvari	14cd52f2e5	gtksourceview5: upgrade 5.12.0 -> 5.12.1 Changes: * Update documentation links * Specify recoloring hex colors for Adwaita-dark * Improve grid drawing positions slightly * Use a weak ref for GtkSourceView backpointer in GtkSourceGutterRenderers which fixes a potential leak of GtkSourceView * Fix a fontconfig check for Windows * Fix section name for elixir Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +05:30
Gyorgy Sarvari	a76ea8a073	gnome-desktop: upgrade 44.0 -> 44.4 Changes: Version 44.4 - Support TryExec for thumbnailers - Translation updates Version 44.3 - Fix CI regression for release upload Version 44.2 - Stop using ratio character for time in the wall-clock - Fix variable initialization - General CI cleanups - Only parse XML files as slideshows - Translation updates Version 44.1 - Fix compatibility with muslc - Fix GNOME_DESKTOP_IS_THUMBNAIL_FACTORY - Update default Indic input methods - Use ibus-chewing as the default input source for zh_TW - Translation updates Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +05:30
Gyorgy Sarvari	2073a86a79	gnome-settings-daemon: ignore CVE-2024-38394 Details: https://nvd.nist.gov/vuln/detail/CVE-2024-38394 The CVE has the disputed flag. The project maintainers claim that the issue is not in gnome-setttings-daemon. If the vulnerability needs to be handled in gnome-settings-daemon, than it is a new feature rather than a vulnerability fix. Due to this, ignore this CVE. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-09 09:35:55 +05:30
Gyorgy Sarvari	a33dae10b1	gimp: ignore CVE-2025-14423 Details: https://nvd.nist.gov/vuln/detail/CVE-2025-14423 The vulnerability is about parsing LBM files, however this feature was introduced in verison 3.0[1], and the current recipe version is not vulnerable. [1]: `222bef78c7` Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-09 09:35:54 +05:30
Gyorgy Sarvari	7a5075cef7	gnome-keyring: set CVE_PRODUCT The underscores and hyphens in the product name are used randomly in the CVE database: sqlite> select * from PRODUCTs where vendor = 'gnome' and product like '%keyr%'; CVE-2012-3466\|gnome\|gnome-keyring\|3.4.0\|=\|\| CVE-2012-3466\|gnome\|gnome-keyring\|3.4.1\|=\|\| CVE-2012-6111\|gnome\|gnome_keyring\|3.2\|=\|\| CVE-2012-6111\|gnome\|gnome_keyring\|3.4\|=\|\| CVE-2018-19358\|gnome\|gnome-keyring\|\|\|3.28.2\|<= CVE-2018-20781\|gnome\|gnome_keyring\|\|\|3.27.2\|< Set CVE_PRODUCT so that both versions are matched. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 4fdeb484c27282c85f7606bfce5e4158a860affa) Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-01-26 11:16:37 +05:30
Ankur Tyagi	7d35bbae28	gimp: patch CVE-2025-5473 Detail: https://nvd.nist.gov/vuln/detail/CVE-2025-5473 Backport commit associated with the resolution of issue[1]. [1] https://gitlab.gnome.org/GNOME/gimp/-/issues/13910 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-01-19 12:14:15 +05:30
Ankur Tyagi	f11e20ad6e	gimp: ignore CVE-2025-48796 Details: https://nvd.nist.gov/vuln/detail/CVE-2025-48796 The vulnerable function ani_load_image() was added[1] after the current version of GIMP[2], we can ignore the CVE. [1] `aa51b9e19e` [2] https://gitlab.gnome.org/GNOME/gimp/-/commits/GIMP_2_10_38/plug-ins/file-ico/ico-load.c?ref_type=tags Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-01-19 12:14:14 +05:30
Ankur Tyagi	69cb161b5d	gimp: patch CVE-2025-14425 Details: https://nvd.nist.gov/vuln/detail/CVE-2025-14425 Patch referenced by the nvd report is for the file "file-jp2.c" which was renamed from "file-jp2-load.c" by commit[1] in the later versions. [1] `19c57a9765` Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-01-19 12:14:14 +05:30
Ankur Tyagi	a7ef3041ba	gimp: patch CVE-2025-14422 Details: https://nvd.nist.gov/vuln/detail/CVE-2025-14422 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-01-19 12:14:14 +05:30
Peter Marko	7dfdfc0035	gimp: ignore CVE-2007-3741 NVD still tracks this CVE as version-less, so explicit ignore is needed. Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-01-19 12:14:13 +05:30
Ankur Tyagi	97c3c5ee0b	gimp: upgrade 2.10.36 -> 2.10.38 Feature backport for Windows otherwise it is mostly a bug-fix release https://gitlab.gnome.org/GNOME/gimp/-/blob/GIMP_2_10_38/NEWS Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-01-19 12:14:10 +05:30
Gyorgy Sarvari	3a59d89765	accountservice: ignore CVE-2023-3297 Details: https://nvd.nist.gov/vuln/detail/CVE-2023-3297 The vulnerability is triggered by a patch added by Ubuntu, and the vulnerable patch is not present in the recipe. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 071a45c9d76c9a222c8fbaa50089a8af44f44e74) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2025-12-30 07:08:03 +05:30
Yoann Congal	b79cf94b4d	grilo: fix buildpaths QA error grl-type-builtins.* are generated by glib-mkenums which leave full paths in comment and #include directives. Rewrite those before *-src packaging. Previous fix did not correct the .c file and did not work in the "devtool modify" case. Fix these errors: ERROR: grilo-0.3.16-r0 do_package_qa: QA Issue: File /usr/src/debug/grilo/0.3.16/src/grl-type-builtins.c in package grilo-src contains reference to TMPDIR [buildpaths] ERROR: grilo-0.3.16-r0 do_package_qa: QA Issue: File /usr/src/debug/grilo/0.3.16/src/grl-type-builtins.h in package grilo-src contains reference to TMPDIR [buildpaths] ERROR: grilo-0.3.16-r0 do_package_qa: Fatal QA errors were found, failing task. Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit aa88276c26b465039b45281b8c206dd5d7baa58e) Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2025-11-19 16:56:37 +05:30
Gyorgy Sarvari	8a2e72ee1a	gnome-chess: fix SRC_URI branch Master branch was renamed to main. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2025-11-12 11:32:41 +05:30
Alexandre Truong	5b3e9e377c	evince: Update status for CVE-2011-0433 and CVE-2011-5244 The current version 46.0 is not affected by the issues. Both issues have been fixed in commit [0]. The fix is in effect since early versions of evince (3.1.2). Thus, both can be safely ignored. [0]: `efadec4ffc` Signed-off-by: Alexandre Truong <alexandre.truong@smile.fr> Reviewed-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 492b1b1adc1c546efd10b659d220a810736cc04a) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>	2025-10-30 14:43:31 +08:00
Khem Raj	5f9f741193	ghex,gnome-chess,gnome-photos: Add missing dep on itstool-native Fixes build issues in these recipe in meta-gnome Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit af6858aa3729a81780f2ec113c095f7f0c87c226) Signed-off-by: Armin Kuster <akuster808@gmail.com>	2025-01-05 16:46:47 -05:00
Markus Volk	d57e0e232c	eog: add itstool-native dependency fixes: \| ../eog-47.0/help/meson.build:45:6: ERROR: Program 'itstool' not found or not executable \| \| A full log can be found at /home/flk/poky/build/tmp/work/corei7-64-poky-linux/eog/47.0/build/meson-logs/meson-log.txt \| ERROR: meson failed Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit b523303f785c459e2f9232af45504863564ad7b9) Signed-off-by: Armin Kuster <akuster808@gmail.com>	2025-01-05 16:46:29 -05:00
Markus Volk	ddc98fa0d6	geary: add itstool-native dependency fixes: \| Configuring org.gnome.Geary.service using configuration \| Program itstool found: NO \| \| ../git/help/meson.build:21:6: ERROR: Program 'itstool' not found or not executable Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 34962ffbbef0a7b8af82121655ec78a4b7c7e055) Signed-off-by: Armin Kuster <akuster808@gmail.com>	2025-01-05 16:46:16 -05:00

1 2 3 4 5 ...

2139 Commits