When ndiff was disabled by default in 51e070301e ("nmap: disable
ndiff"), the python3 RDEPENDS were left unconditional on the main
package. This causes python3-difflib, python3-asyncio and python3-xml
to be pulled into every image that includes nmap, even though ndiff is
not built and the core nmap binary (C++) does not need Python.
Gate the RDEPENDS behind the ndiff PACKAGECONFIG so that Python is only
required when ndiff is actually enabled.
Signed-off-by: Paolo Barbolini <paolo.barbolini@m4ss.net>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
License-Update: Re-scope secondary licenses [1]
Release information [2]:
This is release 1.80.0 (glimmering) of gRPC Core.
Core
* [ssl] Implement TLS private key signer in Python. (#41701)
* [TLS Credentials]: Private Key Offload Implementation. (#41606)
* Fix max sockaddr struct size on OpenBSD. (#40454)
* [core] Enable EventEngine for Python by default, and EventEngine fork support in Python and Ruby. (#41432)
* [TLS Credentials]: Create InMemoryCertificateProvider to update certificates independently. (#41484)
* [Ruby] Build/test ruby 4.0 and build native gems with Ruby 4.0 support. (#41324)
* [EventEngine] Remove an incorrect std::move in DNSServiceResolver constructor. (#41502)
* [RR and WRR] enable change to connect from a random index. (#41472)
* [xds] Implement gRFC A101. (#41051)
C++
* [C++] Add SNI override option to C++ channel credentials options API. (#41460)
[1] fb53717dfa
[2] https://github.com/grpc/grpc/releases/tag/v1.80.0
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changes in 50.0
=================
- Make the Clipboard portal return errors instead of succeeding
- Fix a bug in the Print portal where it was accidentally closing fd 0
- Translation updates
Changes in 50.rc
=================
- Translation updates
Changes in 50.beta
=================
- Update libgxdp
- Remove ellipse from the app chooser list header
- Fix a memory leak in the Print portal implementation
- Fix icon size in the Dynamic Launcher portal
- Various fixes in the Remote Desktop portal
- Fix monitor identification in VMs
- Fix an issue with mismatching GVariant type unwrapping
- Translation updates
Changes in 50.alpha
=================
- Fix a potential source of crashes in the ScreenCast portal code
- Properly send the Global Shortcut activation token to the portal frontend
- Update libgxdp to override GTK settings
- Use a GNOME OS based CI template
- Translation updates
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Version 50.0
~~~~~~~~~~~~
Released: 2026-03-13
This is a stable release with updated translations:
* Danish (Alan Mortensen)
* English (United Kingdom) (Bruce Cowan)
* Japanese (小山田 純 - Oyamada Jun)
* Occitan (post 1500) (Quentin PAGÈS)
* Polish (Victoria)
* Portuguese (Hugo Carvalho)
Version 50~rc
~~~~~~~~~~~~~
Released: 2026-02-27
This is an unstable release with the following changes:
* Remember window size between app restarts
* Updates page could be sometimes hidden after resume from suspend
* Allow remove also Flatpak remotes from system installation
* Correct check for add-ons when app's ID changed
* Improve socket permissions checks for Flatpak apps
This release also updates translations:
* Basque (Asier Saratsua Garmendia)
* Catalan (Jordi Mas, Victor Dargallo)
* Chinese (China) (luming zh)
* Czech (Daniel Rusek)
* Finnish (Jiri Grönroos)
* French (Lucien Ouoba, Guillaume Bernard)
* Galician (Fran Diéguez)
* German (Christian Kirbach)
* Greek, Modern (1453-) (Efstathios Iosifidis)
* Hungarian (Balázs Úr)
* Interlingua (International Auxiliary Language Association) (Emilio Sepúlveda)
* Italian (Davide Ferracin)
* Japanese (Makoto Sakaguchi)
* Kazakh (Baurzhan Muftakhidinov)
* Korean (Seong-ho Cho)
* Spanish (Daniel Mustieles)
* Swedish (Anders Jonsson)
* Turkish (Sabri Ünal)
Version 50~beta
~~~~~~~~~~~~~~~
Released: 2026-01-30
This is an unstable release with the following changes:
* Show install and uninstall progress of an add-on
* Use lower thread priority when running in background
* Fix possible crash on session permission change
* Fix possible crash after XbSilo rebuild
This release also updates translations:
* Bulgarian (twlvnn kraftwerk)
* Georgian (Ekaterine Papava)
* Hebrew (Yaron Shahrabani)
* Indonesian (Andika Triwidada)
* Kazakh (Baurzhan Muftakhidinov)
* Lithuanian (Aurimas Aurimas Černius)
* Portuguese (Brazil) (Juliano de Souza Camargo)
* Romanian (Antonio Marin)
* Russian (Artur S0)
* Slovenian (Martin)
* Uighur (Abduqadir Abliz)
* Ukrainian (Yuri Chornoivan)
Version 50~alpha
~~~~~~~~~~~~~~~~
Released: 2026-01-15
This is an unstable release with the following changes:
* Improve display of long repository names
* Clarify warning about removing data when uninstalling an app
* Fix minor UI issues when scrolling using gestures on a touchpad
* Don’t show firmware warning on Installed Updates page
* Several fixes to update history on rpm-ostree systems
* Improve notifying the user about newly installed trivial flatpak app updates
* Improve display of keyboard shortcuts
* Split rpm-ostree changelogs by app
* Display error toasts in the repositories dialog when something goes wrong
This release also updates translations:
* Catalan (Victor Dargallo)
* Indonesian (Andika Triwidada)
* Japanese (Makoto Sakaguchi)
* Kazakh (Baurzhan Muftakhidinov)
* Portuguese (Hugo Carvalho)
* Portuguese (Brazil) (Juliano de Souza Camargo)
* Russian (Artur S0)
* Slovenian (Martin)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* libsoup-2.4 is deprecated, and some recipes already stop support of
soup2, soup2 and soup3 cannot be used together
* ostree upstream already stop test of soup2, refer [1]
* Remove unnecessary comments, PACKAGECONFIG for ptest already set in bb
[1] https://github.com/ostreedev/ostree/pull/3531
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
libsoup-2.4 is deprecated, and other recipes already stop support of
soup2, soup2 and soup3 cannot be used together, and the latest version
of yelp also drop option webkit2gtk-4-0
[1] 1b0ccdae25
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
User space-side features
* bpf_map__set_exclusive_program() and bpf_map__exclusive_program() APIs for exclusive map creation;
* bpf_program__assoc_struct_ops() and bpf_prog_assoc_struct_ops() APIs to associate a non-struct_ops BPF program with a struct_ops map;
* btf__permute() API to rearrange BTF types in-place according to a provided mapping;
* BTF type lookup optimization: binary search for btf__find_by_name() and btf__find_by_name_kind();
* btf__add_btf() now accepts split BTF sources;
* fsession support (SEC("fsession+") / SEC("fsession.s+"));
* BPF_F_CPU and BPF_F_ALL_CPUS flags support for per-CPU map operations;
* arena globals are moved to the end of the arena mmap region if kernel supports it;
* support for LLVM-generated indirect jump tables (BPF ISA v4) via .jumptables ELF section and BPF_MAP_TYPE_INSN_ARRAY maps;
* avoid expensive kallsyms parsing when kprobe.session target is an exact function match;
* new dont_enable option in struct bpf_perf_event_opts to suppress perf event auto-enablement;
BPF-side features
* USDT SIB (Scale-Index-Base) addressing support;
* dynptr helper signatures (bpf_dynptr_from_mem, bpf_dynptr_read, bpf_dynptr_write, bpf_dynptr_data) widened from 32-bit to 64-bit size/offset parameters;
Bug fixes
* As usual, a number of bug fixes included, see full commit log for details.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changes:
*) Security: a buffer overflow might occur while handling a COPY or MOVE
request in a location with "alias", allowing an attacker to modify
the source or destination path outside of the document root
(CVE-2026-27654).
*) Security: processing of a specially crafted mp4 file by the
ngx_http_mp4_module on 32-bit platforms might cause a worker process
crash, or might have potential other impact (CVE-2026-27784).
*) Security: processing of a specially crafted mp4 file by the
ngx_http_mp4_module might cause a worker process crash, or might have
potential other impact (CVE-2026-32647).
*) Security: a segmentation fault might occur in a worker process if the
CRAM-MD5 or APOP authentication methods were used and authentication
retry was enabled (CVE-2026-27651).
*) Security: an attacker might use PTR DNS records to inject data in
auth_http requests, as well as in the XCLIENT command in the backend
SMTP connection (CVE-2026-28753).
*) Security: SSL handshake might succeed despite OCSP rejecting a client
certificate in the stream module (CVE-2026-28755).
*) Feature: the "multipath" parameter of the "listen" directive.
*) Feature: the "local" parameter of the "keepalive" directive in the
"upstream" block.
*) Change: now the "keepalive" directive in the "upstream" block is
enabled by default.
*) Change: now ngx_http_proxy_module supports keepalive by default; the
default value for "proxy_http_version" is "1.1"; the "Connection"
proxy header is not sent by default anymore.
*) Bugfix: an invalid HTTP/2 request might be sent after switching to
the next upstream if buffered body was used in the
ngx_http_grpc_module.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changes:
*) Security: a buffer overflow might occur while handling a COPY or MOVE
request in a location with "alias", allowing an attacker to modify
the source or destination path outside of the document root
(CVE-2026-27654).
*) Security: processing of a specially crafted mp4 file by the
ngx_http_mp4_module on 32-bit platforms might cause a worker process
crash, or might have potential other impact (CVE-2026-27784).
*) Security: processing of a specially crafted mp4 file by the
ngx_http_mp4_module might cause a worker process crash, or might have
potential other impact (CVE-2026-32647).
*) Security: a segmentation fault might occur in a worker process if the
CRAM-MD5 or APOP authentication methods were used and authentication
retry was enabled (CVE-2026-27651).
*) Security: an attacker might use PTR DNS records to inject data in
auth_http requests, as well as in the XCLIENT command in the backend
SMTP connection (CVE-2026-28753).
*) Security: SSL handshake might succeed despite OCSP rejecting a client
certificate in the stream module (CVE-2026-28755).
*) Change: now nginx limits the size and rate of QUIC stateless reset
packets.
*) Bugfix: receiving a QUIC packet by a wrong worker process could cause
the connection to terminate.
*) Bugfix: in the ngx_http_mp4_module.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Add a backport patch to fix an issue with glibc >= 2.43
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Enhancements:
* Improve check for --filesystem paths pointing to a parent folder (#6473)
* Fail if non-interactive and multiple refs, remotes or installations match
(#5754)
* Default to text auth on WSL (#6491)
* Add build instructions for Ubuntu 24.04 (#6498)
* Show a better message when there are no refs to update (#6521)
* Silence AppStream refresh output on non-interactive runs (#6521)
* Translation updates: pt_BR (#6483), sl (#6468, #6475), sv (#6514), tr (#6528),
zh_CN (#6469, #6477)
Bug fixes:
* Map the font-dirs.xml file more selectively (#6450)
* Change const pointers. This fixes build issues with glibc 2.43. (#6490)
* Add custom type flatpak_home_t for ~/.local/share/flatpak for SELinux (#6437)
* Fix build warnings when compiling with -Wanalyzer-null-argument and with
-Wanalyzer-null-dereference (#6527)
* Use raw string for regular expression in the flatpak-bisect script (#6519)
Internal changes:
* Set the `FLATPAK_TRIGGERSDIR` environment variable when running
installed tests. This fixes a regression with autopkg tests in
Debian. (#6444)
* Add translator comments for some translatable strings (#6462)
* Fix typos in translatable strings (#6463)
* Fix lots of typos in code comments (#6482)
* Remove an unused function (#6529)
* Update two strings (#6464)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
It was only required for gimp, which now uses mypaint-brushes v2
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
This prevents the wrong mypaint-brushes package from being installed
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
==========
- Enable ascii plugin to be built using autotools.
- Processing 'concentrate=true' graphs no longer crashes Graphviz. Processing of
'concentrate=true' graphs still often errors out.
License_Update: Change Eclipse Public License from version 1.0 to 2.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Fix do_install failure:
sed: can't read ../dlt-daemon/3.0.0/image/usr/lib/pkgconfig/automotive-dlt.pc: No such file or directory
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The openvpn 2.7.0 upgrade refactored
tests/unit_tests/openvpn/Makefile.am, changing how test_binaries is
defined. This caused autoreconf to generate Makefiles where
buildtest-TESTS and runtest-TESTS no longer have rule bodies, breaking
the existing ptest recipe which relied on these targets for compilation
and execution. The fix replaces these internal automake targets with
stable interfaces: check-am for compilation and direct binary execution
on target.
Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
These tests are disabled in recipe, re-add them here once that is fixed
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Cc: Ross Burton <ross.burton@arm.com>
This dependency was replaced with the standard compression.zstd module
in 1.1.0[1].
[1] ccf0def15e
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
- rework reproducibility patch
- disable functional_tests to avoid python3-dbusmock-native dependency
- add PACKAGECONFIG for libzip and enable by default
NEW in 3.11.0 - 2026-03-15
==========================
* Memory leak fixes
* Stability fixes
* Fixes to tv series/season extraction from video files
Translations: ca, da, en_GB, pl
Notable changes since 3.10.0:
* Default configuration change, the user home directory will now be indexed
recursively as a whole, instead of XDG folders
* Major change in handling of removable devices. When enabled, removable
devices will get a `.localsearch3` folder with a self-contained database
for the removable device indexed data, instead of being included in the
main database in the user home folder. The setting default remains off.
* The set of dependencies was modernized and sanitized. GExiv2 is now used
for more metadata, libzip is now used for bundled files.
NEW in 3.11.rc - 2026-03-03
===========================
* Reliability improvements to the test suite
Translations: es, hu, ko, ne, oc, pt
NEW in 3.11.beta - 2026-02-18
=============================
* Fixes for possible buffer overflows and NULL pointer dereferences
in MP3 extractor
* Fix seccomp jail in database helper process for removable devices
* Replace libgsf with libzip for ZIP content handling
* Improve reliability of the test suite in slow scenarios (e.g. CI)
Translations: bg, ca, cs, el, eu, fa, fr, gl, he, ka, kk, lt, pt_BR, ro, ru,
sl, sv, tr, ug, uk, zh_CN
NEW in 3.11.alpha - 2026-01-05
==============================
* Default configuration change, the user home directory will now be indexed
recursively as a whole, instead of XDG folders
* Major change in handling of removable devices. When enabled, removable
devices will get a `.localsearch3` folder with a self-contained database
for the removable device indexed data, instead of being included in the
main database in the user home folder. The setting default remains off.
* Improved handling of indexed folder changes found on restart
* Improved handling of indexing cancellation in deleted folders
* Improved handling of BTRFS filesystems
* Dropped libexif dependency, EXIF data is now extracted through gexiv2
* Dropped libpiptcdata dependency, IPTC data is now extracted through
gexiv2
* Consistency improvements to extracted metadata
* Fixes to SHSTK handling in the sandboxed process
* Further extended test coverage
Translations: ca, el, fur, id, oc, sr, sr@latin
NEW in 3.10.1 - 2025-10-13
==========================
* Improvements to the handling of corrupted databases
* Avoid session startup issues if database initialization takes long
* Handle compressed Abiword documents
* Memory usage improvements indexing WEBP files
* Support gexiv2 >= 0.16
* Unify metadata extraction deadline mechanisms
* Test suite improvements
Translations: bg, ca, es, kab, pt, ro, tr, ug
NEW in 3.10.0 - 2025-09-14
==========================
* Fixes to handling of configuration changes
* Improvements to the test suite
Translations: da, en_GB, eo, es, eu, fa, he, hu, ka, ko, lt, nl, pt_BR, ru, sv, tr, uk, zh_CN
Notable changes since 3.9.0:
* A number of behavioral settings has been deprecated
* Webp file format now has a metadata extractor
NEW in 3.10.rc - 2025-09-01
===========================
* Webp file format now has a metadata extractor
* Indexer refactors and cleanups
Translations: ca, cs, gl, pl, sl
NEW in 3.10.beta - 2025-08-03
=============================
* Fix service files with -Ddomain-ontology option
* Fixes for Alpine and similar distributions without merged /usr
NEW in 3.10.alpha - 2025-07-01
==============================
* Systemd integration improvements
* A number of behavioral settings has been deprecated
* Fixes handling /var/home directories
* Many improvements to the command line tool
* The tracker:available property is again set on all graphs, for
indexed folders
* Fixes handling XML documents
* Fixes for possible crashes handling large PDF files
* Fixes for coverity warnings
* Code cleanups and refactors
Translations: be, ca, uz
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
$ echo 'MACHINE = "qemuarm"' >> conf/local.conf
$ bitbake webkitgtk3
...
| {standard input}:43622: Error: symbol `op_instanceof_return_location' is already defined
| {standard input}:43623: Error: symbol `.Lop_instanceof_return_location' is already defined
| {standard input}:44352: Error: symbol `op_instanceof_return_location_wide16' is already defined
| {standard input}:44353: Error: symbol `.Lop_instanceof_return_location_wide16' is already defined
| {standard input}:45090: Error: symbol `op_instanceof_return_location_wide32' is already defined
| {standard input}:45091: Error: symbol `.Lop_instanceof_return_location_wide32' is already defined
...
Drop 0001-Fix-32bit-arm.patch which conflicts with upstream solution [1]
[1] fcaa289f60
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
===========
- Added dns cache
- Fix crash on double scrape request
- Use callback in DnsBuffer result and catch EINTR in Listen
- Fixed various SCGI issues
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
===========
- Use bytearray for request body accumulation to avoid O(n^2) allocation on fragmented bodies
- Escape brackets and backslash in httptools HEADER_RE regex
- Fix multiple issues in websockets sans-io implementation
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
==============
- 'GenericPlainRegistry.parse_expression' now correctly returns a dimensionless
Quantity when taking a float, int, or NaN
- Replace MIP with scipy in 'Quantity.to_preferred'
- New unit formatting modifier added ('^') to format unit with negative
exponents
- Add atomic unit of electric field gradient
('atomic_unit_of_electric_field_gradient', 'a_u_efg')
- Defer expensive loading of dask.array
- Add support for numpy's 'vdot', 'inner', 'outer', 'linalg.outer', 'matvec',
'vecmat', 'tensordot', and 'linalg.tensordot'
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
