On Thu, Jun 25, 2020 at 8:14 PM akuster wrote:
> Please have reviews back by Saturday
>
> The following changes since commit
> 9e60d30669a2ad0598e9abf0cd15ee06b523986b:
>
> sanlock: Replace cp -a with cp -R --no-dereference (2020-03-15 13:30:34
> -0700)
>
> are available in the Git repository a
From: Armin Kuster
Source: ntp.org
MR: 104487
Type: Security Fix
Disposition: Backport from http://archive.ntp.org/ntp4/ntp-4.2/
ChangeID: 65b220646dc29168c45b051a6ea2a651b9e669d1
Description:
Bugfix only update including a security fix: CVE-2020-15025
changelog: https://www.eecis.udel.edu/~ntp
From: Haiqing Bai
Optimize _encode_invalid_chars for a denial of service (CPU consumption)
Signed-off-by: Haiqing Bai
Signed-off-by: Armin Kuster
---
.../python/python-urllib3/CVE-2020-7212.patch | 54 +++
.../python/python-urllib3_1.25.6.bb | 2 +
.../python3-urlli
From: Wenlin Kang
Fix CVE-2020-5208
Signed-off-by: Wenlin Kang
Signed-off-by: Armin Kuster
---
...-Fix-buffer-overflow-vulnerabilities.patch | 133
...uffer-overflow-in-ipmi_spd_print_fru.patch | 53 +++
...er-overflow-in-ipmi_get_session_info.patch | 53 +++
.../00
From: Wang Mingyu
Security Advisory
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19479
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19480
Signed-off-by: Wang Mingyu
Signed-off-by: Armin Kuster
---
.../opensc/opensc/CVE-2019-19479.patch| 30 +++
From: Haiqing Bai
Backport the CVE patch from the upstream to fix the heap-based buffer
over-read in tiffWriter.
Signed-off-by: Haiqing Bai
Signed-off-by: Armin Kuster
---
.../recipes-support/gd/gd/CVE-2017-6363.patch | 35 +++
meta-oe/recipes-support/gd/gd_2.2.5.bb|
Please have reviews back by Saturday
The following changes since commit 9e60d30669a2ad0598e9abf0cd15ee06b523986b:
sanlock: Replace cp -a with cp -R --no-dereference (2020-03-15 13:30:34 -0700)
are available in the Git repository at:
git://git.openembedded.org/meta-openembedded-contrib stabl
From: Wang Mingyu
Security Advisory
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17498
Signed-off-by: Wang Mingyu
Signed-off-by: Armin Kuster
---
.../libssh2/libssh2/CVE-2019-17498.patch | 131 ++
.../recipes-support/libssh2/libssh2_1.8.2.bb | 1
It appears Xiph.Org is now on gitlab
https://gitlab.xiph.org/xiph
Signed-off-by: Armin Kuster
Signed-off-by: Khem Raj
(cherry picked from commit cc6e59fdff71e47ef5b9b40aab3bcd9438960ea4)
Signed-off-by: Rahul Kumar
Signed-off-by: Armin Kuster
---
meta-multimedia/recipes-multimedia/tremor/tremo
On Thu, Jun 25, 2020 at 6:01 PM Khem Raj wrote:
>
>
>
> On 6/24/20 11:49 PM, Andreas Müller wrote:
> > packagegroup-core-x11 drags stuff not everybody needs e.g xserver-nodm-init
> > and
> > that's not what everybody wants. packagegroup-core-x11 is something to add
> > into
> > images.
> >
> > T
On 6/24/20 11:49 PM, Andreas Müller wrote:
> packagegroup-core-x11 drags stuff not everybody needs e.g xserver-nodm-init
> and
> that's not what everybody wants. packagegroup-core-x11 is something to add
> into
> images.
>
> This reverts commit 394567c0078c627642e7b80b722f147da5a6f376:
>
>
On 6/23/20 5:51 AM, Leon Anavi wrote:
Upgrade to release 1.4.4:
- Upgrade xxHash to v0.7.3
- Stop using PEP393 deprecated APIs
- Use XXH(32|64)_canonicalFromHash to replace u2bytes and
ull2bytes
Signed-off-by: Leon Anavi
Acked-by: Trevor Gamblin
---
.../{python3-xxhash_1.4.3.bb => pyt
On 6/23/20 5:51 AM, Leon Anavi wrote:
Upgrade to release 3.5:
- Fixed memory leaks
Signed-off-by: Leon Anavi
Acked-by: Trevor Gamblin
---
.../python/{python3-spidev_3.4.bb => python3-spidev_3.5.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta-python/recipes-
On 6/23/20 5:51 AM, Leon Anavi wrote:
Upgrade to release 2.10.2:
- :gh:`268`: Increase coverage
- :gh:`260` (:pr:`261`): Fixed __getitem__ returning None on
wrong parts :pr:`263`: Doc: Add missing "install" subcommand
for openSUSE
Signed-off-by: Leon Anavi
Acked-by: Trevor Gamblin
--
On 6/23/20 5:51 AM, Leon Anavi wrote:
Upgrade to release 0.13:
- Reinstated support for pickle protocol 0 and 1, which is
required by pytables
- Fixed bug with multiplication of Quantity by dict
- Bare zeros and NaNs (not wrapped by Quantity) are now gracefully
accepted by all numpy opera
On 6/23/20 5:51 AM, Leon Anavi wrote:
Upgrade to release 8.4.0:
- New itertools:
:func:`mark_ends`
:func:`is_sorted`
- Changes to existing itertools:
:func:`islice_extended` can now be used with real slices
The implementations for :func:`filter_except` and
:func:`map_except` were
On 6/23/20 5:51 AM, Leon Anavi wrote:
Upgrade to release 1.4.1:
- Fix coverage compatibility which was broken by 1.4.0.
- Better detection of when we are debugging.
Signed-off-by: Leon Anavi
Acked-by: Trevor Gamblin
---
...ytest-timeout_1.3.4.bb => python3-pytest-timeout_1.4.1.bb} | 4 ++
On 6/23/20 5:51 AM, Leon Anavi wrote:
Add toml-native as dependency. Upgrade to release 5.0.0:
- Require Python 3.6 or later. For Python 2.6-3.5, use
configparser < 5 (selection should be automatic when installed
using pip 9 from PyPI). The 4.x line remains supported for bug
fixes but
On 6/23/20 5:51 AM, Leon Anavi wrote:
Upgrade to release 4.1.2:
- disallow git tags without dots by default again
- drop jaraco.windows from pyproject.toml, allows for wheel builds
on python2
- include python 3.9 via the deadsnakes action
- return release_branch_semver scheme
- undo the deve
On 6/23/20 5:51 AM, Leon Anavi wrote:
Upgrade to release 1.3.17:
- orm Bug fixes
- orm Added an accessor ColumnProperty.Comparator.expressions
which provides access to the group of columns mapped under a
multi-column ColumnProperty attribute.
- orm Introduce _orm.relationship.sync_backref
On 6/23/20 5:51 AM, Leon Anavi wrote:
Upgrade to release 1.13.1:
- regression fix if _fg=False
- minor Travis CI fixes
- bugfix for boolean long options not respecting _long_prefix
- fix deprecation warning on Python 3.6 regexes
- _pass_fds and _close_fds special kwargs for controlling file
On 6/23/20 5:51 AM, Leon Anavi wrote:
Upgrade to release 2020.6.20:
- Add python3.8 tag on setup.py
- Add a "contents" function that returns the content of the
cert chain.
- Fix docs URL
- Use resources loader to handle non-filesystem situations
- Fix where() so that it works with importlib.
On 6/24/20 5:21 AM, Wang Mingyu wrote:
Signed-off-by: Wang Mingyu
Acked-by: Trevor Gamblin
---
.../python/{python3-py_1.8.1.bb => python3-py_1.8.2.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta-python/recipes-devtools/python/{python3-py_1.8.1.bb =>
python
On 6/24/20 11:16 AM, Leon Anavi wrote:
Consolidate inc and bb files into a single bb file. Add
a HOMEPAGE.
Signed-off-by: Leon Anavi
Acked-by: Trevor Gamblin
---
.../recipes-devtools/python/python-networkx.inc | 8
.../recipes-devtools/python/python3-networkx_2.4.bb | 1
On 6/24/20 11:16 AM, Leon Anavi wrote:
Consolidate inc and bb files into a single bb file.
Signed-off-by: Leon Anavi
Acked-by: Trevor Gamblin
---
.../recipes-devtools/python/python-netifaces.inc | 10 --
.../python/python3-netifaces_0.10.9.bb | 12 ++--
On 6/24/20 11:16 AM, Leon Anavi wrote:
Consolidate inc and bb files into a single bb file.
Signed-off-by: Leon Anavi
Acked-by: Trevor Gamblin
---
.../recipes-devtools/python/python-netaddr.inc| 13 -
.../python/python3-netaddr_0.7.19.bb | 15 +--
On 6/24/20 11:16 AM, Leon Anavi wrote:
Upgrade to release 0.7.20:
- Fixed returning from an iterator on Python 3.7+, by Sergey
Kozlov.
- Fixed Python 3.8 SyntaxWarning on using `is not` with a string
literal, by Stefan Nordhausen.
- Fixed DeprecationWarnings by using raw strings for escap
On 6/24/20 11:16 AM, Leon Anavi wrote:
Consolidate inc and bb files into a single bb file.
Fix the HOMEPAGE to point to the GitHub repository.
Signed-off-by: Leon Anavi
Acked-by: Trevor Gamblin
---
.../python/python-ndg-httpsclient.inc | 25 -
.../python/python3-n
On 6/24/20 11:16 AM, Leon Anavi wrote:
Consolidate inc and bb files into a single bb file.
Signed-off-by: Leon Anavi
Acked-by: Trevor Gamblin
---
.../python/python-lazy-object-proxy.inc| 12
.../python/python3-lazy-object-proxy_1.4.3.bb | 14 --
On 6/24/20 11:16 AM, Leon Anavi wrote:
Upgrade to release 1.5.0:
- Added support for __fspath__.
- Dropped support for Python 3.4.
Signed-off-by: Leon Anavi
Acked-by: Trevor Gamblin
---
...ject-proxy_1.4.3.bb => python3-lazy-object-proxy_1.5.0.bb} | 4 ++--
1 file changed, 2 insertions(
On 6/24/20 11:16 AM, Leon Anavi wrote:
Consolidate inc and bb files into a single bb file.
Signed-off-by: Leon Anavi
Acked-by: Trevor Gamblin
---
.../python/python-license-expression.inc | 29 -
.../python/python3-license-expression_1.0.bb | 31 +--
On 6/24/20 11:16 AM, Leon Anavi wrote:
Upgrade to release 0.2.5:
- Do not depend on pkg_resources module for list_versions()
function.
Signed-off-by: Leon Anavi
Acked-by: Trevor Gamblin
---
.../{python3-wcwidth_0.2.4.bb => python3-wcwidth_0.2.5.bb}| 4 ++--
1 file changed, 2 inse
On 6/24/20 11:16 AM, Leon Anavi wrote:
Upgrade to release 1.2:
- Add ability to render WITH expression wrapped in parenthesis
- Fix anomalous backslashes in strings
- Update the thirdparty directory structure
Signed-off-by: Leon Anavi
Acked-by: Trevor Gamblin
---
...se-expression_1.0.bb
On 6/24/20 2:45 PM, Sakib Sajal wrote:
Signed-off-by: Sakib Sajal
Acked-by: Trevor Gamblin
---
.../python/python3-requests-toolbelt_0.9.1.bb| 16
1 file changed, 16 insertions(+)
create mode 100644
meta-python/recipes-devtools/python/python3-requests-toolbelt_0.9.1
Upgrade to release 20.0.0:
- Mirrors keytool support for keystores with empty passphrases
- Add Python 3.7 and 3.8 to support matrix
- Docs and examples fixes
Signed-off-by: Leon Anavi
---
.../{python3-pyjks_19.0.0.bb => python3-pyjks_20.0.0.bb} | 4 ++--
1 file changed, 2 insertions(+), 2
Upgrade to release 1.0.20:
- Support expectations on types that return different types than
bool on comparison.
- Better documentation intro using the feedback I got for my talk
at berlin.python.pizza
- Fix upload command and add some todos
LIC_FILES_CHKSUM changed due to the recent modificat
Upgrade to release 5.1:
- The JSON report now includes counts of covered and missing
branches.
- On Python 3.8, try-finally-return reported wrong branch coverage
with decorated async functions (issue 964). This is now fixed.
- The :meth:`~coverage.Coverage.get_option` and
:meth:`~coverage.Co
Upgrade to release 3.2.0:
- Improve display of HTTP errors during upload
- Use red text when printing errors on the command line
- Print packages and signatures to be uploaded when using
--verbose option
- Update URL to .pypirc specification
- Require repository URL scheme to be http or https
-
Upgrade to release 3.2.2:
- Unit converters recognize subclasses
- imsave accepts metadata and PIL options
- cbook.normalize_kwargs
- FontProperties accepts os.PathLike
- Gouraud-shading alpha channel in PDF backend
- Kerning adjustments now use correct values
- bar3d lightsource shading
- Shiftin
Upgrade to release 4.6.0:
- Improved handling of rejected connections
- Fix multi-namespace disconnect logic
- AsyncPubSubManager does not await for can_disconnect()
- Require a recipient in call() function in the server
- ASGI startup and shutdown lifespan handlers
- Remove references to Python 2
Upgrade to release 1.0.5:
- Fix regression in read_parquet() when reading from file-like
objects.
- Fix regression in reading from public S3 buckets.
- Fixed regression in replace() raising an AssertionError when
replacing values in an extension dtype with values of a
different dtype
Signed
Upgrade to release 2.4.2:
- `FunctionDef.is_generator` properly handles `yield` nodes in
`While` tests
- Properly construct the arguments of infered property descriptors
- Handle the case where the raw builder fails to retrieve the
``__all__`` attribute
- Restructure the AST parsing heuristic
Upgrade to release 0.16.10:
- updated image references in README to sourceforge
- update requirements so that ruamel.yaml.clib is installed for
3.8, as it has become available
- fix typchecking issue on TaggedScalar
- fix error in dumping literal scalar in sequence with comments
before element
Upgrade to release 14.0:
- Integrate native Windows 10 support for ANSI escape sequences
- Native support for ANSI escape sequences was added to Windows
10 after its initial release
- Merged pull request #80 that drops support for Python 3.4
which has gone end-of-life and now represents less t
Upgrade to release 1.26:
- Optimize exception message
- Optimize error handling
- Fixed some typos and wording
Signed-off-by: Leon Anavi
---
.../{python3-jsonpatch_1.25.bb => python3-jsonpatch_1.26.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta-python/recipes-devtoo
Consolidate inc and bb files into a single bb file.
Signed-off-by: Leon Anavi
---
.../recipes-connectivity/python-pytun/python3-pytun_2.3.0.bb| 2 --
.../python-pytun.inc => python3-pytun/python3-pytun_2.3.0.bb} | 2 +-
2 files changed, 1 insertion(+), 3 deletions(-)
delete mode 100644
m
46 matches
Mail list logo