- Apr 05, 2021
-
-
Peter Korsgaard authored
Signed-off-by:
Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit f748088fa65b6862f943ed28e669db4b0f52c679) [Peter: drop Makefile/Vagrantfile changes] Signed-off-by:
-
Fabrice Fontaine authored
https://github.com/libexpat/libexpat/blob/R_2_3_0/expat/Changes Signed-off-by:
Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by:
Yann E. MORIN <yann.morin.1998@free.fr>
-
Fabrice Fontaine authored
cpe:2.3:a:web2py:web2py is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aweb2py%3Aweb2py Signed-off-by:
-
Fabrice Fontaine authored
cpe:2.3:a:sqlalchemy:sqlalchemy is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Asqlalchemy%3Asqlalchemy Signed-off-by:
-
Fabrice Fontaine authored
cpe:2.3:a:validators_project:validators is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Avalidators_project%3Avalidators Signed-off-by:
-
Fabrice Fontaine authored
cpe:2.3:a:m2crypto_project:m2crypto is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Am2crypto_project%3Am2crypto Signed-off-by:
-
Peter Korsgaard authored
Fixes the following security issues: - CVE-2021-20270: An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword - CVE-2021-27291: In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service Python 2.x support was dropped in pygments 2.6, so adjust (reverse) dependencies: Version 2.6 ----------- (released March 8, 2020) - Running Pygments on Python 2.x is no longer supported. (The Python 2 lexer still exists.) Adjust the license hash for a change of copyright years: https://github.com/pygments/pygments/commit/a590ac5ea7c00a41e253834306bfa19e38349c0b Signed-off-by:
Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-
Fabrice Fontaine authored
Update indentation in hash file (two spaces) https://github.com/libvips/libvips/blob/v8.10.6/ChangeLog Signed-off-by:
-
Bernd Kuhls authored
Release notes: http://www.bluez.org/release-of-bluez-5-58-and-5-57/ Signed-off-by:
Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by:
-
Bernd Kuhls authored
Changelog: https://git.kernel.org/pub/scm/libs/ell/ell.git/tree/ChangeLog Needed for bluez5_utils bump to 5.58: http://www.bluez.org/release-of-bluez-5-58-and-5-57/ Signed-off-by:
-
Bernd Kuhls authored
Needed due to upstream commit: https://gitlab.com/samba-team/samba/-/commit/607c9ab307db36aee0604d209a13b45d28c63d9b Fixes: http://autobuild.buildroot.net/results/b3f/b3fe797408b9041de37433602b3a47211818e44b/ Signed-off-by:
-
Fabrice Fontaine authored
cpe:2.3:a:python:enum34 is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apython%3Aenum34 Signed-off-by:
-
Fabrice Fontaine authored
cpe:2.3:a:python-ecdsa_project:python-ecdsa is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apython-ecdsa_project%3Apython-ecdsa Signed-off-by:
-
Fabrice Fontaine authored
cpe:2.3:a:pyjwt_project:pyjwt is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apyjwt_project%3Apyjwt Signed-off-by:
-
Fabrice Fontaine authored
cpe:2.3:a:pyopenssl:pyopenssl is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apyopenssl%3Apyopenssl Signed-off-by:
-
Fabrice Fontaine authored
cpe:2.3:a:cryptography_project:cryptography is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Acryptography_project%3Acryptography Signed-off-by:
-
Fabrice Fontaine authored
python-pyasn1 is truly optional since version 2.5.0 and https://github.com/paramiko/paramiko/commit/a31818c28556055341ae3d249e3893d40eb2b232 Signed-off-by:
-
Fabrice Fontaine authored
cpe:2.3:a:paramiko:paramiko is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aparamiko%3Aparamiko Signed-off-by:
-
Fabrice Fontaine authored
cpe:2.3:a:palletsprojects:flask is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apalletsprojects%3Aflask Signed-off-by:
-
Fabrice Fontaine authored
cpe:2.3:a:parso_project:parso is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aparso_project%3Aparso Signed-off-by:
-
Fabrice Fontaine authored
cpe:2.3:a:pygments:pygments is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apygments%3Apygments Signed-off-by:
-
Chris Packham authored
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-3.31.2 Signed-off-by:
Chris Packham <judge.packham@gmail.com> Signed-off-by:
-
- Apr 04, 2021
-
-
Fabrice Fontaine authored
cpe:2.3:a:libvips_project:libvips is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibvips_project%3Alibvips Signed-off-by:
-
Heiko Thiery authored
Signed-off-by:
Heiko Thiery <heiko.thiery@gmail.com> Signed-off-by:
-
Heiko Thiery authored
Signed-off-by:
-
Fabrice Fontaine authored
--disable-vt has been dropped since version 2.0.0 and https://github.com/open-mpi/ompi/commit/94190bf04b0877e878223a04c236443774e57ef2 Signed-off-by:
-
Francois Perrad authored
diff LICENSE: -Copyright (c) 2004-2020 Kepler Project. +Copyright (c) 2004-2021 Kepler Project. Signed-off-by:
Francois Perrad <francois.perrad@gadz.org> Signed-off-by:
-
Fabrice Fontaine authored
- Static libs are supported since version 8.0.2 and https://github.com/qhull/qhull/commit/613debeaea72ee66626dace9ba1a2eff11b5d37d - Update hash of COPYING, update year and authors with https://github.com/qhull/qhull/commit/4733a95be0298919a646a1d6044c1bee7a552880 - Update indentation in hash file (two spaces) https://github.com/qhull/qhull/releases/tag/v8.0.2 Signed-off-by:
-
Fabrice Fontaine authored
Signed-off-by:
-
Fabrice Fontaine authored
Signed-off-by:
-
Fabrice Fontaine authored
Signed-off-by:
-
Fabrice Fontaine authored
Signed-off-by:
-
Fabrice Fontaine authored
Signed-off-by:
-
Fabrice Fontaine authored
librsvg is an optional dependency which is enabled by default since version 8.3.0 and https://github.com/libvips/libvips/commit/153886d2eb71eebcdca860cb691d8fbb976ad816 Signed-off-by:
-
Fabrice Fontaine authored
zlib is an optional dependency which is enabled by default since version 8.4.2 and https://github.com/libvips/libvips/commit/5ab0001ec68a5f61396aecd8d2d7a619b1dbe1fa Signed-off-by:
-
Chris Packham authored
As suggested on https://github.com/micropython/micropython/issues/6551 define MICROPY_NLR_SETJMP to avoid the xtensa specific implementation of nlr_push. Fixes: - http://autobuild.buildroot.net/results/5fc8669b5c768ccfc02bd20d1159bce7fe43683e Signed-off-by:
-
Grzegorz Blach authored
Depends on BR2_PACKAGE_PYTHON3 Signed-off-by:
Grzegorz Blach <grzegorz@blach.pl> Signed-off-by:
-
Bernd Kuhls authored
Some IPTV streams will need ffmpef, the command line tool), while some won't, so we just suggest that to the user in the help text. There were two alternatives, but neither were very convincing: - always enforce that ffmpeg is enabled - only enforce ffmpeg to be enabled when the package is already enabled In either case, that may cary the ffmpeg tool when it really is not needed. So leave it to the user to decide whether they want it or not. tvheadend now has a bunch of options, so make it a sub-menu. Signed-off-by: -
Bernd Kuhls authored
Signed-off-by:
-
Bernd Kuhls authored
Signed-off-by:
-
