From: Leon Anavi <leon.anavi@...> Upgrade to release 9.0.0: - Restrict builtins for ImageMath.eval() - Ensure JpegImagePlugin stops at the end of a truncated file - Fixed ImagePath.Path

From: Trevor Gamblin <trevor.gamblin@...> From the release notes: - CVE-2021-23437: Avoid a potential ReDoS (regular expression denial of service) in ImageColor’s getrgb() by raising

From: Leon Anavi <leon.anavi@...> Upgrade to release 8.3.1: - Catch OSError when checking if fp is sys.stdout - Handle removing orientation from alternate types of EXIF data - Make

From: Leon Anavi <leon.anavi@...> Upgrade to release 8.2.0: - Added getxmp() method - Add ImageShow support for GraphicsMagick - Do not load transparent pixels from subsequent GIF frames -

From: Kai Kang <kai.kang@...> 8.1.2 fixes: * CVE-2021-27921 * CVE-2021-27922 * CVE-2021-27923 8.1.1 fixes: * CVE-2021-25289 * CVE-2021-25290 * CVE-2021-25291 * CVE-2021-25292 *

From: Leon Anavi <leon.anavi@...> Upgrade to release 8.1.0: - Fix TIFF OOB Write error - Fix for Buffer Read Overrun in PCX Decoding - Fix for SGI Decode buffer overrun - Fix OOB Read when

From: Leon Anavi <leon.anavi@...> Upgrade to release 7.2.0: - Do not convert I;16 images when showing PNGs - Fixed ICNS file pointer saving - Fixed loading non-RGBA mode APNGs with dispose

Signed-off-by: Markus Volk <f_l_k@...> --- meta-gnome/recipes-connectivity/geary/geary_40.0.bb | 4 ++-- meta-gnome/recipes-gimp/gegl/gegl_0.4.36.bb | 2 +-

can you rebase it on master-next and resend please?

Signed-off-by: Markus Volk <f_l_k@...> --- meta-gnome/recipes-connectivity/geary/geary_40.0.bb | 4 ++-- meta-gnome/recipes-gimp/gegl/gegl_0.4.36.bb | 2 +-

if its bumping from version to version, then perhaps its better to rename the recipe to hidapi_0.12.0.bb and drop setting PV inside the recipe it's easy to manage bbappends that way

yeah if there is no tag then this is a better approach. right, its perhaps in install target of makefile where it maybe the better place to fix it and also upstream it.

I'd be in favor of a _git recipe that set PV = "2.3+git${SRCPV}", but Khem might have a different opinion. Hrm, that suggests upstream have a broken Makefile using "cp -p", it could be worthwhile to

fails to build see https://autobuilder.yoctoproject.org/typhoon/#/builders/88/builds/1794/steps/14/logs/stdio

From: Riyaz Ahmed Khan <Riyaz.Khan@...> Add patch for CVE issue: CVE-2018-16301 Link: https://github.com/the-tcpdump-group/tcpdump/commit/8ab211a7ec728bb0ad8c766c8eeb12deb0a13b86 Signed-off-by:

Hard to say if there's a specific revision that was meant to be the release, but I could update this to 2.3 and just use the latest revision? The installed files had local user and group IDs that

Released: 2022-05-24 Bugfixes: - Fix the crash for when the root tree has no children - Fix the crash when getting the element for the [empty] root - Install xb-tool into bindir Signed-off-by:

Signed-off-by: Wang Mingyu <wangmy@...> --- meta-oe/recipes-support/links/{links_2.26.bb => links_2.27.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename

Signed-off-by: Wang Mingyu <wangmy@...> --- .../ser2net/{ser2net_4.3.5.bb => ser2net_4.3.6.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename

Signed-off-by: Wang Mingyu <wangmy@...> --- .../libdvdread/{libdvdread_6.1.2.bb => libdvdread_6.1.3.bb} | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) rename