mbox series

scarthgap merge request: March 23rd

Message ID 952235ba-b7ee-4ba7-831f-3a679c900cf3@gmail.com
State New
Headers show
Series scarthgap merge request: March 23rd | expand

Pull-request

https://git.openembedded.org/meta-openembedded scarthgap-next

Message

akuster808 March 23, 2025, 7:06 p.m. UTC
The following changes since commit 6c9f1f8d4538119803bf793747b65e4d23c33544:

   nginx: fix CVE-2025-23419 (2025-03-03 08:09:03 -0500)

are available in the Git repository at:

   https://git.openembedded.org/meta-openembedded scarthgap-next

for you to fetch changes up to edd1a1e284fdcb80cd48d411f235d47f23bc27ae:

   mongodb: fix build with python 3.12 (2025-03-07 19:40:51 -0500)

----------------------------------------------------------------
Awais Belal (1):
       mongodb: fix build with python 3.12

Peter Marko (1):
       libmodbus: patch CVE-2024-10918

Virendra Thakur (1):
       unbound: Fix CVE-2024-8508

  .../recipes-support/unbound/unbound/CVE-2024-8508.patch         | 247 
++++++++++++++++++++++++++++
  meta-networking/recipes-support/unbound/unbound_1.19.3.bb       | 4 +-
  .../0001-moduleconfig.py-python-3.12-compatibility.patch        | 57 
+++++++
  .../meta-python/recipes-dbs/mongodb/mongodb_git.bb              | 3 +-
  .../libmodbus/libmodbus/CVE-2024-10918-01.patch                 | 177 
++++++++++++++++++++
  .../libmodbus/libmodbus/CVE-2024-10918-02.patch                 | 121 
++++++++++++++
  .../libmodbus/libmodbus/CVE-2024-10918-03.patch                 | 84 
++++++++++
  .../libmodbus/libmodbus/CVE-2024-10918-04.patch                 | 239 
+++++++++++++++++++++++++++
  meta-oe/recipes-extended/libmodbus/libmodbus_3.1.10.bb          | 8 +-
  9 files changed, 936 insertions(+), 4 deletions(-)
  create mode 100644 
meta-networking/recipes-support/unbound/unbound/CVE-2024-8508.patch
  create mode 100644 
meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb/0001-moduleconfig.py-python-3.12-compatibility.patch
  create mode 100644 
meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2024-10918-01.patch
  create mode 100644 
meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2024-10918-02.patch
  create mode 100644 
meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2024-10918-03.patch
  create mode 100644 
meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2024-10918-04.patc

Comments

Khem Raj March 23, 2025, 7:14 p.m. UTC | #1
merged thanks Armin

On Sun, Mar 23, 2025 at 12:06 PM akuster808 <akuster808@gmail.com> wrote:
>
> The following changes since commit 6c9f1f8d4538119803bf793747b65e4d23c33544:
>
>    nginx: fix CVE-2025-23419 (2025-03-03 08:09:03 -0500)
>
> are available in the Git repository at:
>
>    https://git.openembedded.org/meta-openembedded scarthgap-next
>
> for you to fetch changes up to edd1a1e284fdcb80cd48d411f235d47f23bc27ae:
>
>    mongodb: fix build with python 3.12 (2025-03-07 19:40:51 -0500)
>
> ----------------------------------------------------------------
> Awais Belal (1):
>        mongodb: fix build with python 3.12
>
> Peter Marko (1):
>        libmodbus: patch CVE-2024-10918
>
> Virendra Thakur (1):
>        unbound: Fix CVE-2024-8508
>
>   .../recipes-support/unbound/unbound/CVE-2024-8508.patch         | 247
> ++++++++++++++++++++++++++++
>   meta-networking/recipes-support/unbound/unbound_1.19.3.bb       | 4 +-
>   .../0001-moduleconfig.py-python-3.12-compatibility.patch        | 57
> +++++++
>   .../meta-python/recipes-dbs/mongodb/mongodb_git.bb              | 3 +-
>   .../libmodbus/libmodbus/CVE-2024-10918-01.patch                 | 177
> ++++++++++++++++++++
>   .../libmodbus/libmodbus/CVE-2024-10918-02.patch                 | 121
> ++++++++++++++
>   .../libmodbus/libmodbus/CVE-2024-10918-03.patch                 | 84
> ++++++++++
>   .../libmodbus/libmodbus/CVE-2024-10918-04.patch                 | 239
> +++++++++++++++++++++++++++
>   meta-oe/recipes-extended/libmodbus/libmodbus_3.1.10.bb          | 8 +-
>   9 files changed, 936 insertions(+), 4 deletions(-)
>   create mode 100644
> meta-networking/recipes-support/unbound/unbound/CVE-2024-8508.patch
>   create mode 100644
> meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb/0001-moduleconfig.py-python-3.12-compatibility.patch
>   create mode 100644
> meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2024-10918-01.patch
>   create mode 100644
> meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2024-10918-02.patch
>   create mode 100644
> meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2024-10918-03.patch
>   create mode 100644
> meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2024-10918-04.patc
Yoann Congal March 27, 2025, 10:56 p.m. UTC | #2
Hello Armin,

I feel like you lost those 2 patches for wolfssl on scarthgap:
[meta-networking][scarthgap][PATCH 1/2] Wolfssl: add ptest
https://lists.openembedded.org/g/openembedded-devel/message/115831
[meta-networking][scarthgap][PATCH 2/2] wolfssl: Upgrade 5.7.0 -&gt; 5.7.2
https://lists.openembedded.org/g/openembedded-devel/message/115832

Alternatively, we could backport
https://git.openembedded.org/meta-openembedded/commit/?id=e23eaf27d83963e8d82411d96f6817fc970fd89f
only (just the upgrade)

That would fix the CVE-2024-5991 from
https://valkyrie.yocto.io/pub/non-release/patchmetrics-meta-oe/

Thanks!

Le dim. 23 mars 2025 à 20:14, Khem Raj via lists.openembedded.org
<raj.khem=gmail.com@lists.openembedded.org> a écrit :
>
> merged thanks Armin
>
> On Sun, Mar 23, 2025 at 12:06 PM akuster808 <akuster808@gmail.com> wrote:
> >
> > The following changes since commit 6c9f1f8d4538119803bf793747b65e4d23c33544:
> >
> >    nginx: fix CVE-2025-23419 (2025-03-03 08:09:03 -0500)
> >
> > are available in the Git repository at:
> >
> >    https://git.openembedded.org/meta-openembedded scarthgap-next
> >
> > for you to fetch changes up to edd1a1e284fdcb80cd48d411f235d47f23bc27ae:
> >
> >    mongodb: fix build with python 3.12 (2025-03-07 19:40:51 -0500)
> >
> > ----------------------------------------------------------------
> > Awais Belal (1):
> >        mongodb: fix build with python 3.12
> >
> > Peter Marko (1):
> >        libmodbus: patch CVE-2024-10918
> >
> > Virendra Thakur (1):
> >        unbound: Fix CVE-2024-8508
> >
> >   .../recipes-support/unbound/unbound/CVE-2024-8508.patch         | 247
> > ++++++++++++++++++++++++++++
> >   meta-networking/recipes-support/unbound/unbound_1.19.3.bb       | 4 +-
> >   .../0001-moduleconfig.py-python-3.12-compatibility.patch        | 57
> > +++++++
> >   .../meta-python/recipes-dbs/mongodb/mongodb_git.bb              | 3 +-
> >   .../libmodbus/libmodbus/CVE-2024-10918-01.patch                 | 177
> > ++++++++++++++++++++
> >   .../libmodbus/libmodbus/CVE-2024-10918-02.patch                 | 121
> > ++++++++++++++
> >   .../libmodbus/libmodbus/CVE-2024-10918-03.patch                 | 84
> > ++++++++++
> >   .../libmodbus/libmodbus/CVE-2024-10918-04.patch                 | 239
> > +++++++++++++++++++++++++++
> >   meta-oe/recipes-extended/libmodbus/libmodbus_3.1.10.bb          | 8 +-
> >   9 files changed, 936 insertions(+), 4 deletions(-)
> >   create mode 100644
> > meta-networking/recipes-support/unbound/unbound/CVE-2024-8508.patch
> >   create mode 100644
> > meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb/0001-moduleconfig.py-python-3.12-compatibility.patch
> >   create mode 100644
> > meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2024-10918-01.patch
> >   create mode 100644
> > meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2024-10918-02.patch
> >   create mode 100644
> > meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2024-10918-03.patch
> >   create mode 100644
> > meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2024-10918-04.patc
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#116204): https://lists.openembedded.org/g/openembedded-devel/message/116204
> Mute This Topic: https://lists.openembedded.org/mt/111864517/4316185
> Group Owner: openembedded-devel+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [yoann.congal@smile.fr]
> -=-=-=-=-=-=-=-=-=-=-=-
>
Khem Raj March 29, 2025, 11:16 p.m. UTC | #3
merged now thanks.

On Thu, Mar 27, 2025 at 3:57 PM Yoann Congal <yoann.congal@smile.fr> wrote:
>
> Hello Armin,
>
> I feel like you lost those 2 patches for wolfssl on scarthgap:
> [meta-networking][scarthgap][PATCH 1/2] Wolfssl: add ptest
> https://lists.openembedded.org/g/openembedded-devel/message/115831
> [meta-networking][scarthgap][PATCH 2/2] wolfssl: Upgrade 5.7.0 -&gt; 5.7.2
> https://lists.openembedded.org/g/openembedded-devel/message/115832
>
> Alternatively, we could backport
> https://git.openembedded.org/meta-openembedded/commit/?id=e23eaf27d83963e8d82411d96f6817fc970fd89f
> only (just the upgrade)
>
> That would fix the CVE-2024-5991 from
> https://valkyrie.yocto.io/pub/non-release/patchmetrics-meta-oe/
>
> Thanks!
>
> Le dim. 23 mars 2025 à 20:14, Khem Raj via lists.openembedded.org
> <raj.khem=gmail.com@lists.openembedded.org> a écrit :
> >
> > merged thanks Armin
> >
> > On Sun, Mar 23, 2025 at 12:06 PM akuster808 <akuster808@gmail.com> wrote:
> > >
> > > The following changes since commit 6c9f1f8d4538119803bf793747b65e4d23c33544:
> > >
> > >    nginx: fix CVE-2025-23419 (2025-03-03 08:09:03 -0500)
> > >
> > > are available in the Git repository at:
> > >
> > >    https://git.openembedded.org/meta-openembedded scarthgap-next
> > >
> > > for you to fetch changes up to edd1a1e284fdcb80cd48d411f235d47f23bc27ae:
> > >
> > >    mongodb: fix build with python 3.12 (2025-03-07 19:40:51 -0500)
> > >
> > > ----------------------------------------------------------------
> > > Awais Belal (1):
> > >        mongodb: fix build with python 3.12
> > >
> > > Peter Marko (1):
> > >        libmodbus: patch CVE-2024-10918
> > >
> > > Virendra Thakur (1):
> > >        unbound: Fix CVE-2024-8508
> > >
> > >   .../recipes-support/unbound/unbound/CVE-2024-8508.patch         | 247
> > > ++++++++++++++++++++++++++++
> > >   meta-networking/recipes-support/unbound/unbound_1.19.3.bb       | 4 +-
> > >   .../0001-moduleconfig.py-python-3.12-compatibility.patch        | 57
> > > +++++++
> > >   .../meta-python/recipes-dbs/mongodb/mongodb_git.bb              | 3 +-
> > >   .../libmodbus/libmodbus/CVE-2024-10918-01.patch                 | 177
> > > ++++++++++++++++++++
> > >   .../libmodbus/libmodbus/CVE-2024-10918-02.patch                 | 121
> > > ++++++++++++++
> > >   .../libmodbus/libmodbus/CVE-2024-10918-03.patch                 | 84
> > > ++++++++++
> > >   .../libmodbus/libmodbus/CVE-2024-10918-04.patch                 | 239
> > > +++++++++++++++++++++++++++
> > >   meta-oe/recipes-extended/libmodbus/libmodbus_3.1.10.bb          | 8 +-
> > >   9 files changed, 936 insertions(+), 4 deletions(-)
> > >   create mode 100644
> > > meta-networking/recipes-support/unbound/unbound/CVE-2024-8508.patch
> > >   create mode 100644
> > > meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb/0001-moduleconfig.py-python-3.12-compatibility.patch
> > >   create mode 100644
> > > meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2024-10918-01.patch
> > >   create mode 100644
> > > meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2024-10918-02.patch
> > >   create mode 100644
> > > meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2024-10918-03.patch
> > >   create mode 100644
> > > meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2024-10918-04.patc
> >
> > -=-=-=-=-=-=-=-=-=-=-=-
> > Links: You receive all messages sent to this group.
> > View/Reply Online (#116204): https://lists.openembedded.org/g/openembedded-devel/message/116204
> > Mute This Topic: https://lists.openembedded.org/mt/111864517/4316185
> > Group Owner: openembedded-devel+owner@lists.openembedded.org
> > Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [yoann.congal@smile.fr]
> > -=-=-=-=-=-=-=-=-=-=-=-
> >
>
>
> --
> Yoann Congal
> Smile ECS