mbox series

Scarthgap merge request: Aug 14th

Message ID 9e3f12ac-a97b-4592-ab0b-fe720a5692f2@gmail.com
State New
Headers show
Series Scarthgap merge request: Aug 14th | expand

Pull-request

https://git.openembedded.org/meta-openembedded scarthgap-next

Message

akuster808 Aug. 14, 2025, 5:14 p.m. UTC 
The following changes since commit e8fd97d86af86cdcc5a6eb3f301cbaf6a2084943:

   xfce4 update HOMEPAGEs (2025-07-10 20:29:57 -0400)

are available in the Git repository at:

   https://git.openembedded.org/meta-openembedded scarthgap-next

for you to fetch changes up to 205638f9edf8e1aa1fbcf28555625fe56f2701a5:

   poco: patch CVE-2025-6375 (2025-08-02 13:37:04 -0400)

----------------------------------------------------------------
Guocai He (3):
       thrift: correct the SRC_URI
       softhsm: correct the SRC_URI
       mariadb: File conflicts for multilib

Guðni Már Gilbert (1):
       mbedtls: upgrade 3.6.3.1 -> 3.6.4

Hitendra Prajapati (3):
       redis: fix CVE-2025-32023
       libssh: fix CVE-2025-5351 & CVE-2025-5372
       open-vm-tools: fix CVE-2025-22247

Jinfeng Wang (1):
       postfix: fix rootfs file difference

Peter Marko (5):
       libcoap: patch CVE-2024-31031
       spdlog: patch CVE-2025-6140
       minifi-cpp: patch spdlog CVE-2025-6140
       poco: ignore additional failing tests
       poco: patch CVE-2025-6375

Swamil Jain (1):
       kmsxx: Revert to using original name for kmstest

Vijay Anusuri (2):
       proftpd: Fix CVE-2023-51713
       apache2: Upgrade 2.4.62 -> 2.4.64

Wang Mingyu (1):
       mbedtls: upgrade 3.6.3 -> 3.6.3.1

Yogita Urade (2):
       mariadb: upgrade 10.11.9 -> 10.11.12
       poppler: fix CVE-2025-52886

  .../mbedtls/{mbedtls_3.6.3.bb => mbedtls_3.6.4.bb} |    7 +-
  .../postfix/files/0006-postfix-add-preliminary-setting.patch    | 31 +
  meta-networking/recipes-daemons/postfix/postfix_3.8.6.bb |    1 +
  .../recipes-daemons/proftpd/files/CVE-2023-51713.patch          | 278 ++
  meta-networking/recipes-daemons/proftpd/proftpd_1.3.7c.bb |    1 +
  .../recipes-devtools/libcoap/libcoap/CVE-2024-31031.patch       | 82 +
  meta-networking/recipes-devtools/libcoap/libcoap_4.3.4.bb |    1 +
  .../open-vm-tools/open-vm-tools/CVE-2025-22247.patch            | 378 +++
  .../recipes-support/open-vm-tools/open-vm-tools_12.3.5.bb |    1 +
  .../meta-python/recipes-multimedia/kmsxx/kmsxx_git.bb |    7 -
  meta-oe/recipes-connectivity/thrift/thrift_0.20.0.bb |    2 +-
  .../{mariadb-native_10.11.9.bb => mariadb-native_10.11.12.bb} |    0
  meta-oe/recipes-dbs/mysql/mariadb.inc                           | 11 +-
  .../mariadb/0001-Add-missing-includes-cstdint-and-cstdio.patch  | 43 +-
  meta-oe/recipes-dbs/mysql/mariadb/mm_malloc.patch               | 13 -
  meta-oe/recipes-dbs/mysql/mariadb/ppc-remove-glibc-dep.patch    | 43 -
  .../mysql/{mariadb_10.11.9.bb => mariadb_10.11.12.bb} |    0
  meta-oe/recipes-extended/minifi-cpp/files/CVE-2025-6140.patch   | 35 +
  meta-oe/recipes-extended/minifi-cpp/minifi-cpp_0.15.0.bb |    1 +
  meta-oe/recipes-extended/redis/redis-7.2.8/CVE-2025-32023.patch | 218 ++
  meta-oe/recipes-extended/redis/redis_7.2.8.bb |    1 +
  meta-oe/recipes-security/softhsm/softhsm_2.6.1.bb |    2 +-
  meta-oe/recipes-support/libssh/libssh/CVE-2025-5351.patch       | 38 +
  meta-oe/recipes-support/libssh/libssh/CVE-2025-5372.patch       | 150 +
  meta-oe/recipes-support/libssh/libssh_0.10.6.bb |    2 +
  .../0001-cppignore.lnx-Ignore-PKCS12-and-testLaunch-test.patch  | 21 +-
  meta-oe/recipes-support/poco/poco/CVE-2025-6375.patch           | 34 +
  meta-oe/recipes-support/poco/poco_1.12.5p2.bb |    1 +
  .../recipes-support/poppler/poppler/CVE-2025-52886-0001.patch   | 4325 
+++++++++++++++++++++++++++
  .../recipes-support/poppler/poppler/CVE-2025-52886-0002.patch   | 58 +
  meta-oe/recipes-support/poppler/poppler_23.04.0.bb |    2 +
  meta-oe/recipes-support/spdlog/spdlog/CVE-2025-6140.patch       | 35 +
  meta-oe/recipes-support/spdlog/spdlog_1.13.0.bb |    4 +-
  .../apache2/{apache2_2.4.62.bb => apache2_2.4.64.bb} |    2 +-
  34 files changed, 5722 insertions(+), 106 deletions(-)
  rename meta-networking/recipes-connectivity/mbedtls/{mbedtls_3.6.3.bb 
=> mbedtls_3.6.4.bb} (94%)
  create mode 100644 
meta-networking/recipes-daemons/postfix/files/0006-postfix-add-preliminary-setting.patch
  create mode 100644 
meta-networking/recipes-daemons/proftpd/files/CVE-2023-51713.patch
  create mode 100644 
meta-networking/recipes-devtools/libcoap/libcoap/CVE-2024-31031.patch
  create mode 100644 
meta-networking/recipes-support/open-vm-tools/open-vm-tools/CVE-2025-22247.patch
  rename meta-oe/recipes-dbs/mysql/{mariadb-native_10.11.9.bb => 
mariadb-native_10.11.12.bb} (100%)
  delete mode 100644 meta-oe/recipes-dbs/mysql/mariadb/mm_malloc.patch
  delete mode 100644 
meta-oe/recipes-dbs/mysql/mariadb/ppc-remove-glibc-dep.patch
  rename meta-oe/recipes-dbs/mysql/{mariadb_10.11.9.bb => 
mariadb_10.11.12.bb} (100%)
  create mode 100644 
meta-oe/recipes-extended/minifi-cpp/files/CVE-2025-6140.patch
  create mode 100644 
meta-oe/recipes-extended/redis/redis-7.2.8/CVE-2025-32023.patch
  create mode 100644 
meta-oe/recipes-support/libssh/libssh/CVE-2025-5351.patch
  create mode 100644 
meta-oe/recipes-support/libssh/libssh/CVE-2025-5372.patch
  create mode 100644 meta-oe/recipes-support/poco/poco/CVE-2025-6375.patch
  create mode 100644 
meta-oe/recipes-support/poppler/poppler/CVE-2025-52886-0001.patch
  create mode 100644 
meta-oe/recipes-support/poppler/poppler/CVE-2025-52886-0002.patch
  create mode 100644 
meta-oe/recipes-support/spdlog/spdlog/CVE-2025-6140.patch
  rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.62.bb => 
apache2_2.4.64.bb} (99%)

Comments

Khem Raj Aug. 14, 2025, 6:11 p.m. UTC | #1 
Hi Armin

Applied

Thanks
-Khem

On Thu, Aug 14, 2025 at 10:14 AM akuster808 <akuster808@gmail.com> wrote:
>
> The following changes since commit e8fd97d86af86cdcc5a6eb3f301cbaf6a2084943:
>
>    xfce4 update HOMEPAGEs (2025-07-10 20:29:57 -0400)
>
> are available in the Git repository at:
>
>    https://git.openembedded.org/meta-openembedded scarthgap-next
>
> for you to fetch changes up to 205638f9edf8e1aa1fbcf28555625fe56f2701a5:
>
>    poco: patch CVE-2025-6375 (2025-08-02 13:37:04 -0400)
>
> ----------------------------------------------------------------
> Guocai He (3):
>        thrift: correct the SRC_URI
>        softhsm: correct the SRC_URI
>        mariadb: File conflicts for multilib
>
> Guðni Már Gilbert (1):
>        mbedtls: upgrade 3.6.3.1 -> 3.6.4
>
> Hitendra Prajapati (3):
>        redis: fix CVE-2025-32023
>        libssh: fix CVE-2025-5351 & CVE-2025-5372
>        open-vm-tools: fix CVE-2025-22247
>
> Jinfeng Wang (1):
>        postfix: fix rootfs file difference
>
> Peter Marko (5):
>        libcoap: patch CVE-2024-31031
>        spdlog: patch CVE-2025-6140
>        minifi-cpp: patch spdlog CVE-2025-6140
>        poco: ignore additional failing tests
>        poco: patch CVE-2025-6375
>
> Swamil Jain (1):
>        kmsxx: Revert to using original name for kmstest
>
> Vijay Anusuri (2):
>        proftpd: Fix CVE-2023-51713
>        apache2: Upgrade 2.4.62 -> 2.4.64
>
> Wang Mingyu (1):
>        mbedtls: upgrade 3.6.3 -> 3.6.3.1
>
> Yogita Urade (2):
>        mariadb: upgrade 10.11.9 -> 10.11.12
>        poppler: fix CVE-2025-52886
>
>   .../mbedtls/{mbedtls_3.6.3.bb => mbedtls_3.6.4.bb} |    7 +-
>   .../postfix/files/0006-postfix-add-preliminary-setting.patch    | 31 +
>   meta-networking/recipes-daemons/postfix/postfix_3.8.6.bb |    1 +
>   .../recipes-daemons/proftpd/files/CVE-2023-51713.patch          | 278 ++
>   meta-networking/recipes-daemons/proftpd/proftpd_1.3.7c.bb |    1 +
>   .../recipes-devtools/libcoap/libcoap/CVE-2024-31031.patch       | 82 +
>   meta-networking/recipes-devtools/libcoap/libcoap_4.3.4.bb |    1 +
>   .../open-vm-tools/open-vm-tools/CVE-2025-22247.patch            | 378 +++
>   .../recipes-support/open-vm-tools/open-vm-tools_12.3.5.bb |    1 +
>   .../meta-python/recipes-multimedia/kmsxx/kmsxx_git.bb |    7 -
>   meta-oe/recipes-connectivity/thrift/thrift_0.20.0.bb |    2 +-
>   .../{mariadb-native_10.11.9.bb => mariadb-native_10.11.12.bb} |    0
>   meta-oe/recipes-dbs/mysql/mariadb.inc                           | 11 +-
>   .../mariadb/0001-Add-missing-includes-cstdint-and-cstdio.patch  | 43 +-
>   meta-oe/recipes-dbs/mysql/mariadb/mm_malloc.patch               | 13 -
>   meta-oe/recipes-dbs/mysql/mariadb/ppc-remove-glibc-dep.patch    | 43 -
>   .../mysql/{mariadb_10.11.9.bb => mariadb_10.11.12.bb} |    0
>   meta-oe/recipes-extended/minifi-cpp/files/CVE-2025-6140.patch   | 35 +
>   meta-oe/recipes-extended/minifi-cpp/minifi-cpp_0.15.0.bb |    1 +
>   meta-oe/recipes-extended/redis/redis-7.2.8/CVE-2025-32023.patch | 218 ++
>   meta-oe/recipes-extended/redis/redis_7.2.8.bb |    1 +
>   meta-oe/recipes-security/softhsm/softhsm_2.6.1.bb |    2 +-
>   meta-oe/recipes-support/libssh/libssh/CVE-2025-5351.patch       | 38 +
>   meta-oe/recipes-support/libssh/libssh/CVE-2025-5372.patch       | 150 +
>   meta-oe/recipes-support/libssh/libssh_0.10.6.bb |    2 +
>   .../0001-cppignore.lnx-Ignore-PKCS12-and-testLaunch-test.patch  | 21 +-
>   meta-oe/recipes-support/poco/poco/CVE-2025-6375.patch           | 34 +
>   meta-oe/recipes-support/poco/poco_1.12.5p2.bb |    1 +
>   .../recipes-support/poppler/poppler/CVE-2025-52886-0001.patch   | 4325
> +++++++++++++++++++++++++++
>   .../recipes-support/poppler/poppler/CVE-2025-52886-0002.patch   | 58 +
>   meta-oe/recipes-support/poppler/poppler_23.04.0.bb |    2 +
>   meta-oe/recipes-support/spdlog/spdlog/CVE-2025-6140.patch       | 35 +
>   meta-oe/recipes-support/spdlog/spdlog_1.13.0.bb |    4 +-
>   .../apache2/{apache2_2.4.62.bb => apache2_2.4.64.bb} |    2 +-
>   34 files changed, 5722 insertions(+), 106 deletions(-)
>   rename meta-networking/recipes-connectivity/mbedtls/{mbedtls_3.6.3.bb
> => mbedtls_3.6.4.bb} (94%)
>   create mode 100644
> meta-networking/recipes-daemons/postfix/files/0006-postfix-add-preliminary-setting.patch
>   create mode 100644
> meta-networking/recipes-daemons/proftpd/files/CVE-2023-51713.patch
>   create mode 100644
> meta-networking/recipes-devtools/libcoap/libcoap/CVE-2024-31031.patch
>   create mode 100644
> meta-networking/recipes-support/open-vm-tools/open-vm-tools/CVE-2025-22247.patch
>   rename meta-oe/recipes-dbs/mysql/{mariadb-native_10.11.9.bb =>
> mariadb-native_10.11.12.bb} (100%)
>   delete mode 100644 meta-oe/recipes-dbs/mysql/mariadb/mm_malloc.patch
>   delete mode 100644
> meta-oe/recipes-dbs/mysql/mariadb/ppc-remove-glibc-dep.patch
>   rename meta-oe/recipes-dbs/mysql/{mariadb_10.11.9.bb =>
> mariadb_10.11.12.bb} (100%)
>   create mode 100644
> meta-oe/recipes-extended/minifi-cpp/files/CVE-2025-6140.patch
>   create mode 100644
> meta-oe/recipes-extended/redis/redis-7.2.8/CVE-2025-32023.patch
>   create mode 100644
> meta-oe/recipes-support/libssh/libssh/CVE-2025-5351.patch
>   create mode 100644
> meta-oe/recipes-support/libssh/libssh/CVE-2025-5372.patch
>   create mode 100644 meta-oe/recipes-support/poco/poco/CVE-2025-6375.patch
>   create mode 100644
> meta-oe/recipes-support/poppler/poppler/CVE-2025-52886-0001.patch
>   create mode 100644
> meta-oe/recipes-support/poppler/poppler/CVE-2025-52886-0002.patch
>   create mode 100644
> meta-oe/recipes-support/spdlog/spdlog/CVE-2025-6140.patch
>   rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.62.bb =>
> apache2_2.4.64.bb} (99%)
>