mbox series

scarthgap merge request: May 25th

Message ID 1d52301c-768d-47b9-91d6-b48a4d0d7296@gmail.com
State New
Headers show
Series scarthgap merge request: May 25th | expand

Pull-request

https://git.openembedded.org/meta-openembedded scarthgap-next

Message

akuster808 May 25, 2025, 6:26 p.m. UTC 
The following changes since commit e92d0173a80ea7592c866618ef5293203c50544c:

   lmsensors: Clean stale files for sensord to avoid incorrect GCC 
header dependencies (2025-04-16 20:33:56 -0400)

are available in the Git repository at:

   https://git.openembedded.org/meta-openembedded scarthgap-next

for you to fetch changes up to 491671faee11ea131feab5a3a451d1a01deb2ab1:

   proftpd: Fix CVE-2024-57392 (2025-05-21 09:17:27 -0400)

----------------------------------------------------------------
Archana Polampalli (1):
       tftpy: fix CVE-2023-46566

Ariel D'Alessandro (1):
       pipewire: Install missing ALSA config files

Jeroen Hofstee (3):
       nodejs: backport a patch to prevent brotli crashing nodejs
       can-utils: fix printing / reading timestamps
       can-utils: handle CAN_ERR_CNT correctly

Khem Raj (1):
       python3-posix-ipc: switch to PEP-517 build backend

Martin Jansa (1):
       python3-posix-ipc: improve build_support

Peter Marko (1):
       libmodbus: ignore CVE-2023-26793 and CVE-2024-34244

Soumya Sambu (1):
       iniparser: Fix CVE-2025-0633

Vijay Anusuri (1):
       proftpd: Fix CVE-2024-57392

Wang Mingyu (1):
       python3-posix-ipc: upgrade 1.1.1 -> 1.2.0

Yogita Urade (4):
       poppler: fix CVE-2025-32364
       poppler: fix CVE-2025-32365
       poppler: fix CVE-2025-43903
       syslog-ng: fix CVE-2024-47619

Zhang Peng (1):
       iperf3: upgrade 3.16 -> 3.18

  meta-multimedia/recipes-multimedia/pipewire/pipewire_1.0.9.bb   | 10 +
  .../recipes-daemons/proftpd/files/CVE-2024-57392.patch          | 42 +++
  meta-networking/recipes-daemons/proftpd/proftpd_1.3.7c.bb       | 1 +
  .../iperf3/iperf3/do-not-listen-to-old-udp-prot-listener.patch  | 30 --
  .../recipes-benchmark/iperf3/{iperf3_3.16.bb => iperf3_3.18.bb} |   7 +-
  .../nodejs/nodejs/zlib-fix-pointer-alignment.patch              | 64 +++++
  meta-oe/recipes-devtools/nodejs/nodejs_20.18.2.bb               | 1 +
  meta-oe/recipes-extended/libmodbus/libmodbus_3.1.10.bb          | 3 +
  ...1-lib-snprintf_can_error_frame-don-t-bail-out-if-CAN_E.patch | 70 +++++
  ...1-timestamp-formatting-always-use-64-bit-for-timestamp.patch | 422 
++++++++++++++++++++++++++++
  meta-oe/recipes-extended/socketcan/can-utils_2023.03.bb         | 5 +-
  meta-oe/recipes-support/iniparser/iniparser/CVE-2025-0633.patch | 37 +++
  meta-oe/recipes-support/iniparser/iniparser_4.1.bb              | 1 +
  meta-oe/recipes-support/poppler/poppler/CVE-2025-32364.patch    | 28 ++
  meta-oe/recipes-support/poppler/poppler/CVE-2025-32365.patch    | 41 +++
  .../recipes-support/poppler/poppler/CVE-2025-43903-0001.patch   | 75 +++++
  .../recipes-support/poppler/poppler/CVE-2025-43903-0002.patch   | 49 ++++
  meta-oe/recipes-support/poppler/poppler_23.04.0.bb              | 4 +
  meta-oe/recipes-support/syslog-ng/files/CVE-2024-47619.patch    | 292 
+++++++++++++++++++
  meta-oe/recipes-support/syslog-ng/syslog-ng_4.6.0.bb            | 1 +
  ...1-build_support-use-source-filename-instead-of-foo-for.patch | 50 ++++
  ...2-build_support-handle-empty-max_priority-value-as-Non.patch | 49 ++++
  ...3-build_support-use-does_build_succeed-in-compile_and_.patch | 62 ++++
  meta-python/recipes-devtools/python/python3-posix-ipc_1.1.1.bb  | 11 -
  meta-python/recipes-devtools/python/python3-posix-ipc_1.2.0.bb  | 16 ++
  meta-python/recipes-devtools/python/tftpy/CVE-2023-46566.patch  | 26 ++
  meta-python/recipes-devtools/python/tftpy_0.8.2.bb              | 2 +
  27 files changed, 1353 insertions(+), 46 deletions(-)
  create mode 100644 
meta-networking/recipes-daemons/proftpd/files/CVE-2024-57392.patch
  delete mode 100644 
meta-oe/recipes-benchmark/iperf3/iperf3/do-not-listen-to-old-udp-prot-listener.patch
  rename meta-oe/recipes-benchmark/iperf3/{iperf3_3.16.bb => 
iperf3_3.18.bb} (82%)
  create mode 100644 
meta-oe/recipes-devtools/nodejs/nodejs/zlib-fix-pointer-alignment.patch
  create mode 100644 
meta-oe/recipes-extended/socketcan/can-utils/0001-lib-snprintf_can_error_frame-don-t-bail-out-if-CAN_E.patch
  create mode 100644 
meta-oe/recipes-extended/socketcan/can-utils/0001-timestamp-formatting-always-use-64-bit-for-timestamp.patch
  create mode 100644 
meta-oe/recipes-support/iniparser/iniparser/CVE-2025-0633.patch
  create mode 100644 
meta-oe/recipes-support/poppler/poppler/CVE-2025-32364.patch
  create mode 100644 
meta-oe/recipes-support/poppler/poppler/CVE-2025-32365.patch
  create mode 100644 
meta-oe/recipes-support/poppler/poppler/CVE-2025-43903-0001.patch
  create mode 100644 
meta-oe/recipes-support/poppler/poppler/CVE-2025-43903-0002.patch
  create mode 100644 
meta-oe/recipes-support/syslog-ng/files/CVE-2024-47619.patch
  create mode 100644 
meta-python/recipes-devtools/python/python3-posix-ipc/0001-build_support-use-source-filename-instead-of-foo-for.patch
  create mode 100644 
meta-python/recipes-devtools/python/python3-posix-ipc/0002-build_support-handle-empty-max_priority-value-as-Non.patch
  create mode 100644 
meta-python/recipes-devtools/python/python3-posix-ipc/0003-build_support-use-does_build_succeed-in-compile_and_.patch
  delete mode 100644 
meta-python/recipes-devtools/python/python3-posix-ipc_1.1.1.bb
  create mode 100644 
meta-python/recipes-devtools/python/python3-posix-ipc_1.2.0.bb
  create mode 100644 
meta-python/recipes-devtools/python/tftpy/CVE-2023-46566.patch

Comments

Khem Raj May 26, 2025, 6:47 p.m. UTC | #1 
merged. Thanks Armin

On Sun, May 25, 2025 at 11:27 AM akuster808 <akuster808@gmail.com> wrote:
>
> The following changes since commit e92d0173a80ea7592c866618ef5293203c50544c:
>
>    lmsensors: Clean stale files for sensord to avoid incorrect GCC
> header dependencies (2025-04-16 20:33:56 -0400)
>
> are available in the Git repository at:
>
>    https://git.openembedded.org/meta-openembedded scarthgap-next
>
> for you to fetch changes up to 491671faee11ea131feab5a3a451d1a01deb2ab1:
>
>    proftpd: Fix CVE-2024-57392 (2025-05-21 09:17:27 -0400)
>
> ----------------------------------------------------------------
> Archana Polampalli (1):
>        tftpy: fix CVE-2023-46566
>
> Ariel D'Alessandro (1):
>        pipewire: Install missing ALSA config files
>
> Jeroen Hofstee (3):
>        nodejs: backport a patch to prevent brotli crashing nodejs
>        can-utils: fix printing / reading timestamps
>        can-utils: handle CAN_ERR_CNT correctly
>
> Khem Raj (1):
>        python3-posix-ipc: switch to PEP-517 build backend
>
> Martin Jansa (1):
>        python3-posix-ipc: improve build_support
>
> Peter Marko (1):
>        libmodbus: ignore CVE-2023-26793 and CVE-2024-34244
>
> Soumya Sambu (1):
>        iniparser: Fix CVE-2025-0633
>
> Vijay Anusuri (1):
>        proftpd: Fix CVE-2024-57392
>
> Wang Mingyu (1):
>        python3-posix-ipc: upgrade 1.1.1 -> 1.2.0
>
> Yogita Urade (4):
>        poppler: fix CVE-2025-32364
>        poppler: fix CVE-2025-32365
>        poppler: fix CVE-2025-43903
>        syslog-ng: fix CVE-2024-47619
>
> Zhang Peng (1):
>        iperf3: upgrade 3.16 -> 3.18
>
>   meta-multimedia/recipes-multimedia/pipewire/pipewire_1.0.9.bb   | 10 +
>   .../recipes-daemons/proftpd/files/CVE-2024-57392.patch          | 42 +++
>   meta-networking/recipes-daemons/proftpd/proftpd_1.3.7c.bb       | 1 +
>   .../iperf3/iperf3/do-not-listen-to-old-udp-prot-listener.patch  | 30 --
>   .../recipes-benchmark/iperf3/{iperf3_3.16.bb => iperf3_3.18.bb} |   7 +-
>   .../nodejs/nodejs/zlib-fix-pointer-alignment.patch              | 64 +++++
>   meta-oe/recipes-devtools/nodejs/nodejs_20.18.2.bb               | 1 +
>   meta-oe/recipes-extended/libmodbus/libmodbus_3.1.10.bb          | 3 +
>   ...1-lib-snprintf_can_error_frame-don-t-bail-out-if-CAN_E.patch | 70 +++++
>   ...1-timestamp-formatting-always-use-64-bit-for-timestamp.patch | 422
> ++++++++++++++++++++++++++++
>   meta-oe/recipes-extended/socketcan/can-utils_2023.03.bb         | 5 +-
>   meta-oe/recipes-support/iniparser/iniparser/CVE-2025-0633.patch | 37 +++
>   meta-oe/recipes-support/iniparser/iniparser_4.1.bb              | 1 +
>   meta-oe/recipes-support/poppler/poppler/CVE-2025-32364.patch    | 28 ++
>   meta-oe/recipes-support/poppler/poppler/CVE-2025-32365.patch    | 41 +++
>   .../recipes-support/poppler/poppler/CVE-2025-43903-0001.patch   | 75 +++++
>   .../recipes-support/poppler/poppler/CVE-2025-43903-0002.patch   | 49 ++++
>   meta-oe/recipes-support/poppler/poppler_23.04.0.bb              | 4 +
>   meta-oe/recipes-support/syslog-ng/files/CVE-2024-47619.patch    | 292
> +++++++++++++++++++
>   meta-oe/recipes-support/syslog-ng/syslog-ng_4.6.0.bb            | 1 +
>   ...1-build_support-use-source-filename-instead-of-foo-for.patch | 50 ++++
>   ...2-build_support-handle-empty-max_priority-value-as-Non.patch | 49 ++++
>   ...3-build_support-use-does_build_succeed-in-compile_and_.patch | 62 ++++
>   meta-python/recipes-devtools/python/python3-posix-ipc_1.1.1.bb  | 11 -
>   meta-python/recipes-devtools/python/python3-posix-ipc_1.2.0.bb  | 16 ++
>   meta-python/recipes-devtools/python/tftpy/CVE-2023-46566.patch  | 26 ++
>   meta-python/recipes-devtools/python/tftpy_0.8.2.bb              | 2 +
>   27 files changed, 1353 insertions(+), 46 deletions(-)
>   create mode 100644
> meta-networking/recipes-daemons/proftpd/files/CVE-2024-57392.patch
>   delete mode 100644
> meta-oe/recipes-benchmark/iperf3/iperf3/do-not-listen-to-old-udp-prot-listener.patch
>   rename meta-oe/recipes-benchmark/iperf3/{iperf3_3.16.bb =>
> iperf3_3.18.bb} (82%)
>   create mode 100644
> meta-oe/recipes-devtools/nodejs/nodejs/zlib-fix-pointer-alignment.patch
>   create mode 100644
> meta-oe/recipes-extended/socketcan/can-utils/0001-lib-snprintf_can_error_frame-don-t-bail-out-if-CAN_E.patch
>   create mode 100644
> meta-oe/recipes-extended/socketcan/can-utils/0001-timestamp-formatting-always-use-64-bit-for-timestamp.patch
>   create mode 100644
> meta-oe/recipes-support/iniparser/iniparser/CVE-2025-0633.patch
>   create mode 100644
> meta-oe/recipes-support/poppler/poppler/CVE-2025-32364.patch
>   create mode 100644
> meta-oe/recipes-support/poppler/poppler/CVE-2025-32365.patch
>   create mode 100644
> meta-oe/recipes-support/poppler/poppler/CVE-2025-43903-0001.patch
>   create mode 100644
> meta-oe/recipes-support/poppler/poppler/CVE-2025-43903-0002.patch
>   create mode 100644
> meta-oe/recipes-support/syslog-ng/files/CVE-2024-47619.patch
>   create mode 100644
> meta-python/recipes-devtools/python/python3-posix-ipc/0001-build_support-use-source-filename-instead-of-foo-for.patch
>   create mode 100644
> meta-python/recipes-devtools/python/python3-posix-ipc/0002-build_support-handle-empty-max_priority-value-as-Non.patch
>   create mode 100644
> meta-python/recipes-devtools/python/python3-posix-ipc/0003-build_support-use-does_build_succeed-in-compile_and_.patch
>   delete mode 100644
> meta-python/recipes-devtools/python/python3-posix-ipc_1.1.1.bb
>   create mode 100644
> meta-python/recipes-devtools/python/python3-posix-ipc_1.2.0.bb
>   create mode 100644
> meta-python/recipes-devtools/python/tftpy/CVE-2023-46566.patch
>