| Message ID | 20251203221541.2247324-1-peter.marko@siemens.com |
|---|---|
| State | Under Review |
| Headers | show |
| Series | [meta-networking] libcoap: upgrade 4.3.5 -> 4.3.5a | expand |
On Wed, Dec 3, 2025 at 2:15 PM Peter Marko via lists.openembedded.org <peter.marko=siemens.com@lists.openembedded.org> wrote: > From: Peter Marko <peter.marko@siemens.com> > > Changelog [1]: > * Fixes the following CVEs > CVE-2025-59391 > CVE-2025-65494 > CVE-2025-65495 > CVE-2025-65496 > CVE-2025-65497 > CVE-2025-65498 > CVE-2025-65499 > CVE-2025-65500 > CVE-2025-65501 > * CVE-2025-50518 not fixed as user application error. > * Support for Mbed TLS 3.6.3. > * Support for RIOT update changes. > * Fixes for later CI environment builds. > * Critical reported bugs fixed. > > Add tag to SRC_URI for hash verification. > > License-Update: copyright years refreshed [2] > > [1] https://github.com/obgm/libcoap/blob/v4.3.5a/ChangeLog > [2] > https://github.com/obgm/libcoap/commit/993c12ac92ce6a24a409924fe78a5c0fe7246699 > > Signed-off-by: Peter Marko <peter.marko@siemens.com> > --- > .../libcoap/{libcoap_4.3.5.bb => libcoap_4.3.5a.bb} | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > rename meta-networking/recipes-devtools/libcoap/{libcoap_4.3.5.bb => > libcoap_4.3.5a.bb} (93%) > > diff --git a/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5.bb > b/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5a.bb > similarity index 93% > rename from meta-networking/recipes-devtools/libcoap/libcoap_4.3.5.bb > rename to meta-networking/recipes-devtools/libcoap/libcoap_4.3.5a.bb > index a4e5f5ca46..0a8dacc377 100644 > --- a/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5.bb > +++ b/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5a.bb > @@ -5,12 +5,12 @@ RF range, memory, bandwith, or network packet sizes." > HOMEPAGE = "https://libcoap.net/" > > LICENSE = "BSD-2-Clause & BSD-3-Clause" > -LIC_FILES_CHKSUM = "file://LICENSE;md5=9aa68c0f6785376aa8ec7f4f1aa6ae3c" > +LIC_FILES_CHKSUM = "file://LICENSE;md5=05d17535846895e23ea4c79b16a9e904" > > -SRC_URI = "git://github.com/obgm/libcoap.git;branch=main;protocol=https \ > +SRC_URI = "git:// > github.com/obgm/libcoap.git;branch=main;protocol=https;tag=v${PV} > <http://github.com/obgm/libcoap.git;branch=main;protocol=https;tag=v$%7BPV%7D> > \ > This fails to fetch because the commit it not on main branch but on release-4.3.5-patches branch see https://autobuilder.yoctoproject.org/valkyrie/api/v2/logs/4396669/raw_inline I think bitbake -ccleanall <recipe> && bitbake <recipe> should reveal it file://run-ptest \ > " > -SRCREV = "7cf7465b784baded4de183290c547d582becfd28" > +SRCREV = "e3fdcdcfbd1588754fe9dd4b754ac9397260f0f9" > > > inherit autotools manpages pkgconfig ptest > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#122293): > https://lists.openembedded.org/g/openembedded-devel/message/122293 > Mute This Topic: https://lists.openembedded.org/mt/116602955/1997914 > Group Owner: openembedded-devel+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [ > raj.khem@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- > >
I’m not sure what’s with my local downloads cache setup, but even cleanall didn’t help and it succeeded. Anyway I have sent a v2 with corrected branch now. Peter From: Khem Raj <raj.khem@gmail.com> Sent: Thursday, December 4, 2025 5:33 To: Marko, Peter (FT D EU SK BFS1) <Peter.Marko@siemens.com> Cc: openembedded-devel@lists.openembedded.org Subject: Re: [oe] [meta-networking][PATCH] libcoap: upgrade 4.3.5 -> 4.3.5a On Wed, Dec 3, 2025 at 2:15 PM Peter Marko via lists.openembedded.org<http://lists.openembedded.org> <peter.marko=siemens.com@lists.openembedded.org<mailto:siemens.com@lists.openembedded.org>> wrote: From: Peter Marko <peter.marko@siemens.com<mailto:peter.marko@siemens.com>> Changelog [1]: * Fixes the following CVEs CVE-2025-59391 CVE-2025-65494 CVE-2025-65495 CVE-2025-65496 CVE-2025-65497 CVE-2025-65498 CVE-2025-65499 CVE-2025-65500 CVE-2025-65501 * CVE-2025-50518 not fixed as user application error. * Support for Mbed TLS 3.6.3. * Support for RIOT update changes. * Fixes for later CI environment builds. * Critical reported bugs fixed. Add tag to SRC_URI for hash verification. License-Update: copyright years refreshed [2] [1] https://github.com/obgm/libcoap/blob/v4.3.5a/ChangeLog [2] https://github.com/obgm/libcoap/commit/993c12ac92ce6a24a409924fe78a5c0fe7246699 Signed-off-by: Peter Marko <peter.marko@siemens.com<mailto:peter.marko@siemens.com>> --- .../libcoap/{libcoap_4.3.5.bb<http://libcoap_4.3.5.bb> => libcoap_4.3.5a.bb<http://libcoap_4.3.5a.bb>} | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename meta-networking/recipes-devtools/libcoap/{libcoap_4.3.5.bb<http://libcoap_4.3.5.bb> => libcoap_4.3.5a.bb<http://libcoap_4.3.5a.bb>} (93%) diff --git a/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5.bb<http://libcoap_4.3.5.bb> b/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5a.bb<http://libcoap_4.3.5a.bb> similarity index 93% rename from meta-networking/recipes-devtools/libcoap/libcoap_4.3.5.bb<http://libcoap_4.3.5.bb> rename to meta-networking/recipes-devtools/libcoap/libcoap_4.3.5a.bb<http://libcoap_4.3.5a.bb> index a4e5f5ca46..0a8dacc377 100644 --- a/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5.bb<http://libcoap_4.3.5.bb> +++ b/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5a.bb<http://libcoap_4.3.5a.bb> @@ -5,12 +5,12 @@ RF range, memory, bandwith, or network packet sizes." HOMEPAGE = "https://libcoap.net/" LICENSE = "BSD-2-Clause & BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=9aa68c0f6785376aa8ec7f4f1aa6ae3c" +LIC_FILES_CHKSUM = "file://LICENSE;md5=05d17535846895e23ea4c79b16a9e904" -SRC_URI = "git://github.com/obgm/libcoap.git;branch=main;protocol=https<http://github.com/obgm/libcoap.git;branch=main;protocol=https> \ +SRC_URI = "git://github.com/obgm/libcoap.git;branch=main;protocol=https;tag=v${PV}<http://github.com/obgm/libcoap.git;branch=main;protocol=https;tag=v$%7BPV%7D> \ This fails to fetch because the commit it not on main branch but on release-4.3.5-patches branch see https://autobuilder.yoctoproject.org/valkyrie/api/v2/logs/4396669/raw_inline I think bitbake -ccleanall <recipe> && bitbake <recipe> should reveal it file://run-ptest \ " -SRCREV = "7cf7465b784baded4de183290c547d582becfd28" +SRCREV = "e3fdcdcfbd1588754fe9dd4b754ac9397260f0f9" inherit autotools manpages pkgconfig ptest -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#122293): https://lists.openembedded.org/g/openembedded-devel/message/122293 Mute This Topic: https://lists.openembedded.org/mt/116602955/1997914 Group Owner: openembedded-devel+owner@lists.openembedded.org<mailto:openembedded-devel%2Bowner@lists.openembedded.org> Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [raj.khem@gmail.com<mailto:raj.khem@gmail.com>] -=-=-=-=-=-=-=-=-=-=-=-
diff --git a/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5.bb b/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5a.bb similarity index 93% rename from meta-networking/recipes-devtools/libcoap/libcoap_4.3.5.bb rename to meta-networking/recipes-devtools/libcoap/libcoap_4.3.5a.bb index a4e5f5ca46..0a8dacc377 100644 --- a/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5.bb +++ b/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5a.bb @@ -5,12 +5,12 @@ RF range, memory, bandwith, or network packet sizes." HOMEPAGE = "https://libcoap.net/" LICENSE = "BSD-2-Clause & BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=9aa68c0f6785376aa8ec7f4f1aa6ae3c" +LIC_FILES_CHKSUM = "file://LICENSE;md5=05d17535846895e23ea4c79b16a9e904" -SRC_URI = "git://github.com/obgm/libcoap.git;branch=main;protocol=https \ +SRC_URI = "git://github.com/obgm/libcoap.git;branch=main;protocol=https;tag=v${PV} \ file://run-ptest \ " -SRCREV = "7cf7465b784baded4de183290c547d582becfd28" +SRCREV = "e3fdcdcfbd1588754fe9dd4b754ac9397260f0f9" inherit autotools manpages pkgconfig ptest