diff mbox series

[meta-oe] capnproto: upgrade 1.0.2 -> 1.4.0

Message ID 20260316122129.1146050-1-skandigraun@gmail.com
State Under Review
Headers show
Series [meta-oe] capnproto: upgrade 1.0.2 -> 1.4.0 | expand

Commit Message

Gyorgy Sarvari March 16, 2026, 12:21 p.m. UTC 
Contains fix for CVE-2026-32239 and CVE-2026-32240

Also, mark these CVEs explicitly patched, because NVD tracks them
without version info at this time.

Shortlog:
https://github.com/capnproto/capnproto/compare/v1.0.2...v1.4.0

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../capnproto/{capnproto_1.0.2.bb => capnproto_1.4.0.bb}   | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)
 rename meta-oe/recipes-devtools/capnproto/{capnproto_1.0.2.bb => capnproto_1.4.0.bb} (79%)
diff mbox series

Patch

diff --git a/meta-oe/recipes-devtools/capnproto/capnproto_1.0.2.bb b/meta-oe/recipes-devtools/capnproto/capnproto_1.4.0.bb
similarity index 79%
rename from meta-oe/recipes-devtools/capnproto/capnproto_1.0.2.bb
rename to meta-oe/recipes-devtools/capnproto/capnproto_1.4.0.bb
index 0ea243fd20..948ff80345 100644
--- a/meta-oe/recipes-devtools/capnproto/capnproto_1.0.2.bb
+++ b/meta-oe/recipes-devtools/capnproto/capnproto_1.4.0.bb
@@ -5,9 +5,9 @@  SECTION = "console/tools"
 LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://../LICENSE;md5=a05663ae6cca874123bf667a60dca8c9"
 
-SRC_URI = "git://github.com/sandstorm-io/capnproto.git;branch=release-${PV};protocol=https \
+SRC_URI = "git://github.com/sandstorm-io/capnproto.git;branch=release-${PV};protocol=https;tag=v${PV} \
            file://0001-Export-binaries-only-for-native-build.patch"
-SRCREV = "1a0e12c0a3ba1f0dbbad45ddfef555166e0a14fc"
+SRCREV = "8b892a8a11a632f5d52b877a49728808a142379a"
 
 S = "${UNPACKDIR}/${BP}/c++"
 
@@ -29,3 +29,6 @@  PACKAGE_BEFORE_PN = "${PN}-compiler"
 RDEPENDS:${PN}-dev += "${PN}-compiler"
 
 BBCLASSEXTEND = "native nativesdk"
+
+CVE_STATUS[CVE-2026-32239] = "fixed-version: fixed in 1.4.0"
+CVE_STATUS[CVE-2026-32240] = "fixed-version: fixed in 1.4.0"