[meta-networking] tinyproxy: upgrade 1.11.2 -> 1.11.3

Message ID	20260406165336.3850058-1-skandigraun@gmail.com
State	Under Review
Headers	show Return-Path: <skandigraun@gmail.com> ip: 209.85.128.50, mailfrom: skandigraun@gmail.com) From: Gyorgy Sarvari <skandigraun@gmail.com> To: openembedded-devel@lists.openembedded.org Subject: [meta-networking][PATCH] tinyproxy: upgrade 1.11.2 -> 1.11.3 Date: Mon, 6 Apr 2026 18:53:36 +0200 Message-ID: <20260406165336.3850058-1-skandigraun@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[meta-networking] tinyproxy: upgrade 1.11.2 -> 1.11.3 \| expand [meta-networking] tinyproxy: upgrade 1.11.2 -> 1.11.3

Message ID

20260406165336.3850058-1-skandigraun@gmail.com

State

Under Review

Headers

From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-networking][PATCH] tinyproxy: upgrade 1.11.2 -> 1.11.3
Date: Mon,  6 Apr 2026 18:53:36 +0200
Message-ID: <20260406165336.3850058-1-skandigraun@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[meta-networking] tinyproxy: upgrade 1.11.2 -> 1.11.3 | expand

Commit Message

Gyorgy Sarvari April 6, 2026, 4:53 p.m. UTC

Drop patch that was merged upstream.

Shortlog: https://github.com/tinyproxy/tinyproxy/compare/1.11.2...1.11.3

Ptests passed successfully:

root@qemux86-64:~# ptest-runner
START: ptest-runner
2026-04-06T15:25
BEGIN: /usr/lib/tinyproxy/ptest
starting web server... done. listening on 127.0.0.3:32123
starting tinyproxy... done (listening on 127.0.0.2:12321)
waiting for 1 seconds. 1  done
checking direct connection to web server... ok
testing connection through tinyproxy... ok
requesting statspage via stathost url... ok
signaling tinyproxy to reload config...ok
checking direct connection to web server... ok
testing connection through tinyproxy... ok
requesting statspage via stathost url... ok
checking bogus request... ok, got expected error code 400
testing connection to filtered domain... ok, got expected error code 403
requesting connect method to denied port... ok, got expected error code 403
testing unavailable backend... ok, got expected error code 502
0 errors
killing tinyproxy... ok
killing webserver... ok
done
PASS: run_tests.sh
DURATION: 2
END: /usr/lib/tinyproxy/ptest
2026-04-06T15:25
STOP: ptest-runner
TOTAL: 1 FAIL: 0

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../tinyproxy/tinyproxy/CVE-2025-63938.patch  | 43 -------------------
 ...inyproxy_1.11.2.bb => tinyproxy_1.11.3.bb} |  3 +-
 2 files changed, 1 insertion(+), 45 deletions(-)
 delete mode 100644 meta-networking/recipes-support/tinyproxy/tinyproxy/CVE-2025-63938.patch
 rename meta-networking/recipes-support/tinyproxy/{tinyproxy_1.11.2.bb => tinyproxy_1.11.3.bb} (94%)

diff --git a/meta-networking/recipes-support/tinyproxy/tinyproxy/CVE-2025-63938.patch b/meta-networking/recipes-support/tinyproxy/tinyproxy/CVE-2025-63938.patch
deleted file mode 100644
index e06e0d3eae..0000000000
--- a/meta-networking/recipes-support/tinyproxy/tinyproxy/CVE-2025-63938.patch
+++ /dev/null
@@ -1,43 +0,0 @@ 
-From cee659d2ac1e4e9d1ce388338f46df6c4bae8278 Mon Sep 17 00:00:00 2001
-From: Gyorgy Sarvari <skandigraun@gmail.com>
-Date: Fri, 17 Oct 2025 22:57:39 +0000
-Subject: [PATCH] reqs: fix integer overflow in port number processing
-
-From: rofl0r <rofl0r@users.noreply.github.com>
-
-closes #586
-
-CVE: CVE-2025-63938
-Upstream-Status: Backport [https://github.com/tinyproxy/tinyproxy/commit/3c0fde94981b025271ffa1788ae425257841bf5a]
-Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
----
- src/reqs.c | 9 ++++++---
- 1 file changed, 6 insertions(+), 3 deletions(-)
-
-diff --git a/src/reqs.c b/src/reqs.c
-index a65ed54..1e5895c 100644
---- a/src/reqs.c
-+++ b/src/reqs.c
-@@ -174,7 +174,7 @@ static int strip_return_port (char *host)
- {
-         char *ptr1;
-         char *ptr2;
--        int port;
-+        unsigned port;
- 
-         ptr1 = strrchr (host, ':');
-         if (ptr1 == NULL)
-@@ -186,8 +186,11 @@ static int strip_return_port (char *host)
-                 return 0;
- 
-         *ptr1++ = '\0';
--        if (sscanf (ptr1, "%d", &port) != 1)    /* one conversion required */
--                return 0;
-+
-+        port = atoi(ptr1);
-+        /* check that port string is in the valid range 1-0xffff) */
-+        if(strlen(ptr1) > 5 || (port & 0xffff0000)) return 0;
-+
-         return port;
- }
- 
diff --git a/meta-networking/recipes-support/tinyproxy/tinyproxy_1.11.2.bb b/meta-networking/recipes-support/tinyproxy/tinyproxy_1.11.3.bb
similarity index 94%
rename from meta-networking/recipes-support/tinyproxy/tinyproxy_1.11.2.bb
rename to meta-networking/recipes-support/tinyproxy/tinyproxy_1.11.3.bb
index 8558291c18..745c55bc0d 100644
--- a/meta-networking/recipes-support/tinyproxy/tinyproxy_1.11.2.bb
+++ b/meta-networking/recipes-support/tinyproxy/tinyproxy_1.11.3.bb
@@ -7,10 +7,9 @@  SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.gz
            file://tinyproxy.service \
            file://tinyproxy.conf \
            file://run-ptest \
-           file://CVE-2025-63938.patch \
            "
 
-SRC_URI[sha256sum] = "2c8fe5496f2c642bfd189020504ab98d74b9edbafcdb94d9f108e157b5bdf96d"
+SRC_URI[sha256sum] = "9bcf46db1a2375ff3e3d27a41982f1efec4706cce8899ff9f33323a8218f7592"
 
 UPSTREAM_CHECK_URI = "https://github.com/tinyproxy/tinyproxy/releases"

[meta-networking] tinyproxy: upgrade 1.11.2 -> 1.11.3

Commit Message

Patch