| Message ID | 7038bb2d-09ba-48d0-9e58-0e7049d10707@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | scarthgap merge request: July 13th | expand |
merged now thanks. On Sun, Jul 13, 2025 at 11:27 AM akuster808 <akuster808@gmail.com> wrote: > > The following changes since commit 727811eaf256b88fd135be99559f2cbf14c82fce: > > imagemagick: guard sed operations in do_install for optional files > (2025-06-23 17:03:24 -0400) > > are available in the Git repository at: > > https://git.openembedded.org/meta-openembedded scarthgap-next > > for you to fetch changes up to e8fd97d86af86cdcc5a6eb3f301cbaf6a2084943: > > xfce4 update HOMEPAGEs (2025-07-10 20:29:57 -0400) > > ---------------------------------------------------------------- > Archana Polampalli (1): > tcpreplay: fix CVE-2024-22654 > > Changqing Li (3): > libblockdev: fix CVE-2025-6019 > udisks2: Hardening measure of CVE-2025-6019 > phpmyadmin: upgrade 5.2.1 -> 5.2.2 > > Chen Qi (2): > protobuf: upgrade from 4.25.3 to 4.25.8 > python3-protobuf: upgrade from 4.25.3 to 4.25.8 > > Guocai He (3): > python3-pylint: correct the SRC_URI > libconfig: correct the SRC_URI > logcheck: correct the SRC_URI > > Hitendra Prajapati (1): > libssh: fix CVE-2025-5318 > > J. S. (1): > xfce4 update HOMEPAGEs > > Martin Jansa (1): > python3-h5py: backport fixes for incompatible-pointer-types issues > > Roland Kovacs (1): > jq-1.7.1: Backport multiple CVE fixes > > Vijay Anusuri (1): > wireshark: upgrade 4.2.9 -> 4.2.12 > > .../tcpreplay/tcpreplay/CVE-2024-22654-0001.patch | 90 ++++ > .../tcpreplay/tcpreplay/CVE-2024-22654-0002.patch | 35 ++ > meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.4.bb | 2 + > .../wireshark/{wireshark_4.2.9.bb => wireshark_4.2.12.bb} | 8 +- > meta-oe/recipes-devtools/jq/jq/CVE-2024-23337.patch | 233 > ++++++++ > meta-oe/recipes-devtools/jq/jq/CVE-2024-53427.patch | 79 +++ > meta-oe/recipes-devtools/jq/jq/CVE-2025-48060.patch | 45 ++ > meta-oe/recipes-devtools/jq/jq_1.7.1.bb | 3 + > ...1-Add-recursion-check-when-parsing-unknown-fields-in-J.patch | 794 > ---------------------------- > .../protobuf/{protobuf_4.25.3.bb => protobuf_4.25.8.bb} | 3 +- > meta-oe/recipes-extended/libblockdev/files/CVE-2025-6019.patch | 31 ++ > meta-oe/recipes-extended/libblockdev/libblockdev_3.1.1.bb | 1 + > meta-oe/recipes-extended/libconfig/libconfig_1.7.3.bb | 2 +- > meta-oe/recipes-support/libssh/libssh/CVE-2025-5318.patch | 31 ++ > meta-oe/recipes-support/libssh/libssh_0.10.6.bb | 1 + > meta-oe/recipes-support/udisks/udisks2/CVE-2025-6019.patch | 51 ++ > meta-oe/recipes-support/udisks/udisks2_2.10.1.bb | 1 + > meta-perl/recipes-extended/logcheck/logcheck_1.4.3.bb | 2 +- > .../0001-Properly-cast-arguments-to-H5Lunpack_elink_val.patch | 25 + > .../python3-h5py/0002-Use-libc.stdint-instead-of-numpy.patch | 25 + > meta-python/recipes-devtools/python/python3-h5py_3.10.0.bb | 8 +- > .../{python3-protobuf_4.25.3.bb => python3-protobuf_4.25.8.bb} | 2 +- > meta-python/recipes-devtools/python/python3-pylint_3.1.0.bb | 2 +- > .../phpmyadmin/{phpmyadmin_5.2.1.bb => phpmyadmin_5.2.2.bb} | 4 +- > .../xfce4-mpc-plugin/xfce4-mpc-plugin_0.5.3.bb | 2 +- > .../recipes-panel-plugins/battery/xfce4-battery-plugin_1.1.5.bb | 2 +- > .../calculator/xfce4-calculator-plugin_0.7.2.bb | 2 +- > .../recipes-panel-plugins/clipman/xfce4-clipman-plugin_1.6.2.bb | 2 +- > .../recipes-panel-plugins/cpufreq/xfce4-cpufreq-plugin_1.2.8.bb | 2 +- > .../cpugraph/xfce4-cpugraph-plugin_1.2.8.bb | 2 +- > .../datetime/xfce4-datetime-plugin_0.8.3.bb | 2 +- > .../diskperf/xfce4-diskperf-plugin_2.7.0.bb | 2 +- > meta-xfce/recipes-panel-plugins/eyes/xfce4-eyes-plugin_4.6.0.bb | 2 +- > .../recipes-panel-plugins/fsguard/xfce4-fsguard-plugin_1.1.3.bb | 2 +- > .../recipes-panel-plugins/genmon/xfce4-genmon-plugin_4.2.0.bb | 2 +- > .../mailwatch/xfce4-mailwatch-plugin_1.3.1.bb | 2 +- > .../recipes-panel-plugins/mount/xfce4-mount-plugin_1.1.5.bb | 2 +- > .../recipes-panel-plugins/netload/xfce4-netload-plugin_1.4.1.bb | 2 +- > .../recipes-panel-plugins/notes/xfce4-notes-plugin_1.10.0.bb | 2 +- > .../recipes-panel-plugins/places/xfce4-places-plugin_1.8.3.bb | 2 +- > .../recipes-panel-plugins/sensors/xfce4-sensors-plugin_1.4.4.bb | 2 +- > .../smartbookmark/xfce4-smartbookmark-plugin_0.5.2.bb | 2 +- > .../systemload/xfce4-systemload-plugin_1.3.2.bb | 2 +- > .../time-out/xfce4-time-out-plugin_1.1.3.bb | 2 +- > .../recipes-panel-plugins/timer/xfce4-timer-plugin_1.7.2.bb | 2 +- > .../recipes-panel-plugins/verve/xfce4-verve-plugin_2.0.3.bb | 2 +- > .../recipes-panel-plugins/wavelan/xfce4-wavelan-plugin_0.6.3.bb | 2 +- > .../weather/xfce4-weather-plugin_0.11.1.bb | 2 +- > meta-xfce/recipes-panel-plugins/xkb/xfce4-xkb-plugin_0.8.2.bb | 2 +- > .../archive/thunar-archive-plugin_0.5.2.bb | 2 +- > .../xfce4-power-manager/xfce4-power-manager_4.18.1.bb | 2 +- > 51 files changed, 697 insertions(+), 835 deletions(-) > create mode 100644 > meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2024-22654-0001.patch > create mode 100644 > meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2024-22654-0002.patch > rename meta-networking/recipes-support/wireshark/{wireshark_4.2.9.bb > => wireshark_4.2.12.bb} (92%) > create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2024-23337.patch > create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2024-53427.patch > create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2025-48060.patch > delete mode 100644 > meta-oe/recipes-devtools/protobuf/protobuf/0001-Add-recursion-check-when-parsing-unknown-fields-in-J.patch > rename meta-oe/recipes-devtools/protobuf/{protobuf_4.25.3.bb => > protobuf_4.25.8.bb} (97%) > create mode 100644 > meta-oe/recipes-extended/libblockdev/files/CVE-2025-6019.patch > create mode 100644 > meta-oe/recipes-support/libssh/libssh/CVE-2025-5318.patch > create mode 100644 > meta-oe/recipes-support/udisks/udisks2/CVE-2025-6019.patch > create mode 100644 > meta-python/recipes-devtools/python/python3-h5py/0001-Properly-cast-arguments-to-H5Lunpack_elink_val.patch > create mode 100644 > meta-python/recipes-devtools/python/python3-h5py/0002-Use-libc.stdint-instead-of-numpy.patch > rename meta-python/recipes-devtools/python/{python3-protobuf_4.25.3.bb > => python3-protobuf_4.25.8.bb} (93%) > rename meta-webserver/recipes-php/phpmyadmin/{phpmyadmin_5.2.1.bb => > phpmyadmin_5.2.2.bb} (91%)
The following changes since commit 727811eaf256b88fd135be99559f2cbf14c82fce: imagemagick: guard sed operations in do_install for optional files (2025-06-23 17:03:24 -0400) are available in the Git repository at: https://git.openembedded.org/meta-openembedded scarthgap-next for you to fetch changes up to e8fd97d86af86cdcc5a6eb3f301cbaf6a2084943: xfce4 update HOMEPAGEs (2025-07-10 20:29:57 -0400) ---------------------------------------------------------------- Archana Polampalli (1): tcpreplay: fix CVE-2024-22654 Changqing Li (3): libblockdev: fix CVE-2025-6019 udisks2: Hardening measure of CVE-2025-6019 phpmyadmin: upgrade 5.2.1 -> 5.2.2 Chen Qi (2): protobuf: upgrade from 4.25.3 to 4.25.8 python3-protobuf: upgrade from 4.25.3 to 4.25.8 Guocai He (3): python3-pylint: correct the SRC_URI libconfig: correct the SRC_URI logcheck: correct the SRC_URI Hitendra Prajapati (1): libssh: fix CVE-2025-5318 J. S. (1): xfce4 update HOMEPAGEs Martin Jansa (1): python3-h5py: backport fixes for incompatible-pointer-types issues Roland Kovacs (1): jq-1.7.1: Backport multiple CVE fixes Vijay Anusuri (1): wireshark: upgrade 4.2.9 -> 4.2.12 .../tcpreplay/tcpreplay/CVE-2024-22654-0001.patch | 90 ++++ .../tcpreplay/tcpreplay/CVE-2024-22654-0002.patch | 35 ++ meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.4.bb | 2 + .../wireshark/{wireshark_4.2.9.bb => wireshark_4.2.12.bb} | 8 +- meta-oe/recipes-devtools/jq/jq/CVE-2024-23337.patch | 233 ++++++++ meta-oe/recipes-devtools/jq/jq/CVE-2024-53427.patch | 79 +++ meta-oe/recipes-devtools/jq/jq/CVE-2025-48060.patch | 45 ++ meta-oe/recipes-devtools/jq/jq_1.7.1.bb | 3 + ...1-Add-recursion-check-when-parsing-unknown-fields-in-J.patch | 794 ---------------------------- .../protobuf/{protobuf_4.25.3.bb => protobuf_4.25.8.bb} | 3 +- meta-oe/recipes-extended/libblockdev/files/CVE-2025-6019.patch | 31 ++ meta-oe/recipes-extended/libblockdev/libblockdev_3.1.1.bb | 1 + meta-oe/recipes-extended/libconfig/libconfig_1.7.3.bb | 2 +- meta-oe/recipes-support/libssh/libssh/CVE-2025-5318.patch | 31 ++ meta-oe/recipes-support/libssh/libssh_0.10.6.bb | 1 + meta-oe/recipes-support/udisks/udisks2/CVE-2025-6019.patch | 51 ++ meta-oe/recipes-support/udisks/udisks2_2.10.1.bb | 1 + meta-perl/recipes-extended/logcheck/logcheck_1.4.3.bb | 2 +- .../0001-Properly-cast-arguments-to-H5Lunpack_elink_val.patch | 25 + .../python3-h5py/0002-Use-libc.stdint-instead-of-numpy.patch | 25 + meta-python/recipes-devtools/python/python3-h5py_3.10.0.bb | 8 +- .../{python3-protobuf_4.25.3.bb => python3-protobuf_4.25.8.bb} | 2 +- meta-python/recipes-devtools/python/python3-pylint_3.1.0.bb | 2 +- .../phpmyadmin/{phpmyadmin_5.2.1.bb => phpmyadmin_5.2.2.bb} | 4 +- .../xfce4-mpc-plugin/xfce4-mpc-plugin_0.5.3.bb | 2 +- .../recipes-panel-plugins/battery/xfce4-battery-plugin_1.1.5.bb | 2 +- .../calculator/xfce4-calculator-plugin_0.7.2.bb | 2 +- .../recipes-panel-plugins/clipman/xfce4-clipman-plugin_1.6.2.bb | 2 +- .../recipes-panel-plugins/cpufreq/xfce4-cpufreq-plugin_1.2.8.bb | 2 +- .../cpugraph/xfce4-cpugraph-plugin_1.2.8.bb | 2 +- .../datetime/xfce4-datetime-plugin_0.8.3.bb | 2 +- .../diskperf/xfce4-diskperf-plugin_2.7.0.bb | 2 +- meta-xfce/recipes-panel-plugins/eyes/xfce4-eyes-plugin_4.6.0.bb | 2 +- .../recipes-panel-plugins/fsguard/xfce4-fsguard-plugin_1.1.3.bb | 2 +- .../recipes-panel-plugins/genmon/xfce4-genmon-plugin_4.2.0.bb | 2 +- .../mailwatch/xfce4-mailwatch-plugin_1.3.1.bb | 2 +- .../recipes-panel-plugins/mount/xfce4-mount-plugin_1.1.5.bb | 2 +- .../recipes-panel-plugins/netload/xfce4-netload-plugin_1.4.1.bb | 2 +- .../recipes-panel-plugins/notes/xfce4-notes-plugin_1.10.0.bb | 2 +- .../recipes-panel-plugins/places/xfce4-places-plugin_1.8.3.bb | 2 +- .../recipes-panel-plugins/sensors/xfce4-sensors-plugin_1.4.4.bb | 2 +- .../smartbookmark/xfce4-smartbookmark-plugin_0.5.2.bb | 2 +- .../systemload/xfce4-systemload-plugin_1.3.2.bb | 2 +- .../time-out/xfce4-time-out-plugin_1.1.3.bb | 2 +- .../recipes-panel-plugins/timer/xfce4-timer-plugin_1.7.2.bb | 2 +- .../recipes-panel-plugins/verve/xfce4-verve-plugin_2.0.3.bb | 2 +- .../recipes-panel-plugins/wavelan/xfce4-wavelan-plugin_0.6.3.bb | 2 +- .../weather/xfce4-weather-plugin_0.11.1.bb | 2 +- meta-xfce/recipes-panel-plugins/xkb/xfce4-xkb-plugin_0.8.2.bb | 2 +- .../archive/thunar-archive-plugin_0.5.2.bb | 2 +- .../xfce4-power-manager/xfce4-power-manager_4.18.1.bb | 2 +- 51 files changed, 697 insertions(+), 835 deletions(-) create mode 100644 meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2024-22654-0001.patch create mode 100644 meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2024-22654-0002.patch rename meta-networking/recipes-support/wireshark/{wireshark_4.2.9.bb => wireshark_4.2.12.bb} (92%) create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2024-23337.patch create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2024-53427.patch create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2025-48060.patch delete mode 100644 meta-oe/recipes-devtools/protobuf/protobuf/0001-Add-recursion-check-when-parsing-unknown-fields-in-J.patch rename meta-oe/recipes-devtools/protobuf/{protobuf_4.25.3.bb => protobuf_4.25.8.bb} (97%) create mode 100644 meta-oe/recipes-extended/libblockdev/files/CVE-2025-6019.patch create mode 100644 meta-oe/recipes-support/libssh/libssh/CVE-2025-5318.patch create mode 100644 meta-oe/recipes-support/udisks/udisks2/CVE-2025-6019.patch create mode 100644 meta-python/recipes-devtools/python/python3-h5py/0001-Properly-cast-arguments-to-H5Lunpack_elink_val.patch create mode 100644 meta-python/recipes-devtools/python/python3-h5py/0002-Use-libc.stdint-instead-of-numpy.patch rename meta-python/recipes-devtools/python/{python3-protobuf_4.25.3.bb => python3-protobuf_4.25.8.bb} (93%) rename meta-webserver/recipes-php/phpmyadmin/{phpmyadmin_5.2.1.bb => phpmyadmin_5.2.2.bb} (91%)