[0/9] Scarthgap pull request

Message ID	cover.1764335008.git.anuj.mittal@oss.qualcomm.com
State	New, archived
Headers	show Return-Path: <anuj.mittal@oss.qualcomm.com> ip: 205.220.180.131, mailfrom: anuj.mittal@oss.qualcomm.com) From: Anuj Mittal <anuj.mittal@oss.qualcomm.com> To: raj.khem@gmail.com, openembedded-devel@lists.openembedded.org Subject: [PATCH 0/9] Scarthgap pull request Date: Fri, 28 Nov 2025 19:24:51 +0530 Message-ID: <cover.1764335008.git.anuj.mittal@oss.qualcomm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit

Message ID

cover.1764335008.git.anuj.mittal@oss.qualcomm.com

State

New, archived

Headers

From: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
To: raj.khem@gmail.com, openembedded-devel@lists.openembedded.org
Subject: [PATCH 0/9] Scarthgap pull request
Date: Fri, 28 Nov 2025 19:24:51 +0530
Message-ID: <cover.1764335008.git.anuj.mittal@oss.qualcomm.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Message

Anuj Mittal Nov. 28, 2025, 1:54 p.m. UTC

Please merge these changes for scarthgap. Tested on AB and locally.

https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1130

The following changes since commit b79cf94b4d53d75ddc4b4f468c1b1ad42a3fffe2:

  grilo: fix buildpaths QA error (2025-11-19 16:56:37 +0530)

are available in the Git repository at:

  https://github.com/anujm1/meta-openembedded anujm/scarthgap
  https://github.com/anujm1/meta-openembedded/tree/anujm/scarthgap

Gyorgy Sarvari (1):
  cockpit: set correct CVE_PRODUCT

Gyorgy Sarvari via lists.openembedded.org (1):
  links: set CVE_PRODUCT

Hugo SIMELIERE (2):
  libwebsockets: fix CVE-2025-11677
  libwebsockets: fix CVE-2025-11678

Khem Raj (1):
  ot-br-posix: Define config files explicitly

Pavel Zhukov (1):
  fbida: Require opengl feature for pdf only

Peter Marko (1):
  uw-imap: patch CVE-2018-19518

Yoann Congal (1):
  zfs: fix host-related reproducibility

Zhang Peng (1):
  frr: fix CVE-2024-55553

 .../recipes-filesystems/zfs/zfs_2.2.2.bb      |   6 +
 .../openthread/ot-br-posix_git.bb             |   2 +
 .../frr/frr/CVE-2024-55553.patch              | 253 ++++++++++++++++++
 .../recipes-protocols/frr/frr_9.1.3.bb        |   1 +
 .../libwebsockets/CVE-2025-11677.patch        | 161 +++++++++++
 .../libwebsockets/CVE-2025-11678.patch        | 128 +++++++++
 .../libwebsockets/libwebsockets_4.3.3.bb      |   5 +-
 .../uw-imap/uw-imap/CVE-2018-19518.patch      |  24 ++
 .../recipes-devtools/uw-imap/uw-imap_2007f.bb |   1 +
 meta-oe/recipes-graphics/fbida/fbida_git.bb   |   2 +-
 meta-oe/recipes-support/links/links.inc       |   2 +
 .../recipes-webadmin/cockpit/cockpit_304.bb   |   2 +
 12 files changed, 585 insertions(+), 2 deletions(-)
 create mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2024-55553.patch
 create mode 100644 meta-oe/recipes-connectivity/libwebsockets/libwebsockets/CVE-2025-11677.patch
 create mode 100644 meta-oe/recipes-connectivity/libwebsockets/libwebsockets/CVE-2025-11678.patch
 create mode 100644 meta-oe/recipes-devtools/uw-imap/uw-imap/CVE-2018-19518.patch

Comments

Khem Raj Nov. 28, 2025, 7:29 p.m. UTC | #1

Anuj

Thanks for the PR, I wanted to note that this commit

https://github.com/anujm1/meta-openembedded/commit/1ce52bafebe3fa90771c823d790bafacbb42d092

results in

remote: Invalid author Gyorgy Sarvari via lists.openembedded.org

It has an author field that is rejected by the install hook. I have fixed
it before installing this patchset, but it will be worth
to investigate the trail of this patch and see how it got the author the
way it is in patch



On Fri, Nov 28, 2025 at 5:55 AM Anuj Mittal <anuj.mittal@oss.qualcomm.com>
wrote:

> Please merge these changes for scarthgap. Tested on AB and locally.
>
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1130
>
> The following changes since commit
> b79cf94b4d53d75ddc4b4f468c1b1ad42a3fffe2:
>
>   grilo: fix buildpaths QA error (2025-11-19 16:56:37 +0530)
>
> are available in the Git repository at:
>
>   https://github.com/anujm1/meta-openembedded anujm/scarthgap
>   https://github.com/anujm1/meta-openembedded/tree/anujm/scarthgap
>
> Gyorgy Sarvari (1):
>   cockpit: set correct CVE_PRODUCT
>
> Gyorgy Sarvari via lists.openembedded.org (1):
>   links: set CVE_PRODUCT
>
> Hugo SIMELIERE (2):
>   libwebsockets: fix CVE-2025-11677
>   libwebsockets: fix CVE-2025-11678
>
> Khem Raj (1):
>   ot-br-posix: Define config files explicitly
>
> Pavel Zhukov (1):
>   fbida: Require opengl feature for pdf only
>
> Peter Marko (1):
>   uw-imap: patch CVE-2018-19518
>
> Yoann Congal (1):
>   zfs: fix host-related reproducibility
>
> Zhang Peng (1):
>   frr: fix CVE-2024-55553
>
>  .../recipes-filesystems/zfs/zfs_2.2.2.bb      |   6 +
>  .../openthread/ot-br-posix_git.bb             |   2 +
>  .../frr/frr/CVE-2024-55553.patch              | 253 ++++++++++++++++++
>  .../recipes-protocols/frr/frr_9.1.3.bb        |   1 +
>  .../libwebsockets/CVE-2025-11677.patch        | 161 +++++++++++
>  .../libwebsockets/CVE-2025-11678.patch        | 128 +++++++++
>  .../libwebsockets/libwebsockets_4.3.3.bb      |   5 +-
>  .../uw-imap/uw-imap/CVE-2018-19518.patch      |  24 ++
>  .../recipes-devtools/uw-imap/uw-imap_2007f.bb |   1 +
>  meta-oe/recipes-graphics/fbida/fbida_git.bb   |   2 +-
>  meta-oe/recipes-support/links/links.inc       |   2 +
>  .../recipes-webadmin/cockpit/cockpit_304.bb   |   2 +
>  12 files changed, 585 insertions(+), 2 deletions(-)
>  create mode 100644
> meta-networking/recipes-protocols/frr/frr/CVE-2024-55553.patch
>  create mode 100644
> meta-oe/recipes-connectivity/libwebsockets/libwebsockets/CVE-2025-11677.patch
>  create mode 100644
> meta-oe/recipes-connectivity/libwebsockets/libwebsockets/CVE-2025-11678.patch
>  create mode 100644
> meta-oe/recipes-devtools/uw-imap/uw-imap/CVE-2018-19518.patch
>
> --
> 2.52.0
>
>

[0/9] Scarthgap pull request

Pull-request

Message

Comments