mbox

[00/10] Scarthgap pull request

Message ID cover.1765460789.git.anuj.mittal@oss.qualcomm.com
State New
Headers show

Pull-request

https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap

Message

Anuj Mittal Dec. 11, 2025, 2:05 p.m. UTC 
Please merge these changes in scarthgap.

https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1172

The following changes since commit 7ed4330bcf1ecd4aa34bfbe1fd7079381b62b1e7:

  net-snmp: Update Upstream-status in the net-snmp-5.9.4-kernel-6.7.patch (2025-12-05 17:46:29 +0530)

are available in the Git repository at:

  https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap
  https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap

Ankur Tyagi (3):
  python3-django: upgrade 5.0.11 -> 5.0.14
  smarty: update CVE_PRODUCT
  libavif: patch CVE-2025-48174

Hitendra Prajapati (1):
  wireshark: fix CVE-2025-13499

Peter Marko (1):
  nftables: remove python dependency from main package

Sudhir Dumbhare (1):
  hdf5 1.14.4-3: fix CVE-2025-2912

Valeria Petrov (1):
  apache2: upgrade 2.4.65 -> 2.4.66

Vijay Anusuri (1):
  proftpd: Fix CVE-2023-48795

Viswanath Kraleti (1):
  gflags: switch Git branch from master to main

Wang Mingyu (1):
  corosync: upgrade 3.1.9 -> 3.1.10

 .../libavif/libavif/CVE-2025-48174_1.patch    |  27 +
 .../libavif/libavif/CVE-2025-48174_2.patch    |  31 +
 .../libavif/libavif/CVE-2025-48174_3.patch    |  27 +
 .../libavif/libavif/CVE-2025-48174_4.patch    |  72 ++
 .../libavif/libavif_1.0.1.bb                  |   7 +-
 .../proftpd/files/CVE-2023-48795.patch        | 785 ++++++++++++++++++
 .../recipes-daemons/proftpd/proftpd_1.3.7f.bb |   1 +
 .../corosync/corosync/CVE-2025-30472.patch    |  69 --
 .../{corosync_3.1.9.bb => corosync_3.1.10.bb} |   5 +-
 .../recipes-filter/nftables/nftables_1.0.9.bb |   2 +
 .../wireshark/files/CVE-2025-13499.patch      |  45 +
 .../wireshark/wireshark_4.2.14.bb             |   1 +
 .../recipes-support/gflags/gflags_2.2.2.bb    |   2 +-
 ...atch => CVE-2025-2913-CVE-2025-2912.patch} |   3 +-
 meta-oe/recipes-support/hdf5/hdf5_1.14.4-3.bb |   2 +-
 .../recipes-support/smarty/smarty_4.4.1.bb    |   2 +
 .../python3-django/CVE-2025-26699.patch       | 100 ---
 ...ngo_5.0.11.bb => python3-django_5.0.14.bb} |   4 +-
 .../{apache2_2.4.65.bb => apache2_2.4.66.bb}  |   2 +-
 19 files changed, 1007 insertions(+), 180 deletions(-)
 create mode 100644 meta-multimedia/recipes-multimedia/libavif/libavif/CVE-2025-48174_1.patch
 create mode 100644 meta-multimedia/recipes-multimedia/libavif/libavif/CVE-2025-48174_2.patch
 create mode 100644 meta-multimedia/recipes-multimedia/libavif/libavif/CVE-2025-48174_3.patch
 create mode 100644 meta-multimedia/recipes-multimedia/libavif/libavif/CVE-2025-48174_4.patch
 create mode 100644 meta-networking/recipes-daemons/proftpd/files/CVE-2023-48795.patch
 delete mode 100644 meta-networking/recipes-extended/corosync/corosync/CVE-2025-30472.patch
 rename meta-networking/recipes-extended/corosync/{corosync_3.1.9.bb => corosync_3.1.10.bb} (94%)
 create mode 100644 meta-networking/recipes-support/wireshark/files/CVE-2025-13499.patch
 rename meta-oe/recipes-support/hdf5/files/{CVE-2025-2913.patch => CVE-2025-2913-CVE-2025-2912.patch} (94%)
 delete mode 100644 meta-python/recipes-devtools/python/python3-django/CVE-2025-26699.patch
 rename meta-python/recipes-devtools/python/{python3-django_5.0.11.bb => python3-django_5.0.14.bb} (65%)
 rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.65.bb => apache2_2.4.66.bb} (99%)