| Message ID | cover.1767143616.git.anuj.mittal@oss.qualcomm.com |
|---|---|
| State | New, archived |
| Headers | show |
merged now thanks Anuj On Tue, Dec 30, 2025 at 5:19 PM Anuj Mittal via lists.openembedded.org <anuj.mittal=oss.qualcomm.com@lists.openembedded.org> wrote: > Please merge these changes in scarthgap. Tested on autobuilder and > locally. > > https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1211 > > The following changes since commit > e76bf51a92b41d4cb185fc164ae43a863910ccd1: > > redis: Refine CVE-2022-0543 status description (2025-12-22 07:49:04 > +0530) > > are available in the Git repository at: > > https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap > > https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap > > Ankur Tyagi (6): > cups-filters: patch CVE-2025-64524 > freerdp3: patch CVE-2025-68118 > dovecot: upgrade 2.3.21 -> 2.3.21.1 > libiec61850: patch CVE-2024-45969 > libcoap: ignore CVE-2023-51847 > libcoap: patch CVE-2025-59391 > > Gyorgy Sarvari (9): > accountservice: ignore CVE-2023-3297 > minio: ignore irrelevant CVEs > fio: ignore CVE-2025-10824 > postgresql: upgrade 16.10 -> 16.11 > sngrep: upgrade 1.8.1 -> 1.8.2 > libcoap: ignore CVE-2025-50518 > wolfssl: patch CVE-2025-7395 > zabbix: patch CVE-2025-49643 > atop: patch CVE-2025-31160 > > Hitendra Prajapati (1): > krb5: fix for CVE-2024-3596 > > Jason Schonberg (1): > Add missing HOMEPAGEs to xfce recipes > > Peter Marko (1): > libmemcached: ignore CVE-2023-27478 > > Vrushti Dabhi (1): > p7zip 16.02: Fix CVE-2022-47069 > > .../accountsservice_22.08.8.bb | 2 + > .../libiec61850/files/CVE-2024-45969.patch | 32 + > .../libiec61850/libiec61850_1.5.3.bb | 1 + > .../wolfssl/files/CVE-2025-7395-1.patch | 84 +++ > .../wolfssl/files/CVE-2025-7395-2.patch | 27 + > .../wolfssl/files/CVE-2025-7395-3.patch | 25 + > .../wolfssl/wolfssl_5.7.2.bb | 10 +- > .../libcoap/libcoap/CVE-2025-59391.patch | 88 +++ > .../recipes-devtools/libcoap/libcoap_4.3.4.bb | 4 + > ...{dovecot_2.3.21.bb => dovecot_2.3.21.1.bb} | 2 +- > .../libmemcached/libmemcached_1.0.18.bb | 2 + > .../{sngrep_1.8.1.bb => sngrep_1.8.2.bb} | 2 +- > meta-oe/recipes-benchmark/fio/fio_3.36.bb | 2 + > .../krb5/krb5/CVE-2024-3596.patch | 628 ++++++++++++++++++ > .../recipes-connectivity/krb5/krb5_1.21.3.bb | 1 + > .../zabbix/zabbix/CVE-2025-49643.patch | 38 ++ > .../zabbix/zabbix_6.2.9.bb | 1 + > ...c-bypass-autoconf-2.69-version-check.patch | 2 +- > ...ostgresql_16.10.bb => postgresql_16.11.bb} | 4 +- > meta-oe/recipes-extended/minio/minio_git.bb | 6 + > .../p7zip/files/CVE-2022-47069.patch | 63 ++ > meta-oe/recipes-extended/p7zip/p7zip_16.02.bb | 1 + > .../cups/cups-filters/CVE-2025-64524.patch | 81 +++ > .../cups/cups-filters_2.0.0.bb | 1 + > .../atop/atop/CVE-2025-31160.patch | 607 +++++++++++++++++ > meta-oe/recipes-support/atop/atop_2.4.0.bb | 1 + > .../freerdp/freerdp3/CVE-2025-68118.patch | 57 ++ > .../recipes-support/freerdp/freerdp3_3.4.0.bb | 1 + > meta-xfce/recipes-xfce/exo/exo_4.19.0.bb | 1 + > .../recipes-xfce/garcon/garcon_4.19.0.bb | 1 + > .../thunar-volman/thunar-volman_4.18.0.bb | 1 + > .../recipes-xfce/tumbler/tumbler_4.18.0.bb | 1 + > .../xfce4-appfinder/xfce4-appfinder_4.19.1.bb | 1 + > .../xfce4-panel/xfce4-panel_4.18.3.bb | 1 + > .../xfce4-session/xfce4-session_4.18.2.bb | 1 + > .../xfce4-settings/xfce4-settings_4.18.2.bb | 1 + > .../recipes-xfce/xfconf/xfconf_4.18.0.bb | 1 + > meta-xfce/recipes-xfce/xfwm4/xfwm4_4.18.0.bb | 1 + > 38 files changed, 1774 insertions(+), 9 deletions(-) > create mode 100644 > meta-networking/recipes-connectivity/libiec61850/files/CVE-2024-45969.patch > create mode 100644 > meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7395-1.patch > create mode 100644 > meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7395-2.patch > create mode 100644 > meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7395-3.patch > create mode 100644 > meta-networking/recipes-devtools/libcoap/libcoap/CVE-2025-59391.patch > rename meta-networking/recipes-support/dovecot/{dovecot_2.3.21.bb => > dovecot_2.3.21.1.bb} (97%) > rename meta-networking/recipes-support/sngrep/{sngrep_1.8.1.bb => > sngrep_1.8.2.bb} (95%) > create mode 100644 > meta-oe/recipes-connectivity/krb5/krb5/CVE-2024-3596.patch > create mode 100644 > meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2025-49643.patch > rename meta-oe/recipes-dbs/postgresql/{postgresql_16.10.bb => > postgresql_16.11.bb} (66%) > create mode 100644 > meta-oe/recipes-extended/p7zip/files/CVE-2022-47069.patch > create mode 100644 > meta-oe/recipes-printing/cups/cups-filters/CVE-2025-64524.patch > create mode 100644 meta-oe/recipes-support/atop/atop/CVE-2025-31160.patch > create mode 100644 > meta-oe/recipes-support/freerdp/freerdp3/CVE-2025-68118.patch > > -- > 2.52.0 > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#123039): > https://lists.openembedded.org/g/openembedded-devel/message/123039 > Mute This Topic: https://lists.openembedded.org/mt/117006582/1997914 > Group Owner: openembedded-devel+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [ > raj.khem@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- > >
Please merge these changes in scarthgap. Tested on autobuilder and locally. https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1211 The following changes since commit e76bf51a92b41d4cb185fc164ae43a863910ccd1: redis: Refine CVE-2022-0543 status description (2025-12-22 07:49:04 +0530) are available in the Git repository at: https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap Ankur Tyagi (6): cups-filters: patch CVE-2025-64524 freerdp3: patch CVE-2025-68118 dovecot: upgrade 2.3.21 -> 2.3.21.1 libiec61850: patch CVE-2024-45969 libcoap: ignore CVE-2023-51847 libcoap: patch CVE-2025-59391 Gyorgy Sarvari (9): accountservice: ignore CVE-2023-3297 minio: ignore irrelevant CVEs fio: ignore CVE-2025-10824 postgresql: upgrade 16.10 -> 16.11 sngrep: upgrade 1.8.1 -> 1.8.2 libcoap: ignore CVE-2025-50518 wolfssl: patch CVE-2025-7395 zabbix: patch CVE-2025-49643 atop: patch CVE-2025-31160 Hitendra Prajapati (1): krb5: fix for CVE-2024-3596 Jason Schonberg (1): Add missing HOMEPAGEs to xfce recipes Peter Marko (1): libmemcached: ignore CVE-2023-27478 Vrushti Dabhi (1): p7zip 16.02: Fix CVE-2022-47069 .../accountsservice_22.08.8.bb | 2 + .../libiec61850/files/CVE-2024-45969.patch | 32 + .../libiec61850/libiec61850_1.5.3.bb | 1 + .../wolfssl/files/CVE-2025-7395-1.patch | 84 +++ .../wolfssl/files/CVE-2025-7395-2.patch | 27 + .../wolfssl/files/CVE-2025-7395-3.patch | 25 + .../wolfssl/wolfssl_5.7.2.bb | 10 +- .../libcoap/libcoap/CVE-2025-59391.patch | 88 +++ .../recipes-devtools/libcoap/libcoap_4.3.4.bb | 4 + ...{dovecot_2.3.21.bb => dovecot_2.3.21.1.bb} | 2 +- .../libmemcached/libmemcached_1.0.18.bb | 2 + .../{sngrep_1.8.1.bb => sngrep_1.8.2.bb} | 2 +- meta-oe/recipes-benchmark/fio/fio_3.36.bb | 2 + .../krb5/krb5/CVE-2024-3596.patch | 628 ++++++++++++++++++ .../recipes-connectivity/krb5/krb5_1.21.3.bb | 1 + .../zabbix/zabbix/CVE-2025-49643.patch | 38 ++ .../zabbix/zabbix_6.2.9.bb | 1 + ...c-bypass-autoconf-2.69-version-check.patch | 2 +- ...ostgresql_16.10.bb => postgresql_16.11.bb} | 4 +- meta-oe/recipes-extended/minio/minio_git.bb | 6 + .../p7zip/files/CVE-2022-47069.patch | 63 ++ meta-oe/recipes-extended/p7zip/p7zip_16.02.bb | 1 + .../cups/cups-filters/CVE-2025-64524.patch | 81 +++ .../cups/cups-filters_2.0.0.bb | 1 + .../atop/atop/CVE-2025-31160.patch | 607 +++++++++++++++++ meta-oe/recipes-support/atop/atop_2.4.0.bb | 1 + .../freerdp/freerdp3/CVE-2025-68118.patch | 57 ++ .../recipes-support/freerdp/freerdp3_3.4.0.bb | 1 + meta-xfce/recipes-xfce/exo/exo_4.19.0.bb | 1 + .../recipes-xfce/garcon/garcon_4.19.0.bb | 1 + .../thunar-volman/thunar-volman_4.18.0.bb | 1 + .../recipes-xfce/tumbler/tumbler_4.18.0.bb | 1 + .../xfce4-appfinder/xfce4-appfinder_4.19.1.bb | 1 + .../xfce4-panel/xfce4-panel_4.18.3.bb | 1 + .../xfce4-session/xfce4-session_4.18.2.bb | 1 + .../xfce4-settings/xfce4-settings_4.18.2.bb | 1 + .../recipes-xfce/xfconf/xfconf_4.18.0.bb | 1 + meta-xfce/recipes-xfce/xfwm4/xfwm4_4.18.0.bb | 1 + 38 files changed, 1774 insertions(+), 9 deletions(-) create mode 100644 meta-networking/recipes-connectivity/libiec61850/files/CVE-2024-45969.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7395-1.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7395-2.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7395-3.patch create mode 100644 meta-networking/recipes-devtools/libcoap/libcoap/CVE-2025-59391.patch rename meta-networking/recipes-support/dovecot/{dovecot_2.3.21.bb => dovecot_2.3.21.1.bb} (97%) rename meta-networking/recipes-support/sngrep/{sngrep_1.8.1.bb => sngrep_1.8.2.bb} (95%) create mode 100644 meta-oe/recipes-connectivity/krb5/krb5/CVE-2024-3596.patch create mode 100644 meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2025-49643.patch rename meta-oe/recipes-dbs/postgresql/{postgresql_16.10.bb => postgresql_16.11.bb} (66%) create mode 100644 meta-oe/recipes-extended/p7zip/files/CVE-2022-47069.patch create mode 100644 meta-oe/recipes-printing/cups/cups-filters/CVE-2025-64524.patch create mode 100644 meta-oe/recipes-support/atop/atop/CVE-2025-31160.patch create mode 100644 meta-oe/recipes-support/freerdp/freerdp3/CVE-2025-68118.patch