mbox

[00/42] Whinlatter pull request

Message ID cover.1769137698.git.anuj.mittal@oss.qualcomm.com
State New
Headers show

Pull-request

https://git.openembedded.org/meta-openembedded-contrib stable/whinlatter-next

Message

Anuj Mittal Jan. 23, 2026, 3:11 a.m. UTC 
Please merge these changes in whinlatter. Tested on autobuilder and
locally.

https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1259

The following changes since commit c6849e7529727a2c9eca0f9220836bd0d69ce086:

  python3-django: upgrade 5.2.8 -> 5.2.9 (2026-01-06 18:07:59 +0530)

are available in the Git repository at:

  https://git.openembedded.org/meta-openembedded-contrib stable/whinlatter-next
  https://git.openembedded.org/meta-openembedded-contrib/log/?h=stable/whinlatter-next

Ankur Tyagi (5):
  php: upgrade 8.4.16 -> 8.4.17
  mozjs-128: Fix build error with arm and musl
  libjxl: Fix build error with arm and musl
  influxdb: ignore CVE-2024-30896
  frr: upgrade 10.4.1 -> 10.4.2

Dmitry Baryshkov (1):
  vulkan-cts: upgrade 1.4.4.0 -> 1.4.4.2

Gyorgy Sarvari (16):
  nodejs: remove extra CVE_PRODUCT
  smarty: extend CVE_PRODUCT
  raptor2: set CVE_PRODUCT
  libcereal: set CVE_PRODUCT
  asyncmqtt: set CVE_PRODUCT
  boinc-client: set CVE_PRODUCT
  boinc-client: mark CVE-2013-2018 patched
  lmdb: patch CVE-2026-22185
  xerces-c: set CVE_PRODUCT
  dante: upgrade 1.4.3 -> 1.4.4
  tinyproxy: patch CVE-2025-63938
  python3-scapy: set CVE_PRODUCT
  nginx: set CVE_PRODUCT
  softhsm: fix SRC_URI branch
  ncp: update SRC_URI
  libowfat: update SRC_URI

Jason Schonberg (1):
  nginx: upgrade 1.28.0 -> 1.28.1

Jiaying Song (1):
  minicoredumper: fix 2038 year problem in timestamp handling

Khem Raj (2):
  vboxguestdrivers: Upgrade to 7.2.4
  dante: Add _GNU_SOURCE for musl builds

Liu Yiding (2):
  liblognorm: upgrade 2.0.7 -> 2.0.8
  libsdl3: upgrade 3.2.28 -> 3.2.30

Peter Marko (4):
  net-snmp: patch CVE-2025-68615
  libsodium: patch CVE-2025-69277
  libcoap: set CVE version suffix
  nginx: ignore CVE-2025-53859 for 1.28.1

Sanjay Chitroda (1):
  recipes-core/toybox: Switch SRC_URI to HTTPS for reliable fetch

Wang Mingyu (9):
  python3-psycopg: upgrade 3.2.12 -> 3.2.13
  parallel: upgrade 20251022 -> 20251122
  libsdl3: upgrade 3.2.26 -> 3.2.28
  usb-modeswitch-data: upgrade 20191128 -> 20251207
  usb-modeswitch: upgrade 2.6.1 -> 2.6.2
  microsoft-gsl: upgrade 4.2.0 -> 4.2.1
  cryptsetup: upgrade 2.8.1 -> 2.8.3
  libdecor: upgrade 0.2.4 -> 0.2.5
  libsdl3-image: upgrade 3.2.4 -> 3.2.6

 .../libcoap/libcoap_4.3.5a.bb                 |   2 +
 .../python/python3-scapy_2.6.1.bb             |   2 +
 .../dante/{dante_1.4.3.bb => dante_1.4.4.bb}  |   6 +-
 .../frr/{frr_10.4.1.bb => frr_10.4.2.bb}      |   2 +-
 .../net-snmp/net-snmp/CVE-2025-68615.patch    |  33 +++++
 .../net-snmp/net-snmp_5.9.4.bb                |   1 +
 .../recipes-support/ncp/libowfat_0.32.bb      |   2 +-
 .../recipes-support/ncp/ncp_1.2.4.bb          |   2 +-
 .../tinyproxy/tinyproxy/CVE-2025-63938.patch  |  43 ++++++
 .../tinyproxy/tinyproxy_1.11.2.bb             |   1 +
 .../asyncmqtt/asyncmqtt_10.2.6.bb             |   2 +
 meta-oe/recipes-core/toybox/toybox_0.8.13.bb  |   2 +-
 ...ryptsetup_2.8.1.bb => cryptsetup_2.8.3.bb} |   2 +-
 .../libsodium/libsodium/CVE-2025-69277.patch  |  61 ++++++++
 .../libsodium/libsodium_1.0.20.bb             |   2 +
 .../recipes-dbs/influxdb/influxdb_1.8.10.bb   |   1 +
 .../lmdb/files/CVE-2026-22185.patch           |  31 +++++
 meta-oe/recipes-dbs/lmdb/lmdb_0.9.31.bb       |   1 +
 ...ft-gsl_4.2.0.bb => microsoft-gsl_4.2.1.bb} |   8 +-
 .../recipes-devtools/nodejs/nodejs_22.21.1.bb |   2 -
 .../php/{php_8.4.16.bb => php_8.4.17.bb}      |   2 +-
 ...pg_3.2.12.bb => python3-psycopg_3.2.13.bb} |   2 +-
 .../xerces-c/xerces-c_3.3.0.bb                |   2 +
 .../boinc/boinc-client_7.20.5.bb              |   4 +
 ...iblognorm_2.0.7.bb => liblognorm_2.0.8.bb} |   3 +-
 ...001-Cargo.toml-do-not-abort-on-panic.patch |   2 +-
 ...nfigure-do-not-look-for-llvm-objdump.patch |   2 +-
 ...o-not-try-to-find-a-suitable-upstrea.patch |   2 +-
 .../mozjs-128/0004-use-asm-sgidefs.h.patch    |   2 +-
 ...2.patch => 0005-Add-RISCV32-support.patch} |   2 +-
 ...x-one-occasionally-reproduced-confi.patch} |   2 +-
 ...ewrite-cargo-host-linker-in-python3.patch} |   2 +-
 ...e-stack-unwinder-like-glibc-therefo.patch} |   2 +-
 ...om-firefox-bugzilla-to-fix-compile-.patch} |   2 +-
 ...on-isn-t-available-in-ARMv5-or-v6-s.patch} |   2 +-
 ...ith-icu-uc-to-fix-build-with-ICU-76.patch} |   2 +-
 ...gc-and-riscv32gc-as-valid-architect.patch} |  38 +++--
 .../0013-Fix-build-error-with-musl.patch      |  30 ++++
 .../mozjs/mozjs-128_128.5.2.bb                |  17 +--
 ...allel_20251022.bb => parallel_20251122.bb} |   2 +-
 .../{libdecor_0.2.4.bb => libdecor_0.2.5.bb}  |   2 +-
 ...-image_3.2.4.bb => libsdl3-image_3.2.6.bb} |   2 +-
 .../{libsdl3_3.2.26.bb => libsdl3_3.2.30.bb}  |   2 +-
 ...01-decode-fix-build-on-ARMv7-targets.patch |   4 +-
 ...ing-for-non-NEON-enabled-ARM-targets.patch |  73 +++++-----
 .../vk-gl-cts/vulkan-cts-sources.inc          |   2 +-
 ...n-cts_1.4.4.0.bb => vulkan-cts_1.4.4.2.bb} |   2 +-
 ...8-year-problem-in-timestamp-handling.patch |  55 ++++++++
 .../minicoredumper/minicoredumper_2.0.7.bb    |   1 +
 .../libjxl/libjxl_0.11.1.bb                   |   3 +
 .../recipes-security/softhsm/softhsm_2.6.1.bb |   2 +-
 .../libcereal/libcereal_1.3.2.bb              |   2 +
 .../recipes-support/raptor2/raptor2_2.0.16.bb |   2 +
 .../recipes-support/smarty/smarty_5.6.0.bb    |   2 +-
 ...128.bb => usb-modeswitch-data_20251207.bb} |   2 +-
 .../0001-Fix-build-with-gcc-15.patch          |  51 -------
 ...witch_2.6.1.bb => usb-modeswitch_2.6.2.bb} |   6 +-
 ...ers_7.2.2.bb => vboxguestdrivers_7.2.4.bb} |   2 +-
 .../nginx/files/CVE-2025-53859.patch          | 131 ------------------
 meta-webserver/recipes-httpd/nginx/nginx.inc  |   2 +
 .../recipes-httpd/nginx/nginx_1.28.0.bb       |   7 -
 .../recipes-httpd/nginx/nginx_1.28.1.bb       |   7 +
 62 files changed, 404 insertions(+), 286 deletions(-)
 rename meta-networking/recipes-protocols/dante/{dante_1.4.3.bb => dante_1.4.4.bb} (88%)
 rename meta-networking/recipes-protocols/frr/{frr_10.4.1.bb => frr_10.4.2.bb} (99%)
 create mode 100644 meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2025-68615.patch
 create mode 100644 meta-networking/recipes-support/tinyproxy/tinyproxy/CVE-2025-63938.patch
 rename meta-oe/recipes-crypto/cryptsetup/{cryptsetup_2.8.1.bb => cryptsetup_2.8.3.bb} (98%)
 create mode 100644 meta-oe/recipes-crypto/libsodium/libsodium/CVE-2025-69277.patch
 create mode 100644 meta-oe/recipes-dbs/lmdb/files/CVE-2026-22185.patch
 rename meta-oe/recipes-devtools/microsoft-gsl/{microsoft-gsl_4.2.0.bb => microsoft-gsl_4.2.1.bb} (93%)
 rename meta-oe/recipes-devtools/php/{php_8.4.16.bb => php_8.4.17.bb} (99%)
 rename meta-oe/recipes-devtools/python/{python3-psycopg_3.2.12.bb => python3-psycopg_3.2.13.bb} (85%)
 rename meta-oe/recipes-extended/liblognorm/{liblognorm_2.0.7.bb => liblognorm_2.0.8.bb} (95%)
 rename meta-oe/recipes-extended/mozjs/mozjs-128/{riscv32.patch => 0005-Add-RISCV32-support.patch} (97%)
 rename meta-oe/recipes-extended/mozjs/mozjs-128/{0001-util.configure-fix-one-occasionally-reproduced-confi.patch => 0006-util.configure-fix-one-occasionally-reproduced-confi.patch} (96%)
 rename meta-oe/recipes-extended/mozjs/mozjs-128/{0001-rewrite-cargo-host-linker-in-python3.patch => 0007-Rewrite-cargo-host-linker-in-python3.patch} (97%)
 rename meta-oe/recipes-extended/mozjs/mozjs-128/{musl-disable-stackwalk.patch => 0008-Musl-does-not-have-stack-unwinder-like-glibc-therefo.patch} (94%)
 rename meta-oe/recipes-extended/mozjs/mozjs-128/{0001-add-arm-to-list-of-mozinline.patch => 0009-Backport-patch-from-firefox-bugzilla-to-fix-compile-.patch} (95%)
 rename meta-oe/recipes-extended/mozjs/mozjs-128/{armv5.patch => 0010-The-ISB-instruction-isn-t-available-in-ARMv5-or-v6-s.patch} (93%)
 rename meta-oe/recipes-extended/mozjs/mozjs-128/{0001-Link-with-icu-uc-to-fix-build-with-ICU-76.patch => 0011-Link-with-icu-uc-to-fix-build-with-ICU-76.patch} (92%)
 rename meta-oe/recipes-extended/mozjs/mozjs-128/{riscv.patch => 0012-Recognise-riscv64gc-and-riscv32gc-as-valid-architect.patch} (60%)
 create mode 100644 meta-oe/recipes-extended/mozjs/mozjs-128/0013-Fix-build-error-with-musl.patch
 rename meta-oe/recipes-extended/parallel/{parallel_20251022.bb => parallel_20251122.bb} (93%)
 rename meta-oe/recipes-graphics/libdecor/{libdecor_0.2.4.bb => libdecor_0.2.5.bb} (94%)
 rename meta-oe/recipes-graphics/libsdl3/{libsdl3-image_3.2.4.bb => libsdl3-image_3.2.6.bb} (87%)
 rename meta-oe/recipes-graphics/libsdl3/{libsdl3_3.2.26.bb => libsdl3_3.2.30.bb} (97%)
 rename meta-oe/recipes-graphics/vk-gl-cts/{vulkan-cts_1.4.4.0.bb => vulkan-cts_1.4.4.2.bb} (94%)
 create mode 100644 meta-oe/recipes-kernel/minicoredumper/files/0002-Fix-2038-year-problem-in-timestamp-handling.patch
 rename meta-oe/recipes-support/usb-modeswitch/{usb-modeswitch-data_20191128.bb => usb-modeswitch-data_20251207.bb} (84%)
 delete mode 100644 meta-oe/recipes-support/usb-modeswitch/usb-modeswitch/0001-Fix-build-with-gcc-15.patch
 rename meta-oe/recipes-support/usb-modeswitch/{usb-modeswitch_2.6.1.bb => usb-modeswitch_2.6.2.bb} (86%)
 rename meta-oe/recipes-support/vboxguestdrivers/{vboxguestdrivers_7.2.2.bb => vboxguestdrivers_7.2.4.bb} (97%)
 delete mode 100755 meta-webserver/recipes-httpd/nginx/files/CVE-2025-53859.patch
 delete mode 100644 meta-webserver/recipes-httpd/nginx/nginx_1.28.0.bb
 create mode 100644 meta-webserver/recipes-httpd/nginx/nginx_1.28.1.bb