[00/75] Whinlatter pull request

Please merge these changes in whinlatter. Tested on autobuilder and locally. https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1503 The following changes since commit 8bcdb0cc1dab116253b409e78fb868ced7d8397c: bluealsa: fix QA issue staticdev (2026-03-26 10:31:48 +0530) are available in the Git repository at: https://git.openembedded.org/meta-openembedded-contrib stable/whinlatter-next https://git.openembedded.org/meta-openembedded-contrib/log/?h=stable/whinlatter-next for you to fetch changes up to bf300f9b6c90c130b2d0e84303153df7c0d68852: lshw: Fix binmerge (2026-04-23 10:53:58 +0530) ---------------------------------------------------------------- Ankur Tyagi (17): nginx: upgrade 1.29.1 -> 1.29.2 python3-astroid: upgrade 4.0.2 -> 4.0.4 python3-aiofiles: fix HOMEPAGE python3-alembic: add HOMEPAGE python3-apiflash: upgrade 3.0.0 -> 3.0.2 gvfs: upgrade 1.58.2 -> 1.58.4 libde265: patch CVE-2026-33165 wolfssl: patch CVE-2026-0819 wolfssl: patch CVE-2026-2646 wolfssl: ptach CVE-2026-3229 wolfssl: patch CVE-2026-3230 wolfssl: patch CVE-2026-3547 wolfssl: patch CVE-2026-4159 wolfssl: patch CVE-2026-4395 zabbix: ignore CVE-2026-23919 tigervnc: patch CVE-2026-34352 strongswan: patch CVE-2026-25075 Deepak Rathore (3): libssh: Fix CVE-2026-0968 libssh: Fix CVE-2026-0967 libssh: Fix CVE-2026-0965 Gyorgy Sarvari (32): nginx: upgrade 1.28.2 -> 1.28.3 freeipmi: upgrade 1.6.16 -> 1.6.17 botan: patch CVE-2026-32877 botan: patch CVE-2026-32883 botan: patch CVE-2026-32884 dovecot: patch CVE-2025-59031 dovecot: mark CVE-2026-0394 patched nodejs: ignore fixed CVEs opensc: patch CVE-2025-49010 opensc: patch CVE-2025-66037 opensc: patch CVE-2025-66038 imagemagick: upgrade 7.1.2-17 -> 7.1.2-18 giflib: patch CVE-2025-31344 botan: patch CVE-2026-34582 corosync: patch CVE-2026-35091 corosync: patch CVE-2026-35092 hiawatha: upgrade 11.7 -> 11.8 monkey: upgrade 1.8.4 -> 1.8.7 monkey: patch CVEs openjpeg: patch CVE-2026-6192 libgphoto2: patch CVE-2026-40333 libgphoto2: patch CVE-2026-40334 libgphoto2: patch CVE-2026-40335 libgphoto2: patch CVE-2026-40336 libgphoto2: patch CVE-2026-40338 libgphoto2: patch CVE-2026-40339 libgphoto2: patch CVE-2026-40340 libgphoto2: patch CVE-2026-40341 jq: patch CVE-2026-32316 jq: patch CVE-2026-33947 jq: patch CVE-2026-33948 jq: patch CVE-2026-39979 Jason Schonberg (4): Update README.md with branch name. nodejs: upgrade 22.22.0 -> 22.22.1 nodejs: upgrade 22.22.1 -> 22.22.2 php: upgrade 8.4.19 -> 8.4.20 Jörg Sommer (1): lshw: Fix binmerge Liu Yiding (1): gjs: upgrade 1.84.1 -> 1.84.2 Markus Volk (5): iwd: update 3.10 -> 3.11 nautilus: update 49.4 -> 49.5 libdvdread: use https for fetching code libdvdcss: use https for fetching code libdvdnav: use https for fetching code Michal Sieron (1): gnome-bluetooth3: Fix RRECOMMENS typo Peter Kjellerstedt (1): jq: Use Git to fetch the code Vijay Anusuri (1): giflib: Fix CVE-2026-23868 Wang Mingyu (7): iwd: upgrade 3.11 -> 3.12 openldap: upgrade 2.6.10 -> 2.6.12 openldap: upgrade 2.6.12 -> 2.6.13 nautilus: upgrade 49.2 -> 49.3 nautilus: upgrade 49.3 -> 49.4 gvfs: upgrade 1.58.0 -> 1.58.1 imagemagick: upgrade 7.1.2-18 -> 7.1.2-19 Zhang Peng (2): gvfs: upgrade 1.58.1 -> 1.58.2 libwnck3: upgrade 43.2 -> 43.3 .../gjs/{gjs_1.84.1.bb => gjs_1.84.2.bb} | 2 +- .../gnome-bluetooth3_3.34.5.bb | 2 +- .../gvfs/{gvfs_1.58.0.bb => gvfs_1.58.4.bb} | 2 +- ...40d59c32d7ebeb94d242436e3144cefc174a.patch | 40 -- .../{libwnck3_43.2.bb => libwnck3_43.3.bb} | 5 +- .../{nautilus_49.2.bb => nautilus_49.5.bb} | 2 +- .../libde265/libde265/CVE-2026-33165.patch | 45 +++ .../libde265/libde265_1.0.16.bb | 1 + .../libdvdnav/libdvdnav_6.1.1.bb | 2 +- .../recipes-multimedia/vlc/libdvdcss_1.4.3.bb | 2 +- .../wolfssl/files/CVE-2026-0819.patch | 31 ++ .../wolfssl/files/CVE-2026-2646-1.patch | 39 ++ .../wolfssl/files/CVE-2026-2646-2.patch | 51 +++ .../wolfssl/files/CVE-2026-3229-1.patch | 104 +++++ .../wolfssl/files/CVE-2026-3229-2.patch | 42 ++ .../wolfssl/files/CVE-2026-3229-3.patch | 28 ++ .../wolfssl/files/CVE-2026-3230.patch | 69 ++++ .../wolfssl/files/CVE-2026-3547.patch | 30 ++ .../wolfssl/files/CVE-2026-4159.patch | 32 ++ .../wolfssl/files/CVE-2026-4395.patch | 31 ++ .../wolfssl/wolfssl_5.8.0.bb | 10 + .../corosync/corosync/CVE-2026-35091.patch | 47 +++ .../corosync/corosync/CVE-2026-35092.patch | 57 +++ .../corosync/corosync_3.1.10.bb | 2 + .../dovecot/dovecot/CVE-2025-59031.patch | 142 +++++++ .../dovecot/dovecot_2.4.1-4.bb | 2 + .../strongswan/CVE-2026-25075.patch | 48 +++ .../strongswan/strongswan_6.0.3.bb | 4 +- .../iwd/{iwd_3.10.bb => iwd_3.12.bb} | 2 +- .../zabbix/zabbix_7.0.19.bb | 1 + .../botan/botan/CVE-2026-32877.patch | 158 ++++++++ .../botan/botan/CVE-2026-32883.patch | 171 +++++++++ .../botan/botan/CVE-2026-32884.patch | 171 +++++++++ .../botan/botan/CVE-2026-34582.patch | 28 ++ meta-oe/recipes-crypto/botan/botan_3.10.0.bb | 7 +- .../giflib/giflib/CVE-2025-31344.patch | 28 ++ .../giflib/giflib/CVE-2026-23868.patch | 34 ++ .../recipes-devtools/giflib/giflib_5.2.2.bb | 4 +- ...-with-disable-maintainer-mode-and-so.patch | 44 +++ .../jq/jq/CVE-2026-32316.patch | 53 +++ .../jq/jq/CVE-2026-33947.patch | 104 +++++ .../jq/jq/CVE-2026-33948.patch | 49 +++ .../jq/jq/CVE-2026-39979.patch | 31 ++ meta-oe/recipes-devtools/jq/jq_1.8.1.bb | 19 +- meta-oe/recipes-devtools/lshw/lshw_02.20.bb | 4 +- .../{nodejs_22.22.0.bb => nodejs_22.22.2.bb} | 13 +- .../php/{php_8.4.19.bb => php_8.4.20.bb} | 2 +- .../gphoto2/libgphoto2/CVE-2026-40333.patch | 150 ++++++++ .../gphoto2/libgphoto2/CVE-2026-40334.patch | 37 ++ .../gphoto2/libgphoto2/CVE-2026-40335.patch | 43 +++ .../gphoto2/libgphoto2/CVE-2026-40336.patch | 44 +++ .../gphoto2/libgphoto2/CVE-2026-40338.patch | 34 ++ .../gphoto2/libgphoto2/CVE-2026-40339.patch | 41 ++ .../gphoto2/libgphoto2/CVE-2026-40340.patch | 40 ++ .../gphoto2/libgphoto2/CVE-2026-40341.patch | 69 ++++ .../gphoto2/libgphoto2_2.5.33.bb | 10 +- .../openjpeg/openjpeg/CVE-2026-6192.patch | 35 ++ .../openjpeg/openjpeg_2.5.4.bb | 1 + .../tigervnc/files/CVE-2026-34352.patch | 31 ++ .../tigervnc/tigervnc_1.15.0.bb | 1 + .../libdvdread/libdvdread_6.1.3.bb | 2 +- ...{freeipmi_1.6.16.bb => freeipmi_1.6.17.bb} | 2 +- ...ck_7.1.2-17.bb => imagemagick_7.1.2-19.bb} | 2 +- .../libssh/libssh/CVE-2026-0965.patch | 286 ++++++++++++++ .../libssh/libssh/CVE-2026-0967.patch | 362 ++++++++++++++++++ .../libssh/libssh/CVE-2026-0968_p1.patch | 64 ++++ .../libssh/libssh/CVE-2026-0968_p2.patch | 132 +++++++ .../recipes-support/libssh/libssh_0.11.3.bb | 4 + ...{openldap_2.6.10.bb => openldap_2.6.13.bb} | 4 +- .../opensc/opensc/CVE-2025-49010.patch | 71 ++++ .../opensc/opensc/CVE-2025-66037.patch | 34 ++ .../opensc/opensc/CVE-2025-66038.patch | 40 ++ .../recipes-support/opensc/opensc_0.26.1.bb | 6 +- .../python/python3-aiofiles_24.1.0.bb | 2 +- .../python/python3-alembic_1.17.2.bb | 1 + ...ask_3.0.0.bb => python3-apiflask_3.0.2.bb} | 2 +- ...roid_4.0.2.bb => python3-astroid_4.0.4.bb} | 2 +- ..._-nonstring-to-remove-unterminated-s.patch | 43 --- ...ute__-nonstring-with-macro-MBEDTLS_A.patch | 42 -- ...BEDTLS_ATTRIBUTE_UNTERMINATED_STRING.patch | 33 -- .../{hiawatha_11.7.bb => hiawatha_11.8.bb} | 5 +- ...tp-fix-malformed-request-crash-paths.patch | 160 ++++++++ ...eduler-guard-protocol-close-callback.patch | 51 +++ ...server-parser-harden-boundary-checks.patch | 108 ++++++ .../{monkey_1.8.4.bb => monkey_1.8.7.bb} | 14 +- .../{nginx_1.28.2.bb => nginx_1.28.3.bb} | 2 +- .../{nginx_1.29.1.bb => nginx_1.29.2.bb} | 2 +- meta-xfce/README.md | 2 +- 88 files changed, 3605 insertions(+), 204 deletions(-) rename meta-gnome/recipes-gnome/gjs/{gjs_1.84.1.bb => gjs_1.84.2.bb} (94%) rename meta-gnome/recipes-gnome/gvfs/{gvfs_1.58.0.bb => gvfs_1.58.4.bb} (97%) delete mode 100644 meta-gnome/recipes-gnome/libwnck/files/ef0e40d59c32d7ebeb94d242436e3144cefc174a.patch rename meta-gnome/recipes-gnome/libwnck/{libwnck3_43.2.bb => libwnck3_43.3.bb} (78%) rename meta-gnome/recipes-gnome/nautilus/{nautilus_49.2.bb => nautilus_49.5.bb} (93%) create mode 100644 meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2026-33165.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-0819.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-2646-1.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-2646-2.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-3229-1.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-3229-2.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-3229-3.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-3230.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-3547.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-4159.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-4395.patch create mode 100644 meta-networking/recipes-extended/corosync/corosync/CVE-2026-35091.patch create mode 100644 meta-networking/recipes-extended/corosync/corosync/CVE-2026-35092.patch create mode 100644 meta-networking/recipes-support/dovecot/dovecot/CVE-2025-59031.patch create mode 100644 meta-networking/recipes-support/strongswan/strongswan/CVE-2026-25075.patch rename meta-oe/recipes-connectivity/iwd/{iwd_3.10.bb => iwd_3.12.bb} (95%) create mode 100644 meta-oe/recipes-crypto/botan/botan/CVE-2026-32877.patch create mode 100644 meta-oe/recipes-crypto/botan/botan/CVE-2026-32883.patch create mode 100644 meta-oe/recipes-crypto/botan/botan/CVE-2026-32884.patch create mode 100644 meta-oe/recipes-crypto/botan/botan/CVE-2026-34582.patch create mode 100644 meta-oe/recipes-devtools/giflib/giflib/CVE-2025-31344.patch create mode 100644 meta-oe/recipes-devtools/giflib/giflib/CVE-2026-23868.patch create mode 100644 meta-oe/recipes-devtools/jq/jq/0001-Support-building-with-disable-maintainer-mode-and-so.patch create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-32316.patch create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-33947.patch create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-33948.patch create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-39979.patch rename meta-oe/recipes-devtools/nodejs/{nodejs_22.22.0.bb => nodejs_22.22.2.bb} (93%) rename meta-oe/recipes-devtools/php/{php_8.4.19.bb => php_8.4.20.bb} (99%) create mode 100644 meta-oe/recipes-graphics/gphoto2/libgphoto2/CVE-2026-40333.patch create mode 100644 meta-oe/recipes-graphics/gphoto2/libgphoto2/CVE-2026-40334.patch create mode 100644 meta-oe/recipes-graphics/gphoto2/libgphoto2/CVE-2026-40335.patch create mode 100644 meta-oe/recipes-graphics/gphoto2/libgphoto2/CVE-2026-40336.patch create mode 100644 meta-oe/recipes-graphics/gphoto2/libgphoto2/CVE-2026-40338.patch create mode 100644 meta-oe/recipes-graphics/gphoto2/libgphoto2/CVE-2026-40339.patch create mode 100644 meta-oe/recipes-graphics/gphoto2/libgphoto2/CVE-2026-40340.patch create mode 100644 meta-oe/recipes-graphics/gphoto2/libgphoto2/CVE-2026-40341.patch create mode 100644 meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2026-6192.patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/CVE-2026-34352.patch rename meta-oe/recipes-support/freeipmi/{freeipmi_1.6.16.bb => freeipmi_1.6.17.bb} (93%) rename meta-oe/recipes-support/imagemagick/{imagemagick_7.1.2-17.bb => imagemagick_7.1.2-19.bb} (99%) create mode 100644 meta-oe/recipes-support/libssh/libssh/CVE-2026-0965.patch create mode 100644 meta-oe/recipes-support/libssh/libssh/CVE-2026-0967.patch create mode 100644 meta-oe/recipes-support/libssh/libssh/CVE-2026-0968_p1.patch create mode 100644 meta-oe/recipes-support/libssh/libssh/CVE-2026-0968_p2.patch rename meta-oe/recipes-support/openldap/{openldap_2.6.10.bb => openldap_2.6.13.bb} (98%) create mode 100644 meta-oe/recipes-support/opensc/opensc/CVE-2025-49010.patch create mode 100644 meta-oe/recipes-support/opensc/opensc/CVE-2025-66037.patch create mode 100644 meta-oe/recipes-support/opensc/opensc/CVE-2025-66038.patch rename meta-python/recipes-devtools/python/{python3-apiflask_3.0.0.bb => python3-apiflask_3.0.2.bb} (83%) rename meta-python/recipes-devtools/python/{python3-astroid_4.0.2.bb => python3-astroid_4.0.4.bb} (90%) delete mode 100644 meta-webserver/recipes-httpd/hiawatha/files/0001-Add-__attribute__-nonstring-to-remove-unterminated-s.patch delete mode 100644 meta-webserver/recipes-httpd/hiawatha/files/0002-Replace-__attribute__-nonstring-with-macro-MBEDTLS_A.patch delete mode 100644 meta-webserver/recipes-httpd/hiawatha/files/define-MBEDTLS_ATTRIBUTE_UNTERMINATED_STRING.patch rename meta-webserver/recipes-httpd/hiawatha/{hiawatha_11.7.bb => hiawatha_11.8.bb} (90%) create mode 100644 meta-webserver/recipes-httpd/monkey/files/0001-server-http-fix-malformed-request-crash-paths.patch create mode 100644 meta-webserver/recipes-httpd/monkey/files/0002-server-scheduler-guard-protocol-close-callback.patch create mode 100644 meta-webserver/recipes-httpd/monkey/files/0003-server-parser-harden-boundary-checks.patch rename meta-webserver/recipes-httpd/monkey/{monkey_1.8.4.bb => monkey_1.8.7.bb} (86%) rename meta-webserver/recipes-httpd/nginx/{nginx_1.28.2.bb => nginx_1.28.3.bb} (66%) rename meta-webserver/recipes-httpd/nginx/{nginx_1.29.1.bb => nginx_1.29.2.bb} (77%)

Message ID	cover.1777043268.git.anuj.mittal@oss.qualcomm.com
State	New
Headers	show Return-Path: <anuj.mittal@oss.qualcomm.com> ip: 205.220.180.131, mailfrom: anuj.mittal@oss.qualcomm.com) From: Anuj Mittal <anuj.mittal@oss.qualcomm.com> To: openembedded-devel@lists.openembedded.org Subject: [PATCH 00/75] Whinlatter pull request Date: Sat, 25 Apr 2026 10:36:45 +0530 Message-ID: <cover.1777043268.git.anuj.mittal@oss.qualcomm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

[00/75] Whinlatter pull request

Pull-request

Message