mbox

[00/27] Whinlatter pull request

Message ID cover.1778574417.git.anuj.mittal@oss.qualcomm.com
State New
Headers show

Pull-request

https://git.openembedded.org/meta-openembedded-contrib stable/whinlatter-next

Message

Anuj Mittal May 12, 2026, 8:32 a.m. UTC 
Please merge these changes in whinlatter. Tested locally and on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1512

This is the last pull request for whinlatter and the branch will not be
maintained any more.

The following changes since commit d861698ab8d4bbdda13f93747390f3f095f1f48f:

  lshw: Fix binmerge (2026-04-24 21:13:21 +0530)

are available in the Git repository at:

  https://git.openembedded.org/meta-openembedded-contrib stable/whinlatter-next
  https://git.openembedded.org/meta-openembedded-contrib/log/?h=stable/whinlatter-next

for you to fetch changes up to f52f32952cb9717949f8bc3d3ccf6c4c5a59521f:

  wolfssl: patch CVE-2026-5778 (2026-05-08 07:28:45 +0530)

----------------------------------------------------------------

Ankur Tyagi (11):
  lcms: patch CVE-2026-41254
  libcoap: patch CVE-2026-29013
  python3-django: upgrade 4.2.29 -> 4.2.30
  wolfssl: patch CVE-2026-1005
  wolfssl: patch CVE-2026-3580
  wolfssl: patch CVE-2026-5188
  wolfssl: patch CVE-2026-5392
  wolfssl: patch CVE-2026-5446
  wolfssl: patch CVE-2026-5447
  wolfssl: patch CVE-2026-5772
  wolfssl: patch CVE-2026-5778

Bartosz Golaszewski (3):
  libgpiod: update to v2.2.3
  libgpiod: update to v2.2.4
  python3-gpiod: update to v2.4.2

Changqing Li (1):
  libsoup-2.4: fix several CVEs

Gyorgy Sarvari (6):
  protobuf, python3-protobuf: ignore CVE-2026-6409
  python3-grpcio: ignore CVE-2026-33186
  freeipmi: mark CVE-2026-33554 patched
  nodejs: mark CVE-2026-21710 patched
  xdg-dbus-proxy: upgrade 0.1.6 -> 0.1.7
  python3-django: upgrade 5.2.12 -> 5.2.13

Mingli Yu (1):
  python3-ecdsa: Upgrade 0.19.1 -> 0.19.2

Wang Mingyu (5):
  python3-werkzeug: upgrade 3.1.6 -> 3.1.7
  python3-werkzeug: upgrade 3.1.7 -> 3.1.8
  python3-tzdata: upgrade 2025.2 -> 2025.3
  python3-tzdata: upgrade 2025.3 -> 2026.1
  python3-bitarray: upgrade 3.8.0 -> 3.8.1

 .../wolfssl/files/CVE-2026-1005.patch         |  83 ++++
 .../wolfssl/files/CVE-2026-3580.patch         | 425 ++++++++++++++++++
 .../wolfssl/files/CVE-2026-5188.patch         | 101 +++++
 .../wolfssl/files/CVE-2026-5392.patch         |  33 ++
 .../wolfssl/files/CVE-2026-5446-1.patch       |  62 +++
 .../wolfssl/files/CVE-2026-5446-2.patch       |  27 ++
 .../wolfssl/files/CVE-2026-5447.patch         |  65 +++
 .../wolfssl/files/CVE-2026-5772-1.patch       |  25 ++
 .../wolfssl/files/CVE-2026-5772-2.patch       |  35 ++
 .../wolfssl/files/CVE-2026-5778.patch         |  38 ++
 .../wolfssl/wolfssl_5.8.0.bb                  |  10 +
 .../libcoap/libcoap/CVE-2026-29013.patch      |  86 ++++
 .../libcoap/libcoap_4.3.5a.bb                 |   1 +
 .../recipes-devtools/nodejs/nodejs_22.22.2.bb |   1 +
 .../protobuf/protobuf_6.31.1.bb               |   1 +
 .../freeipmi/freeipmi_1.6.17.bb               |   1 +
 .../lcms/lcms/CVE-2026-41254_1.patch          |  30 ++
 .../lcms/lcms/CVE-2026-41254_2.patch          |  36 ++
 meta-oe/recipes-support/lcms/lcms_2.16.bb     |   5 +-
 .../{libgpiod_2.2.2.bb => libgpiod_2.2.4.bb}  |   2 +-
 .../libsoup/libsoup-2.4/CVE-2025-14523.patch  |  52 +++
 .../libsoup-2.4/CVE-2025-32049-1.patch        | 229 ++++++++++
 .../libsoup-2.4/CVE-2025-32049-2.patch        | 131 ++++++
 .../libsoup/libsoup-2.4/CVE-2026-1467.patch   | 151 +++++++
 .../libsoup/libsoup-2.4/CVE-2026-1539.patch   |  31 ++
 .../libsoup/libsoup-2.4/CVE-2026-1760.patch   | 153 +++++++
 .../libsoup/libsoup-2.4/CVE-2026-1761.patch   |  36 ++
 .../libsoup/libsoup-2.4/CVE-2026-1801.patch   | 126 ++++++
 .../libsoup/libsoup-2.4/CVE-2026-2369.patch   |  33 ++
 .../libsoup/libsoup-2.4/CVE-2026-2443.patch   | 135 ++++++
 .../libsoup/libsoup-2.4_2.74.3.bb             |  10 +
 ...proxy_0.1.6.bb => xdg-dbus-proxy_0.1.7.bb} |   6 +-
 ...ray_3.8.0.bb => python3-bitarray_3.8.1.bb} |   2 +-
 ...ngo_4.2.29.bb => python3-django_4.2.30.bb} |   2 +-
 ...ngo_5.2.12.bb => python3-django_5.2.13.bb} |   2 +-
 ...cdsa_0.19.1.bb => python3-ecdsa_0.19.2.bb} |   2 +-
 ...-gpiod_2.4.1.bb => python3-gpiod_2.4.2.bb} |   2 +-
 .../python/python3-grpcio_1.76.0.bb           |   1 +
 .../python/python3-protobuf_6.33.5.bb         |   1 +
 ...ata_2025.2.bb => python3-tzdata_2026.1.bb} |   2 +-
 ...eug_3.1.6.bb => python3-werkzeug_3.1.8.bb} |   2 +-
 41 files changed, 2165 insertions(+), 11 deletions(-)
 create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-1005.patch
 create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-3580.patch
 create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-5188.patch
 create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-5392.patch
 create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-5446-1.patch
 create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-5446-2.patch
 create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-5447.patch
 create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-5772-1.patch
 create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-5772-2.patch
 create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-5778.patch
 create mode 100644 meta-networking/recipes-devtools/libcoap/libcoap/CVE-2026-29013.patch
 create mode 100644 meta-oe/recipes-support/lcms/lcms/CVE-2026-41254_1.patch
 create mode 100644 meta-oe/recipes-support/lcms/lcms/CVE-2026-41254_2.patch
 rename meta-oe/recipes-support/libgpiod/{libgpiod_2.2.2.bb => libgpiod_2.2.4.bb} (98%)
 create mode 100644 meta-oe/recipes-support/libsoup/libsoup-2.4/CVE-2025-14523.patch
 create mode 100644 meta-oe/recipes-support/libsoup/libsoup-2.4/CVE-2025-32049-1.patch
 create mode 100644 meta-oe/recipes-support/libsoup/libsoup-2.4/CVE-2025-32049-2.patch
 create mode 100644 meta-oe/recipes-support/libsoup/libsoup-2.4/CVE-2026-1467.patch
 create mode 100644 meta-oe/recipes-support/libsoup/libsoup-2.4/CVE-2026-1539.patch
 create mode 100644 meta-oe/recipes-support/libsoup/libsoup-2.4/CVE-2026-1760.patch
 create mode 100644 meta-oe/recipes-support/libsoup/libsoup-2.4/CVE-2026-1761.patch
 create mode 100644 meta-oe/recipes-support/libsoup/libsoup-2.4/CVE-2026-1801.patch
 create mode 100644 meta-oe/recipes-support/libsoup/libsoup-2.4/CVE-2026-2369.patch
 create mode 100644 meta-oe/recipes-support/libsoup/libsoup-2.4/CVE-2026-2443.patch
 rename meta-oe/recipes-support/xdg-dbus-proxy/{xdg-dbus-proxy_0.1.6.bb => xdg-dbus-proxy_0.1.7.bb} (75%)
 rename meta-python/recipes-devtools/python/{python3-bitarray_3.8.0.bb => python3-bitarray_3.8.1.bb} (81%)
 rename meta-python/recipes-devtools/python/{python3-django_4.2.29.bb => python3-django_4.2.30.bb} (79%)
 rename meta-python/recipes-devtools/python/{python3-django_5.2.12.bb => python3-django_5.2.13.bb} (60%)
 rename meta-python/recipes-devtools/python/{python3-ecdsa_0.19.1.bb => python3-ecdsa_0.19.2.bb} (87%)
 rename meta-python/recipes-devtools/python/{python3-gpiod_2.4.1.bb => python3-gpiod_2.4.2.bb} (92%)
 rename meta-python/recipes-devtools/python/{python3-tzdata_2025.2.bb => python3-tzdata_2026.1.bb} (85%)
 rename meta-python/recipes-devtools/python/{python3-werkzeug_3.1.6.bb => python3-werkzeug_3.1.8.bb} (90%)