From patchwork Mon Dec 22 20:27:28 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 77268 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 65249E6ADC7 for ; Mon, 22 Dec 2025 20:27:38 +0000 (UTC) Received: from mail-wr1-f42.google.com (mail-wr1-f42.google.com [209.85.221.42]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.88049.1766435257718875630 for ; Mon, 22 Dec 2025 12:27:38 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=k7/+M5iN; spf=pass (domain: gmail.com, ip: 209.85.221.42, mailfrom: skandigraun@gmail.com) Received: by mail-wr1-f42.google.com with SMTP id ffacd0b85a97d-42b3c5defb2so2868920f8f.2 for ; Mon, 22 Dec 2025 12:27:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1766435256; x=1767040056; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:from:to:cc:subject:date:message-id:reply-to; bh=LmJenmKO9WJo+4GSrf1cjXhKo/Q2YlHOJFPJmKs4Vuo=; b=k7/+M5iNqcwxbQuafKOOOuUHQJlIVsdCWrkkp0kvQmsKb8VVBimxP3/m2ou9BxU86X CBQskrRDjeIrMEWtWC5FhB0M7UkBrzzTt8akU9NeplqWPGP509Qb+iQ4We4tSQHfMuxs 10pp65NhdJ+Lez3HBN/DWS0ple0J4O9+/gtlJBubZnJF73qpk+IAASXXkF5GHtJccsRh 1tbcBhGnoWnG99W4SA8NnIbVa4b2+d8pR/X2T2azNYZUH2xMwfWKJ2+q3cLLIzdCkPMn Rb6QnZDPYtKnvfQbh1kvfLg3UKS27SceQF28zD7xyrVA+nFs4zRkplTMTaLKg7UNdIGC H4FQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1766435256; x=1767040056; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=LmJenmKO9WJo+4GSrf1cjXhKo/Q2YlHOJFPJmKs4Vuo=; b=G9nsNrYDusRVjwnkf9rT3G17fKNj3+sQaIPE2h1WIUYZScgWurQyoHJl2jPJ9conF9 XDpmMzPUynZJajZxPyakREcRbQdJTMXHLupuaI977oTQokh0Vrj48LDx1RxK5fguvaYr 5/wDt1m1ibUa8GnN8J34pi8B2p/2OLocA8tKlIwhF3bK8lfwzh7AV8Ibke3/BNayE88H PmsDjVdObGLFrQOTEaYhiN3t0OHsdERgqy+1shR9aeyHAWX3/nPe/MeU4x4wJXK1obnp b0bnHWD9X5BP0KNzK1+iJrWXHE4UpmSpYCDXO3HhEfMUg9l/JHKmNnzU5TdLpYRU/4FB I83Q== X-Gm-Message-State: AOJu0YxuCke9W6ChJueWaSoRwusdt5HqwRWUWLlMEhj74NbB3t5I196Z eDsBJv8SC3hWV6XS+GwXmuMadHKfjDsqPll8wKl9opzyeIi1XftXNLMPNUoeWg== X-Gm-Gg: AY/fxX6sdKAU9hmjZbcNVFg4Vexpqtd2kC+X64B5bvjq3mon30DjPK7TKvoAKAdFIyc 5TDTDzbErjiRxHNts/Z8tqGmJ/s0eJaFMt83l0qc7Mi0jBZdBkgFtFxHghHBChavCZ1/teDzHXK Z/2eD9CqQ1gkZeYm+c1/MlJnwsGPBTBjp6T6u+kHbVXYovPRmRdl+AFaMXPgvYlbS4QC4fgSb/W Vg4u6ASml3v1QeWHuUxodh/JQTXPilIF0A0XSADSxJVIgSr9lc39WbAPJ5laGlQ0+WkYrdV/wNZ bUn078t45xPMcHOCrD4WP0sZNCAC8at7Ok5oSeTC+di5Dvd40uGn/W+IUBPHrFHf2wwmD40n4kJ NopXTZbU+5p7kvVufy6pdTdF2riBHKC6SpSlWhrOGOoaTZt45/Jp7Q8O/TfF7w2Eb9huY7whSvv GgSfH25qTshmGLXG1RVFM= X-Google-Smtp-Source: AGHT+IHMfPzaK056zoVhGFjdzd8huQxaTIczAeFIc6DxO6ihao5jen36rGqwTKI6G0o/zQQl/AzQug== X-Received: by 2002:a05:6000:22c8:b0:431:a16:5533 with SMTP id ffacd0b85a97d-4324e4faa32mr14628165f8f.31.1766435255830; Mon, 22 Dec 2025 12:27:35 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-4324eab257asm24204522f8f.38.2025.12.22.12.27.33 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Dec 2025 12:27:34 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-gnome][scarthgap][PATCH 1/5] accountservice: ignore CVE-2023-3297 Date: Mon, 22 Dec 2025 21:27:28 +0100 Message-ID: <20251222202732.3363914-1-skandigraun@gmail.com> X-Mailer: git-send-email 2.52.0 MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 22 Dec 2025 20:27:38 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/122807 Details: https://nvd.nist.gov/vuln/detail/CVE-2023-3297 The vulnerability is triggered by a patch added by Ubuntu, and the vulnerable patch is not present in the recipe. Signed-off-by: Gyorgy Sarvari Signed-off-by: Khem Raj (cherry picked from commit 071a45c9d76c9a222c8fbaa50089a8af44f44e74) Signed-off-by: Gyorgy Sarvari --- .../recipes-support/accountsservice/accountsservice_22.08.8.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-gnome/recipes-support/accountsservice/accountsservice_22.08.8.bb b/meta-gnome/recipes-support/accountsservice/accountsservice_22.08.8.bb index 439958c7d2..d63e3bd34c 100644 --- a/meta-gnome/recipes-support/accountsservice/accountsservice_22.08.8.bb +++ b/meta-gnome/recipes-support/accountsservice/accountsservice_22.08.8.bb @@ -30,3 +30,5 @@ FILES:${PN} += " \ ${datadir}/dbus-1 \ ${datadir}/polkit-1 \ " + +CVE_STATUS[CVE-2023-3297] = "not-applicable-platform: The vulnerability is Ubuntu specific" From patchwork Mon Dec 22 20:27:29 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 77269 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4A5C6E6ADE7 for ; Mon, 22 Dec 2025 20:27:48 +0000 (UTC) Received: from mail-wr1-f49.google.com (mail-wr1-f49.google.com [209.85.221.49]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.88050.1766435260080602827 for ; Mon, 22 Dec 2025 12:27:40 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=d+gjF9w8; spf=pass (domain: gmail.com, ip: 209.85.221.49, mailfrom: skandigraun@gmail.com) Received: by mail-wr1-f49.google.com with SMTP id ffacd0b85a97d-42fbbc3df8fso2211183f8f.2 for ; Mon, 22 Dec 2025 12:27:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1766435258; x=1767040058; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Bgx3AVDaefpFYjIv1h2YIVjB9bIC+0nPVM9os9LTrZs=; b=d+gjF9w8i7jgTxm2TBm/sXgMh2Q3K4GaPQZgPq55z3DtBM37EA20CUjqdLZmGmN4Nh U+oNVoWo7354wOmu9Zafwu3+dLgCbRjOEl6nN4IQAXfv5kKZ5pl6QIFpgWwSi4mEyqr4 +U7gYptjw5mHu2zNZNpsaC4aQPJkHg9wIsjd4huXrl1i69Sij5V9JYnUz/T6kLFZaBrS 5c4ZyxVHzYQup9BLgXVXeniZjdARXkOLgWxWCB5cbJNqM7e6vJYBQA7WiA9w6vj1XZ/t yFxTZMCb6IEyYK9HJ1wXwmXjN/6ZHbCZ7Vg6LXWFoT9ZKmn4k8oZ2rPyLF6SlYhZEoPg nVHA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1766435258; x=1767040058; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=Bgx3AVDaefpFYjIv1h2YIVjB9bIC+0nPVM9os9LTrZs=; b=ipBSLnAF77bc75VYsSzmL7Sec8OcM/Y72gKNy822m0XwZv13S8fgb4QE/E5VJ5GrTO 5xRhUIT78N3Bvh91alxNtDyZOsnAtf4pjULGVaNwMhVzFbeL239xq3JhsWk29KWg9qea pGljpfjgGTrxD5Xq9ClzQwbZ4iFjlEJpBg0b1kAVdL2B/QOfQGxjZWygTj6X2zO4o/0p tnzRxgLfcLwzp7AQy5WiP1zNOOn4L+2IptxPTCQYFfSuDy3zYU/uhE3FH/o5AZD7AfhI 9C0yFseO9fbOFAax92O3+HXwhOwCQHxEcGhAqg8jJk/I5sKtGn8GXDQWn4FH18xb3Mic Qhdg== X-Gm-Message-State: AOJu0YwkFHSX1rmzWKdgvtIvRoDbXqaHIEAPTnAk6IEaqhJ55mcibaPo kJzafyLoPEwwQs5Xfv+k/8yHyC9Z+qyViPHRMmpDHbsKggIaxYun8qu9+NjXxQ== X-Gm-Gg: AY/fxX4AN4cW0W9A9hwpMmY2+JJysrZwls38+tNYO8HI+WSFVxxJyU8wvOyx/+wP52y GogPrtRZW4+0IT5HYZ9HGcaeojK1syErOXHGXAjI8+DqTIq2JEmD9aIEqDMqlGQC4emWAfWElNO 75tI+wVqbYApdgPouOtkUtzrHyamsVE8M2boYAqQSK2ljnngvfmfpypbIZwXclUwYThoONVn/+U EUqHk0IfMfISWS38sx4VTHpEzqXTkYZBLkM+yVotVTZhlL3WLmi8TWXQllMGuITD18plGgvvnp/ m4KhZsXeINiZGeFbkCwhAoNEgP8mHtDnW6lKpNXS79JPfIqrqxkMGWZuYbjOXSgMy4t6v+opYNf xDSaQOcoATdSE2CxzKDTvVdMCmcHe2+1NIOVM5m7FH1BVP55BzKb4PTLozQlH9IFxtFwLggrK6k NuCeMslcFo X-Google-Smtp-Source: AGHT+IFNaEPZgFNiB4grzZjVWLDgiBrv2X1In0vBB0Jh7f3dYRNQyg+YgcIcJ0lCCnHtgPRd+3ZJkQ== X-Received: by 2002:a05:6000:26cf:b0:42f:b649:6dc9 with SMTP id ffacd0b85a97d-4324e70997cmr15235487f8f.58.1766435258375; Mon, 22 Dec 2025 12:27:38 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-4324eab257asm24204522f8f.38.2025.12.22.12.27.35 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Dec 2025 12:27:37 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][scarthgap][PATCH 2/5] minio: ignore irrelevant CVEs Date: Mon, 22 Dec 2025 21:27:29 +0100 Message-ID: <20251222202732.3363914-2-skandigraun@gmail.com> X-Mailer: git-send-email 2.52.0 In-Reply-To: <20251222202732.3363914-1-skandigraun@gmail.com> References: <20251222202732.3363914-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 22 Dec 2025 20:27:48 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/122808 The minio umbrella covers multiple projects. The recipe itself builds "minio client", which is a set of basic tools to query data from "minio server" - like ls, mv, find... The CVEs were files against minio server. Looking at the go mod list, this recipe doesn't use minio server even as a build dependency - so ignore the CVEs. Signed-off-by: Gyorgy Sarvari Signed-off-by: Khem Raj (cherry picked from commit df462075be855c60117af661dbce1836c652fc16) Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-extended/minio/minio_git.bb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/meta-oe/recipes-extended/minio/minio_git.bb b/meta-oe/recipes-extended/minio/minio_git.bb index f278a728fd..511dd4d869 100644 --- a/meta-oe/recipes-extended/minio/minio_git.bb +++ b/meta-oe/recipes-extended/minio/minio_git.bb @@ -164,3 +164,9 @@ do_install() { install -d ${D}/${sbindir} install ${S}/src/${GO_IMPORT}/mc ${D}/${sbindir}/mc } + +CVE_STATUS_GROUPS += "CVE_STATUS_WRONG_CPE" +CVE_STATUS_WRONG_CPE[status] = "cpe-incorrect: The vulnerability is in minio server, not in minio client-tools" +CVE_STATUS_WRONG_CPE = "CVE-2018-1000538 CVE-2020-11012 CVE-2021-21287 CVE-2021-21362 \ + CVE-2021-21390 CVE-2021-43858 CVE-2022-35919 CVE-2023-28433 \ + CVE-2023-28434 CVE-2024-36107" From patchwork Mon Dec 22 20:27:30 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 77271 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5ED85E6ADEF for ; Mon, 22 Dec 2025 20:27:48 +0000 (UTC) Received: from mail-wr1-f44.google.com (mail-wr1-f44.google.com [209.85.221.44]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.88183.1766435261664688778 for ; Mon, 22 Dec 2025 12:27:41 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=l8GEB2ff; spf=pass (domain: gmail.com, ip: 209.85.221.44, mailfrom: skandigraun@gmail.com) Received: by mail-wr1-f44.google.com with SMTP id ffacd0b85a97d-42fb6ce71c7so3391757f8f.1 for ; Mon, 22 Dec 2025 12:27:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1766435260; x=1767040060; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=z2ZwwighVyq+lQwkr5gaRxEzbBLPWuCIMcv8+jrfEZQ=; b=l8GEB2ff2+Qbz9Fy14nnQxODrqmWHhrj+V8uiVrIRMPPFEqFILdK7s+B+NH1FU6Ibv Jd5mUZXTzuowLwlRhbCgdLMTGWpEgjdLtR+ATxR5BHyiKW+4PMrF4hIu3lv7nQE12A0s QeKrk53g8VCgvb6LKdxdqN5n+gszuqWWqiLOymga3ggbue175ex40IXOqMMIsgdqSR0+ iNfhZlkq+UKiBHqLKz/uq93gTQ90dUQ4WxabH60nJf9gkMILcgsaXMag06QWHW+Ff0ME tnVtD7mypk33YFXnxwxYobkQXHHeMgyiG0/NzzAsQwAF7A1+vqbqUwo0eIyWGQV2zrpB XNmw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1766435260; x=1767040060; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=z2ZwwighVyq+lQwkr5gaRxEzbBLPWuCIMcv8+jrfEZQ=; b=NrHj/QssO5vwigluhG/6CU0DI28x9XI9D9tb5j6XPgFb+l0I1lD72616locfMyn1cD ThLi+JAjFgyYU9jcAQLReWyJChNcxHWPHdqbyRxcp45s3bkjdA72Uwp8GGaQhKHAYevW 6NTLUHiyQr04HibqppzUoHUx5RrImk/ZmTbTi8Ha6h30ruMhqoVI8lXJV50+G+FtiaZK 6bWfAhS5Mot9Ook1LjR4F/H6jMnzVoZ6SGjZBCLqXyCioCi176yoZ0eiapk0vKuAzCrk x+u0+UQxCm0c30TDVbJUZ/ZqGQsl4vgMFALO2bN4QeRGe/+GFrCm+9ZuG+/kTmWmconi XMdQ== X-Gm-Message-State: AOJu0YyEaslGVoG+YpYA706oGn25o9evCwO4geWI5UpMBBjqU1RXPVzz /Rbqak8Svja8HKR7MwQnEzTJY9Nlmw8EWsBcUFZJ8ho9yJk+ABxrWVlBJS66XQ== X-Gm-Gg: AY/fxX4kvYP35VLlfVH+NQud+YMNe/VHmm64ZOYVD/HIlpjZOv4VyvBQYS9csyMkzn7 RkKZbIaj+X4oSOuGYr8OLGXgkzIN4+Gvz1dA82I/amRBwxHKCAHXRB2EY59M9Pbz/hPZKX857ME /W/XCqj48A4sJy4wrXPpgNBgAoX3WHQWo6nCgBiUSg3RmOgIKb7/or87oOGuMD+bLgKnvuEfYnH X8iiOdORArL5XRMOZlIrq4hAMLZFUf2UiU63gxfmj6GBg2CaF4gnC4iENHlcKCF5ZTkxtWAhH3z bifRYMC0VWvtnycyDkHlOmlPKeVew65bWZSJh3f9D3oWCPfkcjv4pSL1pIKJAyY4OJsXpypNTy1 4hggk8MqF/4qVqoUXmE5h1mHE4x8CujD5tWt6f+QGuZkb2+JmouskiQGxew19uVx/VY8Sak9KID Kf8jVl/lvvPj4+lB/PqjY= X-Google-Smtp-Source: AGHT+IEcu7hW0xkrG+VT51DoXFQTxhuXob5R3LktcbHryFEQY8qLs6iKGJsABJrI9+p1SvEir6vs6w== X-Received: by 2002:a05:6000:200f:b0:430:f879:a0ee with SMTP id ffacd0b85a97d-4324e4c1259mr15328202f8f.5.1766435259886; Mon, 22 Dec 2025 12:27:39 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-4324eab257asm24204522f8f.38.2025.12.22.12.27.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Dec 2025 12:27:38 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][scarthgap][PATCH 3/5] fio: ignore CVE-2025-10824 Date: Mon, 22 Dec 2025 21:27:30 +0100 Message-ID: <20251222202732.3363914-3-skandigraun@gmail.com> X-Mailer: git-send-email 2.52.0 In-Reply-To: <20251222202732.3363914-1-skandigraun@gmail.com> References: <20251222202732.3363914-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 22 Dec 2025 20:27:48 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/122809 Details: https://nvd.nist.gov/vuln/detail/CVE-2025-10824 The upstream maintainer wasn't able to reproduce the issue[1], and the related bug is closed without further action. [1]: https://github.com/axboe/fio/issues/1981 Signed-off-by: Gyorgy Sarvari Signed-off-by: Khem Raj (cherry picked from commit a275078cbeaa0fafcfa4eb60ca69f05a8fe3df99) Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-benchmark/fio/fio_3.36.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-oe/recipes-benchmark/fio/fio_3.36.bb b/meta-oe/recipes-benchmark/fio/fio_3.36.bb index 917a6e1456..d1cd2c85ed 100644 --- a/meta-oe/recipes-benchmark/fio/fio_3.36.bb +++ b/meta-oe/recipes-benchmark/fio/fio_3.36.bb @@ -45,3 +45,5 @@ do_install() { install -d ${D}/${docdir}/${PN} cp -R --no-dereference --preserve=mode,links -v ${S}/examples ${D}/${docdir}/${PN}/ } + +CVE_STATUS[CVE-2025-10824] = "disputed: Maintainer could not reproduce the issue, issue is closed without change." From patchwork Mon Dec 22 20:27:31 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 77270 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 48682E6ADE4 for ; Mon, 22 Dec 2025 20:27:48 +0000 (UTC) Received: from mail-wr1-f54.google.com (mail-wr1-f54.google.com [209.85.221.54]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.88051.1766435262245026382 for ; Mon, 22 Dec 2025 12:27:42 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=JabYKo7t; spf=pass (domain: gmail.com, ip: 209.85.221.54, mailfrom: skandigraun@gmail.com) Received: by mail-wr1-f54.google.com with SMTP id ffacd0b85a97d-430fbb6012bso3406176f8f.1 for ; Mon, 22 Dec 2025 12:27:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1766435261; x=1767040061; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=zhFd1O+TbFXDzPw4lMNjnINQxvzZOTzrLFLiq4pdS7A=; b=JabYKo7tmkLDNDNdYUrHT5EYjTCe7J2bryyxp9+NSu08eJ6VbPM7u3lhvsT5GLqZio KXQ5Eh/DDExOl7QO7vqqC9L1Ox9uW64+CIgb39gA90T+YXhfsgA5g8fndaA5L8KR6vGL osI4ySReet/Z3sBvEAwxqiz6py017zu8o7muOShxRDQoTZDdf2+CwbCte3HZ8WgBfp1o EReU79SjIIX6bKELexlRxLmS8YTT99HeSvSfwjiCBKGuPKKp9cnUcjaOCcZHtfLBxPqs wGSalg9l5HcVkQu05BFF+kUvYP9lZTYXTZmITUYshtJO6aX7zInsCpWMQBjXUVqrwq6Z R0TA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1766435261; x=1767040061; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=zhFd1O+TbFXDzPw4lMNjnINQxvzZOTzrLFLiq4pdS7A=; b=glkxpNCoSagmo3w0lqt6urMU4rHae//fVKSHoEkEpUMvb2xlvmVMQNR7jNq+YNf2HU FiYoqlOMZwXpEOYEOKHZvmOcvuciyyxnmFfGCHzPSMd4piaLARzeU8YkrgGPMuj+nPYc elnk8cTVjXPVAAdeOLx0Nrp2IcBMb9q/+3r9NAU4MIdZ6cQKy8ddNGYFoWFlmcAi6Qof c2oPveSZFxScZjstjj9Q8NL/e1vCPjoWX/X+Sup9OtQkkoCmAncZ//cOPAshSDdXvZXG br0+buhCxM+3gMLkFkVBX1+GInXy1Zr3+pfXhKb8Zh1w0rOEinXe2LYLFRBhZ5luugFO jy7g== X-Gm-Message-State: AOJu0YzADgqVHvLLJBB0sOO7rTmjLgcEh9Kev4TjyfItOr0uEXt77hkb liwwCUoMCvjvw8NWnxn5MDGPvhnqpWnezP4h9m/0IXDIiWUPSkJRlx6/QfHUYQ== X-Gm-Gg: AY/fxX4GjbkJpw0194KjtQ521SRgkCqwGoqhOUFYn/DIJdoKgNN3C+FmHKSFXMsVwMy LdzYiiaWjfJWwmFg14SIu0UzGnX2ij4z9Sbg8MGlQVzMkftKmqJRgPxy11bqNAvEt2ntu4pDwQt Jeu8gpTi9JLuIYgA5ZB8HGMfCCqnxpJvZ1Xe9OGxRI6TjPytvoR/NLsORbYfj22RDj5bqGv2pD9 Yxu22BbmSSTzBbgES3QIeBUjYMLNJyKetb3a6CFQg1lB4pRCQh31TaMwZ2mPY2ubUdNLwIVEPCW EEDCBdTgJ8WUz75ydJAUWM+ocxO+EVdHhB4ioM55JNDccb/CfLOv6eIELK3yk5hjq31JekP61P3 SZb7QzRsJzXhjjjlUIHvbuRYQOx5saMhMBXHY/Ug2gSdHC+2LgjP/zIFMoukepZ+wHU3q44kTup 1bq0pKXr1/ X-Google-Smtp-Source: AGHT+IGHA7A9/2g5Tfm5W+mKCYP126zPuN12pqNgztdz90qbHyS1cz5c3D599l0EkSuiEq2Pn+015Q== X-Received: by 2002:a05:6000:2902:b0:430:f3ab:56af with SMTP id ffacd0b85a97d-4324e5104d2mr13647069f8f.48.1766435260533; Mon, 22 Dec 2025 12:27:40 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-4324eab257asm24204522f8f.38.2025.12.22.12.27.40 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Dec 2025 12:27:40 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][scarthgap][PATCH 4/5] postgresql: upgrade 16.10 -> 16.11 Date: Mon, 22 Dec 2025 21:27:31 +0100 Message-ID: <20251222202732.3363914-4-skandigraun@gmail.com> X-Mailer: git-send-email 2.52.0 In-Reply-To: <20251222202732.3363914-1-skandigraun@gmail.com> References: <20251222202732.3363914-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 22 Dec 2025 20:27:48 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/122810 This is a bugfix release. Contains fixes for CVE-2025-12817 and CVE-2025-12818. Changelog: https://www.postgresql.org/docs/16/release-16-11.html Signed-off-by: Gyorgy Sarvari --- ...0003-configure.ac-bypass-autoconf-2.69-version-check.patch | 2 +- .../postgresql/{postgresql_16.10.bb => postgresql_16.11.bb} | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) rename meta-oe/recipes-dbs/postgresql/{postgresql_16.10.bb => postgresql_16.11.bb} (66%) diff --git a/meta-oe/recipes-dbs/postgresql/files/0003-configure.ac-bypass-autoconf-2.69-version-check.patch b/meta-oe/recipes-dbs/postgresql/files/0003-configure.ac-bypass-autoconf-2.69-version-check.patch index 7707d238e7..f5ee9a2e2b 100644 --- a/meta-oe/recipes-dbs/postgresql/files/0003-configure.ac-bypass-autoconf-2.69-version-check.patch +++ b/meta-oe/recipes-dbs/postgresql/files/0003-configure.ac-bypass-autoconf-2.69-version-check.patch @@ -18,7 +18,7 @@ index 4f25567..b6b1eff 100644 +++ b/configure.ac @@ -19,10 +19,6 @@ m4_pattern_forbid(^PGAC_)dnl to catch undefined macros - AC_INIT([PostgreSQL], [16.10], [pgsql-bugs@lists.postgresql.org], [], [https://www.postgresql.org/]) + AC_INIT([PostgreSQL], [16.11], [pgsql-bugs@lists.postgresql.org], [], [https://www.postgresql.org/]) -m4_if(m4_defn([m4_PACKAGE_VERSION]), [2.69], [], [m4_fatal([Autoconf version 2.69 is required. -Untested combinations of 'autoconf' and PostgreSQL versions are not diff --git a/meta-oe/recipes-dbs/postgresql/postgresql_16.10.bb b/meta-oe/recipes-dbs/postgresql/postgresql_16.11.bb similarity index 66% rename from meta-oe/recipes-dbs/postgresql/postgresql_16.10.bb rename to meta-oe/recipes-dbs/postgresql/postgresql_16.11.bb index b1b8411dc7..11c830c820 100644 --- a/meta-oe/recipes-dbs/postgresql/postgresql_16.10.bb +++ b/meta-oe/recipes-dbs/postgresql/postgresql_16.11.bb @@ -11,6 +11,6 @@ SRC_URI += "\ file://0005-postgresql-fix-ptest-failure-of-sysviews.patch \ " -SRC_URI[sha256sum] = "de8485f4ce9c32e3ddfeef0b7c261eed1cecb54c9bcd170e437ff454cb292b42" +SRC_URI[sha256sum] = "6deb08c23d03d77d8f8bd1c14049eeef64aef8968fd8891df2dfc0b42f178eac" -CVE_STATUS[CVE-2017-8806] = "not-applicable-config: Ddoesn't apply to out configuration of postgresql so we can safely ignore it." +CVE_STATUS[CVE-2017-8806] = "not-applicable-config: Doesn't apply to our configuration of postgresql so we can safely ignore it." From patchwork Mon Dec 22 20:27:32 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 77272 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 58142E6ADF0 for ; Mon, 22 Dec 2025 20:27:48 +0000 (UTC) Received: from mail-wr1-f50.google.com (mail-wr1-f50.google.com [209.85.221.50]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.88184.1766435262878887210 for ; Mon, 22 Dec 2025 12:27:43 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=I0K7fn4P; spf=pass (domain: gmail.com, ip: 209.85.221.50, mailfrom: skandigraun@gmail.com) Received: by mail-wr1-f50.google.com with SMTP id ffacd0b85a97d-430f9ffd4e8so2488461f8f.0 for ; Mon, 22 Dec 2025 12:27:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1766435261; x=1767040061; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=t+BQ4bjd0HQwJ6W90o+eHnBvONTabZQkk9bgdKFG92I=; b=I0K7fn4P5/c+UYlS8q2jASRrKL1FW8ytR+YSzdH5wAVJKKE1qwJ+WFyKR6vA3qgpoY m+W4Q6MwRdOXKmBD46QgIxm8y3hDmXK9uNw9CqvyIgOwRuQTtuDgu3mt+Kssa/VOXSQh r1TmAZqTE1LtGDAygCFsWGDYdyOkAx2S6V1PEv0HM1tpp/IoYXJ4gpylGx3TRXy+rp6D K1JvSfL90K9wRFYp6Id8jK0pK3BWGJ1GkJFmd5O9coUiSWas51oPdX10M+JSa2ZtWxas e/jxJqq3JrKoHWAgBopnMKe+ns3RyYTRm0gN75VM5vHe6sODbTEfA22nmWqA+YAqK4Cf ncaQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1766435261; x=1767040061; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=t+BQ4bjd0HQwJ6W90o+eHnBvONTabZQkk9bgdKFG92I=; b=UAFXQ67wDobY35MgQzNrlhOslGD2W0RxxP2dTn6g0iYighkoHqjS7Ii362N2PuDtEo REGHEPsbsJ5C0n8Vs8xd4FXm7LKS3zdb5L4B3s/yU/nwRbE1IK05vR8SBStAdaHhWW8F uKhcbxmm8VkE1mS7YnI2WZSwUy9CigDCCEXoEwZHr+BIflJUkIDG7dd+exVtX6JHxJrh /nGL7aQr30ILKc8Gf30VBDLZB3DkYXmcf0ZUQsfEBpeLIgsJ4xC4sDvayGQjpfRdGRUO Da9Bb1LnmyM+VgJfQl8xIlW1J5tzWZlydqkm6k9mDPWyYvEkZowKAvsbqQtxU9Hmy0KE gGMg== X-Gm-Message-State: AOJu0YzGwQXYjtktn3+WMVolf9Jq5yqBytFEwDeF9SsqrJFwenkT1cI4 W1rQnLLzEw8+YHKh02Q5V+3m0RKSBdUAJEvyiyAL+Z9Gnk4JbdmozTg1Qd0MgQ== X-Gm-Gg: AY/fxX4mBvvlZUYNNMnMRKvdmwrekiZ32vat0XcKYBcFcI2ViQGUViVxkzfA8/oB+WV 2BZR1FIbatmVI6iMbmWCYxVfa7SaDZxkb84qvpkSSa/SFbfa5dRFzvtda1XEXN8RpcJtLeBkCz5 iOMDQcQp88knEu9lgzuJutDMJeVyH9ofnvSqejH8FkUAfvHpijb/gneYHrqTffwkt4AxdT3hyyz 9tdSpUoAlhTz48jhdJfFYK6Rjf3gKYmHeVzfilG5UuK74P06rUd453vDv/07CaXTQbx5VNlhz/i FiGAbpADTHSKcj4KTY12KhIoIgnrXPoL5AnQ6srQIvDUynE/ld5M0lMvEhCjl2Yg2kIPvn9WwD7 dalsy57BuntOSdYv/k/bM1G9a5BG1IbciXPSQKfedVSFIrmzdaNlWx+B+35UNPUWkfxGwWOCgFX UUksUmzSk7 X-Google-Smtp-Source: AGHT+IHEKkK5EzS5M0KzsYWpceIoFPmwiRNvPDMXjIsiZfgGJq01DWL0qsF70y3l8aN+fxJU62IvdQ== X-Received: by 2002:a05:6000:1789:b0:431:2ff:128f with SMTP id ffacd0b85a97d-4324e3ebfbbmr15986262f8f.6.1766435261147; Mon, 22 Dec 2025 12:27:41 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-4324eab257asm24204522f8f.38.2025.12.22.12.27.40 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Dec 2025 12:27:40 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-networking][scarthgap][PATCH 5/5] sngrep: upgrade 1.8.1 -> 1.8.2 Date: Mon, 22 Dec 2025 21:27:32 +0100 Message-ID: <20251222202732.3363914-5-skandigraun@gmail.com> X-Mailer: git-send-email 2.52.0 In-Reply-To: <20251222202732.3363914-1-skandigraun@gmail.com> References: <20251222202732.3363914-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 22 Dec 2025 20:27:48 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/122811 This update contains fix for CVE-2024-35434, and a small build system change that adds a fallback in case ncurses library isn't available during build. Shortlog: https://github.com/irontec/sngrep/compare/v1.8.1...v1.8.2 Signed-off-by: Gyorgy Sarvari --- .../recipes-support/sngrep/{sngrep_1.8.1.bb => sngrep_1.8.2.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-networking/recipes-support/sngrep/{sngrep_1.8.1.bb => sngrep_1.8.2.bb} (95%) diff --git a/meta-networking/recipes-support/sngrep/sngrep_1.8.1.bb b/meta-networking/recipes-support/sngrep/sngrep_1.8.2.bb similarity index 95% rename from meta-networking/recipes-support/sngrep/sngrep_1.8.1.bb rename to meta-networking/recipes-support/sngrep/sngrep_1.8.2.bb index 50248078a2..518ca9e277 100644 --- a/meta-networking/recipes-support/sngrep/sngrep_1.8.1.bb +++ b/meta-networking/recipes-support/sngrep/sngrep_1.8.2.bb @@ -16,7 +16,7 @@ DEPENDS = "\ " SRC_URI = "git://github.com/irontec/sngrep.git;protocol=https;branch=master" -SRCREV = "373abb90804ba71f980c7120e62f90d3a5c81213" +SRCREV = "dad1033640f249fa4994f976cf6ee96826c15702" S = "${WORKDIR}/git"