* [scarthgap][PATCH 00/24] Scarthgap pull request
@ 2025-09-12 9:06 Anuj Mittal
2025-09-15 5:00 ` Khem Raj
0 siblings, 1 reply; 5+ messages in thread
From: Anuj Mittal @ 2025-09-12 9:06 UTC (permalink / raw)
To: raj.khem, openembedded-devel
Please merge these changes. Tested using qemux86-64 and qemuarm64.
The following changes since commit c29a18fa39ede952f3f6108ec007c1906e2d9a0d:
mbedtls: drop tag parameter from SRC_URI. (2025-08-18 08:35:05 -0700)
are available in the Git repository at:
https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap
https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap
Alexandre Truong (1):
hunspell-dictionaries: switch branch from master to main
Changqing Li (1):
luajit: fix several CVEs
Deepak Rathore (1):
protobuf 4.25.8: Mark CVE-2024-7254 as patched
Gyorgy Sarvari (1):
poppler: fix typos in CVE-2025-52886-0001.patch
Hitendra Prajapati (1):
libssh: fix CVE-2025-4877
Jan Vermaete (1):
python3-werkzeug: added python3-difflib as RDEPENDS
Jiaying Song (1):
v4l-utils: Fix QA and build errors related to _TIME_BITS on 32-bit
Martin Jansa (1):
abseil-cpp: fix build with gcc-15 on host
Martin Schwan (1):
linuxptp: Add systemd instance specifier for ptp4l dependency
Michael Opdenacker (1):
kernel-hardening-checker: backport recipe
Peter Marko (1):
nginx: patch CVE-2025-53859
Praveen Kumar (1):
php: upgrade 8.2.28 -> 8.2.29
Randolph Sapp (1):
vulkan-cts: allow vulkan versions > 1.3
Roland Kovacs (1):
jq: add Upstream-Status and CVE tags into .patch files
Yogita Urade (2):
poppler: fix CVE-2025-50420
postgresql: upgrade 16.9 -> 16.10
Zhang Peng (8):
gnuplot: fix CVE-2025-3359
gnuplot: fix CVE-2025-31176
gnuplot: fix CVE-2025-31177
gnuplot: fix CVE-2025-31178
gnuplot: fix CVE-2025-31179
gnuplot: fix CVE-2025-31180
gnuplot: fix CVE-2025-31181
iperf3: fix CVE-2025-54349
.../iperf3/iperf3/CVE-2025-54349.patch | 97 +++++++++++
.../recipes-benchmark/iperf3/iperf3_3.18.bb | 1 +
.../linuxptp/systemd/phc2sys@.service.in | 4 +-
...c-bypass-autoconf-2.69-version-check.patch | 4 +-
...postgresql_16.9.bb => postgresql_16.10.bb} | 4 +-
...r-internal-Explicitly-include-cstdin.patch | 34 ++++
.../abseil-cpp/abseil-cpp_20240116.3.bb | 1 +
.../jq/jq/CVE-2024-23337.patch | 3 +
.../jq/jq/CVE-2024-53427.patch | 3 +
.../jq/jq/CVE-2025-48060.patch | 3 +
.../luajit/luajit/CVE-2024-25176.patch | 32 ++++
.../luajit/luajit/CVE-2024-25177.patch | 47 +++++
.../luajit/luajit/CVE-2024-25178.patch | 162 ++++++++++++++++++
meta-oe/recipes-devtools/luajit/luajit_git.bb | 3 +
.../php/{php_8.2.28.bb => php_8.2.29.bb} | 2 +-
.../protobuf/protobuf_4.25.8.bb | 2 +
.../gnuplot/gnuplot/CVE-2025-31176.patch | 86 ++++++++++
.../gnuplot/gnuplot/CVE-2025-31177.patch | 40 +++++
.../gnuplot/gnuplot/CVE-2025-31178.patch | 95 ++++++++++
.../gnuplot/gnuplot/CVE-2025-31179.patch | 35 ++++
.../gnuplot/gnuplot/CVE-2025-31180.patch | 43 +++++
.../gnuplot/gnuplot/CVE-2025-31181.patch | 43 +++++
.../gnuplot/gnuplot/CVE-2025-3359.patch | 67 ++++++++
.../recipes-extended/gnuplot/gnuplot_5.4.3.bb | 7 +
...e-CTS-with-unknown-versions-of-Vulka.patch | 41 +++++
.../vk-gl-cts/vulkan-cts_1.3.7.3.bb | 1 +
...on.build-fix-arm-_TIME_BITS-64-error.patch | 38 ++++
.../v4l2apps/v4l-utils_1.26.1.bb | 5 +-
...ject.toml-fix-up-license-information.patch | 31 ++++
...-relax-setuptool-version-requirement.patch | 29 ++++
.../kernel-hardening-checker_0.6.10.2.bb | 41 +++++
.../hunspell/hunspell-dictionaries.bb | 2 +-
.../libssh/libssh/CVE-2025-4877.patch | 57 ++++++
.../recipes-support/libssh/libssh_0.10.6.bb | 1 +
.../poppler/poppler/CVE-2025-50420.patch | 38 ++++
.../poppler/poppler/CVE-2025-52886-0001.patch | 144 ++++++++--------
.../poppler/poppler_23.04.0.bb | 1 +
.../python/python3-werkzeug_3.0.6.bb | 1 +
.../nginx/files/CVE-2025-53859.patch | 131 ++++++++++++++
meta-webserver/recipes-httpd/nginx/nginx.inc | 1 +
40 files changed, 1293 insertions(+), 87 deletions(-)
create mode 100644 meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54349.patch
rename meta-oe/recipes-dbs/postgresql/{postgresql_16.9.bb => postgresql_16.10.bb} (75%)
create mode 100644 meta-oe/recipes-devtools/abseil-cpp/abseil-cpp/0001-PR-1739-container-internal-Explicitly-include-cstdin.patch
create mode 100644 meta-oe/recipes-devtools/luajit/luajit/CVE-2024-25176.patch
create mode 100644 meta-oe/recipes-devtools/luajit/luajit/CVE-2024-25177.patch
create mode 100644 meta-oe/recipes-devtools/luajit/luajit/CVE-2024-25178.patch
rename meta-oe/recipes-devtools/php/{php_8.2.28.bb => php_8.2.29.bb} (99%)
create mode 100644 meta-oe/recipes-extended/gnuplot/gnuplot/CVE-2025-31176.patch
create mode 100644 meta-oe/recipes-extended/gnuplot/gnuplot/CVE-2025-31177.patch
create mode 100644 meta-oe/recipes-extended/gnuplot/gnuplot/CVE-2025-31178.patch
create mode 100644 meta-oe/recipes-extended/gnuplot/gnuplot/CVE-2025-31179.patch
create mode 100644 meta-oe/recipes-extended/gnuplot/gnuplot/CVE-2025-31180.patch
create mode 100644 meta-oe/recipes-extended/gnuplot/gnuplot/CVE-2025-31181.patch
create mode 100644 meta-oe/recipes-extended/gnuplot/gnuplot/CVE-2025-3359.patch
create mode 100644 meta-oe/recipes-graphics/vk-gl-cts/vulkan-cts/0001-Allow-running-the-CTS-with-unknown-versions-of-Vulka.patch
create mode 100644 meta-oe/recipes-multimedia/v4l2apps/v4l-utils/0003-meson.build-fix-arm-_TIME_BITS-64-error.patch
create mode 100644 meta-oe/recipes-security/kernel-hardening-checker/files/0001-pyproject.toml-fix-up-license-information.patch
create mode 100644 meta-oe/recipes-security/kernel-hardening-checker/files/0002-pyproject.toml-relax-setuptool-version-requirement.patch
create mode 100644 meta-oe/recipes-security/kernel-hardening-checker/kernel-hardening-checker_0.6.10.2.bb
create mode 100644 meta-oe/recipes-support/libssh/libssh/CVE-2025-4877.patch
create mode 100644 meta-oe/recipes-support/poppler/poppler/CVE-2025-50420.patch
create mode 100755 meta-webserver/recipes-httpd/nginx/files/CVE-2025-53859.patch
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [scarthgap][PATCH 00/24] Scarthgap pull request
2025-09-12 9:06 Anuj Mittal
@ 2025-09-15 5:00 ` Khem Raj
0 siblings, 0 replies; 5+ messages in thread
From: Khem Raj @ 2025-09-15 5:00 UTC (permalink / raw)
To: Anuj Mittal; +Cc: openembedded-devel
Merged now, Thanks Anuj
On Fri, Sep 12, 2025 at 2:06 AM Anuj Mittal <anuj.mittal@intel.com> wrote:
>
> Please merge these changes. Tested using qemux86-64 and qemuarm64.
>
> The following changes since commit c29a18fa39ede952f3f6108ec007c1906e2d9a0d:
>
> mbedtls: drop tag parameter from SRC_URI. (2025-08-18 08:35:05 -0700)
>
> are available in the Git repository at:
>
> https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap
> https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap
>
> Alexandre Truong (1):
> hunspell-dictionaries: switch branch from master to main
>
> Changqing Li (1):
> luajit: fix several CVEs
>
> Deepak Rathore (1):
> protobuf 4.25.8: Mark CVE-2024-7254 as patched
>
> Gyorgy Sarvari (1):
> poppler: fix typos in CVE-2025-52886-0001.patch
>
> Hitendra Prajapati (1):
> libssh: fix CVE-2025-4877
>
> Jan Vermaete (1):
> python3-werkzeug: added python3-difflib as RDEPENDS
>
> Jiaying Song (1):
> v4l-utils: Fix QA and build errors related to _TIME_BITS on 32-bit
>
> Martin Jansa (1):
> abseil-cpp: fix build with gcc-15 on host
>
> Martin Schwan (1):
> linuxptp: Add systemd instance specifier for ptp4l dependency
>
> Michael Opdenacker (1):
> kernel-hardening-checker: backport recipe
>
> Peter Marko (1):
> nginx: patch CVE-2025-53859
>
> Praveen Kumar (1):
> php: upgrade 8.2.28 -> 8.2.29
>
> Randolph Sapp (1):
> vulkan-cts: allow vulkan versions > 1.3
>
> Roland Kovacs (1):
> jq: add Upstream-Status and CVE tags into .patch files
>
> Yogita Urade (2):
> poppler: fix CVE-2025-50420
> postgresql: upgrade 16.9 -> 16.10
>
> Zhang Peng (8):
> gnuplot: fix CVE-2025-3359
> gnuplot: fix CVE-2025-31176
> gnuplot: fix CVE-2025-31177
> gnuplot: fix CVE-2025-31178
> gnuplot: fix CVE-2025-31179
> gnuplot: fix CVE-2025-31180
> gnuplot: fix CVE-2025-31181
> iperf3: fix CVE-2025-54349
>
> .../iperf3/iperf3/CVE-2025-54349.patch | 97 +++++++++++
> .../recipes-benchmark/iperf3/iperf3_3.18.bb | 1 +
> .../linuxptp/systemd/phc2sys@.service.in | 4 +-
> ...c-bypass-autoconf-2.69-version-check.patch | 4 +-
> ...postgresql_16.9.bb => postgresql_16.10.bb} | 4 +-
> ...r-internal-Explicitly-include-cstdin.patch | 34 ++++
> .../abseil-cpp/abseil-cpp_20240116.3.bb | 1 +
> .../jq/jq/CVE-2024-23337.patch | 3 +
> .../jq/jq/CVE-2024-53427.patch | 3 +
> .../jq/jq/CVE-2025-48060.patch | 3 +
> .../luajit/luajit/CVE-2024-25176.patch | 32 ++++
> .../luajit/luajit/CVE-2024-25177.patch | 47 +++++
> .../luajit/luajit/CVE-2024-25178.patch | 162 ++++++++++++++++++
> meta-oe/recipes-devtools/luajit/luajit_git.bb | 3 +
> .../php/{php_8.2.28.bb => php_8.2.29.bb} | 2 +-
> .../protobuf/protobuf_4.25.8.bb | 2 +
> .../gnuplot/gnuplot/CVE-2025-31176.patch | 86 ++++++++++
> .../gnuplot/gnuplot/CVE-2025-31177.patch | 40 +++++
> .../gnuplot/gnuplot/CVE-2025-31178.patch | 95 ++++++++++
> .../gnuplot/gnuplot/CVE-2025-31179.patch | 35 ++++
> .../gnuplot/gnuplot/CVE-2025-31180.patch | 43 +++++
> .../gnuplot/gnuplot/CVE-2025-31181.patch | 43 +++++
> .../gnuplot/gnuplot/CVE-2025-3359.patch | 67 ++++++++
> .../recipes-extended/gnuplot/gnuplot_5.4.3.bb | 7 +
> ...e-CTS-with-unknown-versions-of-Vulka.patch | 41 +++++
> .../vk-gl-cts/vulkan-cts_1.3.7.3.bb | 1 +
> ...on.build-fix-arm-_TIME_BITS-64-error.patch | 38 ++++
> .../v4l2apps/v4l-utils_1.26.1.bb | 5 +-
> ...ject.toml-fix-up-license-information.patch | 31 ++++
> ...-relax-setuptool-version-requirement.patch | 29 ++++
> .../kernel-hardening-checker_0.6.10.2.bb | 41 +++++
> .../hunspell/hunspell-dictionaries.bb | 2 +-
> .../libssh/libssh/CVE-2025-4877.patch | 57 ++++++
> .../recipes-support/libssh/libssh_0.10.6.bb | 1 +
> .../poppler/poppler/CVE-2025-50420.patch | 38 ++++
> .../poppler/poppler/CVE-2025-52886-0001.patch | 144 ++++++++--------
> .../poppler/poppler_23.04.0.bb | 1 +
> .../python/python3-werkzeug_3.0.6.bb | 1 +
> .../nginx/files/CVE-2025-53859.patch | 131 ++++++++++++++
> meta-webserver/recipes-httpd/nginx/nginx.inc | 1 +
> 40 files changed, 1293 insertions(+), 87 deletions(-)
> create mode 100644 meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54349.patch
> rename meta-oe/recipes-dbs/postgresql/{postgresql_16.9.bb => postgresql_16.10.bb} (75%)
> create mode 100644 meta-oe/recipes-devtools/abseil-cpp/abseil-cpp/0001-PR-1739-container-internal-Explicitly-include-cstdin.patch
> create mode 100644 meta-oe/recipes-devtools/luajit/luajit/CVE-2024-25176.patch
> create mode 100644 meta-oe/recipes-devtools/luajit/luajit/CVE-2024-25177.patch
> create mode 100644 meta-oe/recipes-devtools/luajit/luajit/CVE-2024-25178.patch
> rename meta-oe/recipes-devtools/php/{php_8.2.28.bb => php_8.2.29.bb} (99%)
> create mode 100644 meta-oe/recipes-extended/gnuplot/gnuplot/CVE-2025-31176.patch
> create mode 100644 meta-oe/recipes-extended/gnuplot/gnuplot/CVE-2025-31177.patch
> create mode 100644 meta-oe/recipes-extended/gnuplot/gnuplot/CVE-2025-31178.patch
> create mode 100644 meta-oe/recipes-extended/gnuplot/gnuplot/CVE-2025-31179.patch
> create mode 100644 meta-oe/recipes-extended/gnuplot/gnuplot/CVE-2025-31180.patch
> create mode 100644 meta-oe/recipes-extended/gnuplot/gnuplot/CVE-2025-31181.patch
> create mode 100644 meta-oe/recipes-extended/gnuplot/gnuplot/CVE-2025-3359.patch
> create mode 100644 meta-oe/recipes-graphics/vk-gl-cts/vulkan-cts/0001-Allow-running-the-CTS-with-unknown-versions-of-Vulka.patch
> create mode 100644 meta-oe/recipes-multimedia/v4l2apps/v4l-utils/0003-meson.build-fix-arm-_TIME_BITS-64-error.patch
> create mode 100644 meta-oe/recipes-security/kernel-hardening-checker/files/0001-pyproject.toml-fix-up-license-information.patch
> create mode 100644 meta-oe/recipes-security/kernel-hardening-checker/files/0002-pyproject.toml-relax-setuptool-version-requirement.patch
> create mode 100644 meta-oe/recipes-security/kernel-hardening-checker/kernel-hardening-checker_0.6.10.2.bb
> create mode 100644 meta-oe/recipes-support/libssh/libssh/CVE-2025-4877.patch
> create mode 100644 meta-oe/recipes-support/poppler/poppler/CVE-2025-50420.patch
> create mode 100755 meta-webserver/recipes-httpd/nginx/files/CVE-2025-53859.patch
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* [scarthgap][PATCH 00/24] Scarthgap pull request
@ 2025-09-23 11:57 Anuj Mittal
0 siblings, 0 replies; 5+ messages in thread
From: Anuj Mittal @ 2025-09-23 11:57 UTC (permalink / raw)
To: openembedded-devel
Please consider merging these changes for scarthgap. Tested with
autobuilder and locally with qemux86-64 and qemuarm64:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/944
The following changes since commit b9fb6556a3c8a3e477dce334205b658cb79ad501:
protobuf 4.25.8: Mark CVE-2024-7254 as patched (2025-09-12 08:15:13 +0800)
are available in the Git repository at:
https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap
https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap
Anil Dongare (1):
libssh 0.10.6: Fix CVE-2025-8114
Archana Polampalli (1):
apache2: upgrade 2.4.64 - 2.4.65
AshishKumar Mishra (1):
meta-oe: image: optionally remove RAW image after sparse image
creation
Divya Chellam (2):
libssh: fix CVE-2025-4878
libssh: fix CVE-2025-5987
Gyorgy Sarvari (1):
mod-dnssd: update SRC_URI
Haixiao Yan (1):
python3-posix-ipc: fix runtime error
Hitendra Prajapati (1):
openjpeg: fix for CVE-2025-54874
Jef Driesen (1):
lcov: Add missing RDEPENDS for nativesdk
Jeroen Knoops (1):
nng: Rename default branch of github.com:nanomsg/nng.git
Khem Raj (2):
gtkwave: Add libtirpc to depends
ssmping: Use debian mirror for SRC_URI
Marc Ferland (1):
libvncserver: fix generated LibVNCServerTargets.cmake
Martin Jansa (1):
nodejs: fix build with gcc-15 on host
Peter Marko (2):
fontforge: patch CVE-2024-25081 and CVE-2024-25082
fcgi: patch CVE-2025-23016
Shubham Pushpkar (1):
cjson 1.7.18: Fix CVE-2025-57052
Wang Mingyu (2):
geoip: fix do_fetch error
rp-pppoe: update SRC_URI
Yi Zhao (1):
wxwidgets: upgrade 3.2.1 -> 3.2.6
Yoann Congal (1):
gutenprint: fix a build race-condition
Zhang Peng (2):
iperf3: fix CVE-2025-54350
wxwidgets: fix CVE-2024-58249
Zoltán Böszörményi (1):
gutenprint: 5.3.5
.../recipes-connectivity/nanomsg/nng_1.7.3.bb | 2 +-
.../rp-pppoe/rp-pppoe_3.15.bb | 2 +-
.../recipes-support/geoip/geoip_1.6.12.bb | 8 +-
.../recipes-support/ssmping/ssmping_0.9.1.bb | 3 +-
meta-oe/classes/image_types_sparse.bbclass | 6 +
.../iperf3/iperf3/CVE-2025-54350.patch | 39 +
.../recipes-benchmark/iperf3/iperf3_3.18.bb | 1 +
.../cjson/cjson/CVE-2025-57052.patch | 33 +
.../recipes-devtools/cjson/cjson_1.7.18.bb | 1 +
.../0001-src-fix-build-with-GCC-15.patch | 33 +
.../recipes-devtools/nodejs/nodejs_20.18.2.bb | 1 +
...using-glibc-specific-defines-on-musl.patch | 26 -
...able-cross-magic-it-does-not-work-fo.patch | 8 +-
...tch => 0002-fix-libdir-for-multilib.patch} | 35 +-
...003-create-links-with-relative-path.patch} | 22 +-
...-not-append-system-name-to-lib-name.patch} | 12 +-
...5-wx-config-fix-libdir-for-multilib.patch} | 29 +-
...-l.patch => 0006-Fix-locale-on-musl.patch} | 18 +-
...E_LARGEFILE_SUPPORT-to-1-explicitly.patch} | 9 +-
.../wxwidgets/wxwidgets/CVE-2024-58249.patch | 178 ++
...{wxwidgets_3.2.1.bb => wxwidgets_3.2.6.bb} | 18 +-
.../CVE-2024-25081_CVE-2024-25082.patch | 181 ++
.../fontforge/fontforge_20230101.bb | 1 +
.../gtkwave/gtkwave_3.3.119.bb | 1 +
.../libvncserver/libvncserver_0.9.14.bb | 4 +-
.../openjpeg/openjpeg/CVE-2025-54874.patch | 44 +
.../openjpeg/openjpeg_2.5.3.bb | 1 +
...-race-condition-around-empty-directo.patch | 60 +
...utenprint_5.3.4.bb => gutenprint_5.3.5.bb} | 6 +-
meta-oe/recipes-support/lcov/lcov_1.16.bb | 6 +
.../libssh/libssh/CVE-2025-4878-0001.patch | 2552 +++++++++++++++++
.../libssh/libssh/CVE-2025-4878-0002.patch | 34 +
.../libssh/libssh/CVE-2025-5987.patch | 37 +
.../libssh/libssh/CVE-2025-8114.patch | 49 +
.../recipes-support/libssh/libssh_0.10.6.bb | 4 +
...ndle-runtime-errors-and-return-None-.patch | 47 +
.../python/python3-posix-ipc_1.2.0.bb | 1 +
.../recipes-httpd/apache-mod/mod-dnssd_0.6.bb | 2 +-
.../{apache2_2.4.64.bb => apache2_2.4.65.bb} | 2 +-
.../fcgi/fcgi/CVE-2025-23016.patch | 40 +
.../recipes-support/fcgi/fcgi_git.bb | 1 +
41 files changed, 3467 insertions(+), 90 deletions(-)
create mode 100644 meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54350.patch
create mode 100644 meta-oe/recipes-devtools/cjson/cjson/CVE-2025-57052.patch
create mode 100644 meta-oe/recipes-devtools/nodejs/nodejs/0001-src-fix-build-with-GCC-15.patch
delete mode 100644 meta-oe/recipes-extended/wxwidgets/wxwidgets/0001-locale-Avoid-using-glibc-specific-defines-on-musl.patch
rename meta-oe/recipes-extended/wxwidgets/wxwidgets/{fix-libdir-for-multilib.patch => 0002-fix-libdir-for-multilib.patch} (82%)
rename meta-oe/recipes-extended/wxwidgets/wxwidgets/{create-links-with-relative-path.patch => 0003-create-links-with-relative-path.patch} (72%)
rename meta-oe/recipes-extended/wxwidgets/wxwidgets/{not-append-system-name-to-lib-name.patch => 0004-don-not-append-system-name-to-lib-name.patch} (73%)
rename meta-oe/recipes-extended/wxwidgets/wxwidgets/{wx-config-fix-libdir-for-multilib.patch => 0005-wx-config-fix-libdir-for-multilib.patch} (74%)
rename meta-oe/recipes-extended/wxwidgets/wxwidgets/{musl-locale-l.patch => 0006-Fix-locale-on-musl.patch} (70%)
rename meta-oe/recipes-extended/wxwidgets/wxwidgets/{0001-Set-HAVE_LARGEFILE_SUPPORT-to-1-explicitly.patch => 0007-Set-HAVE_LARGEFILE_SUPPORT-to-1-explicitly.patch} (83%)
create mode 100644 meta-oe/recipes-extended/wxwidgets/wxwidgets/CVE-2024-58249.patch
rename meta-oe/recipes-extended/wxwidgets/{wxwidgets_3.2.1.bb => wxwidgets_3.2.6.bb} (89%)
create mode 100644 meta-oe/recipes-graphics/fontforge/fontforge/CVE-2024-25081_CVE-2024-25082.patch
create mode 100644 meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2025-54874.patch
create mode 100644 meta-oe/recipes-printing/gutenprint/gutenprint/0001-cups-fix-a-build-race-condition-around-empty-directo.patch
rename meta-oe/recipes-printing/gutenprint/{gutenprint_5.3.4.bb => gutenprint_5.3.5.bb} (91%)
create mode 100644 meta-oe/recipes-support/libssh/libssh/CVE-2025-4878-0001.patch
create mode 100644 meta-oe/recipes-support/libssh/libssh/CVE-2025-4878-0002.patch
create mode 100644 meta-oe/recipes-support/libssh/libssh/CVE-2025-5987.patch
create mode 100644 meta-oe/recipes-support/libssh/libssh/CVE-2025-8114.patch
create mode 100644 meta-python/recipes-devtools/python/python3-posix-ipc/0004-build_support-handle-runtime-errors-and-return-None-.patch
rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.64.bb => apache2_2.4.65.bb} (99%)
create mode 100644 meta-webserver/recipes-support/fcgi/fcgi/CVE-2025-23016.patch
^ permalink raw reply [flat|nested] 5+ messages in thread
* [scarthgap][PATCH 00/24] Scarthgap pull request
@ 2025-10-30 1:13 Anuj Mittal
2025-10-30 4:20 ` Khem Raj
0 siblings, 1 reply; 5+ messages in thread
From: Anuj Mittal @ 2025-10-30 1:13 UTC (permalink / raw)
To: openembedded-devel, raj.khem
This is an older set of changes that I wasn't able to send but
had tested earlier:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1034
This mostly includes CVE fixes sent to list and some SRC_URI and host gcc
version relat changes.
The following changes since commit e621da947048842109db1b4fd3917a02e0501aa2:
procmail: Add -Wno-implicit-int to fix error of do_compile (2025-09-24 10:04:48 +0800)
are available in the Git repository at:
https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap
https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap
Adrian Freihofer (1):
thrift: fix build with gcc 15
Changqing Li (1):
mariadb: correct STACK_DIRECTION setting
Grygorii Tertychnyi (1):
libusbgx: fix gadget-stop install
Gyorgy Sarvari (6):
mosh: set working SRC_URI
psqlodbc: set valid SRC_URI
collectd: set working SRC_URI
apache2: ignore irrelevant CVEs
civetweb: patch CVE-2025-55763
dovecot: patch CVE-2022-30550
Jeroen Hofstee (2):
php: ignore CVE-2024-3566
nodejs: ignore CVE-2024-3566
Khem Raj (1):
uim: Stick to C17
Peter Marko (6):
ace: ignore CVE-2009-1147
audiofile: fix multiple CVEs
audiofile: patch CVE-2017-6829
audiofile: fix multiple CVEs
audiofile: patch CVE-2017-6831
audiofile: patch CVE-2017-6839
Praveen Kumar (1):
polkit: fix CVE-2025-7519
Saravanan (1):
udisks2: upgrade 2.10.1 -> 2.10.2
Sunil Dora (1):
layer.conf: add bpftrace to NON_MULTILIB_RECIPES
Yogita Urade (1):
indent: fix CVE-2023-40305
hongxu (1):
indent: fix CVE-2024-0911
mark.yang (1):
srecord: fix build failure with gcc-15
...w-in-directory-URI-slash-redirection.patch | 57 +
.../civetweb/civetweb_1.16.bb | 1 +
...g-passdbs-with-identical-driver-args.patch | 137 +
.../recipes-support/dovecot/dovecot_2.3.21.bb | 1 +
meta-oe/conf/layer.conf | 2 +-
.../recipes-connectivity/ace/ace_6.5.19.bb | 2 +
.../recipes-connectivity/mosh/mosh_1.4.0.bb | 5 +-
...missing-cstdint-include-for-int64_t-.patch | 51 +
.../thrift/thrift_0.20.0.bb | 3 +-
meta-oe/recipes-dbs/mysql/mariadb.inc | 1 -
.../psqlodbc/psqlodbc_16.00.0000.bb | 2 +-
.../recipes-devtools/nodejs/nodejs_20.18.2.bb | 1 +
meta-oe/recipes-devtools/php/php_8.2.29.bb | 1 +
.../collectd/collectd_5.12.0.bb | 4 +-
...ap-buffer-underread-in-set_buf_break.patch | 123 +
.../indent/indent/CVE-2023-40305_0001.patch | 4196 ++++++++++++++++
.../indent/indent/CVE-2023-40305_0002.patch | 4254 +++++++++++++++++
.../recipes-extended/indent/indent_2.2.12.bb | 3 +
.../polkit/files/CVE-2025-7519.patch | 34 +
meta-oe/recipes-extended/polkit/polkit_124.bb | 5 +-
.../audiofile/audiofile_0.3.6.bb | 5 +
...ays-check-the-number-of-coefficients.patch | 45 +
...ues-to-fix-index-overflow-in-IMA.cpp.patch | 43 +
...multiplication-overflow-in-sfconvert.patch | 79 +
...ail-when-error-occurs-in-parseFormat.patch | 46 +
...lication-overflow-in-MSADPCM-decodeS.patch | 126 +
.../recipes-support/libusbgx/libusbgx_git.bb | 2 +-
...e-with-gcc-15-by-adding-cstdint-head.patch | 36 +
.../recipes-support/srecord/srecord_1.65.0.bb | 4 +-
.../udisks/udisks2/CVE-2025-6019.patch | 51 -
.../{udisks2_2.10.1.bb => udisks2_2.10.2.bb} | 3 +-
meta-oe/recipes-support/uim/uim_1.8.8.bb | 2 +
.../recipes-httpd/apache2/apache2_2.4.65.bb | 12 +
33 files changed, 9273 insertions(+), 64 deletions(-)
create mode 100644 meta-networking/recipes-connectivity/civetweb/civetweb/0001-Fix-heap-overflow-in-directory-URI-slash-redirection.patch
create mode 100644 meta-networking/recipes-support/dovecot/dovecot/0001-auth-Fix-handling-passdbs-with-identical-driver-args.patch
create mode 100644 meta-oe/recipes-connectivity/thrift/thrift/0001-THRIFT-5842-Add-missing-cstdint-include-for-int64_t-.patch
create mode 100644 meta-oe/recipes-extended/indent/indent/0001-Fix-a-heap-buffer-underread-in-set_buf_break.patch
create mode 100644 meta-oe/recipes-extended/indent/indent/CVE-2023-40305_0001.patch
create mode 100644 meta-oe/recipes-extended/indent/indent/CVE-2023-40305_0002.patch
create mode 100644 meta-oe/recipes-extended/polkit/files/CVE-2025-7519.patch
create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch
create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0005-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch
create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0006-Check-for-multiplication-overflow-in-sfconvert.patch
create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0007-Actually-fail-when-error-occurs-in-parseFormat.patch
create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0008-Check-for-multiplication-overflow-in-MSADPCM-decodeS.patch
create mode 100644 meta-oe/recipes-support/srecord/files/0001-fix-build-failure-with-gcc-15-by-adding-cstdint-head.patch
delete mode 100644 meta-oe/recipes-support/udisks/udisks2/CVE-2025-6019.patch
rename meta-oe/recipes-support/udisks/{udisks2_2.10.1.bb => udisks2_2.10.2.bb} (95%)
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [scarthgap][PATCH 00/24] Scarthgap pull request
2025-10-30 1:13 [scarthgap][PATCH 00/24] Scarthgap pull request Anuj Mittal
@ 2025-10-30 4:20 ` Khem Raj
0 siblings, 0 replies; 5+ messages in thread
From: Khem Raj @ 2025-10-30 4:20 UTC (permalink / raw)
To: Anuj Mittal; +Cc: openembedded-devel
merged now, thanks Anuj
On Wed, Oct 29, 2025 at 6:13 PM Anuj Mittal <anuj.mittal@intel.com> wrote:
>
> This is an older set of changes that I wasn't able to send but
> had tested earlier:
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1034
>
> This mostly includes CVE fixes sent to list and some SRC_URI and host gcc
> version relat changes.
>
> The following changes since commit e621da947048842109db1b4fd3917a02e0501aa2:
>
> procmail: Add -Wno-implicit-int to fix error of do_compile (2025-09-24 10:04:48 +0800)
>
> are available in the Git repository at:
>
> https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap
> https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap
>
> Adrian Freihofer (1):
> thrift: fix build with gcc 15
>
> Changqing Li (1):
> mariadb: correct STACK_DIRECTION setting
>
> Grygorii Tertychnyi (1):
> libusbgx: fix gadget-stop install
>
> Gyorgy Sarvari (6):
> mosh: set working SRC_URI
> psqlodbc: set valid SRC_URI
> collectd: set working SRC_URI
> apache2: ignore irrelevant CVEs
> civetweb: patch CVE-2025-55763
> dovecot: patch CVE-2022-30550
>
> Jeroen Hofstee (2):
> php: ignore CVE-2024-3566
> nodejs: ignore CVE-2024-3566
>
> Khem Raj (1):
> uim: Stick to C17
>
> Peter Marko (6):
> ace: ignore CVE-2009-1147
> audiofile: fix multiple CVEs
> audiofile: patch CVE-2017-6829
> audiofile: fix multiple CVEs
> audiofile: patch CVE-2017-6831
> audiofile: patch CVE-2017-6839
>
> Praveen Kumar (1):
> polkit: fix CVE-2025-7519
>
> Saravanan (1):
> udisks2: upgrade 2.10.1 -> 2.10.2
>
> Sunil Dora (1):
> layer.conf: add bpftrace to NON_MULTILIB_RECIPES
>
> Yogita Urade (1):
> indent: fix CVE-2023-40305
>
> hongxu (1):
> indent: fix CVE-2024-0911
>
> mark.yang (1):
> srecord: fix build failure with gcc-15
>
> ...w-in-directory-URI-slash-redirection.patch | 57 +
> .../civetweb/civetweb_1.16.bb | 1 +
> ...g-passdbs-with-identical-driver-args.patch | 137 +
> .../recipes-support/dovecot/dovecot_2.3.21.bb | 1 +
> meta-oe/conf/layer.conf | 2 +-
> .../recipes-connectivity/ace/ace_6.5.19.bb | 2 +
> .../recipes-connectivity/mosh/mosh_1.4.0.bb | 5 +-
> ...missing-cstdint-include-for-int64_t-.patch | 51 +
> .../thrift/thrift_0.20.0.bb | 3 +-
> meta-oe/recipes-dbs/mysql/mariadb.inc | 1 -
> .../psqlodbc/psqlodbc_16.00.0000.bb | 2 +-
> .../recipes-devtools/nodejs/nodejs_20.18.2.bb | 1 +
> meta-oe/recipes-devtools/php/php_8.2.29.bb | 1 +
> .../collectd/collectd_5.12.0.bb | 4 +-
> ...ap-buffer-underread-in-set_buf_break.patch | 123 +
> .../indent/indent/CVE-2023-40305_0001.patch | 4196 ++++++++++++++++
> .../indent/indent/CVE-2023-40305_0002.patch | 4254 +++++++++++++++++
> .../recipes-extended/indent/indent_2.2.12.bb | 3 +
> .../polkit/files/CVE-2025-7519.patch | 34 +
> meta-oe/recipes-extended/polkit/polkit_124.bb | 5 +-
> .../audiofile/audiofile_0.3.6.bb | 5 +
> ...ays-check-the-number-of-coefficients.patch | 45 +
> ...ues-to-fix-index-overflow-in-IMA.cpp.patch | 43 +
> ...multiplication-overflow-in-sfconvert.patch | 79 +
> ...ail-when-error-occurs-in-parseFormat.patch | 46 +
> ...lication-overflow-in-MSADPCM-decodeS.patch | 126 +
> .../recipes-support/libusbgx/libusbgx_git.bb | 2 +-
> ...e-with-gcc-15-by-adding-cstdint-head.patch | 36 +
> .../recipes-support/srecord/srecord_1.65.0.bb | 4 +-
> .../udisks/udisks2/CVE-2025-6019.patch | 51 -
> .../{udisks2_2.10.1.bb => udisks2_2.10.2.bb} | 3 +-
> meta-oe/recipes-support/uim/uim_1.8.8.bb | 2 +
> .../recipes-httpd/apache2/apache2_2.4.65.bb | 12 +
> 33 files changed, 9273 insertions(+), 64 deletions(-)
> create mode 100644 meta-networking/recipes-connectivity/civetweb/civetweb/0001-Fix-heap-overflow-in-directory-URI-slash-redirection.patch
> create mode 100644 meta-networking/recipes-support/dovecot/dovecot/0001-auth-Fix-handling-passdbs-with-identical-driver-args.patch
> create mode 100644 meta-oe/recipes-connectivity/thrift/thrift/0001-THRIFT-5842-Add-missing-cstdint-include-for-int64_t-.patch
> create mode 100644 meta-oe/recipes-extended/indent/indent/0001-Fix-a-heap-buffer-underread-in-set_buf_break.patch
> create mode 100644 meta-oe/recipes-extended/indent/indent/CVE-2023-40305_0001.patch
> create mode 100644 meta-oe/recipes-extended/indent/indent/CVE-2023-40305_0002.patch
> create mode 100644 meta-oe/recipes-extended/polkit/files/CVE-2025-7519.patch
> create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch
> create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0005-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch
> create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0006-Check-for-multiplication-overflow-in-sfconvert.patch
> create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0007-Actually-fail-when-error-occurs-in-parseFormat.patch
> create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0008-Check-for-multiplication-overflow-in-MSADPCM-decodeS.patch
> create mode 100644 meta-oe/recipes-support/srecord/files/0001-fix-build-failure-with-gcc-15-by-adding-cstdint-head.patch
> delete mode 100644 meta-oe/recipes-support/udisks/udisks2/CVE-2025-6019.patch
> rename meta-oe/recipes-support/udisks/{udisks2_2.10.1.bb => udisks2_2.10.2.bb} (95%)
>
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2025-10-30 4:30 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-10-30 1:13 [scarthgap][PATCH 00/24] Scarthgap pull request Anuj Mittal
2025-10-30 4:20 ` Khem Raj
-- strict thread matches above, loose matches on Subject: below --
2025-09-23 11:57 Anuj Mittal
2025-09-12 9:06 Anuj Mittal
2025-09-15 5:00 ` Khem Raj
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.