* [PATCH 00/74] Scarthgap pull request
@ 2025-11-19 23:33 Anuj Mittal
2025-11-20 1:31 ` Khem Raj
0 siblings, 1 reply; 2+ messages in thread
From: Anuj Mittal @ 2025-11-19 23:33 UTC (permalink / raw)
To: raj.khem, openembedded-devel
Please merge these changes in scarthgap. Tested on AB and locally.
https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1098
The following changes since commit f1f248262d662315159ee96c604f97415d1dbe6a:
cockpit: remove deprecated packages (2025-11-12 11:38:29 +0530)
are available in the Git repository at:
https://github.com/anujm1/meta-openembedded anujm/scarthgap
https://github.com/anujm1/meta-openembedded/tree/anujm/scarthgap
Ankur Tyagi (10):
tbb: upgrade 2021.11.0 -> 2021.12.0
jasper: upgrade 4.1.1 -> 4.1.2
libspiro: upgrade 20221101 -> 20230902
redis-plus-plus: upgrade 1.3.11 -> 1.3.12
redis: upgrade 7.2.11 -> 7.2.12
redis: upgrade 6.2.20 -> 6.2.21
botan: patch CVE-2024-34703
botan: patch CVE-2024-50382 and CVE-2024-50383
freerdp3: patch CVE-2025-4478
hdf5: patch CVE-2025-2926
Anuj Mittal (1):
remmina: add DEPENDS on curl
Armin Kuster (1):
audit: fix build when systemd is enabled.
Bartosz Golaszewski (2):
libgpiod: update to v1.6.5
libgpiod: update v2.1.2 -> v2.1.3
Ethan Roderick (1):
openldap: make license match spdx identifier
Gyorgy Sarvari (17):
audiofile: patch CVE-2019-13147 and CVE-2022-24599
audiofile: patch CVE-2018-13440 and CVE-2018-17059
linuxptp: ignore CVE-2024-42861
rsyslog: set status for CVE-2015-3243
apache2: ignore CVE-2025-3891
webmin: patch CVE-2017-15644, CVE-2017-15645 and CVE-2017-15646
webmin: patch CVE-2017-17089
webmin: patch CVE-2019-15642
webmin: patch CVE-2022-0824
webmin: patch CVE-2022-0829
libwmf: add proper CVE tag to patch
libwmf: add missing CVE tag to patch
libwmf: patch CVE-2015-0848 and CVE-2015-4588
libwmf: patch CVE-2015-4695
libwmf: patch CVE-2015-4696
libwmf: patch CVE-2016-9011
iptraf-ng: patch CVE-2024-52949
J. S. (1):
libhtml-tree-perl: fix QA Issue: TMPDIR [buildpaths]
Jason Schonberg (3):
xrdp: upgrade 0.9.19 -> 0.9.20
usbids: upgrade 2023.01.16 -> 2025.04.01
usbids: upgrade 2025.04.01 -> 2025.09.15
Jiaying Song (1):
minifi-cpp: fix python shebang in minifi-python
Khem Raj (3):
libforms: Remove buildpaths from fd2ps and fdesign scripts
libwmf: Fix buildpaths QA Errors in libwmf-config
fvwm: Fix buildpaths QA Errors
Markus Volk (2):
xdg-desktop-portal: update 1.18.1 -> 1.18.4
flatpak;xdg-desktop-portal: add missing runtime dependency on
fuse3-utils
Michael Wyraz (3):
python3-passlib: add native support
python3-transitions: add native support
python3-passlib: add python3-misc as a depencency
Ninette Adhikari (1):
redis: Update status for CVE-2022-3734
Peter Marko (4):
audiofile: mark CVE-2020-18781 as patched
proftpd: set status of CVE-2001-0027
rtmpdump: mark CVE-2015-8270, CVE-2015-8271 and CVE-2015-8272 as fixed
squid: patch CVE-2025-62168
Shinji Matsunaga (1):
audit: Fix CVE_PRODUCT
Wang Mingyu (16):
evtest: upgrade 1.35 -> 1.36
xmlsec1: upgrade 1.3.4 -> 1.3.5
openldap: upgrade 2.6.7 -> 2.6.8
openldap: upgrade 2.6.9 -> 2.6.10
mcelog: upgrade 198 -> 199
mcelog: upgrade 199 -> 200
libiodbc: upgrade 3.52.15 -> 3.52.16
libbytesize: upgrade 2.10 -> 2.11
libbpf: upgrade 1.4.0 -> 1.4.2
libbpf: upgrade 1.4.2 -> 1.4.3
libbpf: upgrade 1.4.3 -> 1.4.5
libbpf: upgrade 1.4.5 -> 1.4.6
openjpeg: upgrade 2.5.3 -> 2.5.4
feh: upgrade 3.10.2 -> 3.10.3
cryptsetup: upgrade 2.7.2 -> 2.7.3
cryptsetup: upgrade 2.7.3 -> 2.7.4
Yi Zhao (4):
openldap: upgrade 2.6.8 -> 2.6.9
audit: upgrade 4.0.1 -> 4.0.2
libbpf: upgrade 1.4.6 -> 1.4.7
cryptsetup: upgrade 2.7.4 -> 2.7.5
Yoann Congal (2):
klibc: fix debug pkgs reproducibility
grilo: fix buildpaths QA error
alperak (1):
pcp: Fix contains reference to TMPDIR [buildpaths] warnings
.../recipes-gnome/grilo/grilo_0.3.16.bb | 11 +-
meta-initramfs/classes/klibc.bbclass | 2 +-
.../rtmpdump/rtmpdump_2.4.bb | 4 +
.../recipes-daemons/proftpd/proftpd_1.3.7f.bb | 2 +
.../squid/files/CVE-2025-62168.patch | 211 +++++++++++++++++
.../recipes-daemons/squid/squid_6.14.bb | 1 +
meta-oe/licenses/{OpenLDAP => OLDAP-2.8} | 0
.../linuxptp/linuxptp_4.1.bb | 2 +
.../botan/botan/CVE-2024-34703.patch | 38 +++
.../CVE-2024-50382-and-CVE-2024-50383.patch | 66 ++++++
meta-oe/recipes-crypto/botan/botan_3.2.0.bb | 5 +-
...ryptsetup_2.7.2.bb => cryptsetup_2.7.5.bb} | 2 +-
.../iptraf/iptraf-ng/CVE-2024-52949.patch | 218 ++++++++++++++++++
.../iptraf/iptraf-ng_1.2.1.bb | 1 +
.../flatpak/flatpak_1.15.8.bb | 1 +
.../libwmf/CVE-2015-0848-CVE-2015-4588.patch | 135 +++++++++++
.../libwmf/libwmf/CVE-2015-4695.patch | 70 ++++++
.../libwmf/libwmf/CVE-2015-4696.patch | 37 +++
.../libwmf/libwmf/CVE-2016-9011.patch | 50 ++++
.../libwmf/libwmf-0.2.8.4-intoverflow.patch | 2 +
.../libwmf/libwmf-0.2.8.4-useafterfree.patch | 2 +
.../recipes-extended/libwmf/libwmf_0.2.8.4.bb | 10 +-
.../minifi-cpp/minifi-cpp_0.15.0.bb | 4 +
...us_1.3.11.bb => redis-plus-plus_1.3.12.bb} | 2 +-
...-hiredis-use-default-CC-if-it-is-set.patch | 6 +-
...ile-to-use-environment-build-setting.patch | 2 +-
...003-hack-to-force-use-of-libc-malloc.patch | 10 +-
.../0004-src-Do-not-reset-FINAL_LIBS.patch | 10 +-
...RCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch | 2 +-
...006-Define-correct-gregs-for-RISCV32.patch | 2 +-
.../init-redis-server | 0
.../{redis-7.2.11 => redis-7.2.12}/redis.conf | 0
.../redis.service | 0
.../{redis_6.2.20.bb => redis_6.2.21.bb} | 2 +-
.../{redis_7.2.11.bb => redis_7.2.12.bb} | 5 +-
.../rsyslog/rsyslog/rsyslog.conf | 3 +-
.../rsyslog/rsyslog_8.2402.0.bb | 2 +
.../feh/{feh_3.10.2.bb => feh_3.10.3.bb} | 2 +-
...spiro_20221101.bb => libspiro_20240902.bb} | 2 +-
meta-oe/recipes-graphics/fvwm/fvwm_2.7.0.bb | 3 +
.../{jasper_4.1.1.bb => jasper_4.1.2.bb} | 2 +-
.../libforms/libforms_1.2.5pre1.bb | 5 +
.../openjpeg/openjpeg/CVE-2025-54874.patch | 44 ----
.../{openjpeg_2.5.3.bb => openjpeg_2.5.4.bb} | 3 +-
.../{libbpf_1.4.0.bb => libbpf_1.4.7.bb} | 4 +-
.../audiofile/audiofile_0.3.6.bb | 4 +
...ays-check-the-number-of-coefficients.patch | 1 +
.../audiofile/files/CVE-2018-13440.patch | 36 +++
.../audiofile/files/CVE-2018-17059.patch | 35 +++
.../audiofile/files/CVE-2019-13147.patch | 31 +++
.../audiofile/files/CVE-2022-24599.patch | 50 ++++
...ute_malloc__-with-__attribute__-__ma.patch | 49 ----
.../audit/{audit_4.0.1.bb => audit_4.0.2.bb} | 12 +-
.../freerdp/freerdp3/CVE-2025-4478.patch | 60 +++++
.../recipes-support/freerdp/freerdp3_3.4.0.bb | 1 +
.../hdf5/files/CVE-2025-2926.patch | 32 +++
meta-oe/recipes-support/hdf5/hdf5_1.14.4-3.bb | 1 +
...ibbytesize_2.10.bb => libbytesize_2.11.bb} | 2 +-
...ts-set-direction-when-reconfiguring-.patch | 38 ---
.../{libgpiod_1.6.4.bb => libgpiod_1.6.5.bb} | 2 +-
.../{libgpiod_2.1.2.bb => libgpiod_2.1.3.bb} | 4 +-
...ibiodbc_3.52.15.bb => libiodbc_3.52.16.bb} | 4 +-
.../mcelog/{mcelog_198.bb => mcelog_200.bb} | 11 +-
.../{openldap_2.6.7.bb => openldap_2.6.10.bb} | 10 +-
meta-oe/recipes-support/pcp/pcp_6.0.5.bb | 4 +
.../recipes-support/remmina/remmina_1.4.34.bb | 1 +
...suppress-new-GCC-12-13-warnings-1192.patch | 57 -----
....cmake-remove-cross-compiation-check.patch | 33 ---
.../{tbb_2021.11.0.bb => tbb_2021.12.0.bb} | 8 +-
...ids_2023.01.16.bb => usbids_2025.09.15.bb} | 3 +-
...1.18.1.bb => xdg-desktop-portal_1.18.4.bb} | 6 +-
.../0001-nss-nspr-fix-for-multilib.patch | 7 +-
.../xmlsec1/change-finding-path-of-nss.patch | 7 +-
.../{xmlsec1_1.3.4.bb => xmlsec1_1.3.5.bb} | 2 +-
...guished_name-in-etc-xrdp-openssl.con.patch | 7 +-
.../xrdp/0001-Fix-the-compile-error.patch | 12 +-
...1-arch-Define-NO_NEED_ALIGN-on-ppc64.patch | 9 +-
...001-mark-count-with-unused-attribute.patch | 9 +-
.../xrdp/{xrdp_0.9.19.bb => xrdp_0.9.20.bb} | 2 +-
...ld-on-32bit-arches-with-64bit-time_t.patch | 7 +-
.../evtest/{evtest_1.35.bb => evtest_1.36.bb} | 2 +-
.../libhtml/libhtml-tree-perl_5.03.bb | 7 +
.../python/python3-passlib_1.7.4.bb | 3 +
.../python/python3-transitions_0.9.0.bb | 2 +
.../recipes-httpd/apache2/apache2_2.4.65.bb | 1 +
...issions-check-when-saving-allowed-cr.patch | 25 ++
...e-potentially-malicious-HTTP-headers.patch | 53 +++++
...0001-Foreign-module-may-need-a-check.patch | 27 +++
...0001-HTML-escape-command-description.patch | 29 +++
...es-cannot-contact-special-characters.patch | 26 +++
.../recipes-webadmin/webmin/webmin_1.850.bb | 7 +-
91 files changed, 1403 insertions(+), 321 deletions(-)
create mode 100644 meta-networking/recipes-daemons/squid/files/CVE-2025-62168.patch
rename meta-oe/licenses/{OpenLDAP => OLDAP-2.8} (100%)
create mode 100644 meta-oe/recipes-crypto/botan/botan/CVE-2024-34703.patch
create mode 100644 meta-oe/recipes-crypto/botan/botan/CVE-2024-50382-and-CVE-2024-50383.patch
rename meta-oe/recipes-crypto/cryptsetup/{cryptsetup_2.7.2.bb => cryptsetup_2.7.5.bb} (98%)
create mode 100644 meta-oe/recipes-devtools/iptraf/iptraf-ng/CVE-2024-52949.patch
create mode 100644 meta-oe/recipes-extended/libwmf/libwmf/CVE-2015-0848-CVE-2015-4588.patch
create mode 100644 meta-oe/recipes-extended/libwmf/libwmf/CVE-2015-4695.patch
create mode 100644 meta-oe/recipes-extended/libwmf/libwmf/CVE-2015-4696.patch
create mode 100644 meta-oe/recipes-extended/libwmf/libwmf/CVE-2016-9011.patch
rename meta-oe/recipes-extended/redis-plus-plus/{redis-plus-plus_1.3.11.bb => redis-plus-plus_1.3.12.bb} (95%)
rename meta-oe/recipes-extended/redis/{redis-7.2.11 => redis-7.2.12}/0001-hiredis-use-default-CC-if-it-is-set.patch (89%)
rename meta-oe/recipes-extended/redis/{redis-7.2.11 => redis-7.2.12}/0002-lua-update-Makefile-to-use-environment-build-setting.patch (97%)
rename meta-oe/recipes-extended/redis/{redis-7.2.11 => redis-7.2.12}/0003-hack-to-force-use-of-libc-malloc.patch (81%)
rename meta-oe/recipes-extended/redis/{redis-7.2.11 => redis-7.2.12}/0004-src-Do-not-reset-FINAL_LIBS.patch (74%)
rename meta-oe/recipes-extended/redis/{redis-7.2.11 => redis-7.2.12}/0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch (92%)
rename meta-oe/recipes-extended/redis/{redis-7.2.11 => redis-7.2.12}/0006-Define-correct-gregs-for-RISCV32.patch (97%)
rename meta-oe/recipes-extended/redis/{redis-7.2.11 => redis-7.2.12}/init-redis-server (100%)
rename meta-oe/recipes-extended/redis/{redis-7.2.11 => redis-7.2.12}/redis.conf (100%)
rename meta-oe/recipes-extended/redis/{redis-7.2.11 => redis-7.2.12}/redis.service (100%)
rename meta-oe/recipes-extended/redis/{redis_6.2.20.bb => redis_6.2.21.bb} (96%)
rename meta-oe/recipes-extended/redis/{redis_7.2.11.bb => redis_7.2.12.bb} (93%)
rename meta-oe/recipes-graphics/feh/{feh_3.10.2.bb => feh_3.10.3.bb} (88%)
rename meta-oe/recipes-graphics/fontforge/{libspiro_20221101.bb => libspiro_20240902.bb} (85%)
rename meta-oe/recipes-graphics/jasper/{jasper_4.1.1.bb => jasper_4.1.2.bb} (95%)
delete mode 100644 meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2025-54874.patch
rename meta-oe/recipes-graphics/openjpeg/{openjpeg_2.5.3.bb => openjpeg_2.5.4.bb} (86%)
rename meta-oe/recipes-kernel/libbpf/{libbpf_1.4.0.bb => libbpf_1.4.7.bb} (92%)
create mode 100644 meta-oe/recipes-multimedia/audiofile/files/CVE-2018-13440.patch
create mode 100644 meta-oe/recipes-multimedia/audiofile/files/CVE-2018-17059.patch
create mode 100644 meta-oe/recipes-multimedia/audiofile/files/CVE-2019-13147.patch
create mode 100644 meta-oe/recipes-multimedia/audiofile/files/CVE-2022-24599.patch
delete mode 100644 meta-oe/recipes-security/audit/audit/0001-Replace-__attribute_malloc__-with-__attribute__-__ma.patch
rename meta-oe/recipes-security/audit/{audit_4.0.1.bb => audit_4.0.2.bb} (90%)
create mode 100644 meta-oe/recipes-support/freerdp/freerdp3/CVE-2025-4478.patch
create mode 100644 meta-oe/recipes-support/hdf5/files/CVE-2025-2926.patch
rename meta-oe/recipes-support/libbytesize/{libbytesize_2.10.bb => libbytesize_2.11.bb} (93%)
delete mode 100644 meta-oe/recipes-support/libgpiod/libgpiod-2.x/0001-bindings-cxx-tests-set-direction-when-reconfiguring-.patch
rename meta-oe/recipes-support/libgpiod/{libgpiod_1.6.4.bb => libgpiod_1.6.5.bb} (94%)
rename meta-oe/recipes-support/libgpiod/{libgpiod_2.1.2.bb => libgpiod_2.1.3.bb} (87%)
rename meta-oe/recipes-support/libiodbc/{libiodbc_3.52.15.bb => libiodbc_3.52.16.bb} (82%)
rename meta-oe/recipes-support/mcelog/{mcelog_198.bb => mcelog_200.bb} (79%)
rename meta-oe/recipes-support/openldap/{openldap_2.6.7.bb => openldap_2.6.10.bb} (96%)
delete mode 100644 meta-oe/recipes-support/tbb/tbb/0001-Fix-suppress-new-GCC-12-13-warnings-1192.patch
delete mode 100644 meta-oe/recipes-support/tbb/tbb/0001-hwloc_detection.cmake-remove-cross-compiation-check.patch
rename meta-oe/recipes-support/tbb/{tbb_2021.11.0.bb => tbb_2021.12.0.bb} (92%)
rename meta-oe/recipes-support/usbids/{usbids_2023.01.16.bb => usbids_2025.09.15.bb} (84%)
rename meta-oe/recipes-support/xdg-desktop-portal/{xdg-desktop-portal_1.18.1.bb => xdg-desktop-portal_1.18.4.bb} (88%)
rename meta-oe/recipes-support/xmlsec1/{xmlsec1_1.3.4.bb => xmlsec1_1.3.5.bb} (96%)
rename meta-oe/recipes-support/xrdp/{xrdp_0.9.19.bb => xrdp_0.9.20.bb} (97%)
rename meta-oe/recipes-test/evtest/{evtest_1.35.bb => evtest_1.36.bb} (90%)
create mode 100644 meta-webserver/recipes-webadmin/webmin/files/0001-Add-missing-permissions-check-when-saving-allowed-cr.patch
create mode 100644 meta-webserver/recipes-webadmin/webmin/files/0001-Escape-potentially-malicious-HTTP-headers.patch
create mode 100644 meta-webserver/recipes-webadmin/webmin/files/0001-Foreign-module-may-need-a-check.patch
create mode 100644 meta-webserver/recipes-webadmin/webmin/files/0001-HTML-escape-command-description.patch
create mode 100644 meta-webserver/recipes-webadmin/webmin/files/0001-Object-names-cannot-contact-special-characters.patch
--
2.51.2
^ permalink raw reply [flat|nested] 2+ messages in thread* Re: [PATCH 00/74] Scarthgap pull request
2025-11-19 23:33 [PATCH 00/74] Scarthgap pull request Anuj Mittal
@ 2025-11-20 1:31 ` Khem Raj
0 siblings, 0 replies; 2+ messages in thread
From: Khem Raj @ 2025-11-20 1:31 UTC (permalink / raw)
To: Anuj Mittal; +Cc: openembedded-devel
[-- Attachment #1: Type: text/plain, Size: 15336 bytes --]
merged now thanks Anuj
On Wed, Nov 19, 2025 at 3:34 PM Anuj Mittal <anuj.mittal@oss.qualcomm.com>
wrote:
> Please merge these changes in scarthgap. Tested on AB and locally.
>
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1098
>
> The following changes since commit
> f1f248262d662315159ee96c604f97415d1dbe6a:
>
> cockpit: remove deprecated packages (2025-11-12 11:38:29 +0530)
>
> are available in the Git repository at:
>
> https://github.com/anujm1/meta-openembedded anujm/scarthgap
> https://github.com/anujm1/meta-openembedded/tree/anujm/scarthgap
>
> Ankur Tyagi (10):
> tbb: upgrade 2021.11.0 -> 2021.12.0
> jasper: upgrade 4.1.1 -> 4.1.2
> libspiro: upgrade 20221101 -> 20230902
> redis-plus-plus: upgrade 1.3.11 -> 1.3.12
> redis: upgrade 7.2.11 -> 7.2.12
> redis: upgrade 6.2.20 -> 6.2.21
> botan: patch CVE-2024-34703
> botan: patch CVE-2024-50382 and CVE-2024-50383
> freerdp3: patch CVE-2025-4478
> hdf5: patch CVE-2025-2926
>
> Anuj Mittal (1):
> remmina: add DEPENDS on curl
>
> Armin Kuster (1):
> audit: fix build when systemd is enabled.
>
> Bartosz Golaszewski (2):
> libgpiod: update to v1.6.5
> libgpiod: update v2.1.2 -> v2.1.3
>
> Ethan Roderick (1):
> openldap: make license match spdx identifier
>
> Gyorgy Sarvari (17):
> audiofile: patch CVE-2019-13147 and CVE-2022-24599
> audiofile: patch CVE-2018-13440 and CVE-2018-17059
> linuxptp: ignore CVE-2024-42861
> rsyslog: set status for CVE-2015-3243
> apache2: ignore CVE-2025-3891
> webmin: patch CVE-2017-15644, CVE-2017-15645 and CVE-2017-15646
> webmin: patch CVE-2017-17089
> webmin: patch CVE-2019-15642
> webmin: patch CVE-2022-0824
> webmin: patch CVE-2022-0829
> libwmf: add proper CVE tag to patch
> libwmf: add missing CVE tag to patch
> libwmf: patch CVE-2015-0848 and CVE-2015-4588
> libwmf: patch CVE-2015-4695
> libwmf: patch CVE-2015-4696
> libwmf: patch CVE-2016-9011
> iptraf-ng: patch CVE-2024-52949
>
> J. S. (1):
> libhtml-tree-perl: fix QA Issue: TMPDIR [buildpaths]
>
> Jason Schonberg (3):
> xrdp: upgrade 0.9.19 -> 0.9.20
> usbids: upgrade 2023.01.16 -> 2025.04.01
> usbids: upgrade 2025.04.01 -> 2025.09.15
>
> Jiaying Song (1):
> minifi-cpp: fix python shebang in minifi-python
>
> Khem Raj (3):
> libforms: Remove buildpaths from fd2ps and fdesign scripts
> libwmf: Fix buildpaths QA Errors in libwmf-config
> fvwm: Fix buildpaths QA Errors
>
> Markus Volk (2):
> xdg-desktop-portal: update 1.18.1 -> 1.18.4
> flatpak;xdg-desktop-portal: add missing runtime dependency on
> fuse3-utils
>
> Michael Wyraz (3):
> python3-passlib: add native support
> python3-transitions: add native support
> python3-passlib: add python3-misc as a depencency
>
> Ninette Adhikari (1):
> redis: Update status for CVE-2022-3734
>
> Peter Marko (4):
> audiofile: mark CVE-2020-18781 as patched
> proftpd: set status of CVE-2001-0027
> rtmpdump: mark CVE-2015-8270, CVE-2015-8271 and CVE-2015-8272 as fixed
> squid: patch CVE-2025-62168
>
> Shinji Matsunaga (1):
> audit: Fix CVE_PRODUCT
>
> Wang Mingyu (16):
> evtest: upgrade 1.35 -> 1.36
> xmlsec1: upgrade 1.3.4 -> 1.3.5
> openldap: upgrade 2.6.7 -> 2.6.8
> openldap: upgrade 2.6.9 -> 2.6.10
> mcelog: upgrade 198 -> 199
> mcelog: upgrade 199 -> 200
> libiodbc: upgrade 3.52.15 -> 3.52.16
> libbytesize: upgrade 2.10 -> 2.11
> libbpf: upgrade 1.4.0 -> 1.4.2
> libbpf: upgrade 1.4.2 -> 1.4.3
> libbpf: upgrade 1.4.3 -> 1.4.5
> libbpf: upgrade 1.4.5 -> 1.4.6
> openjpeg: upgrade 2.5.3 -> 2.5.4
> feh: upgrade 3.10.2 -> 3.10.3
> cryptsetup: upgrade 2.7.2 -> 2.7.3
> cryptsetup: upgrade 2.7.3 -> 2.7.4
>
> Yi Zhao (4):
> openldap: upgrade 2.6.8 -> 2.6.9
> audit: upgrade 4.0.1 -> 4.0.2
> libbpf: upgrade 1.4.6 -> 1.4.7
> cryptsetup: upgrade 2.7.4 -> 2.7.5
>
> Yoann Congal (2):
> klibc: fix debug pkgs reproducibility
> grilo: fix buildpaths QA error
>
> alperak (1):
> pcp: Fix contains reference to TMPDIR [buildpaths] warnings
>
> .../recipes-gnome/grilo/grilo_0.3.16.bb | 11 +-
> meta-initramfs/classes/klibc.bbclass | 2 +-
> .../rtmpdump/rtmpdump_2.4.bb | 4 +
> .../recipes-daemons/proftpd/proftpd_1.3.7f.bb | 2 +
> .../squid/files/CVE-2025-62168.patch | 211 +++++++++++++++++
> .../recipes-daemons/squid/squid_6.14.bb | 1 +
> meta-oe/licenses/{OpenLDAP => OLDAP-2.8} | 0
> .../linuxptp/linuxptp_4.1.bb | 2 +
> .../botan/botan/CVE-2024-34703.patch | 38 +++
> .../CVE-2024-50382-and-CVE-2024-50383.patch | 66 ++++++
> meta-oe/recipes-crypto/botan/botan_3.2.0.bb | 5 +-
> ...ryptsetup_2.7.2.bb => cryptsetup_2.7.5.bb} | 2 +-
> .../iptraf/iptraf-ng/CVE-2024-52949.patch | 218 ++++++++++++++++++
> .../iptraf/iptraf-ng_1.2.1.bb | 1 +
> .../flatpak/flatpak_1.15.8.bb | 1 +
> .../libwmf/CVE-2015-0848-CVE-2015-4588.patch | 135 +++++++++++
> .../libwmf/libwmf/CVE-2015-4695.patch | 70 ++++++
> .../libwmf/libwmf/CVE-2015-4696.patch | 37 +++
> .../libwmf/libwmf/CVE-2016-9011.patch | 50 ++++
> .../libwmf/libwmf-0.2.8.4-intoverflow.patch | 2 +
> .../libwmf/libwmf-0.2.8.4-useafterfree.patch | 2 +
> .../recipes-extended/libwmf/libwmf_0.2.8.4.bb | 10 +-
> .../minifi-cpp/minifi-cpp_0.15.0.bb | 4 +
> ...us_1.3.11.bb => redis-plus-plus_1.3.12.bb} | 2 +-
> ...-hiredis-use-default-CC-if-it-is-set.patch | 6 +-
> ...ile-to-use-environment-build-setting.patch | 2 +-
> ...003-hack-to-force-use-of-libc-malloc.patch | 10 +-
> .../0004-src-Do-not-reset-FINAL_LIBS.patch | 10 +-
> ...RCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch | 2 +-
> ...006-Define-correct-gregs-for-RISCV32.patch | 2 +-
> .../init-redis-server | 0
> .../{redis-7.2.11 => redis-7.2.12}/redis.conf | 0
> .../redis.service | 0
> .../{redis_6.2.20.bb => redis_6.2.21.bb} | 2 +-
> .../{redis_7.2.11.bb => redis_7.2.12.bb} | 5 +-
> .../rsyslog/rsyslog/rsyslog.conf | 3 +-
> .../rsyslog/rsyslog_8.2402.0.bb | 2 +
> .../feh/{feh_3.10.2.bb => feh_3.10.3.bb} | 2 +-
> ...spiro_20221101.bb => libspiro_20240902.bb} | 2 +-
> meta-oe/recipes-graphics/fvwm/fvwm_2.7.0.bb | 3 +
> .../{jasper_4.1.1.bb => jasper_4.1.2.bb} | 2 +-
> .../libforms/libforms_1.2.5pre1.bb | 5 +
> .../openjpeg/openjpeg/CVE-2025-54874.patch | 44 ----
> .../{openjpeg_2.5.3.bb => openjpeg_2.5.4.bb} | 3 +-
> .../{libbpf_1.4.0.bb => libbpf_1.4.7.bb} | 4 +-
> .../audiofile/audiofile_0.3.6.bb | 4 +
> ...ays-check-the-number-of-coefficients.patch | 1 +
> .../audiofile/files/CVE-2018-13440.patch | 36 +++
> .../audiofile/files/CVE-2018-17059.patch | 35 +++
> .../audiofile/files/CVE-2019-13147.patch | 31 +++
> .../audiofile/files/CVE-2022-24599.patch | 50 ++++
> ...ute_malloc__-with-__attribute__-__ma.patch | 49 ----
> .../audit/{audit_4.0.1.bb => audit_4.0.2.bb} | 12 +-
> .../freerdp/freerdp3/CVE-2025-4478.patch | 60 +++++
> .../recipes-support/freerdp/freerdp3_3.4.0.bb | 1 +
> .../hdf5/files/CVE-2025-2926.patch | 32 +++
> meta-oe/recipes-support/hdf5/hdf5_1.14.4-3.bb | 1 +
> ...ibbytesize_2.10.bb => libbytesize_2.11.bb} | 2 +-
> ...ts-set-direction-when-reconfiguring-.patch | 38 ---
> .../{libgpiod_1.6.4.bb => libgpiod_1.6.5.bb} | 2 +-
> .../{libgpiod_2.1.2.bb => libgpiod_2.1.3.bb} | 4 +-
> ...ibiodbc_3.52.15.bb => libiodbc_3.52.16.bb} | 4 +-
> .../mcelog/{mcelog_198.bb => mcelog_200.bb} | 11 +-
> .../{openldap_2.6.7.bb => openldap_2.6.10.bb} | 10 +-
> meta-oe/recipes-support/pcp/pcp_6.0.5.bb | 4 +
> .../recipes-support/remmina/remmina_1.4.34.bb | 1 +
> ...suppress-new-GCC-12-13-warnings-1192.patch | 57 -----
> ....cmake-remove-cross-compiation-check.patch | 33 ---
> .../{tbb_2021.11.0.bb => tbb_2021.12.0.bb} | 8 +-
> ...ids_2023.01.16.bb => usbids_2025.09.15.bb} | 3 +-
> ...1.18.1.bb => xdg-desktop-portal_1.18.4.bb} | 6 +-
> .../0001-nss-nspr-fix-for-multilib.patch | 7 +-
> .../xmlsec1/change-finding-path-of-nss.patch | 7 +-
> .../{xmlsec1_1.3.4.bb => xmlsec1_1.3.5.bb} | 2 +-
> ...guished_name-in-etc-xrdp-openssl.con.patch | 7 +-
> .../xrdp/0001-Fix-the-compile-error.patch | 12 +-
> ...1-arch-Define-NO_NEED_ALIGN-on-ppc64.patch | 9 +-
> ...001-mark-count-with-unused-attribute.patch | 9 +-
> .../xrdp/{xrdp_0.9.19.bb => xrdp_0.9.20.bb} | 2 +-
> ...ld-on-32bit-arches-with-64bit-time_t.patch | 7 +-
> .../evtest/{evtest_1.35.bb => evtest_1.36.bb} | 2 +-
> .../libhtml/libhtml-tree-perl_5.03.bb | 7 +
> .../python/python3-passlib_1.7.4.bb | 3 +
> .../python/python3-transitions_0.9.0.bb | 2 +
> .../recipes-httpd/apache2/apache2_2.4.65.bb | 1 +
> ...issions-check-when-saving-allowed-cr.patch | 25 ++
> ...e-potentially-malicious-HTTP-headers.patch | 53 +++++
> ...0001-Foreign-module-may-need-a-check.patch | 27 +++
> ...0001-HTML-escape-command-description.patch | 29 +++
> ...es-cannot-contact-special-characters.patch | 26 +++
> .../recipes-webadmin/webmin/webmin_1.850.bb | 7 +-
> 91 files changed, 1403 insertions(+), 321 deletions(-)
> create mode 100644
> meta-networking/recipes-daemons/squid/files/CVE-2025-62168.patch
> rename meta-oe/licenses/{OpenLDAP => OLDAP-2.8} (100%)
> create mode 100644 meta-oe/recipes-crypto/botan/botan/CVE-2024-34703.patch
> create mode 100644
> meta-oe/recipes-crypto/botan/botan/CVE-2024-50382-and-CVE-2024-50383.patch
> rename meta-oe/recipes-crypto/cryptsetup/{cryptsetup_2.7.2.bb =>
> cryptsetup_2.7.5.bb} (98%)
> create mode 100644
> meta-oe/recipes-devtools/iptraf/iptraf-ng/CVE-2024-52949.patch
> create mode 100644
> meta-oe/recipes-extended/libwmf/libwmf/CVE-2015-0848-CVE-2015-4588.patch
> create mode 100644
> meta-oe/recipes-extended/libwmf/libwmf/CVE-2015-4695.patch
> create mode 100644
> meta-oe/recipes-extended/libwmf/libwmf/CVE-2015-4696.patch
> create mode 100644
> meta-oe/recipes-extended/libwmf/libwmf/CVE-2016-9011.patch
> rename meta-oe/recipes-extended/redis-plus-plus/{
> redis-plus-plus_1.3.11.bb => redis-plus-plus_1.3.12.bb} (95%)
> rename meta-oe/recipes-extended/redis/{redis-7.2.11 =>
> redis-7.2.12}/0001-hiredis-use-default-CC-if-it-is-set.patch (89%)
> rename meta-oe/recipes-extended/redis/{redis-7.2.11 =>
> redis-7.2.12}/0002-lua-update-Makefile-to-use-environment-build-setting.patch
> (97%)
> rename meta-oe/recipes-extended/redis/{redis-7.2.11 =>
> redis-7.2.12}/0003-hack-to-force-use-of-libc-malloc.patch (81%)
> rename meta-oe/recipes-extended/redis/{redis-7.2.11 =>
> redis-7.2.12}/0004-src-Do-not-reset-FINAL_LIBS.patch (74%)
> rename meta-oe/recipes-extended/redis/{redis-7.2.11 =>
> redis-7.2.12}/0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch
> (92%)
> rename meta-oe/recipes-extended/redis/{redis-7.2.11 =>
> redis-7.2.12}/0006-Define-correct-gregs-for-RISCV32.patch (97%)
> rename meta-oe/recipes-extended/redis/{redis-7.2.11 =>
> redis-7.2.12}/init-redis-server (100%)
> rename meta-oe/recipes-extended/redis/{redis-7.2.11 =>
> redis-7.2.12}/redis.conf (100%)
> rename meta-oe/recipes-extended/redis/{redis-7.2.11 =>
> redis-7.2.12}/redis.service (100%)
> rename meta-oe/recipes-extended/redis/{redis_6.2.20.bb => redis_6.2.21.bb}
> (96%)
> rename meta-oe/recipes-extended/redis/{redis_7.2.11.bb => redis_7.2.12.bb}
> (93%)
> rename meta-oe/recipes-graphics/feh/{feh_3.10.2.bb => feh_3.10.3.bb}
> (88%)
> rename meta-oe/recipes-graphics/fontforge/{libspiro_20221101.bb =>
> libspiro_20240902.bb} (85%)
> rename meta-oe/recipes-graphics/jasper/{jasper_4.1.1.bb =>
> jasper_4.1.2.bb} (95%)
> delete mode 100644
> meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2025-54874.patch
> rename meta-oe/recipes-graphics/openjpeg/{openjpeg_2.5.3.bb =>
> openjpeg_2.5.4.bb} (86%)
> rename meta-oe/recipes-kernel/libbpf/{libbpf_1.4.0.bb => libbpf_1.4.7.bb}
> (92%)
> create mode 100644
> meta-oe/recipes-multimedia/audiofile/files/CVE-2018-13440.patch
> create mode 100644
> meta-oe/recipes-multimedia/audiofile/files/CVE-2018-17059.patch
> create mode 100644
> meta-oe/recipes-multimedia/audiofile/files/CVE-2019-13147.patch
> create mode 100644
> meta-oe/recipes-multimedia/audiofile/files/CVE-2022-24599.patch
> delete mode 100644
> meta-oe/recipes-security/audit/audit/0001-Replace-__attribute_malloc__-with-__attribute__-__ma.patch
> rename meta-oe/recipes-security/audit/{audit_4.0.1.bb => audit_4.0.2.bb}
> (90%)
> create mode 100644
> meta-oe/recipes-support/freerdp/freerdp3/CVE-2025-4478.patch
> create mode 100644 meta-oe/recipes-support/hdf5/files/CVE-2025-2926.patch
> rename meta-oe/recipes-support/libbytesize/{libbytesize_2.10.bb =>
> libbytesize_2.11.bb} (93%)
> delete mode 100644
> meta-oe/recipes-support/libgpiod/libgpiod-2.x/0001-bindings-cxx-tests-set-direction-when-reconfiguring-.patch
> rename meta-oe/recipes-support/libgpiod/{libgpiod_1.6.4.bb =>
> libgpiod_1.6.5.bb} (94%)
> rename meta-oe/recipes-support/libgpiod/{libgpiod_2.1.2.bb =>
> libgpiod_2.1.3.bb} (87%)
> rename meta-oe/recipes-support/libiodbc/{libiodbc_3.52.15.bb =>
> libiodbc_3.52.16.bb} (82%)
> rename meta-oe/recipes-support/mcelog/{mcelog_198.bb => mcelog_200.bb}
> (79%)
> rename meta-oe/recipes-support/openldap/{openldap_2.6.7.bb =>
> openldap_2.6.10.bb} (96%)
> delete mode 100644
> meta-oe/recipes-support/tbb/tbb/0001-Fix-suppress-new-GCC-12-13-warnings-1192.patch
> delete mode 100644
> meta-oe/recipes-support/tbb/tbb/0001-hwloc_detection.cmake-remove-cross-compiation-check.patch
> rename meta-oe/recipes-support/tbb/{tbb_2021.11.0.bb => tbb_2021.12.0.bb}
> (92%)
> rename meta-oe/recipes-support/usbids/{usbids_2023.01.16.bb =>
> usbids_2025.09.15.bb} (84%)
> rename meta-oe/recipes-support/xdg-desktop-portal/{
> xdg-desktop-portal_1.18.1.bb => xdg-desktop-portal_1.18.4.bb} (88%)
> rename meta-oe/recipes-support/xmlsec1/{xmlsec1_1.3.4.bb =>
> xmlsec1_1.3.5.bb} (96%)
> rename meta-oe/recipes-support/xrdp/{xrdp_0.9.19.bb => xrdp_0.9.20.bb}
> (97%)
> rename meta-oe/recipes-test/evtest/{evtest_1.35.bb => evtest_1.36.bb}
> (90%)
> create mode 100644
> meta-webserver/recipes-webadmin/webmin/files/0001-Add-missing-permissions-check-when-saving-allowed-cr.patch
> create mode 100644
> meta-webserver/recipes-webadmin/webmin/files/0001-Escape-potentially-malicious-HTTP-headers.patch
> create mode 100644
> meta-webserver/recipes-webadmin/webmin/files/0001-Foreign-module-may-need-a-check.patch
> create mode 100644
> meta-webserver/recipes-webadmin/webmin/files/0001-HTML-escape-command-description.patch
> create mode 100644
> meta-webserver/recipes-webadmin/webmin/files/0001-Object-names-cannot-contact-special-characters.patch
>
> --
> 2.51.2
>
>
[-- Attachment #2: Type: text/html, Size: 25223 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-11-20 1:31 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-11-19 23:33 [PATCH 00/74] Scarthgap pull request Anuj Mittal
2025-11-20 1:31 ` Khem Raj
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.