* [PATCH 00/13] Scarthgap pull request
@ 2025-12-22 6:52 Anuj Mittal
2025-12-22 15:03 ` Khem Raj
0 siblings, 1 reply; 3+ messages in thread
From: Anuj Mittal @ 2025-12-22 6:52 UTC (permalink / raw)
To: raj.khem, openembedded-devel
Please merge these changes in scarthgap. Tested on AB and locally.
https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1196
The following changes since commit b4812b18eec77e9f0286bd6b81a5c3032ac0d3be:
proftpd: Fix CVE-2023-48795 (2025-12-11 08:02:03 +0530)
are available in the Git repository at:
https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap
https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap
Ankur Tyagi (10):
jasper: patch CVE-2024-31744
libcupsfilters: patch CVE-2025-57812
flatpak: patch CVE-2024-42472
editorconfig-core-c: patch CVE-2024-53849
civetweb: patch CVE-2025-9648
fetchmail: patch CVE-2025-61962
unbound: patch CVE-2024-43167
unbound: patch CVE-2024-43168
openvpn: patch CVE-2025-13086
openh264: patch CVE-2025-27091
Archana Polampalli (1):
tcpreplay: fix CVE-2025-9157
Deepak Rathore (1):
redis: Refine CVE-2022-0543 status description
Kai Kang (1):
mbedtls: fix CVE-2025-47917
.../openh264/openh264/CVE-2025-27091.patch | 28 ++
.../openh264/openh264_2.3.1.bb | 1 +
.../civetweb/civetweb/CVE-2025-9648.patch | 254 ++++++++++++++++++
.../civetweb/civetweb_1.16.bb | 1 +
.../mbedtls/mbedtls/CVE-2025-47917.patch | 52 ++++
.../mbedtls/mbedtls_2.28.10.bb | 1 +
.../fetchmail/fetchmail/CVE-2025-61962.patch | 51 ++++
.../fetchmail/fetchmail_6.4.38.bb | 1 +
.../openvpn/openvpn/CVE-2025-13086.patch | 157 +++++++++++
.../recipes-support/openvpn/openvpn_2.6.14.bb | 1 +
.../tcpreplay/tcpreplay/CVE-2025-9157.patch | 44 +++
.../tcpreplay/tcpreplay_4.4.4.bb | 1 +
.../unbound/unbound/CVE-2024-43167.patch | 46 ++++
.../unbound/unbound/CVE-2024-43168_1.patch | 29 ++
.../unbound/unbound/CVE-2024-43168_2.patch | 57 ++++
.../recipes-support/unbound/unbound_1.19.3.bb | 3 +
.../editorconfig-core-c_0.12.6.bb | 5 +-
.../editorconfig/files/CVE-2024-53849_1.patch | 54 ++++
.../editorconfig/files/CVE-2024-53849_2.patch | 48 ++++
.../flatpak/flatpak/CVE-2024-42472_1.patch | 169 ++++++++++++
.../flatpak/flatpak/CVE-2024-42472_2.patch | 44 +++
.../flatpak/flatpak_1.15.8.bb | 2 +
.../recipes-extended/redis/redis_6.2.21.bb | 7 +-
.../recipes-extended/redis/redis_7.2.12.bb | 7 +-
.../jasper/jasper/0001-Fixes-381.patch | 30 +++
.../recipes-graphics/jasper/jasper_4.1.2.bb | 1 +
.../cups/libcupsfilters/CVE-2025-57812.patch | 129 +++++++++
.../cups/libcupsfilters_2.0.0.bb | 1 +
28 files changed, 1221 insertions(+), 3 deletions(-)
create mode 100644 meta-multimedia/recipes-multimedia/openh264/openh264/CVE-2025-27091.patch
create mode 100644 meta-networking/recipes-connectivity/civetweb/civetweb/CVE-2025-9648.patch
create mode 100644 meta-networking/recipes-connectivity/mbedtls/mbedtls/CVE-2025-47917.patch
create mode 100644 meta-networking/recipes-support/fetchmail/fetchmail/CVE-2025-61962.patch
create mode 100644 meta-networking/recipes-support/openvpn/openvpn/CVE-2025-13086.patch
create mode 100644 meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2025-9157.patch
create mode 100644 meta-networking/recipes-support/unbound/unbound/CVE-2024-43167.patch
create mode 100644 meta-networking/recipes-support/unbound/unbound/CVE-2024-43168_1.patch
create mode 100644 meta-networking/recipes-support/unbound/unbound/CVE-2024-43168_2.patch
create mode 100644 meta-oe/recipes-devtools/editorconfig/files/CVE-2024-53849_1.patch
create mode 100644 meta-oe/recipes-devtools/editorconfig/files/CVE-2024-53849_2.patch
create mode 100644 meta-oe/recipes-extended/flatpak/flatpak/CVE-2024-42472_1.patch
create mode 100644 meta-oe/recipes-extended/flatpak/flatpak/CVE-2024-42472_2.patch
create mode 100644 meta-oe/recipes-graphics/jasper/jasper/0001-Fixes-381.patch
create mode 100644 meta-oe/recipes-printing/cups/libcupsfilters/CVE-2025-57812.patch
--
2.52.0
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH 00/13] Scarthgap pull request
2025-12-22 6:52 Anuj Mittal
@ 2025-12-22 15:03 ` Khem Raj
0 siblings, 0 replies; 3+ messages in thread
From: Khem Raj @ 2025-12-22 15:03 UTC (permalink / raw)
To: Anuj Mittal; +Cc: openembedded-devel
[-- Attachment #1: Type: text/plain, Size: 4435 bytes --]
Looks good, Merged now
Thanks Anuj
On Sun, Dec 21, 2025 at 10:53 PM Anuj Mittal <anuj.mittal@oss.qualcomm.com>
wrote:
> Please merge these changes in scarthgap. Tested on AB and locally.
>
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1196
>
> The following changes since commit
> b4812b18eec77e9f0286bd6b81a5c3032ac0d3be:
>
> proftpd: Fix CVE-2023-48795 (2025-12-11 08:02:03 +0530)
>
> are available in the Git repository at:
>
> https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap
>
> https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap
>
> Ankur Tyagi (10):
> jasper: patch CVE-2024-31744
> libcupsfilters: patch CVE-2025-57812
> flatpak: patch CVE-2024-42472
> editorconfig-core-c: patch CVE-2024-53849
> civetweb: patch CVE-2025-9648
> fetchmail: patch CVE-2025-61962
> unbound: patch CVE-2024-43167
> unbound: patch CVE-2024-43168
> openvpn: patch CVE-2025-13086
> openh264: patch CVE-2025-27091
>
> Archana Polampalli (1):
> tcpreplay: fix CVE-2025-9157
>
> Deepak Rathore (1):
> redis: Refine CVE-2022-0543 status description
>
> Kai Kang (1):
> mbedtls: fix CVE-2025-47917
>
> .../openh264/openh264/CVE-2025-27091.patch | 28 ++
> .../openh264/openh264_2.3.1.bb | 1 +
> .../civetweb/civetweb/CVE-2025-9648.patch | 254 ++++++++++++++++++
> .../civetweb/civetweb_1.16.bb | 1 +
> .../mbedtls/mbedtls/CVE-2025-47917.patch | 52 ++++
> .../mbedtls/mbedtls_2.28.10.bb | 1 +
> .../fetchmail/fetchmail/CVE-2025-61962.patch | 51 ++++
> .../fetchmail/fetchmail_6.4.38.bb | 1 +
> .../openvpn/openvpn/CVE-2025-13086.patch | 157 +++++++++++
> .../recipes-support/openvpn/openvpn_2.6.14.bb | 1 +
> .../tcpreplay/tcpreplay/CVE-2025-9157.patch | 44 +++
> .../tcpreplay/tcpreplay_4.4.4.bb | 1 +
> .../unbound/unbound/CVE-2024-43167.patch | 46 ++++
> .../unbound/unbound/CVE-2024-43168_1.patch | 29 ++
> .../unbound/unbound/CVE-2024-43168_2.patch | 57 ++++
> .../recipes-support/unbound/unbound_1.19.3.bb | 3 +
> .../editorconfig-core-c_0.12.6.bb | 5 +-
> .../editorconfig/files/CVE-2024-53849_1.patch | 54 ++++
> .../editorconfig/files/CVE-2024-53849_2.patch | 48 ++++
> .../flatpak/flatpak/CVE-2024-42472_1.patch | 169 ++++++++++++
> .../flatpak/flatpak/CVE-2024-42472_2.patch | 44 +++
> .../flatpak/flatpak_1.15.8.bb | 2 +
> .../recipes-extended/redis/redis_6.2.21.bb | 7 +-
> .../recipes-extended/redis/redis_7.2.12.bb | 7 +-
> .../jasper/jasper/0001-Fixes-381.patch | 30 +++
> .../recipes-graphics/jasper/jasper_4.1.2.bb | 1 +
> .../cups/libcupsfilters/CVE-2025-57812.patch | 129 +++++++++
> .../cups/libcupsfilters_2.0.0.bb | 1 +
> 28 files changed, 1221 insertions(+), 3 deletions(-)
> create mode 100644
> meta-multimedia/recipes-multimedia/openh264/openh264/CVE-2025-27091.patch
> create mode 100644
> meta-networking/recipes-connectivity/civetweb/civetweb/CVE-2025-9648.patch
> create mode 100644
> meta-networking/recipes-connectivity/mbedtls/mbedtls/CVE-2025-47917.patch
> create mode 100644
> meta-networking/recipes-support/fetchmail/fetchmail/CVE-2025-61962.patch
> create mode 100644
> meta-networking/recipes-support/openvpn/openvpn/CVE-2025-13086.patch
> create mode 100644
> meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2025-9157.patch
> create mode 100644
> meta-networking/recipes-support/unbound/unbound/CVE-2024-43167.patch
> create mode 100644
> meta-networking/recipes-support/unbound/unbound/CVE-2024-43168_1.patch
> create mode 100644
> meta-networking/recipes-support/unbound/unbound/CVE-2024-43168_2.patch
> create mode 100644
> meta-oe/recipes-devtools/editorconfig/files/CVE-2024-53849_1.patch
> create mode 100644
> meta-oe/recipes-devtools/editorconfig/files/CVE-2024-53849_2.patch
> create mode 100644
> meta-oe/recipes-extended/flatpak/flatpak/CVE-2024-42472_1.patch
> create mode 100644
> meta-oe/recipes-extended/flatpak/flatpak/CVE-2024-42472_2.patch
> create mode 100644
> meta-oe/recipes-graphics/jasper/jasper/0001-Fixes-381.patch
> create mode 100644
> meta-oe/recipes-printing/cups/libcupsfilters/CVE-2025-57812.patch
>
> --
> 2.52.0
>
>
[-- Attachment #2: Type: text/html, Size: 6366 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH 00/13] Scarthgap pull request
@ 2026-06-09 12:49 Anuj Mittal
0 siblings, 0 replies; 3+ messages in thread
From: Anuj Mittal @ 2026-06-09 12:49 UTC (permalink / raw)
To: raj.khem, openembedded-devel
Please merge these changes in scarthgap. Tested locally and on autobuilder.
https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1547
The following changes since commit d8cc4e44001c7257273d290ce8c4496e93d32841:
postgresql: upgrade 16.12 -> 16.14 (2026-05-25 08:05:43 +0530)
are available in the Git repository at:
https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap
https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap
for you to fetch changes up to b0c2c648a1af89e7a8dd4c2ec841f3bc0ed0ccb9:
nginx: backport fix for CVE-2026-9256 (2026-06-09 11:37:19 +0530)
----------------------------------------------------------------
Ankur Tyagi (1):
postfix: upgrade 3.8.16 -> 3.8.17
Gyorgy Sarvari (4):
python3-paramiko: set CVE_PRODUCT
python3-priority: set CVE_PRODUCT
python3-pydantic: set CVE_PRODUCT
python3-supervisor: set CVE_PRODUCT
Naman Jain (1):
libssh: ignore CVE-2025-14821
Nelson Garcia (1):
nginx: backport fix for CVE-2026-9256
Sudhir Dumbhare (6):
python3-grpcio: Fix CVE-2024-7246
python3-grpcio: set status for CVE-2026-33186
python3-grpcio-tools: set status for CVE-2026-33186
python3-grpcio-tools: set status for CVE-2024-7246
python3-grpcio-tools: set status for CVE-2024-11407
python3-tornado: Fix CVE-2026-31958
.../{postfix_3.8.16.bb => postfix_3.8.17.bb} | 2 +-
.../recipes-support/libssh/libssh_0.10.6.bb | 2 +
.../python-priority/python3-priority_2.0.0.bb | 2 +
.../python/python3-grpcio-tools_1.62.2.bb | 4 +
.../python/python3-grpcio/CVE-2024-7246.patch | 206 ++++++++++++++
.../python/python3-grpcio_1.62.2.bb | 3 +
.../python/python3-paramiko_3.4.0.bb | 2 +
.../python/python3-pydantic_2.7.4.bb | 2 +
.../python/python3-supervisor_4.2.5.bb | 1 +
.../python3-tornado/CVE-2026-31958.patch | 262 ++++++++++++++++++
.../python/python3-tornado_6.4.2.bb | 1 +
.../nginx/nginx-1.24.0/CVE-2026-9256.patch | 63 +++++
.../recipes-httpd/nginx/nginx_1.24.0.bb | 1 +
13 files changed, 550 insertions(+), 1 deletion(-)
rename meta-networking/recipes-daemons/postfix/{postfix_3.8.16.bb => postfix_3.8.17.bb} (99%)
create mode 100644 meta-python/recipes-devtools/python/python3-grpcio/CVE-2024-7246.patch
create mode 100644 meta-python/recipes-devtools/python/python3-tornado/CVE-2026-31958.patch
create mode 100644 meta-webserver/recipes-httpd/nginx/nginx-1.24.0/CVE-2026-9256.patch
--
2.54.0
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2026-06-09 12:49 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-06-09 12:49 [PATCH 00/13] Scarthgap pull request Anuj Mittal
-- strict thread matches above, loose matches on Subject: below --
2025-12-22 6:52 Anuj Mittal
2025-12-22 15:03 ` Khem Raj
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.