All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH 00/13] Scarthgap pull request
@ 2026-06-09 12:49 Anuj Mittal
  0 siblings, 0 replies; 3+ messages in thread
From: Anuj Mittal @ 2026-06-09 12:49 UTC (permalink / raw)
  To: raj.khem, openembedded-devel

Please merge these changes in scarthgap. Tested locally and on autobuilder.

https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1547

The following changes since commit d8cc4e44001c7257273d290ce8c4496e93d32841:

  postgresql: upgrade 16.12 -> 16.14 (2026-05-25 08:05:43 +0530)

are available in the Git repository at:

  https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap
  https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap

for you to fetch changes up to b0c2c648a1af89e7a8dd4c2ec841f3bc0ed0ccb9:

  nginx: backport fix for CVE-2026-9256 (2026-06-09 11:37:19 +0530)

----------------------------------------------------------------

Ankur Tyagi (1):
  postfix: upgrade 3.8.16 -> 3.8.17

Gyorgy Sarvari (4):
  python3-paramiko: set CVE_PRODUCT
  python3-priority: set CVE_PRODUCT
  python3-pydantic: set CVE_PRODUCT
  python3-supervisor: set CVE_PRODUCT

Naman Jain (1):
  libssh: ignore CVE-2025-14821

Nelson Garcia (1):
  nginx: backport fix for CVE-2026-9256

Sudhir Dumbhare (6):
  python3-grpcio: Fix CVE-2024-7246
  python3-grpcio: set status for CVE-2026-33186
  python3-grpcio-tools: set status for CVE-2026-33186
  python3-grpcio-tools: set status for CVE-2024-7246
  python3-grpcio-tools: set status for CVE-2024-11407
  python3-tornado: Fix CVE-2026-31958

 .../{postfix_3.8.16.bb => postfix_3.8.17.bb}  |   2 +-
 .../recipes-support/libssh/libssh_0.10.6.bb   |   2 +
 .../python-priority/python3-priority_2.0.0.bb |   2 +
 .../python/python3-grpcio-tools_1.62.2.bb     |   4 +
 .../python/python3-grpcio/CVE-2024-7246.patch | 206 ++++++++++++++
 .../python/python3-grpcio_1.62.2.bb           |   3 +
 .../python/python3-paramiko_3.4.0.bb          |   2 +
 .../python/python3-pydantic_2.7.4.bb          |   2 +
 .../python/python3-supervisor_4.2.5.bb        |   1 +
 .../python3-tornado/CVE-2026-31958.patch      | 262 ++++++++++++++++++
 .../python/python3-tornado_6.4.2.bb           |   1 +
 .../nginx/nginx-1.24.0/CVE-2026-9256.patch    |  63 +++++
 .../recipes-httpd/nginx/nginx_1.24.0.bb       |   1 +
 13 files changed, 550 insertions(+), 1 deletion(-)
 rename meta-networking/recipes-daemons/postfix/{postfix_3.8.16.bb => postfix_3.8.17.bb} (99%)
 create mode 100644 meta-python/recipes-devtools/python/python3-grpcio/CVE-2024-7246.patch
 create mode 100644 meta-python/recipes-devtools/python/python3-tornado/CVE-2026-31958.patch
 create mode 100644 meta-webserver/recipes-httpd/nginx/nginx-1.24.0/CVE-2026-9256.patch

-- 
2.54.0



^ permalink raw reply	[flat|nested] 3+ messages in thread
* [PATCH 00/13] Scarthgap pull request
@ 2025-12-22  6:52 Anuj Mittal
  2025-12-22 15:03 ` Khem Raj
  0 siblings, 1 reply; 3+ messages in thread
From: Anuj Mittal @ 2025-12-22  6:52 UTC (permalink / raw)
  To: raj.khem, openembedded-devel

Please merge these changes in scarthgap. Tested on AB and locally.

https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1196

The following changes since commit b4812b18eec77e9f0286bd6b81a5c3032ac0d3be:

  proftpd: Fix CVE-2023-48795 (2025-12-11 08:02:03 +0530)

are available in the Git repository at:

  https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap
  https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap

Ankur Tyagi (10):
  jasper: patch CVE-2024-31744
  libcupsfilters: patch CVE-2025-57812
  flatpak: patch CVE-2024-42472
  editorconfig-core-c: patch CVE-2024-53849
  civetweb: patch CVE-2025-9648
  fetchmail: patch CVE-2025-61962
  unbound: patch CVE-2024-43167
  unbound: patch CVE-2024-43168
  openvpn: patch CVE-2025-13086
  openh264: patch CVE-2025-27091

Archana Polampalli (1):
  tcpreplay: fix CVE-2025-9157

Deepak Rathore (1):
  redis: Refine CVE-2022-0543 status description

Kai Kang (1):
  mbedtls: fix CVE-2025-47917

 .../openh264/openh264/CVE-2025-27091.patch    |  28 ++
 .../openh264/openh264_2.3.1.bb                |   1 +
 .../civetweb/civetweb/CVE-2025-9648.patch     | 254 ++++++++++++++++++
 .../civetweb/civetweb_1.16.bb                 |   1 +
 .../mbedtls/mbedtls/CVE-2025-47917.patch      |  52 ++++
 .../mbedtls/mbedtls_2.28.10.bb                |   1 +
 .../fetchmail/fetchmail/CVE-2025-61962.patch  |  51 ++++
 .../fetchmail/fetchmail_6.4.38.bb             |   1 +
 .../openvpn/openvpn/CVE-2025-13086.patch      | 157 +++++++++++
 .../recipes-support/openvpn/openvpn_2.6.14.bb |   1 +
 .../tcpreplay/tcpreplay/CVE-2025-9157.patch   |  44 +++
 .../tcpreplay/tcpreplay_4.4.4.bb              |   1 +
 .../unbound/unbound/CVE-2024-43167.patch      |  46 ++++
 .../unbound/unbound/CVE-2024-43168_1.patch    |  29 ++
 .../unbound/unbound/CVE-2024-43168_2.patch    |  57 ++++
 .../recipes-support/unbound/unbound_1.19.3.bb |   3 +
 .../editorconfig-core-c_0.12.6.bb             |   5 +-
 .../editorconfig/files/CVE-2024-53849_1.patch |  54 ++++
 .../editorconfig/files/CVE-2024-53849_2.patch |  48 ++++
 .../flatpak/flatpak/CVE-2024-42472_1.patch    | 169 ++++++++++++
 .../flatpak/flatpak/CVE-2024-42472_2.patch    |  44 +++
 .../flatpak/flatpak_1.15.8.bb                 |   2 +
 .../recipes-extended/redis/redis_6.2.21.bb    |   7 +-
 .../recipes-extended/redis/redis_7.2.12.bb    |   7 +-
 .../jasper/jasper/0001-Fixes-381.patch        |  30 +++
 .../recipes-graphics/jasper/jasper_4.1.2.bb   |   1 +
 .../cups/libcupsfilters/CVE-2025-57812.patch  | 129 +++++++++
 .../cups/libcupsfilters_2.0.0.bb              |   1 +
 28 files changed, 1221 insertions(+), 3 deletions(-)
 create mode 100644 meta-multimedia/recipes-multimedia/openh264/openh264/CVE-2025-27091.patch
 create mode 100644 meta-networking/recipes-connectivity/civetweb/civetweb/CVE-2025-9648.patch
 create mode 100644 meta-networking/recipes-connectivity/mbedtls/mbedtls/CVE-2025-47917.patch
 create mode 100644 meta-networking/recipes-support/fetchmail/fetchmail/CVE-2025-61962.patch
 create mode 100644 meta-networking/recipes-support/openvpn/openvpn/CVE-2025-13086.patch
 create mode 100644 meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2025-9157.patch
 create mode 100644 meta-networking/recipes-support/unbound/unbound/CVE-2024-43167.patch
 create mode 100644 meta-networking/recipes-support/unbound/unbound/CVE-2024-43168_1.patch
 create mode 100644 meta-networking/recipes-support/unbound/unbound/CVE-2024-43168_2.patch
 create mode 100644 meta-oe/recipes-devtools/editorconfig/files/CVE-2024-53849_1.patch
 create mode 100644 meta-oe/recipes-devtools/editorconfig/files/CVE-2024-53849_2.patch
 create mode 100644 meta-oe/recipes-extended/flatpak/flatpak/CVE-2024-42472_1.patch
 create mode 100644 meta-oe/recipes-extended/flatpak/flatpak/CVE-2024-42472_2.patch
 create mode 100644 meta-oe/recipes-graphics/jasper/jasper/0001-Fixes-381.patch
 create mode 100644 meta-oe/recipes-printing/cups/libcupsfilters/CVE-2025-57812.patch

-- 
2.52.0



^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2026-06-09 12:49 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-06-09 12:49 [PATCH 00/13] Scarthgap pull request Anuj Mittal
  -- strict thread matches above, loose matches on Subject: below --
2025-12-22  6:52 Anuj Mittal
2025-12-22 15:03 ` Khem Raj

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.