All of lore.kernel.org
 help / color / mirror / Atom feed
From: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
To: openembedded-devel@lists.openembedded.org
Subject: [PATCH 00/16] Scarthgap pull request
Date: Thu,  2 Jul 2026 16:15:13 +0530	[thread overview]
Message-ID: <cover.1782985880.git.anuj.mittal@oss.qualcomm.com> (raw)

Please merge these changes in scarthgap. Tested locally and on autobuilder.

https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1592

The following changes since commit b0c2c648a1af89e7a8dd4c2ec841f3bc0ed0ccb9:

  nginx: backport fix for CVE-2026-9256 (2026-06-09 11:37:19 +0530)

are available in the Git repository at:

  https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap
  https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap

for you to fetch changes up to 29a044218285fdc7fcdd63d5f0929cb3a27b6fed:

  python3-matplotlib: fix build (2026-07-02 15:08:44 +0530)

----------------------------------------------------------------

Anuj Mittal (1):
  python3-matplotlib: fix build

Li Zhou (1):
  haveged: upgrade 1.9.18 -> 1.9.20

Nitin Wankhade (6):
  strongswan: Fix CVE-2026-35328
  strongswan: Fix CVE-2026-35329
  strongswan: Fix CVE-2026-35330
  strongswan: Fix CVE-2026-35331
  strongswan: Fix CVE-2026-35332
  strongswan: Fix CVE-2026-35333

Shubham Pushpkar (5):
  jq: Fix CVE-2026-40612
  jq: Fix CVE-2026-41256
  jq: Fix CVE-2026-41257
  jq: Fix CVE-2026-43894
  jq: Fix CVE-2026-43896

Theo Gaige (Schneider Electric) (1):
  nginx: patch CVE-2026-48142

Venkatasainath Ravikanti (1):
  syslog-ng: update config version to match installed binary

Wang Mingyu (1):
  haveged: upgrade 1.9.20 -> 1.9.22

 ...-insensitive-matching-and-reject-exc.patch | 176 ++++++++++++++++++
 ...-undersized-attributes-in-enumerator.patch |  41 ++++
 ...t-zero-length-EAP-SIM-AKA-attributes.patch |  54 ++++++
 ...d-NULL-pointer-dereference-when-veri.patch |  58 ++++++
 ...accept-non-empty-ECDH-public-keys-wi.patch |  51 +++++
 ...nt-infinite-loop-if-supported-versio.patch |  42 +++++
 .../strongswan/strongswan_5.9.14.bb           |   6 +
 .../jq/jq/CVE-2026-40612.patch                | 153 +++++++++++++++
 .../jq/jq/CVE-2026-41256.patch                |  54 ++++++
 .../jq/jq/CVE-2026-41257.patch                |  57 ++++++
 .../jq/jq/CVE-2026-43894.patch                |  56 ++++++
 .../jq/jq/CVE-2026-43896.patch                |  97 ++++++++++
 meta-oe/recipes-devtools/jq/jq_1.7.1.bb       |   5 +
 .../{haveged_1.9.18.bb => haveged_1.9.22.bb}  |   3 +-
 .../syslog-ng/files/syslog-ng.conf.systemd    |  11 +-
 .../syslog-ng/files/syslog-ng.conf.sysvinit   |   9 +-
 .../matplotlib-disable-download.patch         |  34 +++-
 .../python/python3-matplotlib_3.7.2.bb        |   4 +-
 .../nginx/nginx-1.24.0/CVE-2026-48142.patch   |  43 +++++
 .../recipes-httpd/nginx/nginx_1.24.0.bb       |   1 +
 20 files changed, 938 insertions(+), 17 deletions(-)
 create mode 100644 meta-networking/recipes-support/strongswan/strongswan/constraints-Case-insensitive-matching-and-reject-exc.patch
 create mode 100644 meta-networking/recipes-support/strongswan/strongswan/libradius-Reject-undersized-attributes-in-enumerator.patch
 create mode 100644 meta-networking/recipes-support/strongswan/strongswan/libsimaka-Reject-zero-length-EAP-SIM-AKA-attributes.patch
 create mode 100644 meta-networking/recipes-support/strongswan/strongswan/pkcs5-pkcs7-Avoid-NULL-pointer-dereference-when-veri.patch
 create mode 100644 meta-networking/recipes-support/strongswan/strongswan/tls-server-Only-accept-non-empty-ECDH-public-keys-wi.patch
 create mode 100644 meta-networking/recipes-support/strongswan/strongswan/tls-server-Prevent-infinite-loop-if-supported-versio.patch
 create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-40612.patch
 create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-41256.patch
 create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-41257.patch
 create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-43894.patch
 create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-43896.patch
 rename meta-oe/recipes-extended/haveged/{haveged_1.9.18.bb => haveged_1.9.22.bb} (93%)
 create mode 100644 meta-webserver/recipes-httpd/nginx/nginx-1.24.0/CVE-2026-48142.patch

-- 
2.54.0



             reply	other threads:[~2026-07-02 10:45 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-07-02 10:45 Anuj Mittal [this message]
2026-07-03  6:15 ` [oe] [PATCH 00/16] Scarthgap pull request Khem Raj

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1782985880.git.anuj.mittal@oss.qualcomm.com \
    --to=anuj.mittal@oss.qualcomm.com \
    --cc=openembedded-devel@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.