All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH 00/16] Scarthgap pull request
@ 2026-07-02 10:45 Anuj Mittal
  2026-07-03  6:15 ` [oe] " Khem Raj
  0 siblings, 1 reply; 2+ messages in thread
From: Anuj Mittal @ 2026-07-02 10:45 UTC (permalink / raw)
  To: openembedded-devel

Please merge these changes in scarthgap. Tested locally and on autobuilder.

https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1592

The following changes since commit b0c2c648a1af89e7a8dd4c2ec841f3bc0ed0ccb9:

  nginx: backport fix for CVE-2026-9256 (2026-06-09 11:37:19 +0530)

are available in the Git repository at:

  https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap
  https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap

for you to fetch changes up to 29a044218285fdc7fcdd63d5f0929cb3a27b6fed:

  python3-matplotlib: fix build (2026-07-02 15:08:44 +0530)

----------------------------------------------------------------

Anuj Mittal (1):
  python3-matplotlib: fix build

Li Zhou (1):
  haveged: upgrade 1.9.18 -> 1.9.20

Nitin Wankhade (6):
  strongswan: Fix CVE-2026-35328
  strongswan: Fix CVE-2026-35329
  strongswan: Fix CVE-2026-35330
  strongswan: Fix CVE-2026-35331
  strongswan: Fix CVE-2026-35332
  strongswan: Fix CVE-2026-35333

Shubham Pushpkar (5):
  jq: Fix CVE-2026-40612
  jq: Fix CVE-2026-41256
  jq: Fix CVE-2026-41257
  jq: Fix CVE-2026-43894
  jq: Fix CVE-2026-43896

Theo Gaige (Schneider Electric) (1):
  nginx: patch CVE-2026-48142

Venkatasainath Ravikanti (1):
  syslog-ng: update config version to match installed binary

Wang Mingyu (1):
  haveged: upgrade 1.9.20 -> 1.9.22

 ...-insensitive-matching-and-reject-exc.patch | 176 ++++++++++++++++++
 ...-undersized-attributes-in-enumerator.patch |  41 ++++
 ...t-zero-length-EAP-SIM-AKA-attributes.patch |  54 ++++++
 ...d-NULL-pointer-dereference-when-veri.patch |  58 ++++++
 ...accept-non-empty-ECDH-public-keys-wi.patch |  51 +++++
 ...nt-infinite-loop-if-supported-versio.patch |  42 +++++
 .../strongswan/strongswan_5.9.14.bb           |   6 +
 .../jq/jq/CVE-2026-40612.patch                | 153 +++++++++++++++
 .../jq/jq/CVE-2026-41256.patch                |  54 ++++++
 .../jq/jq/CVE-2026-41257.patch                |  57 ++++++
 .../jq/jq/CVE-2026-43894.patch                |  56 ++++++
 .../jq/jq/CVE-2026-43896.patch                |  97 ++++++++++
 meta-oe/recipes-devtools/jq/jq_1.7.1.bb       |   5 +
 .../{haveged_1.9.18.bb => haveged_1.9.22.bb}  |   3 +-
 .../syslog-ng/files/syslog-ng.conf.systemd    |  11 +-
 .../syslog-ng/files/syslog-ng.conf.sysvinit   |   9 +-
 .../matplotlib-disable-download.patch         |  34 +++-
 .../python/python3-matplotlib_3.7.2.bb        |   4 +-
 .../nginx/nginx-1.24.0/CVE-2026-48142.patch   |  43 +++++
 .../recipes-httpd/nginx/nginx_1.24.0.bb       |   1 +
 20 files changed, 938 insertions(+), 17 deletions(-)
 create mode 100644 meta-networking/recipes-support/strongswan/strongswan/constraints-Case-insensitive-matching-and-reject-exc.patch
 create mode 100644 meta-networking/recipes-support/strongswan/strongswan/libradius-Reject-undersized-attributes-in-enumerator.patch
 create mode 100644 meta-networking/recipes-support/strongswan/strongswan/libsimaka-Reject-zero-length-EAP-SIM-AKA-attributes.patch
 create mode 100644 meta-networking/recipes-support/strongswan/strongswan/pkcs5-pkcs7-Avoid-NULL-pointer-dereference-when-veri.patch
 create mode 100644 meta-networking/recipes-support/strongswan/strongswan/tls-server-Only-accept-non-empty-ECDH-public-keys-wi.patch
 create mode 100644 meta-networking/recipes-support/strongswan/strongswan/tls-server-Prevent-infinite-loop-if-supported-versio.patch
 create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-40612.patch
 create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-41256.patch
 create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-41257.patch
 create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-43894.patch
 create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-43896.patch
 rename meta-oe/recipes-extended/haveged/{haveged_1.9.18.bb => haveged_1.9.22.bb} (93%)
 create mode 100644 meta-webserver/recipes-httpd/nginx/nginx-1.24.0/CVE-2026-48142.patch

-- 
2.54.0



^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [oe] [PATCH 00/16] Scarthgap pull request
  2026-07-02 10:45 [PATCH 00/16] Scarthgap pull request Anuj Mittal
@ 2026-07-03  6:15 ` Khem Raj
  0 siblings, 0 replies; 2+ messages in thread
From: Khem Raj @ 2026-07-03  6:15 UTC (permalink / raw)
  To: anuj.mittal; +Cc: openembedded-devel

[-- Attachment #1: Type: text/plain, Size: 4863 bytes --]

Looks good. merged now. Thanks Anuj

On Thu, Jul 2, 2026 at 3:45 AM Anuj Mittal via lists.openembedded.org
<anuj.mittal=oss.qualcomm.com@lists.openembedded.org> wrote:

> Please merge these changes in scarthgap. Tested locally and on autobuilder.
>
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1592
>
> The following changes since commit
> b0c2c648a1af89e7a8dd4c2ec841f3bc0ed0ccb9:
>
>   nginx: backport fix for CVE-2026-9256 (2026-06-09 11:37:19 +0530)
>
> are available in the Git repository at:
>
>   https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap
>
> https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap
>
> for you to fetch changes up to 29a044218285fdc7fcdd63d5f0929cb3a27b6fed:
>
>   python3-matplotlib: fix build (2026-07-02 15:08:44 +0530)
>
> ----------------------------------------------------------------
>
> Anuj Mittal (1):
>   python3-matplotlib: fix build
>
> Li Zhou (1):
>   haveged: upgrade 1.9.18 -> 1.9.20
>
> Nitin Wankhade (6):
>   strongswan: Fix CVE-2026-35328
>   strongswan: Fix CVE-2026-35329
>   strongswan: Fix CVE-2026-35330
>   strongswan: Fix CVE-2026-35331
>   strongswan: Fix CVE-2026-35332
>   strongswan: Fix CVE-2026-35333
>
> Shubham Pushpkar (5):
>   jq: Fix CVE-2026-40612
>   jq: Fix CVE-2026-41256
>   jq: Fix CVE-2026-41257
>   jq: Fix CVE-2026-43894
>   jq: Fix CVE-2026-43896
>
> Theo Gaige (Schneider Electric) (1):
>   nginx: patch CVE-2026-48142
>
> Venkatasainath Ravikanti (1):
>   syslog-ng: update config version to match installed binary
>
> Wang Mingyu (1):
>   haveged: upgrade 1.9.20 -> 1.9.22
>
>  ...-insensitive-matching-and-reject-exc.patch | 176 ++++++++++++++++++
>  ...-undersized-attributes-in-enumerator.patch |  41 ++++
>  ...t-zero-length-EAP-SIM-AKA-attributes.patch |  54 ++++++
>  ...d-NULL-pointer-dereference-when-veri.patch |  58 ++++++
>  ...accept-non-empty-ECDH-public-keys-wi.patch |  51 +++++
>  ...nt-infinite-loop-if-supported-versio.patch |  42 +++++
>  .../strongswan/strongswan_5.9.14.bb           |   6 +
>  .../jq/jq/CVE-2026-40612.patch                | 153 +++++++++++++++
>  .../jq/jq/CVE-2026-41256.patch                |  54 ++++++
>  .../jq/jq/CVE-2026-41257.patch                |  57 ++++++
>  .../jq/jq/CVE-2026-43894.patch                |  56 ++++++
>  .../jq/jq/CVE-2026-43896.patch                |  97 ++++++++++
>  meta-oe/recipes-devtools/jq/jq_1.7.1.bb       |   5 +
>  .../{haveged_1.9.18.bb => haveged_1.9.22.bb}  |   3 +-
>  .../syslog-ng/files/syslog-ng.conf.systemd    |  11 +-
>  .../syslog-ng/files/syslog-ng.conf.sysvinit   |   9 +-
>  .../matplotlib-disable-download.patch         |  34 +++-
>  .../python/python3-matplotlib_3.7.2.bb        |   4 +-
>  .../nginx/nginx-1.24.0/CVE-2026-48142.patch   |  43 +++++
>  .../recipes-httpd/nginx/nginx_1.24.0.bb       |   1 +
>  20 files changed, 938 insertions(+), 17 deletions(-)
>  create mode 100644
> meta-networking/recipes-support/strongswan/strongswan/constraints-Case-insensitive-matching-and-reject-exc.patch
>  create mode 100644
> meta-networking/recipes-support/strongswan/strongswan/libradius-Reject-undersized-attributes-in-enumerator.patch
>  create mode 100644
> meta-networking/recipes-support/strongswan/strongswan/libsimaka-Reject-zero-length-EAP-SIM-AKA-attributes.patch
>  create mode 100644
> meta-networking/recipes-support/strongswan/strongswan/pkcs5-pkcs7-Avoid-NULL-pointer-dereference-when-veri.patch
>  create mode 100644
> meta-networking/recipes-support/strongswan/strongswan/tls-server-Only-accept-non-empty-ECDH-public-keys-wi.patch
>  create mode 100644
> meta-networking/recipes-support/strongswan/strongswan/tls-server-Prevent-infinite-loop-if-supported-versio.patch
>  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-40612.patch
>  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-41256.patch
>  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-41257.patch
>  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-43894.patch
>  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-43896.patch
>  rename meta-oe/recipes-extended/haveged/{haveged_1.9.18.bb =>
> haveged_1.9.22.bb} (93%)
>  create mode 100644
> meta-webserver/recipes-httpd/nginx/nginx-1.24.0/CVE-2026-48142.patch
>
> --
> 2.54.0
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#128000):
> https://lists.openembedded.org/g/openembedded-devel/message/128000
> Mute This Topic: https://lists.openembedded.org/mt/120081049/1997914
> Group Owner: openembedded-devel+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [
> raj.khem@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
>

[-- Attachment #2: Type: text/html, Size: 6946 bytes --]

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2026-07-03  6:15 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-07-02 10:45 [PATCH 00/16] Scarthgap pull request Anuj Mittal
2026-07-03  6:15 ` [oe] " Khem Raj

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.