* [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7 @ 2026-03-13 21:10 Giulio Benetti 2026-03-14 19:57 ` Petr Vorel 2026-03-15 10:17 ` Julien Olivain via buildroot 0 siblings, 2 replies; 7+ messages in thread From: Giulio Benetti @ 2026-03-13 21:10 UTC (permalink / raw) To: buildroot; +Cc: Giulio Benetti, Petr Vorel Release announce: https://lore.kernel.org/linux-nfs/4d11b9d7-7b49-4a1e-8c26-29ecb2fefe2f@redhat.com/ Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com> --- package/nfs-utils/nfs-utils.hash | 4 ++-- package/nfs-utils/nfs-utils.mk | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package/nfs-utils/nfs-utils.hash b/package/nfs-utils/nfs-utils.hash index bf7c4b61b6..1e3f63d419 100644 --- a/package/nfs-utils/nfs-utils.hash +++ b/package/nfs-utils/nfs-utils.hash @@ -1,4 +1,4 @@ -# From https://www.kernel.org/pub/linux/utils/nfs-utils/2.8.6/sha256sums.asc -sha256 2bd7b34e809a7eff2f4bc5fc5fd96ebcd66a5458b471a270cbd2dc169b011550 nfs-utils-2.8.6.tar.xz +# From https://www.kernel.org/pub/linux/utils/nfs-utils/2.8.7/sha256sums.asc +sha256 59d0f1e17b18efaa60ea3ccf89a9cad3217f8d3b23c18d2fe34b25c8969d60ae nfs-utils-2.8.7.tar.xz # Locally computed sha256 576540abf5e95029ad4ad90e32071385a5e95b2c30708c706116f3eb87b9a3de COPYING diff --git a/package/nfs-utils/nfs-utils.mk b/package/nfs-utils/nfs-utils.mk index 7ac0b549cf..3d391c1804 100644 --- a/package/nfs-utils/nfs-utils.mk +++ b/package/nfs-utils/nfs-utils.mk @@ -4,7 +4,7 @@ # ################################################################################ -NFS_UTILS_VERSION = 2.8.6 +NFS_UTILS_VERSION = 2.8.7 NFS_UTILS_SOURCE = nfs-utils-$(NFS_UTILS_VERSION).tar.xz NFS_UTILS_SITE = https://www.kernel.org/pub/linux/utils/nfs-utils/$(NFS_UTILS_VERSION) NFS_UTILS_LICENSE = GPL-2.0+ -- 2.47.3 _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7 2026-03-13 21:10 [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7 Giulio Benetti @ 2026-03-14 19:57 ` Petr Vorel 2026-03-15 10:17 ` Julien Olivain via buildroot 1 sibling, 0 replies; 7+ messages in thread From: Petr Vorel @ 2026-03-14 19:57 UTC (permalink / raw) To: Giulio Benetti; +Cc: buildroot Hi Giulio, > Release announce: > https://lore.kernel.org/linux-nfs/4d11b9d7-7b49-4a1e-8c26-29ecb2fefe2f@redhat.com/ Thanks for update! Reviewed-by: Petr Vorel <petr.vorel@gmail.com> Kind regards, Petr _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7 2026-03-13 21:10 [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7 Giulio Benetti 2026-03-14 19:57 ` Petr Vorel @ 2026-03-15 10:17 ` Julien Olivain via buildroot 2026-03-15 23:07 ` Petr Vorel 1 sibling, 1 reply; 7+ messages in thread From: Julien Olivain via buildroot @ 2026-03-15 10:17 UTC (permalink / raw) To: Giulio Benetti; +Cc: buildroot, Petr Vorel Hi Giulio, On 13/03/2026 22:10, Giulio Benetti wrote: > Release announce: > https://lore.kernel.org/linux-nfs/4d11b9d7-7b49-4a1e-8c26-29ecb2fefe2f@redhat.com/ The commit title says it is a "security" bump. I can't find any reference to security fixes in the release note. Could you provide details? Or is it a copy paste error from the previous bump? https://gitlab.com/buildroot.org/buildroot/-/commit/7dfd2feb445c2cf83a2b52057fab96e72e42a071 In the later case, no need to send a v2, I'll just remove "security" while applying. > Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com> Best regards, Julien. _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7 2026-03-15 10:17 ` Julien Olivain via buildroot @ 2026-03-15 23:07 ` Petr Vorel 2026-03-16 10:53 ` Giulio Benetti 0 siblings, 1 reply; 7+ messages in thread From: Petr Vorel @ 2026-03-15 23:07 UTC (permalink / raw) To: Julien Olivain; +Cc: Giulio Benetti, buildroot Hi Julien, > Hi Giulio, > On 13/03/2026 22:10, Giulio Benetti wrote: > > Release announce: > > https://lore.kernel.org/linux-nfs/4d11b9d7-7b49-4a1e-8c26-29ecb2fefe2f@redhat.com/ > The commit title says it is a "security" bump. I can't find any reference to > security > fixes in the release note. Could you provide details? > Or is it a copy paste error from the previous bump? > https://gitlab.com/buildroot.org/buildroot/-/commit/7dfd2feb445c2cf83a2b52057fab96e72e42a071 > In the later case, no need to send a v2, I'll just remove "security" while > applying. I'd also say it's just a copy paste from 2.8.6. 2.8.7 seems to me only a bugfix release. Kind regards, Petr > > Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com> > Best regards, > Julien. _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7 2026-03-15 23:07 ` Petr Vorel @ 2026-03-16 10:53 ` Giulio Benetti 2026-03-16 10:54 ` Giulio Benetti 0 siblings, 1 reply; 7+ messages in thread From: Giulio Benetti @ 2026-03-16 10:53 UTC (permalink / raw) To: Petr Vorel, Julien Olivain; +Cc: buildroot Hi Julien and Petr, On 3/16/26 00:07, Petr Vorel wrote: > Hi Julien, > >> Hi Giulio, > >> On 13/03/2026 22:10, Giulio Benetti wrote: >>> Release announce: >>> https://lore.kernel.org/linux-nfs/4d11b9d7-7b49-4a1e-8c26-29ecb2fefe2f@redhat.com/ > >> The commit title says it is a "security" bump. I can't find any reference to >> security >> fixes in the release note. Could you provide details? > >> Or is it a copy paste error from the previous bump? >> https://gitlab.com/buildroot.org/buildroot/-/commit/7dfd2feb445c2cf83a2b52057fab96e72e42a071 > >> In the later case, no need to send a v2, I'll just remove "security" while >> applying. > > I'd also say it's just a copy paste from 2.8.6. 2.8.7 seems to me only a bugfix > release. I interpret commit [1] as a security commit, but maybe I'm wrong. It's not a CVE or similar but to me it sounds like a security commit, this is why subject is " security bump..". Best regards Giulio > Kind regards, > Petr > >>> Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com> > >> Best regards, > >> Julien. _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7 2026-03-16 10:53 ` Giulio Benetti @ 2026-03-16 10:54 ` Giulio Benetti 2026-03-16 21:28 ` Julien Olivain via buildroot 0 siblings, 1 reply; 7+ messages in thread From: Giulio Benetti @ 2026-03-16 10:54 UTC (permalink / raw) To: Petr Vorel, Julien Olivain; +Cc: buildroot On 3/16/26 11:53, Giulio Benetti wrote: > Hi Julien and Petr, > > On 3/16/26 00:07, Petr Vorel wrote: >> Hi Julien, >> >>> Hi Giulio, >> >>> On 13/03/2026 22:10, Giulio Benetti wrote: >>>> Release announce: >>>> https://lore.kernel.org/linux- >>>> nfs/4d11b9d7-7b49-4a1e-8c26-29ecb2fefe2f@redhat.com/ >> >>> The commit title says it is a "security" bump. I can't find any >>> reference to >>> security >>> fixes in the release note. Could you provide details? >> >>> Or is it a copy paste error from the previous bump? >>> https://gitlab.com/buildroot.org/buildroot/-/ >>> commit/7dfd2feb445c2cf83a2b52057fab96e72e42a071 >> >>> In the later case, no need to send a v2, I'll just remove "security" >>> while >>> applying. >> >> I'd also say it's just a copy paste from 2.8.6. 2.8.7 seems to me only >> a bugfix >> release. > > I interpret commit [1] as a security commit, but maybe I'm wrong. > It's not a CVE or similar but to me it sounds like a security commit, > this is why subject is " security bump..". [1]: https://www.kernel.org/pub/linux/utils/nfs-utils/2.8.7/2.8.7-Changelog > Best regards > Giulio > >> Kind regards, >> Petr >> >>>> Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com> >> >>> Best regards, >> >>> Julien. > _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7 2026-03-16 10:54 ` Giulio Benetti @ 2026-03-16 21:28 ` Julien Olivain via buildroot 0 siblings, 0 replies; 7+ messages in thread From: Julien Olivain via buildroot @ 2026-03-16 21:28 UTC (permalink / raw) To: Giulio Benetti; +Cc: Petr Vorel, buildroot Hi Giulio, On 16/03/2026 11:54, Giulio Benetti wrote: > On 3/16/26 11:53, Giulio Benetti wrote: >> Hi Julien and Petr, >> >> On 3/16/26 00:07, Petr Vorel wrote: >>> Hi Julien, >>> >>>> Hi Giulio, >>> >>>> On 13/03/2026 22:10, Giulio Benetti wrote: >>>>> Release announce: >>>>> https://lore.kernel.org/linux- >>>>> nfs/4d11b9d7-7b49-4a1e-8c26-29ecb2fefe2f@redhat.com/ >>> >>>> The commit title says it is a "security" bump. I can't find any >>>> reference to >>>> security >>>> fixes in the release note. Could you provide details? >>> >>>> Or is it a copy paste error from the previous bump? >>>> https://gitlab.com/buildroot.org/buildroot/-/ >>>> commit/7dfd2feb445c2cf83a2b52057fab96e72e42a071 >>> >>>> In the later case, no need to send a v2, I'll just remove "security" >>>> while >>>> applying. >>> >>> I'd also say it's just a copy paste from 2.8.6. 2.8.7 seems to me >>> only a bugfix >>> release. >> >> I interpret commit [1] as a security commit, but maybe I'm wrong. >> It's not a CVE or similar but to me it sounds like a security commit, >> this is why subject is " security bump..". > > [1]: > https://www.kernel.org/pub/linux/utils/nfs-utils/2.8.7/2.8.7-Changelog Applied to master, thanks. I removed "security" in the commit title. While I agree that using uninitialized data from the stack might be a security issue, we generally flag updates in Buildroot as "security" when there is a mention in the release note, a CVE assigned, or an advisory. This "bugfix" release will go in Buildroot LTS branches anyway. >> Best regards >> Giulio >> >>> Kind regards, >>> Petr >>> >>>>> Signed-off-by: Giulio Benetti >>>>> <giulio.benetti@benettiengineering.com> >>> >>>> Best regards, >>> >>>> Julien. Best regards, Julien. _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2026-03-16 21:28 UTC | newest] Thread overview: 7+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2026-03-13 21:10 [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7 Giulio Benetti 2026-03-14 19:57 ` Petr Vorel 2026-03-15 10:17 ` Julien Olivain via buildroot 2026-03-15 23:07 ` Petr Vorel 2026-03-16 10:53 ` Giulio Benetti 2026-03-16 10:54 ` Giulio Benetti 2026-03-16 21:28 ` Julien Olivain via buildroot
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox