* [Buildroot] [PATCH] package/psmisc: bump to version 23.7
@ 2026-04-18 7:33 Shubham Chakraborty
2026-04-24 20:08 ` Julien Olivain via buildroot
` (3 more replies)
0 siblings, 4 replies; 13+ messages in thread
From: Shubham Chakraborty @ 2026-04-18 7:33 UTC (permalink / raw)
To: buildroot; +Cc: Shubham Chakraborty
- Fix --disable-statx build option
- fuser: Add stat() fallback, ignore EACCES errors
- pstree: Fix assumption about root PID
- killall: Output formatting fixes
- Update gettext to 0.21
https://gitlab.com/psmisc/psmisc/-/tags/v23.7
Signed-off-by: Shubham Chakraborty <chakrabortyshubham66@gmail.com>
---
package/psmisc/psmisc.hash | 5 +----
package/psmisc/psmisc.mk | 2 +-
2 files changed, 2 insertions(+), 5 deletions(-)
diff --git a/package/psmisc/psmisc.hash b/package/psmisc/psmisc.hash
index fe146f90c9..646c01b3c6 100644
--- a/package/psmisc/psmisc.hash
+++ b/package/psmisc/psmisc.hash
@@ -1,6 +1,3 @@
# From https://sourceforge.net/projects/psmisc/files/psmisc/
-md5 014f0b5d5ab32478a2c57812ad01e1fb psmisc-23.5.tar.xz
-sha1 a16073f459a19288c1ea2b413a84e1b996cab595 psmisc-23.5.tar.xz
-# Locally computed:
-sha256 dc37ecc2f7e4a90a94956accc6e1c77adb71316b7c9cbd39b26738db0c3ae58b psmisc-23.5.tar.xz
+sha256 58c55d9c1402474065adae669511c191de374b0871eec781239ab400b907c327 psmisc-23.7.tar.xz
sha256 dcc100d4161cc0b7177545ab6e47216f84857cda3843847c792a25289852dcaa COPYING
diff --git a/package/psmisc/psmisc.mk b/package/psmisc/psmisc.mk
index 3229184459..85caf30653 100644
--- a/package/psmisc/psmisc.mk
+++ b/package/psmisc/psmisc.mk
@@ -4,7 +4,7 @@
#
################################################################################
-PSMISC_VERSION = 23.5
+PSMISC_VERSION = 23.7
PSMISC_SITE = http://downloads.sourceforge.net/project/psmisc/psmisc
PSMISC_SOURCE = psmisc-$(PSMISC_VERSION).tar.xz
PSMISC_LICENSE = GPL-2.0+
--
2.53.0
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 13+ messages in thread* Re: [Buildroot] [PATCH] package/psmisc: bump to version 23.7 2026-04-18 7:33 [Buildroot] [PATCH] package/psmisc: bump to version 23.7 Shubham Chakraborty @ 2026-04-24 20:08 ` Julien Olivain via buildroot 2026-04-28 20:45 ` [Buildroot] [PATCH v2] " Shubham Chakraborty ` (2 subsequent siblings) 3 siblings, 0 replies; 13+ messages in thread From: Julien Olivain via buildroot @ 2026-04-24 20:08 UTC (permalink / raw) To: Shubham Chakraborty; +Cc: buildroot Hi Shubham, Thanks for the patch. On 18/04/2026 09:33, Shubham Chakraborty wrote: > - Fix --disable-statx build option > - fuser: Add stat() fallback, ignore EACCES errors > - pstree: Fix assumption about root PID > - killall: Output formatting fixes > - Update gettext to 0.21 > > https://gitlab.com/psmisc/psmisc/-/tags/v23.7 > > Signed-off-by: Shubham Chakraborty <chakrabortyshubham66@gmail.com> > --- > package/psmisc/psmisc.hash | 5 +---- > package/psmisc/psmisc.mk | 2 +- > 2 files changed, 2 insertions(+), 5 deletions(-) > > diff --git a/package/psmisc/psmisc.hash b/package/psmisc/psmisc.hash > index fe146f90c9..646c01b3c6 100644 > --- a/package/psmisc/psmisc.hash > +++ b/package/psmisc/psmisc.hash > @@ -1,6 +1,3 @@ > # From https://sourceforge.net/projects/psmisc/files/psmisc/ > -md5 014f0b5d5ab32478a2c57812ad01e1fb psmisc-23.5.tar.xz > -sha1 a16073f459a19288c1ea2b413a84e1b996cab595 psmisc-23.5.tar.xz > -# Locally computed: Why are you removing the upstream hashes and the "Locally computed" comment? Sourceforge upstream is still publishing md5 and sha1 (and not sha256). Could you put back those upstream hashes please and send an updated patch please? > -sha256 > dc37ecc2f7e4a90a94956accc6e1c77adb71316b7c9cbd39b26738db0c3ae58b > psmisc-23.5.tar.xz > +sha256 > 58c55d9c1402474065adae669511c191de374b0871eec781239ab400b907c327 > psmisc-23.7.tar.xz > sha256 > dcc100d4161cc0b7177545ab6e47216f84857cda3843847c792a25289852dcaa > COPYING > diff --git a/package/psmisc/psmisc.mk b/package/psmisc/psmisc.mk > index 3229184459..85caf30653 100644 > --- a/package/psmisc/psmisc.mk > +++ b/package/psmisc/psmisc.mk > @@ -4,7 +4,7 @@ > # > > ################################################################################ > > -PSMISC_VERSION = 23.5 > +PSMISC_VERSION = 23.7 > PSMISC_SITE = http://downloads.sourceforge.net/project/psmisc/psmisc > PSMISC_SOURCE = psmisc-$(PSMISC_VERSION).tar.xz > PSMISC_LICENSE = GPL-2.0+ > -- > 2.53.0 Best regards, Julien. _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 13+ messages in thread
* [Buildroot] [PATCH v2] package/psmisc: bump to version 23.7 2026-04-18 7:33 [Buildroot] [PATCH] package/psmisc: bump to version 23.7 Shubham Chakraborty 2026-04-24 20:08 ` Julien Olivain via buildroot @ 2026-04-28 20:45 ` Shubham Chakraborty 2026-04-29 8:23 ` Marcus Hoffmann via buildroot 2026-04-29 13:06 ` [Buildroot] [PATCH v3] " Shubham Chakraborty 2026-04-29 17:08 ` [Buildroot] [PATCH] package/nginx: bump to version 1.29.7 Shubham Chakraborty 3 siblings, 1 reply; 13+ messages in thread From: Shubham Chakraborty @ 2026-04-28 20:45 UTC (permalink / raw) To: buildroot; +Cc: Shubham Chakraborty - Fix --disable-statx build option - fuser: Add stat() fallback, ignore EACCES errors - pstree: Fix assumption about root PID - killall: Output formatting fixes - Update gettext to 0.21 https://gitlab.com/psmisc/psmisc/-/tags/v23.7 Signed-off-by: Shubham Chakraborty <chakrabortyshubham66@gmail.com> --- package/psmisc/psmisc.hash | 3 +++ 1 file changed, 3 insertions(+) diff --git a/package/psmisc/psmisc.hash b/package/psmisc/psmisc.hash index 646c01b3c6..f16b95eee3 100644 --- a/package/psmisc/psmisc.hash +++ b/package/psmisc/psmisc.hash @@ -1,3 +1,6 @@ # From https://sourceforge.net/projects/psmisc/files/psmisc/ +md5 53eae841735189a896d614cba440eb10 psmisc-23.7.tar.xz +sha1 89046d35a8919def79200115c9cc78e91b98ad53 psmisc-23.7.tar.xz +# Locally computed: sha256 58c55d9c1402474065adae669511c191de374b0871eec781239ab400b907c327 psmisc-23.7.tar.xz sha256 dcc100d4161cc0b7177545ab6e47216f84857cda3843847c792a25289852dcaa COPYING -- 2.54.0 _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [Buildroot] [PATCH v2] package/psmisc: bump to version 23.7 2026-04-28 20:45 ` [Buildroot] [PATCH v2] " Shubham Chakraborty @ 2026-04-29 8:23 ` Marcus Hoffmann via buildroot 0 siblings, 0 replies; 13+ messages in thread From: Marcus Hoffmann via buildroot @ 2026-04-29 8:23 UTC (permalink / raw) To: Shubham Chakraborty, buildroot Hi Shubham, On 4/28/26 22:45, Shubham Chakraborty wrote: > - Fix --disable-statx build option > - fuser: Add stat() fallback, ignore EACCES errors > - pstree: Fix assumption about root PID > - killall: Output formatting fixes > - Update gettext to 0.21 > > https://gitlab.com/psmisc/psmisc/-/tags/v23.7 As you are bumping the package from 23.5 -> 23.7, you should also include the changelog of the 23.6 release [1] in the commit description. > > Signed-off-by: Shubham Chakraborty <chakrabortyshubham66@gmail.com> > --- > package/psmisc/psmisc.hash | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/package/psmisc/psmisc.hash b/package/psmisc/psmisc.hash > index 646c01b3c6..f16b95eee3 100644 > --- a/package/psmisc/psmisc.hash > +++ b/package/psmisc/psmisc.hash > @@ -1,3 +1,6 @@ > # From https://sourceforge.net/projects/psmisc/files/psmisc/ > +md5 53eae841735189a896d614cba440eb10 psmisc-23.7.tar.xz > +sha1 89046d35a8919def79200115c9cc78e91b98ad53 psmisc-23.7.tar.xz > +# Locally computed: This patch does not apply. I assume it is currently based on top of your v1, but that is not how you should send a v2 patch. Any new version should contain all the previous changes. Also it's nice to include a changelog in the new revision for what changed in the new revision (below a --- mark, so it's visible in the email but doesn't get included in the commit that gets applied). See section "22.5.5. Patch revision changelog" in the manual[2] > [...] Could you send a v3 with these changes incorporated? Best, Marcus [1] https://gitlab.com/psmisc/psmisc/-/tags/v23.6 [2] https://nightly.buildroot.org/manual.html#submitting-patches _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 13+ messages in thread
* [Buildroot] [PATCH v3] package/psmisc: bump to version 23.7 2026-04-18 7:33 [Buildroot] [PATCH] package/psmisc: bump to version 23.7 Shubham Chakraborty 2026-04-24 20:08 ` Julien Olivain via buildroot 2026-04-28 20:45 ` [Buildroot] [PATCH v2] " Shubham Chakraborty @ 2026-04-29 13:06 ` Shubham Chakraborty 2026-04-29 22:31 ` Marcus Hoffmann via buildroot 2026-04-29 17:08 ` [Buildroot] [PATCH] package/nginx: bump to version 1.29.7 Shubham Chakraborty 3 siblings, 1 reply; 13+ messages in thread From: Shubham Chakraborty @ 2026-04-29 13:06 UTC (permalink / raw) To: buildroot; +Cc: Shubham Chakraborty Changelog: - v23.6: - buildsys: Fix DEJAGNU work-around (Debian #1015089) - killall: Use kill if pidfd_send_signal fails (Debian #1015228) - fuser: Do not mention nonexistent -reset option (#42) - fuser: Use modern statn where possible - pstree: Better AppArmor support (!30) - v23.7: - Fix --disable-statx build option - fuser: Add stat() fallback, ignore EACCES errors - pstree: Fix assumption about root PID - killall: Output formatting fixes - Update gettext to 0.21 https://gitlab.com/psmisc/psmisc/-/tags/v23.6 https://gitlab.com/psmisc/psmisc/-/tags/v23.7 Signed-off-by: Shubham Chakraborty <chakrabortyshubham66@gmail.com> --- v2 -> v3: - Include 23.6 changelog in commit message (Marcus Hoffmann) - Squash into a single patch (Marcus Hoffmann) v1 -> v2: - Put back upstream md5 and sha1 hashes (Julien Olivain) - Restore "Locally computed" comment (Julien Olivain) --- package/psmisc/psmisc.hash | 6 +++--- package/psmisc/psmisc.mk | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package/psmisc/psmisc.hash b/package/psmisc/psmisc.hash index fe146f90c9..f16b95eee3 100644 --- a/package/psmisc/psmisc.hash +++ b/package/psmisc/psmisc.hash @@ -1,6 +1,6 @@ # From https://sourceforge.net/projects/psmisc/files/psmisc/ -md5 014f0b5d5ab32478a2c57812ad01e1fb psmisc-23.5.tar.xz -sha1 a16073f459a19288c1ea2b413a84e1b996cab595 psmisc-23.5.tar.xz +md5 53eae841735189a896d614cba440eb10 psmisc-23.7.tar.xz +sha1 89046d35a8919def79200115c9cc78e91b98ad53 psmisc-23.7.tar.xz # Locally computed: -sha256 dc37ecc2f7e4a90a94956accc6e1c77adb71316b7c9cbd39b26738db0c3ae58b psmisc-23.5.tar.xz +sha256 58c55d9c1402474065adae669511c191de374b0871eec781239ab400b907c327 psmisc-23.7.tar.xz sha256 dcc100d4161cc0b7177545ab6e47216f84857cda3843847c792a25289852dcaa COPYING diff --git a/package/psmisc/psmisc.mk b/package/psmisc/psmisc.mk index 3229184459..85caf30653 100644 --- a/package/psmisc/psmisc.mk +++ b/package/psmisc/psmisc.mk @@ -4,7 +4,7 @@ # ################################################################################ -PSMISC_VERSION = 23.5 +PSMISC_VERSION = 23.7 PSMISC_SITE = http://downloads.sourceforge.net/project/psmisc/psmisc PSMISC_SOURCE = psmisc-$(PSMISC_VERSION).tar.xz PSMISC_LICENSE = GPL-2.0+ -- 2.54.0 _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [Buildroot] [PATCH v3] package/psmisc: bump to version 23.7 2026-04-29 13:06 ` [Buildroot] [PATCH v3] " Shubham Chakraborty @ 2026-04-29 22:31 ` Marcus Hoffmann via buildroot 0 siblings, 0 replies; 13+ messages in thread From: Marcus Hoffmann via buildroot @ 2026-04-29 22:31 UTC (permalink / raw) To: Shubham Chakraborty, buildroot On 4/29/26 15:06, Shubham Chakraborty wrote: > Changelog: > - v23.6: > - buildsys: Fix DEJAGNU work-around (Debian #1015089) > - killall: Use kill if pidfd_send_signal fails (Debian #1015228) > - fuser: Do not mention nonexistent -reset option (#42) > - fuser: Use modern statn where possible > - pstree: Better AppArmor support (!30) > - v23.7: > - Fix --disable-statx build option > - fuser: Add stat() fallback, ignore EACCES errors > - pstree: Fix assumption about root PID > - killall: Output formatting fixes > - Update gettext to 0.21 > > https://gitlab.com/psmisc/psmisc/-/tags/v23.6 > https://gitlab.com/psmisc/psmisc/-/tags/v23.7 > > Signed-off-by: Shubham Chakraborty <chakrabortyshubham66@gmail.com> > > --- Applied to master, thanks! Marcus _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 13+ messages in thread
* [Buildroot] [PATCH] package/nginx: bump to version 1.29.7 2026-04-18 7:33 [Buildroot] [PATCH] package/psmisc: bump to version 23.7 Shubham Chakraborty ` (2 preceding siblings ...) 2026-04-29 13:06 ` [Buildroot] [PATCH v3] " Shubham Chakraborty @ 2026-04-29 17:08 ` Shubham Chakraborty 2026-04-29 18:49 ` Marcus Hoffmann via buildroot 2026-04-30 5:40 ` [Buildroot] [PATCH v2] package/nginx: security bump to version 1.28.3 Shubham Chakraborty 3 siblings, 2 replies; 13+ messages in thread From: Shubham Chakraborty @ 2026-04-29 17:08 UTC (permalink / raw) To: buildroot; +Cc: Shubham Chakraborty - Security fixes: CVE-2026-27654, CVE-2026-27784, CVE-2026-32647, CVE-2026-27651, CVE-2026-28753, CVE-2026-28755 - Feature: Multipath TCP support via "multipath" parameter - Feature: "local" parameter of the "keepalive" directive in upstream block - Change: keepalive in upstream block now enabled by default - Change: ngx_http_proxy_module supports keepalive by default; default proxy_http_version is now "1.1"; Connection header not sent by default - Bugfix: invalid HTTP/2 request after switching to next upstream with buffered body in ngx_http_grpc_module - Fix bootlin-sparc-uclibc build by adding -latomic when needed this caused build errors in "bootlin-sparc-uclibc [24/32]: FAILED" https://nginx.org/en/CHANGES Tested Using: - utils/test-pkg -a -p nginx Signed-off-by: Shubham Chakraborty <chakrabortyshubham66@gmail.com> --- package/nginx/nginx.hash | 4 ++-- package/nginx/nginx.mk | 13 ++++++++++--- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/package/nginx/nginx.hash b/package/nginx/nginx.hash index 7b79036b20..6d2e957041 100644 --- a/package/nginx/nginx.hash +++ b/package/nginx/nginx.hash @@ -1,4 +1,4 @@ # Locally calculated after checking pgp signature -sha256 40e7a0916d121e8905ef50f2a738b675599e42b2224a582dd938603fed15788e nginx-1.28.1.tar.gz +sha256 673f8fb8c0961c44fbd9410d6161831453609b44063d3f2948253fc2b5692139 nginx-1.29.7.tar.gz # License files, locally calculated -sha256 77c01620abf36ed747b7eca4bd271e49023fe3a8e2b3525bcf4b09c8e3aa28e4 LICENSE +sha256 08845fe39e06b51dad7685c28140ab49577a86e947523e16b536a46caf89ad5c LICENSE diff --git a/package/nginx/nginx.mk b/package/nginx/nginx.mk index 41490caee2..739d3cfe0f 100644 --- a/package/nginx/nginx.mk +++ b/package/nginx/nginx.mk @@ -4,7 +4,7 @@ # ################################################################################ -NGINX_VERSION = 1.28.1 +NGINX_VERSION = 1.29.7 NGINX_SITE = https://nginx.org/download NGINX_LICENSE = BSD-2-Clause NGINX_LICENSE_FILES = LICENSE @@ -16,8 +16,15 @@ NGINX_DEPENDENCIES = \ NGINX_CONF_OPTS = \ --crossbuild=Linux::$(BR2_ARCH) \ --with-cc="$(TARGET_CC)" \ - --with-cpp="$(TARGET_CC)" \ - --with-ld-opt="$(TARGET_LDFLAGS)" + --with-cpp="$(TARGET_CC)" + +NGINX_LDFLAGS = $(TARGET_LDFLAGS) + +ifeq ($(BR2_TOOLCHAIN_HAS_LIBATOMIC),y) +NGINX_LDFLAGS += -latomic +endif + +NGINX_CONF_OPTS += --with-ld-opt="$(NGINX_LDFLAGS)" # www-data user and group are used for nginx. Because these user and group # are already set by buildroot, it is not necessary to redefine them. -- 2.54.0 _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [Buildroot] [PATCH] package/nginx: bump to version 1.29.7 2026-04-29 17:08 ` [Buildroot] [PATCH] package/nginx: bump to version 1.29.7 Shubham Chakraborty @ 2026-04-29 18:49 ` Marcus Hoffmann via buildroot 2026-04-29 18:52 ` Shubham Chakraborty 2026-04-30 5:40 ` [Buildroot] [PATCH v2] package/nginx: security bump to version 1.28.3 Shubham Chakraborty 1 sibling, 1 reply; 13+ messages in thread From: Marcus Hoffmann via buildroot @ 2026-04-29 18:49 UTC (permalink / raw) To: Shubham Chakraborty, buildroot Hi Shubham, On 4/29/26 19:08, Shubham Chakraborty wrote: > - Security fixes: CVE-2026-27654, CVE-2026-27784, CVE-2026-32647, > CVE-2026-27651, CVE-2026-28753, CVE-2026-28755 If this version bump fixes security issues, it should be marked as such in the commit title. > - Feature: Multipath TCP support via "multipath" parameter > - Feature: "local" parameter of the "keepalive" directive in upstream block > - Change: keepalive in upstream block now enabled by default > - Change: ngx_http_proxy_module supports keepalive by default; > default proxy_http_version is now "1.1"; Connection header not sent by default > - Bugfix: invalid HTTP/2 request after switching to next upstream > with buffered body in ngx_http_grpc_module > - Fix bootlin-sparc-uclibc build by adding -latomic when needed this caused > build errors in "bootlin-sparc-uclibc [24/32]: FAILED" > > https://nginx.org/en/CHANGES I don't understand why you are updating this to 1.29.7 though. The latest *mainline* version is 1.29.8, which was released over 3 weeks ago. But also we are currently deliberately using the *stable* releases of nginx[1], which also recently got a new release with 1.30.0. Bernd already sent a patch for updating to that[2], but I think we should update to 1.28.3 before. [1] https://docs.nginx.com/nginx/admin-guide/installing-nginx/installing-nginx-open-source/#stable-and-mainline-versions [2] https://patchwork.ozlabs.org/comment/3683711/ > > Tested Using: > - utils/test-pkg -a -p nginx > > Signed-off-by: Shubham Chakraborty <chakrabortyshubham66@gmail.com> > --- Best, Marcus _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [Buildroot] [PATCH] package/nginx: bump to version 1.29.7 2026-04-29 18:49 ` Marcus Hoffmann via buildroot @ 2026-04-29 18:52 ` Shubham Chakraborty 0 siblings, 0 replies; 13+ messages in thread From: Shubham Chakraborty @ 2026-04-29 18:52 UTC (permalink / raw) To: Marcus Hoffmann; +Cc: Buildroot List [-- Attachment #1.1: Type: text/plain, Size: 2219 bytes --] Hi Marcus, My mistake on the version choice. I missed the latest mainline and stable releases. I will update the commit title to reflect the security fixes. Regarding the version, I thought bumping to the latest available release (1.29.7) was the goal, but I see the preference for 1.28.3 first, given Bernd's patch. I will withdraw this patch and prepare a new one for 1.28.3, ensuring the security fixes are noted in the subject. Best regards, Shubham On Thu, 30 Apr, 2026, 12:19 am Marcus Hoffmann, <buildroot@bubu1.eu> wrote: > Hi Shubham, > > On 4/29/26 19:08, Shubham Chakraborty wrote: > > - Security fixes: CVE-2026-27654, CVE-2026-27784, CVE-2026-32647, > > CVE-2026-27651, CVE-2026-28753, CVE-2026-28755 > > If this version bump fixes security issues, it should be marked as such > in the commit title. > > > - Feature: Multipath TCP support via "multipath" parameter > > - Feature: "local" parameter of the "keepalive" directive in upstream > block > > - Change: keepalive in upstream block now enabled by default > > - Change: ngx_http_proxy_module supports keepalive by default; > > default proxy_http_version is now "1.1"; Connection header not sent > by default > > - Bugfix: invalid HTTP/2 request after switching to next upstream > > with buffered body in ngx_http_grpc_module > > - Fix bootlin-sparc-uclibc build by adding -latomic when needed this > caused > > build errors in "bootlin-sparc-uclibc [24/32]: FAILED" > > > > https://nginx.org/en/CHANGES > > I don't understand why you are updating this to 1.29.7 though. The > latest *mainline* version is 1.29.8, which was released over 3 weeks > ago. But also we are currently deliberately using the *stable* releases > of nginx[1], which also recently got a new release with 1.30.0. > Bernd already sent a patch for updating to that[2], but I think we > should update to 1.28.3 before. > > > [1] > > https://docs.nginx.com/nginx/admin-guide/installing-nginx/installing-nginx-open-source/#stable-and-mainline-versions > [2] https://patchwork.ozlabs.org/comment/3683711/ > > > > > Tested Using: > > - utils/test-pkg -a -p nginx > > > > Signed-off-by: Shubham Chakraborty <chakrabortyshubham66@gmail.com> > > --- > Best, > Marcus > [-- Attachment #1.2: Type: text/html, Size: 3311 bytes --] [-- Attachment #2: Type: text/plain, Size: 150 bytes --] _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 13+ messages in thread
* [Buildroot] [PATCH v2] package/nginx: security bump to version 1.28.3 2026-04-29 17:08 ` [Buildroot] [PATCH] package/nginx: bump to version 1.29.7 Shubham Chakraborty 2026-04-29 18:49 ` Marcus Hoffmann via buildroot @ 2026-04-30 5:40 ` Shubham Chakraborty 2026-05-04 8:31 ` Marcus Hoffmann via buildroot 2026-05-15 13:34 ` Thomas Perale via buildroot 1 sibling, 2 replies; 13+ messages in thread From: Shubham Chakraborty @ 2026-04-30 5:40 UTC (permalink / raw) To: buildroot; +Cc: Shubham Chakraborty Fixes the following security issues: - CVE-2026-27654: Buffer overflow in ngx_http_dav_module when using the alias directive with WebDAV COPY or MOVE requests. - CVE-2026-27784 & CVE-2026-32647: Buffer overflows in ngx_http_mp4_module when processing specially crafted MP4 files. - CVE-2026-27651: NULL pointer dereference in the mail proxy module during CRAM-MD5 or APOP authentication retries. - CVE-2026-28753: DNS PTR record manipulation in auth_http or SMTP proxy. - CVE-2026-28755: OCSP certificate check bypass in the stream module. For a full list of changes, see: https://nginx.org/en/CHANGES-1.28 --- v1 -> v2: - Bump to 1.28.3 (stable) instead of 1.29.7 (mainline) as requested by Marcus Hoffmann. - Highlight security fixes in the commit message. Signed-off-by: Shubham Chakraborty <chakrabortyshubham66@gmail.com> --- package/nginx/nginx.hash | 2 +- package/nginx/nginx.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package/nginx/nginx.hash b/package/nginx/nginx.hash index 7b79036b20..1d11937987 100644 --- a/package/nginx/nginx.hash +++ b/package/nginx/nginx.hash @@ -1,4 +1,4 @@ # Locally calculated after checking pgp signature -sha256 40e7a0916d121e8905ef50f2a738b675599e42b2224a582dd938603fed15788e nginx-1.28.1.tar.gz +sha256 2c96a946bfb0882a21744ed429770a2123ae1828c7c48665092993ddee91a918 nginx-1.28.3.tar.gz # License files, locally calculated sha256 77c01620abf36ed747b7eca4bd271e49023fe3a8e2b3525bcf4b09c8e3aa28e4 LICENSE diff --git a/package/nginx/nginx.mk b/package/nginx/nginx.mk index 41490caee2..a8b7ee7319 100644 --- a/package/nginx/nginx.mk +++ b/package/nginx/nginx.mk @@ -4,7 +4,7 @@ # ################################################################################ -NGINX_VERSION = 1.28.1 +NGINX_VERSION = 1.28.3 NGINX_SITE = https://nginx.org/download NGINX_LICENSE = BSD-2-Clause NGINX_LICENSE_FILES = LICENSE -- 2.54.0 _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [Buildroot] [PATCH v2] package/nginx: security bump to version 1.28.3 2026-04-30 5:40 ` [Buildroot] [PATCH v2] package/nginx: security bump to version 1.28.3 Shubham Chakraborty @ 2026-05-04 8:31 ` Marcus Hoffmann via buildroot 2026-05-04 9:43 ` Shubham Chakraborty 2026-05-15 13:34 ` Thomas Perale via buildroot 1 sibling, 1 reply; 13+ messages in thread From: Marcus Hoffmann via buildroot @ 2026-05-04 8:31 UTC (permalink / raw) To: Shubham Chakraborty, buildroot Hi Shubham, On 4/30/26 07:40, Shubham Chakraborty wrote: > Fixes the following security issues: > - CVE-2026-27654: Buffer overflow in ngx_http_dav_module when using the > alias directive with WebDAV COPY or MOVE requests. > - CVE-2026-27784 & CVE-2026-32647: Buffer overflows in ngx_http_mp4_module > when processing specially crafted MP4 files. > - CVE-2026-27651: NULL pointer dereference in the mail proxy module > during CRAM-MD5 or APOP authentication retries. > - CVE-2026-28753: DNS PTR record manipulation in auth_http or SMTP proxy. > - CVE-2026-28755: OCSP certificate check bypass in the stream module. > > For a full list of changes, see: > https://nginx.org/en/CHANGES-1.28 > > --- > v1 -> v2: > - Bump to 1.28.3 (stable) instead of 1.29.7 (mainline) as requested > by Marcus Hoffmann. > - Highlight security fixes in the commit message. > > Signed-off-by: Shubham Chakraborty <chakrabortyshubham66@gmail.com> > --- Your sign-off needs to be above the first --- line which separates the commit message from additional patch commentary. I moved it up while applying. Marcus _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [Buildroot] [PATCH v2] package/nginx: security bump to version 1.28.3 2026-05-04 8:31 ` Marcus Hoffmann via buildroot @ 2026-05-04 9:43 ` Shubham Chakraborty 0 siblings, 0 replies; 13+ messages in thread From: Shubham Chakraborty @ 2026-05-04 9:43 UTC (permalink / raw) To: Marcus Hoffmann; +Cc: Buildroot List [-- Attachment #1.1: Type: text/plain, Size: 1413 bytes --] Hi Marcus, Thanks for applying the patch and for correcting the sign-off placement. I'll make sure to follow that convention going forward. Best regards, Shubham On Mon, 4 May, 2026, 2:01 pm Marcus Hoffmann, <buildroot@bubu1.eu> wrote: > Hi Shubham, > > On 4/30/26 07:40, Shubham Chakraborty wrote: > > Fixes the following security issues: > > - CVE-2026-27654: Buffer overflow in ngx_http_dav_module when using the > > alias directive with WebDAV COPY or MOVE requests. > > - CVE-2026-27784 & CVE-2026-32647: Buffer overflows in > ngx_http_mp4_module > > when processing specially crafted MP4 files. > > - CVE-2026-27651: NULL pointer dereference in the mail proxy module > > during CRAM-MD5 or APOP authentication retries. > > - CVE-2026-28753: DNS PTR record manipulation in auth_http or SMTP proxy. > > - CVE-2026-28755: OCSP certificate check bypass in the stream module. > > > > For a full list of changes, see: > > https://nginx.org/en/CHANGES-1.28 > > > > --- > > v1 -> v2: > > - Bump to 1.28.3 (stable) instead of 1.29.7 (mainline) as requested > > by Marcus Hoffmann. > > - Highlight security fixes in the commit message. > > > > Signed-off-by: Shubham Chakraborty <chakrabortyshubham66@gmail.com> > > --- > Your sign-off needs to be above the first --- line which separates the > commit message from additional patch commentary. > > I moved it up while applying. > > Marcus > > [-- Attachment #1.2: Type: text/html, Size: 2115 bytes --] [-- Attachment #2: Type: text/plain, Size: 150 bytes --] _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [Buildroot] [PATCH v2] package/nginx: security bump to version 1.28.3 2026-04-30 5:40 ` [Buildroot] [PATCH v2] package/nginx: security bump to version 1.28.3 Shubham Chakraborty 2026-05-04 8:31 ` Marcus Hoffmann via buildroot @ 2026-05-15 13:34 ` Thomas Perale via buildroot 1 sibling, 0 replies; 13+ messages in thread From: Thomas Perale via buildroot @ 2026-05-15 13:34 UTC (permalink / raw) To: Shubham Chakraborty; +Cc: Thomas Perale, buildroot In reply of: > Fixes the following security issues: > - CVE-2026-27654: Buffer overflow in ngx_http_dav_module when using the > alias directive with WebDAV COPY or MOVE requests. > - CVE-2026-27784 & CVE-2026-32647: Buffer overflows in ngx_http_mp4_module > when processing specially crafted MP4 files. > - CVE-2026-27651: NULL pointer dereference in the mail proxy module > during CRAM-MD5 or APOP authentication retries. > - CVE-2026-28753: DNS PTR record manipulation in auth_http or SMTP proxy. > - CVE-2026-28755: OCSP certificate check bypass in the stream module. > > For a full list of changes, see: > https://nginx.org/en/CHANGES-1.28 > Applied to 2025.02.x & 2026.02.x. Thanks > --- > v1 -> v2: > - Bump to 1.28.3 (stable) instead of 1.29.7 (mainline) as requested > by Marcus Hoffmann. > - Highlight security fixes in the commit message. > > Signed-off-by: Shubham Chakraborty <chakrabortyshubham66@gmail.com> > --- > package/nginx/nginx.hash | 2 +- > package/nginx/nginx.mk | 2 +- > 2 files changed, 2 insertions(+), 2 deletions(-) > > diff --git a/package/nginx/nginx.hash b/package/nginx/nginx.hash > index 7b79036b20..1d11937987 100644 > --- a/package/nginx/nginx.hash > +++ b/package/nginx/nginx.hash > @@ -1,4 +1,4 @@ > # Locally calculated after checking pgp signature > -sha256 40e7a0916d121e8905ef50f2a738b675599e42b2224a582dd938603fed15788e nginx-1.28.1.tar.gz > +sha256 2c96a946bfb0882a21744ed429770a2123ae1828c7c48665092993ddee91a918 nginx-1.28.3.tar.gz > # License files, locally calculated > sha256 77c01620abf36ed747b7eca4bd271e49023fe3a8e2b3525bcf4b09c8e3aa28e4 LICENSE > diff --git a/package/nginx/nginx.mk b/package/nginx/nginx.mk > index 41490caee2..a8b7ee7319 100644 > --- a/package/nginx/nginx.mk > +++ b/package/nginx/nginx.mk > @@ -4,7 +4,7 @@ > # > ################################################################################ > > -NGINX_VERSION = 1.28.1 > +NGINX_VERSION = 1.28.3 > NGINX_SITE = https://nginx.org/download > NGINX_LICENSE = BSD-2-Clause > NGINX_LICENSE_FILES = LICENSE > -- > 2.54.0 > > _______________________________________________ > buildroot mailing list > buildroot@buildroot.org > https://lists.buildroot.org/mailman/listinfo/buildroot _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2026-05-15 13:34 UTC | newest] Thread overview: 13+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2026-04-18 7:33 [Buildroot] [PATCH] package/psmisc: bump to version 23.7 Shubham Chakraborty 2026-04-24 20:08 ` Julien Olivain via buildroot 2026-04-28 20:45 ` [Buildroot] [PATCH v2] " Shubham Chakraborty 2026-04-29 8:23 ` Marcus Hoffmann via buildroot 2026-04-29 13:06 ` [Buildroot] [PATCH v3] " Shubham Chakraborty 2026-04-29 22:31 ` Marcus Hoffmann via buildroot 2026-04-29 17:08 ` [Buildroot] [PATCH] package/nginx: bump to version 1.29.7 Shubham Chakraborty 2026-04-29 18:49 ` Marcus Hoffmann via buildroot 2026-04-29 18:52 ` Shubham Chakraborty 2026-04-30 5:40 ` [Buildroot] [PATCH v2] package/nginx: security bump to version 1.28.3 Shubham Chakraborty 2026-05-04 8:31 ` Marcus Hoffmann via buildroot 2026-05-04 9:43 ` Shubham Chakraborty 2026-05-15 13:34 ` Thomas Perale via buildroot
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox