* [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7
@ 2026-03-13 21:10 Giulio Benetti
2026-03-14 19:57 ` Petr Vorel
2026-03-15 10:17 ` Julien Olivain via buildroot
0 siblings, 2 replies; 7+ messages in thread
From: Giulio Benetti @ 2026-03-13 21:10 UTC (permalink / raw)
To: buildroot; +Cc: Giulio Benetti, Petr Vorel
Release announce:
https://lore.kernel.org/linux-nfs/4d11b9d7-7b49-4a1e-8c26-29ecb2fefe2f@redhat.com/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
---
package/nfs-utils/nfs-utils.hash | 4 ++--
package/nfs-utils/nfs-utils.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/nfs-utils/nfs-utils.hash b/package/nfs-utils/nfs-utils.hash
index bf7c4b61b6..1e3f63d419 100644
--- a/package/nfs-utils/nfs-utils.hash
+++ b/package/nfs-utils/nfs-utils.hash
@@ -1,4 +1,4 @@
-# From https://www.kernel.org/pub/linux/utils/nfs-utils/2.8.6/sha256sums.asc
-sha256 2bd7b34e809a7eff2f4bc5fc5fd96ebcd66a5458b471a270cbd2dc169b011550 nfs-utils-2.8.6.tar.xz
+# From https://www.kernel.org/pub/linux/utils/nfs-utils/2.8.7/sha256sums.asc
+sha256 59d0f1e17b18efaa60ea3ccf89a9cad3217f8d3b23c18d2fe34b25c8969d60ae nfs-utils-2.8.7.tar.xz
# Locally computed
sha256 576540abf5e95029ad4ad90e32071385a5e95b2c30708c706116f3eb87b9a3de COPYING
diff --git a/package/nfs-utils/nfs-utils.mk b/package/nfs-utils/nfs-utils.mk
index 7ac0b549cf..3d391c1804 100644
--- a/package/nfs-utils/nfs-utils.mk
+++ b/package/nfs-utils/nfs-utils.mk
@@ -4,7 +4,7 @@
#
################################################################################
-NFS_UTILS_VERSION = 2.8.6
+NFS_UTILS_VERSION = 2.8.7
NFS_UTILS_SOURCE = nfs-utils-$(NFS_UTILS_VERSION).tar.xz
NFS_UTILS_SITE = https://www.kernel.org/pub/linux/utils/nfs-utils/$(NFS_UTILS_VERSION)
NFS_UTILS_LICENSE = GPL-2.0+
--
2.47.3
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7
2026-03-13 21:10 [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7 Giulio Benetti
@ 2026-03-14 19:57 ` Petr Vorel
2026-03-15 10:17 ` Julien Olivain via buildroot
1 sibling, 0 replies; 7+ messages in thread
From: Petr Vorel @ 2026-03-14 19:57 UTC (permalink / raw)
To: Giulio Benetti; +Cc: buildroot
Hi Giulio,
> Release announce:
> https://lore.kernel.org/linux-nfs/4d11b9d7-7b49-4a1e-8c26-29ecb2fefe2f@redhat.com/
Thanks for update!
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Kind regards,
Petr
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7
2026-03-13 21:10 [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7 Giulio Benetti
2026-03-14 19:57 ` Petr Vorel
@ 2026-03-15 10:17 ` Julien Olivain via buildroot
2026-03-15 23:07 ` Petr Vorel
1 sibling, 1 reply; 7+ messages in thread
From: Julien Olivain via buildroot @ 2026-03-15 10:17 UTC (permalink / raw)
To: Giulio Benetti; +Cc: buildroot, Petr Vorel
Hi Giulio,
On 13/03/2026 22:10, Giulio Benetti wrote:
> Release announce:
> https://lore.kernel.org/linux-nfs/4d11b9d7-7b49-4a1e-8c26-29ecb2fefe2f@redhat.com/
The commit title says it is a "security" bump. I can't find any
reference to security
fixes in the release note. Could you provide details?
Or is it a copy paste error from the previous bump?
https://gitlab.com/buildroot.org/buildroot/-/commit/7dfd2feb445c2cf83a2b52057fab96e72e42a071
In the later case, no need to send a v2, I'll just remove "security"
while applying.
> Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Best regards,
Julien.
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7
2026-03-15 10:17 ` Julien Olivain via buildroot
@ 2026-03-15 23:07 ` Petr Vorel
2026-03-16 10:53 ` Giulio Benetti
0 siblings, 1 reply; 7+ messages in thread
From: Petr Vorel @ 2026-03-15 23:07 UTC (permalink / raw)
To: Julien Olivain; +Cc: Giulio Benetti, buildroot
Hi Julien,
> Hi Giulio,
> On 13/03/2026 22:10, Giulio Benetti wrote:
> > Release announce:
> > https://lore.kernel.org/linux-nfs/4d11b9d7-7b49-4a1e-8c26-29ecb2fefe2f@redhat.com/
> The commit title says it is a "security" bump. I can't find any reference to
> security
> fixes in the release note. Could you provide details?
> Or is it a copy paste error from the previous bump?
> https://gitlab.com/buildroot.org/buildroot/-/commit/7dfd2feb445c2cf83a2b52057fab96e72e42a071
> In the later case, no need to send a v2, I'll just remove "security" while
> applying.
I'd also say it's just a copy paste from 2.8.6. 2.8.7 seems to me only a bugfix
release.
Kind regards,
Petr
> > Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
> Best regards,
> Julien.
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7
2026-03-15 23:07 ` Petr Vorel
@ 2026-03-16 10:53 ` Giulio Benetti
2026-03-16 10:54 ` Giulio Benetti
0 siblings, 1 reply; 7+ messages in thread
From: Giulio Benetti @ 2026-03-16 10:53 UTC (permalink / raw)
To: Petr Vorel, Julien Olivain; +Cc: buildroot
Hi Julien and Petr,
On 3/16/26 00:07, Petr Vorel wrote:
> Hi Julien,
>
>> Hi Giulio,
>
>> On 13/03/2026 22:10, Giulio Benetti wrote:
>>> Release announce:
>>> https://lore.kernel.org/linux-nfs/4d11b9d7-7b49-4a1e-8c26-29ecb2fefe2f@redhat.com/
>
>> The commit title says it is a "security" bump. I can't find any reference to
>> security
>> fixes in the release note. Could you provide details?
>
>> Or is it a copy paste error from the previous bump?
>> https://gitlab.com/buildroot.org/buildroot/-/commit/7dfd2feb445c2cf83a2b52057fab96e72e42a071
>
>> In the later case, no need to send a v2, I'll just remove "security" while
>> applying.
>
> I'd also say it's just a copy paste from 2.8.6. 2.8.7 seems to me only a bugfix
> release.
I interpret commit [1] as a security commit, but maybe I'm wrong.
It's not a CVE or similar but to me it sounds like a security commit,
this is why subject is " security bump..".
Best regards
Giulio
> Kind regards,
> Petr
>
>>> Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
>
>> Best regards,
>
>> Julien.
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7
2026-03-16 10:53 ` Giulio Benetti
@ 2026-03-16 10:54 ` Giulio Benetti
2026-03-16 21:28 ` Julien Olivain via buildroot
0 siblings, 1 reply; 7+ messages in thread
From: Giulio Benetti @ 2026-03-16 10:54 UTC (permalink / raw)
To: Petr Vorel, Julien Olivain; +Cc: buildroot
On 3/16/26 11:53, Giulio Benetti wrote:
> Hi Julien and Petr,
>
> On 3/16/26 00:07, Petr Vorel wrote:
>> Hi Julien,
>>
>>> Hi Giulio,
>>
>>> On 13/03/2026 22:10, Giulio Benetti wrote:
>>>> Release announce:
>>>> https://lore.kernel.org/linux-
>>>> nfs/4d11b9d7-7b49-4a1e-8c26-29ecb2fefe2f@redhat.com/
>>
>>> The commit title says it is a "security" bump. I can't find any
>>> reference to
>>> security
>>> fixes in the release note. Could you provide details?
>>
>>> Or is it a copy paste error from the previous bump?
>>> https://gitlab.com/buildroot.org/buildroot/-/
>>> commit/7dfd2feb445c2cf83a2b52057fab96e72e42a071
>>
>>> In the later case, no need to send a v2, I'll just remove "security"
>>> while
>>> applying.
>>
>> I'd also say it's just a copy paste from 2.8.6. 2.8.7 seems to me only
>> a bugfix
>> release.
>
> I interpret commit [1] as a security commit, but maybe I'm wrong.
> It's not a CVE or similar but to me it sounds like a security commit,
> this is why subject is " security bump..".
[1]: https://www.kernel.org/pub/linux/utils/nfs-utils/2.8.7/2.8.7-Changelog
> Best regards
> Giulio
>
>> Kind regards,
>> Petr
>>
>>>> Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
>>
>>> Best regards,
>>
>>> Julien.
>
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7
2026-03-16 10:54 ` Giulio Benetti
@ 2026-03-16 21:28 ` Julien Olivain via buildroot
0 siblings, 0 replies; 7+ messages in thread
From: Julien Olivain via buildroot @ 2026-03-16 21:28 UTC (permalink / raw)
To: Giulio Benetti; +Cc: Petr Vorel, buildroot
Hi Giulio,
On 16/03/2026 11:54, Giulio Benetti wrote:
> On 3/16/26 11:53, Giulio Benetti wrote:
>> Hi Julien and Petr,
>>
>> On 3/16/26 00:07, Petr Vorel wrote:
>>> Hi Julien,
>>>
>>>> Hi Giulio,
>>>
>>>> On 13/03/2026 22:10, Giulio Benetti wrote:
>>>>> Release announce:
>>>>> https://lore.kernel.org/linux-
>>>>> nfs/4d11b9d7-7b49-4a1e-8c26-29ecb2fefe2f@redhat.com/
>>>
>>>> The commit title says it is a "security" bump. I can't find any
>>>> reference to
>>>> security
>>>> fixes in the release note. Could you provide details?
>>>
>>>> Or is it a copy paste error from the previous bump?
>>>> https://gitlab.com/buildroot.org/buildroot/-/
>>>> commit/7dfd2feb445c2cf83a2b52057fab96e72e42a071
>>>
>>>> In the later case, no need to send a v2, I'll just remove "security"
>>>> while
>>>> applying.
>>>
>>> I'd also say it's just a copy paste from 2.8.6. 2.8.7 seems to me
>>> only a bugfix
>>> release.
>>
>> I interpret commit [1] as a security commit, but maybe I'm wrong.
>> It's not a CVE or similar but to me it sounds like a security commit,
>> this is why subject is " security bump..".
>
> [1]:
> https://www.kernel.org/pub/linux/utils/nfs-utils/2.8.7/2.8.7-Changelog
Applied to master, thanks.
I removed "security" in the commit title. While I agree that using
uninitialized data from the stack might be a security issue, we
generally flag updates in Buildroot as "security" when there is a
mention in the release note, a CVE assigned, or an advisory. This
"bugfix" release will go in Buildroot LTS branches anyway.
>> Best regards
>> Giulio
>>
>>> Kind regards,
>>> Petr
>>>
>>>>> Signed-off-by: Giulio Benetti
>>>>> <giulio.benetti@benettiengineering.com>
>>>
>>>> Best regards,
>>>
>>>> Julien.
Best regards,
Julien.
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2026-03-16 21:28 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-03-13 21:10 [Buildroot] [PATCH] package/nfs-utils: security bump version to 2.8.7 Giulio Benetti
2026-03-14 19:57 ` Petr Vorel
2026-03-15 10:17 ` Julien Olivain via buildroot
2026-03-15 23:07 ` Petr Vorel
2026-03-16 10:53 ` Giulio Benetti
2026-03-16 10:54 ` Giulio Benetti
2026-03-16 21:28 ` Julien Olivain via buildroot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox