What happened to [scarthgap][PATCHv2] busybox: fix for CVE-2026-26157, CVE-2026-26158 from Hitendra Prajapati?
Den tis 24 mars 2026 kl 23:28 skrev Yoann Congal via lists.openembedded.org <[email protected]>: > Those are the patches from the last patch review: > > https://lore.kernel.org/openembedded-core/[email protected]/T/#t > > Passed a-full on autobuilder (with an AB-INT): > https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/3502 > * qemuarm64-tc failed on what look like the bug 16058 – AB-INT: rust > do_test_compile/do_install segfault > * rebuilt successfully in > https://autobuilder.yoctoproject.org/valkyrie/#/builders/5/builds/3396 > > The following changes since commit > 077f258eb2125359ffe3982c58433ee14cb21f09: > > busybox: Fixes CVE-2025-60876 (2026-03-16 09:21:34 +0000) > > are available in the Git repository at: > > https://git.openembedded.org/openembedded-core-contrib > stable/scarthgap-next > > https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-next > > for you to fetch changes up to 9f2a6cfda6a2305f52411ca8121f27c8a5a91fa2: > > python3-pip: drop unused Windows distlib launcher templates (2026-03-20 > 10:56:43 +0100) > > ---------------------------------------------------------------- > > Ankur Tyagi (2): > wireless-regdb: upgrade 2025.10.07 -> 2026.02.04 > tiff: ignore CVE-2025-61143, CVE-2025-61144 and CVE-2025-61145 > > Daniel Turull (3): > improve_kernel_cve_report: do not override backported-patch > improve_kernel_cve_report: do not use custom version > improve_kernel_cve_report: add option to read debugsources.zstd > > Eduardo Ferreira (1): > go: Fix CVE-2025-61726.patch variable ordering > > Krupal Ka Patel (2): > python3-setuptools: drop Windows launcher executables on non-mingw > builds > python3-pip: drop unused Windows distlib launcher templates > > Martin Jansa (1): > lsb.py: strip ' from os-release file > > Peter Marko (1): > inetutils: patch CVE-2026-28372 > > Ryan Eatmon (1): > oe-setup-build: Fix typo > > Trent Piepho (1): > systemd-systemctl: Fix instance name parsing with escapes or periods > > Vijay Anusuri (3): > freetype: Fix CVE-2026-23865 > python3-pip: Fix CVE-2026-1703 > inetutils: Fix CVE-2026-32746 > > meta/lib/oe/lsb.py | 2 +- > .../inetutils/inetutils/CVE-2026-28372.patch | 86 +++++++++++++++++++ > .../inetutils/inetutils/CVE-2026-32746.patch | 40 +++++++++ > .../inetutils/inetutils_2.5.bb | 2 + > .../systemd/systemd-systemctl/systemctl | 7 +- > .../go/go/CVE-2025-61726.patch | 21 ++--- > .../python/python3-pip/CVE-2026-1703.patch | 37 ++++++++ > .../python/python3-pip_24.0.bb | 13 ++- > .../python/python3-setuptools_69.1.1.bb | 9 ++ > .../freetype/freetype/CVE-2026-23865.patch | 54 ++++++++++++ > .../freetype/freetype_2.13.2.bb | 1 + > ....10.07.bb => wireless-regdb_2026.02.04.bb} | 2 +- > meta/recipes-multimedia/libtiff/tiff_4.6.0.bb | 2 +- > scripts/contrib/improve_kernel_cve_report.py | 37 +++++++- > scripts/oe-setup-build | 2 +- > 15 files changed, 295 insertions(+), 20 deletions(-) > create mode 100644 > meta/recipes-connectivity/inetutils/inetutils/CVE-2026-28372.patch > create mode 100644 > meta/recipes-connectivity/inetutils/inetutils/CVE-2026-32746.patch > create mode 100644 > meta/recipes-devtools/python/python3-pip/CVE-2026-1703.patch > create mode 100644 > meta/recipes-graphics/freetype/freetype/CVE-2026-23865.patch > rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2025.10.07.bb > => wireless-regdb_2026.02.04.bb} (94%) > > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#233872): https://lists.openembedded.org/g/openembedded-core/message/233872 Mute This Topic: https://lists.openembedded.org/mt/118492584/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
