Hi Yoann,

I have sent the wrynose patch for this CVE: 
[email protected] | [wrynose][PATCH] libcap: Fix 
CVE-2026-4878<https://lists.openembedded.org/g/openembedded-core/topic/120185745>

Regards,
Deepak
________________________________
From: Deepak Rathore -X (deeratho - E INFOCHIPS PRIVATE LIMITED at Cisco) 
<[email protected]>
Sent: Wednesday, July 8, 2026 11:50 PM
To: Yoann Congal <[email protected]>; [email protected] 
<[email protected]>; Anil Dongare -X (adongare - E INFOCHIPS PRIVATE 
LIMITED at Cisco) <[email protected]>; 
[email protected] 
<[email protected]>
Cc: xe-linux-external (Internal Group) <[email protected]>
Subject: Re: [OE-core] [scarthgap] [PATCH] libcap: Fix CVE-2026-4878

Hi Yoann,

Anil is on medical leave. I am working on this and will submit the patch for 
wrynose by tomorrow 9th July.

Thanks & Regards,
Deepak
________________________________
From: Yoann Congal <[email protected]>
Sent: Monday, July 6, 2026 10:14 PM
To: [email protected] <[email protected]>; Anil Dongare -X (adongare - 
E INFOCHIPS PRIVATE LIMITED at Cisco) <[email protected]>; 
[email protected] 
<[email protected]>
Cc: xe-linux-external (Internal Group) <[email protected]>; 
[email protected] <[email protected]>
Subject: Re: [OE-core] [scarthgap] [PATCH] libcap: Fix CVE-2026-4878

On Mon Jun 8, 2026 at 4:44 PM CEST, J?r?my Rosen via lists.openembedded.org 
wrote:
> Hello Anil
>
> from what I can tell, this CVE was fixed in master but not in wrynose
> please submit a patch for wrynose then ping this thread so we can apply
> to scarthgap

Hello Anil,

Gentle ping for this patch, do you plan to send the needed patch for
wrynose?

Thanks!
>
>
> thanks a lot
> Jeremy
>
>
> On Mon Jun 1, 2026 at 3:42 PM CEST, Anil Dongare -X (adongare - E INFOCHIPS 
> PRIVATE LIMITED at Cisco) via lists.openembedded.org wrote:
>> From: Anil Dongare <[email protected]>
>>
>> Pick the upstream patch [1] as mentioned in [2].
>>
>> [1] 
>> https://git.kernel.org/pub/scm/libs/libcap/libcap.git/patch/?id=286ace1259992bd0c5d9016715833f2e148ac596
>> [2] https://security-tracker.debian.org/tracker/CVE-2026-4878
>>
>> Signed-off-by: Anil Dongare <[email protected]>
>> ---
>>  .../libcap/files/CVE-2026-4878.patch          | 162 ++++++++++++++++++
>>  meta/recipes-support/libcap/libcap_2.69.bb    |   1 +
>>  2 files changed, 163 insertions(+)
>>  create mode 100644 meta/recipes-support/libcap/files/CVE-2026-4878.patch

--
Yoann Congal
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#240518): 
https://lists.openembedded.org/g/openembedded-core/message/240518
Mute This Topic: https://lists.openembedded.org/mt/119590711/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

  • ... Anil Dongare -X (adongare - E INFOCHIPS PRIVATE LIMITED at Cisco) via lists.openembedded.org
    • ... J?r?my Rosen via lists.openembedded.org
      • ... Yoann Congal via lists.openembedded.org
        • ... Deepak Rathore via lists.openembedded.org
          • ... Deepak Rathore via lists.openembedded.org

Reply via email to