Hi Yoann, I have sent the wrynose patch for this CVE: [email protected] | [wrynose][PATCH] libcap: Fix CVE-2026-4878<https://lists.openembedded.org/g/openembedded-core/topic/120185745>
Regards, Deepak ________________________________ From: Deepak Rathore -X (deeratho - E INFOCHIPS PRIVATE LIMITED at Cisco) <[email protected]> Sent: Wednesday, July 8, 2026 11:50 PM To: Yoann Congal <[email protected]>; [email protected] <[email protected]>; Anil Dongare -X (adongare - E INFOCHIPS PRIVATE LIMITED at Cisco) <[email protected]>; [email protected] <[email protected]> Cc: xe-linux-external (Internal Group) <[email protected]> Subject: Re: [OE-core] [scarthgap] [PATCH] libcap: Fix CVE-2026-4878 Hi Yoann, Anil is on medical leave. I am working on this and will submit the patch for wrynose by tomorrow 9th July. Thanks & Regards, Deepak ________________________________ From: Yoann Congal <[email protected]> Sent: Monday, July 6, 2026 10:14 PM To: [email protected] <[email protected]>; Anil Dongare -X (adongare - E INFOCHIPS PRIVATE LIMITED at Cisco) <[email protected]>; [email protected] <[email protected]> Cc: xe-linux-external (Internal Group) <[email protected]>; [email protected] <[email protected]> Subject: Re: [OE-core] [scarthgap] [PATCH] libcap: Fix CVE-2026-4878 On Mon Jun 8, 2026 at 4:44 PM CEST, J?r?my Rosen via lists.openembedded.org wrote: > Hello Anil > > from what I can tell, this CVE was fixed in master but not in wrynose > please submit a patch for wrynose then ping this thread so we can apply > to scarthgap Hello Anil, Gentle ping for this patch, do you plan to send the needed patch for wrynose? Thanks! > > > thanks a lot > Jeremy > > > On Mon Jun 1, 2026 at 3:42 PM CEST, Anil Dongare -X (adongare - E INFOCHIPS > PRIVATE LIMITED at Cisco) via lists.openembedded.org wrote: >> From: Anil Dongare <[email protected]> >> >> Pick the upstream patch [1] as mentioned in [2]. >> >> [1] >> https://git.kernel.org/pub/scm/libs/libcap/libcap.git/patch/?id=286ace1259992bd0c5d9016715833f2e148ac596 >> [2] https://security-tracker.debian.org/tracker/CVE-2026-4878 >> >> Signed-off-by: Anil Dongare <[email protected]> >> --- >> .../libcap/files/CVE-2026-4878.patch | 162 ++++++++++++++++++ >> meta/recipes-support/libcap/libcap_2.69.bb | 1 + >> 2 files changed, 163 insertions(+) >> create mode 100644 meta/recipes-support/libcap/files/CVE-2026-4878.patch -- Yoann Congal
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#240518): https://lists.openembedded.org/g/openembedded-core/message/240518 Mute This Topic: https://lists.openembedded.org/mt/119590711/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
