merged now thanks Anuj On Wed, Nov 19, 2025 at 3:34 PM Anuj Mittal <[email protected]> wrote:
> Please merge these changes in scarthgap. Tested on AB and locally. > > https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1098 > > The following changes since commit > f1f248262d662315159ee96c604f97415d1dbe6a: > > cockpit: remove deprecated packages (2025-11-12 11:38:29 +0530) > > are available in the Git repository at: > > https://github.com/anujm1/meta-openembedded anujm/scarthgap > https://github.com/anujm1/meta-openembedded/tree/anujm/scarthgap > > Ankur Tyagi (10): > tbb: upgrade 2021.11.0 -> 2021.12.0 > jasper: upgrade 4.1.1 -> 4.1.2 > libspiro: upgrade 20221101 -> 20230902 > redis-plus-plus: upgrade 1.3.11 -> 1.3.12 > redis: upgrade 7.2.11 -> 7.2.12 > redis: upgrade 6.2.20 -> 6.2.21 > botan: patch CVE-2024-34703 > botan: patch CVE-2024-50382 and CVE-2024-50383 > freerdp3: patch CVE-2025-4478 > hdf5: patch CVE-2025-2926 > > Anuj Mittal (1): > remmina: add DEPENDS on curl > > Armin Kuster (1): > audit: fix build when systemd is enabled. > > Bartosz Golaszewski (2): > libgpiod: update to v1.6.5 > libgpiod: update v2.1.2 -> v2.1.3 > > Ethan Roderick (1): > openldap: make license match spdx identifier > > Gyorgy Sarvari (17): > audiofile: patch CVE-2019-13147 and CVE-2022-24599 > audiofile: patch CVE-2018-13440 and CVE-2018-17059 > linuxptp: ignore CVE-2024-42861 > rsyslog: set status for CVE-2015-3243 > apache2: ignore CVE-2025-3891 > webmin: patch CVE-2017-15644, CVE-2017-15645 and CVE-2017-15646 > webmin: patch CVE-2017-17089 > webmin: patch CVE-2019-15642 > webmin: patch CVE-2022-0824 > webmin: patch CVE-2022-0829 > libwmf: add proper CVE tag to patch > libwmf: add missing CVE tag to patch > libwmf: patch CVE-2015-0848 and CVE-2015-4588 > libwmf: patch CVE-2015-4695 > libwmf: patch CVE-2015-4696 > libwmf: patch CVE-2016-9011 > iptraf-ng: patch CVE-2024-52949 > > J. S. (1): > libhtml-tree-perl: fix QA Issue: TMPDIR [buildpaths] > > Jason Schonberg (3): > xrdp: upgrade 0.9.19 -> 0.9.20 > usbids: upgrade 2023.01.16 -> 2025.04.01 > usbids: upgrade 2025.04.01 -> 2025.09.15 > > Jiaying Song (1): > minifi-cpp: fix python shebang in minifi-python > > Khem Raj (3): > libforms: Remove buildpaths from fd2ps and fdesign scripts > libwmf: Fix buildpaths QA Errors in libwmf-config > fvwm: Fix buildpaths QA Errors > > Markus Volk (2): > xdg-desktop-portal: update 1.18.1 -> 1.18.4 > flatpak;xdg-desktop-portal: add missing runtime dependency on > fuse3-utils > > Michael Wyraz (3): > python3-passlib: add native support > python3-transitions: add native support > python3-passlib: add python3-misc as a depencency > > Ninette Adhikari (1): > redis: Update status for CVE-2022-3734 > > Peter Marko (4): > audiofile: mark CVE-2020-18781 as patched > proftpd: set status of CVE-2001-0027 > rtmpdump: mark CVE-2015-8270, CVE-2015-8271 and CVE-2015-8272 as fixed > squid: patch CVE-2025-62168 > > Shinji Matsunaga (1): > audit: Fix CVE_PRODUCT > > Wang Mingyu (16): > evtest: upgrade 1.35 -> 1.36 > xmlsec1: upgrade 1.3.4 -> 1.3.5 > openldap: upgrade 2.6.7 -> 2.6.8 > openldap: upgrade 2.6.9 -> 2.6.10 > mcelog: upgrade 198 -> 199 > mcelog: upgrade 199 -> 200 > libiodbc: upgrade 3.52.15 -> 3.52.16 > libbytesize: upgrade 2.10 -> 2.11 > libbpf: upgrade 1.4.0 -> 1.4.2 > libbpf: upgrade 1.4.2 -> 1.4.3 > libbpf: upgrade 1.4.3 -> 1.4.5 > libbpf: upgrade 1.4.5 -> 1.4.6 > openjpeg: upgrade 2.5.3 -> 2.5.4 > feh: upgrade 3.10.2 -> 3.10.3 > cryptsetup: upgrade 2.7.2 -> 2.7.3 > cryptsetup: upgrade 2.7.3 -> 2.7.4 > > Yi Zhao (4): > openldap: upgrade 2.6.8 -> 2.6.9 > audit: upgrade 4.0.1 -> 4.0.2 > libbpf: upgrade 1.4.6 -> 1.4.7 > cryptsetup: upgrade 2.7.4 -> 2.7.5 > > Yoann Congal (2): > klibc: fix debug pkgs reproducibility > grilo: fix buildpaths QA error > > alperak (1): > pcp: Fix contains reference to TMPDIR [buildpaths] warnings > > .../recipes-gnome/grilo/grilo_0.3.16.bb | 11 +- > meta-initramfs/classes/klibc.bbclass | 2 +- > .../rtmpdump/rtmpdump_2.4.bb | 4 + > .../recipes-daemons/proftpd/proftpd_1.3.7f.bb | 2 + > .../squid/files/CVE-2025-62168.patch | 211 +++++++++++++++++ > .../recipes-daemons/squid/squid_6.14.bb | 1 + > meta-oe/licenses/{OpenLDAP => OLDAP-2.8} | 0 > .../linuxptp/linuxptp_4.1.bb | 2 + > .../botan/botan/CVE-2024-34703.patch | 38 +++ > .../CVE-2024-50382-and-CVE-2024-50383.patch | 66 ++++++ > meta-oe/recipes-crypto/botan/botan_3.2.0.bb | 5 +- > ...ryptsetup_2.7.2.bb => cryptsetup_2.7.5.bb} | 2 +- > .../iptraf/iptraf-ng/CVE-2024-52949.patch | 218 ++++++++++++++++++ > .../iptraf/iptraf-ng_1.2.1.bb | 1 + > .../flatpak/flatpak_1.15.8.bb | 1 + > .../libwmf/CVE-2015-0848-CVE-2015-4588.patch | 135 +++++++++++ > .../libwmf/libwmf/CVE-2015-4695.patch | 70 ++++++ > .../libwmf/libwmf/CVE-2015-4696.patch | 37 +++ > .../libwmf/libwmf/CVE-2016-9011.patch | 50 ++++ > .../libwmf/libwmf-0.2.8.4-intoverflow.patch | 2 + > .../libwmf/libwmf-0.2.8.4-useafterfree.patch | 2 + > .../recipes-extended/libwmf/libwmf_0.2.8.4.bb | 10 +- > .../minifi-cpp/minifi-cpp_0.15.0.bb | 4 + > ...us_1.3.11.bb => redis-plus-plus_1.3.12.bb} | 2 +- > ...-hiredis-use-default-CC-if-it-is-set.patch | 6 +- > ...ile-to-use-environment-build-setting.patch | 2 +- > ...003-hack-to-force-use-of-libc-malloc.patch | 10 +- > .../0004-src-Do-not-reset-FINAL_LIBS.patch | 10 +- > ...RCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch | 2 +- > ...006-Define-correct-gregs-for-RISCV32.patch | 2 +- > .../init-redis-server | 0 > .../{redis-7.2.11 => redis-7.2.12}/redis.conf | 0 > .../redis.service | 0 > .../{redis_6.2.20.bb => redis_6.2.21.bb} | 2 +- > .../{redis_7.2.11.bb => redis_7.2.12.bb} | 5 +- > .../rsyslog/rsyslog/rsyslog.conf | 3 +- > .../rsyslog/rsyslog_8.2402.0.bb | 2 + > .../feh/{feh_3.10.2.bb => feh_3.10.3.bb} | 2 +- > ...spiro_20221101.bb => libspiro_20240902.bb} | 2 +- > meta-oe/recipes-graphics/fvwm/fvwm_2.7.0.bb | 3 + > .../{jasper_4.1.1.bb => jasper_4.1.2.bb} | 2 +- > .../libforms/libforms_1.2.5pre1.bb | 5 + > .../openjpeg/openjpeg/CVE-2025-54874.patch | 44 ---- > .../{openjpeg_2.5.3.bb => openjpeg_2.5.4.bb} | 3 +- > .../{libbpf_1.4.0.bb => libbpf_1.4.7.bb} | 4 +- > .../audiofile/audiofile_0.3.6.bb | 4 + > ...ays-check-the-number-of-coefficients.patch | 1 + > .../audiofile/files/CVE-2018-13440.patch | 36 +++ > .../audiofile/files/CVE-2018-17059.patch | 35 +++ > .../audiofile/files/CVE-2019-13147.patch | 31 +++ > .../audiofile/files/CVE-2022-24599.patch | 50 ++++ > ...ute_malloc__-with-__attribute__-__ma.patch | 49 ---- > .../audit/{audit_4.0.1.bb => audit_4.0.2.bb} | 12 +- > .../freerdp/freerdp3/CVE-2025-4478.patch | 60 +++++ > .../recipes-support/freerdp/freerdp3_3.4.0.bb | 1 + > .../hdf5/files/CVE-2025-2926.patch | 32 +++ > meta-oe/recipes-support/hdf5/hdf5_1.14.4-3.bb | 1 + > ...ibbytesize_2.10.bb => libbytesize_2.11.bb} | 2 +- > ...ts-set-direction-when-reconfiguring-.patch | 38 --- > .../{libgpiod_1.6.4.bb => libgpiod_1.6.5.bb} | 2 +- > .../{libgpiod_2.1.2.bb => libgpiod_2.1.3.bb} | 4 +- > ...ibiodbc_3.52.15.bb => libiodbc_3.52.16.bb} | 4 +- > .../mcelog/{mcelog_198.bb => mcelog_200.bb} | 11 +- > .../{openldap_2.6.7.bb => openldap_2.6.10.bb} | 10 +- > meta-oe/recipes-support/pcp/pcp_6.0.5.bb | 4 + > .../recipes-support/remmina/remmina_1.4.34.bb | 1 + > ...suppress-new-GCC-12-13-warnings-1192.patch | 57 ----- > ....cmake-remove-cross-compiation-check.patch | 33 --- > .../{tbb_2021.11.0.bb => tbb_2021.12.0.bb} | 8 +- > ...ids_2023.01.16.bb => usbids_2025.09.15.bb} | 3 +- > ...1.18.1.bb => xdg-desktop-portal_1.18.4.bb} | 6 +- > .../0001-nss-nspr-fix-for-multilib.patch | 7 +- > .../xmlsec1/change-finding-path-of-nss.patch | 7 +- > .../{xmlsec1_1.3.4.bb => xmlsec1_1.3.5.bb} | 2 +- > ...guished_name-in-etc-xrdp-openssl.con.patch | 7 +- > .../xrdp/0001-Fix-the-compile-error.patch | 12 +- > ...1-arch-Define-NO_NEED_ALIGN-on-ppc64.patch | 9 +- > ...001-mark-count-with-unused-attribute.patch | 9 +- > .../xrdp/{xrdp_0.9.19.bb => xrdp_0.9.20.bb} | 2 +- > ...ld-on-32bit-arches-with-64bit-time_t.patch | 7 +- > .../evtest/{evtest_1.35.bb => evtest_1.36.bb} | 2 +- > .../libhtml/libhtml-tree-perl_5.03.bb | 7 + > .../python/python3-passlib_1.7.4.bb | 3 + > .../python/python3-transitions_0.9.0.bb | 2 + > .../recipes-httpd/apache2/apache2_2.4.65.bb | 1 + > ...issions-check-when-saving-allowed-cr.patch | 25 ++ > ...e-potentially-malicious-HTTP-headers.patch | 53 +++++ > ...0001-Foreign-module-may-need-a-check.patch | 27 +++ > ...0001-HTML-escape-command-description.patch | 29 +++ > ...es-cannot-contact-special-characters.patch | 26 +++ > .../recipes-webadmin/webmin/webmin_1.850.bb | 7 +- > 91 files changed, 1403 insertions(+), 321 deletions(-) > create mode 100644 > meta-networking/recipes-daemons/squid/files/CVE-2025-62168.patch > rename meta-oe/licenses/{OpenLDAP => OLDAP-2.8} (100%) > create mode 100644 meta-oe/recipes-crypto/botan/botan/CVE-2024-34703.patch > create mode 100644 > meta-oe/recipes-crypto/botan/botan/CVE-2024-50382-and-CVE-2024-50383.patch > rename meta-oe/recipes-crypto/cryptsetup/{cryptsetup_2.7.2.bb => > cryptsetup_2.7.5.bb} (98%) > create mode 100644 > meta-oe/recipes-devtools/iptraf/iptraf-ng/CVE-2024-52949.patch > create mode 100644 > meta-oe/recipes-extended/libwmf/libwmf/CVE-2015-0848-CVE-2015-4588.patch > create mode 100644 > meta-oe/recipes-extended/libwmf/libwmf/CVE-2015-4695.patch > create mode 100644 > meta-oe/recipes-extended/libwmf/libwmf/CVE-2015-4696.patch > create mode 100644 > meta-oe/recipes-extended/libwmf/libwmf/CVE-2016-9011.patch > rename meta-oe/recipes-extended/redis-plus-plus/{ > redis-plus-plus_1.3.11.bb => redis-plus-plus_1.3.12.bb} (95%) > rename meta-oe/recipes-extended/redis/{redis-7.2.11 => > redis-7.2.12}/0001-hiredis-use-default-CC-if-it-is-set.patch (89%) > rename meta-oe/recipes-extended/redis/{redis-7.2.11 => > redis-7.2.12}/0002-lua-update-Makefile-to-use-environment-build-setting.patch > (97%) > rename meta-oe/recipes-extended/redis/{redis-7.2.11 => > redis-7.2.12}/0003-hack-to-force-use-of-libc-malloc.patch (81%) > rename meta-oe/recipes-extended/redis/{redis-7.2.11 => > redis-7.2.12}/0004-src-Do-not-reset-FINAL_LIBS.patch (74%) > rename meta-oe/recipes-extended/redis/{redis-7.2.11 => > redis-7.2.12}/0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch > (92%) > rename meta-oe/recipes-extended/redis/{redis-7.2.11 => > redis-7.2.12}/0006-Define-correct-gregs-for-RISCV32.patch (97%) > rename meta-oe/recipes-extended/redis/{redis-7.2.11 => > redis-7.2.12}/init-redis-server (100%) > rename meta-oe/recipes-extended/redis/{redis-7.2.11 => > redis-7.2.12}/redis.conf (100%) > rename meta-oe/recipes-extended/redis/{redis-7.2.11 => > redis-7.2.12}/redis.service (100%) > rename meta-oe/recipes-extended/redis/{redis_6.2.20.bb => redis_6.2.21.bb} > (96%) > rename meta-oe/recipes-extended/redis/{redis_7.2.11.bb => redis_7.2.12.bb} > (93%) > rename meta-oe/recipes-graphics/feh/{feh_3.10.2.bb => feh_3.10.3.bb} > (88%) > rename meta-oe/recipes-graphics/fontforge/{libspiro_20221101.bb => > libspiro_20240902.bb} (85%) > rename meta-oe/recipes-graphics/jasper/{jasper_4.1.1.bb => > jasper_4.1.2.bb} (95%) > delete mode 100644 > meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2025-54874.patch > rename meta-oe/recipes-graphics/openjpeg/{openjpeg_2.5.3.bb => > openjpeg_2.5.4.bb} (86%) > rename meta-oe/recipes-kernel/libbpf/{libbpf_1.4.0.bb => libbpf_1.4.7.bb} > (92%) > create mode 100644 > meta-oe/recipes-multimedia/audiofile/files/CVE-2018-13440.patch > create mode 100644 > meta-oe/recipes-multimedia/audiofile/files/CVE-2018-17059.patch > create mode 100644 > meta-oe/recipes-multimedia/audiofile/files/CVE-2019-13147.patch > create mode 100644 > meta-oe/recipes-multimedia/audiofile/files/CVE-2022-24599.patch > delete mode 100644 > meta-oe/recipes-security/audit/audit/0001-Replace-__attribute_malloc__-with-__attribute__-__ma.patch > rename meta-oe/recipes-security/audit/{audit_4.0.1.bb => audit_4.0.2.bb} > (90%) > create mode 100644 > meta-oe/recipes-support/freerdp/freerdp3/CVE-2025-4478.patch > create mode 100644 meta-oe/recipes-support/hdf5/files/CVE-2025-2926.patch > rename meta-oe/recipes-support/libbytesize/{libbytesize_2.10.bb => > libbytesize_2.11.bb} (93%) > delete mode 100644 > meta-oe/recipes-support/libgpiod/libgpiod-2.x/0001-bindings-cxx-tests-set-direction-when-reconfiguring-.patch > rename meta-oe/recipes-support/libgpiod/{libgpiod_1.6.4.bb => > libgpiod_1.6.5.bb} (94%) > rename meta-oe/recipes-support/libgpiod/{libgpiod_2.1.2.bb => > libgpiod_2.1.3.bb} (87%) > rename meta-oe/recipes-support/libiodbc/{libiodbc_3.52.15.bb => > libiodbc_3.52.16.bb} (82%) > rename meta-oe/recipes-support/mcelog/{mcelog_198.bb => mcelog_200.bb} > (79%) > rename meta-oe/recipes-support/openldap/{openldap_2.6.7.bb => > openldap_2.6.10.bb} (96%) > delete mode 100644 > meta-oe/recipes-support/tbb/tbb/0001-Fix-suppress-new-GCC-12-13-warnings-1192.patch > delete mode 100644 > meta-oe/recipes-support/tbb/tbb/0001-hwloc_detection.cmake-remove-cross-compiation-check.patch > rename meta-oe/recipes-support/tbb/{tbb_2021.11.0.bb => tbb_2021.12.0.bb} > (92%) > rename meta-oe/recipes-support/usbids/{usbids_2023.01.16.bb => > usbids_2025.09.15.bb} (84%) > rename meta-oe/recipes-support/xdg-desktop-portal/{ > xdg-desktop-portal_1.18.1.bb => xdg-desktop-portal_1.18.4.bb} (88%) > rename meta-oe/recipes-support/xmlsec1/{xmlsec1_1.3.4.bb => > xmlsec1_1.3.5.bb} (96%) > rename meta-oe/recipes-support/xrdp/{xrdp_0.9.19.bb => xrdp_0.9.20.bb} > (97%) > rename meta-oe/recipes-test/evtest/{evtest_1.35.bb => evtest_1.36.bb} > (90%) > create mode 100644 > meta-webserver/recipes-webadmin/webmin/files/0001-Add-missing-permissions-check-when-saving-allowed-cr.patch > create mode 100644 > meta-webserver/recipes-webadmin/webmin/files/0001-Escape-potentially-malicious-HTTP-headers.patch > create mode 100644 > meta-webserver/recipes-webadmin/webmin/files/0001-Foreign-module-may-need-a-check.patch > create mode 100644 > meta-webserver/recipes-webadmin/webmin/files/0001-HTML-escape-command-description.patch > create mode 100644 > meta-webserver/recipes-webadmin/webmin/files/0001-Object-names-cannot-contact-special-characters.patch > > -- > 2.51.2 > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#121919): https://lists.openembedded.org/g/openembedded-devel/message/121919 Mute This Topic: https://lists.openembedded.org/mt/116383585/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
