Hi Khem Can you please merge this pull request if it looks okay?
On Tue, Jan 13, 2026 at 11:41 AM Anuj Mittal via lists.openembedded.org <[email protected]> wrote: > > Please merge these changes in scarthgap. Tested locally and on AB. > There are a few unresolved buildpaths warning in scarthgap but they are > not related to these proposed changes. > > https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1243 > > The following changes since commit 2b26d30fc7f478f5735d514f0c1bc28f6a4148b6: > > atop: patch CVE-2025-31160 (2025-12-30 07:08:16 +0530) > > are available in the Git repository at: > > https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap > > https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap > > Ankur Tyagi (19): > cifs-utils: patch CVE-2025-2312 > frr: ignore CVE-2024-44070 > libcoap: patch CVE-2025-34468 > mtr: patch CVE-2025-49809 > open62541: patch CVE-2024-53429 > proftpd: patch CVE-2024-48651 > znc: patch CVE-2024-39844 > tinyproxy: patch CVE-2025-63938 > wolfssl: patch CVE-2025-7394 > libde265: patch CVE-2023-43887 > libde265: patch CVE-2023-47471 > vlc: patch CVE-2024-46461 > opusfile: patch CVE-2022-47021 > freerdp3: ignore CVE-2025-68118 > influxdb: ignore CVE-2024-30896 > krb5: ignore CVE-2025-3576 > libwebsockets: ignore CVE-2025-1866 > usb-modeswitch: upgrade 2.6.1 -> 2.6.2 > usb-modeswitch-data: upgrade 20191128 -> 20251207 > > Colin McAllister (2): > nginx: upgrade 1.25.4 -> 1.25.5 > nginx: Fix CVE-2025-23419 for 1.25.5 > > Gyorgy Sarvari (18): > imagemagick: upgrade 7.1.1-26 -> 7.1.1-47 > imagemagick: mark CVE-2023-5341 as patched > imagemagick: patch CVE-2025-53014 > imagemagick: patch CVE-2025-53015 > imagemagick: patch CVE-2025-53019 > imagemagick: patch CVE-2025-53101 > imagemagick: patch CVE-2025-55004 > imagemagick: patch CVE-2025-55005 > imagemagick: patch CVE-2025-55154 > imagemagick: patch CVE-2025-55160 > imagemagick: patch CVE-2025-55212 > imagemagick: patch CVE-2025-57803 > imagemagick: patch CVE-2025-57807 > imagemagick: patch CVE-2025-62171 > imagemagick: patch CVE-2025-65955 > dante: upgrade 1.4.3 -> 1.4.4 > libao: ignore CVE-2017-11548 > freerdp3: drop CVE-2025-68118 patch > > Katariina Lounento (1): > libtar: patch CVEs > > Khem Raj (1): > dante: Add _GNU_SOURCE for musl builds > > Naman Jain (1): > unbound: Fix CVE-2025-5994 > > Peter Marko (6): > net-snmp: patch CVE-2025-68615 > sox: extend CVE_PRODUCT > libsodium: patch CVE-2025-69277 > networkmanager: upgrade 1.46.0 -> 1.46.6 > synergy: patch CVE-2020-15117 > id3lib: mark CVE-2007-4460 as fixed > > Sanjay Chitroda (1): > recipes-core/toybox: Switch SRC_URI to HTTPS for reliable fetch > > Vijay Anusuri (1): > python3-cbor2: Fix CVE-2025-64076 > > Wang Mingyu (1): > libvpx: upgrade 1.14.0 -> 1.14.1 > > .../recipes-multimedia/libao/libao_1.2.0.bb | 2 + > .../libde265/libde265/CVE-2023-43887.patch | 39 +++ > .../libde265/libde265/CVE-2023-47471.patch | 42 +++ > .../libde265/libde265_1.0.12.bb | 5 +- > .../opusfile/opusfile/CVE-2022-47021.patch | 45 +++ > .../opusfile/opusfile_0.12.bb | 4 +- > .../recipes-multimedia/sox/sox_14.4.2.bb | 2 + > .../vlc/vlc/CVE-2024-46461.patch | 44 +++ > .../recipes-multimedia/vlc/vlc_3.0.20.bb | 1 + > ...ger_1.46.0.bb => networkmanager_1.46.6.bb} | 4 +- > .../wolfssl/files/CVE-2025-7394-1.patch | 46 +++ > .../wolfssl/files/CVE-2025-7394-2.patch | 275 +++++++++++++++ > .../wolfssl/files/CVE-2025-7394-3.patch | 125 +++++++ > .../wolfssl/files/CVE-2025-7394-4.patch | 85 +++++ > .../wolfssl/files/CVE-2025-7394-5.patch | 40 +++ > .../wolfssl/files/CVE-2025-7394-6.patch | 48 +++ > .../wolfssl/wolfssl_5.7.2.bb | 6 + > .../proftpd/files/CVE-2024-48651.patch | 320 ++++++++++++++++++ > .../recipes-daemons/proftpd/proftpd_1.3.7f.bb | 1 + > .../libcoap/libcoap/CVE-2025-34468.patch | 127 +++++++ > .../recipes-devtools/libcoap/libcoap_4.3.4.bb | 1 + > .../recipes-irc/znc/znc/CVE-2024-39844.patch | 62 ++++ > meta-networking/recipes-irc/znc/znc_1.8.2.bb | 1 + > .../dante/{dante_1.4.3.bb => dante_1.4.4.bb} | 6 +- > .../recipes-protocols/frr/frr_9.1.3.bb | 2 + > .../net-snmp/net-snmp/CVE-2025-68615.patch | 33 ++ > .../net-snmp/net-snmp_5.9.4.bb | 1 + > .../opcua/open62541/CVE-2024-53429.patch | 44 +++ > .../opcua/open62541_1.3.8.bb | 1 + > .../cifs/cifs-utils/CVE-2025-2312.patch | 136 ++++++++ > .../recipes-support/cifs/cifs-utils_7.0.bb | 4 +- > .../mtr/mtr/CVE-2025-49809.patch | 39 +++ > .../recipes-support/mtr/mtr_0.95.bb | 4 +- > .../tinyproxy/tinyproxy/CVE-2025-63938.patch | 42 +++ > .../tinyproxy/tinyproxy_1.11.1.bb | 1 + > .../unbound/unbound/CVE-2025-5994.patch | 275 +++++++++++++++ > .../recipes-support/unbound/unbound_1.19.3.bb | 1 + > .../recipes-connectivity/krb5/krb5_1.21.3.bb | 2 + > .../libwebsockets/libwebsockets_4.3.3.bb | 2 + > meta-oe/recipes-core/toybox/toybox_0.8.11.bb | 2 +- > .../libsodium/libsodium/CVE-2025-69277.patch | 61 ++++ > .../libsodium/libsodium_1.0.19.bb | 4 +- > .../recipes-dbs/influxdb/influxdb_1.8.10.bb | 1 + > .../recipes-multimedia/id3lib/id3lib_3.8.3.bb | 2 + > ...ibvpx-configure-support-blank-prefix.patch | 8 +- > .../{libvpx_1.14.0.bb => libvpx_1.14.1.bb} | 2 +- > .../freerdp/freerdp3/CVE-2025-68118.patch | 57 ---- > .../recipes-support/freerdp/freerdp3_3.4.0.bb | 3 +- > .../imagemagick/CVE-2025-53014.patch | 25 ++ > .../imagemagick/CVE-2025-53015.patch | 51 +++ > .../imagemagick/CVE-2025-53019.patch | 26 ++ > .../imagemagick/CVE-2025-53101.patch | 54 +++ > .../imagemagick/CVE-2025-55004.patch | 65 ++++ > .../imagemagick/CVE-2025-55005.patch | 34 ++ > .../imagemagick/CVE-2025-55154.patch | 79 +++++ > .../imagemagick/CVE-2025-55160.patch | 159 +++++++++ > .../imagemagick/CVE-2025-55212.patch | 29 ++ > .../imagemagick/CVE-2025-57803.patch | 60 ++++ > .../imagemagick/CVE-2025-57807.patch | 45 +++ > .../imagemagick/CVE-2025-62171.patch | 26 ++ > .../imagemagick/CVE-2025-65955.patch | 25 ++ > .../imagemagick/imagemagick_7.1.1.bb | 21 +- > ...-missing-prototype-compiler-warnings.patch | 53 +++ > ...ix-invalid-memory-de-reference-issue.patch | 44 +++ > ...escriptor-leaks-reported-by-cppcheck.patch | 101 ++++++ > ...0006-fix-memleak-on-tar_open-failure.patch | 26 ++ > ...ix-memleaks-in-libtar-sample-program.patch | 119 +++++++ > ...ng-a-static-buffer-in-th_get_pathnam.patch | 89 +++++ > ...-for-NULL-before-freeing-th_pathname.patch | 30 ++ > ...-stdlib.h-for-malloc-in-lib-decode.c.patch | 26 ++ > ...amming-mistakes-detected-by-static-a.patch | 100 ++++++ > .../libtar/files/CVE-2013-4420.patch | 160 +++++++++ > ...-33640-CVE-2021-33645-CVE-2021-33646.patch | 42 +++ > .../files/CVE-2021-33643-CVE-2021-33644.patch | 52 +++ > .../recipes-support/libtar/libtar_1.2.20.bb | 12 + > .../synergy/synergy/CVE-2020-15117.patch | 48 +++ > .../recipes-support/synergy/synergy_git.bb | 1 + > ...128.bb => usb-modeswitch-data_20251207.bb} | 3 +- > ...witch_2.6.1.bb => usb-modeswitch_2.6.2.bb} | 2 +- > .../python/python3-cbor2/CVE-2025-64076.patch | 91 +++++ > .../python/python3-cbor2_5.6.3.bb | 1 + > .../CVE-2025-23419.patch | 0 > .../nginx/nginx-1.25.5/CVE-2025-23419.patch | 119 +++++++ > meta-webserver/recipes-httpd/nginx/nginx.inc | 1 + > .../recipes-httpd/nginx/nginx_1.24.0.bb | 3 +- > .../{nginx_1.25.4.bb => nginx_1.25.5.bb} | 2 +- > 86 files changed, 3800 insertions(+), 82 deletions(-) > create mode 100644 > meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2023-43887.patch > create mode 100644 > meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2023-47471.patch > create mode 100644 > meta-multimedia/recipes-multimedia/opusfile/opusfile/CVE-2022-47021.patch > create mode 100644 > meta-multimedia/recipes-multimedia/vlc/vlc/CVE-2024-46461.patch > rename > meta-networking/recipes-connectivity/networkmanager/{networkmanager_1.46.0.bb > => networkmanager_1.46.6.bb} (98%) > create mode 100644 > meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7394-1.patch > create mode 100644 > meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7394-2.patch > create mode 100644 > meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7394-3.patch > create mode 100644 > meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7394-4.patch > create mode 100644 > meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7394-5.patch > create mode 100644 > meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7394-6.patch > create mode 100644 > meta-networking/recipes-daemons/proftpd/files/CVE-2024-48651.patch > create mode 100644 > meta-networking/recipes-devtools/libcoap/libcoap/CVE-2025-34468.patch > create mode 100644 meta-networking/recipes-irc/znc/znc/CVE-2024-39844.patch > rename meta-networking/recipes-protocols/dante/{dante_1.4.3.bb => > dante_1.4.4.bb} (88%) > create mode 100644 > meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2025-68615.patch > create mode 100644 > meta-networking/recipes-protocols/opcua/open62541/CVE-2024-53429.patch > create mode 100644 > meta-networking/recipes-support/cifs/cifs-utils/CVE-2025-2312.patch > create mode 100644 > meta-networking/recipes-support/mtr/mtr/CVE-2025-49809.patch > create mode 100644 > meta-networking/recipes-support/tinyproxy/tinyproxy/CVE-2025-63938.patch > create mode 100644 > meta-networking/recipes-support/unbound/unbound/CVE-2025-5994.patch > create mode 100644 > meta-oe/recipes-crypto/libsodium/libsodium/CVE-2025-69277.patch > rename meta-oe/recipes-multimedia/webm/{libvpx_1.14.0.bb => > libvpx_1.14.1.bb} (96%) > delete mode 100644 > meta-oe/recipes-support/freerdp/freerdp3/CVE-2025-68118.patch > create mode 100644 > meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-53014.patch > create mode 100644 > meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-53015.patch > create mode 100644 > meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-53019.patch > create mode 100644 > meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-53101.patch > create mode 100644 > meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-55004.patch > create mode 100644 > meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-55005.patch > create mode 100644 > meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-55154.patch > create mode 100644 > meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-55160.patch > create mode 100644 > meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-55212.patch > create mode 100644 > meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-57803.patch > create mode 100644 > meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-57807.patch > create mode 100644 > meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-62171.patch > create mode 100644 > meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-65955.patch > create mode 100644 > meta-oe/recipes-support/libtar/files/0003-Fix-missing-prototype-compiler-warnings.patch > create mode 100644 > meta-oe/recipes-support/libtar/files/0004-Fix-invalid-memory-de-reference-issue.patch > create mode 100644 > meta-oe/recipes-support/libtar/files/0005-fix-file-descriptor-leaks-reported-by-cppcheck.patch > create mode 100644 > meta-oe/recipes-support/libtar/files/0006-fix-memleak-on-tar_open-failure.patch > create mode 100644 > meta-oe/recipes-support/libtar/files/0007-fix-memleaks-in-libtar-sample-program.patch > create mode 100644 > meta-oe/recipes-support/libtar/files/0008-decode-avoid-using-a-static-buffer-in-th_get_pathnam.patch > create mode 100644 > meta-oe/recipes-support/libtar/files/0009-Check-for-NULL-before-freeing-th_pathname.patch > create mode 100644 > meta-oe/recipes-support/libtar/files/0010-Added-stdlib.h-for-malloc-in-lib-decode.c.patch > create mode 100644 > meta-oe/recipes-support/libtar/files/0011-libtar-fix-programming-mistakes-detected-by-static-a.patch > create mode 100644 meta-oe/recipes-support/libtar/files/CVE-2013-4420.patch > create mode 100644 > meta-oe/recipes-support/libtar/files/CVE-2021-33640-CVE-2021-33645-CVE-2021-33646.patch > create mode 100644 > meta-oe/recipes-support/libtar/files/CVE-2021-33643-CVE-2021-33644.patch > create mode 100644 > meta-oe/recipes-support/synergy/synergy/CVE-2020-15117.patch > rename > meta-oe/recipes-support/usb-modeswitch/{usb-modeswitch-data_20191128.bb => > usb-modeswitch-data_20251207.bb} (77%) > rename meta-oe/recipes-support/usb-modeswitch/{usb-modeswitch_2.6.1.bb => > usb-modeswitch_2.6.2.bb} (91%) > create mode 100644 > meta-python/recipes-devtools/python/python3-cbor2/CVE-2025-64076.patch > rename meta-webserver/recipes-httpd/nginx/{files => > nginx-1.24.0}/CVE-2025-23419.patch (100%) > create mode 100644 > meta-webserver/recipes-httpd/nginx/nginx-1.25.5/CVE-2025-23419.patch > rename meta-webserver/recipes-httpd/nginx/{nginx_1.25.4.bb => > nginx_1.25.5.bb} (74%) > > -- > 2.52.0 > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123520): https://lists.openembedded.org/g/openembedded-devel/message/123520 Mute This Topic: https://lists.openembedded.org/mt/117238126/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
