Please merge these changes in whinlatter. Tested on autobuilder and locally.
https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1259 The following changes since commit c6849e7529727a2c9eca0f9220836bd0d69ce086: python3-django: upgrade 5.2.8 -> 5.2.9 (2026-01-06 18:07:59 +0530) are available in the Git repository at: https://git.openembedded.org/meta-openembedded-contrib stable/whinlatter-next https://git.openembedded.org/meta-openembedded-contrib/log/?h=stable/whinlatter-next Ankur Tyagi (5): php: upgrade 8.4.16 -> 8.4.17 mozjs-128: Fix build error with arm and musl libjxl: Fix build error with arm and musl influxdb: ignore CVE-2024-30896 frr: upgrade 10.4.1 -> 10.4.2 Dmitry Baryshkov (1): vulkan-cts: upgrade 1.4.4.0 -> 1.4.4.2 Gyorgy Sarvari (16): nodejs: remove extra CVE_PRODUCT smarty: extend CVE_PRODUCT raptor2: set CVE_PRODUCT libcereal: set CVE_PRODUCT asyncmqtt: set CVE_PRODUCT boinc-client: set CVE_PRODUCT boinc-client: mark CVE-2013-2018 patched lmdb: patch CVE-2026-22185 xerces-c: set CVE_PRODUCT dante: upgrade 1.4.3 -> 1.4.4 tinyproxy: patch CVE-2025-63938 python3-scapy: set CVE_PRODUCT nginx: set CVE_PRODUCT softhsm: fix SRC_URI branch ncp: update SRC_URI libowfat: update SRC_URI Jason Schonberg (1): nginx: upgrade 1.28.0 -> 1.28.1 Jiaying Song (1): minicoredumper: fix 2038 year problem in timestamp handling Khem Raj (2): vboxguestdrivers: Upgrade to 7.2.4 dante: Add _GNU_SOURCE for musl builds Liu Yiding (2): liblognorm: upgrade 2.0.7 -> 2.0.8 libsdl3: upgrade 3.2.28 -> 3.2.30 Peter Marko (4): net-snmp: patch CVE-2025-68615 libsodium: patch CVE-2025-69277 libcoap: set CVE version suffix nginx: ignore CVE-2025-53859 for 1.28.1 Sanjay Chitroda (1): recipes-core/toybox: Switch SRC_URI to HTTPS for reliable fetch Wang Mingyu (9): python3-psycopg: upgrade 3.2.12 -> 3.2.13 parallel: upgrade 20251022 -> 20251122 libsdl3: upgrade 3.2.26 -> 3.2.28 usb-modeswitch-data: upgrade 20191128 -> 20251207 usb-modeswitch: upgrade 2.6.1 -> 2.6.2 microsoft-gsl: upgrade 4.2.0 -> 4.2.1 cryptsetup: upgrade 2.8.1 -> 2.8.3 libdecor: upgrade 0.2.4 -> 0.2.5 libsdl3-image: upgrade 3.2.4 -> 3.2.6 .../libcoap/libcoap_4.3.5a.bb | 2 + .../python/python3-scapy_2.6.1.bb | 2 + .../dante/{dante_1.4.3.bb => dante_1.4.4.bb} | 6 +- .../frr/{frr_10.4.1.bb => frr_10.4.2.bb} | 2 +- .../net-snmp/net-snmp/CVE-2025-68615.patch | 33 +++++ .../net-snmp/net-snmp_5.9.4.bb | 1 + .../recipes-support/ncp/libowfat_0.32.bb | 2 +- .../recipes-support/ncp/ncp_1.2.4.bb | 2 +- .../tinyproxy/tinyproxy/CVE-2025-63938.patch | 43 ++++++ .../tinyproxy/tinyproxy_1.11.2.bb | 1 + .../asyncmqtt/asyncmqtt_10.2.6.bb | 2 + meta-oe/recipes-core/toybox/toybox_0.8.13.bb | 2 +- ...ryptsetup_2.8.1.bb => cryptsetup_2.8.3.bb} | 2 +- .../libsodium/libsodium/CVE-2025-69277.patch | 61 ++++++++ .../libsodium/libsodium_1.0.20.bb | 2 + .../recipes-dbs/influxdb/influxdb_1.8.10.bb | 1 + .../lmdb/files/CVE-2026-22185.patch | 31 +++++ meta-oe/recipes-dbs/lmdb/lmdb_0.9.31.bb | 1 + ...ft-gsl_4.2.0.bb => microsoft-gsl_4.2.1.bb} | 8 +- .../recipes-devtools/nodejs/nodejs_22.21.1.bb | 2 - .../php/{php_8.4.16.bb => php_8.4.17.bb} | 2 +- ...pg_3.2.12.bb => python3-psycopg_3.2.13.bb} | 2 +- .../xerces-c/xerces-c_3.3.0.bb | 2 + .../boinc/boinc-client_7.20.5.bb | 4 + ...iblognorm_2.0.7.bb => liblognorm_2.0.8.bb} | 3 +- ...001-Cargo.toml-do-not-abort-on-panic.patch | 2 +- ...nfigure-do-not-look-for-llvm-objdump.patch | 2 +- ...o-not-try-to-find-a-suitable-upstrea.patch | 2 +- .../mozjs-128/0004-use-asm-sgidefs.h.patch | 2 +- ...2.patch => 0005-Add-RISCV32-support.patch} | 2 +- ...x-one-occasionally-reproduced-confi.patch} | 2 +- ...ewrite-cargo-host-linker-in-python3.patch} | 2 +- ...e-stack-unwinder-like-glibc-therefo.patch} | 2 +- ...om-firefox-bugzilla-to-fix-compile-.patch} | 2 +- ...on-isn-t-available-in-ARMv5-or-v6-s.patch} | 2 +- ...ith-icu-uc-to-fix-build-with-ICU-76.patch} | 2 +- ...gc-and-riscv32gc-as-valid-architect.patch} | 38 +++-- .../0013-Fix-build-error-with-musl.patch | 30 ++++ .../mozjs/mozjs-128_128.5.2.bb | 17 +-- ...allel_20251022.bb => parallel_20251122.bb} | 2 +- .../{libdecor_0.2.4.bb => libdecor_0.2.5.bb} | 2 +- ...-image_3.2.4.bb => libsdl3-image_3.2.6.bb} | 2 +- .../{libsdl3_3.2.26.bb => libsdl3_3.2.30.bb} | 2 +- ...01-decode-fix-build-on-ARMv7-targets.patch | 4 +- ...ing-for-non-NEON-enabled-ARM-targets.patch | 73 +++++----- .../vk-gl-cts/vulkan-cts-sources.inc | 2 +- ...n-cts_1.4.4.0.bb => vulkan-cts_1.4.4.2.bb} | 2 +- ...8-year-problem-in-timestamp-handling.patch | 55 ++++++++ .../minicoredumper/minicoredumper_2.0.7.bb | 1 + .../libjxl/libjxl_0.11.1.bb | 3 + .../recipes-security/softhsm/softhsm_2.6.1.bb | 2 +- .../libcereal/libcereal_1.3.2.bb | 2 + .../recipes-support/raptor2/raptor2_2.0.16.bb | 2 + .../recipes-support/smarty/smarty_5.6.0.bb | 2 +- ...128.bb => usb-modeswitch-data_20251207.bb} | 2 +- .../0001-Fix-build-with-gcc-15.patch | 51 ------- ...witch_2.6.1.bb => usb-modeswitch_2.6.2.bb} | 6 +- ...ers_7.2.2.bb => vboxguestdrivers_7.2.4.bb} | 2 +- .../nginx/files/CVE-2025-53859.patch | 131 ------------------ meta-webserver/recipes-httpd/nginx/nginx.inc | 2 + .../recipes-httpd/nginx/nginx_1.28.0.bb | 7 - .../recipes-httpd/nginx/nginx_1.28.1.bb | 7 + 62 files changed, 404 insertions(+), 286 deletions(-) rename meta-networking/recipes-protocols/dante/{dante_1.4.3.bb => dante_1.4.4.bb} (88%) rename meta-networking/recipes-protocols/frr/{frr_10.4.1.bb => frr_10.4.2.bb} (99%) create mode 100644 meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2025-68615.patch create mode 100644 meta-networking/recipes-support/tinyproxy/tinyproxy/CVE-2025-63938.patch rename meta-oe/recipes-crypto/cryptsetup/{cryptsetup_2.8.1.bb => cryptsetup_2.8.3.bb} (98%) create mode 100644 meta-oe/recipes-crypto/libsodium/libsodium/CVE-2025-69277.patch create mode 100644 meta-oe/recipes-dbs/lmdb/files/CVE-2026-22185.patch rename meta-oe/recipes-devtools/microsoft-gsl/{microsoft-gsl_4.2.0.bb => microsoft-gsl_4.2.1.bb} (93%) rename meta-oe/recipes-devtools/php/{php_8.4.16.bb => php_8.4.17.bb} (99%) rename meta-oe/recipes-devtools/python/{python3-psycopg_3.2.12.bb => python3-psycopg_3.2.13.bb} (85%) rename meta-oe/recipes-extended/liblognorm/{liblognorm_2.0.7.bb => liblognorm_2.0.8.bb} (95%) rename meta-oe/recipes-extended/mozjs/mozjs-128/{riscv32.patch => 0005-Add-RISCV32-support.patch} (97%) rename meta-oe/recipes-extended/mozjs/mozjs-128/{0001-util.configure-fix-one-occasionally-reproduced-confi.patch => 0006-util.configure-fix-one-occasionally-reproduced-confi.patch} (96%) rename meta-oe/recipes-extended/mozjs/mozjs-128/{0001-rewrite-cargo-host-linker-in-python3.patch => 0007-Rewrite-cargo-host-linker-in-python3.patch} (97%) rename meta-oe/recipes-extended/mozjs/mozjs-128/{musl-disable-stackwalk.patch => 0008-Musl-does-not-have-stack-unwinder-like-glibc-therefo.patch} (94%) rename meta-oe/recipes-extended/mozjs/mozjs-128/{0001-add-arm-to-list-of-mozinline.patch => 0009-Backport-patch-from-firefox-bugzilla-to-fix-compile-.patch} (95%) rename meta-oe/recipes-extended/mozjs/mozjs-128/{armv5.patch => 0010-The-ISB-instruction-isn-t-available-in-ARMv5-or-v6-s.patch} (93%) rename meta-oe/recipes-extended/mozjs/mozjs-128/{0001-Link-with-icu-uc-to-fix-build-with-ICU-76.patch => 0011-Link-with-icu-uc-to-fix-build-with-ICU-76.patch} (92%) rename meta-oe/recipes-extended/mozjs/mozjs-128/{riscv.patch => 0012-Recognise-riscv64gc-and-riscv32gc-as-valid-architect.patch} (60%) create mode 100644 meta-oe/recipes-extended/mozjs/mozjs-128/0013-Fix-build-error-with-musl.patch rename meta-oe/recipes-extended/parallel/{parallel_20251022.bb => parallel_20251122.bb} (93%) rename meta-oe/recipes-graphics/libdecor/{libdecor_0.2.4.bb => libdecor_0.2.5.bb} (94%) rename meta-oe/recipes-graphics/libsdl3/{libsdl3-image_3.2.4.bb => libsdl3-image_3.2.6.bb} (87%) rename meta-oe/recipes-graphics/libsdl3/{libsdl3_3.2.26.bb => libsdl3_3.2.30.bb} (97%) rename meta-oe/recipes-graphics/vk-gl-cts/{vulkan-cts_1.4.4.0.bb => vulkan-cts_1.4.4.2.bb} (94%) create mode 100644 meta-oe/recipes-kernel/minicoredumper/files/0002-Fix-2038-year-problem-in-timestamp-handling.patch rename meta-oe/recipes-support/usb-modeswitch/{usb-modeswitch-data_20191128.bb => usb-modeswitch-data_20251207.bb} (84%) delete mode 100644 meta-oe/recipes-support/usb-modeswitch/usb-modeswitch/0001-Fix-build-with-gcc-15.patch rename meta-oe/recipes-support/usb-modeswitch/{usb-modeswitch_2.6.1.bb => usb-modeswitch_2.6.2.bb} (86%) rename meta-oe/recipes-support/vboxguestdrivers/{vboxguestdrivers_7.2.2.bb => vboxguestdrivers_7.2.4.bb} (97%) delete mode 100755 meta-webserver/recipes-httpd/nginx/files/CVE-2025-53859.patch delete mode 100644 meta-webserver/recipes-httpd/nginx/nginx_1.28.0.bb create mode 100644 meta-webserver/recipes-httpd/nginx/nginx_1.28.1.bb -- 2.52.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123760): https://lists.openembedded.org/g/openembedded-devel/message/123760 Mute This Topic: https://lists.openembedded.org/mt/117412543/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
