Hi Khem Can you please merge this pull request if it looks good?
On Mon, Jan 26, 2026 at 2:37 PM Anuj Mittal via lists.openembedded.org <[email protected]> wrote: > > Please merge these changes in scarthgap. Tested locally and on > autobuilder. > > https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1269 > > The following changes since commit 2759d8870ea387b76c902070bed8a6649ff47b56: > > php 8.2.29: CVE-2025-14177 (2026-01-19 12:15:49 +0530) > > are available in the Git repository at: > > https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap > > https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap > > Ankur Tyagi (3): > python3-aiohttp: patch CVE-2025-53643 > python3-cbor2: patch CVE-2025-68131 > python3-twisted: patch CVE-2024-41810 > > Archana Polampalli (1): > tcpreplay: fix CVE-2025-51006 > > Gyorgy Sarvari (12): > python3-django: upgrade 4.2.20 -> 4.2.27 > redis: ignore CVE-2025-46686 > strongswan: patch CVE-2025-62291 > python3-flask-cors: upgrade 4.0.0 -> 4.0.2 > python3-waitress: upgrade 3.0.0 -> 3.0.2 > python3-twitter: mark CVE-2012-5825 patched > python3-m2crypto: ignore CVE-2009-0127 > python3-m2crypto: mark CVE-2020-25657 as patched > openvpn: ignore CVE-2025-13751 > acpitool: update SRC_URI > xerces-c: set CVE_PRODUCT > gnome-keyring: set CVE_PRODUCT > > Joao Marcos Costa (1): > linuxptp: add missing prefix to CVE ID > > Peter Marko (1): > libmad: ignore CVE-2017-11552 and CVE-2018-7263 > > .../gnome-keyring/gnome-keyring_46.1.bb | 2 + > .../recipes-support/openvpn/openvpn_2.6.14.bb | 1 + > .../strongswan/CVE-2025-62291.patch | 45 ++ > .../strongswan/strongswan_5.9.14.bb | 3 +- > .../tcpreplay/tcpreplay/CVE-2025-51006.patch | 97 ++++ > .../tcpreplay/tcpreplay_4.4.4.bb | 1 + > .../recipes-bsp/acpitool/acpitool_0.5.1.bb | 3 +- > .../linuxptp/linuxptp_4.1.bb | 2 +- > .../xerces-c/xerces-c_3.2.5.bb | 2 + > .../recipes-extended/redis/redis_6.2.21.bb | 2 + > .../recipes-extended/redis/redis_7.2.12.bb | 2 + > .../libmad/libmad_0.15.1b.bb | 3 + > .../python3-aiohttp/CVE-2025-53643.patch | 192 +++++++ > .../python/python3-aiohttp_3.9.5.bb | 4 +- > .../python/python3-cbor2/CVE-2025-68131.patch | 517 ++++++++++++++++++ > .../python/python3-cbor2_5.6.4.bb | 1 + > .../0001-lower-setuptools-requirements.patch | 25 + > ...ngo_4.2.20.bb => python3-django_4.2.27.bb} | 9 +- > .../python3-flask-cors/CVE-2024-6221.patch | 110 ---- > ...s_4.0.0.bb => python3-flask-cors_4.0.2.bb} | 8 +- > .../python/python3-m2crypto_0.40.1.bb | 3 + > ...-41671-0002.patch => CVE-2024-41671.patch} | 4 + > ...-41671-0001.patch => CVE-2024-41810.patch} | 6 +- > .../python/python3-twisted_24.3.0.bb | 4 +- > .../python/python3-twitter_4.14.0.bb | 2 + > ...ess_3.0.0.bb => python3-waitress_3.0.2.bb} | 2 +- > 26 files changed, 922 insertions(+), 128 deletions(-) > create mode 100644 > meta-networking/recipes-support/strongswan/strongswan/CVE-2025-62291.patch > create mode 100644 > meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2025-51006.patch > create mode 100644 > meta-python/recipes-devtools/python/python3-aiohttp/CVE-2025-53643.patch > create mode 100644 > meta-python/recipes-devtools/python/python3-cbor2/CVE-2025-68131.patch > create mode 100644 > meta-python/recipes-devtools/python/python3-django-4.2.27/0001-lower-setuptools-requirements.patch > rename meta-python/recipes-devtools/python/{python3-django_4.2.20.bb => > python3-django_4.2.27.bb} (44%) > delete mode 100644 > meta-python/recipes-devtools/python/python3-flask-cors/CVE-2024-6221.patch > rename meta-python/recipes-devtools/python/{python3-flask-cors_4.0.0.bb => > python3-flask-cors_4.0.2.bb} (71%) > rename > meta-python/recipes-devtools/python/python3-twisted/{CVE-2024-41671-0002.patch > => CVE-2024-41671.patch} (98%) > rename > meta-python/recipes-devtools/python/python3-twisted/{CVE-2024-41671-0001.patch > => CVE-2024-41810.patch} (95%) > rename meta-python/recipes-devtools/python/{python3-waitress_3.0.0.bb => > python3-waitress_3.0.2.bb} (82%) > > -- > 2.52.0 > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#124017): https://lists.openembedded.org/g/openembedded-devel/message/124017 Mute This Topic: https://lists.openembedded.org/mt/117464430/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
