Re: [oe] [PATCH 00/18] Scarthgap pull request

Khem Raj via lists.openembedded.org Sat, 31 Jan 2026 00:03:53 -0800

thanks Anuj, it is merged now.

On Fri, Jan 30, 2026 at 11:59 PM Anuj Mittal <[email protected]>
wrote:


> Hi Khem
>
> Can you please merge this pull request if it looks good?
>
> On Mon, Jan 26, 2026 at 2:37 PM Anuj Mittal via lists.openembedded.org
> <[email protected]> wrote:
> >
> > Please merge these changes in scarthgap. Tested locally and on
> > autobuilder.
> >
> > https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1269
> >
> > The following changes since commit
> 2759d8870ea387b76c902070bed8a6649ff47b56:
> >
> >   php 8.2.29: CVE-2025-14177 (2026-01-19 12:15:49 +0530)
> >
> > are available in the Git repository at:
> >
> >   https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap
> >
> https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap
> >
> > Ankur Tyagi (3):
> >   python3-aiohttp: patch CVE-2025-53643
> >   python3-cbor2: patch CVE-2025-68131
> >   python3-twisted: patch CVE-2024-41810
> >
> > Archana Polampalli (1):
> >   tcpreplay: fix CVE-2025-51006
> >
> > Gyorgy Sarvari (12):
> >   python3-django: upgrade 4.2.20 -> 4.2.27
> >   redis: ignore CVE-2025-46686
> >   strongswan: patch CVE-2025-62291
> >   python3-flask-cors: upgrade 4.0.0 -> 4.0.2
> >   python3-waitress: upgrade 3.0.0 -> 3.0.2
> >   python3-twitter: mark CVE-2012-5825 patched
> >   python3-m2crypto: ignore CVE-2009-0127
> >   python3-m2crypto: mark CVE-2020-25657 as patched
> >   openvpn: ignore CVE-2025-13751
> >   acpitool: update SRC_URI
> >   xerces-c: set CVE_PRODUCT
> >   gnome-keyring: set CVE_PRODUCT
> >
> > Joao Marcos Costa (1):
> >   linuxptp: add missing prefix to CVE ID
> >
> > Peter Marko (1):
> >   libmad: ignore CVE-2017-11552 and CVE-2018-7263
> >
> >  .../gnome-keyring/gnome-keyring_46.1.bb       |   2 +
> >  .../recipes-support/openvpn/openvpn_2.6.14.bb |   1 +
> >  .../strongswan/CVE-2025-62291.patch           |  45 ++
> >  .../strongswan/strongswan_5.9.14.bb           |   3 +-
> >  .../tcpreplay/tcpreplay/CVE-2025-51006.patch  |  97 ++++
> >  .../tcpreplay/tcpreplay_4.4.4.bb              |   1 +
> >  .../recipes-bsp/acpitool/acpitool_0.5.1.bb    |   3 +-
> >  .../linuxptp/linuxptp_4.1.bb                  |   2 +-
> >  .../xerces-c/xerces-c_3.2.5.bb                |   2 +
> >  .../recipes-extended/redis/redis_6.2.21.bb    |   2 +
> >  .../recipes-extended/redis/redis_7.2.12.bb    |   2 +
> >  .../libmad/libmad_0.15.1b.bb                  |   3 +
> >  .../python3-aiohttp/CVE-2025-53643.patch      | 192 +++++++
> >  .../python/python3-aiohttp_3.9.5.bb           |   4 +-
> >  .../python/python3-cbor2/CVE-2025-68131.patch | 517 ++++++++++++++++++
> >  .../python/python3-cbor2_5.6.4.bb             |   1 +
> >  .../0001-lower-setuptools-requirements.patch  |  25 +
> >  ...ngo_4.2.20.bb => python3-django_4.2.27.bb} |   9 +-
> >  .../python3-flask-cors/CVE-2024-6221.patch    | 110 ----
> >  ...s_4.0.0.bb => python3-flask-cors_4.0.2.bb} |   8 +-
> >  .../python/python3-m2crypto_0.40.1.bb         |   3 +
> >  ...-41671-0002.patch => CVE-2024-41671.patch} |   4 +
> >  ...-41671-0001.patch => CVE-2024-41810.patch} |   6 +-
> >  .../python/python3-twisted_24.3.0.bb          |   4 +-
> >  .../python/python3-twitter_4.14.0.bb          |   2 +
> >  ...ess_3.0.0.bb => python3-waitress_3.0.2.bb} |   2 +-
> >  26 files changed, 922 insertions(+), 128 deletions(-)
> >  create mode 100644
> meta-networking/recipes-support/strongswan/strongswan/CVE-2025-62291.patch
> >  create mode 100644
> meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2025-51006.patch
> >  create mode 100644
> meta-python/recipes-devtools/python/python3-aiohttp/CVE-2025-53643.patch
> >  create mode 100644
> meta-python/recipes-devtools/python/python3-cbor2/CVE-2025-68131.patch
> >  create mode 100644
> meta-python/recipes-devtools/python/python3-django-4.2.27/0001-lower-setuptools-requirements.patch
> >  rename meta-python/recipes-devtools/python/{python3-django_4.2.20.bb
> => python3-django_4.2.27.bb} (44%)
> >  delete mode 100644
> meta-python/recipes-devtools/python/python3-flask-cors/CVE-2024-6221.patch
> >  rename meta-python/recipes-devtools/python/{python3-flask-cors_4.0.0.bb
> => python3-flask-cors_4.0.2.bb} (71%)
> >  rename
> meta-python/recipes-devtools/python/python3-twisted/{CVE-2024-41671-0002.patch
> => CVE-2024-41671.patch} (98%)
> >  rename
> meta-python/recipes-devtools/python/python3-twisted/{CVE-2024-41671-0001.patch
> => CVE-2024-41810.patch} (95%)
> >  rename meta-python/recipes-devtools/python/{python3-waitress_3.0.0.bb
> => python3-waitress_3.0.2.bb} (82%)
> >
> > --
> > 2.52.0
> >
> >
> > 
> >
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#124018): 
https://lists.openembedded.org/g/openembedded-devel/message/124018
Mute This Topic: https://lists.openembedded.org/mt/117464430/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [oe] [PATCH 00/18] Scarthgap pull request

Reply via email to