Please merge these changes in whinlatter. Tested locally and on autobuilder.
https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1294 The following changes since commit 16cd5b1b8d06d979f4f191aa95133a90c843c03a: libowfat: update SRC_URI (2026-01-21 10:28:20 +0530) are available in the Git repository at: https://git.openembedded.org/meta-openembedded-contrib stable/whinlatter-next https://git.openembedded.org/meta-openembedded-contrib/log/?h=stable/whinlatter-next Gyorgy Sarvari (37): frr: patch CVE-2025-61099..61107 xrdp: patch CVE-2022-23468 xrdp: patch CVE-2022-23477 xrdp: patch CVE-2022-23478 xrdp: patch CVE-2022-23479 xrdp: patch CVE-2022-23480 xrdp: patch CVE-2022-23481 xrdp: patch CVE-2022-23482 xrdp: patch CVE-2022-23483 xrdp: patch CVE-2022-23484 xrdp: patch CVE-2022-23493 xrdp: patch CVE-2023-40184 xrdp: patch CVE-2023-42822 fontforge: patch CVE-2025-15279 fontforge: patch CVE-2025-15275 fontforge: patch CVE-2025-15269 fontforge: patch CVE-2025-15270 gimp: mark CVE-2025-15059 patched gpsd: patch CVE-2025-67268 gpsd: patch CVE-2025-67269 libcdio: patch CVE-2024-36600 libcupsfilters: patch CVE-2025-64503 ndpi: ignore CVE-2025-25066 ez-ipupdate: patch CVE-2003-0887 proftpd: ignore CVE-2021-47865 sblim-sfcc: fix SRC_URI anthy: fix SRC_URI ttf-vlgothic: fix SRC_URI linux-atm: fix SRC_URI gimp: patch libunwind detection python3-aiohttp: patch CVE-2025-69224 python3-aiohttp: patch CVE-2025-69225 python3-aiohttp: patch CVE-2025-69226 python3-aiohttp: patch CVE-2025-69227 python3-aiohttp: patch CVE-2025-69228 python3-aiohttp: patch CVE-2025-69229 python3-aiohttp: patch CVE-2025-69230 Jason Schonberg (2): nodejs: upgrade 22.21.1 -> 22.22.0 Use https when accessing archive.xfce.org Liu Yiding (1): python3-protobuf: upgrade 6.33.1 -> 6.33.2 Markus Volk (1): gimp: update 3.0.6 -> 3.0.8 Peter Marko (1): python3-protobuf: upgrade 6.33.2 -> 6.33.5 Tom Geelen (1): unicode-ucd: adjust to correct checksum values. Trevor Gamblin (1): hdf5: fix shasum, downloadfilename Wang Mingyu (1): imagemagick: upgrade 7.1.2-12 -> 7.1.2-13 .../0001-gimp-cross-compile-fix-for-bz2.patch | 30 -- ...ind-header-detection-on-non-macOS-pl.patch | 51 +++ .../gimp/gimp/CVE-2025-14422.patch | 66 ---- .../gimp/gimp/CVE-2025-14423.patch | 106 ------ .../gimp/gimp/CVE-2025-14424.patch | 34 -- .../gimp/gimp/CVE-2025-14425.patch | 79 ---- .../gimp/{gimp_3.0.6.bb => gimp_3.0.8.bb} | 11 +- .../ez-ipupdate/ez-ipupdate_3.0.11b7.bb | 7 + .../ez-ipupdate/files/CVE-2003-0887.patch | 158 ++++++++ .../recipes-daemons/proftpd/proftpd_1.3.9.bb | 1 + .../frr/frr/CVE-2025-61099-61107-1.patch | 40 ++ .../frr/frr/CVE-2025-61099-61107-2.patch | 80 ++++ .../frr/frr/CVE-2025-61099-61107-3.patch | 293 ++++++++++++++ .../recipes-protocols/frr/frr_10.4.2.bb | 3 + .../linux-atm/linux-atm_2.5.2.bb | 2 +- .../recipes-support/ntopng/ndpi_4.2.bb | 3 +- .../oe-npm-cache | 0 ....21.bb => nodejs-oe-cache-native_22.22.bb} | 0 .../{nodejs_22.21.1.bb => nodejs_22.22.0.bb} | 2 +- .../sblim-sfcc/sblim-sfcc_2.2.8.bb | 2 +- .../fontforge/fontforge/CVE-2025-15269.patch | 35 ++ .../fontforge/fontforge/CVE-2025-15270.patch | 44 +++ .../fontforge/fontforge/CVE-2025-15275.patch | 33 ++ .../fontforge/CVE-2025-15279-1.patch | 41 ++ .../fontforge/CVE-2025-15279-2.patch | 34 ++ .../fontforge/fontforge_20230101.bb | 7 +- .../ttf-fonts/ttf-vlgothic_20200720.bb | 2 +- .../libcdio/libcdio/CVE-2024-36600.patch | 32 ++ .../libcdio/libcdio_2.2.0.bb | 4 +- .../gpsd/gpsd/CVE-2025-67268.patch | 97 +++++ .../gpsd/gpsd/CVE-2025-67269.patch | 158 ++++++++ .../recipes-navigation/gpsd/gpsd_3.26.1.bb | 2 + .../cups/libcupsfilters/CVE-2025-64503.patch | 47 +++ .../cups/libcupsfilters_2.1.1.bb | 8 +- meta-oe/recipes-support/anthy/anthy_9100h.bb | 2 +- meta-oe/recipes-support/hdf5/hdf5_2.0.0.bb | 6 +- ...ck_7.1.2-12.bb => imagemagick_7.1.2-13.bb} | 6 +- .../unicode-ucd/unicode-ucd_14.0.0.bb | 6 +- .../xrdp/xrdp/CVE-2022-23468.patch | 34 ++ .../xrdp/xrdp/CVE-2022-23477.patch | 38 ++ .../xrdp/xrdp/CVE-2022-23478.patch | 85 +++++ .../xrdp/xrdp/CVE-2022-23479.patch | 83 ++++ .../xrdp/xrdp/CVE-2022-23480-1.patch | 356 ++++++++++++++++++ .../xrdp/xrdp/CVE-2022-23480-2.patch | 54 +++ .../xrdp/xrdp/CVE-2022-23481.patch | 46 +++ .../xrdp/xrdp/CVE-2022-23482.patch | 69 ++++ .../xrdp/xrdp/CVE-2022-23483.patch | 65 ++++ .../xrdp/xrdp/CVE-2022-23484.patch | 31 ++ .../xrdp/xrdp/CVE-2022-23493.patch | 33 ++ .../xrdp/xrdp/CVE-2023-40184.patch | 73 ++++ .../xrdp/xrdp/CVE-2023-42822.patch | 304 +++++++++++++++ meta-oe/recipes-support/xrdp/xrdp_0.9.20.bb | 13 + .../python3-aiohttp/CVE-2025-69224.patch | 93 +++++ .../python3-aiohttp/CVE-2025-69225.patch | 49 +++ .../python3-aiohttp/CVE-2025-69226.patch | 134 +++++++ .../python3-aiohttp/CVE-2025-69227.patch | 148 ++++++++ .../python3-aiohttp/CVE-2025-69228.patch | 47 +++ .../python3-aiohttp/CVE-2025-69229-1.patch | 111 ++++++ .../python3-aiohttp/CVE-2025-69229-2.patch | 255 +++++++++++++ .../python3-aiohttp/CVE-2025-69230.patch | 85 +++++ .../python/python3-aiohttp_3.12.15.bb | 9 + ...f_6.33.1.bb => python3-protobuf_6.33.5.bb} | 2 +- meta-xfce/classes/thunar-plugin.bbclass | 2 +- meta-xfce/classes/xfce-app.bbclass | 2 +- meta-xfce/classes/xfce-panel-plugin.bbclass | 2 +- meta-xfce/classes/xfce.bbclass | 4 +- .../xfwm4-themes/xfwm4-themes_4.10.0.bb | 2 +- .../vala/xfce4-vala_4.10.3.bb | 2 +- .../diskperf/xfce4-diskperf-plugin_2.8.0.bb | 2 +- .../netload/xfce4-netload-plugin_1.5.0.bb | 2 +- .../xfce4-dev-tools/xfce4-dev-tools_4.21.0.bb | 2 +- 71 files changed, 3416 insertions(+), 353 deletions(-) delete mode 100644 meta-gnome/recipes-gimp/gimp/gimp/0001-gimp-cross-compile-fix-for-bz2.patch create mode 100644 meta-gnome/recipes-gimp/gimp/gimp/0001-meson-Fix-libunwind-header-detection-on-non-macOS-pl.patch delete mode 100644 meta-gnome/recipes-gimp/gimp/gimp/CVE-2025-14422.patch delete mode 100644 meta-gnome/recipes-gimp/gimp/gimp/CVE-2025-14423.patch delete mode 100644 meta-gnome/recipes-gimp/gimp/gimp/CVE-2025-14424.patch delete mode 100644 meta-gnome/recipes-gimp/gimp/gimp/CVE-2025-14425.patch rename meta-gnome/recipes-gimp/gimp/{gimp_3.0.6.bb => gimp_3.0.8.bb} (92%) create mode 100644 meta-networking/recipes-connectivity/ez-ipupdate/files/CVE-2003-0887.patch create mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2025-61099-61107-1.patch create mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2025-61099-61107-2.patch create mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2025-61099-61107-3.patch rename meta-oe/recipes-devtools/nodejs/{nodejs-oe-cache-22.21 => nodejs-oe-cache-22.22}/oe-npm-cache (100%) rename meta-oe/recipes-devtools/nodejs/{nodejs-oe-cache-native_22.21.bb => nodejs-oe-cache-native_22.22.bb} (100%) rename meta-oe/recipes-devtools/nodejs/{nodejs_22.21.1.bb => nodejs_22.22.0.bb} (98%) create mode 100644 meta-oe/recipes-graphics/fontforge/fontforge/CVE-2025-15269.patch create mode 100644 meta-oe/recipes-graphics/fontforge/fontforge/CVE-2025-15270.patch create mode 100644 meta-oe/recipes-graphics/fontforge/fontforge/CVE-2025-15275.patch create mode 100644 meta-oe/recipes-graphics/fontforge/fontforge/CVE-2025-15279-1.patch create mode 100644 meta-oe/recipes-graphics/fontforge/fontforge/CVE-2025-15279-2.patch create mode 100644 meta-oe/recipes-multimedia/libcdio/libcdio/CVE-2024-36600.patch create mode 100644 meta-oe/recipes-navigation/gpsd/gpsd/CVE-2025-67268.patch create mode 100644 meta-oe/recipes-navigation/gpsd/gpsd/CVE-2025-67269.patch create mode 100644 meta-oe/recipes-printing/cups/libcupsfilters/CVE-2025-64503.patch rename meta-oe/recipes-support/imagemagick/{imagemagick_7.1.2-12.bb => imagemagick_7.1.2-13.bb} (98%) create mode 100644 meta-oe/recipes-support/xrdp/xrdp/CVE-2022-23468.patch create mode 100644 meta-oe/recipes-support/xrdp/xrdp/CVE-2022-23477.patch create mode 100644 meta-oe/recipes-support/xrdp/xrdp/CVE-2022-23478.patch create mode 100644 meta-oe/recipes-support/xrdp/xrdp/CVE-2022-23479.patch create mode 100644 meta-oe/recipes-support/xrdp/xrdp/CVE-2022-23480-1.patch create mode 100644 meta-oe/recipes-support/xrdp/xrdp/CVE-2022-23480-2.patch create mode 100644 meta-oe/recipes-support/xrdp/xrdp/CVE-2022-23481.patch create mode 100644 meta-oe/recipes-support/xrdp/xrdp/CVE-2022-23482.patch create mode 100644 meta-oe/recipes-support/xrdp/xrdp/CVE-2022-23483.patch create mode 100644 meta-oe/recipes-support/xrdp/xrdp/CVE-2022-23484.patch create mode 100644 meta-oe/recipes-support/xrdp/xrdp/CVE-2022-23493.patch create mode 100644 meta-oe/recipes-support/xrdp/xrdp/CVE-2023-40184.patch create mode 100644 meta-oe/recipes-support/xrdp/xrdp/CVE-2023-42822.patch create mode 100644 meta-python/recipes-devtools/python/python3-aiohttp/CVE-2025-69224.patch create mode 100644 meta-python/recipes-devtools/python/python3-aiohttp/CVE-2025-69225.patch create mode 100644 meta-python/recipes-devtools/python/python3-aiohttp/CVE-2025-69226.patch create mode 100644 meta-python/recipes-devtools/python/python3-aiohttp/CVE-2025-69227.patch create mode 100644 meta-python/recipes-devtools/python/python3-aiohttp/CVE-2025-69228.patch create mode 100644 meta-python/recipes-devtools/python/python3-aiohttp/CVE-2025-69229-1.patch create mode 100644 meta-python/recipes-devtools/python/python3-aiohttp/CVE-2025-69229-2.patch create mode 100644 meta-python/recipes-devtools/python/python3-aiohttp/CVE-2025-69230.patch rename meta-python/recipes-devtools/python/{python3-protobuf_6.33.1.bb => python3-protobuf_6.33.5.bb} (95%) -- 2.52.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#124150): https://lists.openembedded.org/g/openembedded-devel/message/124150 Mute This Topic: https://lists.openembedded.org/mt/117648553/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
