On Mon, Feb 16, 2026 at 9:22 PM Khem Raj via lists.openembedded.org <[email protected]> wrote: > > Merged now thanks Anuj > > On Mon, Feb 16, 2026, 1:55 AM Anuj Mittal via lists.openembedded.org > <[email protected]> wrote: >> >> Please merge these changes in scarthgap. Tested locally with >> qemuarm/qemuarm64/qemux86-64 and on autobuilder. >> >> https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1305 >> >> The following changes since commit 7a5075cef77b5f7af454e9868e1d0019f2fd1394: >> >> gnome-keyring: set CVE_PRODUCT (2026-01-26 11:16:37 +0530) >> >> are available in the Git repository at: >> >> https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap >> >> https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap >> >> Anil Dongare (2): >> php 8.2.29: Fix CVE-2025-14178 >> php 8.2.29: Fix CVE-2025-14180 >> >> Gyorgy Sarvari (52): >> sox: patch CVE-2017-11332 >> sox: patch CVE-2017-11358 >> sox: patch CVE-2017-11359 >> sox: patch CVE-2017-15370 >> sox: patch CVE-2017-15371 >> sox: patch CVE-2017-15372 >> sox: patch CVE-2017-15642 >> sox: patch CVE-2017-18189 >> sox: mark CVE-2019-1010004 as patched >> sox: patch CVE-2019-13590 >> sox: patch CVE-2019-8354 >> tigervnc: sync xserver component with oe-core >> tigervnc: ignore CVE-2014-8241 >> tigervnc: ignore CVE-2023-6377 >> tigervnc: ignore CVE-2023-6478 >> tigervnc: ignore CVE-2025-26594...26601 >> fontforge: patch CVE-2025-15279 >> fontforge: patch CVE-2025-15275 >> fontforge: patch CVE-2025-15269 >> fontforge: patch CVE-2025-15270 >> ez-ipupdate: patch CVE-2003-0887 >> freerdp: ignore CVE-2025-68118 >> gimp: ignore CVE-2025-14423 >> gnome-settings-daemon: ignore CVE-2024-38394 >> imagemagick: patch CVE-2025-66628 >> libcupsfilters: patch CVE-2025-64503 >> mongodb: upgrade 4.4.29 -> 4.4.30 >> mongodb: ignore CVE-2025-14911 >> netdata: ignore CVE-2024-32019 >> proftpd: ignore CVE-2021-47865 >> python3-aiohttp: patch CVE-2025-69225 >> python3-aiohttp: patch CVE-2025-69226 >> python3-aiohttp: patch CVE-2025-69228 >> python3-django: patch CVE-2025-64460 >> raptor2: patch CVE-2024-57822 and CVE-2024-57823 >> python3-tornado: mark CVE-2025-67725 patched >> python3-virtualenv: patch CVE-2026-22702 >> gnome-desktop: upgrade 44.0 -> 44.4 >> gtksourceview5: upgrade 5.12.0 -> 5.12.1 >> gnuchess: upgrade 6.2.9 -> 6.2.11 >> gnome-calculator: upgrade 46.0 -> 46.2 >> gdm: upgrade 46.0 -> 46.2 >> mutter: upgrade 46.1 -> 46.9 >> mutter: fix profiler PACKAGECONFIG >> gnome-bluetooth: upgrade 46.0 -> 46.2 >> gnome-shell-extensions: upgrade 46.1 -> 46.4 >> nautilus: upgrade 45.1 -> 45.2.1 >> gnome-tweaks: upgrade 40.0 -> 40.10 >> tigervnc: mark CVE-2024-0408 and CVE-2024-0409 patched >> python3-django: upgrade 4.2.27 -> 4.2.28 >> gnome-commander: upgrade 1.16.1 -> 1.16.2 >> nodejs: upgrade 20.18.2 -> 20.20.0
This introduces patch-status issue with missing Upstream-Status in meta-oe/meta-oe/recipes-devtools/nodejs/nodejs/0001-Revert-stop-using-deprecated-ares_query.patch patch-status isn't in default ERROR_QA for scarthgap, but can we please add Upstream-Status here? I can send a fix if needed.
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#124453): https://lists.openembedded.org/g/openembedded-devel/message/124453 Mute This Topic: https://lists.openembedded.org/mt/117836487/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
