Please merge these changes in whinlatter. Tested on autobuilder and locally.
https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1345 The following changes since commit 12fc4c6584e001f89108a6691ccf2028eb05ed5a: tomoyo-tools: update SRC_URI (2026-02-24 18:46:45 +0530) are available in the Git repository at: https://git.openembedded.org/meta-openembedded-contrib stable/whinlatter-next https://git.openembedded.org/meta-openembedded-contrib/log/?h=stable/whinlatter-next Ankur Tyagi (12): wolfssl: patch CVE-2025-13912 wolfssl: patch CVE-2025-7395 wolfssl: patch CVE-2025-7394 postgresql: upgrade 17.7 -> 17.8 libjxl: upgrade 0.11.1 -> 0.11.2 xrdp: patch CVE-2025-68670 valkey: upgrade 8.1.4 -> 8.1.6 python3-greenlet: upgrade 3.2.4 -> 3.2.5 libde265: upgrade 1.0.15 -> 1.0.16 frr: upgrade 10.4.2 -> 10.4.3 nopoll: upgrade 0.4.7.b429 -> 0.4.9.b462 open62541: upgrade 1.3.15 -> 1.3.17 Anuj Mittal (1): systemd-netlogd: upgrade 1.4.4 -> 1.4.5 Daniel Klauer (1): nbench-byte: Fix sysinfo generation in parallel build Gyorgy Sarvari (17): nginx: patch CVE-2026-1642 openjpeg: patch CVE-2023-39327 protobuf: ignore CVE-2026-0994 gnome-shell: ignore CVE-2021-3982 gimp: ignore already fixed CVEs minidlna: ignore CVE-2024-51442 python3-werkzeug: upgrade 3.1.5 -> 3.1.6 libheif: patch CVE-2025-68431 python3-nltk: upgrade 3.9.2 -> 3.9.3 python3-pillow: patch CVE-2026-25990 streamripper: ignore CVE-2020-37065 unbound: patch CVE-2025-5994 python3-protobuf: mark CVE-2026-0994 patched exiftool: ignore CVE-2026-3102 libmediaart-2.0: upgrade 1.9.6 -> 1.9.7 libjxl: mark CVE-2025-12474 and CVE-2026-1837 patched zabbix: mark CVE-2026-23925 as patched Jason Schonberg (1): nopoll: Upgrade to 0.4.7.b429 Leon Anavi (3): python3-filelock: Upgrade 3.20.1 -> 3.20.2 python3-filelock: Upgrade 3.20.2 -> 3.20.3 python3-flask: Upgrade 3.1.2 -> 3.1.3 Liu Yiding (2): networkmanager: upgrade 1.52.0 -> 1.52.2 networkmanager-openvpn: upgrade 1.12.3 -> 1.12.5 Markus Volk (1): pipewire: update 1.4.9 -> 1.4.10 Peter Kjellerstedt (1): ceres-solver: Don't fail if .git/hooks/commit-msg can't be touched Tafil Avdyli (1): python3-pybind11-json: fix Targets.cmake trying to reference host Wang Mingyu (5): python3-filelock: upgrade 3.20.0 -> 3.20.1 python3-sqlparse: upgrade 0.5.4 -> 0.5.5 imagemagick: upgrade 7.1.2-13 -> 7.1.2-15 libcacard: upgrade 2.8.1 -> 2.8.2 postfix: upgrade 3.10.6 -> 3.10.8 meta-gnome/recipes-gimp/gimp/gimp_3.0.8.bb | 5 +- .../gnome-shell/gnome-shell_48.3.bb | 1 + ...{libde265_1.0.15.bb => libde265_1.0.16.bb} | 4 +- .../libheif/libheif/CVE-2025-68431.patch | 26 ++ .../libheif/libheif_1.20.2.bb | 4 +- .../recipes-multimedia/minidlna/minidlna.inc | 1 + .../{pipewire_1.4.9.bb => pipewire_1.4.10.bb} | 2 +- .../streamripper/streamripper_1.64.6.bb | 2 + ...-2.0_1.9.6.bb => libmediaart-2.0_1.9.7.bb} | 2 +- ....3.bb => networkmanager-openvpn_1.12.5.bb} | 4 +- ...ger_1.52.0.bb => networkmanager_1.52.2.bb} | 4 +- .../wolfssl/files/CVE-2025-13912.patch | 439 ++++++++++++++++++ .../wolfssl/files/CVE-2025-7394-1.patch | 46 ++ .../wolfssl/files/CVE-2025-7394-2.patch | 276 +++++++++++ .../wolfssl/files/CVE-2025-7394-3.patch | 125 +++++ .../wolfssl/files/CVE-2025-7394-4.patch | 88 ++++ .../wolfssl/files/CVE-2025-7394-5.patch | 42 ++ .../wolfssl/files/CVE-2025-7394-6.patch | 49 ++ .../wolfssl/files/CVE-2025-7395-1.patch | 85 ++++ .../wolfssl/files/CVE-2025-7395-2.patch | 28 ++ .../wolfssl/files/CVE-2025-7395-3.patch | 26 ++ .../wolfssl/files/CVE-2025-7395-4.patch | 27 ++ .../wolfssl/wolfssl_5.8.0.bb | 11 + .../{postfix_3.10.6.bb => postfix_3.10.8.bb} | 2 +- .../frr/{frr_10.4.2.bb => frr_10.4.3.bb} | 2 +- ...oll_0.4.6.b400.bb => nopoll_0.4.9.b462.bb} | 3 +- ...pen62541_1.3.15.bb => open62541_1.3.17.bb} | 2 +- ...{libcacard_2.8.1.bb => libcacard_2.8.2.bb} | 4 +- .../unbound/unbound/CVE-2025-5994.patch | 279 +++++++++++ .../recipes-support/unbound/unbound_1.22.0.bb | 1 + ...sysinfo-generation-in-parallel-build.patch | 69 +++ .../sysinfo.sh-Fix-typo-in-rm-command.patch | 27 ++ .../nbench-byte/nbench-byte_2.2.3.bb | 4 +- .../zabbix/zabbix_7.0.19.bb | 2 + .../files/0001-tcl.m4-Recognize-tclsh9.patch | 2 +- .../files/0002-Improve-reproducibility.patch | 9 +- ...c-bypass-autoconf-2.69-version-check.patch | 6 +- ...-config_info.c-not-expose-build-info.patch | 4 +- ...gresql-fix-ptest-failure-of-sysviews.patch | 5 +- .../postgresql/files/not-check-libperl.patch | 6 +- ...{postgresql_17.7.bb => postgresql_17.8.bb} | 4 +- .../recipes-devtools/perl/exiftool_13.42.bb | 2 + .../protobuf/protobuf_6.31.1.bb | 2 + .../{valkey_8.1.4.bb => valkey_8.1.6.bb} | 4 +- .../openjpeg/openjpeg/CVE-2023-39327.patch | 50 ++ .../openjpeg/openjpeg_2.5.4.bb | 1 + .../{libjxl_0.11.1.bb => libjxl_0.11.2.bb} | 7 +- .../ceres-solver/ceres-solver_2.2.0.bb | 2 +- ...ck_7.1.2-13.bb => imagemagick_7.1.2-15.bb} | 2 +- ...logd_1.4.4.bb => systemd-netlogd_1.4.5.bb} | 4 +- .../xrdp/xrdp/CVE-2025-68670.patch | 78 ++++ meta-oe/recipes-support/xrdp/xrdp_0.9.20.bb | 1 + ...k_3.20.0.bb => python3-filelock_3.20.3.bb} | 2 +- ...-flask_3.1.2.bb => python3-flask_3.1.3.bb} | 4 +- ...let_3.2.4.bb => python3-greenlet_3.2.5.bb} | 2 +- .../python3-pillow/CVE-2026-25990.patch | 151 ++++++ .../python/python3-pillow_12.0.0.bb | 5 + .../python/python3-protobuf_6.33.5.bb | 1 + ...p-PYTHON_INCLUDE_DIRS-from-interface.patch | 34 ++ .../python/python3-pybind11-json_0.2.15.bb | 3 +- ...rse_0.5.4.bb => python3-sqlparse_0.5.5.bb} | 2 +- ...eug_3.1.5.bb => python3-werkzeug_3.1.6.bb} | 2 +- ...n3-nltk_3.9.2.bb => python3-nltk_3.9.3.bb} | 2 +- .../nginx/files/CVE-2026-1642.patch | 46 ++ .../recipes-httpd/nginx/nginx_1.29.1.bb | 1 + 65 files changed, 2082 insertions(+), 54 deletions(-) rename meta-multimedia/recipes-multimedia/libde265/{libde265_1.0.15.bb => libde265_1.0.16.bb} (90%) create mode 100644 meta-multimedia/recipes-multimedia/libheif/libheif/CVE-2025-68431.patch rename meta-multimedia/recipes-multimedia/pipewire/{pipewire_1.4.9.bb => pipewire_1.4.10.bb} (99%) rename meta-multimedia/recipes-support/libmediaart/{libmediaart-2.0_1.9.6.bb => libmediaart-2.0_1.9.7.bb} (90%) rename meta-networking/recipes-connectivity/networkmanager/{networkmanager-openvpn_1.12.3.bb => networkmanager-openvpn_1.12.5.bb} (91%) rename meta-networking/recipes-connectivity/networkmanager/{networkmanager_1.52.0.bb => networkmanager_1.52.2.bb} (99%) create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-13912.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7394-1.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7394-2.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7394-3.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7394-4.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7394-5.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7394-6.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7395-1.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7395-2.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7395-3.patch create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7395-4.patch rename meta-networking/recipes-daemons/postfix/{postfix_3.10.6.bb => postfix_3.10.8.bb} (99%) rename meta-networking/recipes-protocols/frr/{frr_10.4.2.bb => frr_10.4.3.bb} (99%) rename meta-networking/recipes-protocols/nopoll/{nopoll_0.4.6.b400.bb => nopoll_0.4.9.b462.bb} (84%) rename meta-networking/recipes-protocols/opcua/{open62541_1.3.15.bb => open62541_1.3.17.bb} (98%) rename meta-networking/recipes-support/spice/{libcacard_2.8.1.bb => libcacard_2.8.2.bb} (82%) create mode 100644 meta-networking/recipes-support/unbound/unbound/CVE-2025-5994.patch create mode 100644 meta-oe/recipes-benchmark/nbench-byte/nbench-byte/Makefile-Fix-sysinfo-generation-in-parallel-build.patch create mode 100644 meta-oe/recipes-benchmark/nbench-byte/nbench-byte/sysinfo.sh-Fix-typo-in-rm-command.patch rename meta-oe/recipes-dbs/postgresql/{postgresql_17.7.bb => postgresql_17.8.bb} (76%) rename meta-oe/recipes-extended/valkey/{valkey_8.1.4.bb => valkey_8.1.6.bb} (97%) create mode 100644 meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2023-39327.patch rename meta-oe/recipes-multimedia/libjxl/{libjxl_0.11.1.bb => libjxl_0.11.2.bb} (90%) rename meta-oe/recipes-support/imagemagick/{imagemagick_7.1.2-13.bb => imagemagick_7.1.2-15.bb} (99%) rename meta-oe/recipes-support/systemd-netlogd/{systemd-netlogd_1.4.4.bb => systemd-netlogd_1.4.5.bb} (91%) create mode 100644 meta-oe/recipes-support/xrdp/xrdp/CVE-2025-68670.patch rename meta-python/recipes-devtools/python/{python3-filelock_3.20.0.bb => python3-filelock_3.20.3.bb} (87%) rename meta-python/recipes-devtools/python/{python3-flask_3.1.2.bb => python3-flask_3.1.3.bb} (81%) rename meta-python/recipes-devtools/python/{python3-greenlet_3.2.4.bb => python3-greenlet_3.2.5.bb} (81%) create mode 100644 meta-python/recipes-devtools/python/python3-pillow/CVE-2026-25990.patch create mode 100644 meta-python/recipes-devtools/python/python3-pybind11-json/0001-CMakeLists-drop-PYTHON_INCLUDE_DIRS-from-interface.patch rename meta-python/recipes-devtools/python/{python3-sqlparse_0.5.4.bb => python3-sqlparse_0.5.5.bb} (82%) rename meta-python/recipes-devtools/python/{python3-werkzeug_3.1.5.bb => python3-werkzeug_3.1.6.bb} (90%) rename meta-python/recipes-devtools/python3-nltk/{python3-nltk_3.9.2.bb => python3-nltk_3.9.3.bb} (88%) create mode 100644 meta-webserver/recipes-httpd/nginx/files/CVE-2026-1642.patch -- 2.53.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#125063): https://lists.openembedded.org/g/openembedded-devel/message/125063 Mute This Topic: https://lists.openembedded.org/mt/118256350/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
