merged now, thanks Anuj

On Thu, May 7, 2026 at 8:42 AM Anuj Mittal <[email protected]>
wrote:

> Please merge these changes in scarthgap. Tested on autobuilder and locally.
>
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1510
>
> The following changes since commit
> 5124ac4a658899158f4a7a2ddf1d2ca931ec7d0e:
>
>   nginx: fix CVE-2026-28753 (2026-04-15 14:12:18 +0530)
>
> are available in the Git repository at:
>
>   https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap
>
> https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap
>
> for you to fetch changes up to ae7dfb12245c7f9b9a353499e2688015bd4e6413:
>
>   jq: Stick to C17 until next release (2026-05-05 06:57:17 +0530)
>
> ----------------------------------------------------------------
>
> Ankur Tyagi (11):
>   opensc: patch CVE-2025-49010
>   opensc: patch CVE-2025-66037
>   opensc: patch CVE-2025-66038
>   opensc: patch CVE-2025-66215
>   libssh: patch CVE-2026-0968
>   libssh: patch CVE-2026-0967
>   libssh: Fix CVE-2026-0965
>   jq: patch CVE-2026-32316
>   jq: patch CVE-2026-33947
>   jq: patch CVE-2026-33948
>   jq: patch CVE-2026-39979
>
> Daniel Turull (1):
>   jq: fix CVE-2026-40164
>
> Gyorgy Sarvari (5):
>   nginx: set CVE_PRODUCT
>   python3-tornado: set CVE_PRODUCT
>   openjpeg: patch CVE-2026-6192
>   corosync: patch CVE-2026-35091
>   corosync: patch CVE-2026-35092
>
> Hitendra Prajapati (2):
>   nginx: fix CVE-2026-32647
>   python3-pillow: fix CVE-2026-40192
>
> Khem Raj (2):
>   krb5: Backport additional fixes to build on clang
>   jq: Stick to C17 until next release
>
> Libo Chen (2):
>   hdf5: fix CVE-2025-2308
>   hdf5: fix CVE-2025-6857
>
> Michael Opdenacker (1):
>   kernel-hardening-checker: update 0.6.10.2 -> 0.6.17.1
>
> Mikko Rapeli (1):
>   onig: fix gcc 15 build
>
> Naman Jain (1):
>   imagemagick: Fix CVEs
>
> Zahir Hussain (1):
>   rocksdb: packageconfig knob for set static library option
>
>  .../corosync/corosync/CVE-2026-35091.patch    |  47 +
>  .../corosync/corosync/CVE-2026-35092.patch    |  57 ++
>  .../corosync/corosync_3.1.10.bb               |   2 +
>  ...001-Fix-more-non-prototype-functions.patch | 862 ++++++++++++++++++
>  ...oid-strict-prototype-compiler-errors.patch | 379 ++++++++
>  .../recipes-connectivity/krb5/krb5_1.21.3.bb  |   2 +
>  meta-oe/recipes-dbs/rocksdb/rocksdb_9.0.0.bb  |   2 +-
>  .../jq/jq/CVE-2026-32316.patch                |  55 ++
>  .../jq/jq/CVE-2026-33947.patch                | 107 +++
>  .../jq/jq/CVE-2026-33948.patch                |  51 ++
>  .../jq/jq/CVE-2026-39979.patch                |  32 +
>  .../jq/jq/CVE-2026-40164.patch                |  92 ++
>  meta-oe/recipes-devtools/jq/jq_1.7.1.bb       |   8 +
>  .../openjpeg/openjpeg/CVE-2026-6192.patch     |  35 +
>  .../openjpeg/openjpeg_2.5.4.bb                |   1 +
>  ...b => kernel-hardening-checker_0.6.17.1.bb} |   2 +-
>  .../hdf5/files/CVE-2025-2308.patch            | 333 +++++++
>  .../hdf5/files/CVE-2025-6857.patch            | 255 ++++++
>  meta-oe/recipes-support/hdf5/hdf5_1.14.4-3.bb |   2 +
>  .../imagemagick/CVE-2026-24481.patch          |  30 +
>  .../imagemagick/CVE-2026-25638.patch          |  29 +
>  .../imagemagick/CVE-2026-25794.patch          |  60 ++
>  .../imagemagick/CVE-2026-25795.patch          |  32 +
>  .../imagemagick/CVE-2026-25796.patch          |  46 +
>  .../imagemagick/CVE-2026-25797_1.patch        | 344 +++++++
>  .../imagemagick/CVE-2026-25797_2.patch        | 143 +++
>  .../imagemagick/CVE-2026-25798.patch          | 109 +++
>  .../imagemagick/CVE-2026-25799.patch          |  42 +
>  .../imagemagick/CVE-2026-25897.patch          |  34 +
>  .../imagemagick/CVE-2026-25898_1.patch        |  39 +
>  .../imagemagick/CVE-2026-25898_2.patch        |  37 +
>  .../imagemagick/CVE-2026-25965.patch          | 322 +++++++
>  .../imagemagick/CVE-2026-25966.patch          |  56 ++
>  .../imagemagick/CVE-2026-25967.patch          |  38 +
>  .../imagemagick/CVE-2026-25968.patch          |  39 +
>  .../imagemagick/CVE-2026-25969.patch          |  63 ++
>  .../imagemagick/CVE-2026-25970.patch          | 139 +++
>  .../imagemagick/CVE-2026-25970_pre1.patch     |  57 ++
>  .../imagemagick/CVE-2026-25982.patch          |  77 ++
>  .../imagemagick/CVE-2026-25985.patch          |  67 ++
>  .../imagemagick/CVE-2026-25986.patch          |  42 +
>  .../imagemagick/CVE-2026-25987.patch          |  44 +
>  .../imagemagick/CVE-2026-25988.patch          |  50 +
>  .../imagemagick/CVE-2026-26066.patch          |  49 +
>  .../imagemagick/CVE-2026-26283.patch          |  33 +
>  .../imagemagick/CVE-2026-26284.patch          |  31 +
>  .../imagemagick/CVE-2026-26983.patch          |  41 +
>  .../imagemagick/imagemagick_7.1.1.bb          |  28 +
>  .../libssh/libssh/CVE-2026-0965.patch         | 284 ++++++
>  .../libssh/libssh/CVE-2026-0967.patch         | 360 ++++++++
>  .../libssh/libssh/CVE-2026-0968-1.patch       |  64 ++
>  .../libssh/libssh/CVE-2026-0968-2.patch       | 136 +++
>  .../recipes-support/libssh/libssh_0.10.6.bb   |   4 +
>  ...08dee4a01dee60c4cd67f2e2e46484ef50a5.patch | 138 +++
>  meta-oe/recipes-support/onig/onig_6.9.9.bb    |   1 +
>  .../opensc/files/CVE-2025-49010.patch         |  72 ++
>  .../opensc/files/CVE-2025-66037.patch         |  35 +
>  .../opensc/files/CVE-2025-66038.patch         |  41 +
>  .../opensc/files/CVE-2025-66215-1.patch       |  29 +
>  .../opensc/files/CVE-2025-66215-2.patch       |  37 +
>  .../opensc/files/CVE-2025-66215-3.patch       |  45 +
>  .../opensc/files/CVE-2025-66215-4.patch       |  62 ++
>  .../recipes-support/opensc/opensc_0.25.1.bb   |   7 +
>  .../python3-pillow/CVE-2026-40192.patch       |  50 +
>  .../python/python3-pillow_10.3.0.bb           |   1 +
>  .../python/python3-tornado_6.4.2.bb           |   2 +
>  .../nginx/nginx-1.24.0/CVE-2026-32647.patch   |  78 ++
>  meta-webserver/recipes-httpd/nginx/nginx.inc  |   2 +
>  .../recipes-httpd/nginx/nginx_1.24.0.bb       |   1 +
>  69 files changed, 5892 insertions(+), 2 deletions(-)
>  create mode 100644
> meta-networking/recipes-extended/corosync/corosync/CVE-2026-35091.patch
>  create mode 100644
> meta-networking/recipes-extended/corosync/corosync/CVE-2026-35092.patch
>  create mode 100644
> meta-oe/recipes-connectivity/krb5/krb5/0001-Fix-more-non-prototype-functions.patch
>  create mode 100644
> meta-oe/recipes-connectivity/krb5/krb5/0002-Avoid-strict-prototype-compiler-errors.patch
>  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-32316.patch
>  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-33947.patch
>  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-33948.patch
>  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-39979.patch
>  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-40164.patch
>  create mode 100644
> meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2026-6192.patch
>  rename meta-oe/recipes-security/kernel-hardening-checker/{
> kernel-hardening-checker_0.6.10.2.bb =>
> kernel-hardening-checker_0.6.17.1.bb} (96%)
>  create mode 100644 meta-oe/recipes-support/hdf5/files/CVE-2025-2308.patch
>  create mode 100644 meta-oe/recipes-support/hdf5/files/CVE-2025-6857.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-24481.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25638.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25794.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25795.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25796.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25797_1.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25797_2.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25798.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25799.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25897.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25898_1.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25898_2.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25965.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25966.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25967.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25968.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25969.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25970.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25970_pre1.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25982.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25985.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25986.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25987.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-25988.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-26066.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-26283.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-26284.patch
>  create mode 100644
> meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-26983.patch
>  create mode 100644
> meta-oe/recipes-support/libssh/libssh/CVE-2026-0965.patch
>  create mode 100644
> meta-oe/recipes-support/libssh/libssh/CVE-2026-0967.patch
>  create mode 100644
> meta-oe/recipes-support/libssh/libssh/CVE-2026-0968-1.patch
>  create mode 100644
> meta-oe/recipes-support/libssh/libssh/CVE-2026-0968-2.patch
>  create mode 100644
> meta-oe/recipes-support/onig/onig/5f1408dee4a01dee60c4cd67f2e2e46484ef50a5.patch
>  create mode 100644
> meta-oe/recipes-support/opensc/files/CVE-2025-49010.patch
>  create mode 100644
> meta-oe/recipes-support/opensc/files/CVE-2025-66037.patch
>  create mode 100644
> meta-oe/recipes-support/opensc/files/CVE-2025-66038.patch
>  create mode 100644
> meta-oe/recipes-support/opensc/files/CVE-2025-66215-1.patch
>  create mode 100644
> meta-oe/recipes-support/opensc/files/CVE-2025-66215-2.patch
>  create mode 100644
> meta-oe/recipes-support/opensc/files/CVE-2025-66215-3.patch
>  create mode 100644
> meta-oe/recipes-support/opensc/files/CVE-2025-66215-4.patch
>  create mode 100644
> meta-python/recipes-devtools/python/python3-pillow/CVE-2026-40192.patch
>  create mode 100644
> meta-webserver/recipes-httpd/nginx/nginx-1.24.0/CVE-2026-32647.patch
>
> --
> 2.53.0
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#126816): 
https://lists.openembedded.org/g/openembedded-devel/message/126816
Mute This Topic: https://lists.openembedded.org/mt/119191702/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to