lgtm, merged now. Thanks Anuj On Mon, May 25, 2026 at 4:27 PM Anuj Mittal <[email protected]> wrote:
> Mostly CVE fixes and a few bug fix only upgrades. There's a new recipe for > python3-backports-zstd that introduces this module for Python 3.12 which > didn't > have this. > > Tested locally and on autobuilder: > > https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1538 > > The following changes since commit > ae7dfb12245c7f9b9a353499e2688015bd4e6413: > > jq: Stick to C17 until next release (2026-05-05 06:57:17 +0530) > > are available in the Git repository at: > > https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap > > https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap > > for you to fetch changes up to d8cc4e44001c7257273d290ce8c4496e93d32841: > > postgresql: upgrade 16.12 -> 16.14 (2026-05-25 08:05:43 +0530) > > ---------------------------------------------------------------- > > Ankur Tyagi (8): > exiftool: ignore CVE-2026-7580 > firewalld: upgrade 1.3.2 -> 1.3.4 > frr: patch CVE-2026-28532 > lcms: patch CVE-2026-41254 > lcms: patch CVE-2026-42798 > postfix: upgrade 3.8.12 -> 3.8.16 > nanomsg: upgrade 1.2.1 -> 1.2.2 > postgresql: upgrade 16.12 -> 16.14 > > Gyorgy Sarvari (1): > python3-ecdsa: set CVE_PRODUCT > > Het Patel (3): > abseil-cpp: Add CVE_PRODUCT to support product name > onig: Add CVE_PRODUCT to support product name > open-vm-tools: Add entry to CVE_PRODUCT to support the product name > > Hitendra Prajapati (2): > wireshark: fix for CVE-2025-13946 > strongswan: fix for CVE-2026-35334 > > Hugo SIMELIERE (Schneider Electric) (5): > nss: Fix CVE-2026-2781 > dnsmasq: Fix CVE-2026-4891 > dnsmasq: Fix CVE-2026-4892 > dnsmasq: Fix CVE-2026-4893 > dnsmasq: Fix CVE-2026-5172 > > Jason Schonberg (1): > php: upgrade 8.2.30 -> 8.2.31 > > Jérémie Dautheribes (Schneider Electric ) (1): > python3-backports-zstd: add recipe > > Liyin Zhang (1): > apache2: upgrade 2.4.66 -> 2.4.67 > > Peter Marko (1): > python-grpcio(-tools): add grpc:grpc to cve product > > Sudhir Dumbhare (1): > libssh: set status for CVE-2025-14821 > > Theo Gaige (1): > dash: fix CVE-2026-31323 > > Theo Gaige (Schneider Electric) (4): > nginx: patch CVE-2026-40701 > nginx: patch CVE-2026-42934 > nginx: patch CVE-2026-42945 > nginx: patch CVE-2026-42946 > > ...{firewalld_1.3.2.bb => firewalld_1.3.4.bb} | 2 +- > .../{nanomsg_1.2.1.bb => nanomsg_1.2.2.bb} | 2 +- > .../{postfix_3.8.12.bb => postfix_3.8.16.bb} | 2 +- > .../frr/frr/CVE-2026-28532.patch | 309 ++++++++++++++++++ > .../recipes-protocols/frr/frr_9.1.3.bb | 1 + > .../recipes-support/dnsmasq/dnsmasq_2.90.bb | 4 + > .../dnsmasq/files/CVE-2026-4891.patch | 44 +++ > .../dnsmasq/files/CVE-2026-4892.patch | 41 +++ > .../dnsmasq/files/CVE-2026-4893.patch | 38 +++ > .../dnsmasq/files/CVE-2026-5172.patch | 39 +++ > .../open-vm-tools/open-vm-tools_12.3.5.bb | 2 +- > .../strongswan/CVE-2026-35334.patch | 255 +++++++++++++++ > .../strongswan/strongswan_5.9.14.bb | 1 + > .../wireshark/files/CVE-2025-13946.patch | 51 +++ > .../wireshark/wireshark_4.2.14.bb | 1 + > .../files/0001-Add-support-for-RISC-V.patch | 7 +- > .../files/0002-Improve-reproducibility.patch | 7 +- > ...c-bypass-autoconf-2.69-version-check.patch | 11 +- > ...-config_info.c-not-expose-build-info.patch | 9 +- > ...gresql-fix-ptest-failure-of-sysviews.patch | 7 +- > .../postgresql/files/not-check-libperl.patch | 9 +- > ...ostgresql_16.12.bb => postgresql_16.14.bb} | 2 +- > .../abseil-cpp/abseil-cpp_20240116.3.bb | 3 + > .../recipes-devtools/perl/exiftool_12.72.bb | 1 + > .../php/{php_8.2.30.bb => php_8.2.31.bb} | 2 +- > .../dash/dash/CVE-2026-31323.patch | 43 +++ > meta-oe/recipes-shells/dash/dash_0.5.12.bb | 5 +- > .../lcms/lcms/CVE-2026-41254_1.patch | 30 ++ > .../lcms/lcms/CVE-2026-41254_2.patch | 36 ++ > .../lcms/lcms/CVE-2026-42798.patch | 38 +++ > meta-oe/recipes-support/lcms/lcms_2.16.bb | 6 +- > .../recipes-support/libssh/libssh_0.10.6.bb | 2 + > .../nss/nss/CVE-2026-2781.patch | 36 ++ > meta-oe/recipes-support/nss/nss_3.98.bb | 1 + > meta-oe/recipes-support/onig/onig_6.9.9.bb | 3 + > ...ake-license-entries-compatible-with-.patch | 38 +++ > ...s.toml-lower-setuptools-requirements.patch | 31 ++ > .../python/python3-backports-zstd_1.5.0.bb | 21 ++ > .../python/python3-ecdsa_0.19.0.bb | 2 + > .../python/python3-grpcio-tools_1.62.2.bb | 2 + > .../python/python3-grpcio_1.62.2.bb | 2 + > .../{apache2_2.4.66.bb => apache2_2.4.67.bb} | 2 +- > .../nginx/nginx-1.24.0/CVE-2026-40701.patch | 73 +++++ > .../nginx/nginx-1.24.0/CVE-2026-42934.patch | 79 +++++ > .../nginx/nginx-1.24.0/CVE-2026-42945.patch | 46 +++ > .../nginx-1.24.0/CVE-2026-42946-01.patch | 46 +++ > .../nginx-1.24.0/CVE-2026-42946-02.patch | 91 ++++++ > .../recipes-httpd/nginx/nginx_1.24.0.bb | 5 + > 48 files changed, 1445 insertions(+), 43 deletions(-) > rename > meta-networking/dynamic-layers/meta-python/recipes-connectivity/firewalld/{ > firewalld_1.3.2.bb => firewalld_1.3.4.bb} (99%) > rename meta-networking/recipes-connectivity/nanomsg/{nanomsg_1.2.1.bb => > nanomsg_1.2.2.bb} (94%) > rename meta-networking/recipes-daemons/postfix/{postfix_3.8.12.bb => > postfix_3.8.16.bb} (99%) > create mode 100644 > meta-networking/recipes-protocols/frr/frr/CVE-2026-28532.patch > create mode 100644 > meta-networking/recipes-support/dnsmasq/files/CVE-2026-4891.patch > create mode 100644 > meta-networking/recipes-support/dnsmasq/files/CVE-2026-4892.patch > create mode 100644 > meta-networking/recipes-support/dnsmasq/files/CVE-2026-4893.patch > create mode 100644 > meta-networking/recipes-support/dnsmasq/files/CVE-2026-5172.patch > create mode 100644 > meta-networking/recipes-support/strongswan/strongswan/CVE-2026-35334.patch > create mode 100644 > meta-networking/recipes-support/wireshark/files/CVE-2025-13946.patch > rename meta-oe/recipes-dbs/postgresql/{postgresql_16.12.bb => > postgresql_16.14.bb} (86%) > rename meta-oe/recipes-devtools/php/{php_8.2.30.bb => php_8.2.31.bb} > (99%) > create mode 100644 meta-oe/recipes-shells/dash/dash/CVE-2026-31323.patch > create mode 100644 > meta-oe/recipes-support/lcms/lcms/CVE-2026-41254_1.patch > create mode 100644 > meta-oe/recipes-support/lcms/lcms/CVE-2026-41254_2.patch > create mode 100644 meta-oe/recipes-support/lcms/lcms/CVE-2026-42798.patch > create mode 100644 meta-oe/recipes-support/nss/nss/CVE-2026-2781.patch > create mode 100644 > meta-python/recipes-devtools/python/python3-backports-zstd/0001-pyproject.toml-make-license-entries-compatible-with-.patch > create mode 100644 > meta-python/recipes-devtools/python/python3-backports-zstd/0002-pyprojects.toml-lower-setuptools-requirements.patch > create mode 100644 meta-python/recipes-devtools/python/ > python3-backports-zstd_1.5.0.bb > rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.66.bb => > apache2_2.4.67.bb} (99%) > create mode 100644 > meta-webserver/recipes-httpd/nginx/nginx-1.24.0/CVE-2026-40701.patch > create mode 100644 > meta-webserver/recipes-httpd/nginx/nginx-1.24.0/CVE-2026-42934.patch > create mode 100644 > meta-webserver/recipes-httpd/nginx/nginx-1.24.0/CVE-2026-42945.patch > create mode 100644 > meta-webserver/recipes-httpd/nginx/nginx-1.24.0/CVE-2026-42946-01.patch > create mode 100644 > meta-webserver/recipes-httpd/nginx/nginx-1.24.0/CVE-2026-42946-02.patch > > -- > 2.54.0 > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#127304): https://lists.openembedded.org/g/openembedded-devel/message/127304 Mute This Topic: https://lists.openembedded.org/mt/119481333/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
