Looks good. merged now. Thanks Anuj

On Thu, Jul 2, 2026 at 3:45 AM Anuj Mittal via lists.openembedded.org
<[email protected]> wrote:

> Please merge these changes in scarthgap. Tested locally and on autobuilder.
>
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1592
>
> The following changes since commit
> b0c2c648a1af89e7a8dd4c2ec841f3bc0ed0ccb9:
>
>   nginx: backport fix for CVE-2026-9256 (2026-06-09 11:37:19 +0530)
>
> are available in the Git repository at:
>
>   https://git.openembedded.org/meta-openembedded-contrib anujm/scarthgap
>
> https://git.openembedded.org/meta-openembedded-contrib/log/?h=anujm/scarthgap
>
> for you to fetch changes up to 29a044218285fdc7fcdd63d5f0929cb3a27b6fed:
>
>   python3-matplotlib: fix build (2026-07-02 15:08:44 +0530)
>
> ----------------------------------------------------------------
>
> Anuj Mittal (1):
>   python3-matplotlib: fix build
>
> Li Zhou (1):
>   haveged: upgrade 1.9.18 -> 1.9.20
>
> Nitin Wankhade (6):
>   strongswan: Fix CVE-2026-35328
>   strongswan: Fix CVE-2026-35329
>   strongswan: Fix CVE-2026-35330
>   strongswan: Fix CVE-2026-35331
>   strongswan: Fix CVE-2026-35332
>   strongswan: Fix CVE-2026-35333
>
> Shubham Pushpkar (5):
>   jq: Fix CVE-2026-40612
>   jq: Fix CVE-2026-41256
>   jq: Fix CVE-2026-41257
>   jq: Fix CVE-2026-43894
>   jq: Fix CVE-2026-43896
>
> Theo Gaige (Schneider Electric) (1):
>   nginx: patch CVE-2026-48142
>
> Venkatasainath Ravikanti (1):
>   syslog-ng: update config version to match installed binary
>
> Wang Mingyu (1):
>   haveged: upgrade 1.9.20 -> 1.9.22
>
>  ...-insensitive-matching-and-reject-exc.patch | 176 ++++++++++++++++++
>  ...-undersized-attributes-in-enumerator.patch |  41 ++++
>  ...t-zero-length-EAP-SIM-AKA-attributes.patch |  54 ++++++
>  ...d-NULL-pointer-dereference-when-veri.patch |  58 ++++++
>  ...accept-non-empty-ECDH-public-keys-wi.patch |  51 +++++
>  ...nt-infinite-loop-if-supported-versio.patch |  42 +++++
>  .../strongswan/strongswan_5.9.14.bb           |   6 +
>  .../jq/jq/CVE-2026-40612.patch                | 153 +++++++++++++++
>  .../jq/jq/CVE-2026-41256.patch                |  54 ++++++
>  .../jq/jq/CVE-2026-41257.patch                |  57 ++++++
>  .../jq/jq/CVE-2026-43894.patch                |  56 ++++++
>  .../jq/jq/CVE-2026-43896.patch                |  97 ++++++++++
>  meta-oe/recipes-devtools/jq/jq_1.7.1.bb       |   5 +
>  .../{haveged_1.9.18.bb => haveged_1.9.22.bb}  |   3 +-
>  .../syslog-ng/files/syslog-ng.conf.systemd    |  11 +-
>  .../syslog-ng/files/syslog-ng.conf.sysvinit   |   9 +-
>  .../matplotlib-disable-download.patch         |  34 +++-
>  .../python/python3-matplotlib_3.7.2.bb        |   4 +-
>  .../nginx/nginx-1.24.0/CVE-2026-48142.patch   |  43 +++++
>  .../recipes-httpd/nginx/nginx_1.24.0.bb       |   1 +
>  20 files changed, 938 insertions(+), 17 deletions(-)
>  create mode 100644
> meta-networking/recipes-support/strongswan/strongswan/constraints-Case-insensitive-matching-and-reject-exc.patch
>  create mode 100644
> meta-networking/recipes-support/strongswan/strongswan/libradius-Reject-undersized-attributes-in-enumerator.patch
>  create mode 100644
> meta-networking/recipes-support/strongswan/strongswan/libsimaka-Reject-zero-length-EAP-SIM-AKA-attributes.patch
>  create mode 100644
> meta-networking/recipes-support/strongswan/strongswan/pkcs5-pkcs7-Avoid-NULL-pointer-dereference-when-veri.patch
>  create mode 100644
> meta-networking/recipes-support/strongswan/strongswan/tls-server-Only-accept-non-empty-ECDH-public-keys-wi.patch
>  create mode 100644
> meta-networking/recipes-support/strongswan/strongswan/tls-server-Prevent-infinite-loop-if-supported-versio.patch
>  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-40612.patch
>  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-41256.patch
>  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-41257.patch
>  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-43894.patch
>  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2026-43896.patch
>  rename meta-oe/recipes-extended/haveged/{haveged_1.9.18.bb =>
> haveged_1.9.22.bb} (93%)
>  create mode 100644
> meta-webserver/recipes-httpd/nginx/nginx-1.24.0/CVE-2026-48142.patch
>
> --
> 2.54.0
>
>
> 
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#128004): 
https://lists.openembedded.org/g/openembedded-devel/message/128004
Mute This Topic: https://lists.openembedded.org/mt/120081049/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to