meta-openembedded

mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-13 17:39:57 +00:00

Author	SHA1	Message	Date
Gyorgy Sarvari	866c25643a	libgphoto2: patch CVE-2026-40334 Details: https://nvd.nist.gov/vuln/detail/CVE-2026-40334 Backport the patch that is referenced by the NVD advisory. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com> (cherry picked from commit `ce3fa8ad2a`) Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Gyorgy Sarvari	9e9977200d	libgphoto2: patch CVE-2026-40333 Details: https://nvd.nist.gov/vuln/detail/CVE-2026-40333 Backport the patch referenced by the NVD advisory. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com> (cherry picked from commit `754e02c668`) Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Gyorgy Sarvari	ba9800188e	openjpeg: patch CVE-2026-6192 Details: https://nvd.nist.gov/vuln/detail/CVE-2026-6192 Backport the patch referenced by the NVD advisory. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com> (cherry picked from commit `09050325e6`) Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Wang Mingyu	1df4552b9e	imagemagick: upgrade 7.1.2-18 -> 7.1.2-19 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com> (cherry picked from commit `946243ec05`) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Gyorgy Sarvari	1f8d2c36c0	botan: patch CVE-2026-34582 Details: https://nvd.nist.gov/vuln/detail/CVE-2026-34582 Debian has identified[1] the PR that fixes this, however the url seems to have a typo - it was PR number 5499[2], and not 5599[3]. (The backported commit's description matches the CVE's description) [1]: https://security-tracker.debian.org/tracker/CVE-2026-34582 [2]: https://github.com/randombit/botan/pull/5499 [3]: https://github.com/randombit/botan/pull/5599 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Jason Schonberg	4c4eaf1d21	php: upgrade 8.4.19 -> 8.4.20 This is a bug fix release. Changelog: https://www.php.net/ChangeLog-8.php#8.4.20 Signed-off-by: Jason Schonberg <schonm@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Gyorgy Sarvari	a23083428f	giflib: patch CVE-2025-31344 Details: https://nvd.nist.gov/vuln/detail/CVE-2025-31344 Backport the commit that mentions this CVE ID explicitly in its message. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Gyorgy Sarvari	fed5dab762	imagemagick: upgrade 7.1.2-17 -> 7.1.2-18 Contains fixes for CVE-2026-33535 and CVE-2026-33536 Shortlog: https://github.com/ImageMagick/ImageMagick/compare/7.1.2-17...7.1.2-18 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Gyorgy Sarvari	873ae07e82	opensc: patch CVE-2025-66038 Details: https://nvd.nist.gov/vuln/detail/CVE-2025-66038 Backport the patch that is referenced by the upstream wiki page[1] that is related to this vulnerability. [1]: https://github.com/OpenSC/OpenSC/wiki/CVE-2025-66038 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Gyorgy Sarvari	73034a4fe1	opensc: patch CVE-2025-66037 Details: https://nvd.nist.gov/vuln/detail/CVE-2025-66037 Backport the patch that is referenced by the upstream wiki page[1] that is related to this vulnerability. [1]: https://github.com/OpenSC/OpenSC/wiki/CVE-2025-66037 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Gyorgy Sarvari	7c8dd8d492	opensc: patch CVE-2025-49010 Details: https://nvd.nist.gov/vuln/detail/CVE-2025-49010 Backport the patch that is referenced by the upstream wiki page[1] that is related to this vulnerability. [1]: https://github.com/OpenSC/OpenSC/wiki/CVE-2025-49010 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Gyorgy Sarvari	6c4868d3f7	nodejs: ignore fixed CVEs All these CVEs are fixed in v22.22.2[1], except for CVE-2026-21712, which does not affect v22 series, because it was introduced in a later version[2]. All these CVEs are tracked without version info by NVD at the time of creating this patch. [1]: https://github.com/nodejs/node/blob/v22.x/doc/changelogs/CHANGELOG_V22.md [2]: https://nodejs.org/en/blog/vulnerability/march-2026-security-releases Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Jason Schonberg	2c70222d32	nodejs: upgrade 22.22.1 -> 22.22.2 This is the March 2026 security release. 2 high severity issues. 5 medium severity issues. 2 low severity issues. High priority fixes: CVE-2026-21637 CVE-2026-21710 Medium priority fixes: CVE-2026-21711 (affects only nodejs v25) CVE-2026-21712 (affects only nodejs v24 & v25) CVE-2026-21713 CVE-2026-21714 CVE-2026-21717 Low priority fixes: CVE-2026-21715 CVE-2026-21716 https://nodejs.org/en/blog/vulnerability/march-2026-security-releases Changelog: https://github.com/nodejs/node/releases/tag/v22.22.2 Signed-off-by: Jason Schonberg <schonm@gmail.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com> (cherry picked from commit `d32cd27eaa`) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Jason Schonberg	de8e685a66	nodejs: upgrade 22.22.0 -> 22.22.1 License Update: Add sorttable.js under the MIT license - https://github.com/nodejs/node/pull/61348/files Update minimatch to the Blue Oak Model License - https://github.com/nodejs/node/commit/e72da8c7544727f90b857ba86b8c7755e631fe96 Changelog: https://github.com/nodejs/node/releases/tag/v22.22.1 Signed-off-by: Jason Schonberg <schonm@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit `db05f827bb`) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Vijay Anusuri	25dbfb365a	giflib: Fix CVE-2026-23868 Pick patch according to [1] [1] https://www.facebook.com/security/advisories/cve-2026-23868 [2] https://nvd.nist.gov/vuln/detail/CVE-2026-23868 Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Gyorgy Sarvari	b35ad41144	botan: patch CVE-2026-32884 Details: https://nvd.nist.gov/vuln/detail/CVE-2026-32884 The backported patch was selected based on the security.rst[1] file of the project, that mentions the date of the fix. When looked through the commits from that date, picked the one that's description matches the CVE description. The included test passed successfully (along with the other tests). [1]: https://github.com/randombit/botan/blob/master/doc/security.rst Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Gyorgy Sarvari	70a903c888	botan: patch CVE-2026-32883 Details: https://nvd.nist.gov/vuln/detail/CVE-2026-32883 Backport the patch that was identified by Debian[1]. The included test passed successfully (along with the other tests). [1]: https://security-tracker.debian.org/tracker/CVE-2026-32883 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Gyorgy Sarvari	c4b5bca1e8	botan: patch CVE-2026-32877 Details: https://nvd.nist.gov/vuln/detail/CVE-2026-32877 Backport the patch that was identified by Debian[1]. The included test passed successfully (along with the other tests). [1]: https://security-tracker.debian.org/tracker/CVE-2026-32877 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Deepak Rathore	ab0866131d	libssh: Fix CVE-2026-0965 Pick the patch [1] as mentioned in [2] [1] https://git.libssh.org/projects/libssh.git/commit/?id=bf390a042623e02abc8f421c4c5fadc0429a8a76 [2] https://security-tracker.debian.org/tracker/CVE-2026-0965 Signed-off-by: Deepak Rathore <deeratho@cisco.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Deepak Rathore	cdfa4084fe	libssh: Fix CVE-2026-0967 Pick the patch [1] as mentioned in [2] [1] https://git.libssh.org/projects/libssh.git/commit/?id=6d74aa6138895b3662bade9bd578338b0c4f8a15 [2] https://security-tracker.debian.org/tracker/CVE-2026-0967 Signed-off-by: Deepak Rathore <deeratho@cisco.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Deepak Rathore	f516c3f209	libssh: Fix CVE-2026-0968 Pick the patch [1] and [2] as mentioned in [3] [1] https://git.libssh.org/projects/libssh.git/commit/?id=796d85f786dff62bd4bcc4408d9b7bbc855841e9 [2] https://git.libssh.org/projects/libssh.git/commit/?id=212121971fb26e1e00b72bd5402c0454a4d84c03 [3] https://security-tracker.debian.org/tracker/CVE-2026-0968 Signed-off-by: Deepak Rathore <deeratho@cisco.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-24 21:13:20 +05:30
Gyorgy Sarvari	e62e3f8f25	freeipmi: upgrade 1.6.16 -> 1.6.17 Changes: o Fix exploitable buffer overflows in the following ipmi-oem commands: - ipmi-oem dell get-last-post-code - ipmi-oem supermicro extra-firmware-info - ipmi-oem wistron read-proprietary-string o Support --proxy in ipmiconsole. o Fix mem-leak within libfreeipmi locate api. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com> (cherry picked from commit `4b4c770ce5`) Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-21 08:57:47 +05:30
Ankur Tyagi	dba7c549bd	tigervnc: patch CVE-2026-34352 Details: https://nvd.nist.gov/vuln/detail/CVE-2026-34352 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-21 08:57:47 +05:30
Ankur Tyagi	1ccaa949ea	zabbix: ignore CVE-2026-23919 It was fixed since version 7.0.19[1] [1] https://support.zabbix.com/browse/ZBX-27638 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-21 08:57:47 +05:30
Wang Mingyu	4d1cb07307	openldap: upgrade 2.6.12 -> 2.6.13 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com> (cherry picked from commit `b089df410f`) Changelog: https://git.openldap.org/openldap/openldap/-/blob/OPENLDAP_REL_ENG_2_6_13/CHANGES?ref_type=tags Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-21 08:57:38 +05:30
Wang Mingyu	95c6a65c69	openldap: upgrade 2.6.10 -> 2.6.12 License-Update: Copyright year updated to 2026 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit `6c54894209`) Changelog: https://git.openldap.org/openldap/openldap/-/blob/OPENLDAP_REL_ENG_2_6_12/CHANGES?ref_type=tags Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-21 08:57:38 +05:30
Wang Mingyu	6de735114a	iwd: upgrade 3.11 -> 3.12 Changelog: =========== - Fix issue with handling expiration of PMKSA. - Fix issue with handling uninitialized buffer and PMKID. - Fix issue with checking for PKCS#8 key parser in unit tests. - Fix issue with using -std=c23 compiler setting. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com> (cherry picked from commit `7c5ec1fa02`) Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-21 08:57:38 +05:30
Markus Volk	bdf97cd9d2	iwd: update 3.10 -> 3.11 ver 3.11: Fix issue with interface registration before acquiring name. Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit `ac9041ed3e`) Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-21 08:57:38 +05:30
Wang Mingyu	16af6bba7d	imapfilter: upgrade 2.8.3 -> 2.8.5 License-Update: copyright year updated to 2026. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit `89b961c889`) https://github.com/lefcha/imapfilter/blob/v2.8.5/NEWS Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-26 10:29:24 +05:30
Wang Mingyu	b95d21b7aa	jasper: upgrade 4.2.8 -> 4.2.9 Changelog: - Fixed a bug in the JP2 encoder that caused incorrect handling of opacity components in some cases. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit `330ecdd2ad`) Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-26 10:29:24 +05:30
Sujeet Nayak	56f9f2dbd5	libnice: make crypto library configurable via PACKAGECONFIG Move gnutls from a hard dependency to a PACKAGECONFIG option defaulting to gnutls. This allows users to select openssl as an alternative crypto library by setting PACKAGECONFIG. Signed-off-by: Nguyen Dat Tho <tho3.nguyen@lge.com> Signed-off-by: Sujeet Nayak <sujeetnayak1976@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-26 10:29:24 +05:30
Peter Kjellerstedt	8bf79306ad	bpftrace: Update the runtime dependencies * bash and python3 are only needed by the ptest package. * xz appears to not be needed at all. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-26 10:29:24 +05:30
Mingli Yu	76bea270ec	mariadb: Upgrade 11.4.9 -> 11.4.10 Remove 0001-Remove-x86-specific-loop-in-my_convert.patch as it's fixed in new version [1]. Remove 0001-MDEV-38029-my_tzinfo-t-fails-for-certain-TZ-values-o.patch as its logic is included in new version [2]. Release note: https://mariadb.com/docs/release-notes/community-server/11.4/11.4.10 [1] https://github.com/MariaDB/server/commit/470487c [2] https://github.com/MariaDB/server/commit/a61a746 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-26 10:29:24 +05:30
Gyorgy Sarvari	0efa1d57b6	imagemagick: upgrade 7.1.2-16 -> 7.1.2-17 Contains bugfixes and a couple of CVE fixes: https://github.com/ImageMagick/ImageMagick/compare/7.1.2-16...7.1.2-17 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-26 10:29:24 +05:30
Wang Mingyu	e4a9ec5350	imagemagick: upgrade 7.1.2-15 -> 7.1.2-16 Changelog: =========== * client: Fix use-after-free when creating async proxy failed * daemon: Fix race on subscribers list when on thread * ftp: Validate fe_size when parsing symlink target * ftp: Check localtime() return value before use * CVE-2026-28295: ftp: Use control connection address for PASV data * CVE-2026-28296: ftp: Reject paths containing CR/LF characters * gphoto2: Use g_try_realloc() instead of g_realloc() * cdda: Reject path traversal in mount URI host * client: Fail when URI has invalid UTF-8 chars * Some other fixes Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-26 10:29:24 +05:30
Gyorgy Sarvari	f38ff6e7d0	capnproto: patch CVE-2026-32239 and CVE-2026-32240 Details: https://nvd.nist.gov/vuln/detail/CVE-2026-32239 https://nvd.nist.gov/vuln/detail/CVE-2026-32240 Backport the patch that is referenced by the NVD advisories. (Same patch for both vulnerabilities) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-26 10:29:24 +05:30
Ankur Tyagi	d7710fb408	php: upgrade 8.4.18 -> 8.4.19 https://www.php.net/ChangeLog-8.php#8.4.19 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-26 10:29:24 +05:30
Wang Mingyu	62f49bed40	ser2net: upgrade 4.6.6 -> 4.6.7 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit `23d4ba6b96`) ser2net is updated to fix some issues in reloading the configuration. There were some situations that could cause crashes. The bug was actually in gensio, but a workaround has been added to ser2net for older versions of gensio. https://github.com/cminyard/ser2net/releases/tag/v4.6.7 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-26 10:29:24 +05:30
Gyorgy Sarvari	1e8c1154e3	pcp: fix SRC_URI The branch where the revision was got deleted, so this is just a floating commit now. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-26 10:29:24 +05:30
Deepak Rathore	92bfb48d4c	libssh: Fix CVE-2026-3731 Pick the patch [1] and [2] as mentioned in [3] [1] https://git.libssh.org/projects/libssh.git/commit/?id=f80670a7aba86cbb442c9b115c9eaf4ca04601b8 [2] https://git.libssh.org/projects/libssh.git/commit/?id=02c6f5f7ec8629a7cff6a28cde9701ab10304540 [3] https://security-tracker.debian.org/tracker/CVE-2026-3731 Signed-off-by: Deepak Rathore <deeratho@cisco.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-26 10:29:23 +05:30
Gyorgy Sarvari	0fd2ea7e0b	exiv2: patch CVE-2026-27631 Details: https://nvd.nist.gov/vuln/detail/CVE-2026-27631 Backport the patches referenced by the NVD advisory. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-26 10:29:23 +05:30
Gyorgy Sarvari	ab099baf93	exiv2: patch CVE-2026-27596 Details: https://nvd.nist.gov/vuln/detail/CVE-2026-27596 Backport the commits referenced by the NVD advisory. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-26 10:29:23 +05:30
Gyorgy Sarvari	18824f8a2d	exiv2: patch CVE-2026-25884 Details: https://nvd.nist.gov/vuln/detail/CVE-2026-25884 Backport the commits referenced by the NVD advisory. One of the patches contain some binary data (for test data), which needs to be applied with git PATCHTOOL.. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-26 10:29:23 +05:30
Gyorgy Sarvari	467427d3af	zabbix: mark CVE-2026-23925 as patched Details: https://nvd.nist.gov/vuln/detail/CVE-2026-23925 The vulnerability has been fixed since 7.0.18[1], however NVD tracks this CVE without version information. [1]: https://github.com/zabbix/zabbix/commit/89dec866ec7f8230b25f06ac000575e3b7bd4025 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-09 17:14:04 +05:30
Gyorgy Sarvari	9f2fe367d8	libjxl: mark CVE-2025-12474 and CVE-2026-1837 patched Details: https://nvd.nist.gov/vuln/detail/CVE-2025-12474 https://nvd.nist.gov/vuln/detail/CVE-2026-1837 Both CVEs have been fixed in v0.11.2, but NVD tracks these vulnerabilities without version information. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-09 17:14:04 +05:30
Gyorgy Sarvari	f4dca597c9	exiftool: ignore CVE-2026-3102 Details: https://nvd.nist.gov/vuln/detail/CVE-2026-3102 The vulnerability impacts only MacOS - ignore it. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-09 07:49:33 +05:30
Wang Mingyu	258cdd1e07	imagemagick: upgrade 7.1.2-13 -> 7.1.2-15 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit `853aecb2f9`) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-09 07:49:26 +05:30
Peter Kjellerstedt	843542472e	ceres-solver: Don't fail if .git/hooks/commit-msg can't be touched The .git/hooks/commit-msg Git hook may already exist and not be writable. E.g., in our environment it is a symbolic link to a script in /usr/share. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit `a22fe21c59`) Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-06 10:13:27 +05:30
Ankur Tyagi	d25f3ab33a	valkey: upgrade 8.1.4 -> 8.1.6 Includes fix for CVE-2026-21863, CVE-2025-67733 and various bug fixes. Also include tag in the SRC_URI. https://github.com/valkey-io/valkey/releases/tag/8.1.5 https://github.com/valkey-io/valkey/releases/tag/8.1.6 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-06 10:09:11 +05:30
Daniel Klauer	78a373916b	nbench-byte: Fix sysinfo generation in parallel build The project Makefile uses a script (sysinfo.sh) to non-atomically generate two .c files (sysinfo.c, sysinfoc.c) which are then included in the build. Since the script always overwrites both .c files, the Makefile should only invoke it once, not twice in parallel. Otherwise the .c files may be corrupted and cause random build failures in parallel builds. Requires at least GNU make 4.3, for Grouped Targets support [1]. [1] https://lists.gnu.org/archive/html/info-gnu/2020-01/msg00004.html Reviewed-by: Silvio Fricke <silvio.fricke@gin.de> Signed-off-by: Daniel Klauer <daniel.klauer@gin.de> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit `add2d94ab7`) Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-06 10:09:10 +05:30

1 2 3 4 5 ...

15947 Commits