a68e046d52
breakpad: correct SRC_URI branch
...
Master branch was renamed to main, causing fetching failures.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:32:41 +05:30
feeea23c34
yaffs2-utils: update SRC_URI
...
The source repo has been moved to github.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 49c7edb304skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:32:41 +05:30
37bfef7bf6
http-parser: fix SRC_URI branch
...
master branch was renamed to main
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:32:41 +05:30
8a2e72ee1a
gnome-chess: fix SRC_URI branch
...
Master branch was renamed to main.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:32:41 +05:30
75225a417c
xmlsec1: fix SRC_URI
...
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:32:41 +05:30
64f50262ee
spriv-shader-generator: fix SRC_URI branch
...
Master ranch was renamed to main.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:32:41 +05:30
b915e3d3f6
netsniff-ng: fix SRC_URI branch
...
Source branch was renamed from master to main.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:32:41 +05:30
ab1b3dca32
xf86-video-armsoc: fix SRC_URI
...
The previously used repo was moved to freedesktop's gitlab instance,
causing fetching failures.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:32:41 +05:30
2f2ce7ee87
zabbix: upgrade 6.2.7 -> 6.2.9
...
Changelog:
Changes for 6.2.9
- fixed unauthorised file system access when using cURL
- increased TimescaleDB maximum supported version to 2.10
- increased MariaDB maximum supported version to 10.11
- fixed broken database upgrade if started more than one Zabbix server at the same time on one database
- fixed a crash when testing item with aggregated function count containing invalid argument
- fixed race condition when starting Zabbix agent 2 with loadable plugins
- changed global script name validation to include menu path in its scope of uniqueness check
- fixed HttpRequest limit in JavaScript being reached even if all objects are destroyed
Changes for 6.2.8
- fixed data sending to Zabbix server from Zabbix agent2 persistent buffer
- implemented API token authentication in user.checkAuthentication method
- added support of PHP 8.2
- fixed selects of history, trends blocking drop_chunks and housekeeping
- fixed success message when disabling hosts in host groups
- fixed the crash in calculated items when using tag filter on 32-bit systems
- optimized JSONPaths in the Nginx Plus template
- fixed discover status not being updated for templated graph prototype
- fixed misplaced error messages in the edit forms for host groups and template groups
- fixed template dashboard availability to users without permissions to the templates
- fixed Zabbix server crash appearing when only item tags change between LLD runs
- optimized Nginx Plus by HTTP template to spread the load across worker porcesses
- added the cookie engine to HTTP checks
- optimized Remote Zabbix server health template to spread the load across worker processes, updated descriptions
- optimized Zabbix server health template to spread the load across worker processes, updated descriptions
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:32:41 +05:30
fda2360e25
zabbix: fix SRC_URI
...
The folder has changed, causing fetching failures.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:32:41 +05:30
15f43b9555
fsverity-utils: fix SRC_URI
...
This URL does not exist any more, and do_fetch works only because a mirrored
file is available at
http://downloads.yoctoproject.org/mirror/sources/git2_git.kernel.org.pub.scm.linux.kernel.git.ebiggers.fsverity-utils.git.tar.gz
Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit d54e2671e6skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:32:41 +05:30
a9c16127f0
pcp: update SRC_URI
...
The original download location, jfrog's artifactory stopped
providing any kind of free service, and the source code is not
downloadable anymore.
The project however has an official github repository also -
change the SRC_URI to this to make it work again.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:32:41 +05:30
5fd1c77d91
libvdpau: update SRC_URI
...
The old repository was moved to a new freedesktop gitlab instance,
causing fetching faulres.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:32:41 +05:30
c46128a529
pyxdg: update SRC_URI
...
The previous repository was moved to freedesktop's gitlab instance,
and was causing fetching failures.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:32:41 +05:30
07810b11ef
python3-django 5.0.11: Fix CVE-2025-26699
...
Upstream Repository: https://github.com/django/django.git
Bug Details: https://nvd.nist.gov/vuln/detail/CVE-2025-26699
Type: Security Fix
CVE: CVE-2025-26699
Score: 7.5
Patch: https://github.com/django/django/commit/e88f7376fe68
Signed-off-by: Anil Dongare <adongare@cisco.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:28:54 +05:30
e8a6ea8f4b
python3-django 5.0.11: ignore CVE-2025-27556
...
Upstream Repository: https://github.com/django/django.git
Bug Details: https://nvd.nist.gov/vuln/detail/CVE-2025-27556
Type: Security Advisory
CVE: CVE-2025-27556
Score: 7.5
Analysis:
- CVE-2025-27556 affects Django 5.1 before 5.1.8 and 5.0 before 5.0.14.
- The issue occurs due to slow NFKC normalization on Windows, which can cause
a denial-of-service (DoS) when handling inputs containing a very large number
of Unicode characters.
- Affected Django components:
django.contrib.auth.views.LoginView
django.contrib.auth.views.LogoutView
django.views.i18n.set_language
- This performance degradation is specific to Windows, caused by the Windows
Unicode normalization implementation.
Reference:
- https://nvd.nist.gov/vuln/detail/CVE-2025-27556
- https://github.com/django/django/commit/2cb311f7b069
Signed-off-by: Anil Dongare <adongare@cisco.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:28:54 +05:30
f029d98026
squid: upgrade 6.12 -> 6.14
...
License-Update: copyright years updated
Changelog:
https://github.com/squid-cache/squid/releases/tag/SQUID_6_13
https://github.com/squid-cache/squid/releases/tag/SQUID_6_14
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:28:45 +05:30
64eecac264
squid: download from github
...
Devtool could not find latest versions before.
Download page [1] shows message
"Squid sources are released through GitHub. Please refer to the Releases
Page to find all released versions."
Note that also squid security advisories were moved to Github.
[1] https://www.squid-cache.org/Versions/
Signed-off-by: Peter Marko <peter.marko@siemens.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit f088e1e1f9ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:28:45 +05:30
817253bd45
squid: upgrade 6.10 -> 6.12
...
License-Update: copyright year updated
Add patch to fix new build failure from release tarball.
Signed-off-by: Peter Marko <peter.marko@siemens.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 928ef34eadankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:28:45 +05:30
42e51b1e59
squid: Upgrade to 6.10
...
Solves CVE-2024-37894
Signed-off-by: Peter Marko <peter.marko@siemens.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit c393973c85ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:28:45 +05:30
102c073c35
freeradius: upgrade 3.2.5 -> 3.2.6
...
Release Notes:
https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_2_6
Refresh patch 0008-libtool-do-not-use-jlibtool.patch due to upstream commit:
https://github.com/FreeRADIUS/freeradius-server/commit/315f09e4ebde14f171f107020f05473dbc9ac8f6
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:14:57 +05:30
1d9c04fea8
frr: upgrade 9.1 -> 9.1.3
...
Dropped patches which are part of this release.
Release Notes:
https://github.com/FRRouting/frr/releases/tag/frr-9.1.1
https://github.com/FRRouting/frr/releases/tag/frr-9.1.2
https://github.com/FRRouting/frr/releases/tag/frr-9.1.3
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:14:57 +05:30
b1caeb9438
arno-iptables-firewall: upgrade 2.1.1 -> 2.1.1a
...
Release Notes:
https://github.com/arno-iptables-firewall/aif/releases/tag/2.1.1a
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:14:57 +05:30
2020ebf1f9
iscsi-initiator-utils: upgrade 2.1.8 -> 2.1.9
...
This release sees more bug fixes, and no major functional changes.
Several memory issues were addressed in iscsiuio, making it more reliable.
Changelog:
https://github.com/open-iscsi/open-iscsi/blob/2.1.9/Changelog
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:14:57 +05:30
90fa6fc6e8
proftpd: upgrade 1.3.7c -> 1.3.7f
...
https://github.com/proftpd/proftpd/blob/1.3.7/NEWS
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:14:57 +05:30
1598b0778f
pureftp: fix autoreconf
...
autoreconf needs to be told where to find macros as the Makefile.am does
not do this.
Signed-off-by: Ross Burton <ross.burton@arm.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 76a756989aankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:14:57 +05:30
5366dd804c
pure-ftpd: upgrade 1.0.51 -> 1.0.52
...
nostrip.patch
refreshed for 1.0.52
License-Update: Copyright year updated to 2024
Changelog:
==========
- The QUIT command is now accepted during a transfer.
- The server can be built with --with-minimal again.
- Fixed an out of bounds read in the MLSD command.
- Larger mmap()ed pages are used on aarch64.
- Improved compatibility with HPUX
- Improved OpenSSL API compatibility
- Improved compatibility with OpenWall Linux
- Improved compatibility with Netfilter
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit fac6357f60ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:14:57 +05:30
ffafc7575f
samba: Run populate-volatile.sh update in postinst
...
samba-common installs a volatiles configuration file but had not been
calling populate-volatile.sh to apply the configuration. This causes
samba installation to fail on a running target due to missing
directories.
Call "populate-volatile.sh update" in samba-common's postinst which
creates the required directories and enables samba to work.
Signed-off-by: Chaitanya Vadrevu <chaitanya.vadrevu@emerson.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 9fd087d298ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:14:57 +05:30
7632025d8a
postfix: upgrade 3.8.9 -> 3.8.12
...
Release Notes:
http://ftp.porcupine.org/mirrors/postfix-release/official/postfix-3.8.12.RELEASE_NOTES
Dropped 0006-postfix-add-preliminary-setting.patch as changes are now part
of current version 3.8.12 (20250919)
http://ftp.porcupine.org/mirrors/postfix-release/official/postfix-3.8.12.HISTORY
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:14:57 +05:30
cab0df9423
postfix: upgrade 3.8.6 -> 3.8.9
...
ChangeLog:
http://ftp.porcupine.org/mirrors/postfix-release/official/postfix-3.8.9.HISTORY
Signed-off-by: Yi Zhao <yi.zhao@windriver.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 9e656e3ac2ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:14:57 +05:30
0c61ce55ca
samba: upgrade 4.19.8 -> 4.19.9
...
ChangeLog:
https://www.samba.org/samba/history/samba-4.19.9.html
Signed-off-by: Yi Zhao <yi.zhao@windriver.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit f7305be2c8ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:14:57 +05:30
7053ee82cb
libldb: upgrade 2.8.1 -> 2.8.2
...
Signed-off-by: Yi Zhao <yi.zhao@windriver.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit e48e7e48a2ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:14:57 +05:30
a2623f24ac
hostapd: patch CVE-2022-37660
...
Pick patches according to oe-core patch for this CVE in wpa-supplicant.
Leave out commit which patched only files not present in hostapd.
Note that Debian just picked the last commit (actually fixing the CVE)
and removed not-applicable parts, but it is probably better to be
consistent with oe-core status.
Signed-off-by: Peter Marko <peter.marko@siemens.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:14:57 +05:30
45a60884b8
kronosnet: Fetch version tag with BB_GIT_SHALLOW_EXTRA_REFS
...
Fetch the needed Git tag by using BB_GIT_SHALLOW_EXTRA_REFS. This fixes
the following autotools configuration error:
| build-aux/git-version-gen: WARNING: .gitarchivever doesn't contain valid version tag
| build-aux/git-version-gen: ERROR: Can't find valid version. Please use valid git repository, released tarball or version tagged archive
| configure.ac:22: error: AC_INIT should be called with package and version arguments
Signed-off-by: Martin Schwan <m.schwan@phytec.de >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:14:57 +05:30
f5deba31bf
wireshark: Fix CVE-2025-9817
...
Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/39daba5e247ea495f88b0be82f0b7ebbdbf50fba
Link: https://gitlab.com/wireshark/wireshark/-/issues/20642
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-9817
https://ftp.lysator.liu.se/pub/opensuse/update/leap/15.6/sle/src/wireshark-4.2.13-150600.18.26.1.src.rpm
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:14:57 +05:30
763886c7d1
wireshark: Upgrade 4.2.12 -> 4.2.14
...
releasenote:
https://www.wireshark.org/docs/relnotes/wireshark-4.2.13.html
https://www.wireshark.org/docs/relnotes/wireshark-4.2.14.html
Includes security fix CVE-2025-11626
Link: https://gitlab.com/wireshark/wireshark/-/issues/20724
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:14:56 +05:30
d9c8972cb7
unbound: patch CVE-2024-33655 and CVE-2025-11411
...
For CVE-2024-33655 applied patch [1] mentioned in [2].
For CVE-2025-11411 applied minimal patch [3] mentioned in [4]. (Slightly
adjustments were required to apply properly)
[1] https://nlnetlabs.nl/downloads/unbound/patch_CVE-2024-33655.diff
[2] https://www.nlnetlabs.nl/downloads/unbound/CVE-2024-33655.txt
[3] https://nlnetlabs.nl/downloads/unbound/patch_CVE-2025-11411.diff
[4] https://www.nlnetlabs.nl/downloads/unbound/CVE-2025-11411.txt
Signed-off-by: Patrick Vogelaar <patrick.vogelaar@belden.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 11:14:56 +05:30
4084b10111
mosquitto: bump to 2.0.22
...
Refresh patches, drop patch 3238, now part of upstream codebase
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org >
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
Signed-off-by: Peter Marko <peter.marko@siemens.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 10:44:37 +05:30
d6c4331e25
mosquitto: bump to 2.0.21
...
Upgrade to mosquitto 2.0.21. Update the patch status for issue 2895 and create a
new patch for an issue introduced in 2.0.19 which causes connections to get down
when the clock is changed.
Signed-off-by: Louis Rannou <louis.rannou@non.se.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
Signed-off-by: Peter Marko <peter.marko@siemens.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 10:44:37 +05:30
a4ce304cf1
mercurial: set CVE_PRODUCT to "mercurial-scm:mercurial"
...
Other product "mercurial" introduce false CVE finding like:
https://nvd.nist.gov/vuln/detail/CVE-2022-43410
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 10:44:37 +05:30
e97091b159
neatvnc: upgrade 0.8.0 -> 0.8.1
...
Changelog
https://github.com/any1/neatvnc/compare/v0.8.0...v0.8.1
This release fixes CVE-2024-42458
Details https://nvd.nist.gov/vuln/detail/cve-2024-42458
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 10:44:37 +05:30
f6e2841080
libssh: Fix CVE-2025-8277
...
Upstream-Commits:
https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=87db2659ec608a977a63eea529f17b9168388d73
&
https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=266174a6d36687b65cf90174f06af90b8b27c65f
&
https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=8e4d67aa9eda455bfad9ac610e54b7a548d0aa08
& https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=1c763e29d138db87665e98983f468d2dd0f286c1
The changes made to the file src/ecdh_crypto.c are excluded, present in the commit 266174a6d36687b65cf90174f06af90b8b27c65.
The relevant changes in `ecdh_crypto.c` are located within the function `static ssh_string ssh_ecdh_generate`. This function, however, is not present in the `libssh-0.10.6` version. It was introduced in `libssh` version 0.11 by the commit `https://git.libssh.org/projects/libssh.git/commit/src/ecdh_crypto.c?h=stable-0.11&id=1eb3df5254a4348eae6edbc8a2bf08fef4015897 `.
Consequently, these changes cannot be directly applied to the `libssh-0.10.6` version. This aligns with the approach taken by other distributions, as Suse also did not backport the `ecdh_crypto.c` file changes in their `libssh-0.10.6-3.1.src.rpm` package, which is available at `https://cdimage.debian.org/mirror/opensuse.org/distribution/leap-micro/6.0/product/repo/openSUSE-Leap-Micro-6.0-x86_64-Media3/src/libssh-0.10.6-3.1.src.rpm `.
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-12 10:44:37 +05:30
34093c56ae
glm: add nativesdk to BBCLASSEXTEND
...
This is a header only package. It may be useful to the native machine
but it is definitely useful for the nativesdk machine.
Signed-off-by: Randolph Sapp <rs@ti.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-08 06:11:03 +05:30
15e18246dd
python3-django: upgrade 4.2.18 -> 4.2.20
...
Includes fix for CVE-2025-26699
Release Notes:
https://docs.djangoproject.com/en/dev/releases/4.2.19/
https://docs.djangoproject.com/en/dev/releases/4.2.20/
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 54f5df8907ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com >
2025-10-30 15:13:43 +08:00
08ee2e37ba
squid: patch CVE-2025-59362
...
Pick commit from PR mentioned in NVD report.
Signed-off-by: Peter Marko <peter.marko@siemens.com >
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com >
2025-10-30 15:13:15 +08:00
30f6c5ae79
cjson: upgrade 1.7.18 -> 1.7.19
...
This includes CVE-fix for CVE-2023-26819.
Removed CVE-2025-57052, as the issue was already resolved
in v1.7.19.
Changelog:
==========
https://github.com/DaveGamble/cJSON/blob/master/CHANGELOG.md
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com >
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com >
2025-10-30 15:12:09 +08:00
62b9edf47b
jq: fix CVE-2025-9403
...
A vulnerability was determined in jqlang jq up to 1.6. Impacted is the
function run_jq_tests of the file jq_test.c of the component JSON Parser.
Executing manipulation can lead to reachable assertion. The attack
requires local access. The exploit has been publicly disclosed and may be
utilized. Other versions might be affected as well.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-9403
Upstream-patch:
https://github.com/jqlang/jq/commit/a4d9d540103ff9a262e304329c277ec89b27e5f9
Signed-off-by: Divya Chellam <divya.chellam@windriver.com >
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com >
2025-10-30 15:11:47 +08:00
9fd485ca64
hostapd: patch CVE-2025-24912
...
Details https://nvd.nist.gov/vuln/detail/CVE-2025-24912
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com >
2025-10-30 15:11:04 +08:00
d18271891f
libjxl: fix CVE-2024-11403 & CVE-2024-11498
...
* CVE-2024-11403 - Upstream-Status: Backport from https://github.com/libjxl/libjxl/commit/9cc451b91b74ba470fd72bd48c121e9f33d24c99
* CVE-2024-11498 - Upstream-Status: Backport from https://github.com/libjxl/libjxl/commit/bf4781a2eed2eef664790170977d1d3d8347efb9
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com >
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com >
2025-10-30 15:11:00 +08:00
5657774a70
mbedtls: upgrade 3.6.4 -> 3.6.5
...
Fixes security vulnerabilities CVE-2025-59438, CVE-2025-54764
Changelog:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.5
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com >
2025-10-30 15:08:13 +08:00
Gyorgy Sarvari
Yi Zhao
Etienne Cordonnier
Anil Dongare
Ankur Tyagi
Peter Marko
Ross Burton
Wang Mingyu
Chaitanya Vadrevu
Martin Schwan
Vijay Anusuri
Patrick Vogelaar
Gianfranco Costamagna
Louis Rannou
Randolph Sapp
Soumya Sambu
Praveen Kumar
Divya Chellam
Hitendra Prajapati