mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity
34,022 Commits 64 Branches 0 Tags
b7c5dc918d4f74fd0397108a45eac83b990767c8
Commit Graph

34022 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gyorgy Sarvari b7c5dc918d jasper: patch CVE-2025-8837 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-8837

Pick the patch from the details of the above link.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:32 +02:00
Gyorgy Sarvari 90bc4f0011 jasper: patch CVE-2025-8836 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-8836

Pick the patch mentioned in the details of the above link.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:32 +02:00
Gyorgy Sarvari 9ed43a962b jasper: patch CVE-2025-8835 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-8835

Pick the patch from the details of the above link.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:32 +02:00
Gyorgy Sarvari ccbe303f50 iperf2: ignore irrelevant CVEs 
These CVEs are for iperf3 - which is a similar application in its goals (and name),
but an independent project from this, and the projects are independent implementations
also, they share no common code.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit aedf74e082)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:32 +02:00
Ankur Tyagi 2b5cc0933f libiec61850: patch CVE-2024-45970 
Details https://nvd.nist.gov/vuln/detail/CVE-2024-45970

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:32 +02:00
Ankur Tyagi a52bccdbc0 libiec61850: patch CVE-2024-45971 
Details https://nvd.nist.gov/vuln/detail/CVE-2024-45971

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Ankur Tyagi 42a6b0441c libiec61850: patch CVE-2024-26529 
Details https://nvd.nist.gov/vuln/detail/CVE-2024-26529

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari c5f1156fb0 imagemagick: patch CVE-2025-57807 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-57807

Pick the commit mentioned in the details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari dce548569d imagemagick: patch CVE-2025-57803 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-57803

Pick the commit mentioned in the details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 2e0b5fe2ef imagemagick: patch CVE-2025-55212 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55212

Pick the patch that mentions the related github advisory in its commit message.

Also backport the missing function that the fix uses.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 188c714d2a imagemagick: patch CVE-2025-55160 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55160

Pick the commit that mentions the related github advisory in its commit message.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 63362396cb imagemagick: patch CVE-2025-55154 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55154

Pick the commit that mentions the related github advisory in its commit message.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari ccc4bcf76f imagemagick: patch CVE-2025-55005 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55005

Pick the patch that mentions the relevant github advisory in its commit message.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 75923b59dc imagemagick: patch CVE-2025-55004 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55004

Pick the patch that mentions the relevant github advisory in its commit message.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 4fb661fec1 imagemagick: patch CVE-2025-53101 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53101

Pick the patch mentioned in the details of the above link.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari e257ea4640 imagemagick: patch CVE-2025-53019 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53019

Pick the patch mentioned in the related github advisory.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 2eefeef2b7 imagemagick: patch CVE-2025-53015 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53015

Pick the patches that are mentioned in the relevant github advisory.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari ee51f8f457 imagemagick: patch CVE-2025-53014 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53014

Pick the patch mentioned in the related Github advisory.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Rajeshkumar Ramasamy a28ca3adca open-vm-tools: upgrade 12.5.0 -> 12.5.4 
this release addressed below CVEs:
CVE-2025-22247
CVE-2025-41244

Changelog:
https://github.com/vmware/open-vm-tools/releases

Signed-off-by: Rajeshkumar Ramasamy <rajeshkumar.ramasamy@windriver.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari e87841beae gimp: patch CVE-2025-5473 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-5473

Pick the patch that resolved the relevant upstream bugreport:
https://gitlab.gnome.org/GNOME/gimp/-/issues/13910

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari b3d0641944 gimp: ignore CVE-2025-8672 
The vulnerability only affects MacOS: https://nvd.nist.gov/vuln/detail/CVE-2025-8672

While touching it, also remove an outdated CVE_STATUS, which has been reported against
a very old version of the application.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f516be2c45)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari f47fdfd730 exiv2: patch CVE-2025-55304 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55304

Backport patch mentioned in the details of the vulnerability.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 40036aa47a exiv2: patch CVE-2025-54080 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-54080

Backport the patch mentioned in the details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 7907a3e206 exiv2: patch CVE-2025-26623 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-26623

Apply the first to PRs from the relevant issue.

(The second PR adds a test, and the 3rd PR tries to reimplement
correctly the feature that introduced the vulnerability:
it is switching some raw pointers to smart pointers. It was not picked
because the
1. In the original issue it is stated that the first PR itself
   fixes the vulnerability
2. The patch doesn't apply clean due to the time gap between our
   and their version
3. The behavior of the application does not change
)

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 7207c63b55 python3-django: ignore CVE-2025-27556 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-27556

Vulnerability affects only Windows - ignore it.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 97cd359c29 redis: patch CVE-2025-48367 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-48367

Backport the patch mentioned in the details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 1e7af79e70 redis: patch CVE-2025-32023 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-32023

Backport the patch mentioned in the details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 0436597eb6 redis: patch CVE-2025-27151 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-27151

Backport the patch mentioned in the details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari f786847743 redis: ignore CVE-2025-21605 
The vulnerability has been fixed in the used versions already,
upstream has backported it.

6.2.18: https://github.com/redis/redis/commit/5e93f9cb9dbc3e7ac9bce36f2838156cbc5c9e62
7.2.8: https://github.com/redis/redis/commit/42fb340ce426364d64f5dccc9c2549e58f48ac6f

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari f7c6bcc1ce wireshark: patch CVE-2025-5601 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-5601

Backport the patch from the Gitlab issue linked in the details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari b31d192efb emacs: patch CVE-2024-39331 
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-39331

Pick the patch that's mentioned in thee details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 2ee73d842e emacs: patch CVE-2024-30205 
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-30205

Pick the patch that's in the description.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 36c85fe852 emacs: patch CVE-2024-30204 
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-30204

Pick the patch that's mentioned in the description.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 4408242e55 emacs: patch CVE-2024-30203 
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-30203

Pick the patch mentioned in the description.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 2d9e67618e emacs: patch CVE-2024-30202 
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-30202

Backport the patch mentioned in the details of the link.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 39c6b336cf dovecot: patch CVE-2022-30550 
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-30550

Pick the commit referenced in https://www.openwall.com/lists/oss-security/2022/07/08/1

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari c21d0a9268 civetweb: patch CVE-2025-55763 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55763

Pick the relevant commit from https://github.com/civetweb/civetweb/pull/1347/

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 36fa532688 apache2: patch CVE-2025-54090 
https://nvd.nist.gov/vuln/detail/CVE-2025-54090

A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true".

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Ankur Tyagi dead2a0070 zlog: fix CVE-2024-22857 
Backport a fix from upstream
https://github.com/HardySimpson/zlog/commit/c47f781a9f1e9604f5201e27d046d925d0d48ac4

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Bartosz Golaszewski 1f3dd92f7b libgpiod: update to v2.2.2 
This is a bugfix release addressing issues in tools and core library. No
API changes.

Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 6914e20d63)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Patrick Zacharias 34ec5a4bed libcanberra: Fix sound not playing on Colibri iMX8X 
Canberra does not specify a buffer size, which leads to ALSA rejecting the settings.
By specfiying a buffer time of 500ms and a period time with a fourth of that,
an appropriate buffer size can be calculated.

This behaviour is mimicked from aplay for compatibility.

Signed-off-by: Patrick Zacharias <1475802+Fighter19@users.noreply.github.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9d2dc82fcb)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Sana Kazi 8011232b05 imagemagick: guard sed operations in do_install for optional files 
When PACKAGECONFIG options like 'cxx' 'webp' and 'xml' are disabled,
certain files such as Magick++-config.im7, configure.xml, or
delegates.xml are not installed. Unconditionally running sed
on these files results in errors during do_install
Error:
sed: can't read .../image/usr/bin/Magick++-config.im7: No such file or directory

Signed-off-by: Nikhil R <nikhilr5@kpit.com>
Signed-off-by: Sana Kazi <sanakazi720@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 27469599fa)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari d3b5d01a7b daemonize: update to latest revision 
Drop a patch that has been incorporated into this version.

(That is also the changelog - the only change is the accepted patch)

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a5cfc39ece)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Denis OSTERLAND-HEIM afbeb5281d libusbgx: fix example gadget start 
From variables docu:
> Setting it to "0" does not disable inhibition.
> Only the empty string will disable inhibition.

That means in case of examples enabled we need ""
and if not "1" to disable update-rc.d.

Signed-off-by: Denis OSTERLAND-HEIM <denis.osterland@diehl.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0ae908de1a)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari 88a7dc2d36 nmap: set correct license 
Nmap has switched from GPLv2 to  their own "Nmap Public Source
License" since a few release. Set it in the recipe accordingly.

The NPSL file in the license firectory has been downloaded
directly from https://svn.nmap.org/nmap/LICENSE

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 6c101fe29d)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Yi Zhao 1c6c373554 nmap: set UPSTREAM_CHECK_REGEX 
Set UPSTREAM_CHECK_REGEX to check the correct latest stable verison.

Before the fix:
$ devtool latest-version nmap
INFO: Current version: 7.95
INFO: Latest version: 7.95-1

After the fix:
$ devtool latest-version nmap
INFO: Current version: 7.95
INFO: Latest version: 7.95

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 12e69dd555)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Kéléfa Sané c8b8a7cfcd crash: fix reproducibility 
Fix reproducibility issue by retrieving the compiler version from the CC
env variable, which define the compiler used in the build and not from
the native gcc compiler install in the host machine.

Signed-off-by: Kéléfa Sané <kelefa.sane@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit df7e1b55d5)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:23 +02:00
Nylon Chen 6cc88c4e9b kernel-selftest: handle missing -64.h headers 
Some toolchains ship only bits/*.h without the -64.h suffix,
causing the recipe to fail. Add a fallback to use *.h if
*-64.h is not found, and warn if neither exists.

Signed-off-by: Nylon Chen <nylon.chen@sifive.com>
Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9472f4a728)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-01 13:53:12 +02:00
jacobpanov 85c38da17b kernel-selftest: Fix PTP selftest compilation for kernel 6.7+ 
The PTP selftest fails to compile with kernel versions 6.7+ due to
missing header definitions for PTP_MASK_CLEAR_ALL and PTP_MASK_EN_SINGLE.
These definitions were introduced in kernel v6.7 with commit c5a445b.

This fix adds kernel headers to CFLAGS during compilation to ensure
the required definitions are available.

Error before fix:
testptp.c:613:31: error: 'PTP_MASK_CLEAR_ALL' undeclared
testptp.c:615:38: error: 'PTP_MASK_EN_SINGLE' undeclared

Fixes: #878
Signed-off-by: Jacob Panov <jacobpanov@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f30afbe04c)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-01 13:53:12 +02:00
Markus Volk 20af4f6420 malcontent: update 0.13.0 -> 0.13.1 
Bugs fixed:
(or any click on carousel's icons) (Philip Withnall)

!244 malcontent-control: Fix callback argument list

Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 827abeaf07)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-01 13:53:12 +02:00