c5f1156fb0
imagemagick: patch CVE-2025-57807
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-57807
Pick the commit mentioned in the details.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
dce548569d
imagemagick: patch CVE-2025-57803
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-57803
Pick the commit mentioned in the details.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
2e0b5fe2ef
imagemagick: patch CVE-2025-55212
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55212
Pick the patch that mentions the related github advisory in its commit message.
Also backport the missing function that the fix uses.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
188c714d2a
imagemagick: patch CVE-2025-55160
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55160
Pick the commit that mentions the related github advisory in its commit message.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
63362396cb
imagemagick: patch CVE-2025-55154
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55154
Pick the commit that mentions the related github advisory in its commit message.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
ccc4bcf76f
imagemagick: patch CVE-2025-55005
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55005
Pick the patch that mentions the relevant github advisory in its commit message.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
75923b59dc
imagemagick: patch CVE-2025-55004
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55004
Pick the patch that mentions the relevant github advisory in its commit message.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
4fb661fec1
imagemagick: patch CVE-2025-53101
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53101
Pick the patch mentioned in the details of the above link.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
e257ea4640
imagemagick: patch CVE-2025-53019
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53019
Pick the patch mentioned in the related github advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
2eefeef2b7
imagemagick: patch CVE-2025-53015
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53015
Pick the patches that are mentioned in the relevant github advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
ee51f8f457
imagemagick: patch CVE-2025-53014
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53014
Pick the patch mentioned in the related Github advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
a28ca3adca
open-vm-tools: upgrade 12.5.0 -> 12.5.4
...
this release addressed below CVEs:
CVE-2025-22247
CVE-2025-41244
Changelog:
https://github.com/vmware/open-vm-tools/releases
Signed-off-by: Rajeshkumar Ramasamy <rajeshkumar.ramasamy@windriver.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
e87841beae
gimp: patch CVE-2025-5473
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-5473
Pick the patch that resolved the relevant upstream bugreport:
https://gitlab.gnome.org/GNOME/gimp/-/issues/13910
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
b3d0641944
gimp: ignore CVE-2025-8672
...
The vulnerability only affects MacOS: https://nvd.nist.gov/vuln/detail/CVE-2025-8672
While touching it, also remove an outdated CVE_STATUS, which has been reported against
a very old version of the application.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit f516be2c45skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
f47fdfd730
exiv2: patch CVE-2025-55304
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55304
Backport patch mentioned in the details of the vulnerability.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
40036aa47a
exiv2: patch CVE-2025-54080
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-54080
Backport the patch mentioned in the details.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
7907a3e206
exiv2: patch CVE-2025-26623
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-26623
Apply the first to PRs from the relevant issue.
(The second PR adds a test, and the 3rd PR tries to reimplement
correctly the feature that introduced the vulnerability:
it is switching some raw pointers to smart pointers. It was not picked
because the
1. In the original issue it is stated that the first PR itself
fixes the vulnerability
2. The patch doesn't apply clean due to the time gap between our
and their version
3. The behavior of the application does not change
)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
7207c63b55
python3-django: ignore CVE-2025-27556
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-27556
Vulnerability affects only Windows - ignore it.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
97cd359c29
redis: patch CVE-2025-48367
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-48367
Backport the patch mentioned in the details.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
1e7af79e70
redis: patch CVE-2025-32023
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-32023
Backport the patch mentioned in the details.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
0436597eb6
redis: patch CVE-2025-27151
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-27151
Backport the patch mentioned in the details.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
f786847743
redis: ignore CVE-2025-21605
...
The vulnerability has been fixed in the used versions already,
upstream has backported it.
6.2.18: https://github.com/redis/redis/commit/5e93f9cb9dbc3e7ac9bce36f2838156cbc5c9e62
7.2.8: https://github.com/redis/redis/commit/42fb340ce426364d64f5dccc9c2549e58f48ac6f
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
f7c6bcc1ce
wireshark: patch CVE-2025-5601
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-5601
Backport the patch from the Gitlab issue linked in the details.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
b31d192efb
emacs: patch CVE-2024-39331
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-39331
Pick the patch that's mentioned in thee details.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
2ee73d842e
emacs: patch CVE-2024-30205
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-30205
Pick the patch that's in the description.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
36c85fe852
emacs: patch CVE-2024-30204
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-30204
Pick the patch that's mentioned in the description.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
4408242e55
emacs: patch CVE-2024-30203
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-30203
Pick the patch mentioned in the description.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
2d9e67618e
emacs: patch CVE-2024-30202
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-30202
Backport the patch mentioned in the details of the link.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
39c6b336cf
dovecot: patch CVE-2022-30550
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-30550
Pick the commit referenced in https://www.openwall.com/lists/oss-security/2022/07/08/1
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
c21d0a9268
civetweb: patch CVE-2025-55763
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55763
Pick the relevant commit from https://github.com/civetweb/civetweb/pull/1347/
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
36fa532688
apache2: patch CVE-2025-54090
...
https://nvd.nist.gov/vuln/detail/CVE-2025-54090
A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true".
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
dead2a0070
zlog: fix CVE-2024-22857
...
Backport a fix from upstream
https://github.com/HardySimpson/zlog/commit/c47f781a9f1e9604f5201e27d046d925d0d48ac4
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
1f3dd92f7b
libgpiod: update to v2.2.2
...
This is a bugfix release addressing issues in tools and core library. No
API changes.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 6914e20d63ankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
34ec5a4bed
libcanberra: Fix sound not playing on Colibri iMX8X
...
Canberra does not specify a buffer size, which leads to ALSA rejecting the settings.
By specfiying a buffer time of 500ms and a period time with a fourth of that,
an appropriate buffer size can be calculated.
This behaviour is mimicked from aplay for compatibility.
Signed-off-by: Patrick Zacharias <1475802+Fighter19@users.noreply.github.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 9d2dc82fcbankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
8011232b05
imagemagick: guard sed operations in do_install for optional files
...
When PACKAGECONFIG options like 'cxx' 'webp' and 'xml' are disabled,
certain files such as Magick++-config.im7, configure.xml, or
delegates.xml are not installed. Unconditionally running sed
on these files results in errors during do_install
Error:
sed: can't read .../image/usr/bin/Magick++-config.im7: No such file or directory
Signed-off-by: Nikhil R <nikhilr5@kpit.com >
Signed-off-by: Sana Kazi <sanakazi720@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 27469599faankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
d3b5d01a7b
daemonize: update to latest revision
...
Drop a patch that has been incorporated into this version.
(That is also the changelog - the only change is the accepted patch)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit a5cfc39eceankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
afbeb5281d
libusbgx: fix example gadget start
...
From variables docu:
> Setting it to "0" does not disable inhibition.
> Only the empty string will disable inhibition.
That means in case of examples enabled we need ""
and if not "1" to disable update-rc.d.
Signed-off-by: Denis OSTERLAND-HEIM <denis.osterland@diehl.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 0ae908de1aankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
88a7dc2d36
nmap: set correct license
...
Nmap has switched from GPLv2 to their own "Nmap Public Source
License" since a few release. Set it in the recipe accordingly.
The NPSL file in the license firectory has been downloaded
directly from https://svn.nmap.org/nmap/LICENSE
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 6c101fe29dankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
1c6c373554
nmap: set UPSTREAM_CHECK_REGEX
...
Set UPSTREAM_CHECK_REGEX to check the correct latest stable verison.
Before the fix:
$ devtool latest-version nmap
INFO: Current version: 7.95
INFO: Latest version: 7.95-1
After the fix:
$ devtool latest-version nmap
INFO: Current version: 7.95
INFO: Latest version: 7.95
Signed-off-by: Yi Zhao <yi.zhao@windriver.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 12e69dd555ankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:31 +02:00
c8b8a7cfcd
crash: fix reproducibility
...
Fix reproducibility issue by retrieving the compiler version from the CC
env variable, which define the compiler used in the build and not from
the native gcc compiler install in the host machine.
Signed-off-by: Kéléfa Sané <kelefa.sane@smile.fr >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit df7e1b55d5ankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-13 09:21:23 +02:00
6cc88c4e9b
kernel-selftest: handle missing -64.h headers
...
Some toolchains ship only bits/*.h without the -64.h suffix,
causing the recipe to fail. Add a fallback to use *.h if
*-64.h is not found, and warn if neither exists.
Signed-off-by: Nylon Chen <nylon.chen@sifive.com >
Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 9472f4a728ankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-01 13:53:12 +02:00
85c38da17b
kernel-selftest: Fix PTP selftest compilation for kernel 6.7+
...
The PTP selftest fails to compile with kernel versions 6.7+ due to
missing header definitions for PTP_MASK_CLEAR_ALL and PTP_MASK_EN_SINGLE.
These definitions were introduced in kernel v6.7 with commit c5a445b.
This fix adds kernel headers to CFLAGS during compilation to ensure
the required definitions are available.
Error before fix:
testptp.c:613:31: error: 'PTP_MASK_CLEAR_ALL' undeclared
testptp.c:615:38: error: 'PTP_MASK_EN_SINGLE' undeclared
Fixes : #878
Signed-off-by: Jacob Panov <jacobpanov@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit f30afbe04cankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-01 13:53:12 +02:00
20af4f6420
malcontent: update 0.13.0 -> 0.13.1
...
Bugs fixed:
(or any click on carousel's icons) (Philip Withnall)
!244 malcontent-control: Fix callback argument list
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 827abeaf07ankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-01 13:53:12 +02:00
48e1f70ef0
boinc-client: fix hostname reproducibility
...
The generated svn_version.h contains the hostname which makes it
non-reproducible. Fix this by removing the hostname from the file.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit f23543fb6eankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-01 13:53:12 +02:00
b4cdea2f82
parallel: upgrade 20250722 -> 20250822
...
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit e52777c3acankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-01 13:53:12 +02:00
dd313be320
parallel: upgrade 20250622 -> 20250722
...
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 482318ca41ankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-01 13:53:12 +02:00
645cbb65f2
parallel: upgrade 20250522 -> 20250622
...
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 3afbc2b0b8ankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-01 13:53:12 +02:00
5e0632b5a9
parallel: upgrade 20250422 -> 20250522
...
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 1a01da40edankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-01 13:53:12 +02:00
b78d7e24d1
parallel: upgrade 20250322 -> 20250422
...
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit dd4e71817dankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-01 13:53:12 +02:00
292ffc8951
mosquitto: bump to 2.0.21
...
Upgrade to mosquitto 2.0.21. Update the patch status for issue 2895 and create a
new patch for an issue introduced in 2.0.19 which causes connections to get down
when the clock is changed.
Signed-off-by: Louis Rannou <louis.rannou@non.se.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 2a27eacee2ankur.tyagi85@gmail.com >
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
2025-10-01 13:53:12 +02:00
Gyorgy Sarvari
Rajeshkumar Ramasamy
Ankur Tyagi
Bartosz Golaszewski
Patrick Zacharias
Sana Kazi
Denis OSTERLAND-HEIM
Yi Zhao
Kéléfa Sané
Nylon Chen
jacobpanov
Markus Volk
Yoann Congal
Wang Mingyu
Louis Rannou