helium-3rd-party/meta-openembedded
1
0
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-04-02 02:49:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
34,015 Commits 63 Branches 0 Tags
Commit Graph

34015 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gyorgy Sarvari
c5f1156fb0 imagemagick: patch CVE-2025-57807 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-57807

Pick the commit mentioned in the details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
dce548569d imagemagick: patch CVE-2025-57803 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-57803

Pick the commit mentioned in the details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
2e0b5fe2ef imagemagick: patch CVE-2025-55212 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55212

Pick the patch that mentions the related github advisory in its commit message.

Also backport the missing function that the fix uses.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
188c714d2a imagemagick: patch CVE-2025-55160 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55160

Pick the commit that mentions the related github advisory in its commit message.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
63362396cb imagemagick: patch CVE-2025-55154 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55154

Pick the commit that mentions the related github advisory in its commit message.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
ccc4bcf76f imagemagick: patch CVE-2025-55005 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55005

Pick the patch that mentions the relevant github advisory in its commit message.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
75923b59dc imagemagick: patch CVE-2025-55004 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55004

Pick the patch that mentions the relevant github advisory in its commit message.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
4fb661fec1 imagemagick: patch CVE-2025-53101 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53101

Pick the patch mentioned in the details of the above link.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
e257ea4640 imagemagick: patch CVE-2025-53019 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53019

Pick the patch mentioned in the related github advisory.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
2eefeef2b7 imagemagick: patch CVE-2025-53015 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53015

Pick the patches that are mentioned in the relevant github advisory.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
ee51f8f457 imagemagick: patch CVE-2025-53014 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53014

Pick the patch mentioned in the related Github advisory.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Rajeshkumar Ramasamy
a28ca3adca open-vm-tools: upgrade 12.5.0 -> 12.5.4 
this release addressed below CVEs:
CVE-2025-22247
CVE-2025-41244

Changelog:
https://github.com/vmware/open-vm-tools/releases

Signed-off-by: Rajeshkumar Ramasamy <rajeshkumar.ramasamy@windriver.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
e87841beae gimp: patch CVE-2025-5473 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-5473

Pick the patch that resolved the relevant upstream bugreport:
https://gitlab.gnome.org/GNOME/gimp/-/issues/13910

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
b3d0641944 gimp: ignore CVE-2025-8672 
The vulnerability only affects MacOS: https://nvd.nist.gov/vuln/detail/CVE-2025-8672

While touching it, also remove an outdated CVE_STATUS, which has been reported against
a very old version of the application.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f516be2c45664c5c03b2245c02995a948e8d2e48)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
f47fdfd730 exiv2: patch CVE-2025-55304 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55304

Backport patch mentioned in the details of the vulnerability.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
40036aa47a exiv2: patch CVE-2025-54080 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-54080

Backport the patch mentioned in the details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
7907a3e206 exiv2: patch CVE-2025-26623 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-26623

Apply the first to PRs from the relevant issue.

(The second PR adds a test, and the 3rd PR tries to reimplement
correctly the feature that introduced the vulnerability:
it is switching some raw pointers to smart pointers. It was not picked
because the
1. In the original issue it is stated that the first PR itself
   fixes the vulnerability
2. The patch doesn't apply clean due to the time gap between our
   and their version
3. The behavior of the application does not change
)

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
7207c63b55 python3-django: ignore CVE-2025-27556 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-27556

Vulnerability affects only Windows - ignore it.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
97cd359c29 redis: patch CVE-2025-48367 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-48367

Backport the patch mentioned in the details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
1e7af79e70 redis: patch CVE-2025-32023 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-32023

Backport the patch mentioned in the details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
0436597eb6 redis: patch CVE-2025-27151 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-27151

Backport the patch mentioned in the details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
f786847743 redis: ignore CVE-2025-21605 
The vulnerability has been fixed in the used versions already,
upstream has backported it.

6.2.18: 5e93f9cb9d
7.2.8: 42fb340ce4

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
f7c6bcc1ce wireshark: patch CVE-2025-5601 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-5601

Backport the patch from the Gitlab issue linked in the details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
b31d192efb emacs: patch CVE-2024-39331 
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-39331

Pick the patch that's mentioned in thee details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
2ee73d842e emacs: patch CVE-2024-30205 
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-30205

Pick the patch that's in the description.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
36c85fe852 emacs: patch CVE-2024-30204 
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-30204

Pick the patch that's mentioned in the description.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
4408242e55 emacs: patch CVE-2024-30203 
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-30203

Pick the patch mentioned in the description.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
2d9e67618e emacs: patch CVE-2024-30202 
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-30202

Backport the patch mentioned in the details of the link.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
39c6b336cf dovecot: patch CVE-2022-30550 
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-30550

Pick the commit referenced in https://www.openwall.com/lists/oss-security/2022/07/08/1

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
c21d0a9268 civetweb: patch CVE-2025-55763 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55763

Pick the relevant commit from https://github.com/civetweb/civetweb/pull/1347/

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
36fa532688 apache2: patch CVE-2025-54090 
https://nvd.nist.gov/vuln/detail/CVE-2025-54090

A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true".

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Ankur Tyagi
dead2a0070 zlog: fix CVE-2024-22857 
Backport a fix from upstream
c47f781a9f

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Bartosz Golaszewski
1f3dd92f7b libgpiod: update to v2.2.2 
This is a bugfix release addressing issues in tools and core library. No
API changes.

Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 6914e20d63ab1c4378fc23ebd71b000be5fa131a)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Patrick Zacharias
34ec5a4bed libcanberra: Fix sound not playing on Colibri iMX8X 
Canberra does not specify a buffer size, which leads to ALSA rejecting the settings.
By specfiying a buffer time of 500ms and a period time with a fourth of that,
an appropriate buffer size can be calculated.

This behaviour is mimicked from aplay for compatibility.

Signed-off-by: Patrick Zacharias <1475802+Fighter19@users.noreply.github.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9d2dc82fcb598e17069855985c56952b1fec3184)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Sana Kazi
8011232b05 imagemagick: guard sed operations in do_install for optional files 
When PACKAGECONFIG options like 'cxx' 'webp' and 'xml' are disabled,
certain files such as Magick++-config.im7, configure.xml, or
delegates.xml are not installed. Unconditionally running sed
on these files results in errors during do_install
Error:
sed: can't read .../image/usr/bin/Magick++-config.im7: No such file or directory

Signed-off-by: Nikhil R <nikhilr5@kpit.com>
Signed-off-by: Sana Kazi <sanakazi720@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 27469599fa6302a90af252c5148daef26c4b2e81)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
d3b5d01a7b daemonize: update to latest revision 
Drop a patch that has been incorporated into this version.

(That is also the changelog - the only change is the accepted patch)

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a5cfc39eceb8d5bd0e563458e2d55e7c51cd6beb)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Denis OSTERLAND-HEIM
afbeb5281d libusbgx: fix example gadget start 
From variables docu:
> Setting it to "0" does not disable inhibition.
> Only the empty string will disable inhibition.

That means in case of examples enabled we need ""
and if not "1" to disable update-rc.d.

Signed-off-by: Denis OSTERLAND-HEIM <denis.osterland@diehl.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0ae908de1a5ea3de90e6051f038b3836c7027b0c)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Gyorgy Sarvari
88a7dc2d36 nmap: set correct license 
Nmap has switched from GPLv2 to  their own "Nmap Public Source
License" since a few release. Set it in the recipe accordingly.

The NPSL file in the license firectory has been downloaded
directly from https://svn.nmap.org/nmap/LICENSE

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 6c101fe29d9fb1d815efba4a45bd21f5c944cb88)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Yi Zhao
1c6c373554 nmap: set UPSTREAM_CHECK_REGEX 
Set UPSTREAM_CHECK_REGEX to check the correct latest stable verison.

Before the fix:
$ devtool latest-version nmap
INFO: Current version: 7.95
INFO: Latest version: 7.95-1

After the fix:
$ devtool latest-version nmap
INFO: Current version: 7.95
INFO: Latest version: 7.95

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 12e69dd55590bc5c44fcc30e3c68369723e56506)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:31 +02:00
Kéléfa Sané
c8b8a7cfcd crash: fix reproducibility 
Fix reproducibility issue by retrieving the compiler version from the CC
env variable, which define the compiler used in the build and not from
the native gcc compiler install in the host machine.

Signed-off-by: Kéléfa Sané <kelefa.sane@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit df7e1b55d5f40129ebffa1cb1b9c0dcd099b6eaa)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-13 09:21:23 +02:00
Nylon Chen
6cc88c4e9b kernel-selftest: handle missing -64.h headers 
Some toolchains ship only bits/*.h without the -64.h suffix,
causing the recipe to fail. Add a fallback to use *.h if
*-64.h is not found, and warn if neither exists.

Signed-off-by: Nylon Chen <nylon.chen@sifive.com>
Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9472f4a728b4ec228605e387de32697312e8e549)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-01 13:53:12 +02:00
jacobpanov
85c38da17b kernel-selftest: Fix PTP selftest compilation for kernel 6.7+ 
The PTP selftest fails to compile with kernel versions 6.7+ due to
missing header definitions for PTP_MASK_CLEAR_ALL and PTP_MASK_EN_SINGLE.
These definitions were introduced in kernel v6.7 with commit c5a445b.

This fix adds kernel headers to CFLAGS during compilation to ensure
the required definitions are available.

Error before fix:
testptp.c:613:31: error: 'PTP_MASK_CLEAR_ALL' undeclared
testptp.c:615:38: error: 'PTP_MASK_EN_SINGLE' undeclared

Fixes: #878
Signed-off-by: Jacob Panov <jacobpanov@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f30afbe04c2e09b002e820dc0f0537ab292940b4)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-01 13:53:12 +02:00
Markus Volk
20af4f6420 malcontent: update 0.13.0 -> 0.13.1 
Bugs fixed:
(or any click on carousel's icons) (Philip Withnall)

!244 malcontent-control: Fix callback argument list

Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 827abeaf07d7524f0aaec44ec79a67261fcce0f0)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-01 13:53:12 +02:00
Yoann Congal
48e1f70ef0 boinc-client: fix hostname reproducibility 
The generated svn_version.h contains the hostname which makes it
non-reproducible. Fix this by removing the hostname from the file.

Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f23543fb6e8dc8af1f50058ed5739c4419e462db)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-01 13:53:12 +02:00
Wang Mingyu
b4cdea2f82 parallel: upgrade 20250722 -> 20250822 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e52777c3ac8de882fc4ec3f080b400df17770fb1)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-01 13:53:12 +02:00
Wang Mingyu
dd313be320 parallel: upgrade 20250622 -> 20250722 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 482318ca4103e5b45ae03de593660046e091143b)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-01 13:53:12 +02:00
Wang Mingyu
645cbb65f2 parallel: upgrade 20250522 -> 20250622 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 3afbc2b0b8565322048f9937045ae922d078951f)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-01 13:53:12 +02:00
Wang Mingyu
5e0632b5a9 parallel: upgrade 20250422 -> 20250522 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1a01da40edd694bff85e4af4e38e76db44aededa)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-01 13:53:12 +02:00
Wang Mingyu
b78d7e24d1 parallel: upgrade 20250322 -> 20250422 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit dd4e71817df9ba6dbf1797689bd4e3da063d249c)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-01 13:53:12 +02:00
Louis Rannou
292ffc8951 mosquitto: bump to 2.0.21 
Upgrade to mosquitto 2.0.21. Update the patch status for issue 2895 and create a
new patch for an issue introduced in 2.0.19 which causes connections to get down
when the clock is changed.

Signed-off-by: Louis Rannou <louis.rannou@non.se.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2a27eacee2dc066365e32bafa66c666bcd93b3ca)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 2025-10-01 13:53:12 +02:00