CHANGES: update for 2025.02.5
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be> Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
This commit is contained in:
Titouan Christophe
committed by
Arnout Vandecappelle
Arnout Vandecappelle
parent
8ffaffb0b9
commit
874b83cd01
102
CHANGES
102
CHANGES
@@ -1,3 +1,105 @@
|
||||
2025.02.5, released August 11, 2025
|
||||
|
||||
Important / security related fixes:
|
||||
- Bump mbedtls to version 3.6.4, this affect many packages depending on it.
|
||||
Also fixes CVE-2025-47917, CVE-2025-48965, CVE-2025-49087,
|
||||
CVE-2025-49600, CVE-2025-49601, CVE-2025-52496, CVE-2025-52497
|
||||
- samba4: support Windows security hardening
|
||||
- apache: CVE-2025-53020, CVE-2025-49812, CVE-2025-49630, CVE-2025-23048,
|
||||
CVE-2024-47252, CVE-2024-43394, CVE-2024-43204, CVE-2024-42516,
|
||||
CVE-2025-54090
|
||||
- assimp: CVE-2025-2750, CVE-2025-2751, CVE-2025-2757, CVE-2025-3158
|
||||
- clamav: CVE-2025-20260
|
||||
- edk2: CVE-2024-38805
|
||||
- git: CVE-2025-27613, CVE-2025-27614, CVE-2025-46835, CVE-2025-48384,
|
||||
CVE-2025-48385, CVE-2025-48386
|
||||
- jose: CVE-2023-50967
|
||||
- libarchive: CVE-2025-5914, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917,
|
||||
CVE-2025-5918
|
||||
- libavif: CVE-2025-48174, CVE-2025-48175
|
||||
- libblockdev: CVE-2025-6019
|
||||
- libbpf: CVE-2025-29481
|
||||
- libheif: CVE-2025-43966, CVE-2025-43967
|
||||
- libhtp: CVE-2024-45797
|
||||
- libsoup: CVE-2024-52530, CVE-2024-52531, CVE-2024-52532, CVE-2025-2784,
|
||||
CVE-2025-4476, CVE-2025-4948, CVE-2025-4969, CVE-2025-32050,
|
||||
CVE-2025-32052, CVE-2025-32053, CVE-2025-32906, CVE-2025-32910,
|
||||
CVE-2025-32911, CVE-2025-32912, CVE-2025-32913, CVE-2025-32914,
|
||||
CVE-2025-46420, CVE-2025-46421
|
||||
- libxml2: CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49796,
|
||||
CVE-2025-49795
|
||||
- micropython: CVE-2024-8947
|
||||
- modsecurity2: CVE-2025-47947, CVE-2025-48866
|
||||
- orc: CVE-2024-40897
|
||||
- php: CVE-2025-1735, CVE-2025-6491, CVE-2025-1220
|
||||
- python-aiohttp: CVE-2025-53643
|
||||
- python-starlette: CVE-2025-54121
|
||||
- python-urllib3: CVE-2025-50181, CVE-2025-50182
|
||||
- python3: CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4435,
|
||||
CVE-2025-4517
|
||||
- redis: CVE-2025-32023, CVE-2025-48367
|
||||
- shim: CVE-2024-2312
|
||||
- sngrep: CVE-2024-3119, CVE-2024-3120
|
||||
- sudo: CVE-2025-32462, CVE-2025-32463
|
||||
- tcpreplay: CVE-2023-4256, CVE-2023-43279, CVE-2024-22654
|
||||
- tinyxml: CVE-2023-34194
|
||||
- wpewebkit: CVE-2024-27856, CVE-2024-40866, CVE-2024-44185,
|
||||
CVE-2024-44187, CVE-2024-44192, CVE-2024-44244, CVE-2024-44296,
|
||||
CVE-2024-44308, CVE-2024-44309, CVE-2024-54467, CVE-2024-54479,
|
||||
CVE-2024-54502, CVE-2024-54505, CVE-2024-54508, CVE-2024-54534,
|
||||
CVE-2024-54543, CVE-2024-54551, CVE-2024-54658, CVE-2025-24143,
|
||||
CVE-2025-24150, CVE-2025-24158, CVE-2025-24162, CVE-2025-24201,
|
||||
CVE-2025-24208, CVE-2025-24209, CVE-2025-24213, CVE-2025-24216,
|
||||
CVE-2025-24223, CVE-2025-24264, CVE-2025-30427, CVE-2025-31204,
|
||||
CVE-2025-31205, CVE-2025-31206, CVE-2025-31215, CVE-2025-31257
|
||||
- xorg-server / xwayland: CVE-2025-49175, CVE-2025-49176, CVE-2025-49177,
|
||||
CVE-2025-49178, CVE-2025-49179, CVE-2025-49180
|
||||
|
||||
Updated / fixed packages: avrdude, berkeleydb, binutils, bmx7, boot/shim,
|
||||
boot/syslinux, ca-certificates, chartjs, cifs-utils, cpp-httplib, cpulimit,
|
||||
daq, elfutils, eudev, fwupd, gcc, gnuplot, gstreamer1-editing-services,
|
||||
gumbo-parser, gvfs, haproxy, hddtemp, kvmtool, libargtable, libcddb,
|
||||
libconfuse, libcrossguid, libcurl, libesmtp, libgcrypt, libiec61850,
|
||||
libmanette, libmicrohttpd, libmpeg2, libndp, libopenssl, libp11, libssh2,
|
||||
libuhttpd, libva, linux, linux-tools (rtla), lrzsz, ltp-testsuite, lua,
|
||||
modem-manager, modsecurity2, mosquitto, mpv, mupdf, ncmpc, net-tools,
|
||||
network-manager, nginx-modsecurity, ntp, oniguruma, openblas, orc, parted,
|
||||
python-asgiref, python-cython, python-dbus-fast, python-fastapi,
|
||||
python-future, python-msgpack, python-multipart, python-remi,
|
||||
python-setuptools, qpid-proton, rauc-hawkbit-updater, rtl8188eu, rtl8723bu,
|
||||
rtl8723ds, rtl8821au, rust, shadowsock-libev, shairport-sync, sox, sqlite,
|
||||
squashfs, systemd, tailscale, tor, uclibc, ustream-ssl, watchdog,
|
||||
webkitgtk, xen
|
||||
|
||||
Removed package: libolm, libwebsock
|
||||
|
||||
Infrastructure updates / fixes:
|
||||
- python-glslang is now a host package only
|
||||
- Makefile unexports are now fixed and sorted
|
||||
- Hide GCC versions for unsupported CPUs
|
||||
- check-package: handle missing files
|
||||
- test-pkg: stop on sigint
|
||||
- check-host-cmake.mk: set host-cmake max version
|
||||
- toolchain/toolchain-wrapper.c:
|
||||
- correct CCACHE_BASEDIR comment
|
||||
- slightly simplify cmdline copying
|
||||
- get rid of EXCLUSIVE_ARGS
|
||||
|
||||
Test improvements:
|
||||
- nginx-modsecurity: new test
|
||||
- gumbo-parser: new runtime test
|
||||
- add a crun-based runtime test for docker-compose
|
||||
- test_xen: add a base class
|
||||
- test_xen: test on 32-bit Arm v7
|
||||
- test_xen: rename TestXen to TestXenAarch64
|
||||
|
||||
Boards updated / fixed:
|
||||
- globalscale_espressobin: update linux
|
||||
- freescale/mxs: fix linux booting
|
||||
- ti_am62x_sk: bump Linux version
|
||||
- raspberrypi5: fix failing build because of missing in-kernel dts
|
||||
|
||||
|
||||
2025.02.4, released June 23th, 2025
|
||||
|
||||
Important / security related fixes:
|
||||
|
||||
Reference in New Issue
Block a user