[pull] master from buildroot:master#861
Merged
pull[bot] merged 6 commits intomir-one:masterfrom Feb 11, 2026
Merged
Conversation
Fixes the following security issues: - CVE-2025-13473 (low): Username enumeration through timing difference in mod_wsgi authentication handler - CVE-2025-14550 (moderate): Potential denial-of-service vulnerability via repeated headers when using ASGI - CVE-2026-1207 (high): Potential SQL injection via raster lookups on PostGIS - CVE-2026-1285 (moderate): Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods - CVE-2026-1287 (high): Potential SQL injection in column aliases via control characters - CVE-2026-1312 (high): Potential SQL injection via QuerySet.order_by and FilteredRelation See the release notes here: https://docs.djangoproject.com/en/dev/releases/6.0.2/ Also includes the bugfixes from version 6.0.1: https://docs.djangoproject.com/en/dev/releases/6.0.1/ Signed-off-by: Manuel Diener <[email protected]> Signed-off-by: Marcus Hoffmann <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
Updated license hash due to copyright year bump: strace/strace@4d6755b This bump includes two upstream commits strace/strace@bf93845 strace/strace@822b5e8 that fix build errors introduced by the bump of linux-headers to version 6.19 with buildroot commit 5661507. This bump is not included in any buildroot LTS branch so no backport necessary. Fixes: https://autobuild.buildroot.net/results/7a3/7a35bfcae87b1fbe1d6e0c4271a364ce330c1d51/ Signed-off-by: Bernd Kuhls <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
- Requirement for Boost.DateTime was removed in 2.54.0 [0] - Requirement for Boost.System was removed in 2.59.0 [1] - drop "WITH_GUI" conf_opt as it was dropped in 2.32.0 [2] - LICENSE hash changed due to year bump. Release notes: https://github.com/PurpleI2P/i2pd/releases/tag/2.59.0 [0] PurpleI2P/i2pd@0992a51 [1] PurpleI2P/i2pd@06a86f3 [2] PurpleI2P/i2pd@db6a0e6 Signed-off-by: Michael Nosthoff <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
Changelog: pikvm/ustreamer@v6.42...v6.52 Signed-off-by: Kadambini Nema <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
This version builds up to Linux version 6.19. Fixes: still not happened Signed-off-by: Giulio Benetti <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
The CPIO filesystem generated by the test_firewalld test is too large, and doesn't fit as an initramfs in the 256MB of RAM available in the versatilepb machine. This causes a "Initramfs unpacking failed: write error" when booting, and many files being missing from the root filesystem, ultimately causing the test to fail. The test_firewalld test initially started to fail following a systemd update [1][3]: [BRTEST# systemctl is-active firewalld failed But really started to crash at boot following a python 3.14 update [2][4]: Run /init as init process /init: exec: line 15: /sbin/init: not found Also, update TestFirewalldSysVInit to use ext2 instead of cpio. [1] 926e050 [2] a0a6abc Fixes: [3] https://gitlab.com/buildroot.org/buildroot/-/jobs/12944797059 [4] https://gitlab.com/buildroot.org/buildroot/-/jobs/11856840940 Signed-off-by: Romain Naour <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )