Re: [oe] [meta-oe][scarthgap][kirkstone][PATCH] apache2: upgrade 2.4.65 -> 2.4.66

Wed, 24 Dec 2025 01:53:51 -0800 


On 12/24/2025 5:50 PM, Gyorgy Sarvari wrote:

CAUTION: This email comes from a non Wind River email account!
Do not click links or open attachments unless you recognize the sender and know 
the content is safe.

On 12/24/25 10:44, Zhang, Liyin (CN) via lists.openembedded.org wrote:

Hi,

May I ask why this CVE patch didn't merge in kirkstone branch?
https://git.openembedded.org/meta-openembedded/tree/meta-webserver/recipes-httpd/apache2?h=kirkstone
It is still apache2_2.4.65 in kirkstone.  We need this fix in kirkstone as well.

It is in staging[1], but it arrived after the previous batch was merged.
It is planned to be part of the next merge.

[1]:
https://git.openembedded.org/meta-openembedded-contrib/commit/?h=stable/kirkstone-nut&id=46a6fbcdcb710e09d640f91609738e79b5a617eb

OK, got it. Thank you so much.

Thanks,
Liyin

-----Original Message-----
From: [email protected] 
<[email protected]> On Behalf Of Valeria Petrov via 
lists.openembedded.org
Sent: Tuesday, December 9, 2025 4:51 AM
To: [email protected]
Cc: Valeria Petrov <[email protected]>; Khem Raj <[email protected]>
Subject: [oe] [meta-oe][scarthgap][kirkstone][PATCH] apache2: upgrade 2.4.65 -> 
2.4.66

CAUTION: This email comes from a non Wind River email account!
Do not click links or open attachments unless you recognize the sender and know 
the content is safe.

From: Valeria Petrov <[email protected]>

Security fixes:
- CVE-2025-66200
- CVE-2025-65082
- CVE-2025-59775
- CVE-2025-58098
- CVE-2025-55753

See: http://www.apache.org/dist/httpd/CHANGES_2.4.66

Signed-off-by: Valeria Petrov <[email protected]>
Signed-off-by: Khem Raj <[email protected]>
---
  .../apache2/{apache2_2.4.65.bb => apache2_2.4.66.bb}            | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)  rename 
meta-webserver/recipes-httpd/apache2/{apache2_2.4.65.bb => apache2_2.4.66.bb} 
(99%)

diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.65.bb 
b/meta-webserver/recipes-httpd/apache2/apache2_2.4.66.bb
similarity index 99%
rename from meta-webserver/recipes-httpd/apache2/apache2_2.4.65.bb
rename to meta-webserver/recipes-httpd/apache2/apache2_2.4.66.bb
index 98b2215f44..0e96643fc3 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.65.bb
+++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.66.bb
@@ -27,7 +27,7 @@ SRC_URI:append:class-target = " \
             "

  LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3"
-SRC_URI[sha256sum] = 
"58b8be97d9940ec17f7656c0c6b9f41b618aac468b894b534148e3296c53b8b3"
+SRC_URI[sha256sum] = 
"94d7ff2b42acbb828e870ba29e4cbad48e558a79c623ad3596e4116efcfea25a"

  S = "${WORKDIR}/httpd-${PV}"

--
2.25.1





-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#122881): 
https://lists.openembedded.org/g/openembedded-devel/message/122881
Mute This Topic: https://lists.openembedded.org/mt/116683862/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to