openRuyi-tutorials/buildroot
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CHANGES: update for 2025.11.3

Browse Source 
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Arnout Vandecappelle <arnout@rnout.be>
(cherry picked from commit 91f60590fd)
This commit is contained in:
Thomas Perale
2026-03-17 21:03:00 +01:00
committed by Arnout Vandecappelle
parent a21946562b
commit 4cc0e959ff
1 changed files with 58 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
CHANGES
View File

@@ -101,6 +101,64 @@
- How can I make the 'en_US' locale by default?
https://gitlab.com/buildroot.org/buildroot/-/issues/161
2025.11.3, released March 17, 2026
Important / security related fixes:
botan: CVE-2024-50382, CVE-2024-50383
c-ares: CVE-2025-62408
clamav: CVE-2026-20031
containerd: CVE-2024-25621, CVE-2024-40635, CVE-2025-47291,
CVE-2025-64329
cups: CVE-2025-58436, CVE-2025-61915
exiv2: CVE-2026-25884, CVE-2026-27596, CVE-2026-27631
fluidsynth: CVE-2025-56225
freerdp: CVE-2024-32661, CVE-2026-23530, CVE-2026-23531,
CVE-2026-23532, CVE-2026-23533, CVE-2026-23534, CVE-2026-23948,
CVE-2026-24675, CVE-2026-24676, CVE-2026-24679, CVE-2026-24681,
CVE-2026-24682, CVE-2026-24683
freetype: CVE-2026-23865
graphicsmagick, CVE-2025-27796
igmpproxy: CVE-2025-50681
imagemagick: CVE-2026-22770, CVE-2026-23874, CVE-2026-23876,
CVE-2026-24481, CVE-2026-25638, CVE-2026-25794, CVE-2026-25795,
CVE-2026-25796, CVE-2026-25798, CVE-2026-25799, CVE-2026-25897,
CVE-2026-25989, CVE-2026-26066, CVE-2026-26283, CVE-2026-26284,
CVE-2026-26983
jasper: CVE-2025-8836, CVE-2025-8837
libsoup3: CVE-2025-14523
libssh: CVE-2025-14821, CVE-2026-0964, CVE-2026-0965, CVE-2026-0966,
CVE-2026-0967, CVE-2026-0968
libtpms: CVE-2026-21444
mupdf: CVE-2026-25556
netsnmp: CVE-2025-68615
patch: CVE-2018-6952, CVE-2019-20633
postgresql: CVE-2026-2003, CVE-2026-2004, CVE-2026-2005, CVE-2026-2006
python-multipart: CVE-2026-24486
rtl_433: CVE-2025-34450
squid: CVE-2025-62168
tinyproxy: CVE-2025-63938
vim: CVE-2026-25749, CVE-2026-26269
wpewebkit: CVE-2025-31273, CVE-2025-31278, CVE-2025-43211,
CVE-2025-43212, CVE-2025-43216, CVE-2025-43227, CVE-2025-43228,
CVE-2025-43240, CVE-2025-43265, CVE-2025-43272, CVE-2025-43342,
CVE-2025-43343, CVE-2025-43356, CVE-2025-43368, CVE-2025-6558
Infrastructure updates/fixes:
linux: make license option visible for _CUSTOM_VERSION as well
support/testing/run-tests: fix Debian testing/unstable
Updated / fixed packages: botan, c-ares, clamav, containerd, cups,
docker, dtc, exiv2, faketime, flashbench, freerdp, freetype,
graphicsmagick, igmpproxy, imagemagick, jasper, libsoup3, libssh,
libtpms, libvips, libvirt, libzlib, mpir, mupdf, netsnmp, patch, poco,
postgresql, python3, python-multipart, qemu, rtl_433, samba4, snort,
squid, tinyproxy, util-linux, vim, webkitgtk, wireshark, wmctrl,
wpewebkit
Removed packages: qemu (cris target), python3 (ossaudiodev)
2025.11.2, released February 20, 2026
avahi: CVE-2021-3468, CVE-2023-38469, CVE-2023-38470, CVE-2023-38471,