Mirror of git.openembedded.org/meta-openembedded https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=wrynose 2026-04-01T20:16:40+00:00 2026-04-01T20:16:40+00:00 Gyorgy Sarvari skandigraun@gmail.com 2026-03-31T11:38:34+00:00 urn:sha1:6eb5b0ec144614d94cd13d9e6c3d1248585b0f4a This CVE is disputed, and it is now tracked with an old version of the application, it doesn't show up in the CVE report anymore. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com> 2026-03-20T21:13:10+00:00 Gyorgy Sarvari skandigraun@gmail.com 2026-03-20T12:03:53+00:00 urn:sha1:03fbb8fd0410b7a32ec4f9a21cf2811377df4109 This CVE is now tracked with the correct version info by NVD. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> 2026-03-18T21:33:32+00:00 Gyorgy Sarvari skandigraun@gmail.com 2026-03-17T17:23:44+00:00 urn:sha1:0abb9a484ebb10785126dbbbd88b85b50c061bd3 Contains fix for CVE-2026-32597. Since NVD tracks this CVE without version info, mark the CVE explicitly patched. Changes: 2.12.1: Add typing_extensions dependency for Python < 3.11 2.12.0: chore(docs): fix docs build Annotate PyJWKSet.keys for pyright fix: close HTTPError to prevent ResourceWarning on Python 3.14 chore: remove superfluous constants chore(tests): enable mypy Bump actions/download-artifact from 7 to 8 fix: do not store reference to algorithms dict on PyJWK Use PyJWK algorithm when encoding without explicit algorithm Validate the crit (Critical) Header Parameter defined in RFC 7515 §4.1.11. (CVE-2026-32597) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>