From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/22] Patch review
Date: Tue, 25 Feb 2025 06:29:35 -0800 [thread overview]
Message-ID: <cover.1740493685.git.steve@sakoman.com> (raw)
Please review this set of hcanges for kirkstone and have comments back by
end of day Thursday, February 27
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1076
The following changes since commit 573f5b2d8fec9f8a4ed17e836ef3feeb6de62e5a:
procps: replaced one use of fputs(3) with a write(2) call (2025-02-19 06:43:20 -0800)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Archana Polampalli (5):
gstreamer1.0-rtsp-server: fix CVE-2024-44331
ffmpeg: fix CVE-2024-36618
ffmpeg: fix CVE-2024-28661
ffmpeg: fix CVE-2024-35369
ffmpeg: fix CVE-2025-25473
Carlos Dominguez (1):
u-boot: Fix CVE-2022-30767
Divya Chellam (1):
vim: Upgrade 9.1.0764 -> 9.1.1043
Hitendra Prajapati (1):
libcap: fix CVE-2025-1390
Hongxu Jia (6):
u-boot: fix CVE-2024-57254
u-boot: fix CVE-2024-57255
u-boot: fix CVE-2024-57256
u-boot: fix CVE-2024-57257
u-boot: fix CVE-2024-57258
u-boot: fix CVE-2024-57259
Kai Kang (2):
Revert "ovmf: Fix CVE-2023-45237"
Revert "ovmf: Fix CVE-2023-45236"
Peter Marko (5):
libxml2: fix compilation of explicit child axis in pattern
libxml2: patch CVE-2024-56171
libxml2: patch CVE-2025-24928
ffmpeg: ignore 5 CVEs
ffmpeg: ignore CVE-2024-7272
Sakib Sajal (1):
u-boot: fix CVE-2022-2347 and CVE-2022-30790
.../u-boot/files/0001-CVE-2022-30767.patch | 44 +
.../u-boot/files/CVE-2022-2347_1.patch | 129 ++
.../u-boot/files/CVE-2022-2347_2.patch | 66 +
.../u-boot/files/CVE-2022-30790.patch | 149 ++
.../u-boot/files/CVE-2024-57254.patch | 47 +
.../u-boot/files/CVE-2024-57255.patch | 53 +
.../u-boot/files/CVE-2024-57256.patch | 51 +
.../u-boot/files/CVE-2024-57257.patch | 228 +++
.../u-boot/files/CVE-2024-57258-1.patch | 47 +
.../u-boot/files/CVE-2024-57258-2.patch | 43 +
.../u-boot/files/CVE-2024-57258-3.patch | 40 +
.../u-boot/files/CVE-2024-57259.patch | 41 +
meta/recipes-bsp/u-boot/u-boot_2022.01.bb | 12 +
...x-compilation-of-explicit-child-axis.patch | 31 +
.../libxml/libxml2/CVE-2024-56171.patch | 42 +
.../libxml/libxml2/CVE-2025-24928.patch | 58 +
meta/recipes-core/libxml/libxml2_2.9.14.bb | 3 +
.../ovmf/ovmf/CVE-2023-45236.patch | 829 -----------
.../ovmf/ovmf/CVE-2023-45237-0001.patch | 78 -
.../ovmf/ovmf/CVE-2023-45237-0002.patch | 1288 -----------------
meta/recipes-core/ovmf/ovmf_git.bb | 3 -
.../ffmpeg/ffmpeg/CVE-2024-28661.patch | 40 +
.../ffmpeg/ffmpeg/CVE-2024-35369.patch | 38 +
.../ffmpeg/ffmpeg/CVE-2024-36618.patch | 36 +
.../ffmpeg/ffmpeg/CVE-2025-25473.patch | 36 +
.../recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb | 27 +
.../CVE-2024-44331.patch | 44 +
.../gstreamer1.0-rtsp-server_1.20.7.bb | 4 +-
.../libcap/files/CVE-2025-1390.patch | 36 +
meta/recipes-support/libcap/libcap_2.66.bb | 1 +
meta/recipes-support/vim/vim.inc | 4 +-
31 files changed, 1347 insertions(+), 2201 deletions(-)
create mode 100644 meta/recipes-bsp/u-boot/files/0001-CVE-2022-30767.patch
create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2022-2347_1.patch
create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2022-2347_2.patch
create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2022-30790.patch
create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2024-57254.patch
create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2024-57255.patch
create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2024-57256.patch
create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2024-57257.patch
create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2024-57258-1.patch
create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2024-57258-2.patch
create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2024-57258-3.patch
create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2024-57259.patch
create mode 100644 meta/recipes-core/libxml/libxml2/0001-pattern-Fix-compilation-of-explicit-child-axis.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2024-56171.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-24928.patch
delete mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45236.patch
delete mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45237-0001.patch
delete mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45237-0002.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-28661.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35369.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36618.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-25473.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server/CVE-2024-44331.patch
create mode 100644 meta/recipes-support/libcap/files/CVE-2025-1390.patch
--
2.43.0
next reply other threads:[~2025-02-25 14:30 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-25 14:29 Steve Sakoman [this message]
2025-02-25 14:29 ` [OE-core][kirkstone 01/22] u-boot: Fix CVE-2022-30767 Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 02/22] u-boot: fix CVE-2022-2347 and CVE-2022-30790 Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 03/22] u-boot: fix CVE-2024-57254 Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 04/22] u-boot: fix CVE-2024-57255 Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 05/22] u-boot: fix CVE-2024-57256 Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 06/22] u-boot: fix CVE-2024-57257 Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 07/22] u-boot: fix CVE-2024-57258 Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 08/22] u-boot: fix CVE-2024-57259 Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 09/22] Revert "ovmf: Fix CVE-2023-45237" Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 10/22] Revert "ovmf: Fix CVE-2023-45236" Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 11/22] libxml2: fix compilation of explicit child axis in pattern Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 12/22] libxml2: patch CVE-2024-56171 Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 13/22] libxml2: patch CVE-2025-24928 Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 14/22] libcap: fix CVE-2025-1390 Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 15/22] ffmpeg: ignore 5 CVEs Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 16/22] ffmpeg: ignore CVE-2024-7272 Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 17/22] gstreamer1.0-rtsp-server: fix CVE-2024-44331 Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 18/22] ffmpeg: fix CVE-2024-36618 Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 19/22] ffmpeg: fix CVE-2024-28661 Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 20/22] ffmpeg: fix CVE-2024-35369 Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 21/22] ffmpeg: fix CVE-2025-25473 Steve Sakoman
2025-02-25 14:29 ` [OE-core][kirkstone 22/22] vim: Upgrade 9.1.0764 -> 9.1.1043 Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2024-09-11 23:22 [OE-core][kirkstone 00/22] Patch review Steve Sakoman
2024-02-25 21:52 Steve Sakoman
2023-03-15 14:00 Steve Sakoman
2022-06-08 14:39 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1740493685.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.