[OE-core][scarthgap 00/14] Patch review

[Steve Sakoman <steve@sakoman.com>]

Please review this set of changes for scarthgap and have comments back by
end of day Friday, April 25

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1437

The following changes since commit 04038ecd1edd6592b826665a2b787387bb7074fa:

  build-appliance-image: Update to scarthgap head revision (2025-04-19 14:43:09 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Ashish Sharma (1):
  binutils: patch CVE-2025-1182

Guðni Már Gilbert (2):
  systemd: upgrade 255.17 -> 255.18
  bluez5: add missing tools to noinst-tools package

Igor Opaniuk (1):
  wic: bootimg-efi: Support + symbol in filenames

Peter Marko (2):
  sqlite3: patch CVE-2025-3277
  sqlite3: patch CVE-2025-29088

Soumya Sambu (1):
  python3-jinja2: upgrade 3.1.4 -> 3.1.6

Vijay Anusuri (5):
  libsoup: Fix CVE-2025-32910
  libsoup: Fix CVE-2025-32909
  libsoup: Fix CVE-2025-32911 & CVE-2025-32913
  libsoup: Fix CVE-2025-32912
  libsoup: Fix CVE-2025-32906

Yogita Urade (2):
  curl: fix CVE-2024-11053
  curl: fix CVE-2025-0167

 .../bluez5/bluez5_5.72.bb                     |   8 +-
 ...55.17.bb => systemd-boot-native_255.18.bb} |   0
 ...-boot_255.17.bb => systemd-boot_255.18.bb} |   0
 meta/recipes-core/systemd/systemd.inc         |   2 +-
 ...1-missing_type.h-add-comparison_fn_t.patch |   2 +-
 ...k-parse_printf_format-implementation.patch |   4 +-
 ...tall-dependency-links-at-install-tim.patch |   2 +-
 ...missing.h-check-for-missing-strndupa.patch |   6 +-
 ...OB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch |   4 +-
 ...005-add-missing-FTW_-macros-for-musl.patch |   2 +-
 ...06-Use-uintmax_t-for-handling-rlim_t.patch |   2 +-
 ...T_SYMLINK_NOFOLLOW-flag-to-faccessat.patch |   2 +-
 ...patible-basename-for-non-glibc-syste.patch |   2 +-
 ...implment-systemd-sysv-install-for-OE.patch |   2 +-
 ...uffering-when-writing-to-oom_score_a.patch |   4 +-
 ...compliant-strerror_r-from-GNU-specif.patch |   2 +-
 ...definition-of-prctl_mm_map-structure.patch |   2 +-
 ...-not-disable-buffer-in-writing-files.patch |   2 +-
 .../0013-Handle-__cpu_mask-usage.patch        |   2 +-
 .../systemd/0014-Handle-missing-gshadow.patch |   8 +-
 ...l.h-Define-MIPS-ABI-defines-for-musl.patch |   2 +-
 ...ass-correct-parameters-to-getdents64.patch |   4 +-
 .../0017-Adjust-for-musl-headers.patch        |   2 +-
 ...trerror-is-assumed-to-be-GNU-specifi.patch |   2 +-
 ...util-Make-STRERROR-portable-for-musl.patch |   2 +-
 ...ake-malloc_trim-conditional-on-glibc.patch |   2 +-
 ...hared-Do-not-use-malloc_info-on-musl.patch |   2 +-
 ...22-avoid-missing-LOCK_EX-declaration.patch |   2 +-
 .../{systemd_255.17.bb => systemd_255.18.bb}  |   0
 .../binutils/binutils-2.42.inc                |   1 +
 .../binutils/binutils/CVE-2025-1182.patch     |  33 +
 ...inja2_3.1.4.bb => python3-jinja2_3.1.6.bb} |   5 +-
 .../curl/curl/CVE-2024-11053-0001.patch       | 353 +++++++++
 .../curl/curl/CVE-2024-11053-0002.patch       | 728 ++++++++++++++++++
 .../curl/curl/CVE-2024-11053-0003.patch       | 130 ++++
 .../curl/curl/CVE-2025-0167.patch             | 178 +++++
 meta/recipes-support/curl/curl_8.7.1.bb       |   4 +
 .../libsoup-3.4.4/CVE-2025-32906-1.patch      |  61 ++
 .../libsoup-3.4.4/CVE-2025-32906-2.patch      |  83 ++
 .../libsoup-3.4.4/CVE-2025-32909.patch        |  36 +
 .../libsoup-3.4.4/CVE-2025-32910-1.patch      |  98 +++
 .../libsoup-3.4.4/CVE-2025-32910-2.patch      | 149 ++++
 .../libsoup-3.4.4/CVE-2025-32910-3.patch      |  27 +
 .../CVE-2025-32911_CVE-2025-32913-1.patch     |  72 ++
 .../CVE-2025-32911_CVE-2025-32913-2.patch     |  44 ++
 .../libsoup-3.4.4/CVE-2025-32912-1.patch      |  41 +
 .../libsoup-3.4.4/CVE-2025-32912-2.patch      |  30 +
 meta/recipes-support/libsoup/libsoup_3.4.4.bb |  10 +
 .../sqlite/sqlite3/CVE-2025-29088.patch       | 179 +++++
 .../sqlite/sqlite3/CVE-2025-3277.patch        |  28 +
 meta/recipes-support/sqlite/sqlite3_3.45.3.bb |   5 +-
 scripts/lib/wic/plugins/source/bootimg-efi.py |   2 +-
 52 files changed, 2335 insertions(+), 38 deletions(-)
 rename meta/recipes-core/systemd/{systemd-boot-native_255.17.bb => systemd-boot-native_255.18.bb} (100%)
 rename meta/recipes-core/systemd/{systemd-boot_255.17.bb => systemd-boot_255.18.bb} (100%)
 rename meta/recipes-core/systemd/{systemd_255.17.bb => systemd_255.18.bb} (100%)
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-1182.patch
 rename meta/recipes-devtools/python/{python3-jinja2_3.1.4.bb => python3-jinja2_3.1.6.bb} (81%)
 create mode 100644 meta/recipes-support/curl/curl/CVE-2024-11053-0001.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2024-11053-0002.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2024-11053-0003.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2025-0167.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32906-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32906-2.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32909.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-2.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-3.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32911_CVE-2025-32913-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32911_CVE-2025-32913-2.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32912-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32912-2.patch
 create mode 100644 meta/recipes-support/sqlite/sqlite3/CVE-2025-29088.patch
 create mode 100644 meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch

-- 
2.43.0