From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 00/15] Patch review
Date: Tue, 29 Apr 2025 19:59:48 -0700 [thread overview]
Message-ID: <cover.1745981742.git.steve@sakoman.com> (raw)
Please review this set of changes for scarthgap and have comments back by
end of day Thursday, May 1
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1498
The following changes since commit 87cadf62ba0d6b0fc3dc0151a5d320919b7eb1ab:
bluez5: add missing tools to noinst-tools package (2025-04-22 10:32:27 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut
Alexander Kanavin (1):
perlcross: update 1.5.2 -> 1.6
Archana Polampalli (2):
perlcross: 1.6 -> 1.6.2
perl: upgrade 5.38.2 -> 5.38.4
Changqing Li (4):
initscripts: add function
log_success_msg/log_failure_msg/log_warning_msg
buildtools-tarball: move setting of envvars to respective envfile
buildtools-tarball: add envvars into BB_ENV_PASSTHROUGH_ADDITIONS
buildtools-tarball: Make buildtools respects host CA certificates
Peter Marko (5):
ppp: patch CVE-2024-58250
libxml2: patch CVE-2025-32414
libxml2: patch CVE-2025-32415
glib-2.0: patch CVE-2025-3360
Revert "cve-update-nvd2-native: Tweak to work better with NFS DL_DIR"
Priyal Doshi (1):
tzdata/tzcode-native: upgrade 2025a -> 2025b
Shubham Kulkarni (1):
libpam: Update fix for CVE-2024-10041
Soumya Sambu (1):
git: Upgrade 2.44.1 -> 2.44.3
.../openssl/files/environment.d-openssl.sh | 22 +-
.../ppp/ppp/CVE-2024-58250.patch | 194 ++++++++++++++++++
meta/recipes-connectivity/ppp/ppp_2.5.0.bb | 2 +-
.../glib-2.0/glib-2.0/CVE-2025-3360-01.patch | 57 +++++
.../glib-2.0/glib-2.0/CVE-2025-3360-02.patch | 53 +++++
.../glib-2.0/glib-2.0/CVE-2025-3360-03.patch | 36 ++++
.../glib-2.0/glib-2.0/CVE-2025-3360-04.patch | 76 +++++++
.../glib-2.0/glib-2.0/CVE-2025-3360-05.patch | 57 +++++
.../glib-2.0/glib-2.0/CVE-2025-3360-06.patch | 50 +++++
meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb | 8 +-
.../initscripts/initscripts-1.0/functions | 21 ++
.../initscripts/initscripts_1.0.bb | 1 -
.../libxml/libxml2/CVE-2025-32414.patch | 74 +++++++
.../libxml/libxml2/CVE-2025-32415.patch | 39 ++++
meta/recipes-core/libxml/libxml2_2.12.10.bb | 2 +
meta/recipes-core/meta/buildtools-tarball.bb | 29 ++-
.../meta/cve-update-nvd2-native.bb | 2 -
.../git/git/environment.d-git.sh | 19 ++
.../git/{git_2.44.1.bb => git_2.44.3.bb} | 10 +-
...ile-check-the-file-if-patched-or-not.patch | 3 +-
...oss-add-LDFLAGS-when-linking-libperl.patch | 9 +-
.../perl-cross/files/determinism.patch | 41 ++--
...{perlcross_1.5.2.bb => perlcross_1.6.2.bb} | 2 +-
.../perl/{perl_5.38.2.bb => perl_5.38.4.bb} | 2 +-
.../environment.d-python3-requests.sh | 11 +
.../python/python3-requests_2.32.3.bb | 11 +
...024-10041.patch => CVE-2024-10041-1.patch} | 0
.../pam/libpam/CVE-2024-10041-2.patch | 77 +++++++
meta/recipes-extended/pam/libpam_1.5.3.bb | 3 +-
meta/recipes-extended/timezone/timezone.inc | 6 +-
.../curl/curl/environment.d-curl.sh | 19 ++
meta/recipes-support/curl/curl_8.7.1.bb | 9 +
32 files changed, 899 insertions(+), 46 deletions(-)
create mode 100644 meta/recipes-connectivity/ppp/ppp/CVE-2024-58250.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-3360-01.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-3360-02.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-3360-03.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-3360-04.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-3360-05.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-3360-06.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-32414.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-32415.patch
create mode 100644 meta/recipes-devtools/git/git/environment.d-git.sh
rename meta/recipes-devtools/git/{git_2.44.1.bb => git_2.44.3.bb} (93%)
rename meta/recipes-devtools/perl-cross/{perlcross_1.5.2.bb => perlcross_1.6.2.bb} (92%)
rename meta/recipes-devtools/perl/{perl_5.38.2.bb => perl_5.38.4.bb} (99%)
create mode 100644 meta/recipes-devtools/python/python3-requests/environment.d-python3-requests.sh
rename meta/recipes-extended/pam/libpam/{CVE-2024-10041.patch => CVE-2024-10041-1.patch} (100%)
create mode 100644 meta/recipes-extended/pam/libpam/CVE-2024-10041-2.patch
create mode 100644 meta/recipes-support/curl/curl/environment.d-curl.sh
--
2.43.0
next reply other threads:[~2025-04-30 3:00 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-30 2:59 Steve Sakoman [this message]
2025-04-30 2:59 ` [OE-core][scarthgap 01/15] libpam: Update fix for CVE-2024-10041 Steve Sakoman
2025-04-30 2:59 ` [OE-core][scarthgap 02/15] ppp: patch CVE-2024-58250 Steve Sakoman
2025-04-30 2:59 ` [OE-core][scarthgap 03/15] libxml2: patch CVE-2025-32414 Steve Sakoman
2025-04-30 2:59 ` [OE-core][scarthgap 04/15] libxml2: patch CVE-2025-32415 Steve Sakoman
2025-04-30 2:59 ` [OE-core][scarthgap 05/15] glib-2.0: patch CVE-2025-3360 Steve Sakoman
2025-04-30 2:59 ` [OE-core][scarthgap 06/15] git: Upgrade 2.44.1 -> 2.44.3 Steve Sakoman
2025-04-30 2:59 ` [OE-core][scarthgap 07/15] perlcross: update 1.5.2 -> 1.6 Steve Sakoman
2025-04-30 2:59 ` [OE-core][scarthgap 08/15] perlcross: 1.6 -> 1.6.2 Steve Sakoman
2025-04-30 2:59 ` [OE-core][scarthgap 09/15] perl: upgrade 5.38.2 -> 5.38.4 Steve Sakoman
2025-04-30 2:59 ` [OE-core][scarthgap 10/15] tzdata/tzcode-native: upgrade 2025a -> 2025b Steve Sakoman
2025-04-30 2:59 ` [OE-core][scarthgap 11/15] initscripts: add function log_success_msg/log_failure_msg/log_warning_msg Steve Sakoman
2025-04-30 3:00 ` [OE-core][scarthgap 12/15] buildtools-tarball: move setting of envvars to respective envfile Steve Sakoman
2025-04-30 3:00 ` [OE-core][scarthgap 13/15] buildtools-tarball: add envvars into BB_ENV_PASSTHROUGH_ADDITIONS Steve Sakoman
2025-04-30 3:00 ` [OE-core][scarthgap 14/15] buildtools-tarball: Make buildtools respects host CA certificates Steve Sakoman
2025-04-30 3:00 ` [OE-core][scarthgap 15/15] Revert "cve-update-nvd2-native: Tweak to work better with NFS DL_DIR" Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2026-03-20 0:28 [OE-core][scarthgap 00/15] Patch review Yoann Congal
2025-01-13 20:46 Steve Sakoman
2025-01-13 22:32 ` [scarthgap " Adrian Freihofer
2025-01-14 15:56 ` [OE-core] " Steve Sakoman
2025-01-14 16:31 ` Adrian Freihofer
2024-12-04 20:36 [OE-core][scarthgap " Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1745981742.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.