[OE-core][scarthgap 0/7] Patch review

[OE-core][scarthgap 0/7] Patch review

[Steve Sakoman]

Please review this set of changes for scarthgap and have comments back by
end of day Thursday, July 11

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/7115

The following changes since commit 1cab8d06ce5df7a8d00cff8531965a84d90d265a:

  curl: locale-base-en-us isn't glibc-specific (2024-07-03 07:09:47 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Changqing Li (2):
  apt-native: don't let dpkg overwrite files by default
  apt: runtime error: filename too long (tmpdir length)

Hitendra Prajapati (1):
  ghostscript: upgrade 10.02.1 -> 10.03.1

Peter Marko (2):
  flac: fix buildpaths warnings
  cargo: remove True option to getVar calls

Xiangyu Chen (1):
  qemu: Upgrade 8.2.1 -> 8.2.2

aszh07 (1):
  xz: Update LICENSE variable for xz packages

 meta/classes-recipe/cargo_common.bbclass      |  4 +-
 meta/classes-recipe/ptest-cargo.bbclass       | 18 ++--
 ...he-filename-can-t-be-longer-than-255.patch | 40 ++++++++
 meta/recipes-devtools/apt/apt_2.6.1.bb        |  3 +-
 ...u-native_8.2.1.bb => qemu-native_8.2.2.bb} |  0
 ...e_8.2.1.bb => qemu-system-native_8.2.2.bb} |  0
 meta/recipes-devtools/qemu/qemu.inc           |  3 +-
 .../qemu/qemu/CVE-2023-6683.patch             | 91 -----------------
 .../qemu/{qemu_8.2.1.bb => qemu_8.2.2.bb}     |  0
 .../ghostscript/CVE-2024-29510.patch          | 84 ----------------
 .../ghostscript/CVE-2024-33869-0001.patch     | 39 --------
 .../ghostscript/CVE-2024-33869-0002.patch     | 52 ----------
 .../ghostscript/CVE-2024-33870.patch          | 99 -------------------
 .../ghostscript/CVE-2024-33871.patch          | 43 --------
 .../avoid-host-contamination.patch            | 11 +--
 ...dd-option-to-explicitly-disable-neon.patch | 99 -------------------
 ...ript_10.02.1.bb => ghostscript_10.03.1.bb} |  8 +-
 meta/recipes-extended/xz/xz_5.4.6.bb          |  6 +-
 meta/recipes-multimedia/flac/flac_1.4.3.bb    |  7 ++
 19 files changed, 69 insertions(+), 538 deletions(-)
 create mode 100644 meta/recipes-devtools/apt/apt/0001-strutl.cc-the-filename-can-t-be-longer-than-255.patch
 rename meta/recipes-devtools/qemu/{qemu-native_8.2.1.bb => qemu-native_8.2.2.bb} (100%)
 rename meta/recipes-devtools/qemu/{qemu-system-native_8.2.1.bb => qemu-system-native_8.2.2.bb} (100%)
 delete mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-6683.patch
 rename meta/recipes-devtools/qemu/{qemu_8.2.1.bb => qemu_8.2.2.bb} (100%)
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-29510.patch
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33869-0001.patch
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33869-0002.patch
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33870.patch
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33871.patch
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/configure.ac-add-option-to-explicitly-disable-neon.patch
 rename meta/recipes-extended/ghostscript/{ghostscript_10.02.1.bb => ghostscript_10.03.1.bb} (88%)

-- 
2.34.1

[OE-core][scarthgap 0/7] Patch review

[Steve Sakoman]

Please review this set of changes for scarthgap and have comments back by
end of day Thursday, February 20

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1037

The following changes since commit 61880aac34ff408a8bc5060c6140bfd086b27524:

  base-files: Drop /bin/sh dependency (2025-02-11 05:51:35 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Aleksandar Nikolic (1):
  scripts/install-buildtools: Update to 5.0.7

Divya Chellam (1):
  vim: Upgrade 9.1.0764 -> 9.1.1043

Johannes Schneider (1):
  ppp: Revert lock path to /var/lock

Oleksandr Hnatiuk (1):
  icu: remove host references in nativesdk to fix reproducibility

Peter Marko (3):
  subversion: ignore CVE-2024-45720
  gnutls: patch CVE-2024-12243
  openssl: upgrade 3.2.3 -> 3.2.4

 ...ke-history-reporting-when-test-fails.patch |   40 +-
 ...1-Configure-do-not-tweak-mips-cflags.patch |    2 +-
 ...sysroot-and-debug-prefix-map-from-co.patch |    4 +-
 .../openssl/openssl/CVE-2024-13176.patch      |  126 --
 .../openssl/openssl/CVE-2024-9143.patch       |  202 ---
 .../{openssl_3.2.3.bb => openssl_3.2.4.bb}    |    4 +-
 ...001-Revert-lock-path-to-var-lock-435.patch |   63 +
 meta/recipes-connectivity/ppp/ppp_2.5.0.bb    |    1 +
 .../subversion/subversion_1.14.3.bb           |    2 +
 .../gnutls/gnutls/CVE-2024-12243.patch        | 1149 +++++++++++++++++
 meta/recipes-support/gnutls/gnutls_3.8.4.bb   |    1 +
 meta/recipes-support/icu/icu_74-2.bb          |   33 +-
 meta/recipes-support/vim/vim.inc              |    4 +-
 scripts/install-buildtools                    |    4 +-
 14 files changed, 1268 insertions(+), 367 deletions(-)
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-13176.patch
 delete mode 100755 meta/recipes-connectivity/openssl/openssl/CVE-2024-9143.patch
 rename meta/recipes-connectivity/openssl/{openssl_3.2.3.bb => openssl_3.2.4.bb} (98%)
 create mode 100644 meta/recipes-connectivity/ppp/ppp/0001-Revert-lock-path-to-var-lock-435.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2024-12243.patch

-- 
2.43.0

[OE-core][scarthgap 0/7] Patch review

[Steve Sakoman]

Please review this set of changes for scarthgap and have comments back by
end of day Thursday, May 8

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1529

The following changes since commit 00dd4901e364d16d96cfab864823a9cfdd336eeb:

  Revert "cve-update-nvd2-native: Tweak to work better with NFS DL_DIR" (2025-04-29 10:21:16 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Ashish Sharma (1):
  libsoup: patch CVE-2025-46420

Deepesh Varatharajan (2):
  glibc: stable 2.39 branch updates
  binutils: stable 2.42 branch updates

Jeroen Hofstee (2):
  bluez5: make media control a PACKAGECONFIG option
  bluez5: backport a patch to fix btmgmt -i

Peter Marko (1):
  sqlite3: mark CVE-2025-29087 as patched

Soumya Sambu (1):
  elfutils: Fix CVE-2025-1371

 meta/recipes-connectivity/bluez5/bluez5.inc   |  3 +
 ...ndex-option-for-non-interactive-mode.patch | 29 +++++++++
 meta/recipes-core/glibc/glibc-version.inc     |  2 +-
 .../binutils/binutils-2.42.inc                |  2 +-
 .../elfutils/elfutils_0.191.bb                |  1 +
 .../elfutils/files/CVE-2025-1371.patch        | 41 +++++++++++++
 .../libsoup-3.4.4/CVE-2025-46420.patch        | 60 +++++++++++++++++++
 meta/recipes-support/libsoup/libsoup_3.4.4.bb |  1 +
 .../sqlite/sqlite3/CVE-2025-3277.patch        |  1 +
 9 files changed, 138 insertions(+), 2 deletions(-)
 create mode 100644 meta/recipes-connectivity/bluez5/bluez5/toolsbtmgmt-fix-index-option-for-non-interactive-mode.patch
 create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2025-1371.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-46420.patch

-- 
2.43.0

[OE-core][scarthgap 1/7] libsoup: patch CVE-2025-46420

[Steve Sakoman]

From: Ashish Sharma <asharma@mvista.com>

Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/c9083869ec2a3037e6df4bd86b45c419ba295f8e]

Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup-3.4.4/CVE-2025-46420.patch        | 60 +++++++++++++++++++
 meta/recipes-support/libsoup/libsoup_3.4.4.bb |  1 +
 2 files changed, 61 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-46420.patch

diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-46420.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-46420.patch
new file mode 100644
index 0000000000..37ab16dc05
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-46420.patch
@@ -0,0 +1,60 @@
+From c9083869ec2a3037e6df4bd86b45c419ba295f8e Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Thu, 26 Dec 2024 18:31:42 -0600
+Subject: [PATCH] soup_header_parse_quality_list: Fix leak
+
+When iterating over the parsed list we now steal the allocated strings that we want and then free_full the list which may contain remaining strings.
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/c9083869ec2a3037e6df4bd86b45c419ba295f8e]
+CVE: CVE-2025-46420
+Signed-off-by: Ashish Sharma <asharma@mvista.com>
+
+ libsoup/soup-headers.c | 11 +++++------
+ 1 file changed, 5 insertions(+), 6 deletions(-)
+
+diff --git a/libsoup/soup-headers.c b/libsoup/soup-headers.c
+index a5f7a7f6..85385cea 100644
+--- a/libsoup/soup-headers.c
++++ b/libsoup/soup-headers.c
+@@ -530,7 +530,7 @@ soup_header_parse_quality_list (const char *header, GSList **unacceptable)
+ 	GSList *unsorted;
+ 	QualityItem *array;
+ 	GSList *sorted, *iter;
+-	char *item, *semi;
++	char *semi;
+ 	const char *param, *equal, *value;
+ 	double qval;
+ 	int n;
+@@ -543,9 +543,8 @@ soup_header_parse_quality_list (const char *header, GSList **unacceptable)
+ 	unsorted = soup_header_parse_list (header);
+ 	array = g_new0 (QualityItem, g_slist_length (unsorted));
+ 	for (iter = unsorted, n = 0; iter; iter = iter->next) {
+-		item = iter->data;
+ 		qval = 1.0;
+-		for (semi = strchr (item, ';'); semi; semi = strchr (semi + 1, ';')) {
++		for (semi = strchr (iter->data, ';'); semi; semi = strchr (semi + 1, ';')) {
+ 			param = skip_lws (semi + 1);
+ 			if (*param != 'q')
+ 				continue;
+@@ -577,15 +576,15 @@ soup_header_parse_quality_list (const char *header, GSList **unacceptable)
+ 		if (qval == 0.0) {
+ 			if (unacceptable) {
+ 				*unacceptable = g_slist_prepend (*unacceptable,
+-								 item);
++								 g_steal_pointer (&iter->data));
+ 			}
+ 		} else {
+-			array[n].item = item;
++			array[n].item = g_steal_pointer (&iter->data);
+ 			array[n].qval = qval;
+ 			n++;
+ 		}
+ 	}
+-	g_slist_free (unsorted);
++	g_slist_free_full (unsorted, g_free);
+ 
+ 	qsort (array, n, sizeof (QualityItem), sort_by_qval);
+ 	sorted = NULL;
+-- 
+GitLab
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
index cbb098908d..63e9afa6fc 100644
--- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
@@ -28,6 +28,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32912-2.patch \
            file://CVE-2025-32906-1.patch \
            file://CVE-2025-32906-2.patch \
+           file://CVE-2025-46420.patch \
           "
 SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa"
 
-- 
2.43.0

[OE-core][scarthgap 2/7] elfutils: Fix CVE-2025-1371

[Steve Sakoman]

From: Soumya Sambu <soumya.sambu@windriver.com>

A vulnerability has been found in GNU elfutils 0.192 and classified as problematic.
This vulnerability affects the function handle_dynamic_symtab of the file readelf.c
of the component eu-read. The manipulation leads to null pointer dereference.
Attacking locally is a requirement. The exploit has been disclosed to the public and
may be used. The patch is identified as b38e562a4c907e08171c76b8b2def8464d5a104a. It
is recommended to apply a patch to fix this issue.

References:
https://nvd.nist.gov/vuln/detail/CVE-2025-1371
https://ubuntu.com/security/CVE-2025-1371

Upstream patch:
https://sourceware.org/cgit/elfutils/commit/?id=b38e562a4c907e08171c76b8b2def8464d5a104a

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../elfutils/elfutils_0.191.bb                |  1 +
 .../elfutils/files/CVE-2025-1371.patch        | 41 +++++++++++++++++++
 2 files changed, 42 insertions(+)
 create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2025-1371.patch

diff --git a/meta/recipes-devtools/elfutils/elfutils_0.191.bb b/meta/recipes-devtools/elfutils/elfutils_0.191.bb
index 85e024179b..bab3d94d12 100644
--- a/meta/recipes-devtools/elfutils/elfutils_0.191.bb
+++ b/meta/recipes-devtools/elfutils/elfutils_0.191.bb
@@ -26,6 +26,7 @@ SRC_URI = "https://sourceware.org/elfutils/ftp/${PV}/${BP}.tar.bz2 \
            file://CVE-2025-1352.patch \
            file://CVE-2025-1365.patch \
            file://CVE-2025-1372.patch \
+           file://CVE-2025-1371.patch \
            "
 SRC_URI:append:libc-musl = " \
            file://0003-musl-utils.patch \
diff --git a/meta/recipes-devtools/elfutils/files/CVE-2025-1371.patch b/meta/recipes-devtools/elfutils/files/CVE-2025-1371.patch
new file mode 100644
index 0000000000..ebb57bd4e5
--- /dev/null
+++ b/meta/recipes-devtools/elfutils/files/CVE-2025-1371.patch
@@ -0,0 +1,41 @@
+From b38e562a4c907e08171c76b8b2def8464d5a104a Mon Sep 17 00:00:00 2001
+From: Mark Wielaard <mark@klomp.org>
+Date: Sun, 9 Feb 2025 00:07:13 +0100
+Subject: [PATCH] readelf: Handle NULL phdr in handle_dynamic_symtab
+
+A corrupt ELF file can have broken program headers, in which case
+gelf_getphdr returns NULL. This could crash handle_dynamic_symtab
+while searching for the PT_DYNAMIC phdr. Fix this by checking whether
+gelf_phdr returns NULL.
+
+          * src/readelf.c (handle_dynamic_symtab): Check whether
+          gelf_getphdr returns NULL.
+
+https://sourceware.org/bugzilla/show_bug.cgi?id=32655
+
+Signed-off-by: Mark Wielaard <mark@klomp.org>
+
+CVE: CVE-2025-1371
+
+Upstream-Status: Backport [https://sourceware.org/cgit/elfutils/commit/?id=b38e562a4c907e08171c76b8b2def8464d5a104a]
+
+Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
+---
+ src/readelf.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/readelf.c b/src/readelf.c
+index fc04556..13344bf 100644
+--- a/src/readelf.c
++++ b/src/readelf.c
+@@ -2912,7 +2912,7 @@ handle_dynamic_symtab (Ebl *ebl)
+   for (size_t i = 0; i < phnum; ++i)
+     {
+       phdr = gelf_getphdr (ebl->elf, i, &phdr_mem);
+-      if (phdr->p_type == PT_DYNAMIC)
++      if (phdr == NULL || phdr->p_type == PT_DYNAMIC)
+	break;
+     }
+   if (phdr == NULL)
+--
+2.40.0
-- 
2.43.0

[OE-core][scarthgap 3/7] sqlite3: mark CVE-2025-29087 as patched

[Steve Sakoman]

From: Peter Marko <peter.marko@siemens.com>

Description of CVE-2025-29087 and CVE-2025-3277 are very similar.
There is no lonk from NVD, but [1] and [2] from Debian mark these two
CVEs as duplicates with the same link for patch.

[1] https://security-tracker.debian.org/tracker/CVE-2025-29087
[2] https://security-tracker.debian.org/tracker/CVE-2025-3277

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch
index 4e2ed5f1e0..b8225b5069 100644
--- a/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch
+++ b/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch
@@ -7,6 +7,7 @@ Subject: [PATCH] Add a typecast to avoid 32-bit integer overflow in the
 FossilOrigin-Name: 498e3f1cf57f164fbd8380e92bf91b9f26d6aa05d092fcd135d754abf1e5b1b5
 
 CVE: CVE-2025-3277
+CVE: CVE-2025-29087
 Upstream-Status: Backport [https://sqlite.org/src/info/498e3f1cf57f164f]
 Signed-off-by: Peter Marko <peter.marko@siemens.com>
 ---
-- 
2.43.0

[OE-core][scarthgap 4/7] glibc: stable 2.39 branch updates

[Steve Sakoman]

From: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>

3463100f2d x86: Detect Intel Diamond Rapids
e09436c2cb x86: Handle unknown Intel processor with default tuning
7620d98186 x86: Add ARL/PTL/CWF model detection support
765ff3d0d4 x86: Optimize xstate size calculation
65ae73be01 x86: Use `Avoid_Non_Temporal_Memset` to control non-temporal path
2be36448c4 x86: Tunables may incorrectly set Prefer_PMINUB_for_stringop (bug 32047)
bde201e92c x86: Disable non-temporal memset on Skylake Server
38a7632f2d x86: Fix value for `x86_memset_non_temporal_threshold` when it is undesirable
cc59fa5dbc x86: Enable non-temporal memset tunable for AMD
0da58e8be0 x86: Add seperate non-temporal tunable for memset
837a36c371 x86: Link tst-gnu2-tls2-x86-noxsave{,c,xsavec} with libpthread
87ab0c7f7f x86: Use separate variable for TLSDESC XSAVE/XSAVEC state size (bug 32810)
60cd7123a6 x86: Skip XSAVE state size reset if ISA level requires XSAVE
4cf3f9df54 x86_64: Add atanh with FMA
01ed435e2e x86_64: Add sinh with FMA
0edcc77fe7 x86_64: Add tanh with FMA
7ecf0d3bde x86-64: Exclude FMA4 IFUNC functions for -mapxf
e1fe22368e nptl: clear the whole rseq area before registration
dd8c0c3bbd math: Improve layout of exp/exp10 data
a1b09e59e2 AArch64: Use prefer_sve_ifuncs for SVE memset
d0e2133470 AArch64: Add SVE memset
0cc12d9c47 math: Improve layout of expf data
0cd10047bf AArch64: Remove zva_128 from memset
dd1e63ab58 AArch64: Optimize memset
65a96a6f2b AArch64: Improve generic strlen
4073e4ee2c AArch64: Improve codegen for SVE logs
78abd3ef6e AArch64: Improve codegen in SVE tans
a10183b633 AArch64: Improve codegen of AdvSIMD atan(2)(f)
dcd1229e5b AArch64: Improve codegen of AdvSIMD logf function family
72156cb90b AArch64: Improve codegen in AdvSIMD logs
5e354bf4e2 AArch64: Simplify rounding-multiply pattern in several AdvSIMD routines
80df456112 aarch64: Avoid redundant MOVs in AdvSIMD F32 logs
d591876303 aarch64: Fix AdvSIMD libmvec routines for big-endian
f6d48470ae assert: Add test for CVE-2025-0395

Testresults:
Before update	|After update	 |Difference
PASS: 5068	|PASS: 5072	 |PASS: +4
FAIL: 120	|FAIL: 120	 |FAIL: 0
XPASS: 4	|XPASS: 4	 |XPASS: 0
XFAIL: 16	|XFAIL: 16	 |XFAIL: 0
UNSUPPORTED: 157|UNSUPPORTED: 157|UNSUPPORTED: 0

Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/glibc/glibc-version.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
index da9227ccca..040fc793b1 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
 SRCBRANCH ?= "release/2.39/master"
 PV = "2.39+git"
-SRCREV_glibc ?= "662516aca8b6bf6aa6555f471055d5eb512b1ddc"
+SRCREV_glibc ?= "3463100f2d47f2897a24ba8023a5c7aaf2d26550"
 SRCREV_localedef ?= "fab74f31b3811df543e24b6de47efdf45b538abc"
 
 GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https"
-- 
2.43.0

[OE-core][scarthgap 5/7] binutils: stable 2.42 branch updates

[Steve Sakoman]

From: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>

Below commit on binutils-2.42 stable branch is updated.

6558f9f5f0c s390: Add support for z17 as CPU name

Testing was done and there were no regressions found

Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/binutils/binutils-2.42.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-devtools/binutils/binutils-2.42.inc b/meta/recipes-devtools/binutils/binutils-2.42.inc
index 9fc29301f0..e103e712a4 100644
--- a/meta/recipes-devtools/binutils/binutils-2.42.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.42.inc
@@ -20,7 +20,7 @@ UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P<pver>\d+_(\d_?)*)"
 
 CVE_STATUS[CVE-2023-25584] = "cpe-incorrect: Applies only for version 2.40 and earlier"
 
-SRCREV ?= "758a2290dbdf0d6d6c148c6cf25b2bcfd7a5b84f"
+SRCREV ?= "6558f9f5f0ccc107a083ae7fbf106ebcb5efa817"
 BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${SRCBRANCH};protocol=https"
 SRC_URI = "\
      ${BINUTILS_GIT_URI} \
-- 
2.43.0

[OE-core][scarthgap 6/7] bluez5: make media control a PACKAGECONFIG option

[Steve Sakoman]

From: Jeroen Hofstee <jhofstee@victronenergy.com>

When not building with the default PACKAGECONFIG options, the build can fail
with:

undefined reference to `media_player_controller_create'
undefined reference to `media_player_set_status'

Otherwise. So disable it when not set and enable it by default.

The packageconfig option is the same as in Styhead.
https://github.com/openembedded/openembedded-core/commit/ebbdb7cf5c0a3f0e6773704d4c4cc570358ec611#diff-9d9284f6f27a81c75dffffd6d601b40c8266ae12e678d0a49c46bdb8356a0e91R52

Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-connectivity/bluez5/bluez5.inc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-connectivity/bluez5/bluez5.inc b/meta/recipes-connectivity/bluez5/bluez5.inc
index 39e1bf389c..731bfa0e40 100644
--- a/meta/recipes-connectivity/bluez5/bluez5.inc
+++ b/meta/recipes-connectivity/bluez5/bluez5.inc
@@ -18,6 +18,7 @@ PACKAGECONFIG ??= "obex-profiles \
     ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \
     a2dp-profiles \
     avrcp-profiles \
+    mcp-profiles \
     network-profiles \
     hid-profiles \
     hog-profiles \
@@ -35,6 +36,7 @@ PACKAGECONFIG[nfc] = "--enable-nfc,--disable-nfc"
 PACKAGECONFIG[sap-profiles] = "--enable-sap,--disable-sap"
 PACKAGECONFIG[a2dp-profiles] = "--enable-a2dp,--disable-a2dp"
 PACKAGECONFIG[avrcp-profiles] = "--enable-avrcp,--disable-avrcp"
+PACKAGECONFIG[mcp-profiles] = "--enable-mcp,--disable-mcp"
 PACKAGECONFIG[network-profiles] = "--enable-network,--disable-network"
 PACKAGECONFIG[hid-profiles] = "--enable-hid,--disable-hid"
 PACKAGECONFIG[hog-profiles] = "--enable-hog,--disable-hog"
-- 
2.43.0

[OE-core][scarthgap 7/7] bluez5: backport a patch to fix btmgmt -i

[Steve Sakoman]

From: Jeroen Hofstee <jhofstee@victronenergy.com>

Without this patch btmgmt will always use hci0 in
non interactive mode.

Signed-off-by: Jeroen Hofstee <jhofstee@victronenergy.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-connectivity/bluez5/bluez5.inc   |  1 +
 ...ndex-option-for-non-interactive-mode.patch | 29 +++++++++++++++++++
 2 files changed, 30 insertions(+)
 create mode 100644 meta/recipes-connectivity/bluez5/bluez5/toolsbtmgmt-fix-index-option-for-non-interactive-mode.patch

diff --git a/meta/recipes-connectivity/bluez5/bluez5.inc b/meta/recipes-connectivity/bluez5/bluez5.inc
index 731bfa0e40..53d8644159 100644
--- a/meta/recipes-connectivity/bluez5/bluez5.inc
+++ b/meta/recipes-connectivity/bluez5/bluez5.inc
@@ -57,6 +57,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \
            file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \
            file://0001-test-gatt-Fix-hung-issue.patch \
            file://0001-adapter-Fix-up-address-type-when-loading-keys.patch \
+           file://toolsbtmgmt-fix-index-option-for-non-interactive-mode.patch \
            "
 S = "${WORKDIR}/bluez-${PV}"
 
diff --git a/meta/recipes-connectivity/bluez5/bluez5/toolsbtmgmt-fix-index-option-for-non-interactive-mode.patch b/meta/recipes-connectivity/bluez5/bluez5/toolsbtmgmt-fix-index-option-for-non-interactive-mode.patch
new file mode 100644
index 0000000000..f4e14be146
--- /dev/null
+++ b/meta/recipes-connectivity/bluez5/bluez5/toolsbtmgmt-fix-index-option-for-non-interactive-mode.patch
@@ -0,0 +1,29 @@
+From f00d5546c9e989dd68ce0de0190cd0e043b0f1f5 Mon Sep 17 00:00:00 2001
+From: Arjan Opmeer <arjan.opmeer@gmail.com>
+Date: Tue, 9 Jul 2024 13:55:41 +0200
+Subject: [PATCH] tools/btmgmt: Fix --index option for non-interactive mode
+
+In non-interactive mode the --index option does not work because the
+call to mgmt_set_index() is made after bt_shell_attach().
+
+Fixes: https://github.com/bluez/bluez/issues/893
+
+Upstream-Status: Backport [https://github.com/bluez/bluez/commit/f00d5546c9e989dd68ce0de0190cd0e043b0f1f5]
+---
+ tools/btmgmt.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tools/btmgmt.c b/tools/btmgmt.c
+index 9b7f851bd8..436c2bb21f 100644
+--- a/tools/btmgmt.c
++++ b/tools/btmgmt.c
+@@ -51,8 +51,8 @@ int main(int argc, char *argv[])
+ 		return EXIT_FAILURE;
+ 	}
+ 
+-	bt_shell_attach(fileno(stdin));
+ 	mgmt_set_index(index_option);
++	bt_shell_attach(fileno(stdin));
+ 	status = bt_shell_run();
+ 
+ 	mgmt_remove_submenu();
-- 
2.43.0

Re: [OE-core][scarthgap 6/7] bluez5: make media control a PACKAGECONFIG option

[Gyorgy Sarvari]

On 5/6/25 17:13, Steve Sakoman via lists.openembedded.org wrote:
> From: Jeroen Hofstee <jhofstee@victronenergy.com>
>
> When not building with the default PACKAGECONFIG options, the build can fail
> with:
>
> undefined reference to `media_player_controller_create'
> undefined reference to `media_player_set_status'
>
> Otherwise. So disable it when not set and enable it by default.
>
> The packageconfig option is the same as in Styhead.
> https://github.com/openembedded/openembedded-core/commit/ebbdb7cf5c0a3f0e6773704d4c4cc570358ec611#diff-9d9284f6f27a81c75dffffd6d601b40c8266ae12e678d0a49c46bdb8356a0e91R52
>
> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Technicality nitpick, depending on how important it is deemed: this
patch is missing the original submitter's sign-off.
> ---
>  meta/recipes-connectivity/bluez5/bluez5.inc | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/meta/recipes-connectivity/bluez5/bluez5.inc b/meta/recipes-connectivity/bluez5/bluez5.inc
> index 39e1bf389c..731bfa0e40 100644
> --- a/meta/recipes-connectivity/bluez5/bluez5.inc
> +++ b/meta/recipes-connectivity/bluez5/bluez5.inc
> @@ -18,6 +18,7 @@ PACKAGECONFIG ??= "obex-profiles \
>      ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \
>      a2dp-profiles \
>      avrcp-profiles \
> +    mcp-profiles \
>      network-profiles \
>      hid-profiles \
>      hog-profiles \
> @@ -35,6 +36,7 @@ PACKAGECONFIG[nfc] = "--enable-nfc,--disable-nfc"
>  PACKAGECONFIG[sap-profiles] = "--enable-sap,--disable-sap"
>  PACKAGECONFIG[a2dp-profiles] = "--enable-a2dp,--disable-a2dp"
>  PACKAGECONFIG[avrcp-profiles] = "--enable-avrcp,--disable-avrcp"
> +PACKAGECONFIG[mcp-profiles] = "--enable-mcp,--disable-mcp"
>  PACKAGECONFIG[network-profiles] = "--enable-network,--disable-network"
>  PACKAGECONFIG[hid-profiles] = "--enable-hid,--disable-hid"
>  PACKAGECONFIG[hog-profiles] = "--enable-hog,--disable-hog"
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#216063): https://lists.openembedded.org/g/openembedded-core/message/216063
> Mute This Topic: https://lists.openembedded.org/mt/112650828/6084445
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [skandigraun@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>

Re: [OE-core][scarthgap 6/7] bluez5: make media control a PACKAGECONFIG option

[Steve Sakoman]

On Tue, May 6, 2025 at 8:19 AM Gyorgy Sarvari <skandigraun@gmail.com> wrote:
>
> On 5/6/25 17:13, Steve Sakoman via lists.openembedded.org wrote:
> > From: Jeroen Hofstee <jhofstee@victronenergy.com>
> >
> > When not building with the default PACKAGECONFIG options, the build can fail
> > with:
> >
> > undefined reference to `media_player_controller_create'
> > undefined reference to `media_player_set_status'
> >
> > Otherwise. So disable it when not set and enable it by default.
> >
> > The packageconfig option is the same as in Styhead.
> > https://github.com/openembedded/openembedded-core/commit/ebbdb7cf5c0a3f0e6773704d4c4cc570358ec611#diff-9d9284f6f27a81c75dffffd6d601b40c8266ae12e678d0a49c46bdb8356a0e91R52
> >
> > Signed-off-by: Steve Sakoman <steve@sakoman.com>
> Technicality nitpick, depending on how important it is deemed: this
> patch is missing the original submitter's sign-off.

Good catch!  Thanks for reviewing.  I will add it before merging.

Steve

> > ---
> >  meta/recipes-connectivity/bluez5/bluez5.inc | 2 ++
> >  1 file changed, 2 insertions(+)
> >
> > diff --git a/meta/recipes-connectivity/bluez5/bluez5.inc b/meta/recipes-connectivity/bluez5/bluez5.inc
> > index 39e1bf389c..731bfa0e40 100644
> > --- a/meta/recipes-connectivity/bluez5/bluez5.inc
> > +++ b/meta/recipes-connectivity/bluez5/bluez5.inc
> > @@ -18,6 +18,7 @@ PACKAGECONFIG ??= "obex-profiles \
> >      ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \
> >      a2dp-profiles \
> >      avrcp-profiles \
> > +    mcp-profiles \
> >      network-profiles \
> >      hid-profiles \
> >      hog-profiles \
> > @@ -35,6 +36,7 @@ PACKAGECONFIG[nfc] = "--enable-nfc,--disable-nfc"
> >  PACKAGECONFIG[sap-profiles] = "--enable-sap,--disable-sap"
> >  PACKAGECONFIG[a2dp-profiles] = "--enable-a2dp,--disable-a2dp"
> >  PACKAGECONFIG[avrcp-profiles] = "--enable-avrcp,--disable-avrcp"
> > +PACKAGECONFIG[mcp-profiles] = "--enable-mcp,--disable-mcp"
> >  PACKAGECONFIG[network-profiles] = "--enable-network,--disable-network"
> >  PACKAGECONFIG[hid-profiles] = "--enable-hid,--disable-hid"
> >  PACKAGECONFIG[hog-profiles] = "--enable-hog,--disable-hog"
> >
> > -=-=-=-=-=-=-=-=-=-=-=-
> > Links: You receive all messages sent to this group.
> > View/Reply Online (#216063): https://lists.openembedded.org/g/openembedded-core/message/216063
> > Mute This Topic: https://lists.openembedded.org/mt/112650828/6084445
> > Group Owner: openembedded-core+owner@lists.openembedded.org
> > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [skandigraun@gmail.com]
> > -=-=-=-=-=-=-=-=-=-=-=-
> >
>

[OE-core][scarthgap 0/7] Patch review

[Steve Sakoman]

Please review this set of changes for scarthgap and have comments back by
end of day Friday, May 23

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1625

The following changes since commit b214cc84a922f7a3fb7ebbc501189ce25e8bd2bd:

  glibc-y2038-tests: remove glibc-y2038-tests_2.39.bb recipe (2025-05-15 09:42:55 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Ashish Sharma (1):
  libsoup-2.4: Fix CVE-2025-46420

Nguyen Dat Tho (1):
  libatomic-ops: Update GITHUB_BASE_URI

Praveen Kumar (2):
  connman :fix CVE-2025-32366
  glib-2.0: fix CVE-2025-4373

Sunil Dora (1):
  binutils: Fix CVE-2025-1153

Vijay Anusuri (1):
  openssh: Fix for CVE-2025-32728

Vyacheslav Yurkov (1):
  systemd: Password agents shouldn't be optional

 .../connman/connman/CVE-2025-32366.patch      |   41 +
 .../connman/connman_1.42.bb                   |    1 +
 .../openssh/openssh/CVE-2025-32728.patch      |   44 +
 .../openssh/openssh_9.6p1.bb                  |    1 +
 .../glib-2.0/glib-2.0/CVE-2025-4373-01.patch  |  120 +
 .../glib-2.0/glib-2.0/CVE-2025-4373-02.patch  |   29 +
 meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb |    2 +
 meta/recipes-core/systemd/systemd_255.18.bb   |   10 -
 .../binutils/binutils-2.42.inc                |    3 +
 .../binutils/0019-CVE-2025-1153-1.patch       | 3207 ++++++++++++++
 .../binutils/0020-CVE-2025-1153-2.patch       |  840 ++++
 .../binutils/0021-CVE-2025-1153-3.patch       | 3756 +++++++++++++++++
 .../libatomic-ops/libatomic-ops_7.8.2.bb      |    4 +-
 .../libsoup/libsoup-2.4/CVE-2025-46420.patch  |   60 +
 .../libsoup/libsoup-2.4_2.74.3.bb             |    1 +
 15 files changed, 8107 insertions(+), 12 deletions(-)
 create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2025-32366.patch
 create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2025-32728.patch
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-4373-01.patch
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-4373-02.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0019-CVE-2025-1153-1.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0020-CVE-2025-1153-2.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0021-CVE-2025-1153-3.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-46420.patch

-- 
2.43.0

[OE-core][scarthgap 0/7] Patch review

[Steve Sakoman]

Please review this set of changes for scarthgap and have comments back by
end of day Thursday, November 6

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2676

The following changes since commit 4cb834388759540ea5bf7265389b9f1b2e15333a:

  bind: upgrade 9.18.33 -> 9.18.41 (2025-10-29 07:13:09 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Bastian Krause (1):
  util-linux: fix pointer usage in hwclock param handling

Michael Haener (1):
  Remove empty file

Peter Marko (4):
  wpa-supplicant: patch CVE-2025-24912
  binutils: patch CVE-2025-11414
  binutils: patch CVE-2025-11412
  binutils: patch CVE-2025-11413

Yannic Moog (1):
  perf: add arm64 source files for unistd_64.h

 .../wpa-supplicant/CVE-2025-24912-01.patch    | 79 +++++++++++++++++
 .../wpa-supplicant/CVE-2025-24912-02.patch    | 70 ++++++++++++++++
 .../wpa-supplicant/wpa-supplicant_2.10.bb     |  2 +
 meta/recipes-core/util-linux/util-linux.inc   |  1 +
 ...-utils-hwclock-rtc-fix-pointer-usage.patch | 27 ++++++
 .../binutils/binutils-2.42.inc                |  3 +
 .../binutils/binutils/CVE-2025-11412.patch    | 35 ++++++++
 .../binutils/binutils/CVE-2025-11413.patch    | 38 +++++++++
 .../binutils/binutils/CVE-2025-11414.patch    | 84 +++++++++++++++++++
 meta/recipes-kernel/perf/perf.bb              |  3 +-
 test                                          |  0
 11 files changed, 341 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2025-24912-01.patch
 create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2025-24912-02.patch
 create mode 100644 meta/recipes-core/util-linux/util-linux/sys-utils-hwclock-rtc-fix-pointer-usage.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-11412.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-11413.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-11414.patch
 delete mode 100644 test

-- 
2.43.0

[OE-core][scarthgap 0/7] Patch review

[Steve Sakoman]

Please review this set of changes for scarthgap and have comments back by
end of day Tuesday, December 16

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/2849

The following changes since commit ef198b0c6063ede32cb93fe44eb89937c076a073:

  curl: Ensure 'CURL_CA_BUNDLE' from host env is indeed respected (2025-12-05 07:08:31 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Daniel Turull (1):
  classes/create-spdx-2.2: Define SPDX_VERSION to 2.2

Hitendra Prajapati (1):
  libxml2: Security fix for CVE-2025-7425

Peter Marko (3):
  libpng: patch CVE-2025-66293
  libmicrohttpd: disable experimental code by default
  Revert "lib/oe/go: document map_arch, and raise an error on unknown
    architecture"

Vijay Anusuri (2):
  libssh2: upgrade 1.11.0 -> 1.11.1
  libssh2: fix regression in KEX method validation (GH-1553)

 meta/classes/create-spdx-2.2.bbclass          |   2 +
 meta/lib/oe/go.py                             |   6 +-
 .../libxml/libxml2/CVE-2025-7425.patch        | 802 ++++++++++++++++++
 meta/recipes-core/libxml/libxml2_2.12.10.bb   |   1 +
 .../libpng/files/CVE-2025-66293-01.patch      |  60 ++
 .../libpng/files/CVE-2025-66293-02.patch      | 125 +++
 .../libpng/libpng_1.6.42.bb                   |   2 +
 .../libmicrohttpd/libmicrohttpd_1.0.1.bb      |   4 +
 ...rror-if-user-KEX-methods-are-invalid.patch |  73 ++
 .../libssh2/libssh2/CVE-2023-48795.patch      | 466 ----------
 .../{libssh2_1.11.0.bb => libssh2_1.11.1.bb}  |   6 +-
 11 files changed, 1073 insertions(+), 474 deletions(-)
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-7425.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2025-66293-01.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2025-66293-02.patch
 create mode 100644 meta/recipes-support/libssh2/libssh2/0001-Return-error-if-user-KEX-methods-are-invalid.patch
 delete mode 100644 meta/recipes-support/libssh2/libssh2/CVE-2023-48795.patch
 rename meta/recipes-support/libssh2/{libssh2_1.11.0.bb => libssh2_1.11.1.bb} (87%)

-- 
2.43.0