From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 00/12] Patch review
Date: Fri, 6 Jun 2025 08:59:53 -0700 [thread overview]
Message-ID: <cover.1749225417.git.steve@sakoman.com> (raw)
Please review this set of changes for scarthgap and have comments back by
end of day Tuesday, June 10
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1740
The following changes since commit d1b64f190c1686f081f5ba2c4f2b320048f6a514:
sstatetests: Switch to new CDN (2025-06-02 07:21:18 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut
Changqing Li (6):
libsoup: fix CVE-2025-32908
libsoup: fix CVE-2025-32907
libsoup-2.4: fix CVE-2025-32907
libsoup-2.4: fix do_compile failure
libsoup-2.4: fix CVE-2025-32053
libsoup: fix CVE-2025-32053
Deepesh Varatharajan (2):
binutils: Fix CVE-2025-5245
binutils: Fix CVE-2025-5244
Divya Chellam (2):
screen: fix CVE-2025-46802
screen: fix CVE-2025-46804
Guðni Már Gilbert (1):
systemd: upgrade 255.18 -> 255.21
Vijay Anusuri (1):
python3-setuptools: Fix CVE-2025-47273
...55.18.bb => systemd-boot-native_255.21.bb} | 0
...-boot_255.18.bb => systemd-boot_255.21.bb} | 0
meta/recipes-core/systemd/systemd.inc | 2 +-
...1-missing_type.h-add-comparison_fn_t.patch | 2 +-
...k-parse_printf_format-implementation.patch | 2 +-
...tall-dependency-links-at-install-tim.patch | 2 +-
...missing.h-check-for-missing-strndupa.patch | 10 +-
...OB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch | 2 +-
...005-add-missing-FTW_-macros-for-musl.patch | 2 +-
...06-Use-uintmax_t-for-handling-rlim_t.patch | 2 +-
...T_SYMLINK_NOFOLLOW-flag-to-faccessat.patch | 2 +-
...patible-basename-for-non-glibc-syste.patch | 2 +-
...implment-systemd-sysv-install-for-OE.patch | 2 +-
...uffering-when-writing-to-oom_score_a.patch | 2 +-
...compliant-strerror_r-from-GNU-specif.patch | 2 +-
...definition-of-prctl_mm_map-structure.patch | 2 +-
...-not-disable-buffer-in-writing-files.patch | 8 +-
.../0013-Handle-__cpu_mask-usage.patch | 2 +-
.../systemd/0014-Handle-missing-gshadow.patch | 2 +-
...l.h-Define-MIPS-ABI-defines-for-musl.patch | 2 +-
...ass-correct-parameters-to-getdents64.patch | 2 +-
.../0017-Adjust-for-musl-headers.patch | 2 +-
...trerror-is-assumed-to-be-GNU-specifi.patch | 2 +-
...util-Make-STRERROR-portable-for-musl.patch | 2 +-
...ake-malloc_trim-conditional-on-glibc.patch | 2 +-
...hared-Do-not-use-malloc_info-on-musl.patch | 2 +-
...22-avoid-missing-LOCK_EX-declaration.patch | 4 +-
.../{systemd_255.18.bb => systemd_v255.21.bb} | 0
.../binutils/binutils-2.42.inc | 2 +
.../binutils/0022-CVE-2025-5244.patch | 25 +++
.../binutils/0022-CVE-2025-5245.patch | 38 ++++
.../CVE-2025-47273-pre1.patch | 54 +++++
.../python3-setuptools/CVE-2025-47273.patch | 59 ++++++
.../python/python3-setuptools_69.1.1.bb | 2 +
.../screen/screen/CVE-2025-46802.patch | 146 +++++++++++++
.../screen/screen/CVE-2025-46804.patch | 131 ++++++++++++
meta/recipes-extended/screen/screen_4.9.1.bb | 2 +
.../libsoup/libsoup-2.4/CVE-2025-32053.patch | 39 ++++
.../libsoup/libsoup-2.4/CVE-2025-32907.patch | 39 ++++
.../libsoup-2.4/CVE-2025-32910-1.patch | 79 +------
.../libsoup-2.4/CVE-2025-32910-2.patch | 60 +-----
.../libsoup-2.4/CVE-2025-32912-1.patch | 20 +-
.../libsoup/libsoup-2.4_2.74.3.bb | 4 +-
.../libsoup-3.4.4/CVE-2025-32053.patch | 40 ++++
.../libsoup-3.4.4/CVE-2025-32907-1.patch | 200 ++++++++++++++++++
.../libsoup-3.4.4/CVE-2025-32907-2.patch | 68 ++++++
.../libsoup-3.4.4/CVE-2025-32908-1.patch | 89 ++++++++
.../libsoup-3.4.4/CVE-2025-32908-2.patch | 53 +++++
meta/recipes-support/libsoup/libsoup_3.4.4.bb | 7 +-
49 files changed, 1053 insertions(+), 170 deletions(-)
rename meta/recipes-core/systemd/{systemd-boot-native_255.18.bb => systemd-boot-native_255.21.bb} (100%)
rename meta/recipes-core/systemd/{systemd-boot_255.18.bb => systemd-boot_255.21.bb} (100%)
rename meta/recipes-core/systemd/{systemd_255.18.bb => systemd_v255.21.bb} (100%)
create mode 100644 meta/recipes-devtools/binutils/binutils/0022-CVE-2025-5244.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0022-CVE-2025-5245.patch
create mode 100644 meta/recipes-devtools/python/python3-setuptools/CVE-2025-47273-pre1.patch
create mode 100644 meta/recipes-devtools/python/python3-setuptools/CVE-2025-47273.patch
create mode 100644 meta/recipes-extended/screen/screen/CVE-2025-46802.patch
create mode 100644 meta/recipes-extended/screen/screen/CVE-2025-46804.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32053.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32907.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32053.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32907-1.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32907-2.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32908-1.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32908-2.patch
--
2.43.0
next reply other threads:[~2025-06-06 16:00 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-06 15:59 Steve Sakoman [this message]
2025-06-06 15:59 ` [OE-core][scarthgap 01/12] libsoup: fix CVE-2025-32908 Steve Sakoman
2025-06-06 15:59 ` [OE-core][scarthgap 02/12] libsoup: fix CVE-2025-32907 Steve Sakoman
2025-06-06 15:59 ` [OE-core][scarthgap 03/12] libsoup-2.4: " Steve Sakoman
2025-06-06 15:59 ` [OE-core][scarthgap 04/12] libsoup-2.4: fix do_compile failure Steve Sakoman
2025-06-06 15:59 ` [OE-core][scarthgap 05/12] libsoup-2.4: fix CVE-2025-32053 Steve Sakoman
2025-06-06 15:59 ` [OE-core][scarthgap 06/12] libsoup: " Steve Sakoman
2025-06-06 16:00 ` [OE-core][scarthgap 07/12] python3-setuptools: Fix CVE-2025-47273 Steve Sakoman
2025-06-06 16:00 ` [OE-core][scarthgap 08/12] binutils: Fix CVE-2025-5245 Steve Sakoman
2025-06-06 16:00 ` [OE-core][scarthgap 09/12] binutils: Fix CVE-2025-5244 Steve Sakoman
2025-06-06 16:00 ` [OE-core][scarthgap 10/12] screen: fix CVE-2025-46802 Steve Sakoman
2025-06-06 16:00 ` [OE-core][scarthgap 11/12] screen: fix CVE-2025-46804 Steve Sakoman
2025-06-06 16:00 ` [OE-core][scarthgap 12/12] systemd: upgrade 255.18 -> 255.21 Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-07-17 2:58 [OE-core][scarthgap 00/12] Patch review Steve Sakoman
2025-07-09 2:51 Steve Sakoman
2025-01-30 2:51 Steve Sakoman
2024-12-10 20:56 Steve Sakoman
2024-08-29 13:32 Steve Sakoman
2024-07-18 13:45 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1749225417.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.