From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/11] Patch review
Date: Wed, 9 Jul 2025 08:19:03 -0700 [thread overview]
Message-ID: <cover.1752073806.git.steve@sakoman.com> (raw)
Please review this set of changes for kirkstone and have comments bach by
end of day Friday, July 11
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1983
The following changes since commit 78055e8b6a9ea5063658886c5b5d22821d689fc5:
xwayland: fix CVE-2025-49180 (2025-07-05 06:12:53 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Bruce Ashfield (1):
linux-yocto/5.15: update to v5.15.186
Changqing Li (3):
libsoup-2.4: refresh CVE-2025-4969.patch
libsoup-2.4: fix CVE-2025-4945
libsoup: fix CVE-2025-4945
Chen Qi (1):
coreutils: fix CVE-2025-5278
Divya Chellam (3):
libarchive: fix CVE-2025-5915
libarchive: fix CVE-2025-5916
libarchive: fix CVE-2025-5917
Hitendra Prajapati (1):
libxml2: fix CVE-2025-6021
Yogita Urade (2):
curl: fix CVE-2024-11053
curl: fix CVE-2025-0167
.../coreutils/coreutils/CVE-2025-5278.patch | 113 +++
meta/recipes-core/coreutils/coreutils_9.0.bb | 1 +
.../libxml/libxml2/CVE-2025-6021.patch | 56 ++
meta/recipes-core/libxml/libxml2_2.9.14.bb | 1 +
.../libarchive/libarchive/CVE-2025-5915.patch | 217 +++++
.../libarchive/libarchive/CVE-2025-5916.patch | 116 +++
.../libarchive/libarchive/CVE-2025-5917.patch | 54 ++
.../libarchive/libarchive_3.6.2.bb | 3 +
.../linux/linux-yocto-rt_5.15.bb | 6 +-
.../linux/linux-yocto-tiny_5.15.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +-
.../curl/curl/CVE-2024-11053-0001.patch | 340 ++++++++
.../curl/curl/CVE-2024-11053-0002.patch | 746 ++++++++++++++++++
.../curl/curl/CVE-2025-0167.patch | 175 ++++
meta/recipes-support/curl/curl_7.82.0.bb | 3 +
.../libsoup/libsoup-2.4/CVE-2025-4945.patch | 117 +++
.../libsoup/libsoup-2.4/CVE-2025-4969.patch | 54 +-
.../libsoup/libsoup-2.4_2.74.2.bb | 1 +
.../libsoup/libsoup/CVE-2025-4945.patch | 118 +++
meta/recipes-support/libsoup/libsoup_3.0.7.bb | 1 +
20 files changed, 2093 insertions(+), 61 deletions(-)
create mode 100644 meta/recipes-core/coreutils/coreutils/CVE-2025-5278.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-6021.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-5915.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-5916.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-5917.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2024-11053-0001.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2024-11053-0002.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2025-0167.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4945.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-4945.patch
--
2.43.0
next reply other threads:[~2025-07-09 15:19 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-09 15:19 Steve Sakoman [this message]
2025-07-09 15:19 ` [OE-core][kirkstone 01/11] libsoup-2.4: refresh CVE-2025-4969.patch Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 02/11] libxml2: fix CVE-2025-6021 Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 03/11] coreutils: fix CVE-2025-5278 Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 04/11] libsoup-2.4: fix CVE-2025-4945 Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 05/11] libsoup: " Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 06/11] curl: fix CVE-2024-11053 Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 07/11] curl: fix CVE-2025-0167 Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 08/11] libarchive: fix CVE-2025-5915 Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 09/11] libarchive: fix CVE-2025-5916 Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 10/11] libarchive: fix CVE-2025-5917 Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 11/11] linux-yocto/5.15: update to v5.15.186 Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-01-15 14:37 [OE-core][kirkstone 00/11] Patch review Steve Sakoman
2024-08-13 12:16 Steve Sakoman
2024-03-04 15:23 Steve Sakoman
2023-12-21 2:09 Steve Sakoman
2023-06-11 16:02 Steve Sakoman
2023-01-12 2:33 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1752073806.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.