[OE-core][kirkstone 00/10] Patch review

[Steve Sakoman <steve@sakoman.com>]

Please review this set of changes for kirkstone and have comments back by
end of day Tuesday, July 29

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2092

The following changes since commit d9f424921179a52ffe053411c44f20e44e7deba1:

  tcf-agent: correct the SRC_URI (2025-07-15 06:42:30 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Aleksandar Nikolic (1):
  scripts/install-buildtools: Update to 4.0.28

Daniel Díaz (1):
  ffmpeg: Ignore two CVEs fixed in 5.0.3

Deepesh Varatharajan (1):
  glibc: stable 2.35 branch updates

Hitendra Prajapati (1):
  libpam: fix CVE-2025-6020

Martin Jansa (1):
  db: ignore implicit-int and implicit-function-declaration issues fatal
    with gcc-14

Peter Marko (2):
  orc: set CVE_PRODUCT
  ncurses: patch CVE-2025-6141

Rob Woolley (1):
  ruby: correct fix for CVE-2024-43398

Yash Shinde (1):
  binutils: Fix CVE-2025-7546

Yogita Urade (1):
  gnupg: fix CVE-2025-30258

 meta/recipes-core/glibc/glibc-version.inc     |    2 +-
 .../glibc/glibc/0025-CVE-2025-4802.patch      |    3 +-
 meta/recipes-core/glibc/glibc_2.35.bb         |    2 +-
 .../ncurses/files/CVE-2025-6141.patch         |   25 +
 .../ncurses/ncurses_6.3+20220423.bb           |    1 +
 .../binutils/binutils-2.38.inc                |    1 +
 .../binutils/0043-CVE-2025-7546.patch         |   44 +
 meta/recipes-devtools/orc/orc_0.4.40.bb       |    3 +
 .../ruby/ruby/CVE-2024-43398-0001.patch       |  212 +++
 .../ruby/ruby/CVE-2024-43398-0002.patch       |  130 ++
 ...-43398.patch => CVE-2024-43398-0003.patch} |   23 +-
 meta/recipes-devtools/ruby/ruby_3.1.3.bb      |    4 +-
 ...001-pam_inline-introduce-pam_asprint.patch |  102 ++
 .../0001-pam_namespace-include-stdint-h.patch |   42 +
 .../pam/libpam/CVE-2025-6020-01.patch         | 1588 +++++++++++++++++
 .../pam/libpam/CVE-2025-6020-02.patch         |  187 ++
 .../pam/libpam/CVE-2025-6020-03.patch         |   35 +
 meta/recipes-extended/pam/libpam_1.5.2.bb     |    5 +
 .../recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb |    6 +
 meta/recipes-support/db/db_5.3.28.bb          |    4 +
 .../gnupg/gnupg/CVE-2025-30258-0001.patch     |  141 ++
 .../gnupg/gnupg/CVE-2025-30258-0002.patch     |  131 ++
 .../gnupg/gnupg/CVE-2025-30258-0003.patch     |  624 +++++++
 .../gnupg/gnupg/CVE-2025-30258-0004.patch     |  193 ++
 .../gnupg/gnupg/CVE-2025-30258-0005.patch     |   36 +
 meta/recipes-support/gnupg/gnupg_2.3.7.bb     |    5 +
 scripts/install-buildtools                    |    4 +-
 27 files changed, 3534 insertions(+), 19 deletions(-)
 create mode 100644 meta/recipes-core/ncurses/files/CVE-2025-6141.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0043-CVE-2025-7546.patch
 create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-43398-0001.patch
 create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-43398-0002.patch
 rename meta/recipes-devtools/ruby/ruby/{CVE-2024-43398.patch => CVE-2024-43398-0003.patch} (87%)
 create mode 100644 meta/recipes-extended/pam/libpam/0001-pam_inline-introduce-pam_asprint.patch
 create mode 100644 meta/recipes-extended/pam/libpam/0001-pam_namespace-include-stdint-h.patch
 create mode 100644 meta/recipes-extended/pam/libpam/CVE-2025-6020-01.patch
 create mode 100644 meta/recipes-extended/pam/libpam/CVE-2025-6020-02.patch
 create mode 100644 meta/recipes-extended/pam/libpam/CVE-2025-6020-03.patch
 create mode 100644 meta/recipes-support/gnupg/gnupg/CVE-2025-30258-0001.patch
 create mode 100644 meta/recipes-support/gnupg/gnupg/CVE-2025-30258-0002.patch
 create mode 100644 meta/recipes-support/gnupg/gnupg/CVE-2025-30258-0003.patch
 create mode 100644 meta/recipes-support/gnupg/gnupg/CVE-2025-30258-0004.patch
 create mode 100644 meta/recipes-support/gnupg/gnupg/CVE-2025-30258-0005.patch

-- 
2.43.0