From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/10] Patch review
Date: Wed, 30 Jul 2025 12:05:24 -0700 [thread overview]
Message-ID: <cover.1753902181.git.steve@sakoman.com> (raw)
Please review this set of changes for kirkstone and have comments back by
end of day Friday, August 1
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2113
The following changes since commit 277b5ec3c0212ca8600dd89d0a33f784a060131f:
db: ignore implicit-int and implicit-function-declaration issues fatal with gcc-14 (2025-07-25 08:37:09 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Deepesh Varatharajan (1):
binutils: Fix CVE-2025-7545
Peter Marko (8):
dropbear: patch CVE-2025-47203
gnutls: patch CVE-2025-32989
gnutls: patch read buffer overrun in the "pre_shared_key" extension
gnutls: patch reject zero-length version in certificate request
gnutls: patch CVE-2025-32988
gnutls: patch CVE-2025-32990
gnutls: patch CVE-2025-6395
libxml2: patch CVE-2025-6170
Vijay Anusuri (1):
sqlite3: Fix CVE-2025-6965
meta/recipes-core/dropbear/dropbear.inc | 3 +
..._snprintf-that-won-t-return-negative.patch | 48 +
...-length-paths-and-commands-in-multih.patch | 126 +
.../dropbear/dropbear/CVE-2025-47203.patch | 344 +++
.../libxml/libxml2/CVE-2025-6170.patch | 103 +
meta/recipes-core/libxml/libxml2_2.9.14.bb | 1 +
.../binutils/binutils-2.38.inc | 1 +
.../binutils/0043-CVE-2025-7545.patch | 39 +
...fer-overrun-in-the-pre_shared_key-ex.patch | 34 +
...-length-version-in-certificate-reque.patch | 37 +
.../04939b75417cc95b7372c6f208c4bda4579bdc34 | Bin 0 -> 1782 bytes
.../3e94dcdff862ef5d6db8b5cc8e59310b5f0cdfe2 | Bin 0 -> 830 bytes
.../5477db1bb507a35e8833c758ce344f4b5b246d8e | Bin 0 -> 111 bytes
.../gnutls/gnutls/CVE-2025-32988.patch | 58 +
.../gnutls/gnutls/CVE-2025-32989.patch | 50 +
.../gnutls/gnutls/CVE-2025-32990.patch | 2109 +++++++++++++++++
.../gnutls/gnutls/CVE-2025-6395.patch | 299 +++
meta/recipes-support/gnutls/gnutls_3.7.4.bb | 15 +
.../sqlite/files/CVE-2025-6965.patch | 115 +
meta/recipes-support/sqlite/sqlite3_3.38.5.bb | 1 +
20 files changed, 3383 insertions(+)
create mode 100644 meta/recipes-core/dropbear/dropbear/0001-Add-m_snprintf-that-won-t-return-negative.patch
create mode 100644 meta/recipes-core/dropbear/dropbear/0001-Handle-arbitrary-length-paths-and-commands-in-multih.patch
create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2025-47203.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-6170.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0043-CVE-2025-7545.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/0001-psk-fix-read-buffer-overrun-in-the-pre_shared_key-ex.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/0001-x509-reject-zero-length-version-in-certificate-reque.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/04939b75417cc95b7372c6f208c4bda4579bdc34
create mode 100644 meta/recipes-support/gnutls/gnutls/3e94dcdff862ef5d6db8b5cc8e59310b5f0cdfe2
create mode 100644 meta/recipes-support/gnutls/gnutls/5477db1bb507a35e8833c758ce344f4b5b246d8e
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-32988.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-32989.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-32990.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-6395.patch
create mode 100644 meta/recipes-support/sqlite/files/CVE-2025-6965.patch
--
2.43.0
next reply other threads:[~2025-07-30 19:05 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-30 19:05 Steve Sakoman [this message]
2025-07-30 19:05 ` [OE-core][kirkstone 01/10] dropbear: patch CVE-2025-47203 Steve Sakoman
2025-07-30 19:05 ` [OE-core][kirkstone 02/10] gnutls: patch CVE-2025-32989 Steve Sakoman
2025-07-30 19:05 ` [OE-core][kirkstone 03/10] gnutls: patch read buffer overrun in the "pre_shared_key" extension Steve Sakoman
2025-07-30 19:05 ` [OE-core][kirkstone 04/10] gnutls: patch reject zero-length version in certificate request Steve Sakoman
2025-07-30 19:05 ` [OE-core][kirkstone 05/10] gnutls: patch CVE-2025-32988 Steve Sakoman
2025-07-30 19:05 ` [OE-core][kirkstone 06/10] gnutls: patch CVE-2025-32990 Steve Sakoman
2025-07-30 19:05 ` [OE-core][kirkstone 07/10] gnutls: patch CVE-2025-6395 Steve Sakoman
2025-07-30 19:05 ` [OE-core][kirkstone 08/10] libxml2: patch CVE-2025-6170 Steve Sakoman
2025-07-30 19:05 ` [OE-core][kirkstone 09/10] binutils: Fix CVE-2025-7545 Steve Sakoman
2025-07-30 19:05 ` [OE-core][kirkstone 10/10] sqlite3: Fix CVE-2025-6965 Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-12-23 21:25 [OE-core][kirkstone 00/10] Patch review Steve Sakoman
2025-12-02 15:09 Steve Sakoman
2025-11-13 21:47 Steve Sakoman
2025-07-27 20:04 Steve Sakoman
2025-05-30 15:39 Steve Sakoman
2025-04-08 20:50 Steve Sakoman
2024-04-16 12:06 Steve Sakoman
2023-10-18 15:48 Steve Sakoman
2023-10-03 19:36 Steve Sakoman
2023-08-03 14:04 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1753902181.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.