From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 00/33] Patch review
Date: Wed, 27 Aug 2025 14:29:07 -0700 [thread overview]
Message-ID: <cover.1756329972.git.steve@sakoman.com> (raw)
Please review this set of changes for scarthgap and have comments back by
end of day Friday, August 29
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/2277
The following changes since commit 93c7489d843a0e46fe4fc685b356d0ae885300d7:
build-appliance-image: Update to scarthgap head revision (2025-08-22 06:02:51 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut
Archana Polampalli (3):
go: fix CVE-2025-4674
ffmpeg: upgrade 6.1.2 -> 6.1.3
ffmpeg: fix CVE-2025-1594
Hitendra Prajapati (1):
gstreamer1.0-plugins-base: fix CVE-2025-47807
Jiaying Song (1):
ruby-ptest : some ptest fixes
Khem Raj (9):
ncurses: Pin to C17 standard
unzip: Fix build with GCC-15
m4: Stick to C17 standard
gmp: Fix build with GCC15/C23
gmp: Fix build with older gcc versions
gdbm: Use C11 standard
unifdef: Don't use C23 constexpr keyword
libtirpc: Fix build with gcc-15/C23
cpio: Pin to use C17 std
Martin Jansa (8):
cmake: fix build with gcc-15 on host
git: fix build with gcc-15 on host
pkgconfig: fix build with gcc-15
libgpg-error: fix build with gcc-15
rust-llvm: fix build with gcc-15
elfutils: fix build with gcc-15
binutils: fix build with gcc-15
dbus-glib: fix build with gcc-15
Michael Halstead (2):
yocto-uninative: Update to 4.8 for GCC 15.1
yocto-uninative: Update to 4.9 for glibc 2.42
Peter Marko (8):
qemu: set status of CVE-2024-7730 to fixed
go-binary-native: ignore CVE-2025-0913
glib-2.0: patch CVE-2025-7039
glib-2.0: patch CVE-2025-6052
dpkg: patch CVE-2025-6297
libarchive: patch regression of patch for CVE-2025-5918
vim: upgrade 9.1.1198 -> 9.1.1652
sudo: remove devtool FIXME comment
Praveen Kumar (1):
go: fix CVE-2025-47907
meta/conf/distro/include/yocto-uninative.inc | 10 +-
.../dbus-glib/fix-build-with-gcc-15.patch | 37 +
meta/recipes-core/dbus/dbus-glib_0.112.bb | 1 +
.../glib-2.0/glib-2.0/CVE-2025-6052-01.patch | 69 ++
.../glib-2.0/glib-2.0/CVE-2025-6052-02.patch | 97 +++
.../glib-2.0/glib-2.0/CVE-2025-6052-03.patch | 35 +
.../glib-2.0/glib-2.0/CVE-2025-7039.patch | 43 +
meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb | 4 +
meta/recipes-core/ncurses/ncurses.inc | 4 +
.../binutils/binutils-2.42.inc | 4 +
...nu23-compatibility-wrt-static_assert.patch | 89 ++
...ngs-when-building-gprofng-with-Clang.patch | 767 ++++++++++++++++++
...gnu23-compatibility-wrt-unprototyped.patch | 606 ++++++++++++++
...021-gprofng-fix-build-with-std-gnu23.patch | 196 +++++
meta/recipes-devtools/cmake/cmake.inc | 1 +
.../0001-cppdap-fix-build-with-gcc-15.patch | 30 +
.../dpkg/dpkg/CVE-2025-6297.patch | 125 +++
meta/recipes-devtools/dpkg/dpkg_1.22.0.bb | 1 +
.../elfutils/elfutils_0.191.bb | 1 +
.../files/0007-Fix-build-with-gcc-15.patch | 72 ++
...ndex-pack-rename-struct-thread_local.patch | 67 ++
.../git/0001-reflog-rename-unreachable.patch | 40 +
meta/recipes-devtools/git/git_2.44.4.bb | 2 +
meta/recipes-devtools/go/go-1.22.12.inc | 3 +
.../go/go-binary-native_1.22.12.bb | 1 +
.../go/go/CVE-2025-4674.patch | 332 ++++++++
.../go/go/CVE-2025-47907-pre.patch | 233 ++++++
.../go/go/CVE-2025-47907.patch | 328 ++++++++
meta/recipes-devtools/m4/m4-1.4.19.inc | 3 +
...0001-Do-not-use-bool-as-a-field-name.patch | 36 +
.../pkgconfig/pkgconfig_git.bb | 1 +
meta/recipes-devtools/qemu/qemu.inc | 2 +
..._rm_r_no_permissions-test-under-root.patch | 30 +
meta/recipes-devtools/ruby/ruby/run-ptest | 2 +-
meta/recipes-devtools/ruby/ruby_3.3.5.bb | 7 +-
...36-Add-cstdint-to-SmallVector-101761.patch | 28 +
...cstdint-in-AMDGPUMCTargetDesc-101766.patch | 23 +
...-include-to-X86MCTargetDesc.h-123320.patch | 32 +
.../recipes-devtools/rust/rust-llvm_1.75.0.bb | 8 +-
...0001-Don-t-use-C23-constexpr-keyword.patch | 57 ++
meta/recipes-devtools/unifdef/unifdef_2.12.bb | 3 +-
meta/recipes-extended/cpio/cpio_2.15.bb | 3 +
.../libarchive/CVE-2025-5918-0003.patch | 51 ++
.../libarchive/libarchive_3.7.9.bb | 1 +
...rations-to-allow-compile-with-gcc-15.patch | 64 ++
...d-key_call-declarations-to-allow-com.patch | 60 ++
.../libtirpc/libtirpc_1.3.4.bb | 2 +
meta/recipes-extended/sudo/sudo_1.9.17p1.bb | 52 --
meta/recipes-extended/unzip/unzip/gcc15.patch | 18 +
meta/recipes-extended/unzip/unzip_6.0.bb | 1 +
.../ffmpeg/ffmpeg/CVE-2023-49501.patch | 30 -
.../ffmpeg/ffmpeg/CVE-2023-49502.patch | 107 ---
.../ffmpeg/ffmpeg/CVE-2023-50007.patch | 78 --
.../ffmpeg/ffmpeg/CVE-2023-50008.patch | 29 -
.../ffmpeg/ffmpeg/CVE-2024-31578.patch | 49 --
.../ffmpeg/ffmpeg/CVE-2024-31582.patch | 34 -
.../ffmpeg/ffmpeg/CVE-2024-35367.patch | 47 --
.../ffmpeg/ffmpeg/CVE-2024-35368.patch | 41 -
.../ffmpeg/ffmpeg/CVE-2025-0518.patch | 34 -
.../ffmpeg/ffmpeg/CVE-2025-1594.patch | 105 +++
.../ffmpeg/ffmpeg/CVE-2025-22919.patch | 39 -
.../{ffmpeg_6.1.2.bb => ffmpeg_6.1.3.bb} | 13 +-
.../CVE-2025-47807.patch | 49 ++
.../gstreamer1.0-plugins-base_1.22.12.bb | 1 +
meta/recipes-support/gdbm/gdbm_1.23.bb | 4 +
...n-prototype-in-acinclude.m4-for-C23-.patch | 25 +
...d-parameter-names-in-prototype-for-g.patch | 50 ++
meta/recipes-support/gmp/gmp_6.3.0.bb | 2 +
...oid-use-of-nullptr-for-an-identifier.patch | 52 ++
.../libgpg-error/libgpg-error_1.48.bb | 1 +
...src-Makefile-improve-reproducibility.patch | 10 +-
.../vim/files/disable_acl_header_check.patch | 12 +-
.../vim/files/no-path-adjust.patch | 2 +-
meta/recipes-support/vim/vim.inc | 7 +-
74 files changed, 3926 insertions(+), 577 deletions(-)
create mode 100644 meta/recipes-core/dbus/dbus-glib/fix-build-with-gcc-15.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-6052-01.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-6052-02.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-6052-03.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-7039.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0018-opcodes-fix-std-gnu23-compatibility-wrt-static_assert.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0019-Fix-32097-Warnings-when-building-gprofng-with-Clang.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0020-gprofng-fix-std-gnu23-compatibility-wrt-unprototyped.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0021-gprofng-fix-build-with-std-gnu23.patch
create mode 100644 meta/recipes-devtools/cmake/cmake/0001-cppdap-fix-build-with-gcc-15.patch
create mode 100644 meta/recipes-devtools/dpkg/dpkg/CVE-2025-6297.patch
create mode 100644 meta/recipes-devtools/elfutils/files/0007-Fix-build-with-gcc-15.patch
create mode 100644 meta/recipes-devtools/git/git/0001-index-pack-rename-struct-thread_local.patch
create mode 100644 meta/recipes-devtools/git/git/0001-reflog-rename-unreachable.patch
create mode 100644 meta/recipes-devtools/go/go/CVE-2025-4674.patch
create mode 100644 meta/recipes-devtools/go/go/CVE-2025-47907-pre.patch
create mode 100644 meta/recipes-devtools/go/go/CVE-2025-47907.patch
create mode 100644 meta/recipes-devtools/pkgconfig/pkgconfig/0001-Do-not-use-bool-as-a-field-name.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/0007-Skip-test_rm_r_no_permissions-test-under-root.patch
create mode 100644 meta/recipes-devtools/rust/rust-llvm/0036-Add-cstdint-to-SmallVector-101761.patch
create mode 100644 meta/recipes-devtools/rust/rust-llvm/0037-Include-cstdint-in-AMDGPUMCTargetDesc-101766.patch
create mode 100644 meta/recipes-devtools/rust/rust-llvm/0038-Add-missing-include-to-X86MCTargetDesc.h-123320.patch
create mode 100644 meta/recipes-devtools/unifdef/unifdef/0001-Don-t-use-C23-constexpr-keyword.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-5918-0003.patch
create mode 100644 meta/recipes-extended/libtirpc/libtirpc/0001-Update-declarations-to-allow-compile-with-gcc-15.patch
create mode 100644 meta/recipes-extended/libtirpc/libtirpc/0002-update-signal-and-key_call-declarations-to-allow-com.patch
create mode 100644 meta/recipes-extended/unzip/unzip/gcc15.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49501.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49502.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-50007.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-50008.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31578.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31582.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35367.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35368.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-0518.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-1594.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22919.patch
rename meta/recipes-multimedia/ffmpeg/{ffmpeg_6.1.2.bb => ffmpeg_6.1.3.bb} (95%)
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2025-47807.patch
create mode 100644 meta/recipes-support/gmp/gmp/0001-Complete-function-prototype-in-acinclude.m4-for-C23-.patch
create mode 100644 meta/recipes-support/gmp/gmp/0001-acinclude.m4-Add-parameter-names-in-prototype-for-g.patch
create mode 100644 meta/recipes-support/libgpg-error/libgpg-error/0001-Avoid-use-of-nullptr-for-an-identifier.patch
--
2.43.0
next reply other threads:[~2025-08-27 21:29 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-27 21:29 Steve Sakoman [this message]
2025-08-27 21:29 ` [OE-core][scarthgap 01/33] go: fix CVE-2025-4674 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 02/33] gstreamer1.0-plugins-base: fix CVE-2025-47807 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 03/33] ffmpeg: upgrade 6.1.2 -> 6.1.3 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 04/33] ffmpeg: fix CVE-2025-1594 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 05/33] go: fix CVE-2025-47907 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 06/33] ncurses: Pin to C17 standard Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 07/33] qemu: set status of CVE-2024-7730 to fixed Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 08/33] go-binary-native: ignore CVE-2025-0913 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 09/33] glib-2.0: patch CVE-2025-7039 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 10/33] glib-2.0: patch CVE-2025-6052 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 11/33] dpkg: patch CVE-2025-6297 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 12/33] libarchive: patch regression of patch for CVE-2025-5918 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 13/33] vim: upgrade 9.1.1198 -> 9.1.1652 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 14/33] cmake: fix build with gcc-15 on host Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 15/33] git: " Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 16/33] unzip: Fix build with GCC-15 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 17/33] m4: Stick to C17 standard Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 18/33] gmp: Fix build with GCC15/C23 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 19/33] gmp: Fix build with older gcc versions Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 20/33] gdbm: Use C11 standard Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 21/33] unifdef: Don't use C23 constexpr keyword Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 22/33] pkgconfig: fix build with gcc-15 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 23/33] libgpg-error: " Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 24/33] rust-llvm: " Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 25/33] libtirpc: Fix build with gcc-15/C23 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 26/33] elfutils: fix build with gcc-15 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 27/33] binutils: " Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 28/33] dbus-glib: " Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 29/33] yocto-uninative: Update to 4.8 for GCC 15.1 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 30/33] yocto-uninative: Update to 4.9 for glibc 2.42 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 31/33] cpio: Pin to use C17 std Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 32/33] ruby-ptest : some ptest fixes Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 33/33] sudo: remove devtool FIXME comment Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1756329972.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.