[OE-core][scarthgap 00/18] Patch review

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 00/18] Patch review
Date: Thu,  9 Oct 2025 19:50:19 -0700	[thread overview]
Message-ID: <cover.1760064493.git.steve@sakoman.com> (raw)

Please review this set of changes for scarthgap and have comments back by
end of day Monday, October 13

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2553

The following changes since commit 2696c50af9946f425ccaf7d0e7e0eb3fd87c36bb:

  expect: fix native build with GCC 15 (2025-10-02 08:40:43 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Aleksandar Nikolic (1):
  scripts/install-buildtools: Update to 5.0.12

Archana Polampalli (1):
  go: fix CVE-2025-47906

Deepesh Varatharajan (1):
  glibc: stable 2.39 branch updates

Gyorgy Sarvari (1):
  conf/bitbake.conf: use gnu mirror instead of main server

Hitendra Prajapati (1):
  grub2: mark CVE-2024-2312 as not applicable

Peter Marko (10):
  busybox: patch CVE-2025-46394
  gstreamer1.0: ignore CVEs fixed in plugins
  gstreamer1.0: ignore CVE-2025-2759
  ghostscript: patch CVE-2025-59798
  ghostscript: patch CVE-2025-59799
  ghostscript: patch CVE-2025-59800
  expat: follow-up for CVE-2024-8176
  tiff: ignore 5 CVEs
  ffmpeg: ignore 8 CVEs fixed in 6.1.1 and 6.1.3 releases
  openssl: upgrade 3.2.4 -> 3.2.6

Ross Burton (1):
  pulseaudio: ignore CVE-2024-11586

Steve Sakoman (2):
  selftest/cases/meta_ide.py: use use gnu mirror instead of main server
  oeqa/sdk/cases/buildcpio.py: use gnu mirror instead of main server

 meta/conf/bitbake.conf                        |    2 +-
 meta/lib/oeqa/sdk/cases/buildcpio.py          |    2 +-
 meta/lib/oeqa/selftest/cases/meta_ide.py      |    2 +-
 meta/recipes-bsp/grub/grub2.inc               |    1 +
 .../openssl/openssl/CVE-2025-27587-1.patch    | 1918 -----------------
 .../openssl/openssl/CVE-2025-27587-2.patch    |  129 --
 .../{openssl_3.2.4.bb => openssl_3.2.6.bb}    |    4 +-
 .../busybox/busybox/CVE-2025-46394-01.patch   |   57 +
 .../busybox/busybox/CVE-2025-46394-02.patch   |   32 +
 meta/recipes-core/busybox/busybox_1.36.1.bb   |    2 +
 .../expat/expat/CVE-2024-8176-03.patch        |   35 +
 .../expat/expat/CVE-2024-8176-04.patch        |  115 +
 .../expat/expat/CVE-2024-8176-05.patch        |   78 +
 meta/recipes-core/expat/expat_2.6.4.bb        |    3 +
 meta/recipes-core/glibc/glibc-version.inc     |    4 +-
 meta/recipes-devtools/go/go-1.22.12.inc       |    1 +
 .../go/go/CVE-2025-47906.patch                |  183 ++
 .../ghostscript/CVE-2025-59798.patch          |  134 ++
 .../ghostscript/CVE-2025-59799.patch          |   41 +
 .../ghostscript/CVE-2025-59800.patch          |   36 +
 .../ghostscript/ghostscript_10.05.1.bb        |    3 +
 .../recipes-multimedia/ffmpeg/ffmpeg_6.1.3.bb |    4 +
 .../gstreamer/gstreamer1.0_1.22.12.bb         |   19 +-
 meta/recipes-multimedia/libtiff/tiff_4.6.0.bb |    4 +
 .../pulseaudio/pulseaudio.inc                 |    2 +
 scripts/install-buildtools                    |    4 +-
 26 files changed, 754 insertions(+), 2061 deletions(-)
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2025-27587-1.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2025-27587-2.patch
 rename meta/recipes-connectivity/openssl/{openssl_3.2.4.bb => openssl_3.2.6.bb} (98%)
 create mode 100644 meta/recipes-core/busybox/busybox/CVE-2025-46394-01.patch
 create mode 100644 meta/recipes-core/busybox/busybox/CVE-2025-46394-02.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2024-8176-03.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2024-8176-04.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2024-8176-05.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2025-47906.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-59798.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-59799.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-59800.patch

-- 
2.43.0

next             reply	other threads:[~2025-10-10  2:50 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-10-10  2:50 Steve Sakoman [this message]
2025-10-10  2:50 ` [OE-core][scarthgap 01/18] busybox: patch CVE-2025-46394 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 02/18] grub2: mark CVE-2024-2312 as not applicable Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 03/18] gstreamer1.0: ignore CVEs fixed in plugins Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 04/18] gstreamer1.0: ignore CVE-2025-2759 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 05/18] ghostscript: patch CVE-2025-59798 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 06/18] ghostscript: patch CVE-2025-59799 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 07/18] ghostscript: patch CVE-2025-59800 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 08/18] expat: follow-up for CVE-2024-8176 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 09/18] pulseaudio: ignore CVE-2024-11586 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 10/18] tiff: ignore 5 CVEs Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 11/18] ffmpeg: ignore 8 CVEs fixed in 6.1.1 and 6.1.3 releases Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 12/18] go: fix CVE-2025-47906 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 13/18] glibc: stable 2.39 branch updates Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 14/18] scripts/install-buildtools: Update to 5.0.12 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 15/18] openssl: upgrade 3.2.4 -> 3.2.6 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 16/18] conf/bitbake.conf: use gnu mirror instead of main server Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 17/18] selftest/cases/meta_ide.py: use " Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 18/18] oeqa/sdk/cases/buildcpio.py: " Steve Sakoman
2025-10-12 19:02 ` [OE-core][scarthgap 00/18] Patch review Gyorgy Sarvari
2025-10-12 19:19   ` Steve Sakoman
  -- strict thread matches above, loose matches on Subject: below --
2025-12-23 21:22 Steve Sakoman
2024-10-15 18:50 Steve Sakoman
2024-08-21 12:50 Steve Sakoman
2024-08-04 17:09 Steve Sakoman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1760064493.git.steve@sakoman.com \
    --to=steve@sakoman.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.