From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 0/8] Patch review
Date: Tue, 28 Oct 2025 06:46:10 -0700 [thread overview]
Message-ID: <cover.1761596406.git.steve@sakoman.com> (raw)
Please review this set of changes for scarthgap and have comments back by
end of day Thursday, October 30
Passed a-full on the autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2645
with the exception of the meta-aws test, which failed due to a meta-aws commit
changing the distro from poky-agl to agl
The following changes since commit 649147913e89cd8f7390cb17cd0be94c9710ffa6:
oeqa/runtime/ping: don't bother trying to ping localhost (2025-10-17 07:47:32 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut
Anders Heimer (1):
libpam: mark CVE-2025-6018 as not applicable
Daniel Semkowicz (1):
gstreamer1.0-plugins-bad: fix buffer allocation fail for v4l2codecs
Martin Jansa (1):
flex: fix build with gcc-15 on host
Matthias Schiffer (1):
curl: only set CA bundle in target build
Peter Marko (1):
expat: patch CVE-2025-59375
Rasmus Villemoes (1):
iptables: remove /etc/ethertypes
Soumya Sambu (2):
elfutils: Fix CVE-2025-1376
elfutils: Fix CVE-2025-1377
.../expat/expat/CVE-2025-59375-00.patch | 52 ++
.../expat/expat/CVE-2025-59375-01.patch | 48 ++
.../expat/expat/CVE-2025-59375-02.patch | 109 ++++
.../expat/expat/CVE-2025-59375-03.patch | 127 ++++
.../expat/expat/CVE-2025-59375-04.patch | 62 ++
.../expat/expat/CVE-2025-59375-05.patch | 64 ++
.../expat/expat/CVE-2025-59375-06.patch | 68 +++
.../expat/expat/CVE-2025-59375-07.patch | 52 ++
.../expat/expat/CVE-2025-59375-08.patch | 577 ++++++++++++++++++
.../expat/expat/CVE-2025-59375-09.patch | 43 ++
.../expat/expat/CVE-2025-59375-10.patch | 54 ++
.../expat/expat/CVE-2025-59375-11.patch | 66 ++
.../expat/expat/CVE-2025-59375-12.patch | 58 ++
.../expat/expat/CVE-2025-59375-13.patch | 309 ++++++++++
.../expat/expat/CVE-2025-59375-14.patch | 122 ++++
.../expat/expat/CVE-2025-59375-15.patch | 70 +++
.../expat/expat/CVE-2025-59375-16.patch | 146 +++++
.../expat/expat/CVE-2025-59375-17.patch | 28 +
.../expat/expat/CVE-2025-59375-18.patch | 74 +++
.../expat/expat/CVE-2025-59375-19.patch | 103 ++++
.../expat/expat/CVE-2025-59375-20.patch | 285 +++++++++
.../expat/expat/CVE-2025-59375-21.patch | 196 ++++++
.../expat/expat/CVE-2025-59375-22.patch | 37 ++
.../expat/expat/CVE-2025-59375-23.patch | 47 ++
.../expat/expat/CVE-2025-59375-24.patch | 36 ++
meta/recipes-core/expat/expat_2.6.4.bb | 25 +
.../elfutils/elfutils_0.191.bb | 2 +
.../elfutils/files/CVE-2025-1376.patch | 58 ++
.../elfutils/files/CVE-2025-1377.patch | 69 +++
...01-Match-malloc-signature-to-its-use.patch | 25 +
meta/recipes-devtools/flex/flex_2.6.4.bb | 1 +
.../iptables/iptables_1.8.10.bb | 2 +
meta/recipes-extended/pam/libpam_1.5.3.bb | 2 +
...s-chain-up-to-parent-decide_allocati.patch | 87 +++
.../gstreamer1.0-plugins-bad_1.22.12.bb | 1 +
meta/recipes-support/curl/curl_8.7.1.bb | 4 +-
36 files changed, 3108 insertions(+), 1 deletion(-)
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-00.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-01.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-02.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-03.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-04.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-05.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-06.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-07.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-08.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-09.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-10.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-11.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-12.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-13.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-14.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-15.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-16.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-17.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-18.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-19.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-20.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-21.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-22.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-23.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-24.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2025-1376.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2025-1377.patch
create mode 100644 meta/recipes-devtools/flex/flex/0001-Match-malloc-signature-to-its-use.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad/0005-v4l2codecs-Always-chain-up-to-parent-decide_allocati.patch
--
2.43.0
next reply other threads:[~2025-10-28 13:46 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-28 13:46 Steve Sakoman [this message]
2025-10-28 13:46 ` [OE-core][scarthgap 1/8] libpam: mark CVE-2025-6018 as not applicable Steve Sakoman
2025-10-28 13:46 ` [OE-core][scarthgap 2/8] expat: patch CVE-2025-59375 Steve Sakoman
2025-10-28 13:46 ` [OE-core][scarthgap 3/8] elfutils: Fix CVE-2025-1376 Steve Sakoman
2025-10-28 13:46 ` [OE-core][scarthgap 4/8] elfutils: Fix CVE-2025-1377 Steve Sakoman
2025-10-28 13:46 ` [OE-core][scarthgap 5/8] flex: fix build with gcc-15 on host Steve Sakoman
2025-10-28 13:46 ` [OE-core][scarthgap 6/8] gstreamer1.0-plugins-bad: fix buffer allocation fail for v4l2codecs Steve Sakoman
2025-10-28 13:46 ` [OE-core][scarthgap 7/8] iptables: remove /etc/ethertypes Steve Sakoman
2025-10-28 13:46 ` [OE-core][scarthgap 8/8] curl: only set CA bundle in target build Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2026-05-08 6:25 [OE-core][scarthgap 0/8] Patch review Yoann Congal
2025-12-02 22:19 Steve Sakoman
2025-10-03 16:47 Steve Sakoman
2025-09-17 20:04 Steve Sakoman
2025-06-17 16:04 Steve Sakoman
2025-05-09 15:45 Steve Sakoman
2025-04-11 20:33 Steve Sakoman
2025-01-23 2:59 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1761596406.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.