From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 0/6] Patch review
Date: Wed, 29 Oct 2025 13:11:49 -0700 [thread overview]
Message-ID: <cover.1761768602.git.steve@sakoman.com> (raw)
Please review this set of changes for scarthgap and have comments back by
end of day Friday, October 31
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2655
The following changes since commit 0f98fecda8a0436f760e6fd9f3b7eb510e5258b8:
curl: only set CA bundle in target build (2025-10-24 06:41:43 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut
David Nyström (1):
lz4: fix CVE-2025-62813
Hongxu Jia (1):
u-boot: fix CVE-2024-42040
Praveen Kumar (1):
bind: upgrade 9.18.33 -> 9.18.41
Yash Shinde (2):
binutils: fix CVE-2025-11081
binutils: fix CVE-2025-8225
Yogita Urade (1):
tiff: ignore CVE-2025-8961
.../u-boot/files/CVE-2024-42040.patch | 56 +++++++++++++
meta/recipes-bsp/u-boot/u-boot-common.inc | 1 +
.../bind/{bind_9.18.33.bb => bind_9.18.41.bb} | 2 +-
.../binutils/binutils-2.42.inc | 2 +
.../binutils/0026-CVE-2025-11081.patch | 84 +++++++++++++++++++
.../binutils/0027-CVE-2025-8225.patch | 47 +++++++++++
meta/recipes-multimedia/libtiff/tiff_4.6.0.bb | 2 +-
.../lz4/files/CVE-2025-62813.patch | 73 ++++++++++++++++
meta/recipes-support/lz4/lz4_1.9.4.bb | 5 +-
9 files changed, 268 insertions(+), 4 deletions(-)
create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2024-42040.patch
rename meta/recipes-connectivity/bind/{bind_9.18.33.bb => bind_9.18.41.bb} (97%)
create mode 100644 meta/recipes-devtools/binutils/binutils/0026-CVE-2025-11081.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0027-CVE-2025-8225.patch
create mode 100644 meta/recipes-support/lz4/files/CVE-2025-62813.patch
--
2.43.0
next reply other threads:[~2025-10-29 20:12 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-29 20:11 Steve Sakoman [this message]
2025-10-29 20:11 ` [OE-core][scarthgap 1/6] lz4: fix CVE-2025-62813 Steve Sakoman
2025-10-29 20:11 ` [OE-core][scarthgap 2/6] binutils: fix CVE-2025-11081 Steve Sakoman
2025-10-29 20:11 ` [OE-core][scarthgap 3/6] binutils: fix CVE-2025-8225 Steve Sakoman
2025-10-29 20:11 ` [OE-core][scarthgap 4/6] u-boot: fix CVE-2024-42040 Steve Sakoman
2025-10-29 20:11 ` [OE-core][scarthgap 5/6] tiff: ignore CVE-2025-8961 Steve Sakoman
2025-10-29 20:11 ` [OE-core][scarthgap 6/6] bind: upgrade 9.18.33 -> 9.18.41 Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-04-16 20:14 [OE-core][scarthgap 0/6] Patch review Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1761768602.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.