[OE-core][scarthgap 00/19] Patch review

[Steve Sakoman <steve@sakoman.com>]

Please review this set of changes for scarthgap and have comments back by
end of day Thursday, September 13

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2708

The following changes since commit 06d4981313ce67a8d53b1c14be9845b4b5a9f4cf:

  perf: add arm64 source files for unistd_64.h (2025-11-03 07:45:57 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Alexander Kanavin (3):
  ca-certificates: get sources from debian tarballs
  ca-certificates: submit sysroot patch upstream, drop
    default-sysroot.patch
  xf86-video-intel: correct SRC_URI as freedesktop anongit is down

Ankur Tyagi (2):
  webkitgtk: upgrade 2.44.3 -> 2.44.4
  wireless-regdb: upgrade 2024.10.07 -> 2025.10.07

Archana Polampalli (7):
  go: fix CVE-2025-58185
  go: fix CVE-2025-58187
  go: fix CVE-2025-58188
  go: fix CVE-2025-58189
  go: fix CVE-2025-47912
  go: fix CVE-2025-61723
  go: fix CVE-2025-61724

Gyorgy Sarvari (1):
  ca-certificates: fix on-target postinstall script

Peter Marko (1):
  curl: ignore CVE-2025-10966

Richard Purdie (2):
  ca-certificates: upgrade 20240203 -> 20241223
  oeqa/selftest/devtool: Update after upstream repo changes

Theodore A. Roth (2):
  ca-certificates: update 20211016 -> 20240203
  ca-certificates: Add comment for provenance of SRCREV

Wang Mingyu (1):
  ca-certificates: upgrade 20241223 -> 20250419

 meta/lib/oeqa/selftest/cases/devtool.py       |   8 +-
 meta/recipes-devtools/go/go-1.22.12.inc       |   7 +
 .../go/go/CVE-2025-47912.patch                | 226 ++++++++++++
 .../go/go/CVE-2025-58185.patch                | 142 +++++++
 .../go/go/CVE-2025-58187.patch                | 349 ++++++++++++++++++
 .../go/go/CVE-2025-58188.patch                | 194 ++++++++++
 .../go/go/CVE-2025-58189.patch                |  50 +++
 .../go/go/CVE-2025-61723.patch                | 223 +++++++++++
 .../go/go/CVE-2025-61724.patch                |  75 ++++
 .../xorg-driver/xf86-video-intel_git.bb       |   2 +-
 ....10.07.bb => wireless-regdb_2025.10.07.bb} |   2 +-
 ...ebkitgtk_2.44.3.bb => webkitgtk_2.44.4.bb} |   2 +-
 ...ertdata2pem.py-print-a-warning-for-e.patch |  21 +-
 ...icates-don-t-use-Debianisms-in-run-p.patch |  20 +-
 ...2-update-ca-certificates-use-SYSROOT.patch |  46 ---
 ...icates-use-relative-symlinks-from-ET.patch |  18 +-
 .../ca-certificates/default-sysroot.patch     |  50 ---
 ...0211016.bb => ca-certificates_20250419.bb} |  19 +-
 meta/recipes-support/curl/curl_8.7.1.bb       |   1 +
 19 files changed, 1311 insertions(+), 144 deletions(-)
 create mode 100644 meta/recipes-devtools/go/go/CVE-2025-47912.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2025-58185.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2025-58187.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2025-58188.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2025-58189.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2025-61723.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2025-61724.patch
 rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2024.10.07.bb => wireless-regdb_2025.10.07.bb} (94%)
 rename meta/recipes-sato/webkit/{webkitgtk_2.44.3.bb => webkitgtk_2.44.4.bb} (98%)
 delete mode 100644 meta/recipes-support/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch
 delete mode 100644 meta/recipes-support/ca-certificates/ca-certificates/default-sysroot.patch
 rename meta/recipes-support/ca-certificates/{ca-certificates_20211016.bb => ca-certificates_20250419.bb} (84%)

-- 
2.43.0