From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 0/9] Patch review
Date: Tue, 25 Nov 2025 12:54:43 -0800 [thread overview]
Message-ID: <cover.1764103986.git.steve@sakoman.com> (raw)
Please review this set of changes for kirkstone and have comments back by
end of day Thursday, November 27
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2776
The following changes since commit ff72b41a3f0bf1820405b8782f0d125cd10e3406:
oe-build-perf-report: relax metadata matching rules (2025-11-19 08:28:19 -0800)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Divya Chellam (3):
ruby: fix CVE-2024-35176
ruby: fix CVE-2024-39908
ruby: fix CVE-2024-41123
Gyorgy Sarvari (1):
flac: patch seeking bug
Peter Marko (3):
libarchive: patch 3.8.3 security issue 1
libarchive: patch 3.8.3 security issue 2
libarchive: patch CVE-2025-60753
Praveen Kumar (1):
python3: fix CVE-2025-6075
Vijay Anusuri (1):
python3-idna: Fix CVE-2024-3651
.../python/python3-idna/CVE-2024-3651.patch | 2484 +++++++++++++++++
.../python/python3-idna_3.3.bb | 2 +
.../python/python3/CVE-2025-6075.patch | 364 +++
.../python/python3_3.10.19.bb | 1 +
.../ruby/ruby/CVE-2024-35176.patch | 112 +
.../ruby/ruby/CVE-2024-39908-0001.patch | 46 +
.../ruby/ruby/CVE-2024-39908-0002.patch | 130 +
.../ruby/ruby/CVE-2024-39908-0003.patch | 46 +
.../ruby/ruby/CVE-2024-39908-0004.patch | 76 +
.../ruby/ruby/CVE-2024-39908-0005.patch | 87 +
.../ruby/ruby/CVE-2024-39908-0006.patch | 44 +
.../ruby/ruby/CVE-2024-39908-0007.patch | 44 +
.../ruby/ruby/CVE-2024-39908-0008.patch | 44 +
.../ruby/ruby/CVE-2024-39908-0009.patch | 36 +
.../ruby/ruby/CVE-2024-39908-0010.patch | 53 +
.../ruby/ruby/CVE-2024-39908-0011.patch | 35 +
.../ruby/ruby/CVE-2024-39908-0012.patch | 36 +
.../ruby/ruby/CVE-2024-41123-0001.patch | 44 +
.../ruby/ruby/CVE-2024-41123-0002.patch | 37 +
.../ruby/ruby/CVE-2024-41123-0003.patch | 55 +
.../ruby/ruby/CVE-2024-41123-0004.patch | 163 ++
.../ruby/ruby/CVE-2024-41123-0005.patch | 111 +
meta/recipes-devtools/ruby/ruby_3.1.3.bb | 18 +
...ax-path-length-metadata-writing-2243.patch | 30 +
...request-2696-from-al3xtjames-mkstemp.patch | 28 +
...st-2749-from-KlaraSystems-des-tempdi.patch | 183 ++
...st-2753-from-KlaraSystems-des-temp-f.patch | 190 ++
...-request-2768-from-Commandoss-master.patch | 28 +
.../libarchive/CVE-2025-60753.patch | 76 +
.../libarchive/libarchive_3.6.2.bb | 6 +
.../flac/files/0001-Fix-seeking-bug.patch | 34 +
meta/recipes-multimedia/flac/flac_1.3.4.bb | 3 +-
32 files changed, 4645 insertions(+), 1 deletion(-)
create mode 100644 meta/recipes-devtools/python/python3-idna/CVE-2024-3651.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2025-6075.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-35176.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-39908-0001.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-39908-0002.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-39908-0003.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-39908-0004.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-39908-0005.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-39908-0006.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-39908-0007.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-39908-0008.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-39908-0009.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-39908-0010.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-39908-0011.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-39908-0012.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-41123-0001.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-41123-0002.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-41123-0003.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-41123-0004.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-41123-0005.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/0001-Fix-max-path-length-metadata-writing-2243.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/0001-Merge-pull-request-2696-from-al3xtjames-mkstemp.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/0001-Merge-pull-request-2749-from-KlaraSystems-des-tempdi.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/0001-Merge-pull-request-2753-from-KlaraSystems-des-temp-f.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/0001-Merge-pull-request-2768-from-Commandoss-master.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-60753.patch
create mode 100644 meta/recipes-multimedia/flac/files/0001-Fix-seeking-bug.patch
--
2.43.0
next reply other threads:[~2025-11-25 20:55 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-25 20:54 Steve Sakoman [this message]
2025-11-25 20:54 ` [OE-core][kirkstone 1/9] python3-idna: Fix CVE-2024-3651 Steve Sakoman
2025-11-25 20:54 ` [OE-core][kirkstone 2/9] ruby: fix CVE-2024-35176 Steve Sakoman
2025-11-25 20:54 ` [OE-core][kirkstone 3/9] ruby: fix CVE-2024-39908 Steve Sakoman
2025-11-25 20:54 ` [OE-core][kirkstone 4/9] ruby: fix CVE-2024-41123 Steve Sakoman
2025-11-25 20:54 ` [OE-core][kirkstone 5/9] python3: fix CVE-2025-6075 Steve Sakoman
2025-11-25 20:54 ` [OE-core][kirkstone 6/9] libarchive: patch 3.8.3 security issue 1 Steve Sakoman
2025-11-25 20:54 ` [OE-core][kirkstone 7/9] libarchive: patch 3.8.3 security issue 2 Steve Sakoman
2025-11-25 20:54 ` [OE-core][kirkstone 8/9] libarchive: patch CVE-2025-60753 Steve Sakoman
2025-11-25 20:54 ` [OE-core][kirkstone 9/9] flac: patch seeking bug Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-09-03 16:14 [OE-core][kirkstone 0/9] Patch review Steve Sakoman
2025-08-26 13:44 Steve Sakoman
2025-08-19 20:49 Steve Sakoman
2025-07-04 15:28 Steve Sakoman
2024-12-17 20:54 Steve Sakoman
2024-06-22 11:57 Steve Sakoman
2024-04-03 3:46 Steve Sakoman
2024-03-07 23:37 Steve Sakoman
2023-06-20 15:37 Steve Sakoman
2023-01-17 14:08 Steve Sakoman
2022-11-13 14:12 Steve Sakoman
2022-05-23 13:59 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1764103986.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.