From: Yoann Congal <yoann.congal@smile.fr>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/17] Patch review
Date: Mon, 16 Mar 2026 10:28:19 +0100 [thread overview]
Message-ID: <cover.1773652940.git.yoann.congal@smile.fr> (raw)
Please review this set of changes for kirkstone and have comments back by
end of day Wednesday, March 18.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/3429
This build was impacted by:
* 16185 – AB-INT: failed connections to git.yoctoproject.org https://bugzilla.yoctoproject.org/show_bug.cgi?id=16185
* https://autobuilder.yoctoproject.org/valkyrie/#/builders/6/builds/3403
* rebuilt successfully as https://autobuilder.yoctoproject.org/valkyrie/#/builders/6/builds/3404
* https://autobuilder.yoctoproject.org/valkyrie/#/builders/78/builds/3404
* rebuilt successfully as https://autobuilder.yoctoproject.org/valkyrie/#/builders/78/builds/3405
* A random network glitch on github:
* https://autobuilder.yoctoproject.org/valkyrie/#/builders/30/builds/3357
* rebuilt successfully as https://autobuilder.yoctoproject.org/valkyrie/#/builders/30/builds/3360
The following changes since commit 7b6c9faa301a6d058ca34e230586f6a81ffa3ffb:
build-appliance-image: Update to kirkstone head revision (2026-02-27 15:59:49 +0000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
for you to fetch changes up to ec995339f1f4143616f1b13814899acaf137b0b5:
createrepo-c: Fix createrepo-c-native build on GCC14 hosts (e.g. Fedora 41) (2026-03-15 23:59:54 +0100)
----------------------------------------------------------------
Aleksandar Nikolic (1):
scripts/install-buildtools: Update to 4.0.33
Hitendra Prajapati (1):
libpam: fix CVE-2024-10963
Ken Kurematsu (1):
libtheora: set CVE_PRODUCT
Martin Jansa (2):
libpam: re-add missing libgen include
lsb.py: strip ' from os-release file
Peter Marko (7):
alsa-lib: patch CVE-2026-25068
ffmpeg: patch CVE-2025-10256
inetutils: patch CVE-2026-28372
busybox: patch CVE-2025-60876
tiff: patch CVE-2025-61143
tiff: patch CVE-2025-61144
tiff: set status of CVE-2025-61145 as fixed by patch for CVE-2025-8961
Shaik Moin (1):
gdk-pixbuf: Fix CVE-2025-6199
Vijay Anusuri (1):
python3-pip: Fix CVE-2026-1703
Yoann Congal (3):
gtk+3: fix incompatible-pointer-types errors for native build on
Fedora 41
libcomps: Fix libcomps-native build on GCC14 hosts (e.g. Fedora 41)
createrepo-c: Fix createrepo-c-native build on GCC14 hosts (e.g.
Fedora 41)
meta/lib/oe/lsb.py | 2 +-
.../inetutils/inetutils/CVE-2026-28372.patch | 86 +++++++
.../inetutils/inetutils_2.2.bb | 1 +
.../busybox/busybox/CVE-2025-60876.patch | 38 +++
meta/recipes-core/busybox/busybox_1.35.0.bb | 1 +
...-proper-cast-for-PyMethodDef.ml_meth.patch | 41 ++++
.../createrepo-c/createrepo-c_0.19.0.bb | 1 +
...orrect-variable-for-category-and-env.patch | 48 ++++
.../libcomps/libcomps_0.1.18.bb | 1 +
.../python/python3-pip/CVE-2026-1703.patch | 37 +++
.../python/python3-pip_22.0.3.bb | 1 +
.../pam/libpam/CVE-2024-10963.patch | 229 ++++++++++++++++++
.../pam/libpam/CVE-2025-6020-01.patch | 4 +-
meta/recipes-extended/pam/libpam_1.5.2.bb | 1 +
.../gdk-pixbuf/gdk-pixbuf/CVE-2025-6199.patch | 36 +++
.../gdk-pixbuf/gdk-pixbuf_2.42.10.bb | 1 +
...-type-when-calling-GtkWidget-methods.patch | 28 +++
...ests-Add-GdkEvent-casts-in-testinput.patch | 48 ++++
meta/recipes-gnome/gtk+/gtk+3_3.24.34.bb | 2 +
.../alsa/alsa-lib/CVE-2026-25068.patch | 34 +++
.../alsa/alsa-lib_1.2.6.1.bb | 1 +
.../ffmpeg/ffmpeg/CVE-2025-10256.patch | 31 +++
.../recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb | 1 +
.../libtheora/libtheora_1.1.1.bb | 2 +
.../libtiff/tiff/CVE-2025-61143.patch | 44 ++++
.../libtiff/tiff/CVE-2025-61144.patch | 27 +++
.../libtiff/tiff/CVE-2025-8961.patch | 1 +
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 2 +
scripts/install-buildtools | 4 +-
29 files changed, 748 insertions(+), 5 deletions(-)
create mode 100644 meta/recipes-connectivity/inetutils/inetutils/CVE-2026-28372.patch
create mode 100644 meta/recipes-core/busybox/busybox/CVE-2025-60876.patch
create mode 100644 meta/recipes-devtools/createrepo-c/createrepo-c/0001-Use-proper-cast-for-PyMethodDef.ml_meth.patch
create mode 100644 meta/recipes-devtools/libcomps/libcomps/0001-Fix-build-use-correct-variable-for-category-and-env.patch
create mode 100644 meta/recipes-devtools/python/python3-pip/CVE-2026-1703.patch
create mode 100644 meta/recipes-extended/pam/libpam/CVE-2024-10963.patch
create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2025-6199.patch
create mode 100644 meta/recipes-gnome/gtk+/gtk+3/0001-Use-the-right-type-when-calling-GtkWidget-methods.patch
create mode 100644 meta/recipes-gnome/gtk+/gtk+3/0002-tests-Add-GdkEvent-casts-in-testinput.patch
create mode 100644 meta/recipes-multimedia/alsa/alsa-lib/CVE-2026-25068.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-10256.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2025-61143.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2025-61144.patch
next reply other threads:[~2026-03-16 9:30 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-16 9:28 Yoann Congal [this message]
2026-03-16 9:28 ` [OE-core][kirkstone 01/17] libtheora: set CVE_PRODUCT Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 02/17] alsa-lib: patch CVE-2026-25068 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 03/17] gdk-pixbuf: Fix CVE-2025-6199 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 04/17] ffmpeg: patch CVE-2025-10256 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 05/17] inetutils: patch CVE-2026-28372 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 06/17] busybox: patch CVE-2025-60876 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 07/17] tiff: patch CVE-2025-61143 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 08/17] tiff: patch CVE-2025-61144 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 09/17] tiff: set status of CVE-2025-61145 as fixed by patch for CVE-2025-8961 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 10/17] gtk+3: fix incompatible-pointer-types errors for native build on Fedora 41 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 11/17] libpam: fix CVE-2024-10963 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 12/17] libpam: re-add missing libgen include Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 13/17] lsb.py: strip ' from os-release file Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 14/17] python3-pip: Fix CVE-2026-1703 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 15/17] scripts/install-buildtools: Update to 4.0.33 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 16/17] libcomps: Fix libcomps-native build on GCC14 hosts (e.g. Fedora 41) Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 17/17] createrepo-c: Fix createrepo-c-native " Yoann Congal
-- strict thread matches above, loose matches on Subject: below --
2023-09-28 2:48 [OE-core][kirkstone 00/17] Patch review Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1773652940.git.yoann.congal@smile.fr \
--to=yoann.congal@smile.fr \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.