From: Fabien Thomas <fabien.thomas@smile.fr>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 00/23] Patch review
Date: Tue, 5 May 2026 18:57:17 +0200 [thread overview]
Message-ID: <cover.1777995876.git.fabien.thomas@smile.fr> (raw)
Please review this set of changes for scarthgap and have comments back by
end of day Thursday, May 6.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/3774
The following changes since commit dc2df90b1d4f71023169d492f3819326e0e6c055:
liburcu: upgrade 0.14.0 -> 0.14.2 (2026-04-24 16:06:21 +0200)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut
for you to fetch changes up to 3c2f2b6f7af2bb743655859b64faae4786080cb9:
libsoup: fix CVE-2025-32049 (2026-05-05 13:01:04 +0200)
----------------------------------------------------------------
Adarsh Jagadish Kamini (2):
binutils: fix CVE-2025-69647
binutils: fix CVE-2025-69648
Bruce Ashfield (3):
linux-yocto/6.6: update to v6.6.124
linux-yocto/6.6: update to v6.6.126
linux-yocto/6.6: update to v6.6.127
Changqing Li (2):
libsoup: fix CVE-2025-14523
libsoup: fix CVE-2025-32049
Fabien Thomas (1):
ghostscript: Pin to C17 std
Himanshu Jadon (1):
apt: Add CVE_PRODUCT to support product name
Hitendra Prajapati (3):
rsync: fix for CVE-2026-41035
systemd: fix for CVE-2026-40225
systemd: fix for CVE-2026-40226
Hongxu Jia (3):
u-boot: fix CVE-2025-24857
ovmf: fix CVE-2025-2296
ovmf: fix CVE-2024-38798
Hugo SIMELIERE (3):
expat: patch CVE-2026-32776
expat: patch CVE-2026-32777
expat: patch CVE-2026-32778
Jhonata Poma-Hansen (1):
dbus: gate user-session PACKAGECONFIG on systemd in DISTRO_FEATURES
Martin Jansa (1):
ghostscript: fix build with gcc-15 on host
Sudhir Dumbhare (1):
libpng: fix CVE-2026-33636
Vijay Anusuri (2):
avahi: Fix CVE-2026-34933
gdk-pixbuf: Fix CVE-2026-5201
.../u-boot/files/CVE-2025-24857.patch | 42 +
meta/recipes-bsp/u-boot/u-boot-common.inc | 4 +-
meta/recipes-connectivity/avahi/avahi_0.8.bb | 2 +
.../avahi/files/CVE-2026-34933-1.patch | 108 +++
.../avahi/files/CVE-2026-34933-2.patch | 96 +++
meta/recipes-core/dbus/dbus_1.14.10.bb | 2 +-
.../expat/expat/CVE-2026-32776.patch | 91 +++
.../expat/expat/CVE-2026-32777-01.patch | 49 ++
.../expat/expat/CVE-2026-32777-02.patch | 66 ++
.../expat/expat/CVE-2026-32778-01.patch | 91 +++
.../expat/expat/CVE-2026-32778-02.patch | 61 ++
meta/recipes-core/expat/expat_2.6.4.bb | 5 +
...mdSev-Halt-on-failed-blob-allocation.patch | 159 ++++
.../ovmf/ovmf/CVE-2024-38798.patch | 116 +++
.../ovmf/ovmf/CVE-2025-2296-1.patch | 762 ++++++++++++++++++
.../ovmf/ovmf/CVE-2025-2296-2.patch | 175 ++++
.../ovmf/ovmf/CVE-2025-2296-3.patch | 42 +
.../ovmf/ovmf/CVE-2025-2296-4.patch | 34 +
.../ovmf/ovmf/CVE-2025-2296-5.patch | 36 +
.../ovmf/ovmf/CVE-2025-2296-6.patch | 54 ++
.../ovmf/ovmf/CVE-2025-2296-7.patch | 124 +++
.../ovmf/ovmf/CVE-2025-2296-8.patch | 125 +++
.../ovmf/ovmf/CVE-2025-2296-9.patch | 108 +++
meta/recipes-core/ovmf/ovmf_git.bb | 11 +
.../systemd/systemd/CVE-2026-40225-01.patch | 131 +++
.../systemd/systemd/CVE-2026-40225-02.patch | 39 +
.../systemd/systemd/CVE-2026-40226-01.patch | 63 ++
.../systemd/systemd/CVE-2026-40226-02.patch | 39 +
meta/recipes-core/systemd/systemd_255.21.bb | 4 +
meta/recipes-devtools/apt/apt_2.6.1.bb | 3 +
.../binutils/binutils-2.42.inc | 2 +
.../binutils/binutils/CVE-2025-69647.patch | 85 ++
.../binutils/binutils/CVE-2025-69648.patch | 190 +++++
.../rsync/files/CVE-2026-41035.patch | 39 +
meta/recipes-devtools/rsync/rsync_3.2.7.bb | 1 +
...Fix-compatibility-with-C23-compilers.patch | 67 ++
.../ghostscript/ghostscript_10.05.1.bb | 3 +
.../gdk-pixbuf/gdk-pixbuf/CVE-2026-5201.patch | 44 +
.../gdk-pixbuf/gdk-pixbuf_2.42.12.bb | 1 +
.../linux/linux-yocto-rt_6.6.bb | 6 +-
.../linux/linux-yocto-tiny_6.6.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_6.6.bb | 28 +-
.../libpng/files/CVE-2026-33636.patch | 99 +++
.../libpng/libpng_1.6.42.bb | 1 +
.../libsoup-3.4.4/CVE-2025-14523.patch | 715 ++++++++++++++++
.../libsoup-3.4.4/CVE-2025-32049-1.patch | 229 ++++++
.../libsoup-3.4.4/CVE-2025-32049-2.patch | 34 +
.../libsoup-3.4.4/CVE-2025-32049-3.patch | 134 +++
.../libsoup-3.4.4/CVE-2025-32049-4.patch | 292 +++++++
meta/recipes-support/libsoup/libsoup_3.4.4.bb | 5 +
50 files changed, 4601 insertions(+), 22 deletions(-)
create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2025-24857.patch
create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2026-34933-1.patch
create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2026-34933-2.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2026-32776.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2026-32777-01.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2026-32777-02.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2026-32778-01.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2026-32778-02.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/0001-AmdSev-Halt-on-failed-blob-allocation.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2024-38798.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2025-2296-1.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2025-2296-2.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2025-2296-3.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2025-2296-4.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2025-2296-5.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2025-2296-6.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2025-2296-7.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2025-2296-8.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2025-2296-9.patch
create mode 100644 meta/recipes-core/systemd/systemd/CVE-2026-40225-01.patch
create mode 100644 meta/recipes-core/systemd/systemd/CVE-2026-40225-02.patch
create mode 100644 meta/recipes-core/systemd/systemd/CVE-2026-40226-01.patch
create mode 100644 meta/recipes-core/systemd/systemd/CVE-2026-40226-02.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-69647.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-69648.patch
create mode 100644 meta/recipes-devtools/rsync/files/CVE-2026-41035.patch
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/0001-Bug-708160-Fix-compatibility-with-C23-compilers.patch
create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2026-5201.patch
create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2026-33636.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-14523.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32049-1.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32049-2.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32049-3.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32049-4.patch
next reply other threads:[~2026-05-05 16:58 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-05 16:57 Fabien Thomas [this message]
2026-05-05 16:57 ` [OE-core][scarthgap 01/23] libpng: fix CVE-2026-33636 Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 02/23] binutils: fix CVE-2025-69647 Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 03/23] binutils: fix CVE-2025-69648 Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 04/23] dbus: gate user-session PACKAGECONFIG on systemd in DISTRO_FEATURES Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 05/23] expat: patch CVE-2026-32776 Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 06/23] expat: patch CVE-2026-32777 Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 07/23] expat: patch CVE-2026-32778 Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 08/23] linux-yocto/6.6: update to v6.6.124 Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 09/23] linux-yocto/6.6: update to v6.6.126 Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 10/23] linux-yocto/6.6: update to v6.6.127 Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 11/23] rsync: fix for CVE-2026-41035 Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 12/23] u-boot: fix CVE-2025-24857 Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 13/23] ovmf: fix CVE-2025-2296 Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 14/23] ovmf: fix CVE-2024-38798 Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 15/23] apt: Add CVE_PRODUCT to support product name Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 16/23] avahi: Fix CVE-2026-34933 Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 17/23] gdk-pixbuf: Fix CVE-2026-5201 Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 18/23] ghostscript: Pin to C17 std Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 19/23] ghostscript: fix build with gcc-15 on host Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 20/23] systemd: fix for CVE-2026-40225 Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 21/23] systemd: fix for CVE-2026-40226 Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 22/23] libsoup: fix CVE-2025-14523 Fabien Thomas
2026-05-05 16:57 ` [OE-core][scarthgap 23/23] libsoup: fix CVE-2025-32049 Fabien Thomas
[not found] <18ACB9D86B39B3E5.2281050@lists.openembedded.org>
2026-05-05 17:10 ` [OE-core][scarthgap 00/23] Patch review Fabien Thomas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1777995876.git.fabien.thomas@smile.fr \
--to=fabien.thomas@smile.fr \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.