From: Yoann Congal <yoann.congal@smile.fr>
To: openembedded-core@lists.openembedded.org
Cc: Paul Barker <paul@pbarker.dev>
Subject: [OE-core][scarthgap 00/17] Pull request (cover letter only)
Date: Fri, 19 Jun 2026 10:20:10 +0200 [thread overview]
Message-ID: <cover.1781856596.git.yoann.congal@smile.fr> (raw)
Those are the patches from the last patch review:
https://lore.kernel.org/openembedded-core/cover.1781682189.git.yoann.congal@smile.fr/T/#t
but I removed the kernel upgrade which created warnings[0]. I sent a fix
for it[1].
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/4033
reproducible looks broken on Ubuntu 26.04 (patches welcome!).
I retried it on a different worker:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/37/builds/4202
[0]: https://autobuilder.yoctoproject.org/valkyrie/?#/builders/60/builds/3943
[1]: https://lists.yoctoproject.org/g/linux-yocto/message/16752
The following changes since commit dd74c1388d5bfefd2adcdb6abd622297138e2eb1:
meta/lib/oe/package.py: fix path to kernel sources in save_debugsources_info (2026-06-15 11:54:08 +0200)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-next
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-next
for you to fetch changes up to d4950d6df0867dcd5c380d83ac4d138ec968e698:
python_setuptools_build_meta: clean the build directory in configure (2026-06-17 01:09:26 +0200)
----------------------------------------------------------------
Benjamin Robin (Schneider Electric) (2):
avahi: Remove a reference to the rejected CVE-2021-36217
meta: fix generation of kernel CONFIG_ in SPDX3
Hitendra Prajapati (6):
go 1.22.12: fix CVE-2026-27140
go 1.22.12: fix CVE-2026-27143, CVE-2026-27144
qemu: fix for CVE-2025-11234
libxml-parser-perl: fix for CVE-2006-10003
python3: fix for CVE-2026-1502
python3: fix CVE-2026-6100
Prabhudasu Vatala (1):
conf/machine: fix typos in ARM and x86 README files
Ross Burton (3):
setuptools3_legacy: ensure ${B} is clean
setuptools3: clean the build directory in configure
python_setuptools_build_meta: clean the build directory in configure
Vijay Anusuri (5):
xserver-xorg: Fix CVE-2026-33999
xserver-xorg: Fix CVE-2026-34000
xserver-xorg: Fix CVE-2026-34001
xserver-xorg: Fix CVE-2026-34002
xserver-xorg: Fix CVE-2026-34003
meta/classes-recipe/kernel.bbclass | 27 ++-
.../python_setuptools_build_meta.bbclass | 4 +
meta/classes-recipe/setuptools3.bbclass | 3 +
.../classes-recipe/setuptools3_legacy.bbclass | 1 +
meta/conf/machine/include/arm/README | 6 +-
meta/conf/machine/include/x86/README | 4 +-
meta/lib/oeqa/selftest/cases/spdx.py | 2 +-
.../avahi/files/local-ping.patch | 1 -
meta/recipes-devtools/go/go-1.22.12.inc | 3 +
.../go/go/CVE-2026-27140.patch | 58 +++++
.../go/go/CVE-2026-27143.patch | 165 +++++++++++++
.../go/go/CVE-2026-27144.patch | 125 ++++++++++
.../libxml-parser-perl/CVE-2006-10003.patch | 73 ++++++
.../perl/libxml-parser-perl_2.47.bb | 1 +
.../python/python3/CVE-2026-1502.patch | 113 +++++++++
.../python/python3/CVE-2026-6100.patch | 75 ++++++
.../python/python3_3.12.13.bb | 2 +
meta/recipes-devtools/qemu/qemu.inc | 2 +
.../qemu/qemu/CVE-2025-11234-01.patch | 72 ++++++
.../qemu/qemu/CVE-2025-11234-02.patch | 174 ++++++++++++++
.../xserver-xorg/CVE-2026-33999.patch | 49 ++++
.../xserver-xorg/CVE-2026-34000.patch | 72 ++++++
.../xserver-xorg/CVE-2026-34001.patch | 104 ++++++++
.../xserver-xorg/CVE-2026-34002.patch | 93 ++++++++
.../xserver-xorg/CVE-2026-34003-1.patch | 113 +++++++++
.../xserver-xorg/CVE-2026-34003-2.patch | 223 ++++++++++++++++++
.../xorg-xserver/xserver-xorg_21.1.18.bb | 6 +
27 files changed, 1552 insertions(+), 19 deletions(-)
create mode 100644 meta/recipes-devtools/go/go/CVE-2026-27140.patch
create mode 100644 meta/recipes-devtools/go/go/CVE-2026-27143.patch
create mode 100644 meta/recipes-devtools/go/go/CVE-2026-27144.patch
create mode 100644 meta/recipes-devtools/perl/libxml-parser-perl/CVE-2006-10003.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-1502.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-6100.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2025-11234-01.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2025-11234-02.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2026-33999.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2026-34000.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2026-34001.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2026-34002.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2026-34003-1.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2026-34003-2.patch
reply other threads:[~2026-06-19 8:20 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1781856596.git.yoann.congal@smile.fr \
--to=yoann.congal@smile.fr \
--cc=openembedded-core@lists.openembedded.org \
--cc=paul@pbarker.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.