All of lore.kernel.org
 help / color / mirror / Atom feed
From: Yoann Congal <yoann.congal@smile.fr>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 00/19] Patch review
Date: Mon, 29 Jun 2026 16:19:45 +0200	[thread overview]
Message-ID: <cover.1782742373.git.yoann.congal@smile.fr> (raw)

Please review this set of changes for scarthgap and have comments back by
end of day Wednesday, July 1.

Some patches are aimed at progressing toward Ubuntu 26.04 support:
* gawk: use native gawk when building glibc and grub
* grub/glibc: Bump versions to resolve hashequiv/reproducibility issues
* gawk: trim native build configuration
* gawk-native: fix gcc-15/C23 compilation issues

Improving the NVD CVE data fetching:
* cve-update-nvd2-native: allow setting resultsPerPage
  NOTE: This patch does not exist in more recent branches
		(cve-update-nvd2-native was drop in favor of git based fetching)

Move away from /git/ in URLs for oe/yp.org servers:
* oeqa: Drop /git/ from our urls
* recipetool: Recognise https://git. as git urls

Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/4103

The following changes since commit 737293bead3e7b994347e47f09bc69437479d50c:

  linux-yocto/6.6: address ltp hang (2026-06-23 20:33:35 +0200)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-review
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-review

for you to fetch changes up to 54ce24005721f5c82d42242524eaed93c8cbeafa:

  recipetool: Recognise https://git. as git urls (2026-06-29 11:31:24 +0200)

----------------------------------------------------------------

Alexander Kanavin (1):
  gawk: use native gawk when building glibc and grub

Amaury Couderc (1):
  python3: fix CVE-2026-4224

Anil Dongare (1):
  libusb1: fix CVE-2026-23679 and CVE-2026-47104

Awais B (1):
  cve-update-nvd2-native: allow setting resultsPerPage

Harish Sadineni (1):
  binutils: Fix for CVE-2025-69648 and CVE-2025-69646

Hitendra Prajapati (2):
  libsoup: fix for CVE-2025-11021
  libsoup: fix for CVE-2026-2369

Richard Purdie (3):
  grub/glibc: Bump versions to resolve hashequiv/reproducibility issues
  oeqa: Drop /git/ from our urls
  recipetool: Recognise https://git. as git urls

Ross Burton (1):
  gawk: trim native build configuration

Sudhir Dumbhare (1):
  nfs-utils: fix CVE-2025-12801

Theo Gaige (Schneider Electric) (1):
  go: patch CVE-2026-27145

Vijay Anusuri (5):
  xwayland: Fix CVE-2026-33999
  xwayland: Fix CVE-2026-34000
  xwayland: Fix CVE-2026-34001
  xwayland: Fix CVE-2026-34002
  xwayland: Fix CVE-2026-34003

Yoann Congal (1):
  gawk-native: fix gcc-15/C23 compilation issues

 .../recipes-test/gitrepotest/gitrepotest.bb   |   2 +-
 .../gitunpackoffline/gitunpackoffline.inc     |   4 +-
 .../lib/oeqa/manual/toaster-managed-mode.json |   6 +-
 meta/lib/oeqa/sdkext/cases/devtool.py         |   4 +-
 meta/lib/oeqa/selftest/cases/devtool.py       |   4 +-
 meta/lib/oeqa/selftest/cases/recipetool.py    |   2 +-
 meta/recipes-bsp/grub/grub2.inc               |   6 +-
 .../nfs-utils/CVE-2025-12801-build-fix.patch  |  44 ++
 .../CVE-2025-12801-dependent_p1.patch         | 450 +++++++++++++++++
 .../CVE-2025-12801-dependent_p2.patch         |  81 +++
 .../CVE-2025-12801-dependent_p3.patch         | 181 +++++++
 .../CVE-2025-12801-dependent_p4.patch         | 468 ++++++++++++++++++
 .../nfs-utils/nfs-utils/CVE-2025-12801.patch  | 254 ++++++++++
 .../nfs-utils/nfs-utils_2.6.4.bb              |   6 +
 meta/recipes-core/glibc/glibc.inc             |   6 +-
 .../meta/cve-update-nvd2-native.bb            |  13 +
 .../binutils/binutils-2.42.inc                |   2 +-
 ...ch => CVE-2025-69646_CVE-2025-69648.patch} |   2 +-
 meta/recipes-devtools/go/go-1.22.12.inc       |   1 +
 .../go/go/CVE-2026-27145.patch                |  96 ++++
 .../python/python3/CVE-2026-4224.patch        | 121 +++++
 .../python/python3_3.12.13.bb                 |   1 +
 .../0001-Fix-some-C23-compilatio-issues.patch |  35 ++
 meta/recipes-extended/gawk/gawk_5.3.0.bb      |  15 +-
 .../xwayland/xwayland/CVE-2026-33999.patch    |  49 ++
 .../xwayland/xwayland/CVE-2026-34000.patch    |  72 +++
 .../xwayland/xwayland/CVE-2026-34001.patch    | 104 ++++
 .../xwayland/xwayland/CVE-2026-34002.patch    |  93 ++++
 .../xwayland/xwayland/CVE-2026-34003-1.patch  | 113 +++++
 .../xwayland/xwayland/CVE-2026-34003-2.patch  | 223 +++++++++
 .../xwayland/xwayland_23.2.5.bb               |   6 +
 .../libsoup-3.4.4/CVE-2025-11021.patch        |  57 +++
 .../libsoup/libsoup-3.4.4/CVE-2026-2369.patch |  32 ++
 meta/recipes-support/libsoup/libsoup_3.4.4.bb |   2 +
 ...-2026-23679_CVE-2026-47104-dependent.patch |  46 ++
 .../CVE-2026-23679_CVE-2026-47104.patch       |  88 ++++
 meta/recipes-support/libusb/libusb1_1.0.27.bb |   2 +
 scripts/lib/recipetool/create.py              |   2 +-
 38 files changed, 2676 insertions(+), 17 deletions(-)
 create mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/CVE-2025-12801-build-fix.patch
 create mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/CVE-2025-12801-dependent_p1.patch
 create mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/CVE-2025-12801-dependent_p2.patch
 create mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/CVE-2025-12801-dependent_p3.patch
 create mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/CVE-2025-12801-dependent_p4.patch
 create mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/CVE-2025-12801.patch
 rename meta/recipes-devtools/binutils/binutils/{CVE-2025-69648.patch => CVE-2025-69646_CVE-2025-69648.patch} (99%)
 create mode 100644 meta/recipes-devtools/go/go/CVE-2026-27145.patch
 create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-4224.patch
 create mode 100644 meta/recipes-extended/gawk/gawk/0001-Fix-some-C23-compilatio-issues.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2026-33999.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2026-34000.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2026-34001.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2026-34002.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2026-34003-1.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2026-34003-2.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-11021.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2026-2369.patch
 create mode 100644 meta/recipes-support/libusb/libusb1/CVE-2026-23679_CVE-2026-47104-dependent.patch
 create mode 100644 meta/recipes-support/libusb/libusb1/CVE-2026-23679_CVE-2026-47104.patch



             reply	other threads:[~2026-06-29 14:20 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-06-29 14:19 Yoann Congal [this message]
2026-06-29 14:19 ` [OE-core][scarthgap 01/19] gawk: use native gawk when building glibc and grub Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 02/19] grub/glibc: Bump versions to resolve hashequiv/reproducibility issues Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 03/19] gawk: trim native build configuration Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 04/19] gawk-native: fix gcc-15/C23 compilation issues Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 05/19] libsoup: fix for CVE-2025-11021 Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 06/19] libsoup: fix for CVE-2026-2369 Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 07/19] go: patch CVE-2026-27145 Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 08/19] binutils: Fix for CVE-2025-69648 and CVE-2025-69646 Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 09/19] xwayland: Fix CVE-2026-33999 Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 10/19] xwayland: Fix CVE-2026-34000 Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 11/19] xwayland: Fix CVE-2026-34001 Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 12/19] xwayland: Fix CVE-2026-34002 Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 13/19] xwayland: Fix CVE-2026-34003 Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 14/19] libusb1: fix CVE-2026-23679 and CVE-2026-47104 Yoann Congal
2026-06-29 14:20 ` [OE-core][scarthgap 15/19] nfs-utils: fix CVE-2025-12801 Yoann Congal
2026-06-29 14:20 ` [OE-core][scarthgap 16/19] cve-update-nvd2-native: allow setting resultsPerPage Yoann Congal
2026-06-29 14:20 ` [OE-core][scarthgap 17/19] python3: fix CVE-2026-4224 Yoann Congal
2026-06-29 14:20 ` [OE-core][scarthgap 18/19] oeqa: Drop /git/ from our urls Yoann Congal
2026-06-29 14:20 ` [OE-core][scarthgap 19/19] recipetool: Recognise https://git. as git urls Yoann Congal
  -- strict thread matches above, loose matches on Subject: below --
2025-11-11 14:58 [OE-core][scarthgap 00/19] Patch review Steve Sakoman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1782742373.git.yoann.congal@smile.fr \
    --to=yoann.congal@smile.fr \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.