All of lore.kernel.org
 help / color / mirror / Atom feed
* [OE-core][scarthgap 00/19] Patch review
@ 2026-06-29 14:19 Yoann Congal
  2026-06-29 14:19 ` [OE-core][scarthgap 01/19] gawk: use native gawk when building glibc and grub Yoann Congal
                   ` (18 more replies)
  0 siblings, 19 replies; 21+ messages in thread
From: Yoann Congal @ 2026-06-29 14:19 UTC (permalink / raw)
  To: openembedded-core

Please review this set of changes for scarthgap and have comments back by
end of day Wednesday, July 1.

Some patches are aimed at progressing toward Ubuntu 26.04 support:
* gawk: use native gawk when building glibc and grub
* grub/glibc: Bump versions to resolve hashequiv/reproducibility issues
* gawk: trim native build configuration
* gawk-native: fix gcc-15/C23 compilation issues

Improving the NVD CVE data fetching:
* cve-update-nvd2-native: allow setting resultsPerPage
  NOTE: This patch does not exist in more recent branches
		(cve-update-nvd2-native was drop in favor of git based fetching)

Move away from /git/ in URLs for oe/yp.org servers:
* oeqa: Drop /git/ from our urls
* recipetool: Recognise https://git. as git urls

Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/4103

The following changes since commit 737293bead3e7b994347e47f09bc69437479d50c:

  linux-yocto/6.6: address ltp hang (2026-06-23 20:33:35 +0200)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-review
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-review

for you to fetch changes up to 54ce24005721f5c82d42242524eaed93c8cbeafa:

  recipetool: Recognise https://git. as git urls (2026-06-29 11:31:24 +0200)

----------------------------------------------------------------

Alexander Kanavin (1):
  gawk: use native gawk when building glibc and grub

Amaury Couderc (1):
  python3: fix CVE-2026-4224

Anil Dongare (1):
  libusb1: fix CVE-2026-23679 and CVE-2026-47104

Awais B (1):
  cve-update-nvd2-native: allow setting resultsPerPage

Harish Sadineni (1):
  binutils: Fix for CVE-2025-69648 and CVE-2025-69646

Hitendra Prajapati (2):
  libsoup: fix for CVE-2025-11021
  libsoup: fix for CVE-2026-2369

Richard Purdie (3):
  grub/glibc: Bump versions to resolve hashequiv/reproducibility issues
  oeqa: Drop /git/ from our urls
  recipetool: Recognise https://git. as git urls

Ross Burton (1):
  gawk: trim native build configuration

Sudhir Dumbhare (1):
  nfs-utils: fix CVE-2025-12801

Theo Gaige (Schneider Electric) (1):
  go: patch CVE-2026-27145

Vijay Anusuri (5):
  xwayland: Fix CVE-2026-33999
  xwayland: Fix CVE-2026-34000
  xwayland: Fix CVE-2026-34001
  xwayland: Fix CVE-2026-34002
  xwayland: Fix CVE-2026-34003

Yoann Congal (1):
  gawk-native: fix gcc-15/C23 compilation issues

 .../recipes-test/gitrepotest/gitrepotest.bb   |   2 +-
 .../gitunpackoffline/gitunpackoffline.inc     |   4 +-
 .../lib/oeqa/manual/toaster-managed-mode.json |   6 +-
 meta/lib/oeqa/sdkext/cases/devtool.py         |   4 +-
 meta/lib/oeqa/selftest/cases/devtool.py       |   4 +-
 meta/lib/oeqa/selftest/cases/recipetool.py    |   2 +-
 meta/recipes-bsp/grub/grub2.inc               |   6 +-
 .../nfs-utils/CVE-2025-12801-build-fix.patch  |  44 ++
 .../CVE-2025-12801-dependent_p1.patch         | 450 +++++++++++++++++
 .../CVE-2025-12801-dependent_p2.patch         |  81 +++
 .../CVE-2025-12801-dependent_p3.patch         | 181 +++++++
 .../CVE-2025-12801-dependent_p4.patch         | 468 ++++++++++++++++++
 .../nfs-utils/nfs-utils/CVE-2025-12801.patch  | 254 ++++++++++
 .../nfs-utils/nfs-utils_2.6.4.bb              |   6 +
 meta/recipes-core/glibc/glibc.inc             |   6 +-
 .../meta/cve-update-nvd2-native.bb            |  13 +
 .../binutils/binutils-2.42.inc                |   2 +-
 ...ch => CVE-2025-69646_CVE-2025-69648.patch} |   2 +-
 meta/recipes-devtools/go/go-1.22.12.inc       |   1 +
 .../go/go/CVE-2026-27145.patch                |  96 ++++
 .../python/python3/CVE-2026-4224.patch        | 121 +++++
 .../python/python3_3.12.13.bb                 |   1 +
 .../0001-Fix-some-C23-compilatio-issues.patch |  35 ++
 meta/recipes-extended/gawk/gawk_5.3.0.bb      |  15 +-
 .../xwayland/xwayland/CVE-2026-33999.patch    |  49 ++
 .../xwayland/xwayland/CVE-2026-34000.patch    |  72 +++
 .../xwayland/xwayland/CVE-2026-34001.patch    | 104 ++++
 .../xwayland/xwayland/CVE-2026-34002.patch    |  93 ++++
 .../xwayland/xwayland/CVE-2026-34003-1.patch  | 113 +++++
 .../xwayland/xwayland/CVE-2026-34003-2.patch  | 223 +++++++++
 .../xwayland/xwayland_23.2.5.bb               |   6 +
 .../libsoup-3.4.4/CVE-2025-11021.patch        |  57 +++
 .../libsoup/libsoup-3.4.4/CVE-2026-2369.patch |  32 ++
 meta/recipes-support/libsoup/libsoup_3.4.4.bb |   2 +
 ...-2026-23679_CVE-2026-47104-dependent.patch |  46 ++
 .../CVE-2026-23679_CVE-2026-47104.patch       |  88 ++++
 meta/recipes-support/libusb/libusb1_1.0.27.bb |   2 +
 scripts/lib/recipetool/create.py              |   2 +-
 38 files changed, 2676 insertions(+), 17 deletions(-)
 create mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/CVE-2025-12801-build-fix.patch
 create mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/CVE-2025-12801-dependent_p1.patch
 create mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/CVE-2025-12801-dependent_p2.patch
 create mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/CVE-2025-12801-dependent_p3.patch
 create mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/CVE-2025-12801-dependent_p4.patch
 create mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/CVE-2025-12801.patch
 rename meta/recipes-devtools/binutils/binutils/{CVE-2025-69648.patch => CVE-2025-69646_CVE-2025-69648.patch} (99%)
 create mode 100644 meta/recipes-devtools/go/go/CVE-2026-27145.patch
 create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-4224.patch
 create mode 100644 meta/recipes-extended/gawk/gawk/0001-Fix-some-C23-compilatio-issues.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2026-33999.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2026-34000.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2026-34001.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2026-34002.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2026-34003-1.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2026-34003-2.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-11021.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2026-2369.patch
 create mode 100644 meta/recipes-support/libusb/libusb1/CVE-2026-23679_CVE-2026-47104-dependent.patch
 create mode 100644 meta/recipes-support/libusb/libusb1/CVE-2026-23679_CVE-2026-47104.patch



^ permalink raw reply	[flat|nested] 21+ messages in thread
* [OE-core][scarthgap 00/19] Patch review
@ 2025-11-11 14:58 Steve Sakoman
  0 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2025-11-11 14:58 UTC (permalink / raw)
  To: openembedded-core

Please review this set of changes for scarthgap and have comments back by
end of day Thursday, September 13

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2708

The following changes since commit 06d4981313ce67a8d53b1c14be9845b4b5a9f4cf:

  perf: add arm64 source files for unistd_64.h (2025-11-03 07:45:57 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Alexander Kanavin (3):
  ca-certificates: get sources from debian tarballs
  ca-certificates: submit sysroot patch upstream, drop
    default-sysroot.patch
  xf86-video-intel: correct SRC_URI as freedesktop anongit is down

Ankur Tyagi (2):
  webkitgtk: upgrade 2.44.3 -> 2.44.4
  wireless-regdb: upgrade 2024.10.07 -> 2025.10.07

Archana Polampalli (7):
  go: fix CVE-2025-58185
  go: fix CVE-2025-58187
  go: fix CVE-2025-58188
  go: fix CVE-2025-58189
  go: fix CVE-2025-47912
  go: fix CVE-2025-61723
  go: fix CVE-2025-61724

Gyorgy Sarvari (1):
  ca-certificates: fix on-target postinstall script

Peter Marko (1):
  curl: ignore CVE-2025-10966

Richard Purdie (2):
  ca-certificates: upgrade 20240203 -> 20241223
  oeqa/selftest/devtool: Update after upstream repo changes

Theodore A. Roth (2):
  ca-certificates: update 20211016 -> 20240203
  ca-certificates: Add comment for provenance of SRCREV

Wang Mingyu (1):
  ca-certificates: upgrade 20241223 -> 20250419

 meta/lib/oeqa/selftest/cases/devtool.py       |   8 +-
 meta/recipes-devtools/go/go-1.22.12.inc       |   7 +
 .../go/go/CVE-2025-47912.patch                | 226 ++++++++++++
 .../go/go/CVE-2025-58185.patch                | 142 +++++++
 .../go/go/CVE-2025-58187.patch                | 349 ++++++++++++++++++
 .../go/go/CVE-2025-58188.patch                | 194 ++++++++++
 .../go/go/CVE-2025-58189.patch                |  50 +++
 .../go/go/CVE-2025-61723.patch                | 223 +++++++++++
 .../go/go/CVE-2025-61724.patch                |  75 ++++
 .../xorg-driver/xf86-video-intel_git.bb       |   2 +-
 ....10.07.bb => wireless-regdb_2025.10.07.bb} |   2 +-
 ...ebkitgtk_2.44.3.bb => webkitgtk_2.44.4.bb} |   2 +-
 ...ertdata2pem.py-print-a-warning-for-e.patch |  21 +-
 ...icates-don-t-use-Debianisms-in-run-p.patch |  20 +-
 ...2-update-ca-certificates-use-SYSROOT.patch |  46 ---
 ...icates-use-relative-symlinks-from-ET.patch |  18 +-
 .../ca-certificates/default-sysroot.patch     |  50 ---
 ...0211016.bb => ca-certificates_20250419.bb} |  19 +-
 meta/recipes-support/curl/curl_8.7.1.bb       |   1 +
 19 files changed, 1311 insertions(+), 144 deletions(-)
 create mode 100644 meta/recipes-devtools/go/go/CVE-2025-47912.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2025-58185.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2025-58187.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2025-58188.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2025-58189.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2025-61723.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2025-61724.patch
 rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2024.10.07.bb => wireless-regdb_2025.10.07.bb} (94%)
 rename meta/recipes-sato/webkit/{webkitgtk_2.44.3.bb => webkitgtk_2.44.4.bb} (98%)
 delete mode 100644 meta/recipes-support/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch
 delete mode 100644 meta/recipes-support/ca-certificates/ca-certificates/default-sysroot.patch
 rename meta/recipes-support/ca-certificates/{ca-certificates_20211016.bb => ca-certificates_20250419.bb} (84%)

-- 
2.43.0



^ permalink raw reply	[flat|nested] 21+ messages in thread

end of thread, other threads:[~2026-06-29 14:20 UTC | newest]

Thread overview: 21+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-06-29 14:19 [OE-core][scarthgap 00/19] Patch review Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 01/19] gawk: use native gawk when building glibc and grub Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 02/19] grub/glibc: Bump versions to resolve hashequiv/reproducibility issues Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 03/19] gawk: trim native build configuration Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 04/19] gawk-native: fix gcc-15/C23 compilation issues Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 05/19] libsoup: fix for CVE-2025-11021 Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 06/19] libsoup: fix for CVE-2026-2369 Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 07/19] go: patch CVE-2026-27145 Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 08/19] binutils: Fix for CVE-2025-69648 and CVE-2025-69646 Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 09/19] xwayland: Fix CVE-2026-33999 Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 10/19] xwayland: Fix CVE-2026-34000 Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 11/19] xwayland: Fix CVE-2026-34001 Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 12/19] xwayland: Fix CVE-2026-34002 Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 13/19] xwayland: Fix CVE-2026-34003 Yoann Congal
2026-06-29 14:19 ` [OE-core][scarthgap 14/19] libusb1: fix CVE-2026-23679 and CVE-2026-47104 Yoann Congal
2026-06-29 14:20 ` [OE-core][scarthgap 15/19] nfs-utils: fix CVE-2025-12801 Yoann Congal
2026-06-29 14:20 ` [OE-core][scarthgap 16/19] cve-update-nvd2-native: allow setting resultsPerPage Yoann Congal
2026-06-29 14:20 ` [OE-core][scarthgap 17/19] python3: fix CVE-2026-4224 Yoann Congal
2026-06-29 14:20 ` [OE-core][scarthgap 18/19] oeqa: Drop /git/ from our urls Yoann Congal
2026-06-29 14:20 ` [OE-core][scarthgap 19/19] recipetool: Recognise https://git. as git urls Yoann Congal
  -- strict thread matches above, loose matches on Subject: below --
2025-11-11 14:58 [OE-core][scarthgap 00/19] Patch review Steve Sakoman

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.