From: Yoann Congal <yoann.congal@smile.fr>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][wrynose 00/18] Patch review
Date: Fri, 10 Jul 2026 18:36:15 +0200 [thread overview]
Message-ID: <cover.1783697455.git.yoann.congal@smile.fr> (raw)
Please review this set of changes for wrynose and have comments back by
end of day Thursday, July 16. I'm off most of next week and back on the
17th.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/4187
The following changes since commit c2746a4a165fd99c2d1aafed17533555787f37ce:
clang/llvm: Upgrade to 22.1.8 release (2026-07-09 16:58:55 +0100)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/wrynose-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/wrynose-nut
for you to fetch changes up to 73299cef1b7cd6446c918c361fd2c47534126361:
gnutls: fix CVE-2026-33846 (2026-07-10 12:37:42 +0200)
----------------------------------------------------------------
Amaury Couderc (1):
expat: fix CVE-2026-41080
Benjamin Robin (Schneider Electric) (3):
python3: fix CVE-2026-11940
python3: fix CVE-2026-11972
glib-2.0: fix CVE-2026-58016
Deepak Rathore (1):
libcap: Fix CVE-2026-4878
Deepesh Varatharajan (1):
gdb: Upgrade 17.1 -> 17.2
Eilís 'pidge' Ní Fhlannagáin (1):
ovmf: fix tpm PACKAGECONFIG to use TPM2_ENABLE
Eric Meyers (1):
create-spdx-image-3.0: correct SSTATE_SKIP_CREATION key for
do_create_image_sbom_spdx
Gustavo Henrique Nihei (1):
opensbi: don't override ELFFLAGS, silence ldflags QA for bare-metal
ELFs
Hitendra Prajapati (1):
vim: Fix for CVE-2026-52858,CVE-2026-52859,CVE-2026-52860
Jaipaul Cheernam (1):
curl: fix CVE-2026-5773 - wrong reuse of SMB connection
Peter Marko (1):
python3: upgrade 3.14.5 -> 3.14.6
Pritam Srichandan Sahoo (1):
gnutls: fix CVE-2026-33846
Ross Burton (1):
xmlto: update SRC_URI
Siva Balasubramanian (1):
util-linux: upgrade 2.41.3 -> 2.41.5
Sudhir Dumbhare (2):
python3-urllib3: Fix CVE-2026-44431
socat: upgrade 1.8.1.1 -> 1.8.1.3
Theo Gaige (Schneider Electric) (1):
expat: patch CVE-2026-45186
.../create-spdx-image-3.0.bbclass | 2 +-
meta/classes-recipe/nospdx.bbclass | 2 +-
meta/recipes-bsp/opensbi/opensbi_1.8.1.bb | 6 +-
.../{socat_1.8.1.1.bb => socat_1.8.1.3.bb} | 2 +-
.../expat/expat/CVE-2026-41080-1.patch | 517 ++++++++++++++++++
.../expat/expat/CVE-2026-41080-2.patch | 33 ++
.../expat/expat/CVE-2026-45186-01.patch | 70 +++
.../expat/expat/CVE-2026-45186-02.patch | 318 +++++++++++
.../expat/expat/CVE-2026-45186-03.patch | 46 ++
.../expat/expat/CVE-2026-45186-04.patch | 32 ++
.../expat/expat/CVE-2026-45186-05.patch | 32 ++
.../expat/expat/CVE-2026-45186-06.patch | 87 +++
.../expat/expat/CVE-2026-45186-07.patch | 52 ++
meta/recipes-core/expat/expat_2.7.5.bb | 9 +
.../glib-2.0/files/CVE-2026-58016-1.patch | 94 ++++
.../glib-2.0/files/CVE-2026-58016-2.patch | 98 ++++
meta/recipes-core/glib-2.0/glib.inc | 2 +
meta/recipes-core/ovmf/ovmf_git.bb | 2 +-
...2.41.3.bb => util-linux-libuuid_2.41.5.bb} | 0
meta/recipes-core/util-linux/util-linux.inc | 3 +-
...DEV_FL_NOFOLLOW-to-prevent-symlink-a.patch | 114 ----
...l-linux_2.41.3.bb => util-linux_2.41.5.bb} | 0
...ian_17.1.bb => gdb-cross-canadian_17.2.bb} | 0
.../{gdb-cross_17.1.bb => gdb-cross_17.2.bb} | 0
meta/recipes-devtools/gdb/gdb.inc | 4 +-
...-ser-unix-modernize-Linux-custom-bau.patch | 248 ---------
...ux-Fix-build-failure-on-musl-systems.patch | 196 -------
.../gdb/{gdb_17.1.bb => gdb_17.2.bb} | 0
.../python3-urllib3/CVE-2026-44431.patch | 157 ++++++
.../python/python3-urllib3_2.6.3.bb | 3 +
...eadingMock-call-count-race-condition.patch | 37 --
.../python/python3/CVE-2026-11940.patch | 67 +++
.../python/python3/CVE-2026-11972.patch | 61 +++
.../{python3_3.14.5.bb => python3_3.14.6.bb} | 9 +-
meta/recipes-devtools/xmlto/xmlto_0.0.29.bb | 2 +-
.../curl/curl/CVE-2026-5773.patch | 47 ++
meta/recipes-support/curl/curl_8.19.0.bb | 1 +
...fragments-implement-a-basic-DTLS-tes.patch | 258 +++++++++
...merge_handshake_packet-using-recv_bu.patch | 96 ++++
...s-add-more-checks-to-DTLS-reassembly.patch | 65 +++
...fragments-extend-with-a-1816-reprodu.patch | 159 ++++++
...fragments-extend-with-fragmenting-Cl.patch | 149 +++++
...ch-DTLS-datagrams-by-sequence-number.patch | 42 ++
...fragments-1839-mismatching-message_s.patch | 104 ++++
...ts-mini-dtls-framents-link-to-gnulib.patch | 27 +
meta/recipes-support/gnutls/gnutls_3.8.12.bb | 8 +
.../libcap/files/CVE-2026-4878.patch | 163 ++++++
meta/recipes-support/libcap/libcap_2.77.bb | 4 +-
.../vim/files/CVE-2026-52858.patch | 167 ++++++
.../vim/files/CVE-2026-52859.patch | 274 ++++++++++
.../vim/files/CVE-2026-52860.patch | 446 +++++++++++++++
meta/recipes-support/vim/vim.inc | 3 +
52 files changed, 3706 insertions(+), 612 deletions(-)
rename meta/recipes-connectivity/socat/{socat_1.8.1.1.bb => socat_1.8.1.3.bb} (94%)
create mode 100644 meta/recipes-core/expat/expat/CVE-2026-41080-1.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2026-41080-2.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-01.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-02.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-03.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-04.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-05.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-06.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-07.patch
create mode 100644 meta/recipes-core/glib-2.0/files/CVE-2026-58016-1.patch
create mode 100644 meta/recipes-core/glib-2.0/files/CVE-2026-58016-2.patch
rename meta/recipes-core/util-linux/{util-linux-libuuid_2.41.3.bb => util-linux-libuuid_2.41.5.bb} (100%)
delete mode 100644 meta/recipes-core/util-linux/util-linux/0001-loopdev-add-LOOPDEV_FL_NOFOLLOW-to-prevent-symlink-a.patch
rename meta/recipes-core/util-linux/{util-linux_2.41.3.bb => util-linux_2.41.5.bb} (100%)
rename meta/recipes-devtools/gdb/{gdb-cross-canadian_17.1.bb => gdb-cross-canadian_17.2.bb} (100%)
rename meta/recipes-devtools/gdb/{gdb-cross_17.1.bb => gdb-cross_17.2.bb} (100%)
delete mode 100644 meta/recipes-devtools/gdb/gdb/0009-PR-gdb-33747-gdb-ser-unix-modernize-Linux-custom-bau.patch
delete mode 100644 meta/recipes-devtools/gdb/gdb/0010-GDB-aarch64-linux-Fix-build-failure-on-musl-systems.patch
rename meta/recipes-devtools/gdb/{gdb_17.1.bb => gdb_17.2.bb} (100%)
create mode 100644 meta/recipes-devtools/python/python3-urllib3/CVE-2026-44431.patch
delete mode 100644 meta/recipes-devtools/python/python3/0001-Fix-ThreadingMock-call-count-race-condition.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-11940.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-11972.patch
rename meta/recipes-devtools/python/{python3_3.14.5.bb => python3_3.14.6.bb} (98%)
create mode 100644 meta/recipes-support/curl/curl/CVE-2026-5773.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/0001-tests-mini-dtls-fragments-implement-a-basic-DTLS-tes.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/0002-buffers-shorten-merge_handshake_packet-using-recv_bu.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/0003-buffers-add-more-checks-to-DTLS-reassembly.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/0004-tests-mini-dtls-fragments-extend-with-a-1816-reprodu.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/0005-tests-mini-dtls-fragments-extend-with-fragmenting-Cl.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/0006-buffers-match-DTLS-datagrams-by-sequence-number.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/0007-tests-mini-dtls-fragments-1839-mismatching-message_s.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/0008-tests-mini-dtls-framents-link-to-gnulib.patch
create mode 100644 meta/recipes-support/libcap/files/CVE-2026-4878.patch
create mode 100644 meta/recipes-support/vim/files/CVE-2026-52858.patch
create mode 100644 meta/recipes-support/vim/files/CVE-2026-52859.patch
create mode 100644 meta/recipes-support/vim/files/CVE-2026-52860.patch
next reply other threads:[~2026-07-10 16:37 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-07-10 16:36 Yoann Congal [this message]
2026-07-10 16:36 ` [OE-core][wrynose 01/18] gdb: Upgrade 17.1 -> 17.2 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 02/18] curl: fix CVE-2026-5773 - wrong reuse of SMB connection Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 03/18] expat: patch CVE-2026-45186 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 04/18] expat: fix CVE-2026-41080 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 05/18] python3: upgrade 3.14.5 -> 3.14.6 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 06/18] python3: fix CVE-2026-11940 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 07/18] python3: fix CVE-2026-11972 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 08/18] opensbi: don't override ELFFLAGS, silence ldflags QA for bare-metal ELFs Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 09/18] create-spdx-image-3.0: correct SSTATE_SKIP_CREATION key for do_create_image_sbom_spdx Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 10/18] python3-urllib3: Fix CVE-2026-44431 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 11/18] glib-2.0: fix CVE-2026-58016 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 12/18] util-linux: upgrade 2.41.3 -> 2.41.5 Yoann Congal
2026-07-14 13:29 ` Paul Barker
2026-07-10 16:36 ` [OE-core][wrynose 13/18] ovmf: fix tpm PACKAGECONFIG to use TPM2_ENABLE Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 14/18] libcap: Fix CVE-2026-4878 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 15/18] socat: upgrade 1.8.1.1 -> 1.8.1.3 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 16/18] vim: Fix for CVE-2026-52858,CVE-2026-52859,CVE-2026-52860 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 17/18] xmlto: update SRC_URI Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 18/18] gnutls: fix CVE-2026-33846 Yoann Congal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1783697455.git.yoann.congal@smile.fr \
--to=yoann.congal@smile.fr \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.