All of lore.kernel.org
 help / color / mirror / Atom feed
* [OE-core][wrynose 00/18] Patch review
@ 2026-07-10 16:36 Yoann Congal
  2026-07-10 16:36 ` [OE-core][wrynose 01/18] gdb: Upgrade 17.1 -> 17.2 Yoann Congal
                   ` (17 more replies)
  0 siblings, 18 replies; 20+ messages in thread
From: Yoann Congal @ 2026-07-10 16:36 UTC (permalink / raw)
  To: openembedded-core

Please review this set of changes for wrynose and have comments back by
end of day Thursday, July 16. I'm off most of next week and back on the
17th.

Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/4187

The following changes since commit c2746a4a165fd99c2d1aafed17533555787f37ce:

  clang/llvm: Upgrade to 22.1.8 release (2026-07-09 16:58:55 +0100)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/wrynose-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/wrynose-nut

for you to fetch changes up to 73299cef1b7cd6446c918c361fd2c47534126361:

  gnutls: fix CVE-2026-33846 (2026-07-10 12:37:42 +0200)

----------------------------------------------------------------

Amaury Couderc (1):
  expat: fix CVE-2026-41080

Benjamin Robin (Schneider Electric) (3):
  python3: fix CVE-2026-11940
  python3: fix CVE-2026-11972
  glib-2.0: fix CVE-2026-58016

Deepak Rathore (1):
  libcap: Fix CVE-2026-4878

Deepesh Varatharajan (1):
  gdb: Upgrade 17.1 -> 17.2

Eilís 'pidge' Ní Fhlannagáin (1):
  ovmf: fix tpm PACKAGECONFIG to use TPM2_ENABLE

Eric Meyers (1):
  create-spdx-image-3.0: correct SSTATE_SKIP_CREATION key for
    do_create_image_sbom_spdx

Gustavo Henrique Nihei (1):
  opensbi: don't override ELFFLAGS, silence ldflags QA for bare-metal
    ELFs

Hitendra Prajapati (1):
  vim: Fix for CVE-2026-52858,CVE-2026-52859,CVE-2026-52860

Jaipaul Cheernam (1):
  curl: fix CVE-2026-5773 - wrong reuse of SMB connection

Peter Marko (1):
  python3: upgrade 3.14.5 -> 3.14.6

Pritam Srichandan Sahoo (1):
  gnutls: fix CVE-2026-33846

Ross Burton (1):
  xmlto: update SRC_URI

Siva Balasubramanian (1):
  util-linux: upgrade 2.41.3 -> 2.41.5

Sudhir Dumbhare (2):
  python3-urllib3: Fix CVE-2026-44431
  socat: upgrade 1.8.1.1 -> 1.8.1.3

Theo Gaige (Schneider Electric) (1):
  expat: patch CVE-2026-45186

 .../create-spdx-image-3.0.bbclass             |   2 +-
 meta/classes-recipe/nospdx.bbclass            |   2 +-
 meta/recipes-bsp/opensbi/opensbi_1.8.1.bb     |   6 +-
 .../{socat_1.8.1.1.bb => socat_1.8.1.3.bb}    |   2 +-
 .../expat/expat/CVE-2026-41080-1.patch        | 517 ++++++++++++++++++
 .../expat/expat/CVE-2026-41080-2.patch        |  33 ++
 .../expat/expat/CVE-2026-45186-01.patch       |  70 +++
 .../expat/expat/CVE-2026-45186-02.patch       | 318 +++++++++++
 .../expat/expat/CVE-2026-45186-03.patch       |  46 ++
 .../expat/expat/CVE-2026-45186-04.patch       |  32 ++
 .../expat/expat/CVE-2026-45186-05.patch       |  32 ++
 .../expat/expat/CVE-2026-45186-06.patch       |  87 +++
 .../expat/expat/CVE-2026-45186-07.patch       |  52 ++
 meta/recipes-core/expat/expat_2.7.5.bb        |   9 +
 .../glib-2.0/files/CVE-2026-58016-1.patch     |  94 ++++
 .../glib-2.0/files/CVE-2026-58016-2.patch     |  98 ++++
 meta/recipes-core/glib-2.0/glib.inc           |   2 +
 meta/recipes-core/ovmf/ovmf_git.bb            |   2 +-
 ...2.41.3.bb => util-linux-libuuid_2.41.5.bb} |   0
 meta/recipes-core/util-linux/util-linux.inc   |   3 +-
 ...DEV_FL_NOFOLLOW-to-prevent-symlink-a.patch | 114 ----
 ...l-linux_2.41.3.bb => util-linux_2.41.5.bb} |   0
 ...ian_17.1.bb => gdb-cross-canadian_17.2.bb} |   0
 .../{gdb-cross_17.1.bb => gdb-cross_17.2.bb}  |   0
 meta/recipes-devtools/gdb/gdb.inc             |   4 +-
 ...-ser-unix-modernize-Linux-custom-bau.patch | 248 ---------
 ...ux-Fix-build-failure-on-musl-systems.patch | 196 -------
 .../gdb/{gdb_17.1.bb => gdb_17.2.bb}          |   0
 .../python3-urllib3/CVE-2026-44431.patch      | 157 ++++++
 .../python/python3-urllib3_2.6.3.bb           |   3 +
 ...eadingMock-call-count-race-condition.patch |  37 --
 .../python/python3/CVE-2026-11940.patch       |  67 +++
 .../python/python3/CVE-2026-11972.patch       |  61 +++
 .../{python3_3.14.5.bb => python3_3.14.6.bb}  |   9 +-
 meta/recipes-devtools/xmlto/xmlto_0.0.29.bb   |   2 +-
 .../curl/curl/CVE-2026-5773.patch             |  47 ++
 meta/recipes-support/curl/curl_8.19.0.bb      |   1 +
 ...fragments-implement-a-basic-DTLS-tes.patch | 258 +++++++++
 ...merge_handshake_packet-using-recv_bu.patch |  96 ++++
 ...s-add-more-checks-to-DTLS-reassembly.patch |  65 +++
 ...fragments-extend-with-a-1816-reprodu.patch | 159 ++++++
 ...fragments-extend-with-fragmenting-Cl.patch | 149 +++++
 ...ch-DTLS-datagrams-by-sequence-number.patch |  42 ++
 ...fragments-1839-mismatching-message_s.patch | 104 ++++
 ...ts-mini-dtls-framents-link-to-gnulib.patch |  27 +
 meta/recipes-support/gnutls/gnutls_3.8.12.bb  |   8 +
 .../libcap/files/CVE-2026-4878.patch          | 163 ++++++
 meta/recipes-support/libcap/libcap_2.77.bb    |   4 +-
 .../vim/files/CVE-2026-52858.patch            | 167 ++++++
 .../vim/files/CVE-2026-52859.patch            | 274 ++++++++++
 .../vim/files/CVE-2026-52860.patch            | 446 +++++++++++++++
 meta/recipes-support/vim/vim.inc              |   3 +
 52 files changed, 3706 insertions(+), 612 deletions(-)
 rename meta/recipes-connectivity/socat/{socat_1.8.1.1.bb => socat_1.8.1.3.bb} (94%)
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-41080-1.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-41080-2.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-01.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-02.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-03.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-04.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-05.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-06.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-07.patch
 create mode 100644 meta/recipes-core/glib-2.0/files/CVE-2026-58016-1.patch
 create mode 100644 meta/recipes-core/glib-2.0/files/CVE-2026-58016-2.patch
 rename meta/recipes-core/util-linux/{util-linux-libuuid_2.41.3.bb => util-linux-libuuid_2.41.5.bb} (100%)
 delete mode 100644 meta/recipes-core/util-linux/util-linux/0001-loopdev-add-LOOPDEV_FL_NOFOLLOW-to-prevent-symlink-a.patch
 rename meta/recipes-core/util-linux/{util-linux_2.41.3.bb => util-linux_2.41.5.bb} (100%)
 rename meta/recipes-devtools/gdb/{gdb-cross-canadian_17.1.bb => gdb-cross-canadian_17.2.bb} (100%)
 rename meta/recipes-devtools/gdb/{gdb-cross_17.1.bb => gdb-cross_17.2.bb} (100%)
 delete mode 100644 meta/recipes-devtools/gdb/gdb/0009-PR-gdb-33747-gdb-ser-unix-modernize-Linux-custom-bau.patch
 delete mode 100644 meta/recipes-devtools/gdb/gdb/0010-GDB-aarch64-linux-Fix-build-failure-on-musl-systems.patch
 rename meta/recipes-devtools/gdb/{gdb_17.1.bb => gdb_17.2.bb} (100%)
 create mode 100644 meta/recipes-devtools/python/python3-urllib3/CVE-2026-44431.patch
 delete mode 100644 meta/recipes-devtools/python/python3/0001-Fix-ThreadingMock-call-count-race-condition.patch
 create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-11940.patch
 create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-11972.patch
 rename meta/recipes-devtools/python/{python3_3.14.5.bb => python3_3.14.6.bb} (98%)
 create mode 100644 meta/recipes-support/curl/curl/CVE-2026-5773.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0001-tests-mini-dtls-fragments-implement-a-basic-DTLS-tes.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0002-buffers-shorten-merge_handshake_packet-using-recv_bu.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0003-buffers-add-more-checks-to-DTLS-reassembly.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0004-tests-mini-dtls-fragments-extend-with-a-1816-reprodu.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0005-tests-mini-dtls-fragments-extend-with-fragmenting-Cl.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0006-buffers-match-DTLS-datagrams-by-sequence-number.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0007-tests-mini-dtls-fragments-1839-mismatching-message_s.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0008-tests-mini-dtls-framents-link-to-gnulib.patch
 create mode 100644 meta/recipes-support/libcap/files/CVE-2026-4878.patch
 create mode 100644 meta/recipes-support/vim/files/CVE-2026-52858.patch
 create mode 100644 meta/recipes-support/vim/files/CVE-2026-52859.patch
 create mode 100644 meta/recipes-support/vim/files/CVE-2026-52860.patch



^ permalink raw reply	[flat|nested] 20+ messages in thread

end of thread, other threads:[~2026-07-14 13:29 UTC | newest]

Thread overview: 20+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-07-10 16:36 [OE-core][wrynose 00/18] Patch review Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 01/18] gdb: Upgrade 17.1 -> 17.2 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 02/18] curl: fix CVE-2026-5773 - wrong reuse of SMB connection Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 03/18] expat: patch CVE-2026-45186 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 04/18] expat: fix CVE-2026-41080 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 05/18] python3: upgrade 3.14.5 -> 3.14.6 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 06/18] python3: fix CVE-2026-11940 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 07/18] python3: fix CVE-2026-11972 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 08/18] opensbi: don't override ELFFLAGS, silence ldflags QA for bare-metal ELFs Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 09/18] create-spdx-image-3.0: correct SSTATE_SKIP_CREATION key for do_create_image_sbom_spdx Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 10/18] python3-urllib3: Fix CVE-2026-44431 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 11/18] glib-2.0: fix CVE-2026-58016 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 12/18] util-linux: upgrade 2.41.3 -> 2.41.5 Yoann Congal
2026-07-14 13:29   ` Paul Barker
2026-07-10 16:36 ` [OE-core][wrynose 13/18] ovmf: fix tpm PACKAGECONFIG to use TPM2_ENABLE Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 14/18] libcap: Fix CVE-2026-4878 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 15/18] socat: upgrade 1.8.1.1 -> 1.8.1.3 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 16/18] vim: Fix for CVE-2026-52858,CVE-2026-52859,CVE-2026-52860 Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 17/18] xmlto: update SRC_URI Yoann Congal
2026-07-10 16:36 ` [OE-core][wrynose 18/18] gnutls: fix CVE-2026-33846 Yoann Congal

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.