From: Scott Murray <scott.murray@konsulko.com>
To: openembedded-core@lists.openembedded.org
Subject: Re: [OE-core] [kirkstone][PATCH] u-boot: move CVE patch out of u-boot-common.inc
Date: Sun, 8 Mar 2026 06:15:01 -0400 (EDT) [thread overview]
Message-ID: <733cc55c-75ff-8aed-60e8-333f80cc045d@konsulko.com> (raw)
In-Reply-To: <189AD5370EA1E51F.2182444@lists.openembedded.org>
On Sun, 8 Mar 2026, Scott Murray via lists.openembedded.org wrote:
> Commit f5b980ad added CVE-2024-42040.patch to the base U-Boot
> SRC_URI in u-boot-common.inc as opposed to adding it in the
> u-boot recipe where all the other patch additions are. This
> breaks at least one downstream BSP that reuses u-boot-common.inc
> (meta-sifive), so move that patch addition to the recipe file
> with all the others.
>
> Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Please ignore, I accidentally resent this.
Scott
> ---
> meta/recipes-bsp/u-boot/u-boot-common.inc | 4 +---
> meta/recipes-bsp/u-boot/u-boot_2022.01.bb | 1 +
> 2 files changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/meta/recipes-bsp/u-boot/u-boot-common.inc b/meta/recipes-bsp/u-boot/u-boot-common.inc
> index 7a63420642..d366f10398 100644
> --- a/meta/recipes-bsp/u-boot/u-boot-common.inc
> +++ b/meta/recipes-bsp/u-boot/u-boot-common.inc
> @@ -14,9 +14,7 @@ PE = "1"
> # repo during parse
> SRCREV = "d637294e264adfeb29f390dfc393106fd4d41b17"
>
> -SRC_URI = "git://source.denx.de/u-boot/u-boot.git;protocol=https;branch=master \
> - file://CVE-2024-42040.patch \
> -"
> +SRC_URI = "git://source.denx.de/u-boot/u-boot.git;protocol=https;branch=master"
>
> S = "${WORKDIR}/git"
> B = "${WORKDIR}/build"
> diff --git a/meta/recipes-bsp/u-boot/u-boot_2022.01.bb b/meta/recipes-bsp/u-boot/u-boot_2022.01.bb
> index 0ff2477c39..f0ea3ef9e0 100644
> --- a/meta/recipes-bsp/u-boot/u-boot_2022.01.bb
> +++ b/meta/recipes-bsp/u-boot/u-boot_2022.01.bb
> @@ -11,6 +11,7 @@ SRC_URI += " file://0001-riscv32-Use-double-float-ABI-for-rv32.patch \
> file://CVE-2022-30790.patch \
> file://CVE-2022-2347_1.patch \
> file://CVE-2022-2347_2.patch \
> + file://CVE-2024-42040.patch \
> file://CVE-2024-57254.patch \
> file://CVE-2024-57255.patch \
> file://CVE-2024-57256.patch \
>
next prev parent reply other threads:[~2026-03-08 10:15 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-08 9:56 [PATCH 0/1] Weston 15.0.0 upgrade Scott Murray
2026-03-08 9:56 ` [kirkstone][PATCH] u-boot: move CVE patch out of u-boot-common.inc Scott Murray
2026-03-08 9:57 ` [PATCH 1/1] weston: update to 15.0.0 Scott Murray
2026-03-18 12:12 ` [OE-core] " Mathieu Dubois-Briand
2026-03-19 4:42 ` Scott Murray
[not found] ` <189AD5370EA1E51F.2182444@lists.openembedded.org>
2026-03-08 10:15 ` Scott Murray [this message]
[not found] ` <189AD5373B81538B.1148757@lists.openembedded.org>
2026-03-15 20:20 ` Scott Murray
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=733cc55c-75ff-8aed-60e8-333f80cc045d@konsulko.com \
--to=scott.murray@konsulko.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox