* [OE-core][kirkstone 00/30] Pull request (cover letter only)
@ 2022-07-07 15:25 Steve Sakoman
0 siblings, 0 replies; 2+ messages in thread
From: Steve Sakoman @ 2022-07-07 15:25 UTC (permalink / raw)
To: openembedded-core
The following changes since commit eea52e0c3d24c79464f4afdbc3c397e1cb982231:
build-appliance-image: Update to kirkstone head revision (2022-06-29 07:48:24 +0100)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next
Ahmed Hossam (1):
insane.bbclass: host-user-contaminated: Correct per package home path
Alexander Kanavin (3):
wireless-regdb: upgrade 2022.04.08 -> 2022.06.06
oeqa/sdk: drop the nativesdk-python 2.x test
at: take tarballs from debian
David Bagonyi (1):
sanity.bbclass: Add ftps to accepted URI protocols for mirrors sanity
Jose Quaresma (1):
curl: backport openssl fix CN check error code
Kai Kang (1):
glibc-tests: not clear BBCLASSEXTEND
Lee Chee Yang (1):
ghostscript: fix CVE-2022-2085
Lucas Stach (1):
perf: sort-pmuevents: really keep array terminators
Martin Jansa (1):
wic: fix WicError message
Maxime Roussin-Bélanger (1):
libffi: fix native build being not portable
Muhammad Hamza (1):
initramfs-framework: move storage mounts to actual rootfs
Peter Bergin (1):
rust: fix issue building cross-canadian tools for aarch64 on x86_64
Peter Kjellerstedt (1):
base.bbclass: Correct the test for obsolete license exceptions
Pgowda (1):
binutils : CVE-2019-1010204
Raju Kumar Pothuraju (1):
kernel-uboot.bbclass: Use vmlinux.initramfs when
INITRAMFS_IMAGE_BUNDLE set
Richard Purdie (8):
unzip: Port debian fixes for two CVEs
cve-extra-exclusions: Clean up and ignore three CVEs (2xqemu and nasm)
vim: 8.2.5083 -> 9.0.0005
openssl: Upgrade 3.0.3 -> 3.0.4
coreutils: Tweak packaging variable names for coreutils-dev
oeqa/runtime/scp: Disable scp test for dropbear
packagegroup-core-ssh-dropbear: Add openssh-sftp-server recommendation
oe-selftest-image: Ensure the image has sftp as well as dropbear
Ross Burton (3):
cups: ignore CVE-2022-26691
busybox: fix CVE-2022-30065
cve-check: hook cleanup to the BuildCompleted event, not CookerExit
Steve Sakoman (2):
openssh: break dependency on base package for -dev package
dropbear: break dependency on base package for -dev package
Thomas Roos (1):
recipetool/devtool: Fix python egg whitespace issues in PACKAGECONFIG
.../recipes-test/images/oe-selftest-image.bb | 2 +-
meta/classes/base.bbclass | 4 +-
meta/classes/cve-check.bbclass | 2 +-
meta/classes/insane.bbclass | 2 +-
meta/classes/kernel-uboot.bbclass | 6 ++
meta/classes/sanity.bbclass | 2 +-
.../distro/include/cve-extra-exclusions.inc | 30 +++++-----
meta/lib/oeqa/runtime/cases/scp.py | 2 +-
meta/lib/oeqa/sdk/cases/python.py | 11 ----
meta/lib/oeqa/selftest/cases/devtool.py | 15 ++++-
.../openssh/openssh_8.9p1.bb | 5 ++
...1-Configure-do-not-tweak-mips-cflags.patch | 10 ++--
...sysroot-and-debug-prefix-map-from-co.patch | 20 +++----
...ea88c3888cc5cb3ebc94ffcef706c68bc1d2.patch | 55 -------------------
.../openssl/openssl/afalg.patch | 10 ++--
.../{openssl_3.0.3.bb => openssl_3.0.4.bb} | 3 +-
.../busybox/busybox/CVE-2022-30065.patch | 29 ++++++++++
meta/recipes-core/busybox/busybox_1.35.0.bb | 1 +
meta/recipes-core/coreutils/coreutils_9.0.bb | 3 +-
meta/recipes-core/dropbear/dropbear.inc | 5 ++
meta/recipes-core/glibc/glibc-tests_2.35.bb | 5 +-
.../initrdscripts/initramfs-framework/finish | 9 +++
.../packagegroup-core-ssh-dropbear.bb | 1 +
.../binutils/binutils-2.38.inc | 1 +
.../binutils/0014-CVE-2019-1010204.patch | 49 +++++++++++++++++
meta/recipes-devtools/rust/rust-common.inc | 5 +-
meta/recipes-extended/at/at_3.2.5.bb | 2 +-
meta/recipes-extended/cups/cups.inc | 2 +
.../ghostscript/CVE-2022-2085.patch | 44 +++++++++++++++
.../ghostscript/ghostscript_9.55.0.bb | 1 +
.../unzip/unzip/CVE-2022-0529.patch | 39 +++++++++++++
.../unzip/unzip/CVE-2022-0530.patch | 33 +++++++++++
meta/recipes-extended/unzip/unzip_6.0.bb | 2 +
.../perf/perf/sort-pmuevents.py | 5 +-
....04.08.bb => wireless-regdb_2022.06.06.bb} | 2 +-
...0001-openssl-fix-CN-check-error-code.patch | 38 +++++++++++++
meta/recipes-support/curl/curl_7.82.0.bb | 1 +
meta/recipes-support/libffi/libffi_3.4.2.bb | 2 +-
.../vim/{vim-tiny_8.2.bb => vim-tiny_9.0.bb} | 0
meta/recipes-support/vim/vim.inc | 6 +-
.../vim/{vim_8.2.bb => vim_9.0.bb} | 0
.../lib/recipetool/create_buildsys_python.py | 13 +++++
scripts/wic | 2 +-
43 files changed, 353 insertions(+), 126 deletions(-)
delete mode 100644 meta/recipes-connectivity/openssl/openssl/770aea88c3888cc5cb3ebc94ffcef706c68bc1d2.patch
rename meta/recipes-connectivity/openssl/{openssl_3.0.3.bb => openssl_3.0.4.bb} (98%)
create mode 100644 meta/recipes-core/busybox/busybox/CVE-2022-30065.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0014-CVE-2019-1010204.patch
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2022-2085.patch
create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2022-0529.patch
create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2022-0530.patch
rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2022.04.08.bb => wireless-regdb_2022.06.06.bb} (94%)
create mode 100644 meta/recipes-support/curl/curl/0001-openssl-fix-CN-check-error-code.patch
rename meta/recipes-support/vim/{vim-tiny_8.2.bb => vim-tiny_9.0.bb} (100%)
rename meta/recipes-support/vim/{vim_8.2.bb => vim_9.0.bb} (100%)
--
2.25.1
^ permalink raw reply [flat|nested] 2+ messages in thread* [OE-core][kirkstone 00/30] Pull request (cover letter only)
@ 2026-04-10 10:28 Yoann Congal
0 siblings, 0 replies; 2+ messages in thread
From: Yoann Congal @ 2026-04-10 10:28 UTC (permalink / raw)
To: openembedded-core; +Cc: Paul Barker
Those are the patches from the last patch review:
[OE-core][kirkstone v4 00/30] Patch review
https://lore.kernel.org/openembedded-core/cover.1775775154.git.yoann.congal@smile.fr/T/#t
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/3635
The following changes since commit c4194cadb1180da37514c55cd97827eb0269c8e2:
build-appliance-image: Update to kirkstone head revision (2026-03-20 09:58:53 +0000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-next
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next
for you to fetch changes up to f2bc121f821f684a541b1f4e317078c50d29c389:
scripts/install-buildtools: Update to 4.0.34 (2026-04-10 00:51:17 +0200)
----------------------------------------------------------------
Bruce Ashfield (2):
linux-yocto/5.15: update to v5.15.200
linux-yocto/5.15: update to v5.15.201
Fabien Thomas (1):
README.OE-Core: update contributor links and add kirkstone prefix
Hitendra Prajapati (6):
vim: Fix CVE-2026-33412
ncurses: fix for CVE-2025-69720
vim: Fix CVE-2026-25749
vim: Fix CVE-2026-26269
vim: Fix CVE-2026-28418
vim: Fix CVE-2026-28419
Jinfeng Wang (1):
tzdata/tzcode-native: upgrade 2025c -> 2026a
Paul Barker (1):
create-pull-request: Keep commit hash to be pulled in cover email
Peter Marko (1):
libtheora: mark CVE-2024-56431 as not vulnerable yet
Richard Purdie (2):
recipetool: Recognise https://git. as git urls
selftest/scripts: Update old git protocol references
Ross Burton (1):
tcl: skip http11 tests
Vijay Anusuri (10):
tzdata,tzcode-native: Upgrade 2025b -> 2025c
python3: upgrade 3.10.19 -> 3.10.20
python3-pyopenssl: Fix CVE-2026-27448
python3-pyopenssl: Fix CVE-2026-27459
libarchive: Fix CVE-2026-4111
sqlite3: Fix CVE-2025-70873
curl: patch CVE-2025-14524
curl: patch CVE-2026-1965
curl: patch CVE-2026-3783
curl: patch CVE-2026-3784
Yoann Congal (5):
recipes: Default to https git protocol for YP/OE repos
oeqa/manual: Default to https git protocol for YP/OE repos
oeqa/sdk: Default to https git protocol for YP/OE repos
scripts: Default to https git protocol for YP/OE repos
scripts/install-buildtools: Update to 4.0.34
README.OE-Core.md | 10 +-
.../devtool/devtool-upgrade-test2_git.bb | 2 +-
.../devtool-upgrade-test2_git.bb.upgraded | 2 +-
meta/lib/oeqa/manual/crops.json | 2 +-
meta/lib/oeqa/manual/eclipse-plugin.json | 2 +-
.../oeqa/manual/toaster-unmanaged-mode.json | 2 +-
.../oeqa/sdk/buildtools-docs-cases/build.py | 2 +-
meta/lib/oeqa/selftest/cases/devtool.py | 4 +-
meta/lib/oeqa/selftest/cases/externalsrc.py | 2 +-
meta/lib/oeqa/selftest/cases/fetch.py | 2 +
meta/lib/oeqa/selftest/cases/recipetool.py | 8 +-
meta/lib/oeqa/selftest/cases/sstatetests.py | 2 +-
meta/recipes-core/dbus-wait/dbus-wait_git.bb | 2 +-
.../images/build-appliance-image_15.0.0.bb | 2 +-
.../ncurses/files/CVE-2025-69720.patch | 42 ++
.../ncurses/ncurses_6.3+20220423.bb | 1 +
meta/recipes-core/psplash/psplash_git.bb | 2 +-
.../update-rc.d/update-rc.d_0.8.bb | 2 +-
meta/recipes-devtools/pseudo/pseudo_git.bb | 2 +-
.../python3-pyopenssl/CVE-2026-27448.patch | 125 ++++++
.../python3-pyopenssl/CVE-2026-27459.patch | 106 +++++
.../python/python3-pyopenssl_22.0.0.bb | 5 +
.../python/python3/CVE-2025-12084.patch | 171 --------
.../python/python3/CVE-2025-13836.patch | 163 --------
.../python/python3/CVE-2025-13837.patch | 162 --------
.../python/python3/CVE-2025-6075.patch | 364 ------------------
...{python3_3.10.19.bb => python3_3.10.20.bb} | 6 +-
meta/recipes-devtools/tcltk/tcl/run-ptest | 4 +-
.../libarchive/CVE-2026-4111-1.patch | 32 ++
.../libarchive/CVE-2026-4111-2.patch | 308 +++++++++++++++
.../libarchive/libarchive_3.6.2.bb | 2 +
meta/recipes-extended/timezone/timezone.inc | 6 +-
.../libfakekey/libfakekey_git.bb | 2 +-
.../libmatchbox/libmatchbox_1.12.bb | 2 +-
.../matchbox-wm/matchbox-wm_1.2.2.bb | 2 +-
.../xcursor-transparent-theme_git.bb | 2 +-
.../kern-tools/kern-tools-native_git.bb | 2 +-
meta/recipes-kernel/linux/linux-yocto-dev.bb | 4 +-
.../linux/linux-yocto-rt_5.10.bb | 4 +-
.../linux/linux-yocto-rt_5.15.bb | 10 +-
.../linux/linux-yocto-tiny_5.10.bb | 4 +-
.../linux/linux-yocto-tiny_5.15.bb | 10 +-
meta/recipes-kernel/linux/linux-yocto_5.10.bb | 4 +-
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 30 +-
.../libtheora/libtheora_1.1.1.bb | 3 +
.../matchbox-config-gtk_0.2.bb | 2 +-
.../matchbox-desktop/matchbox-desktop_2.2.bb | 2 +-
.../matchbox-keyboard_0.1.1.bb | 2 +-
.../matchbox-panel-2/matchbox-panel-2_2.11.bb | 2 +-
.../matchbox-terminal_0.2.bb | 2 +-
.../matchbox-theme-sato_0.2.bb | 2 +-
.../sato-screenshot/sato-screenshot_0.3.bb | 2 +-
.../settings-daemon/settings-daemon_0.0.2.bb | 2 +-
.../curl/curl/CVE-2025-14524.patch | 42 ++
.../curl/curl/CVE-2026-1965-1.patch | 98 +++++
.../curl/curl/CVE-2026-1965-2.patch | 29 ++
.../curl/curl/CVE-2026-3783-pre1.patch | 66 ++++
.../curl/curl/CVE-2026-3783.patch | 157 ++++++++
.../curl/curl/CVE-2026-3784.patch | 73 ++++
meta/recipes-support/curl/curl_7.82.0.bb | 6 +
.../ptest-runner/ptest-runner_2.4.2.bb | 2 +-
.../sqlite/files/CVE-2025-70873.patch | 33 ++
meta/recipes-support/sqlite/sqlite3_3.38.5.bb | 1 +
.../vim/files/CVE-2026-25749.patch | 64 +++
.../vim/files/CVE-2026-26269.patch | 150 ++++++++
.../vim/files/CVE-2026-28418.patch | 78 ++++
.../vim/files/CVE-2026-28419.patch | 86 +++++
.../vim/files/CVE-2026-33412.patch | 61 +++
meta/recipes-support/vim/vim.inc | 5 +
scripts/combo-layer.conf.example | 4 +-
scripts/contrib/patchtest.sh | 4 +-
scripts/create-pull-request | 2 +-
scripts/install-buildtools | 4 +-
scripts/lib/recipetool/create.py | 2 +-
74 files changed, 1662 insertions(+), 947 deletions(-)
create mode 100644 meta/recipes-core/ncurses/files/CVE-2025-69720.patch
create mode 100644 meta/recipes-devtools/python/python3-pyopenssl/CVE-2026-27448.patch
create mode 100644 meta/recipes-devtools/python/python3-pyopenssl/CVE-2026-27459.patch
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2025-12084.patch
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2025-13836.patch
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2025-13837.patch
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2025-6075.patch
rename meta/recipes-devtools/python/{python3_3.10.19.bb => python3_3.10.20.bb} (98%)
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2026-4111-1.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2026-4111-2.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2025-14524.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2026-1965-1.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2026-1965-2.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2026-3783-pre1.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2026-3783.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2026-3784.patch
create mode 100644 meta/recipes-support/sqlite/files/CVE-2025-70873.patch
create mode 100644 meta/recipes-support/vim/files/CVE-2026-25749.patch
create mode 100644 meta/recipes-support/vim/files/CVE-2026-26269.patch
create mode 100644 meta/recipes-support/vim/files/CVE-2026-28418.patch
create mode 100644 meta/recipes-support/vim/files/CVE-2026-28419.patch
create mode 100644 meta/recipes-support/vim/files/CVE-2026-33412.patch
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2026-04-10 10:28 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-07-07 15:25 [OE-core][kirkstone 00/30] Pull request (cover letter only) Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2026-04-10 10:28 Yoann Congal
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox