[OE-core][scarthgap 00/12] Patch review

[OE-core][scarthgap 00/12] Patch review

[Steve Sakoman]

Please review this set of changes for scarthgap and have comments back by
end of day Monday, July 21

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/7150

The following changes since commit bf3fe8c01c5cc00ada22049f4f0abb485e2a626f:

  webkitgtk: fix do_compile errors on beaglebone-yocto (2024-07-13 07:07:10 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Archana Polampalli (1):
  less: fix CVE-2024-32487

Changqing Li (4):
  vulkan-samples: fix do_compile error when -Og enabled
  multilib.conf: remove appending to PKG_CONFIG_PATH
  gettext: fix a parallel build issue
  pixman: fixing inline failure with -Og

Deepthi Hemraj (1):
  binutils: stable 2.42 branch updates

Hitendra Prajapati (1):
  vte: fix CVE-2024-37535

Jose Quaresma (1):
  go: upgrade 1.22.4 -> 1.22.5

Peter Marko (2):
  busybox: Patch CVE-2021-42380
  busybox: Patch CVE-2023-42363

Steve Sakoman (1):
  Revert "apt: runtime error: filename too long (tmpdir length)"

Vijay Anusuri (1):
  openssh: fix CVE-2024-39894

 meta/conf/multilib.conf                       |   9 --
 .../openssh/openssh/CVE-2024-39894.patch      |  35 ++++
 .../openssh/openssh_9.6p1.bb                  |   1 +
 ...-fix-segfault-when-compiled-by-clang.patch |  41 +++++
 .../busybox/busybox/CVE-2021-42380.patch      | 151 ++++++++++++++++++
 .../busybox/busybox/CVE-2023-42363.patch      |  67 ++++++++
 meta/recipes-core/busybox/busybox_1.36.1.bb   |   3 +
 ...1-intl-Fix-build-failure-with-make-j.patch |  35 ++++
 meta/recipes-core/gettext/gettext_0.22.5.bb   |   1 +
 ...he-filename-can-t-be-longer-than-255.patch |  40 -----
 meta/recipes-devtools/apt/apt_2.6.1.bb        |   1 -
 .../binutils/binutils-2.42.inc                |   2 +-
 .../go/{go-1.22.4.inc => go-1.22.5.inc}       |   2 +-
 ...e_1.22.4.bb => go-binary-native_1.22.5.bb} |   6 +-
 ..._1.22.4.bb => go-cross-canadian_1.22.5.bb} |   0
 ...{go-cross_1.22.4.bb => go-cross_1.22.5.bb} |   0
 ...osssdk_1.22.4.bb => go-crosssdk_1.22.5.bb} |   0
 ...runtime_1.22.4.bb => go-runtime_1.22.5.bb} |   0
 ...ent-based-hash-generation-less-pedan.patch |  11 +-
 ...OOLDIR-to-be-overridden-in-the-envir.patch |  12 +-
 ...3-ld-add-soname-to-shareable-objects.patch |   9 +-
 ...de-CC-when-building-dist-and-go_boot.patch |  10 +-
 ...dist-separate-host-and-target-builds.patch |   9 +-
 ...d-go-make-GOROOT-precious-by-default.patch |  13 +-
 ...ut-build-specific-paths-from-linker-.patch |  12 +-
 ...ldgo.go-do-not-hardcode-host-compile.patch |  11 +-
 ...uild-paths-on-staticly-linked-arches.patch |   9 +-
 .../go/{go_1.22.4.bb => go_1.22.5.bb}         |   0
 .../less/files/CVE-2024-32487.patch           |  74 +++++++++
 meta/recipes-extended/less/less_643.bb        |   1 +
 ...ce-FORCE_INLINE_TEMPLATE-with-inline.patch |  52 ++++++
 .../vulkan/vulkan-samples_git.bb              |   1 +
 ...loat.c-fix-inlining-failed-in-call-t.patch |  56 +++++++
 .../xorg-lib/pixman_0.42.2.bb                 |   1 +
 .../vte/vte/CVE-2024-37535-01.patch           |  64 ++++++++
 .../vte/vte/CVE-2024-37535-02.patch           |  85 ++++++++++
 meta/recipes-support/vte/vte_0.74.2.bb        |   5 +-
 37 files changed, 711 insertions(+), 118 deletions(-)
 create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2024-39894.patch
 create mode 100644 meta/recipes-core/busybox/busybox/0001-awk-fix-segfault-when-compiled-by-clang.patch
 create mode 100644 meta/recipes-core/busybox/busybox/CVE-2021-42380.patch
 create mode 100644 meta/recipes-core/busybox/busybox/CVE-2023-42363.patch
 create mode 100644 meta/recipes-core/gettext/gettext/0001-intl-Fix-build-failure-with-make-j.patch
 delete mode 100644 meta/recipes-devtools/apt/apt/0001-strutl.cc-the-filename-can-t-be-longer-than-255.patch
 rename meta/recipes-devtools/go/{go-1.22.4.inc => go-1.22.5.inc} (89%)
 rename meta/recipes-devtools/go/{go-binary-native_1.22.4.bb => go-binary-native_1.22.5.bb} (78%)
 rename meta/recipes-devtools/go/{go-cross-canadian_1.22.4.bb => go-cross-canadian_1.22.5.bb} (100%)
 rename meta/recipes-devtools/go/{go-cross_1.22.4.bb => go-cross_1.22.5.bb} (100%)
 rename meta/recipes-devtools/go/{go-crosssdk_1.22.4.bb => go-crosssdk_1.22.5.bb} (100%)
 rename meta/recipes-devtools/go/{go-runtime_1.22.4.bb => go-runtime_1.22.5.bb} (100%)
 rename meta/recipes-devtools/go/{go_1.22.4.bb => go_1.22.5.bb} (100%)
 create mode 100644 meta/recipes-extended/less/files/CVE-2024-32487.patch
 create mode 100644 meta/recipes-graphics/vulkan/vulkan-samples/0001-zstd.c-replace-FORCE_INLINE_TEMPLATE-with-inline.patch
 create mode 100644 meta/recipes-graphics/xorg-lib/pixman/0001-pixman-combine-float.c-fix-inlining-failed-in-call-t.patch
 create mode 100644 meta/recipes-support/vte/vte/CVE-2024-37535-01.patch
 create mode 100644 meta/recipes-support/vte/vte/CVE-2024-37535-02.patch

-- 
2.34.1

[OE-core][scarthgap 00/12] Patch review

[Steve Sakoman]

Please review this set of changes for scarthgap and have comments back by
end of day Monday, September 2

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/7287

The following changes since commit 8b5c66c91d94f4c8521fe9443e65d86063dba5e5:

  oeqa/utils/postactions: transfer whole archive over ssh instead of doing individual copies (2024-08-20 05:03:49 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Archana Polampalli (2):
  ffmpeg: fix CVE-2024-32230
  qemu: fix CVE-2024-7409

Bartosz Golaszewski (1):
  linux-firmware: add a package for ath12k firmware

Changqing Li (2):
  expect-native: fix do_compile failure with gcc-14
  libcap-ng: update SRC_URI

Niko Mauno (1):
  util-linux: Add PACKAGECONFIG option to mitigate rootfs remount error

Peter Marko (2):
  libyaml: Ignore CVE-2024-35325
  curl: Patch CVE-2024-7264

Quentin Schulz (1):
  weston-init: fix weston not starting when xwayland is enabled

Siddharth Doshi (1):
  vim: Upgrade 9.1.0114 -> 9.1.0682

Simone Weiß (1):
  curl: Ignore CVE-2024-32928

Yogita Urade (1):
  qemu: fix CVE-2024-4467

 .../util-linux/util-linux_2.39.3.bb           |   12 +-
 meta/recipes-devtools/expect/expect_5.45.4.bb |    2 +-
 meta/recipes-devtools/qemu/qemu.inc           |    9 +
 .../qemu/qemu/CVE-2024-4467-0001.patch        |  112 ++
 .../qemu/qemu/CVE-2024-4467-0002.patch        |   55 +
 .../qemu/qemu/CVE-2024-4467-0003.patch        |   57 +
 .../qemu/qemu/CVE-2024-4467-0004.patch        | 1187 +++++++++++++++++
 .../qemu/qemu/CVE-2024-4467-0005.patch        |  239 ++++
 .../qemu/qemu/CVE-2024-7409-0001.patch        |  167 +++
 .../qemu/qemu/CVE-2024-7409-0002.patch        |  175 +++
 .../qemu/qemu/CVE-2024-7409-0003.patch        |  126 ++
 .../qemu/qemu/CVE-2024-7409-0004.patch        |  164 +++
 meta/recipes-graphics/wayland/weston-init.bb  |    2 +-
 .../linux-firmware/linux-firmware_20240312.bb |    8 +-
 .../ffmpeg/ffmpeg/CVE-2024-32230.patch        |   36 +
 .../recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb |    1 +
 .../curl/curl/CVE-2024-7264-1.patch           |   61 +
 .../curl/curl/CVE-2024-7264-2.patch           |  316 +++++
 meta/recipes-support/curl/curl_8.7.1.bb       |    3 +
 .../libcap-ng/libcap-ng-python_0.8.5.bb       |    2 -
 meta/recipes-support/libcap-ng/libcap-ng.inc  |    8 +-
 meta/recipes-support/libyaml/libyaml_0.2.5.bb |    1 +
 ...m-add-knob-whether-elf.h-are-checked.patch |   39 -
 meta/recipes-support/vim/vim.inc              |    5 +-
 24 files changed, 2737 insertions(+), 50 deletions(-)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-4467-0001.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-4467-0002.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-4467-0003.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-4467-0004.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-4467-0005.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-7409-0001.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-7409-0002.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-7409-0003.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-7409-0004.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-32230.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2024-7264-1.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2024-7264-2.patch
 delete mode 100644 meta/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch

-- 
2.34.1

[OE-core][scarthgap 00/12] Patch review

[Steve Sakoman]

Please review this set of changes for scarthgap and have comments back by
end of day Thursday, December 12

Passed a-full on autobuilder:

https://valkyrie.yoctoproject.org/#/builders/29/builds/616

The following changes since commit 92cb4641ff4ec8c1f681bca21cfeaf2ba6923ab7:

  resulttool: Improve repo layout for oeselftest results (2024-12-04 06:02:55 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Archana Polampalli (5):
  ffmpeg: fix CVE-2023-49501
  ffmpeg: fix CVE-2024-28661
  ffmpeg: fix CVE-2023-50007
  ffmpeg: fix CVE-2023-49528
  ffmpeg: fix CVE-2024-7055

Divya Chellam (1):
  libpam: fix CVE-2024-10041

Guðni Már Gilbert (4):
  systemd: drop intltool-native from DEPENDS
  systemd-boot: drop intltool-native from DEPENDS
  python3-poetry-core: drop python3-six from RDEPENDS
  dnf: drop python3-iniparse from DEPENDS and RDEPENDS

Peter Marko (1):
  qemu: set CVE-2024-6505 to fixed

Ross Burton (1):
  sanity: check for working user namespaces

 meta/classes-global/sanity.bbclass            | 24 +++++
 .../systemd/systemd-boot_255.13.bb            |  2 +-
 meta/recipes-core/systemd/systemd_255.13.bb   |  2 +-
 meta/recipes-devtools/dnf/dnf_4.19.0.bb       |  3 +-
 .../python/python3-poetry-core_1.9.0.bb       |  1 -
 meta/recipes-devtools/qemu/qemu.inc           |  3 +
 .../pam/libpam/CVE-2024-10041.patch           | 98 +++++++++++++++++++
 meta/recipes-extended/pam/libpam_1.5.3.bb     |  1 +
 .../ffmpeg/ffmpeg/CVE-2023-49501.patch        | 30 ++++++
 .../ffmpeg/ffmpeg/CVE-2023-49528.patch        | 58 +++++++++++
 .../ffmpeg/ffmpeg/CVE-2023-50007.patch        | 78 +++++++++++++++
 .../ffmpeg/ffmpeg/CVE-2024-28661.patch        | 37 +++++++
 .../ffmpeg/ffmpeg/CVE-2024-7055.patch         | 38 +++++++
 .../recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb |  5 +
 14 files changed, 375 insertions(+), 5 deletions(-)
 create mode 100644 meta/recipes-extended/pam/libpam/CVE-2024-10041.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49501.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49528.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-50007.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-28661.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-7055.patch

-- 
2.34.1

[OE-core][scarthgap 01/12] ffmpeg: fix CVE-2023-49501

[Steve Sakoman]

From: Archana Polampalli <archana.polampalli@windriver.com>

Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a
local attacker to execute arbitrary code via the config_eq_output function
in the libavfilter/asrc_afirsrc.c:495:30 component.

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../ffmpeg/ffmpeg/CVE-2023-49501.patch        | 30 +++++++++++++++++++
 .../recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb |  1 +
 2 files changed, 31 insertions(+)
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49501.patch

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49501.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49501.patch
new file mode 100644
index 0000000000..80d542952a
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49501.patch
@@ -0,0 +1,30 @@
+From 4adb93dff05dd947878c67784d98c9a4e13b57a7 Mon Sep 17 00:00:00 2001
+From: Paul B Mahol <onemda@gmail.com>
+Date: Thu, 23 Nov 2023 14:58:35 +0100
+Subject: [PATCH] avfilter/asrc_afirsrc: fix by one smaller allocation of
+ buffer
+
+CVE: CVE-2023-49501
+
+Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/4adb93dff05dd947878c67784d98c9a4e13b57a7]
+
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ libavfilter/asrc_afirsrc.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libavfilter/asrc_afirsrc.c b/libavfilter/asrc_afirsrc.c
+index e2359c1..ea04c35 100644
+--- a/libavfilter/asrc_afirsrc.c
++++ b/libavfilter/asrc_afirsrc.c
+@@ -480,7 +480,7 @@ static av_cold int config_eq_output(AVFilterLink *outlink)
+         if (ret < 0)
+             return ret;
+
+-        s->magnitude = av_calloc(s->nb_magnitude, sizeof(*s->magnitude));
++        s->magnitude = av_calloc(s->nb_magnitude + 1, sizeof(*s->magnitude));
+         if (!s->magnitude)
+             return AVERROR(ENOMEM);
+         memcpy(s->magnitude, eq_presets[s->preset].gains, sizeof(*s->magnitude) * s->nb_magnitude);
+--
+2.40.0
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
index 84bba3b7b6..47be4d3e71 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
@@ -32,6 +32,7 @@ SRC_URI = " \
     file://CVE-2024-31582.patch \
     file://CVE-2023-50008.patch \
     file://CVE-2024-32230.patch \
+    file://CVE-2023-49501.patch \
 "
 
 SRC_URI[sha256sum] = "8684f4b00f94b85461884c3719382f1261f0d9eb3d59640a1f4ac0873616f968"
-- 
2.34.1

[OE-core][scarthgap 02/12] ffmpeg: fix CVE-2024-28661

[Steve Sakoman]

From: Archana Polampalli <archana.polampalli@windriver.com>

Some of the changes are already present in recipe version

Ref:
https://github.com/FFmpeg/FFmpeg/commit/148ada5577262c6c18ae97604df8fe1c18b096e2
https://ffmpeg.org/security.html

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../ffmpeg/ffmpeg/CVE-2024-28661.patch        | 37 +++++++++++++++++++
 .../recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb |  1 +
 2 files changed, 38 insertions(+)
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-28661.patch

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-28661.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-28661.patch
new file mode 100644
index 0000000000..b42badb567
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-28661.patch
@@ -0,0 +1,37 @@
+From 66b50445cb36cf6adb49c2397362509aedb42c71 Mon Sep 17 00:00:00 2001
+From: James Almer <jamrial@gmail.com>
+Date: Fri, 16 Feb 2024 11:17:13 -0300
+Subject: [PATCH 1/3] avcodec/speexdec: check for sane frame_size values
+
+Regression since ab39cc36c72bb73318bb911acb66873de850a107.
+
+Fixes heap buffer overflows
+Fixes ticket #10866
+
+Reported-by: sploitem <sploitem@gmail.com>
+Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
+Signed-off-by: James Almer <jamrial@gmail.com>
+
+CVE: CVE-2024-28661
+
+Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/66b50445cb36cf6adb49c2397362509aedb42c71]
+
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ libavcodec/speexdec.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/libavcodec/speexdec.c b/libavcodec/speexdec.c
+index 08c7e77..23b8605 100644
+--- a/libavcodec/speexdec.c
++++ b/libavcodec/speexdec.c
+@@ -1422,6 +1422,7 @@ static int parse_speex_extradata(AVCodecContext *avctx,
+     s->frame_size = bytestream_get_le32(&buf);
+     if (s->frame_size < NB_FRAME_SIZE << s->mode)
+         return AVERROR_INVALIDDATA;
++    s->frame_size *= 1 + (s->mode > 0);
+     s->vbr = bytestream_get_le32(&buf);
+     s->frames_per_packet = bytestream_get_le32(&buf);
+     if (s->frames_per_packet <= 0 ||
+--
+2.40.0
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
index 47be4d3e71..acff21f558 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
@@ -33,6 +33,7 @@ SRC_URI = " \
     file://CVE-2023-50008.patch \
     file://CVE-2024-32230.patch \
     file://CVE-2023-49501.patch \
+    file://CVE-2024-28661.patch \
 "
 
 SRC_URI[sha256sum] = "8684f4b00f94b85461884c3719382f1261f0d9eb3d59640a1f4ac0873616f968"
-- 
2.34.1

[OE-core][scarthgap 03/12] ffmpeg: fix CVE-2023-50007

[Steve Sakoman]

From: Archana Polampalli <archana.polampalli@windriver.com>

Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local
attacker to execute arbitrary code via theav_samples_set_silence function
in the libavutil/samplefmt.c:260:9 component.

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../ffmpeg/ffmpeg/CVE-2023-50007.patch        | 78 +++++++++++++++++++
 .../recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb |  1 +
 2 files changed, 79 insertions(+)
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-50007.patch

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-50007.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-50007.patch
new file mode 100644
index 0000000000..d86e39707e
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-50007.patch
@@ -0,0 +1,78 @@
+From b1942734c7cbcdc9034034373abcc9ecb9644c47 Mon Sep 17 00:00:00 2001
+From: Paul B Mahol <onemda@gmail.com>
+Date: Mon, 27 Nov 2023 11:45:34 +0100
+Subject: [PATCH 2/3] avfilter/af_afwtdn: fix crash with EOF handling
+
+CVE: CVE-2023-50007
+
+Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/b1942734c7cbcdc9034034373abcc9ecb9644c47]
+
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ libavfilter/af_afwtdn.c | 34 +++++++++++++++++++---------------
+ 1 file changed, 19 insertions(+), 15 deletions(-)
+
+diff --git a/libavfilter/af_afwtdn.c b/libavfilter/af_afwtdn.c
+index 0fcfa77..63b7f5f 100644
+--- a/libavfilter/af_afwtdn.c
++++ b/libavfilter/af_afwtdn.c
+@@ -408,6 +408,7 @@ typedef struct AudioFWTDNContext {
+
+     uint64_t sn;
+     int64_t eof_pts;
++    int eof;
+
+     int wavelet_type;
+     int channels;
+@@ -1069,7 +1070,7 @@ static int filter_frame(AVFilterLink *inlink, AVFrame *in)
+         s->drop_samples = 0;
+     } else {
+         if (s->padd_samples < 0 && eof) {
+-            out->nb_samples += s->padd_samples;
++            out->nb_samples = FFMAX(0, out->nb_samples + s->padd_samples);
+             s->padd_samples = 0;
+         }
+         if (!eof)
+@@ -1208,23 +1209,26 @@ static int activate(AVFilterContext *ctx)
+
+     FF_FILTER_FORWARD_STATUS_BACK(outlink, inlink);
+
+-    ret = ff_inlink_consume_samples(inlink, s->nb_samples, s->nb_samples, &in);
+-    if (ret < 0)
+-        return ret;
+-    if (ret > 0)
+-        return filter_frame(inlink, in);
++    if (!s->eof) {
++        ret = ff_inlink_consume_samples(inlink, s->nb_samples, s->nb_samples, &in);
++        if (ret < 0)
++            return ret;
++        if (ret > 0)
++            return filter_frame(inlink, in);
++    }
+
+     if (ff_inlink_acknowledge_status(inlink, &status, &pts)) {
+-        if (status == AVERROR_EOF) {
+-            while (s->padd_samples != 0) {
+-                ret = filter_frame(inlink, NULL);
+-                if (ret < 0)
+-                    return ret;
+-            }
+-            ff_outlink_set_status(outlink, status, pts);
+-            return ret;
+-        }
++        if (status == AVERROR_EOF)
++            s->eof = 1;
+     }
++
++    if (s->eof && s->padd_samples != 0) {
++        return filter_frame(inlink, NULL);
++    } else if (s->eof) {
++        ff_outlink_set_status(outlink, AVERROR_EOF, s->eof_pts);
++        return 0;
++    }
++
+     FF_FILTER_FORWARD_WANTED(outlink, inlink);
+
+     return FFERROR_NOT_READY;
+--
+2.40.0
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
index acff21f558..05a4c05e24 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
@@ -34,6 +34,7 @@ SRC_URI = " \
     file://CVE-2024-32230.patch \
     file://CVE-2023-49501.patch \
     file://CVE-2024-28661.patch \
+    file://CVE-2023-50007.patch \
 "
 
 SRC_URI[sha256sum] = "8684f4b00f94b85461884c3719382f1261f0d9eb3d59640a1f4ac0873616f968"
-- 
2.34.1

[OE-core][scarthgap 04/12] ffmpeg: fix CVE-2023-49528

[Steve Sakoman]

From: Archana Polampalli <archana.polampalli@windriver.com>

Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a
local attacker to execute arbitrary code and cause a denial of service (DoS)
via the af_dialoguenhance.c:261:5 in the de_stereo component.

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../ffmpeg/ffmpeg/CVE-2023-49528.patch        | 58 +++++++++++++++++++
 .../recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb |  1 +
 2 files changed, 59 insertions(+)
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49528.patch

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49528.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49528.patch
new file mode 100644
index 0000000000..37e1ab61d1
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49528.patch
@@ -0,0 +1,58 @@
+From 2d9ed64859c9887d0504cd71dbd5b2c15e14251a Mon Sep 17 00:00:00 2001
+From: Paul B Mahol <onemda@gmail.com>
+Date: Sat, 25 Nov 2023 12:54:28 +0100
+Subject: [PATCH 3/3] avfilter/af_dialoguenhance: fix overreads
+
+CVE: CVE-2023-49528
+
+Upstream-Status: Backport [https://github.com/ffmpeg/ffmpeg/commit/2d9ed64859c9887d0504cd71dbd5b2c15e14251a]
+
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ libavfilter/af_dialoguenhance.c | 17 +++++++++--------
+ 1 file changed, 9 insertions(+), 8 deletions(-)
+
+diff --git a/libavfilter/af_dialoguenhance.c b/libavfilter/af_dialoguenhance.c
+index 1762ea7..29c8ab1 100644
+--- a/libavfilter/af_dialoguenhance.c
++++ b/libavfilter/af_dialoguenhance.c
+@@ -96,12 +96,12 @@ static int config_input(AVFilterLink *inlink)
+     if (!s->window)
+         return AVERROR(ENOMEM);
+
+-    s->in_frame       = ff_get_audio_buffer(inlink, s->fft_size * 4);
+-    s->center_frame   = ff_get_audio_buffer(inlink, s->fft_size * 4);
+-    s->out_dist_frame = ff_get_audio_buffer(inlink, s->fft_size * 4);
+-    s->windowed_frame = ff_get_audio_buffer(inlink, s->fft_size * 4);
+-    s->windowed_out   = ff_get_audio_buffer(inlink, s->fft_size * 4);
+-    s->windowed_prev  = ff_get_audio_buffer(inlink, s->fft_size * 4);
++    s->in_frame       = ff_get_audio_buffer(inlink, (s->fft_size + 2) * 2);
++    s->center_frame   = ff_get_audio_buffer(inlink, (s->fft_size + 2) * 2);
++    s->out_dist_frame = ff_get_audio_buffer(inlink, (s->fft_size + 2) * 2);
++    s->windowed_frame = ff_get_audio_buffer(inlink, (s->fft_size + 2) * 2);
++    s->windowed_out   = ff_get_audio_buffer(inlink, (s->fft_size + 2) * 2);
++    s->windowed_prev  = ff_get_audio_buffer(inlink, (s->fft_size + 2) * 2);
+     if (!s->in_frame || !s->windowed_out || !s->windowed_prev ||
+         !s->out_dist_frame || !s->windowed_frame || !s->center_frame)
+         return AVERROR(ENOMEM);
+@@ -250,6 +250,7 @@ static int de_stereo(AVFilterContext *ctx, AVFrame *out)
+     float *right_osamples  = (float *)out->extended_data[1];
+     float *center_osamples = (float *)out->extended_data[2];
+     const int offset = s->fft_size - s->overlap;
++    const int nb_samples = FFMIN(s->overlap, s->in->nb_samples);
+     float vad;
+
+     // shift in/out buffers
+@@ -258,8 +259,8 @@ static int de_stereo(AVFilterContext *ctx, AVFrame *out)
+     memmove(left_out, &left_out[s->overlap], offset * sizeof(float));
+     memmove(right_out, &right_out[s->overlap], offset * sizeof(float));
+
+-    memcpy(&left_in[offset], left_samples, s->overlap * sizeof(float));
+-    memcpy(&right_in[offset], right_samples, s->overlap * sizeof(float));
++    memcpy(&left_in[offset], left_samples, nb_samples * sizeof(float));
++    memcpy(&right_in[offset], right_samples, nb_samples * sizeof(float));
+     memset(&left_out[offset], 0, s->overlap * sizeof(float));
+     memset(&right_out[offset], 0, s->overlap * sizeof(float));
+
+--
+2.40.0
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
index 05a4c05e24..a793817ec2 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
@@ -35,6 +35,7 @@ SRC_URI = " \
     file://CVE-2023-49501.patch \
     file://CVE-2024-28661.patch \
     file://CVE-2023-50007.patch \
+    file://CVE-2023-49528.patch \
 "
 
 SRC_URI[sha256sum] = "8684f4b00f94b85461884c3719382f1261f0d9eb3d59640a1f4ac0873616f968"
-- 
2.34.1

[OE-core][scarthgap 05/12] ffmpeg: fix CVE-2024-7055

[Steve Sakoman]

From: Archana Polampalli <archana.polampalli@windriver.com>

A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical.
This affects the function pnm_decode_frame in the library /libavcodec/pnmdec.c.
The manipulation leads to heap-based buffer overflow. It is possible to initiate
the attack remotely. The exploit has been disclosed to the public and may be used.
Upgrading to version 7.0.2 is able to address this issue. It is recommended to
upgrade the affected component. The associated identifier of this vulnerability is VDB-273651.

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../ffmpeg/ffmpeg/CVE-2024-7055.patch         | 38 +++++++++++++++++++
 .../recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb |  1 +
 2 files changed, 39 insertions(+)
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-7055.patch

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-7055.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-7055.patch
new file mode 100644
index 0000000000..afd857ceac
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-7055.patch
@@ -0,0 +1,38 @@
+From 587acd0d4020859e67d1f07aeff2c885797ebcce Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Thu, 18 Jul 2024 21:12:54 +0200
+Subject: [PATCH] avcodec/pnmdec: Use 64bit for input size check
+
+Fixes: out of array read
+Fixes: poc3
+
+Reported-by: VulDB CNA Team
+Found-by: CookedMelon
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+(cherry picked from commit 3faadbe2a27e74ff5bb5f7904ec27bb1f5287dc8)
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+CVE: CVE-2024-7055
+
+Upstream-Status: Backport [https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=587acd0d4020859e67d1f07aeff2c885797ebcce]
+
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ libavcodec/pnmdec.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libavcodec/pnmdec.c b/libavcodec/pnmdec.c
+index acd77ea..40cc2ae 100644
+--- a/libavcodec/pnmdec.c
++++ b/libavcodec/pnmdec.c
+@@ -264,7 +264,7 @@ static int pnm_decode_frame(AVCodecContext *avctx, AVFrame *p,
+         break;
+     case AV_PIX_FMT_GBRPF32:
+         if (!s->half) {
+-            if (avctx->width * avctx->height * 12 > s->bytestream_end - s->bytestream)
++            if (avctx->width * avctx->height * 12LL > s->bytestream_end - s->bytestream)
+                 return AVERROR_INVALIDDATA;
+             scale = 1.f / s->scale;
+             if (s->endian) {
+--
+2.40.0
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
index a793817ec2..8f4a8d34c0 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
@@ -36,6 +36,7 @@ SRC_URI = " \
     file://CVE-2024-28661.patch \
     file://CVE-2023-50007.patch \
     file://CVE-2023-49528.patch \
+    file://CVE-2024-7055.patch \
 "
 
 SRC_URI[sha256sum] = "8684f4b00f94b85461884c3719382f1261f0d9eb3d59640a1f4ac0873616f968"
-- 
2.34.1

[OE-core][scarthgap 06/12] qemu: set CVE-2024-6505 to fixed

[Steve Sakoman]

From: Peter Marko <peter.marko@siemens.com>

CVE patch was removed on last upgrade as fixing commit was backported to
stable 8.2.x branch.

NVD DB has this CVE as version-less (with "-").
So explicit status set is needed to mark it as fixed.

(From OE-Core rev: 64359ec3b60ae68d39c2e6444f903fd20e397cff)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/qemu/qemu.inc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index 40ee267a42..4dc6c104c7 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -78,6 +78,9 @@ CVE_STATUS[CVE-2023-6683] = "cpe-incorrect: Applies only against version 8.2.1 a
 
 CVE_STATUS[CVE-2023-6693] = "cpe-incorrect: Applies only against version 8.2.0 and earlier"
 
+# NVD DB has this CVE as version-less (with "-")
+CVE_STATUS[CVE-2024-6505] = "fixed-version: this CVE is fixed since 9.1.0"
+
 COMPATIBLE_HOST:mipsarchn32 = "null"
 COMPATIBLE_HOST:mipsarchn64 = "null"
 COMPATIBLE_HOST:riscv32 = "null"
-- 
2.34.1

[OE-core][scarthgap 07/12] libpam: fix CVE-2024-10041

[Steve Sakoman]

From: Divya Chellam <divya.chellam@windriver.com>

A vulnerability was found in PAM. The secret information is
stored in memory, where the attacker can trigger the victim
program to execute by sending characters to its standard
input (stdin). As this occurs, the attacker can train the
branch predictor to execute an ROP chain speculatively.
This flaw could result in leaked passwords, such as those
found in /etc/shadow while performing authentications.

References:
https://security-tracker.debian.org/tracker/CVE-2024-10041

Upstream patches:
https://github.com/linux-pam/linux-pam/commit/b3020da7da384d769f27a8713257fbe1001878be

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../pam/libpam/CVE-2024-10041.patch           | 98 +++++++++++++++++++
 meta/recipes-extended/pam/libpam_1.5.3.bb     |  1 +
 2 files changed, 99 insertions(+)
 create mode 100644 meta/recipes-extended/pam/libpam/CVE-2024-10041.patch

diff --git a/meta/recipes-extended/pam/libpam/CVE-2024-10041.patch b/meta/recipes-extended/pam/libpam/CVE-2024-10041.patch
new file mode 100644
index 0000000000..41949cbf2a
--- /dev/null
+++ b/meta/recipes-extended/pam/libpam/CVE-2024-10041.patch
@@ -0,0 +1,98 @@
+From b3020da7da384d769f27a8713257fbe1001878be Mon Sep 17 00:00:00 2001
+From: "Dmitry V. Levin" <ldv@strace.io>
+Date: Mon, 1 Jan 2024 12:00:00 +0000
+Subject: [PATCH] pam_unix/passverify: always run the helper to obtain shadow 
+ password file entries
+
+Initially, when pam_unix.so verified the password, it used to try to
+obtain the shadow password file entry for the given user by invoking
+getspnam(3), and only when that didn't work and the effective uid
+was nonzero, pam_unix.so used to invoke the helper as a fallback.
+
+When SELinux support was introduced by commit
+67aab1ff5515054341a438cf9804e9c9b3a88033, the fallback was extended
+also for the case when SELinux was enabled.
+
+Later, commit f220cace205332a3dc34e7b37a85e7627e097e7d extended the
+fallback conditions for the case when pam_modutil_getspnam() failed
+with EACCES.
+
+Since commit 470823c4aacef5cb3b1180be6ed70846b61a3752, the helper is
+invoked as a fallback when pam_modutil_getspnam() fails for any reason.
+
+The ultimate solution for the case when pam_unix.so does not have
+permissions to obtain the shadow password file entry is to stop trying
+to use pam_modutil_getspnam() and to invoke the helper instead.
+Here are two recent examples.
+
+https://github.com/linux-pam/linux-pam/pull/484 describes a system
+configuration where libnss_systemd is enabled along with libnss_files
+in the shadow entry of nsswitch.conf, so when libnss_files is unable
+to obtain the shadow password file entry for the root user, e.g. when
+SELinux is enabled, NSS falls back to libnss_systemd which returns
+a synthesized shadow password file entry for the root user, which
+in turn locks the root user out.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=2150155 describes
+essentially the same problem in a similar system configuration.
+
+This commit is the final step in the direction of addressing the issue:
+for password verification pam_unix.so now invokes the helper instead of
+making the pam_modutil_getspnam() call.
+
+* modules/pam_unix/passverify.c (get_account_info) [!HELPER_COMPILE]:
+Always return PAM_UNIX_RUN_HELPER instead of trying to obtain
+the shadow password file entry.
+
+Complements: https://github.com/linux-pam/linux-pam/pull/386
+Resolves: https://github.com/linux-pam/linux-pam/pull/484
+Link: https://github.com/authselect/authselect/commit/1e78f7e048747024a846fd22d68afc6993734e92
+
+CVE: CVE-2024-10041
+
+Upstream-Status: Backport [https://github.com/linux-pam/linux-pam/commit/b3020da7da384d769f27a8713257fbe1001878be]
+
+Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
+---
+ modules/pam_unix/passverify.c | 21 +++++++++++----------
+ 1 file changed, 11 insertions(+), 10 deletions(-)
+
+diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c
+index 81b10d8..97a81d6 100644
+--- a/modules/pam_unix/passverify.c
++++ b/modules/pam_unix/passverify.c
+@@ -237,20 +237,21 @@ PAMH_ARG_DECL(int get_account_info,
+ 			return PAM_UNIX_RUN_HELPER;
+ #endif
+ 		} else if (is_pwd_shadowed(*pwd)) {
++#ifdef HELPER_COMPILE
+ 			/*
+-			 * ...and shadow password file entry for this user,
++			 * shadow password file entry for this user,
+ 			 * if shadowing is enabled
+ 			 */
+-			*spwdent = pam_modutil_getspnam(pamh, name);
+-			if (*spwdent == NULL) {
+-#ifndef HELPER_COMPILE
+-				/* still a chance the user can authenticate */
+-				return PAM_UNIX_RUN_HELPER;
+-#endif
+-				return PAM_AUTHINFO_UNAVAIL;
+-			}
+-			if ((*spwdent)->sp_pwdp == NULL)
++			*spwdent = getspnam(name);
++			if (*spwdent == NULL || (*spwdent)->sp_pwdp == NULL)
+ 				return PAM_AUTHINFO_UNAVAIL;
++#else
++			/*
++			 * The helper has to be invoked to deal with
++			 * the shadow password file entry.
++			 */
++			return PAM_UNIX_RUN_HELPER;
++#endif
+ 		}
+ 	} else {
+ 		return PAM_USER_UNKNOWN;
+-- 
+2.40.0
+
diff --git a/meta/recipes-extended/pam/libpam_1.5.3.bb b/meta/recipes-extended/pam/libpam_1.5.3.bb
index f05272652d..55b4dd7ee1 100644
--- a/meta/recipes-extended/pam/libpam_1.5.3.bb
+++ b/meta/recipes-extended/pam/libpam_1.5.3.bb
@@ -27,6 +27,7 @@ SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/Linux-PAM-${PV}.tar.xz \
            file://0001-pam_namespace-include-stdint-h.patch \
            file://0001-pam_pwhistory-fix-passing-NULL-filename-argument-to-.patch \
            file://CVE-2024-22365.patch \
+           file://CVE-2024-10041.patch \
            "
 
 SRC_URI[sha256sum] = "7ac4b50feee004a9fa88f1dfd2d2fa738a82896763050cd773b3c54b0a818283"
-- 
2.34.1

[OE-core][scarthgap 08/12] systemd: drop intltool-native from DEPENDS

[Steve Sakoman]

From: Guðni Már Gilbert <gudni.m.g@gmail.com>

intltool was dropped as a dependency in v236
See commit for reference:
https://github.com/systemd/systemd/pull/7313/commits/c81217920effddc93fb780cf8f9eb699d6fe1319

Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/systemd/systemd_255.13.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-core/systemd/systemd_255.13.bb b/meta/recipes-core/systemd/systemd_255.13.bb
index 0ccca8a567..fa3ad1d2cd 100644
--- a/meta/recipes-core/systemd/systemd_255.13.bb
+++ b/meta/recipes-core/systemd/systemd_255.13.bb
@@ -4,7 +4,7 @@ PROVIDES = "udev"
 
 PE = "1"
 
-DEPENDS = "intltool-native gperf-native libcap util-linux python3-jinja2-native"
+DEPENDS = "gperf-native libcap util-linux python3-jinja2-native"
 
 SECTION = "base/shell"
 
-- 
2.34.1

[OE-core][scarthgap 09/12] systemd-boot: drop intltool-native from DEPENDS

[Steve Sakoman]

From: Guðni Már Gilbert <gudni.m.g@gmail.com>

intltool was dropped as a dependency in v236
See commit for reference:
https://github.com/systemd/systemd/pull/7313/commits/c81217920effddc93fb780cf8f9eb699d6fe1319

Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/systemd/systemd-boot_255.13.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-core/systemd/systemd-boot_255.13.bb b/meta/recipes-core/systemd/systemd-boot_255.13.bb
index 4ee25ee72f..397316fe9b 100644
--- a/meta/recipes-core/systemd/systemd-boot_255.13.bb
+++ b/meta/recipes-core/systemd/systemd-boot_255.13.bb
@@ -3,7 +3,7 @@ FILESEXTRAPATHS =. "${FILE_DIRNAME}/systemd:"
 
 require conf/image-uefi.conf
 
-DEPENDS = "intltool-native libcap util-linux gperf-native python3-jinja2-native python3-pyelftools-native"
+DEPENDS = "libcap util-linux gperf-native python3-jinja2-native python3-pyelftools-native"
 
 inherit meson pkgconfig gettext
 inherit deploy
-- 
2.34.1

[OE-core][scarthgap 10/12] python3-poetry-core: drop python3-six from RDEPENDS

[Steve Sakoman]

From: Guðni Már Gilbert <gudni.m.g@gmail.com>

Looking at the history, python3-six was removed as a dependency
in the poetry.lock file in v1.5.2

Even before v1.5.2 and until now (v1.9.1) there is no code in
the package which imports the six module. So it can be safely
dropped from the recipe.

Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/python/python3-poetry-core_1.9.0.bb | 1 -
 1 file changed, 1 deletion(-)

diff --git a/meta/recipes-devtools/python/python3-poetry-core_1.9.0.bb b/meta/recipes-devtools/python/python3-poetry-core_1.9.0.bb
index 540fdffaed..d1a8b939c0 100644
--- a/meta/recipes-devtools/python/python3-poetry-core_1.9.0.bb
+++ b/meta/recipes-devtools/python/python3-poetry-core_1.9.0.bb
@@ -36,7 +36,6 @@ RDEPENDS:${PN}:append:class-target = "\
 
 RDEPENDS:${PN} += "\
     python3-pip \
-    python3-six \
 "
 
 BBCLASSEXTEND = "native nativesdk"
-- 
2.34.1

[OE-core][scarthgap 11/12] dnf: drop python3-iniparse from DEPENDS and RDEPENDS

[Steve Sakoman]

From: Guðni Már Gilbert <gudni.m.g@gmail.com>

python3-iniparse dependency was dropped 2019, see the
following commit as reference:
https://github.com/rpm-software-management/dnf/pull/1329/commits/d7d0e0e2f9d8c7d021c794821ad0b56a39ebc01f

When looking at the Git history, this happened around tag 4.2.1

Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/dnf/dnf_4.19.0.bb | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/meta/recipes-devtools/dnf/dnf_4.19.0.bb b/meta/recipes-devtools/dnf/dnf_4.19.0.bb
index 37a2cc7de2..9c7c59818e 100644
--- a/meta/recipes-devtools/dnf/dnf_4.19.0.bb
+++ b/meta/recipes-devtools/dnf/dnf_4.19.0.bb
@@ -27,7 +27,7 @@ S = "${WORKDIR}/git"
 
 inherit cmake gettext bash-completion setuptools3-base systemd
 
-DEPENDS += "libdnf librepo libcomps python3-iniparse"
+DEPENDS += "libdnf librepo libcomps"
 
 # manpages generation requires http://www.sphinx-doc.org/
 EXTRA_OECMAKE = " -DWITH_MAN=0 -DPYTHON_INSTALL_DIR=${PYTHON_SITEPACKAGES_DIR} -DPYTHON_DESIRED=3"
@@ -49,7 +49,6 @@ RDEPENDS:${PN} += " \
   python3-sqlite3 \
   python3-compression \
   python3-rpm \
-  python3-iniparse \
   python3-json \
   python3-curses \
   python3-misc \
-- 
2.34.1

[OE-core][scarthgap 12/12] sanity: check for working user namespaces

[Steve Sakoman]

From: Ross Burton <ross.burton@arm.com>

If user namespaces are not available (typically because AppArmor is
blocking them), alert the user.

We consider network isolation sufficiently important that this is a fatal
error, and the user will need to configure AppArmor to allow bitbake to
create a user namespace.

[ YOCTO #15592 ]

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b6af956fe6e876957a49d4abf425e8c789bf0459)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes-global/sanity.bbclass | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/meta/classes-global/sanity.bbclass b/meta/classes-global/sanity.bbclass
index 1d242f0f0a..72dab0fea2 100644
--- a/meta/classes-global/sanity.bbclass
+++ b/meta/classes-global/sanity.bbclass
@@ -475,6 +475,29 @@ def check_wsl(d):
             bb.warn("You are running bitbake under WSLv2, this works properly but you should optimize your VHDX file eventually to avoid running out of storage space")
     return None
 
+def check_userns():
+    """
+    Check that user namespaces are functional, as they're used for network isolation.
+    """
+
+    # There is a known failure case with AppAmrmor where the unshare() call
+    # succeeds (at which point the uid is nobody) but writing to the uid_map
+    # fails (so the uid isn't reset back to the user's uid). We can detect this.
+    parentuid = os.getuid()
+    pid = os.fork()
+    if not pid:
+        try:
+            bb.utils.disable_network()
+        except:
+            pass
+        os._exit(parentuid != os.getuid())
+
+    ret = os.waitpid(pid, 0)[1]
+    if ret:
+        bb.fatal("User namespaces are not usable by BitBake, possibly due to AppArmor.\n"
+                 "See https://discourse.ubuntu.com/t/ubuntu-24-04-lts-noble-numbat-release-notes/39890#unprivileged-user-namespace-restrictions for more information.")
+
+
 # Require at least gcc version 8.0
 #
 # This can be fixed on CentOS-7 with devtoolset-6+
@@ -641,6 +664,7 @@ def check_sanity_version_change(status, d):
     status.addresult(check_git_version(d))
     status.addresult(check_perl_modules(d))
     status.addresult(check_wsl(d))
+    status.addresult(check_userns())
 
     missing = ""
 
-- 
2.34.1

[OE-core][scarthgap 00/12] Patch review

[Steve Sakoman]

Please review this set of changes for scarthgap and have comments back by
end of day Friday, January 31

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/907

The following changes since commit 62cb12967391db709315820d48853ffa4c6b4740:

  build-appliance-image: Update to scarthgap head revision (2025-01-26 14:05:12 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Adrian Freihofer (6):
  devtool: modify support debug-builds
  devtool: ide-sdk sort cmake preset
  devtool: ide-sdk recommend DEBUG_BUILD
  oe-selftest: devtool ide-sdk use modify debug-build
  devtool: ide-sdk remove the plugin from eSDK installer
  uboot-config: fix devtool modify with kernel-fitimage

Guðni Már Gilbert (1):
  systemd: upgrade 255.13 -> 255.17

Marek Vasut (1):
  u-boot: kernel-fitimage: Fix dependency loop if UBOOT_SIGN_ENABLE and
    UBOOT_ENV enabled

Peter Marko (4):
  openssl: patch CVE-2024-13176
  go: upgrade 1.22.8 -> 1.22.9
  go: upgrade 1.22.9 -> 1.22.10
  go: upgrade 1.22.10 -> 1.22.11

 meta/classes-recipe/kernel-fitimage.bbclass   |  53 +-------
 meta/classes-recipe/uboot-config.bbclass      |  17 ++-
 meta/classes-recipe/uboot-sign.bbclass        |  26 ++--
 meta/conf/image-fitimage.conf                 |  53 ++++++++
 meta/lib/oeqa/selftest/cases/devtool.py       |   2 +-
 .../openssl/openssl/CVE-2024-13176.patch      | 126 ++++++++++++++++++
 .../openssl/openssl_3.2.3.bb                  |   1 +
 ...55.13.bb => systemd-boot-native_255.17.bb} |   0
 ...-boot_255.13.bb => systemd-boot_255.17.bb} |   0
 meta/recipes-core/systemd/systemd.inc         |   2 +-
 ...1-missing_type.h-add-comparison_fn_t.patch |   2 +-
 ...k-parse_printf_format-implementation.patch |   6 +-
 ...tall-dependency-links-at-install-tim.patch |   2 +-
 ...missing.h-check-for-missing-strndupa.patch |  33 +++--
 ...OB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch |   2 +-
 ...005-add-missing-FTW_-macros-for-musl.patch |   2 +-
 ...06-Use-uintmax_t-for-handling-rlim_t.patch |   6 +-
 ...T_SYMLINK_NOFOLLOW-flag-to-faccessat.patch |   2 +-
 ...patible-basename-for-non-glibc-syste.patch |   2 +-
 ...implment-systemd-sysv-install-for-OE.patch |   2 +-
 ...uffering-when-writing-to-oom_score_a.patch |   4 +-
 ...compliant-strerror_r-from-GNU-specif.patch |   2 +-
 ...definition-of-prctl_mm_map-structure.patch |   2 +-
 ...-not-disable-buffer-in-writing-files.patch |  34 ++---
 .../0013-Handle-__cpu_mask-usage.patch        |   2 +-
 .../systemd/0014-Handle-missing-gshadow.patch |   2 +-
 ...l.h-Define-MIPS-ABI-defines-for-musl.patch |   2 +-
 ...ass-correct-parameters-to-getdents64.patch |   2 +-
 .../0017-Adjust-for-musl-headers.patch        |   6 +-
 ...trerror-is-assumed-to-be-GNU-specifi.patch |   2 +-
 ...util-Make-STRERROR-portable-for-musl.patch |   2 +-
 ...ake-malloc_trim-conditional-on-glibc.patch |   4 +-
 ...hared-Do-not-use-malloc_info-on-musl.patch |   2 +-
 ...22-avoid-missing-LOCK_EX-declaration.patch |   4 +-
 .../{systemd_255.13.bb => systemd_255.17.bb}  |   0
 .../go/{go-1.22.8.inc => go-1.22.11.inc}      |   2 +-
 ..._1.22.8.bb => go-binary-native_1.22.11.bb} |   6 +-
 ...1.22.8.bb => go-cross-canadian_1.22.11.bb} |   0
 ...go-cross_1.22.8.bb => go-cross_1.22.11.bb} |   0
 ...sssdk_1.22.8.bb => go-crosssdk_1.22.11.bb} |   0
 ...untime_1.22.8.bb => go-runtime_1.22.11.bb} |   0
 .../go/{go_1.22.8.bb => go_1.22.11.bb}        |   0
 scripts/lib/devtool/ide_sdk.py                |  63 +++------
 scripts/lib/devtool/standard.py               |   3 +
 44 files changed, 301 insertions(+), 182 deletions(-)
 create mode 100644 meta/conf/image-fitimage.conf
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-13176.patch
 rename meta/recipes-core/systemd/{systemd-boot-native_255.13.bb => systemd-boot-native_255.17.bb} (100%)
 rename meta/recipes-core/systemd/{systemd-boot_255.13.bb => systemd-boot_255.17.bb} (100%)
 rename meta/recipes-core/systemd/{systemd_255.13.bb => systemd_255.17.bb} (100%)
 rename meta/recipes-devtools/go/{go-1.22.8.inc => go-1.22.11.inc} (89%)
 rename meta/recipes-devtools/go/{go-binary-native_1.22.8.bb => go-binary-native_1.22.11.bb} (78%)
 rename meta/recipes-devtools/go/{go-cross-canadian_1.22.8.bb => go-cross-canadian_1.22.11.bb} (100%)
 rename meta/recipes-devtools/go/{go-cross_1.22.8.bb => go-cross_1.22.11.bb} (100%)
 rename meta/recipes-devtools/go/{go-crosssdk_1.22.8.bb => go-crosssdk_1.22.11.bb} (100%)
 rename meta/recipes-devtools/go/{go-runtime_1.22.8.bb => go-runtime_1.22.11.bb} (100%)
 rename meta/recipes-devtools/go/{go_1.22.8.bb => go_1.22.11.bb} (100%)

-- 
2.43.0

[OE-core][scarthgap 00/12] Patch review

[Steve Sakoman]

Please review this set of changes for scarthgap and have comments back by
end of day Tuesday, June 10

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1740

The following changes since commit d1b64f190c1686f081f5ba2c4f2b320048f6a514:

  sstatetests: Switch to new CDN (2025-06-02 07:21:18 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Changqing Li (6):
  libsoup: fix CVE-2025-32908
  libsoup: fix CVE-2025-32907
  libsoup-2.4: fix CVE-2025-32907
  libsoup-2.4: fix do_compile failure
  libsoup-2.4: fix CVE-2025-32053
  libsoup: fix CVE-2025-32053

Deepesh Varatharajan (2):
  binutils: Fix CVE-2025-5245
  binutils: Fix CVE-2025-5244

Divya Chellam (2):
  screen: fix CVE-2025-46802
  screen: fix CVE-2025-46804

Guðni Már Gilbert (1):
  systemd: upgrade 255.18 -> 255.21

Vijay Anusuri (1):
  python3-setuptools: Fix CVE-2025-47273

 ...55.18.bb => systemd-boot-native_255.21.bb} |   0
 ...-boot_255.18.bb => systemd-boot_255.21.bb} |   0
 meta/recipes-core/systemd/systemd.inc         |   2 +-
 ...1-missing_type.h-add-comparison_fn_t.patch |   2 +-
 ...k-parse_printf_format-implementation.patch |   2 +-
 ...tall-dependency-links-at-install-tim.patch |   2 +-
 ...missing.h-check-for-missing-strndupa.patch |  10 +-
 ...OB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch |   2 +-
 ...005-add-missing-FTW_-macros-for-musl.patch |   2 +-
 ...06-Use-uintmax_t-for-handling-rlim_t.patch |   2 +-
 ...T_SYMLINK_NOFOLLOW-flag-to-faccessat.patch |   2 +-
 ...patible-basename-for-non-glibc-syste.patch |   2 +-
 ...implment-systemd-sysv-install-for-OE.patch |   2 +-
 ...uffering-when-writing-to-oom_score_a.patch |   2 +-
 ...compliant-strerror_r-from-GNU-specif.patch |   2 +-
 ...definition-of-prctl_mm_map-structure.patch |   2 +-
 ...-not-disable-buffer-in-writing-files.patch |   8 +-
 .../0013-Handle-__cpu_mask-usage.patch        |   2 +-
 .../systemd/0014-Handle-missing-gshadow.patch |   2 +-
 ...l.h-Define-MIPS-ABI-defines-for-musl.patch |   2 +-
 ...ass-correct-parameters-to-getdents64.patch |   2 +-
 .../0017-Adjust-for-musl-headers.patch        |   2 +-
 ...trerror-is-assumed-to-be-GNU-specifi.patch |   2 +-
 ...util-Make-STRERROR-portable-for-musl.patch |   2 +-
 ...ake-malloc_trim-conditional-on-glibc.patch |   2 +-
 ...hared-Do-not-use-malloc_info-on-musl.patch |   2 +-
 ...22-avoid-missing-LOCK_EX-declaration.patch |   4 +-
 .../{systemd_255.18.bb => systemd_v255.21.bb} |   0
 .../binutils/binutils-2.42.inc                |   2 +
 .../binutils/0022-CVE-2025-5244.patch         |  25 +++
 .../binutils/0022-CVE-2025-5245.patch         |  38 ++++
 .../CVE-2025-47273-pre1.patch                 |  54 +++++
 .../python3-setuptools/CVE-2025-47273.patch   |  59 ++++++
 .../python/python3-setuptools_69.1.1.bb       |   2 +
 .../screen/screen/CVE-2025-46802.patch        | 146 +++++++++++++
 .../screen/screen/CVE-2025-46804.patch        | 131 ++++++++++++
 meta/recipes-extended/screen/screen_4.9.1.bb  |   2 +
 .../libsoup/libsoup-2.4/CVE-2025-32053.patch  |  39 ++++
 .../libsoup/libsoup-2.4/CVE-2025-32907.patch  |  39 ++++
 .../libsoup-2.4/CVE-2025-32910-1.patch        |  79 +------
 .../libsoup-2.4/CVE-2025-32910-2.patch        |  60 +-----
 .../libsoup-2.4/CVE-2025-32912-1.patch        |  20 +-
 .../libsoup/libsoup-2.4_2.74.3.bb             |   4 +-
 .../libsoup-3.4.4/CVE-2025-32053.patch        |  40 ++++
 .../libsoup-3.4.4/CVE-2025-32907-1.patch      | 200 ++++++++++++++++++
 .../libsoup-3.4.4/CVE-2025-32907-2.patch      |  68 ++++++
 .../libsoup-3.4.4/CVE-2025-32908-1.patch      |  89 ++++++++
 .../libsoup-3.4.4/CVE-2025-32908-2.patch      |  53 +++++
 meta/recipes-support/libsoup/libsoup_3.4.4.bb |   7 +-
 49 files changed, 1053 insertions(+), 170 deletions(-)
 rename meta/recipes-core/systemd/{systemd-boot-native_255.18.bb => systemd-boot-native_255.21.bb} (100%)
 rename meta/recipes-core/systemd/{systemd-boot_255.18.bb => systemd-boot_255.21.bb} (100%)
 rename meta/recipes-core/systemd/{systemd_255.18.bb => systemd_v255.21.bb} (100%)
 create mode 100644 meta/recipes-devtools/binutils/binutils/0022-CVE-2025-5244.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0022-CVE-2025-5245.patch
 create mode 100644 meta/recipes-devtools/python/python3-setuptools/CVE-2025-47273-pre1.patch
 create mode 100644 meta/recipes-devtools/python/python3-setuptools/CVE-2025-47273.patch
 create mode 100644 meta/recipes-extended/screen/screen/CVE-2025-46802.patch
 create mode 100644 meta/recipes-extended/screen/screen/CVE-2025-46804.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32053.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32907.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32053.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32907-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32907-2.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32908-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32908-2.patch

-- 
2.43.0

[OE-core][scarthgap 00/12] Patch review

[Steve Sakoman]

Please review this set of changes for scarthgap and have comments back by
end of day Tursday, July 10

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1980

The following changes since commit 15881f41f8c00c5f0a68628c2d49ca1aa1999c2e:

  xwayland: fix CVE-2025-49180 (2025-07-03 09:04:44 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Bruce Ashfield (3):
  linux-yocto/6.6: update to v6.6.93
  linux-yocto/6.6: update to v6.6.94
  linux-yocto/6.6: update to v6.6.96

Changqing Li (4):
  icu: fix CVE-2025-5222
  libsoup-2.4: refresh CVE-2025-4969.patch
  libsoup-2.4: fix CVE-2025-4945
  libsoup: fix CVE-2025-4945

Guocai He (1):
  minicom: correct the SRC_URI

Hitendra Prajapati (1):
  libxml2: fix CVE-2025-6021

Vijay Anusuri (1):
  sudo: Fix CVE-2025-32462

Virendra Thakur (1):
  curl: set conditional CVE_STATUS for CVE-2025-5025

Yogita Urade (1):
  python3-urllib3: fix CVE-2025-50181

 .../libxml/libxml2/CVE-2025-6021.patch        |  56 ++++
 meta/recipes-core/libxml/libxml2_2.12.10.bb   |   1 +
 .../python3-urllib3/CVE-2025-50181.patch      | 283 ++++++++++++++++++
 .../python/python3-urllib3_2.2.2.bb           |   4 +
 meta/recipes-extended/minicom/minicom_2.9.bb  |   2 +-
 .../sudo/files/CVE-2025-32462.patch           |  42 +++
 meta/recipes-extended/sudo/sudo_1.9.15p5.bb   |   1 +
 .../linux/linux-yocto-rt_6.6.bb               |   6 +-
 .../linux/linux-yocto-tiny_6.6.bb             |   6 +-
 meta/recipes-kernel/linux/linux-yocto_6.6.bb  |  28 +-
 meta/recipes-support/curl/curl_8.7.1.bb       |   2 +
 .../icu/icu/CVE-2025-5222.patch               | 166 ++++++++++
 meta/recipes-support/icu/icu_74-2.bb          |   1 +
 .../libsoup/libsoup-2.4/CVE-2025-4945.patch   | 117 ++++++++
 .../libsoup/libsoup-2.4/CVE-2025-4969.patch   |  54 +---
 .../libsoup/libsoup-2.4_2.74.3.bb             |   1 +
 .../libsoup/libsoup-3.4.4/CVE-2025-4945.patch | 118 ++++++++
 meta/recipes-support/libsoup/libsoup_3.4.4.bb |   1 +
 18 files changed, 826 insertions(+), 63 deletions(-)
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-6021.patch
 create mode 100644 meta/recipes-devtools/python/python3-urllib3/CVE-2025-50181.patch
 create mode 100644 meta/recipes-extended/sudo/files/CVE-2025-32462.patch
 create mode 100644 meta/recipes-support/icu/icu/CVE-2025-5222.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4945.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4945.patch

-- 
2.43.0

[OE-core][scarthgap 00/12] Patch review

[Steve Sakoman]

Please review this set of changes for scarthgap and have comments back by
end of day Friday, July 18

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/2032

The following changes since commit 7a59dc5ee6edd9596e87c2fbcd1f2594c06b3d1b:

  build-appliance-image: Update to scarthgap head revision (2025-07-11 08:14:46 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Archana Polampalli (1):
  gdk-pixbuf: fix CVE-2025-7345

Deepesh Varatharajan (1):
  binutils: stable 2.42 branch updates

Hitendra Prajapati (1):
  libxml2: fix CVE-2025-49794 & CVE-2025-49796

Joe Slater (1):
  oe-debuginfod: add option for data storage

Michal Seben (1):
  timedated: wait for jobs before SetNTP response

Peter Marko (3):
  python3: update CVE product
  busybox: apply patch for CVE-2023-39810
  iputils: patch CVE-2025-48964

Praveen Kumar (1):
  sudo: upgrade 1.9.15p5 -> 1.9.17p1

Steve Sakoman (1):
  Revert "sudo: Fix CVE-2025-32462"

Vijay Anusuri (1):
  git: Upgrade 2.44.3 -> 2.44.4

Yi Zhao (1):
  kea: set correct permissions for /var/run/kea

 .../kea/files/kea-dhcp-ddns.service           |   1 +
 .../kea/files/kea-dhcp4.service               |   1 +
 .../kea/files/kea-dhcp6.service               |   1 +
 .../busybox/busybox/CVE-2023-39810.patch      | 136 +++++++++++++
 meta/recipes-core/busybox/busybox_1.36.1.bb   |   1 +
 .../CVE-2025-49794-CVE-2025-49796.patch       | 186 ++++++++++++++++++
 meta/recipes-core/libxml/libxml2_2.12.10.bb   |   1 +
 ...d-on-org.freedesktop.timedate1.SetNT.patch |  97 +++++++++
 meta/recipes-core/systemd/systemd_255.21.bb   |   1 +
 .../binutils/binutils-2.42.inc                |   2 +-
 .../git/{git_2.44.3.bb => git_2.44.4.bb}      |   2 +-
 .../python/python3_3.12.11.bb                 |   2 +-
 .../iputils/iputils/CVE-2025-48964.patch      |  99 ++++++++++
 .../iputils/iputils_20240117.bb               |   1 +
 ...o.conf.in-fix-conflict-with-multilib.patch |   7 +-
 .../sudo/files/CVE-2025-32462.patch           |  42 ----
 meta/recipes-extended/sudo/sudo.inc           |   2 +-
 .../{sudo_1.9.15p5.bb => sudo_1.9.17p1.bb}    |  55 +++++-
 .../gdk-pixbuf/gdk-pixbuf/CVE-2025-7345.patch |  55 ++++++
 .../gdk-pixbuf/gdk-pixbuf_2.42.12.bb          |   1 +
 scripts/oe-debuginfod                         |  17 +-
 21 files changed, 657 insertions(+), 53 deletions(-)
 create mode 100644 meta/recipes-core/busybox/busybox/CVE-2023-39810.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-49794-CVE-2025-49796.patch
 create mode 100644 meta/recipes-core/systemd/systemd/0003-timedated-Respond-on-org.freedesktop.timedate1.SetNT.patch
 rename meta/recipes-devtools/git/{git_2.44.3.bb => git_2.44.4.bb} (98%)
 create mode 100644 meta/recipes-extended/iputils/iputils/CVE-2025-48964.patch
 delete mode 100644 meta/recipes-extended/sudo/files/CVE-2025-32462.patch
 rename meta/recipes-extended/sudo/{sudo_1.9.15p5.bb => sudo_1.9.17p1.bb} (52%)
 create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2025-7345.patch

-- 
2.43.0