[OE-core][scarthgap 00/14] Patch review

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 00/14] Patch review
Date: Wed, 23 Apr 2025 06:20:11 -0700	[thread overview]
Message-ID: <cover.1745356684.git.steve@sakoman.com> (raw)

Please review this set of changes for scarthgap and have comments back by
end of day Friday, April 25

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1437

The following changes since commit 04038ecd1edd6592b826665a2b787387bb7074fa:

  build-appliance-image: Update to scarthgap head revision (2025-04-19 14:43:09 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Ashish Sharma (1):
  binutils: patch CVE-2025-1182

Guðni Már Gilbert (2):
  systemd: upgrade 255.17 -> 255.18
  bluez5: add missing tools to noinst-tools package

Igor Opaniuk (1):
  wic: bootimg-efi: Support + symbol in filenames

Peter Marko (2):
  sqlite3: patch CVE-2025-3277
  sqlite3: patch CVE-2025-29088

Soumya Sambu (1):
  python3-jinja2: upgrade 3.1.4 -> 3.1.6

Vijay Anusuri (5):
  libsoup: Fix CVE-2025-32910
  libsoup: Fix CVE-2025-32909
  libsoup: Fix CVE-2025-32911 & CVE-2025-32913
  libsoup: Fix CVE-2025-32912
  libsoup: Fix CVE-2025-32906

Yogita Urade (2):
  curl: fix CVE-2024-11053
  curl: fix CVE-2025-0167

 .../bluez5/bluez5_5.72.bb                     |   8 +-
 ...55.17.bb => systemd-boot-native_255.18.bb} |   0
 ...-boot_255.17.bb => systemd-boot_255.18.bb} |   0
 meta/recipes-core/systemd/systemd.inc         |   2 +-
 ...1-missing_type.h-add-comparison_fn_t.patch |   2 +-
 ...k-parse_printf_format-implementation.patch |   4 +-
 ...tall-dependency-links-at-install-tim.patch |   2 +-
 ...missing.h-check-for-missing-strndupa.patch |   6 +-
 ...OB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch |   4 +-
 ...005-add-missing-FTW_-macros-for-musl.patch |   2 +-
 ...06-Use-uintmax_t-for-handling-rlim_t.patch |   2 +-
 ...T_SYMLINK_NOFOLLOW-flag-to-faccessat.patch |   2 +-
 ...patible-basename-for-non-glibc-syste.patch |   2 +-
 ...implment-systemd-sysv-install-for-OE.patch |   2 +-
 ...uffering-when-writing-to-oom_score_a.patch |   4 +-
 ...compliant-strerror_r-from-GNU-specif.patch |   2 +-
 ...definition-of-prctl_mm_map-structure.patch |   2 +-
 ...-not-disable-buffer-in-writing-files.patch |   2 +-
 .../0013-Handle-__cpu_mask-usage.patch        |   2 +-
 .../systemd/0014-Handle-missing-gshadow.patch |   8 +-
 ...l.h-Define-MIPS-ABI-defines-for-musl.patch |   2 +-
 ...ass-correct-parameters-to-getdents64.patch |   4 +-
 .../0017-Adjust-for-musl-headers.patch        |   2 +-
 ...trerror-is-assumed-to-be-GNU-specifi.patch |   2 +-
 ...util-Make-STRERROR-portable-for-musl.patch |   2 +-
 ...ake-malloc_trim-conditional-on-glibc.patch |   2 +-
 ...hared-Do-not-use-malloc_info-on-musl.patch |   2 +-
 ...22-avoid-missing-LOCK_EX-declaration.patch |   2 +-
 .../{systemd_255.17.bb => systemd_255.18.bb}  |   0
 .../binutils/binutils-2.42.inc                |   1 +
 .../binutils/binutils/CVE-2025-1182.patch     |  33 +
 ...inja2_3.1.4.bb => python3-jinja2_3.1.6.bb} |   5 +-
 .../curl/curl/CVE-2024-11053-0001.patch       | 353 +++++++++
 .../curl/curl/CVE-2024-11053-0002.patch       | 728 ++++++++++++++++++
 .../curl/curl/CVE-2024-11053-0003.patch       | 130 ++++
 .../curl/curl/CVE-2025-0167.patch             | 178 +++++
 meta/recipes-support/curl/curl_8.7.1.bb       |   4 +
 .../libsoup-3.4.4/CVE-2025-32906-1.patch      |  61 ++
 .../libsoup-3.4.4/CVE-2025-32906-2.patch      |  83 ++
 .../libsoup-3.4.4/CVE-2025-32909.patch        |  36 +
 .../libsoup-3.4.4/CVE-2025-32910-1.patch      |  98 +++
 .../libsoup-3.4.4/CVE-2025-32910-2.patch      | 149 ++++
 .../libsoup-3.4.4/CVE-2025-32910-3.patch      |  27 +
 .../CVE-2025-32911_CVE-2025-32913-1.patch     |  72 ++
 .../CVE-2025-32911_CVE-2025-32913-2.patch     |  44 ++
 .../libsoup-3.4.4/CVE-2025-32912-1.patch      |  41 +
 .../libsoup-3.4.4/CVE-2025-32912-2.patch      |  30 +
 meta/recipes-support/libsoup/libsoup_3.4.4.bb |  10 +
 .../sqlite/sqlite3/CVE-2025-29088.patch       | 179 +++++
 .../sqlite/sqlite3/CVE-2025-3277.patch        |  28 +
 meta/recipes-support/sqlite/sqlite3_3.45.3.bb |   5 +-
 scripts/lib/wic/plugins/source/bootimg-efi.py |   2 +-
 52 files changed, 2335 insertions(+), 38 deletions(-)
 rename meta/recipes-core/systemd/{systemd-boot-native_255.17.bb => systemd-boot-native_255.18.bb} (100%)
 rename meta/recipes-core/systemd/{systemd-boot_255.17.bb => systemd-boot_255.18.bb} (100%)
 rename meta/recipes-core/systemd/{systemd_255.17.bb => systemd_255.18.bb} (100%)
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-1182.patch
 rename meta/recipes-devtools/python/{python3-jinja2_3.1.4.bb => python3-jinja2_3.1.6.bb} (81%)
 create mode 100644 meta/recipes-support/curl/curl/CVE-2024-11053-0001.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2024-11053-0002.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2024-11053-0003.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2025-0167.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32906-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32906-2.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32909.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-2.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-3.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32911_CVE-2025-32913-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32911_CVE-2025-32913-2.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32912-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32912-2.patch
 create mode 100644 meta/recipes-support/sqlite/sqlite3/CVE-2025-29088.patch
 create mode 100644 meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch

-- 
2.43.0

next             reply	other threads:[~2025-04-23 13:20 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-04-23 13:20 Steve Sakoman [this message]
2025-04-23 13:20 ` [OE-core][scarthgap 01/14] libsoup: Fix CVE-2025-32910 Steve Sakoman
2025-04-23 13:20 ` [OE-core][scarthgap 02/14] libsoup: Fix CVE-2025-32909 Steve Sakoman
2025-04-23 13:20 ` [OE-core][scarthgap 03/14] libsoup: Fix CVE-2025-32911 & CVE-2025-32913 Steve Sakoman
2025-04-23 13:20 ` [OE-core][scarthgap 04/14] libsoup: Fix CVE-2025-32912 Steve Sakoman
2025-04-23 13:20 ` [OE-core][scarthgap 05/14] libsoup: Fix CVE-2025-32906 Steve Sakoman
2025-04-23 13:20 ` [OE-core][scarthgap 06/14] binutils: patch CVE-2025-1182 Steve Sakoman
2025-04-23 13:20 ` [OE-core][scarthgap 07/14] sqlite3: patch CVE-2025-3277 Steve Sakoman
2025-04-23 13:20 ` [OE-core][scarthgap 08/14] sqlite3: patch CVE-2025-29088 Steve Sakoman
2025-04-23 13:20 ` [OE-core][scarthgap 09/14] curl: fix CVE-2024-11053 Steve Sakoman
2025-04-23 13:20 ` [OE-core][scarthgap 10/14] curl: fix CVE-2025-0167 Steve Sakoman
2025-04-23 13:20 ` [OE-core][scarthgap 11/14] wic: bootimg-efi: Support + symbol in filenames Steve Sakoman
2025-04-23 13:20 ` [OE-core][scarthgap 12/14] systemd: upgrade 255.17 -> 255.18 Steve Sakoman
2025-04-23 13:20 ` [OE-core][scarthgap 13/14] python3-jinja2: upgrade 3.1.4 -> 3.1.6 Steve Sakoman
2025-04-23 13:20 ` [OE-core][scarthgap 14/14] bluez5: add missing tools to noinst-tools package Steve Sakoman
  -- strict thread matches above, loose matches on Subject: below --
2025-05-30 21:21 [OE-core][scarthgap 00/14] Patch review Steve Sakoman
2025-02-11 20:08 Steve Sakoman
2025-01-22  3:02 Steve Sakoman
2024-09-04 21:32 Steve Sakoman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1745356684.git.steve@sakoman.com \
    --to=steve@sakoman.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox