[OE-core][kirkstone 00/14] Patch review

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/14] Patch review
Date: Tue, 29 Apr 2025 19:53:25 -0700	[thread overview]
Message-ID: <cover.1745981510.git.steve@sakoman.com> (raw)

Please review this set of changes for kirkstone and have comments back by
end of day Thursday, May 1

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1494

The following changes since commit f23d1bfca0ea57150c397bc2e495191fb61423d0:

  ruby: fix CVE-2024-43398 (2025-04-15 06:43:55 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Chen Qi (1):
  systemd: backport patch to fix journal issue

Deepesh Varatharajan (1):
  binutils: Fix CVE-2025-1178

Haitao Liu (1):
  systemd: systemd-journald fails to setup LogNamespace

Peter Marko (8):
  sqlite3: patch CVE-2025-29088
  ppp: patch CVE-2024-58250
  ghostscript: ignore CVE-2025-27833
  libarchive: ignore CVE-2024-48615
  libxml2: patch CVE-2025-32414
  libxml2: patch CVE-2025-32415
  glib-2.0: patch CVE-2025-3360
  Revert "cve-update-nvd2-native: Tweak to work better with NFS DL_DIR"

Priyal Doshi (1):
  tzdata/tzcode-native: upgrade 2025a -> 2025b

Shubham Kulkarni (1):
  libpam: Update fix for CVE-2024-10041

Soumya Sambu (1):
  python3-setuptools: Fix CVE-2024-6345

 .../ppp/ppp/CVE-2024-58250.patch              | 185 +++++++++
 meta/recipes-connectivity/ppp/ppp_2.4.9.bb    |   2 +-
 .../glib-2.0/glib-2.0/CVE-2025-3360-01.patch  |  57 +++
 .../glib-2.0/glib-2.0/CVE-2025-3360-02.patch  |  53 +++
 .../glib-2.0/glib-2.0/CVE-2025-3360-03.patch  |  36 ++
 .../glib-2.0/glib-2.0/CVE-2025-3360-04.patch  |  76 ++++
 .../glib-2.0/glib-2.0/CVE-2025-3360-05.patch  |  57 +++
 .../glib-2.0/glib-2.0/CVE-2025-3360-06.patch  |  50 +++
 meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb |   6 +
 .../libxml/libxml2/CVE-2025-32414.patch       |  74 ++++
 .../libxml/libxml2/CVE-2025-32415.patch       |  39 ++
 meta/recipes-core/libxml/libxml2_2.9.14.bb    |   2 +
 .../meta/cve-update-nvd2-native.bb            |   2 -
 ...n-in-mkdir_p-when-parent-directory-e.patch |  78 ++++
 ...journal_previous-next-return-0-at-HE.patch |  87 +++++
 meta/recipes-core/systemd/systemd_250.14.bb   |   2 +
 .../binutils/binutils-2.38.inc                |   1 +
 .../binutils/0039-CVE-2025-1178.patch         |  33 ++
 .../python3-setuptools/CVE-2024-6345.patch    | 353 ++++++++++++++++++
 .../python/python3-setuptools_59.5.0.bb       |   1 +
 .../ghostscript/ghostscript_9.55.0.bb         |   3 +-
 .../libarchive/libarchive_3.6.2.bb            |   2 +
 ...024-10041.patch => CVE-2024-10041-1.patch} |   0
 .../pam/libpam/CVE-2024-10041-2.patch         |  77 ++++
 meta/recipes-extended/pam/libpam_1.5.2.bb     |   3 +-
 meta/recipes-extended/timezone/timezone.inc   |   6 +-
 .../sqlite/files/CVE-2025-29088.patch         | 179 +++++++++
 meta/recipes-support/sqlite/sqlite3_3.38.5.bb |   1 +
 28 files changed, 1457 insertions(+), 8 deletions(-)
 create mode 100644 meta/recipes-connectivity/ppp/ppp/CVE-2024-58250.patch
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-3360-01.patch
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-3360-02.patch
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-3360-03.patch
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-3360-04.patch
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-3360-05.patch
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-3360-06.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-32414.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-32415.patch
 create mode 100644 meta/recipes-core/systemd/systemd/0001-basic-do-not-warn-in-mkdir_p-when-parent-directory-e.patch
 create mode 100644 meta/recipes-core/systemd/systemd/0001-journal-Make-sd_journal_previous-next-return-0-at-HE.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0039-CVE-2025-1178.patch
 create mode 100644 meta/recipes-devtools/python/python3-setuptools/CVE-2024-6345.patch
 rename meta/recipes-extended/pam/libpam/{CVE-2024-10041.patch => CVE-2024-10041-1.patch} (100%)
 create mode 100644 meta/recipes-extended/pam/libpam/CVE-2024-10041-2.patch
 create mode 100644 meta/recipes-support/sqlite/files/CVE-2025-29088.patch

-- 
2.43.0

next             reply	other threads:[~2025-04-30  2:54 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-04-30  2:53 Steve Sakoman [this message]
2025-04-30  2:53 ` [OE-core][kirkstone 01/14] sqlite3: patch CVE-2025-29088 Steve Sakoman
2025-04-30  2:53 ` [OE-core][kirkstone 02/14] libpam: Update fix for CVE-2024-10041 Steve Sakoman
2025-04-30  2:53 ` [OE-core][kirkstone 03/14] ppp: patch CVE-2024-58250 Steve Sakoman
2025-04-30  2:53 ` [OE-core][kirkstone 04/14] ghostscript: ignore CVE-2025-27833 Steve Sakoman
2025-04-30  2:53 ` [OE-core][kirkstone 05/14] libarchive: ignore CVE-2024-48615 Steve Sakoman
2025-04-30  2:53 ` [OE-core][kirkstone 06/14] libxml2: patch CVE-2025-32414 Steve Sakoman
2025-04-30  2:53 ` [OE-core][kirkstone 07/14] libxml2: patch CVE-2025-32415 Steve Sakoman
2025-04-30  2:53 ` [OE-core][kirkstone 08/14] glib-2.0: patch CVE-2025-3360 Steve Sakoman
2025-04-30  2:53 ` [OE-core][kirkstone 09/14] binutils: Fix CVE-2025-1178 Steve Sakoman
2025-04-30  2:53 ` [OE-core][kirkstone 10/14] python3-setuptools: Fix CVE-2024-6345 Steve Sakoman
2025-04-30  2:53 ` [OE-core][kirkstone 11/14] tzdata/tzcode-native: upgrade 2025a -> 2025b Steve Sakoman
2025-04-30  2:53 ` [OE-core][kirkstone 12/14] systemd: backport patch to fix journal issue Steve Sakoman
2025-04-30  2:53 ` [OE-core][kirkstone 13/14] systemd: systemd-journald fails to setup LogNamespace Steve Sakoman
2025-04-30  2:53 ` [OE-core][kirkstone 14/14] Revert "cve-update-nvd2-native: Tweak to work better with NFS DL_DIR" Steve Sakoman
  -- strict thread matches above, loose matches on Subject: below --
2025-10-14 22:44 [OE-core][kirkstone 00/14] Patch review Steve Sakoman
2025-06-22 14:59 Steve Sakoman
2024-11-27 18:49 Steve Sakoman
2023-09-06 12:48 Steve Sakoman
2023-03-23 21:04 Steve Sakoman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1745981510.git.steve@sakoman.com \
    --to=steve@sakoman.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox