From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 00/12] Patch review
Date: Fri, 6 Jun 2025 08:59:53 -0700 [thread overview]
Message-ID: <cover.1749225417.git.steve@sakoman.com> (raw)
Please review this set of changes for scarthgap and have comments back by
end of day Tuesday, June 10
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1740
The following changes since commit d1b64f190c1686f081f5ba2c4f2b320048f6a514:
sstatetests: Switch to new CDN (2025-06-02 07:21:18 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut
Changqing Li (6):
libsoup: fix CVE-2025-32908
libsoup: fix CVE-2025-32907
libsoup-2.4: fix CVE-2025-32907
libsoup-2.4: fix do_compile failure
libsoup-2.4: fix CVE-2025-32053
libsoup: fix CVE-2025-32053
Deepesh Varatharajan (2):
binutils: Fix CVE-2025-5245
binutils: Fix CVE-2025-5244
Divya Chellam (2):
screen: fix CVE-2025-46802
screen: fix CVE-2025-46804
Guðni Már Gilbert (1):
systemd: upgrade 255.18 -> 255.21
Vijay Anusuri (1):
python3-setuptools: Fix CVE-2025-47273
...55.18.bb => systemd-boot-native_255.21.bb} | 0
...-boot_255.18.bb => systemd-boot_255.21.bb} | 0
meta/recipes-core/systemd/systemd.inc | 2 +-
...1-missing_type.h-add-comparison_fn_t.patch | 2 +-
...k-parse_printf_format-implementation.patch | 2 +-
...tall-dependency-links-at-install-tim.patch | 2 +-
...missing.h-check-for-missing-strndupa.patch | 10 +-
...OB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch | 2 +-
...005-add-missing-FTW_-macros-for-musl.patch | 2 +-
...06-Use-uintmax_t-for-handling-rlim_t.patch | 2 +-
...T_SYMLINK_NOFOLLOW-flag-to-faccessat.patch | 2 +-
...patible-basename-for-non-glibc-syste.patch | 2 +-
...implment-systemd-sysv-install-for-OE.patch | 2 +-
...uffering-when-writing-to-oom_score_a.patch | 2 +-
...compliant-strerror_r-from-GNU-specif.patch | 2 +-
...definition-of-prctl_mm_map-structure.patch | 2 +-
...-not-disable-buffer-in-writing-files.patch | 8 +-
.../0013-Handle-__cpu_mask-usage.patch | 2 +-
.../systemd/0014-Handle-missing-gshadow.patch | 2 +-
...l.h-Define-MIPS-ABI-defines-for-musl.patch | 2 +-
...ass-correct-parameters-to-getdents64.patch | 2 +-
.../0017-Adjust-for-musl-headers.patch | 2 +-
...trerror-is-assumed-to-be-GNU-specifi.patch | 2 +-
...util-Make-STRERROR-portable-for-musl.patch | 2 +-
...ake-malloc_trim-conditional-on-glibc.patch | 2 +-
...hared-Do-not-use-malloc_info-on-musl.patch | 2 +-
...22-avoid-missing-LOCK_EX-declaration.patch | 4 +-
.../{systemd_255.18.bb => systemd_v255.21.bb} | 0
.../binutils/binutils-2.42.inc | 2 +
.../binutils/0022-CVE-2025-5244.patch | 25 +++
.../binutils/0022-CVE-2025-5245.patch | 38 ++++
.../CVE-2025-47273-pre1.patch | 54 +++++
.../python3-setuptools/CVE-2025-47273.patch | 59 ++++++
.../python/python3-setuptools_69.1.1.bb | 2 +
.../screen/screen/CVE-2025-46802.patch | 146 +++++++++++++
.../screen/screen/CVE-2025-46804.patch | 131 ++++++++++++
meta/recipes-extended/screen/screen_4.9.1.bb | 2 +
.../libsoup/libsoup-2.4/CVE-2025-32053.patch | 39 ++++
.../libsoup/libsoup-2.4/CVE-2025-32907.patch | 39 ++++
.../libsoup-2.4/CVE-2025-32910-1.patch | 79 +------
.../libsoup-2.4/CVE-2025-32910-2.patch | 60 +-----
.../libsoup-2.4/CVE-2025-32912-1.patch | 20 +-
.../libsoup/libsoup-2.4_2.74.3.bb | 4 +-
.../libsoup-3.4.4/CVE-2025-32053.patch | 40 ++++
.../libsoup-3.4.4/CVE-2025-32907-1.patch | 200 ++++++++++++++++++
.../libsoup-3.4.4/CVE-2025-32907-2.patch | 68 ++++++
.../libsoup-3.4.4/CVE-2025-32908-1.patch | 89 ++++++++
.../libsoup-3.4.4/CVE-2025-32908-2.patch | 53 +++++
meta/recipes-support/libsoup/libsoup_3.4.4.bb | 7 +-
49 files changed, 1053 insertions(+), 170 deletions(-)
rename meta/recipes-core/systemd/{systemd-boot-native_255.18.bb => systemd-boot-native_255.21.bb} (100%)
rename meta/recipes-core/systemd/{systemd-boot_255.18.bb => systemd-boot_255.21.bb} (100%)
rename meta/recipes-core/systemd/{systemd_255.18.bb => systemd_v255.21.bb} (100%)
create mode 100644 meta/recipes-devtools/binutils/binutils/0022-CVE-2025-5244.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0022-CVE-2025-5245.patch
create mode 100644 meta/recipes-devtools/python/python3-setuptools/CVE-2025-47273-pre1.patch
create mode 100644 meta/recipes-devtools/python/python3-setuptools/CVE-2025-47273.patch
create mode 100644 meta/recipes-extended/screen/screen/CVE-2025-46802.patch
create mode 100644 meta/recipes-extended/screen/screen/CVE-2025-46804.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32053.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32907.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32053.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32907-1.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32907-2.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32908-1.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32908-2.patch
--
2.43.0
next reply other threads:[~2025-06-06 16:00 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-06 15:59 Steve Sakoman [this message]
2025-06-06 15:59 ` [OE-core][scarthgap 01/12] libsoup: fix CVE-2025-32908 Steve Sakoman
2025-06-06 15:59 ` [OE-core][scarthgap 02/12] libsoup: fix CVE-2025-32907 Steve Sakoman
2025-06-06 15:59 ` [OE-core][scarthgap 03/12] libsoup-2.4: " Steve Sakoman
2025-06-06 15:59 ` [OE-core][scarthgap 04/12] libsoup-2.4: fix do_compile failure Steve Sakoman
2025-06-06 15:59 ` [OE-core][scarthgap 05/12] libsoup-2.4: fix CVE-2025-32053 Steve Sakoman
2025-06-06 15:59 ` [OE-core][scarthgap 06/12] libsoup: " Steve Sakoman
2025-06-06 16:00 ` [OE-core][scarthgap 07/12] python3-setuptools: Fix CVE-2025-47273 Steve Sakoman
2025-06-06 16:00 ` [OE-core][scarthgap 08/12] binutils: Fix CVE-2025-5245 Steve Sakoman
2025-06-06 16:00 ` [OE-core][scarthgap 09/12] binutils: Fix CVE-2025-5244 Steve Sakoman
2025-06-06 16:00 ` [OE-core][scarthgap 10/12] screen: fix CVE-2025-46802 Steve Sakoman
2025-06-06 16:00 ` [OE-core][scarthgap 11/12] screen: fix CVE-2025-46804 Steve Sakoman
2025-06-06 16:00 ` [OE-core][scarthgap 12/12] systemd: upgrade 255.18 -> 255.21 Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-07-17 2:58 [OE-core][scarthgap 00/12] Patch review Steve Sakoman
2025-07-09 2:51 Steve Sakoman
2025-01-30 2:51 Steve Sakoman
2024-12-10 20:56 Steve Sakoman
2024-08-29 13:32 Steve Sakoman
2024-07-18 13:45 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1749225417.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox