From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 00/12] Patch review
Date: Tue, 8 Jul 2025 19:51:11 -0700 [thread overview]
Message-ID: <cover.1752029282.git.steve@sakoman.com> (raw)
Please review this set of changes for scarthgap and have comments back by
end of day Tursday, July 10
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1980
The following changes since commit 15881f41f8c00c5f0a68628c2d49ca1aa1999c2e:
xwayland: fix CVE-2025-49180 (2025-07-03 09:04:44 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut
Bruce Ashfield (3):
linux-yocto/6.6: update to v6.6.93
linux-yocto/6.6: update to v6.6.94
linux-yocto/6.6: update to v6.6.96
Changqing Li (4):
icu: fix CVE-2025-5222
libsoup-2.4: refresh CVE-2025-4969.patch
libsoup-2.4: fix CVE-2025-4945
libsoup: fix CVE-2025-4945
Guocai He (1):
minicom: correct the SRC_URI
Hitendra Prajapati (1):
libxml2: fix CVE-2025-6021
Vijay Anusuri (1):
sudo: Fix CVE-2025-32462
Virendra Thakur (1):
curl: set conditional CVE_STATUS for CVE-2025-5025
Yogita Urade (1):
python3-urllib3: fix CVE-2025-50181
.../libxml/libxml2/CVE-2025-6021.patch | 56 ++++
meta/recipes-core/libxml/libxml2_2.12.10.bb | 1 +
.../python3-urllib3/CVE-2025-50181.patch | 283 ++++++++++++++++++
.../python/python3-urllib3_2.2.2.bb | 4 +
meta/recipes-extended/minicom/minicom_2.9.bb | 2 +-
.../sudo/files/CVE-2025-32462.patch | 42 +++
meta/recipes-extended/sudo/sudo_1.9.15p5.bb | 1 +
.../linux/linux-yocto-rt_6.6.bb | 6 +-
.../linux/linux-yocto-tiny_6.6.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_6.6.bb | 28 +-
meta/recipes-support/curl/curl_8.7.1.bb | 2 +
.../icu/icu/CVE-2025-5222.patch | 166 ++++++++++
meta/recipes-support/icu/icu_74-2.bb | 1 +
.../libsoup/libsoup-2.4/CVE-2025-4945.patch | 117 ++++++++
.../libsoup/libsoup-2.4/CVE-2025-4969.patch | 54 +---
.../libsoup/libsoup-2.4_2.74.3.bb | 1 +
.../libsoup/libsoup-3.4.4/CVE-2025-4945.patch | 118 ++++++++
meta/recipes-support/libsoup/libsoup_3.4.4.bb | 1 +
18 files changed, 826 insertions(+), 63 deletions(-)
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-6021.patch
create mode 100644 meta/recipes-devtools/python/python3-urllib3/CVE-2025-50181.patch
create mode 100644 meta/recipes-extended/sudo/files/CVE-2025-32462.patch
create mode 100644 meta/recipes-support/icu/icu/CVE-2025-5222.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4945.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4945.patch
--
2.43.0
next reply other threads:[~2025-07-09 2:51 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-09 2:51 Steve Sakoman [this message]
2025-07-09 2:51 ` [OE-core][scarthgap 01/12] libxml2: fix CVE-2025-6021 Steve Sakoman
2025-07-09 2:51 ` [OE-core][scarthgap 02/12] curl: set conditional CVE_STATUS for CVE-2025-5025 Steve Sakoman
2025-07-09 2:51 ` [OE-core][scarthgap 03/12] icu: fix CVE-2025-5222 Steve Sakoman
2025-07-09 2:51 ` [OE-core][scarthgap 04/12] libsoup-2.4: refresh CVE-2025-4969.patch Steve Sakoman
2025-07-09 2:51 ` [OE-core][scarthgap 05/12] libsoup-2.4: fix CVE-2025-4945 Steve Sakoman
2025-07-09 2:51 ` [OE-core][scarthgap 06/12] libsoup: " Steve Sakoman
2025-07-09 2:51 ` [OE-core][scarthgap 07/12] sudo: Fix CVE-2025-32462 Steve Sakoman
2025-07-09 2:51 ` [OE-core][scarthgap 08/12] python3-urllib3: fix CVE-2025-50181 Steve Sakoman
2025-07-09 2:51 ` [OE-core][scarthgap 09/12] linux-yocto/6.6: update to v6.6.93 Steve Sakoman
2025-07-09 2:51 ` [OE-core][scarthgap 10/12] linux-yocto/6.6: update to v6.6.94 Steve Sakoman
2025-07-09 2:51 ` [OE-core][scarthgap 11/12] linux-yocto/6.6: update to v6.6.96 Steve Sakoman
2025-07-09 2:51 ` [OE-core][scarthgap 12/12] minicom: correct the SRC_URI Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-07-17 2:58 [OE-core][scarthgap 00/12] Patch review Steve Sakoman
2025-06-06 15:59 Steve Sakoman
2025-01-30 2:51 Steve Sakoman
2024-12-10 20:56 Steve Sakoman
2024-08-29 13:32 Steve Sakoman
2024-07-18 13:45 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1752029282.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox