From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/11] Patch review
Date: Wed, 9 Jul 2025 08:19:03 -0700 [thread overview]
Message-ID: <cover.1752073806.git.steve@sakoman.com> (raw)
Please review this set of changes for kirkstone and have comments bach by
end of day Friday, July 11
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1983
The following changes since commit 78055e8b6a9ea5063658886c5b5d22821d689fc5:
xwayland: fix CVE-2025-49180 (2025-07-05 06:12:53 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Bruce Ashfield (1):
linux-yocto/5.15: update to v5.15.186
Changqing Li (3):
libsoup-2.4: refresh CVE-2025-4969.patch
libsoup-2.4: fix CVE-2025-4945
libsoup: fix CVE-2025-4945
Chen Qi (1):
coreutils: fix CVE-2025-5278
Divya Chellam (3):
libarchive: fix CVE-2025-5915
libarchive: fix CVE-2025-5916
libarchive: fix CVE-2025-5917
Hitendra Prajapati (1):
libxml2: fix CVE-2025-6021
Yogita Urade (2):
curl: fix CVE-2024-11053
curl: fix CVE-2025-0167
.../coreutils/coreutils/CVE-2025-5278.patch | 113 +++
meta/recipes-core/coreutils/coreutils_9.0.bb | 1 +
.../libxml/libxml2/CVE-2025-6021.patch | 56 ++
meta/recipes-core/libxml/libxml2_2.9.14.bb | 1 +
.../libarchive/libarchive/CVE-2025-5915.patch | 217 +++++
.../libarchive/libarchive/CVE-2025-5916.patch | 116 +++
.../libarchive/libarchive/CVE-2025-5917.patch | 54 ++
.../libarchive/libarchive_3.6.2.bb | 3 +
.../linux/linux-yocto-rt_5.15.bb | 6 +-
.../linux/linux-yocto-tiny_5.15.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +-
.../curl/curl/CVE-2024-11053-0001.patch | 340 ++++++++
.../curl/curl/CVE-2024-11053-0002.patch | 746 ++++++++++++++++++
.../curl/curl/CVE-2025-0167.patch | 175 ++++
meta/recipes-support/curl/curl_7.82.0.bb | 3 +
.../libsoup/libsoup-2.4/CVE-2025-4945.patch | 117 +++
.../libsoup/libsoup-2.4/CVE-2025-4969.patch | 54 +-
.../libsoup/libsoup-2.4_2.74.2.bb | 1 +
.../libsoup/libsoup/CVE-2025-4945.patch | 118 +++
meta/recipes-support/libsoup/libsoup_3.0.7.bb | 1 +
20 files changed, 2093 insertions(+), 61 deletions(-)
create mode 100644 meta/recipes-core/coreutils/coreutils/CVE-2025-5278.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-6021.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-5915.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-5916.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-5917.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2024-11053-0001.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2024-11053-0002.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2025-0167.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4945.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-4945.patch
--
2.43.0
next reply other threads:[~2025-07-09 15:19 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-09 15:19 Steve Sakoman [this message]
2025-07-09 15:19 ` [OE-core][kirkstone 01/11] libsoup-2.4: refresh CVE-2025-4969.patch Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 02/11] libxml2: fix CVE-2025-6021 Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 03/11] coreutils: fix CVE-2025-5278 Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 04/11] libsoup-2.4: fix CVE-2025-4945 Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 05/11] libsoup: " Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 06/11] curl: fix CVE-2024-11053 Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 07/11] curl: fix CVE-2025-0167 Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 08/11] libarchive: fix CVE-2025-5915 Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 09/11] libarchive: fix CVE-2025-5916 Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 10/11] libarchive: fix CVE-2025-5917 Steve Sakoman
2025-07-09 15:19 ` [OE-core][kirkstone 11/11] linux-yocto/5.15: update to v5.15.186 Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-01-15 14:37 [OE-core][kirkstone 00/11] Patch review Steve Sakoman
2024-08-13 12:16 Steve Sakoman
2024-03-04 15:23 Steve Sakoman
2023-12-21 2:09 Steve Sakoman
2023-06-11 16:02 Steve Sakoman
2023-01-12 2:33 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1752073806.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox