From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/16] Patch review
Date: Tue, 15 Jul 2025 13:36:01 -0700 [thread overview]
Message-ID: <cover.1752611671.git.steve@sakoman.com> (raw)
Please review this set of changes for kirkstone and have comments back by
end of day Thursday, July 17
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2021
The following changes since commit a7cea8a5c91d26ba7c3f72448f0897f5c2f81fd1:
linux-yocto/5.15: update to v5.15.186 (2025-07-08 09:05:09 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Archana Polampalli (4):
openssl: fix CVE-2024-41996
ofono: fix CVE-2023-4232
ofono: fix CVE-2023-4235
gdk-pixbuf: fix CVE-2025-7345
Chen Qi (2):
coreutils: fix CVE-2025-5278
sudo: upgrade from 1.9.15p2 to 1.9.15p5
Deepesh Varatharajan (1):
bintuils: stable 2.38 branch update
Guocai He (1):
tcf-agent: correct the SRC_URI
Hitendra Prajapati (1):
libxml2: fix CVE-2025-49794 & CVE-2025-49796
Peter Marko (4):
python3: update CVE product
openssl: upgrade 3.0.16 -> 3.0.17
ghostscript: ignore CVE-2025-46646
iputils: patch CVE-2025-48964
Praveen Kumar (1):
sudo: upgrade 1.9.15p5 -> 1.9.17p1
Ross Burton (1):
oeqa/core/decorator: add decorators to skip based on HOST_ARCH
Steve Sakoman (1):
Revert "coreutils: fix CVE-2025-5278"
meta/lib/oeqa/core/decorator/data.py | 24 +++
.../ofono/ofono/CVE-2023-4232.patch | 30 +++
.../ofono/ofono/CVE-2023-4235.patch | 37 ++++
meta/recipes-connectivity/ofono/ofono_1.34.bb | 2 +
.../openssl/openssl/CVE-2024-41996.patch | 48 +++++
.../{openssl_3.0.16.bb => openssl_3.0.17.bb} | 3 +-
.../coreutils/coreutils/CVE-2025-5278.patch | 10 +-
.../CVE-2025-49794-CVE-2025-49796.patch | 181 ++++++++++++++++++
meta/recipes-core/libxml/libxml2_2.9.14.bb | 1 +
.../binutils/binutils-2.38.inc | 2 +-
.../python/python3_3.10.18.bb | 2 +-
.../tcf-agent/tcf-agent_git.bb | 2 +-
.../ghostscript/ghostscript_9.55.0.bb | 2 +
.../iputils/iputils/CVE-2025-48964.patch | 99 ++++++++++
.../iputils/iputils_20211215.bb | 1 +
...o.conf.in-fix-conflict-with-multilib.patch | 7 +-
meta/recipes-extended/sudo/sudo.inc | 2 +-
.../{sudo_1.9.15p2.bb => sudo_1.9.17p1.bb} | 54 +++++-
.../gdk-pixbuf/gdk-pixbuf/CVE-2025-7345.patch | 55 ++++++
.../gdk-pixbuf/gdk-pixbuf_2.42.10.bb | 1 +
20 files changed, 548 insertions(+), 15 deletions(-)
create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2023-4232.patch
create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2023-4235.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-41996.patch
rename meta/recipes-connectivity/openssl/{openssl_3.0.16.bb => openssl_3.0.17.bb} (98%)
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-49794-CVE-2025-49796.patch
create mode 100644 meta/recipes-extended/iputils/iputils/CVE-2025-48964.patch
rename meta/recipes-extended/sudo/{sudo_1.9.15p2.bb => sudo_1.9.17p1.bb} (52%)
create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2025-7345.patch
--
2.43.0
next reply other threads:[~2025-07-15 20:36 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-15 20:36 Steve Sakoman [this message]
2025-07-15 20:36 ` [OE-core][kirkstone 01/16] Revert "coreutils: fix CVE-2025-5278" Steve Sakoman
2025-07-15 20:36 ` [OE-core][kirkstone 02/16] coreutils: fix CVE-2025-5278 Steve Sakoman
2025-07-15 20:36 ` [OE-core][kirkstone 03/16] libxml2: fix CVE-2025-49794 & CVE-2025-49796 Steve Sakoman
2025-07-15 20:36 ` [OE-core][kirkstone 04/16] python3: update CVE product Steve Sakoman
2025-07-15 20:36 ` [OE-core][kirkstone 05/16] openssl: upgrade 3.0.16 -> 3.0.17 Steve Sakoman
2025-07-15 20:36 ` [OE-core][kirkstone 06/16] openssl: fix CVE-2024-41996 Steve Sakoman
2025-07-15 20:36 ` [OE-core][kirkstone 07/16] ofono: fix CVE-2023-4232 Steve Sakoman
2025-07-15 20:36 ` [OE-core][kirkstone 08/16] ofono: fix CVE-2023-4235 Steve Sakoman
2025-07-15 20:36 ` [OE-core][kirkstone 09/16] ghostscript: ignore CVE-2025-46646 Steve Sakoman
2025-07-15 20:36 ` [OE-core][kirkstone 10/16] iputils: patch CVE-2025-48964 Steve Sakoman
2025-07-15 20:36 ` [OE-core][kirkstone 11/16] gdk-pixbuf: fix CVE-2025-7345 Steve Sakoman
2025-07-15 20:36 ` [OE-core][kirkstone 12/16] sudo: upgrade from 1.9.15p2 to 1.9.15p5 Steve Sakoman
2025-07-15 20:36 ` [OE-core][kirkstone 13/16] sudo: upgrade 1.9.15p5 -> 1.9.17p1 Steve Sakoman
2025-07-15 20:36 ` [OE-core][kirkstone 14/16] bintuils: stable 2.38 branch update Steve Sakoman
2025-07-15 20:36 ` [OE-core][kirkstone 15/16] oeqa/core/decorator: add decorators to skip based on HOST_ARCH Steve Sakoman
2025-07-15 20:36 ` [OE-core][kirkstone 16/16] tcf-agent: correct the SRC_URI Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-03-05 15:58 [OE-core][kirkstone 00/16] Patch review Steve Sakoman
2025-01-20 17:50 Steve Sakoman
2024-10-02 13:12 Steve Sakoman
2024-02-27 21:56 Steve Sakoman
2023-11-22 2:30 Steve Sakoman
2023-08-17 2:49 Steve Sakoman
2022-09-13 14:17 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1752611671.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox