From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 00/12] Patch review
Date: Wed, 16 Jul 2025 19:58:48 -0700 [thread overview]
Message-ID: <cover.1752721028.git.steve@sakoman.com> (raw)
Please review this set of changes for scarthgap and have comments back by
end of day Friday, July 18
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/2032
The following changes since commit 7a59dc5ee6edd9596e87c2fbcd1f2594c06b3d1b:
build-appliance-image: Update to scarthgap head revision (2025-07-11 08:14:46 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut
Archana Polampalli (1):
gdk-pixbuf: fix CVE-2025-7345
Deepesh Varatharajan (1):
binutils: stable 2.42 branch updates
Hitendra Prajapati (1):
libxml2: fix CVE-2025-49794 & CVE-2025-49796
Joe Slater (1):
oe-debuginfod: add option for data storage
Michal Seben (1):
timedated: wait for jobs before SetNTP response
Peter Marko (3):
python3: update CVE product
busybox: apply patch for CVE-2023-39810
iputils: patch CVE-2025-48964
Praveen Kumar (1):
sudo: upgrade 1.9.15p5 -> 1.9.17p1
Steve Sakoman (1):
Revert "sudo: Fix CVE-2025-32462"
Vijay Anusuri (1):
git: Upgrade 2.44.3 -> 2.44.4
Yi Zhao (1):
kea: set correct permissions for /var/run/kea
.../kea/files/kea-dhcp-ddns.service | 1 +
.../kea/files/kea-dhcp4.service | 1 +
.../kea/files/kea-dhcp6.service | 1 +
.../busybox/busybox/CVE-2023-39810.patch | 136 +++++++++++++
meta/recipes-core/busybox/busybox_1.36.1.bb | 1 +
.../CVE-2025-49794-CVE-2025-49796.patch | 186 ++++++++++++++++++
meta/recipes-core/libxml/libxml2_2.12.10.bb | 1 +
...d-on-org.freedesktop.timedate1.SetNT.patch | 97 +++++++++
meta/recipes-core/systemd/systemd_255.21.bb | 1 +
.../binutils/binutils-2.42.inc | 2 +-
.../git/{git_2.44.3.bb => git_2.44.4.bb} | 2 +-
.../python/python3_3.12.11.bb | 2 +-
.../iputils/iputils/CVE-2025-48964.patch | 99 ++++++++++
.../iputils/iputils_20240117.bb | 1 +
...o.conf.in-fix-conflict-with-multilib.patch | 7 +-
.../sudo/files/CVE-2025-32462.patch | 42 ----
meta/recipes-extended/sudo/sudo.inc | 2 +-
.../{sudo_1.9.15p5.bb => sudo_1.9.17p1.bb} | 55 +++++-
.../gdk-pixbuf/gdk-pixbuf/CVE-2025-7345.patch | 55 ++++++
.../gdk-pixbuf/gdk-pixbuf_2.42.12.bb | 1 +
scripts/oe-debuginfod | 17 +-
21 files changed, 657 insertions(+), 53 deletions(-)
create mode 100644 meta/recipes-core/busybox/busybox/CVE-2023-39810.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-49794-CVE-2025-49796.patch
create mode 100644 meta/recipes-core/systemd/systemd/0003-timedated-Respond-on-org.freedesktop.timedate1.SetNT.patch
rename meta/recipes-devtools/git/{git_2.44.3.bb => git_2.44.4.bb} (98%)
create mode 100644 meta/recipes-extended/iputils/iputils/CVE-2025-48964.patch
delete mode 100644 meta/recipes-extended/sudo/files/CVE-2025-32462.patch
rename meta/recipes-extended/sudo/{sudo_1.9.15p5.bb => sudo_1.9.17p1.bb} (52%)
create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2025-7345.patch
--
2.43.0
next reply other threads:[~2025-07-17 2:59 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-17 2:58 Steve Sakoman [this message]
2025-07-17 2:58 ` [OE-core][scarthgap 01/12] libxml2: fix CVE-2025-49794 & CVE-2025-49796 Steve Sakoman
2025-07-17 2:58 ` [OE-core][scarthgap 02/12] python3: update CVE product Steve Sakoman
2025-07-17 2:58 ` [OE-core][scarthgap 03/12] busybox: apply patch for CVE-2023-39810 Steve Sakoman
2025-07-17 2:58 ` [OE-core][scarthgap 04/12] iputils: patch CVE-2025-48964 Steve Sakoman
2025-07-17 2:58 ` [OE-core][scarthgap 05/12] gdk-pixbuf: fix CVE-2025-7345 Steve Sakoman
2025-07-17 2:58 ` [OE-core][scarthgap 06/12] git: Upgrade 2.44.3 -> 2.44.4 Steve Sakoman
2025-07-17 2:58 ` [OE-core][scarthgap 07/12] Revert "sudo: Fix CVE-2025-32462" Steve Sakoman
2025-07-17 2:58 ` [OE-core][scarthgap 08/12] sudo: upgrade 1.9.15p5 -> 1.9.17p1 Steve Sakoman
2025-07-17 2:58 ` [OE-core][scarthgap 09/12] binutils: stable 2.42 branch updates Steve Sakoman
2025-07-17 2:58 ` [OE-core][scarthgap 10/12] kea: set correct permissions for /var/run/kea Steve Sakoman
2025-07-17 2:58 ` [OE-core][scarthgap 11/12] timedated: wait for jobs before SetNTP response Steve Sakoman
2025-07-17 2:59 ` [OE-core][scarthgap 12/12] oe-debuginfod: add option for data storage Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-07-09 2:51 [OE-core][scarthgap 00/12] Patch review Steve Sakoman
2025-06-06 15:59 Steve Sakoman
2025-01-30 2:51 Steve Sakoman
2024-12-10 20:56 Steve Sakoman
2024-08-29 13:32 Steve Sakoman
2024-07-18 13:45 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1752721028.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox