[OE-core][scarthgap 00/16] Patch review

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 00/16] Patch review
Date: Thu, 24 Jul 2025 14:35:16 -0700	[thread overview]
Message-ID: <cover.1753392770.git.steve@sakoman.com> (raw)

Please review this set of changes for scarthgap and have comments back by
end of day Monday, July 28

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/2084

The following changes since commit 24c0ab18045920bb5c1e965c0ea6d176fd6de234:

  oe-debuginfod: add option for data storage (2025-07-16 14:09:39 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Alexander Kanavin (1):
  mtools: upgrade 4.0.43 -> 4.0.44

Archana Polampalli (1):
  openssl: CVE-2024-41996

Deepesh Varatharajan (2):
  binutils: Fix CVE-2025-7545
  glibc: stable 2.39 branch updates

Hitendra Prajapati (1):
  libpam: fix CVE-2025-6020

Jinfeng Wang (1):
  mtools: upgrade 4.0.48 -> 4.0.49

Peter Marko (2):
  orc: set CVE_PRODUCT
  openssl: patch CVE-2025-27587

Richard Purdie (1):
  mtools: upgrade 4.0.46 -> 4.0.47

Roland Kovacs (2):
  libxml2: fix CVE-2025-49795
  sqlite3: fix CVE-2025-6965

Vijay Anusuri (1):
  xserver-xorg: upgrade 21.1.6 -> 21.1.18

Wang Mingyu (3):
  mtools: upgrade 4.0.44 -> 4.0.45
  mtools: upgrade 4.0.45 -> 4.0.46
  mtools: upgrade 4.0.47 -> 4.0.48

Yash Shinde (1):
  binutils: Fix CVE-2025-7546

 .../openssl/openssl/CVE-2024-41996.patch      |   44 +
 .../openssl/openssl/CVE-2025-27587-1.patch    | 1918 +++++++++++++++++
 .../openssl/openssl/CVE-2025-27587-2.patch    |  129 ++
 .../openssl/openssl_3.2.4.bb                  |    3 +
 meta/recipes-core/glibc/glibc-version.inc     |    2 +-
 .../libxml/libxml2/CVE-2025-49795.patch       |   92 +
 meta/recipes-core/libxml/libxml2_2.12.10.bb   |    1 +
 .../binutils/binutils-2.42.inc                |    2 +
 .../binutils/0023-CVE-2025-7545.patch         |   39 +
 .../binutils/0023-CVE-2025-7546.patch         |   58 +
 .../mtools/mtools/clang_UNUSED.patch          |   19 +-
 .../mtools/disable-hardcoded-configs.patch    |    7 +-
 .../mtools/mtools/mtools-makeinfo.patch       |   19 +-
 .../{mtools_4.0.43.bb => mtools_4.0.49.bb}    |    2 +-
 meta/recipes-devtools/orc/orc_0.4.40.bb       |    3 +
 .../libpam/0001-pam-inline-pam-asprintf.patch |  101 +
 .../libpam/0002-pam-namespace-rebase.patch    |  750 +++++++
 .../pam/libpam/CVE-2025-6020-01.patch         | 1128 ++++++++++
 .../pam/libpam/CVE-2025-6020-02.patch         |  187 ++
 .../pam/libpam/CVE-2025-6020-03.patch         |   35 +
 meta/recipes-extended/pam/libpam_1.5.3.bb     |    5 +
 ...org_21.1.16.bb => xserver-xorg_21.1.18.bb} |    2 +-
 .../sqlite/sqlite3/CVE-2025-6965.patch        |  112 +
 meta/recipes-support/sqlite/sqlite3_3.45.3.bb |    1 +
 24 files changed, 4636 insertions(+), 23 deletions(-)
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-41996.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2025-27587-1.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2025-27587-2.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-49795.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0023-CVE-2025-7545.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0023-CVE-2025-7546.patch
 rename meta/recipes-devtools/mtools/{mtools_4.0.43.bb => mtools_4.0.49.bb} (93%)
 create mode 100644 meta/recipes-extended/pam/libpam/0001-pam-inline-pam-asprintf.patch
 create mode 100644 meta/recipes-extended/pam/libpam/0002-pam-namespace-rebase.patch
 create mode 100644 meta/recipes-extended/pam/libpam/CVE-2025-6020-01.patch
 create mode 100644 meta/recipes-extended/pam/libpam/CVE-2025-6020-02.patch
 create mode 100644 meta/recipes-extended/pam/libpam/CVE-2025-6020-03.patch
 rename meta/recipes-graphics/xorg-xserver/{xserver-xorg_21.1.16.bb => xserver-xorg_21.1.18.bb} (92%)
 create mode 100644 meta/recipes-support/sqlite/sqlite3/CVE-2025-6965.patch

-- 
2.43.0

next             reply	other threads:[~2025-07-24 21:35 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-07-24 21:35 Steve Sakoman [this message]
2025-07-24 21:35 ` [OE-core][scarthgap 01/16] libxml2: fix CVE-2025-49795 Steve Sakoman
2025-07-24 21:35 ` [OE-core][scarthgap 02/16] binutils: Fix CVE-2025-7546 Steve Sakoman
2025-07-24 21:35 ` [OE-core][scarthgap 03/16] binutils: Fix CVE-2025-7545 Steve Sakoman
2025-07-25  5:10   ` Gyorgy Sarvari
2025-07-25 13:05     ` Steve Sakoman
2025-07-24 21:35 ` [OE-core][scarthgap 04/16] sqlite3: fix CVE-2025-6965 Steve Sakoman
2025-07-24 21:35 ` [OE-core][scarthgap 05/16] orc: set CVE_PRODUCT Steve Sakoman
2025-07-24 21:35 ` [OE-core][scarthgap 06/16] openssl: CVE-2024-41996 Steve Sakoman
2025-07-24 21:35 ` [OE-core][scarthgap 07/16] openssl: patch CVE-2025-27587 Steve Sakoman
2025-07-24 21:35 ` [OE-core][scarthgap 08/16] libpam: fix CVE-2025-6020 Steve Sakoman
2025-07-24 21:35 ` [OE-core][scarthgap 09/16] glibc: stable 2.39 branch updates Steve Sakoman
2025-07-24 21:35 ` [OE-core][scarthgap 10/16] xserver-xorg: upgrade 21.1.6 -> 21.1.18 Steve Sakoman
2025-07-24 21:35 ` [OE-core][scarthgap 11/16] mtools: upgrade 4.0.43 -> 4.0.44 Steve Sakoman
2025-07-24 21:35 ` [OE-core][scarthgap 12/16] mtools: upgrade 4.0.44 -> 4.0.45 Steve Sakoman
2025-07-24 21:35 ` [OE-core][scarthgap 13/16] mtools: upgrade 4.0.45 -> 4.0.46 Steve Sakoman
2025-07-24 21:35 ` [OE-core][scarthgap 14/16] mtools: upgrade 4.0.46 -> 4.0.47 Steve Sakoman
2025-07-24 21:35 ` [OE-core][scarthgap 15/16] mtools: upgrade 4.0.47 -> 4.0.48 Steve Sakoman
2025-07-24 21:35 ` [OE-core][scarthgap 16/16] mtools: upgrade 4.0.48 -> 4.0.49 Steve Sakoman
  -- strict thread matches above, loose matches on Subject: below --
2026-03-29 22:37 [OE-core][scarthgap 00/16] Patch review Yoann Congal
2026-03-29 22:41 ` Yoann Congal
2025-06-10 19:33 Steve Sakoman
2025-03-05 22:10 Steve Sakoman
2024-12-03 13:37 Steve Sakoman
2024-09-20 13:38 Steve Sakoman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1753392770.git.steve@sakoman.com \
    --to=steve@sakoman.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox