From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 00/11] Patch review
Date: Wed, 30 Jul 2025 14:28:51 -0700 [thread overview]
Message-ID: <cover.1753910853.git.steve@sakoman.com> (raw)
Please review this set of changes for scarthgap and have comments back by
end of day Friday, August 1
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2114
The following changes since commit c374e6cfcdd2c8ba17d82ffcfdeb97d21144e2bf:
mtools: upgrade 4.0.48 -> 4.0.49 (2025-07-25 06:13:34 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut
Aleksandar Nikolic (1):
scripts/install-buildtools: Update to 5.0.11
Fabio Berton (1):
linux-libc-headers: Fix invalid conversion in cn_proc.h
Peter Marko (9):
gnutls: patch CVE-2025-32989
gnutls: patch read buffer overrun in the "pre_shared_key" extension
gnutls: patch reject zero-length version in certificate request
gnutls: patch CVE-2025-32988
gnutls: patch CVE-2025-32990
gnutls: patch CVE-2025-6395
ncurses: patch CVE-2025-6141
libxml2: patch CVE-2025-6170
glibc: fix CVE-2025-8058
meta/recipes-core/glibc/glibc-version.inc | 2 +-
meta/recipes-core/glibc/glibc_2.39.bb | 2 +-
.../libxml/libxml2/CVE-2025-6170.patch | 103 +
meta/recipes-core/libxml/libxml2_2.12.10.bb | 1 +
.../ncurses/files/CVE-2025-6141.patch | 25 +
meta/recipes-core/ncurses/ncurses_6.4.bb | 1 +
...-Fix-invalid-conversion-in-cn_proc.h.patch | 40 +
.../linux-libc-headers_6.6.bb | 1 +
...fer-overrun-in-the-pre_shared_key-ex.patch | 34 +
...-length-version-in-certificate-reque.patch | 37 +
.../04939b75417cc95b7372c6f208c4bda4579bdc34 | Bin 0 -> 1782 bytes
.../3e94dcdff862ef5d6db8b5cc8e59310b5f0cdfe2 | Bin 0 -> 830 bytes
.../5477db1bb507a35e8833c758ce344f4b5b246d8e | Bin 0 -> 111 bytes
.../gnutls/gnutls/CVE-2025-32988.patch | 58 +
.../gnutls/gnutls/CVE-2025-32989.patch | 50 +
.../gnutls/gnutls/CVE-2025-32990.patch | 2109 +++++++++++++++++
.../gnutls/gnutls/CVE-2025-6395.patch | 299 +++
meta/recipes-support/gnutls/gnutls_3.8.4.bb | 15 +
scripts/install-buildtools | 4 +-
19 files changed, 2777 insertions(+), 4 deletions(-)
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-6170.patch
create mode 100644 meta/recipes-core/ncurses/files/CVE-2025-6141.patch
create mode 100644 meta/recipes-kernel/linux-libc-headers/linux-libc-headers/0001-connector-Fix-invalid-conversion-in-cn_proc.h.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/0001-psk-fix-read-buffer-overrun-in-the-pre_shared_key-ex.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/0001-x509-reject-zero-length-version-in-certificate-reque.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/04939b75417cc95b7372c6f208c4bda4579bdc34
create mode 100644 meta/recipes-support/gnutls/gnutls/3e94dcdff862ef5d6db8b5cc8e59310b5f0cdfe2
create mode 100644 meta/recipes-support/gnutls/gnutls/5477db1bb507a35e8833c758ce344f4b5b246d8e
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-32988.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-32989.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-32990.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-6395.patch
--
2.43.0
next reply other threads:[~2025-07-30 21:29 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-30 21:28 Steve Sakoman [this message]
2025-07-30 21:28 ` [OE-core][scarthgap 01/11] gnutls: patch CVE-2025-32989 Steve Sakoman
2025-07-30 21:28 ` [OE-core][scarthgap 02/11] gnutls: patch read buffer overrun in the "pre_shared_key" extension Steve Sakoman
2025-07-30 21:28 ` [OE-core][scarthgap 03/11] gnutls: patch reject zero-length version in certificate request Steve Sakoman
2025-07-30 21:28 ` [OE-core][scarthgap 04/11] gnutls: patch CVE-2025-32988 Steve Sakoman
2025-07-30 21:28 ` [OE-core][scarthgap 05/11] gnutls: patch CVE-2025-32990 Steve Sakoman
2025-07-30 21:28 ` [OE-core][scarthgap 06/11] gnutls: patch CVE-2025-6395 Steve Sakoman
2025-07-30 21:28 ` [OE-core][scarthgap 07/11] ncurses: patch CVE-2025-6141 Steve Sakoman
2025-07-30 21:28 ` [OE-core][scarthgap 08/11] libxml2: patch CVE-2025-6170 Steve Sakoman
2025-07-30 21:29 ` [OE-core][scarthgap 09/11] glibc: fix CVE-2025-8058 Steve Sakoman
2025-09-26 8:06 ` [scarthgap " Wang, Jinfeng (CN)
2025-09-26 17:19 ` [OE-core] " Gyorgy Sarvari
2025-07-30 21:29 ` [OE-core][scarthgap 10/11] scripts/install-buildtools: Update to 5.0.11 Steve Sakoman
2025-07-30 21:29 ` [OE-core][scarthgap 11/11] linux-libc-headers: Fix invalid conversion in cn_proc.h Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2026-03-29 22:46 [OE-core][scarthgap 00/11] Patch review Yoann Congal
2026-03-30 7:33 ` Yoann Congal
2026-04-20 8:44 ` Joao Marcos Costa
2026-04-20 9:21 ` Yoann Congal
2026-04-20 10:51 ` Joao Marcos Costa
2026-03-07 22:52 Yoann Congal
2026-03-09 8:18 ` Paul Barker
2025-09-25 13:40 Steve Sakoman
2025-07-04 15:10 Steve Sakoman
2025-05-28 14:43 Steve Sakoman
2024-10-25 18:29 Steve Sakoman
2024-09-16 2:19 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1753910853.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox