[OE-core][scarthgap 00/18] Patch review

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 00/18] Patch review
Date: Thu,  9 Oct 2025 19:50:19 -0700	[thread overview]
Message-ID: <cover.1760064493.git.steve@sakoman.com> (raw)

Please review this set of changes for scarthgap and have comments back by
end of day Monday, October 13

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2553

The following changes since commit 2696c50af9946f425ccaf7d0e7e0eb3fd87c36bb:

  expect: fix native build with GCC 15 (2025-10-02 08:40:43 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Aleksandar Nikolic (1):
  scripts/install-buildtools: Update to 5.0.12

Archana Polampalli (1):
  go: fix CVE-2025-47906

Deepesh Varatharajan (1):
  glibc: stable 2.39 branch updates

Gyorgy Sarvari (1):
  conf/bitbake.conf: use gnu mirror instead of main server

Hitendra Prajapati (1):
  grub2: mark CVE-2024-2312 as not applicable

Peter Marko (10):
  busybox: patch CVE-2025-46394
  gstreamer1.0: ignore CVEs fixed in plugins
  gstreamer1.0: ignore CVE-2025-2759
  ghostscript: patch CVE-2025-59798
  ghostscript: patch CVE-2025-59799
  ghostscript: patch CVE-2025-59800
  expat: follow-up for CVE-2024-8176
  tiff: ignore 5 CVEs
  ffmpeg: ignore 8 CVEs fixed in 6.1.1 and 6.1.3 releases
  openssl: upgrade 3.2.4 -> 3.2.6

Ross Burton (1):
  pulseaudio: ignore CVE-2024-11586

Steve Sakoman (2):
  selftest/cases/meta_ide.py: use use gnu mirror instead of main server
  oeqa/sdk/cases/buildcpio.py: use gnu mirror instead of main server

 meta/conf/bitbake.conf                        |    2 +-
 meta/lib/oeqa/sdk/cases/buildcpio.py          |    2 +-
 meta/lib/oeqa/selftest/cases/meta_ide.py      |    2 +-
 meta/recipes-bsp/grub/grub2.inc               |    1 +
 .../openssl/openssl/CVE-2025-27587-1.patch    | 1918 -----------------
 .../openssl/openssl/CVE-2025-27587-2.patch    |  129 --
 .../{openssl_3.2.4.bb => openssl_3.2.6.bb}    |    4 +-
 .../busybox/busybox/CVE-2025-46394-01.patch   |   57 +
 .../busybox/busybox/CVE-2025-46394-02.patch   |   32 +
 meta/recipes-core/busybox/busybox_1.36.1.bb   |    2 +
 .../expat/expat/CVE-2024-8176-03.patch        |   35 +
 .../expat/expat/CVE-2024-8176-04.patch        |  115 +
 .../expat/expat/CVE-2024-8176-05.patch        |   78 +
 meta/recipes-core/expat/expat_2.6.4.bb        |    3 +
 meta/recipes-core/glibc/glibc-version.inc     |    4 +-
 meta/recipes-devtools/go/go-1.22.12.inc       |    1 +
 .../go/go/CVE-2025-47906.patch                |  183 ++
 .../ghostscript/CVE-2025-59798.patch          |  134 ++
 .../ghostscript/CVE-2025-59799.patch          |   41 +
 .../ghostscript/CVE-2025-59800.patch          |   36 +
 .../ghostscript/ghostscript_10.05.1.bb        |    3 +
 .../recipes-multimedia/ffmpeg/ffmpeg_6.1.3.bb |    4 +
 .../gstreamer/gstreamer1.0_1.22.12.bb         |   19 +-
 meta/recipes-multimedia/libtiff/tiff_4.6.0.bb |    4 +
 .../pulseaudio/pulseaudio.inc                 |    2 +
 scripts/install-buildtools                    |    4 +-
 26 files changed, 754 insertions(+), 2061 deletions(-)
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2025-27587-1.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2025-27587-2.patch
 rename meta/recipes-connectivity/openssl/{openssl_3.2.4.bb => openssl_3.2.6.bb} (98%)
 create mode 100644 meta/recipes-core/busybox/busybox/CVE-2025-46394-01.patch
 create mode 100644 meta/recipes-core/busybox/busybox/CVE-2025-46394-02.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2024-8176-03.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2024-8176-04.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2024-8176-05.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2025-47906.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-59798.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-59799.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-59800.patch

-- 
2.43.0

next             reply	other threads:[~2025-10-10  2:50 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-10-10  2:50 Steve Sakoman [this message]
2025-10-10  2:50 ` [OE-core][scarthgap 01/18] busybox: patch CVE-2025-46394 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 02/18] grub2: mark CVE-2024-2312 as not applicable Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 03/18] gstreamer1.0: ignore CVEs fixed in plugins Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 04/18] gstreamer1.0: ignore CVE-2025-2759 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 05/18] ghostscript: patch CVE-2025-59798 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 06/18] ghostscript: patch CVE-2025-59799 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 07/18] ghostscript: patch CVE-2025-59800 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 08/18] expat: follow-up for CVE-2024-8176 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 09/18] pulseaudio: ignore CVE-2024-11586 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 10/18] tiff: ignore 5 CVEs Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 11/18] ffmpeg: ignore 8 CVEs fixed in 6.1.1 and 6.1.3 releases Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 12/18] go: fix CVE-2025-47906 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 13/18] glibc: stable 2.39 branch updates Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 14/18] scripts/install-buildtools: Update to 5.0.12 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 15/18] openssl: upgrade 3.2.4 -> 3.2.6 Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 16/18] conf/bitbake.conf: use gnu mirror instead of main server Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 17/18] selftest/cases/meta_ide.py: use " Steve Sakoman
2025-10-10  2:50 ` [OE-core][scarthgap 18/18] oeqa/sdk/cases/buildcpio.py: " Steve Sakoman
2025-10-12 19:02 ` [OE-core][scarthgap 00/18] Patch review Gyorgy Sarvari
2025-10-12 19:19   ` Steve Sakoman
  -- strict thread matches above, loose matches on Subject: below --
2025-12-23 21:22 Steve Sakoman
2024-10-15 18:50 Steve Sakoman
2024-08-21 12:50 Steve Sakoman
2024-08-04 17:09 Steve Sakoman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1760064493.git.steve@sakoman.com \
    --to=steve@sakoman.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox