From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 0/6] Patch review
Date: Wed, 29 Oct 2025 13:11:49 -0700 [thread overview]
Message-ID: <cover.1761768602.git.steve@sakoman.com> (raw)
Please review this set of changes for scarthgap and have comments back by
end of day Friday, October 31
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2655
The following changes since commit 0f98fecda8a0436f760e6fd9f3b7eb510e5258b8:
curl: only set CA bundle in target build (2025-10-24 06:41:43 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut
David Nyström (1):
lz4: fix CVE-2025-62813
Hongxu Jia (1):
u-boot: fix CVE-2024-42040
Praveen Kumar (1):
bind: upgrade 9.18.33 -> 9.18.41
Yash Shinde (2):
binutils: fix CVE-2025-11081
binutils: fix CVE-2025-8225
Yogita Urade (1):
tiff: ignore CVE-2025-8961
.../u-boot/files/CVE-2024-42040.patch | 56 +++++++++++++
meta/recipes-bsp/u-boot/u-boot-common.inc | 1 +
.../bind/{bind_9.18.33.bb => bind_9.18.41.bb} | 2 +-
.../binutils/binutils-2.42.inc | 2 +
.../binutils/0026-CVE-2025-11081.patch | 84 +++++++++++++++++++
.../binutils/0027-CVE-2025-8225.patch | 47 +++++++++++
meta/recipes-multimedia/libtiff/tiff_4.6.0.bb | 2 +-
.../lz4/files/CVE-2025-62813.patch | 73 ++++++++++++++++
meta/recipes-support/lz4/lz4_1.9.4.bb | 5 +-
9 files changed, 268 insertions(+), 4 deletions(-)
create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2024-42040.patch
rename meta/recipes-connectivity/bind/{bind_9.18.33.bb => bind_9.18.41.bb} (97%)
create mode 100644 meta/recipes-devtools/binutils/binutils/0026-CVE-2025-11081.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0027-CVE-2025-8225.patch
create mode 100644 meta/recipes-support/lz4/files/CVE-2025-62813.patch
--
2.43.0
next reply other threads:[~2025-10-29 20:12 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-29 20:11 Steve Sakoman [this message]
2025-10-29 20:11 ` [OE-core][scarthgap 1/6] lz4: fix CVE-2025-62813 Steve Sakoman
2025-10-29 20:11 ` [OE-core][scarthgap 2/6] binutils: fix CVE-2025-11081 Steve Sakoman
2025-10-29 20:11 ` [OE-core][scarthgap 3/6] binutils: fix CVE-2025-8225 Steve Sakoman
2025-10-29 20:11 ` [OE-core][scarthgap 4/6] u-boot: fix CVE-2024-42040 Steve Sakoman
2025-10-29 20:11 ` [OE-core][scarthgap 5/6] tiff: ignore CVE-2025-8961 Steve Sakoman
2025-10-29 20:11 ` [OE-core][scarthgap 6/6] bind: upgrade 9.18.33 -> 9.18.41 Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-04-16 20:14 [OE-core][scarthgap 0/6] Patch review Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1761768602.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox