* [OE-core][whinlatter 00/29] Pull request (cover letter only)
@ 2026-01-06 14:57 Yoann Congal
2026-01-07 10:20 ` Yoann Congal
0 siblings, 1 reply; 3+ messages in thread
From: Yoann Congal @ 2026-01-06 14:57 UTC (permalink / raw)
To: openembedded-core
Passed a-full on autobuilder(*):
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2997
(*): The builds/tests parts passed, only the "Send QA Email" step
failed. This is a known bug on AB side : https://bugzilla.yoctoproject.org/show_bug.cgi?id=15696.
The following changes since commit 9964fa3da2fa1e7243fba1a826e59f7bb1813706:
populate_sdk_ext: keep SDK_TARGETS so SPDX/SBOM tasks remain in locked sigs (2025-12-18 13:11:45 -0800)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/whinlatter-next
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/whinlatter-next
Ankur Tyagi (4):
gnutls: patch CVE-2025-9820
sqlite3: patch CVE-2025-3277
sqlite3: patch CVE-2025-6965
libxmlb: upgrade 0.3.23 -> 0.3.24
Chen Qi (1):
cups: upgrade from 2.4.14 to 2.4.15
Deepesh Varatharajan (2):
llvm/clang: Upgrade to 21.1.6 release
llvm/clang: Upgrade to 21.1.7 release
Dmitry Baryshkov (1):
mesa: upgrade 25.2.5 -> 25.2.8
Gyorgy Sarvari (1):
enchant2: upgrade 2.8.12 -> 2.8.14
Jörg Sommer (1):
glib-2.0: Upgrade 2.86.0 -> 2.86.1
Peter Marko (1):
libarchive: upgrade 3.8.2 -> 3.8.3
Robert Yang (2):
e2fsprogs: misc/create_inode.c: Fix for file larger than 2GB
ccache: 4.12.1 -> 4.12.2
Wang Mingyu (13):
ell: upgrade 0.79 -> 0.80
gst-devtools: upgrade 1.26.5 -> 1.26.7
gst-examples: upgrade 1.26.5 -> 1.26.7
gstreamer1.0-libav: upgrade 1.26.5 -> 1.26.7
gstreamer1.0-plugins-bad: upgrade 1.26.5 -> 1.26.7
gstreamer1.0-plugins-base: upgrade 1.26.5 -> 1.26.7
gstreamer1.0-plugins-good: upgrade 1.26.5 -> 1.26.7
gstreamer1.0-plugins-ugly: upgrade 1.26.5 -> 1.26.7
gstreamer1.0-python: upgrade 1.26.5 -> 1.26.7
gstreamer1.0-rtsp-server: upgrade 1.26.5 -> 1.26.7
gstreamer1.0: upgrade 1.26.5 -> 1.26.7
gstreamer1.0-vaapi: upgrade 1.26.5 -> 1.26.7
ccache: upgrade 4.12 -> 4.12.1
Yash Shinde (2):
binutils: fix CVE-2025-11839
binutils: fix CVE-2025-11840
Zhang Peng (1):
libpng: upgrade 1.6.50 -> 1.6.51
meta/conf/distro/include/maintainers.inc | 4 +-
.../ell/{ell_0.79.bb => ell_0.80.bb} | 2 +-
...l_2.86.0.bb => glib-2.0-initial_2.86.1.bb} | 0
...{glib-2.0_2.86.0.bb => glib-2.0_2.86.1.bb} | 0
meta/recipes-core/glib-2.0/glib.inc | 2 +-
.../binutils/binutils-2.45.inc | 2 +
.../binutils/0019-CVE-2025-11839.patch | 32 +++
.../binutils/0020-CVE-2025-11840.patch | 37 +++
.../{ccache_4.12.bb => ccache_4.12.2.bb} | 2 +-
meta/recipes-devtools/clang/common-clang.inc | 2 +-
meta/recipes-devtools/clang/common.inc | 2 +-
...inode.c-Fix-for-file-larger-than-2GB.patch | 40 +++
.../e2fsprogs/e2fsprogs_1.47.3.bb | 1 +
.../cups/{cups_2.4.14.bb => cups_2.4.15.bb} | 2 +-
...ibarchive_3.8.2.bb => libarchive_3.8.3.bb} | 2 +-
.../{libxmlb_0.3.23.bb => libxmlb_0.3.24.bb} | 2 +-
meta/recipes-graphics/mesa/mesa.inc | 4 +-
...tools_1.26.5.bb => gst-devtools_1.26.7.bb} | 2 +-
...mples_1.26.5.bb => gst-examples_1.26.7.bb} | 2 +-
...1.26.5.bb => gstreamer1.0-libav_1.26.7.bb} | 2 +-
....bb => gstreamer1.0-plugins-bad_1.26.7.bb} | 2 +-
...bb => gstreamer1.0-plugins-base_1.26.7.bb} | 2 +-
...bb => gstreamer1.0-plugins-good_1.26.7.bb} | 2 +-
...bb => gstreamer1.0-plugins-ugly_1.26.7.bb} | 2 +-
....26.5.bb => gstreamer1.0-python_1.26.7.bb} | 2 +-
....bb => gstreamer1.0-rtsp-server_1.26.7.bb} | 2 +-
...1.26.5.bb => gstreamer1.0-vaapi_1.26.7.bb} | 2 +-
...er1.0_1.26.5.bb => gstreamer1.0_1.26.7.bb} | 2 +-
.../{libpng_1.6.50.bb => libpng_1.6.51.bb} | 2 +-
...{enchant2_2.8.12.bb => enchant2_2.8.14.bb} | 2 +-
.../gnutls/gnutls/CVE-2025-9820.patch | 233 ++++++++++++++++++
meta/recipes-support/gnutls/gnutls_3.8.10.bb | 1 +
.../sqlite/files/CVE-2025-3277.patch | 29 +++
.../sqlite/files/CVE-2025-6965.patch | 117 +++++++++
meta/recipes-support/sqlite/sqlite3_3.48.0.bb | 5 +-
35 files changed, 521 insertions(+), 26 deletions(-)
rename meta/recipes-core/ell/{ell_0.79.bb => ell_0.80.bb} (88%)
rename meta/recipes-core/glib-2.0/{glib-2.0-initial_2.86.0.bb => glib-2.0-initial_2.86.1.bb} (100%)
rename meta/recipes-core/glib-2.0/{glib-2.0_2.86.0.bb => glib-2.0_2.86.1.bb} (100%)
create mode 100644 meta/recipes-devtools/binutils/binutils/0019-CVE-2025-11839.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0020-CVE-2025-11840.patch
rename meta/recipes-devtools/ccache/{ccache_4.12.bb => ccache_4.12.2.bb} (93%)
create mode 100644 meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-misc-create_inode.c-Fix-for-file-larger-than-2GB.patch
rename meta/recipes-extended/cups/{cups_2.4.14.bb => cups_2.4.15.bb} (51%)
rename meta/recipes-extended/libarchive/{libarchive_3.8.2.bb => libarchive_3.8.3.bb} (96%)
rename meta/recipes-gnome/libxmlb/{libxmlb_0.3.23.bb => libxmlb_0.3.24.bb} (93%)
rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.26.5.bb => gst-devtools_1.26.7.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gst-examples_1.26.5.bb => gst-examples_1.26.7.bb} (96%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.26.5.bb => gstreamer1.0-libav_1.26.7.bb} (91%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.26.5.bb => gstreamer1.0-plugins-bad_1.26.7.bb} (98%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.26.5.bb => gstreamer1.0-plugins-base_1.26.7.bb} (98%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.26.5.bb => gstreamer1.0-plugins-good_1.26.7.bb} (97%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.26.5.bb => gstreamer1.0-plugins-ugly_1.26.7.bb} (94%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.26.5.bb => gstreamer1.0-python_1.26.7.bb} (91%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.26.5.bb => gstreamer1.0-rtsp-server_1.26.7.bb} (90%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.26.5.bb => gstreamer1.0-vaapi_1.26.7.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.26.5.bb => gstreamer1.0_1.26.7.bb} (97%)
rename meta/recipes-multimedia/libpng/{libpng_1.6.50.bb => libpng_1.6.51.bb} (97%)
rename meta/recipes-support/enchant/{enchant2_2.8.12.bb => enchant2_2.8.14.bb} (91%)
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-9820.patch
create mode 100644 meta/recipes-support/sqlite/files/CVE-2025-3277.patch
create mode 100644 meta/recipes-support/sqlite/files/CVE-2025-6965.patch
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [OE-core][whinlatter 00/29] Pull request (cover letter only)
2026-01-06 14:57 [OE-core][whinlatter 00/29] Pull request (cover letter only) Yoann Congal
@ 2026-01-07 10:20 ` Yoann Congal
2026-01-07 12:16 ` Paul Barker
0 siblings, 1 reply; 3+ messages in thread
From: Yoann Congal @ 2026-01-07 10:20 UTC (permalink / raw)
To: openembedded-core
[-- Attachment #1: Type: text/plain, Size: 7526 bytes --]
Le mar. 6 janv. 2026 à 15:58, Yoann Congal <yoann.congal@smile.fr> a écrit :
> Passed a-full on autobuilder(*):
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2997
As Paul noticed, this build points to the tip whinlatter-nut and not the
tip of this pull request (my mistake).
The correct build for this pull request is
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2960
> (*): The builds/tests parts passed, only the "Send QA Email" step
> failed. This is a known bug on AB side :
> https://bugzilla.yoctoproject.org/show_bug.cgi?id=15696.
>
NB: This build (2960) is also touched by this bug (15696) but the
tests/builds parts are fine.
> The following changes since commit
> 9964fa3da2fa1e7243fba1a826e59f7bb1813706:
>
> populate_sdk_ext: keep SDK_TARGETS so SPDX/SBOM tasks remain in locked
> sigs (2025-12-18 13:11:45 -0800)
>
> are available in the Git repository at:
>
> https://git.openembedded.org/openembedded-core-contrib
> stable/whinlatter-next
>
> https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/whinlatter-next
>
> Ankur Tyagi (4):
> gnutls: patch CVE-2025-9820
> sqlite3: patch CVE-2025-3277
> sqlite3: patch CVE-2025-6965
> libxmlb: upgrade 0.3.23 -> 0.3.24
>
> Chen Qi (1):
> cups: upgrade from 2.4.14 to 2.4.15
>
> Deepesh Varatharajan (2):
> llvm/clang: Upgrade to 21.1.6 release
> llvm/clang: Upgrade to 21.1.7 release
>
> Dmitry Baryshkov (1):
> mesa: upgrade 25.2.5 -> 25.2.8
>
> Gyorgy Sarvari (1):
> enchant2: upgrade 2.8.12 -> 2.8.14
>
> Jörg Sommer (1):
> glib-2.0: Upgrade 2.86.0 -> 2.86.1
>
> Peter Marko (1):
> libarchive: upgrade 3.8.2 -> 3.8.3
>
> Robert Yang (2):
> e2fsprogs: misc/create_inode.c: Fix for file larger than 2GB
> ccache: 4.12.1 -> 4.12.2
>
> Wang Mingyu (13):
> ell: upgrade 0.79 -> 0.80
> gst-devtools: upgrade 1.26.5 -> 1.26.7
> gst-examples: upgrade 1.26.5 -> 1.26.7
> gstreamer1.0-libav: upgrade 1.26.5 -> 1.26.7
> gstreamer1.0-plugins-bad: upgrade 1.26.5 -> 1.26.7
> gstreamer1.0-plugins-base: upgrade 1.26.5 -> 1.26.7
> gstreamer1.0-plugins-good: upgrade 1.26.5 -> 1.26.7
> gstreamer1.0-plugins-ugly: upgrade 1.26.5 -> 1.26.7
> gstreamer1.0-python: upgrade 1.26.5 -> 1.26.7
> gstreamer1.0-rtsp-server: upgrade 1.26.5 -> 1.26.7
> gstreamer1.0: upgrade 1.26.5 -> 1.26.7
> gstreamer1.0-vaapi: upgrade 1.26.5 -> 1.26.7
> ccache: upgrade 4.12 -> 4.12.1
>
> Yash Shinde (2):
> binutils: fix CVE-2025-11839
> binutils: fix CVE-2025-11840
>
> Zhang Peng (1):
> libpng: upgrade 1.6.50 -> 1.6.51
>
> meta/conf/distro/include/maintainers.inc | 4 +-
> .../ell/{ell_0.79.bb => ell_0.80.bb} | 2 +-
> ...l_2.86.0.bb => glib-2.0-initial_2.86.1.bb} | 0
> ...{glib-2.0_2.86.0.bb => glib-2.0_2.86.1.bb} | 0
> meta/recipes-core/glib-2.0/glib.inc | 2 +-
> .../binutils/binutils-2.45.inc | 2 +
> .../binutils/0019-CVE-2025-11839.patch | 32 +++
> .../binutils/0020-CVE-2025-11840.patch | 37 +++
> .../{ccache_4.12.bb => ccache_4.12.2.bb} | 2 +-
> meta/recipes-devtools/clang/common-clang.inc | 2 +-
> meta/recipes-devtools/clang/common.inc | 2 +-
> ...inode.c-Fix-for-file-larger-than-2GB.patch | 40 +++
> .../e2fsprogs/e2fsprogs_1.47.3.bb | 1 +
> .../cups/{cups_2.4.14.bb => cups_2.4.15.bb} | 2 +-
> ...ibarchive_3.8.2.bb => libarchive_3.8.3.bb} | 2 +-
> .../{libxmlb_0.3.23.bb => libxmlb_0.3.24.bb} | 2 +-
> meta/recipes-graphics/mesa/mesa.inc | 4 +-
> ...tools_1.26.5.bb => gst-devtools_1.26.7.bb} | 2 +-
> ...mples_1.26.5.bb => gst-examples_1.26.7.bb} | 2 +-
> ...1.26.5.bb => gstreamer1.0-libav_1.26.7.bb} | 2 +-
> ....bb => gstreamer1.0-plugins-bad_1.26.7.bb} | 2 +-
> ...bb => gstreamer1.0-plugins-base_1.26.7.bb} | 2 +-
> ...bb => gstreamer1.0-plugins-good_1.26.7.bb} | 2 +-
> ...bb => gstreamer1.0-plugins-ugly_1.26.7.bb} | 2 +-
> ....26.5.bb => gstreamer1.0-python_1.26.7.bb} | 2 +-
> ....bb => gstreamer1.0-rtsp-server_1.26.7.bb} | 2 +-
> ...1.26.5.bb => gstreamer1.0-vaapi_1.26.7.bb} | 2 +-
> ...er1.0_1.26.5.bb => gstreamer1.0_1.26.7.bb} | 2 +-
> .../{libpng_1.6.50.bb => libpng_1.6.51.bb} | 2 +-
> ...{enchant2_2.8.12.bb => enchant2_2.8.14.bb} | 2 +-
> .../gnutls/gnutls/CVE-2025-9820.patch | 233 ++++++++++++++++++
> meta/recipes-support/gnutls/gnutls_3.8.10.bb | 1 +
> .../sqlite/files/CVE-2025-3277.patch | 29 +++
> .../sqlite/files/CVE-2025-6965.patch | 117 +++++++++
> meta/recipes-support/sqlite/sqlite3_3.48.0.bb | 5 +-
> 35 files changed, 521 insertions(+), 26 deletions(-)
> rename meta/recipes-core/ell/{ell_0.79.bb => ell_0.80.bb} (88%)
> rename meta/recipes-core/glib-2.0/{glib-2.0-initial_2.86.0.bb =>
> glib-2.0-initial_2.86.1.bb} (100%)
> rename meta/recipes-core/glib-2.0/{glib-2.0_2.86.0.bb =>
> glib-2.0_2.86.1.bb} (100%)
> create mode 100644
> meta/recipes-devtools/binutils/binutils/0019-CVE-2025-11839.patch
> create mode 100644
> meta/recipes-devtools/binutils/binutils/0020-CVE-2025-11840.patch
> rename meta/recipes-devtools/ccache/{ccache_4.12.bb => ccache_4.12.2.bb}
> (93%)
> create mode 100644
> meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-misc-create_inode.c-Fix-for-file-larger-than-2GB.patch
> rename meta/recipes-extended/cups/{cups_2.4.14.bb => cups_2.4.15.bb}
> (51%)
> rename meta/recipes-extended/libarchive/{libarchive_3.8.2.bb =>
> libarchive_3.8.3.bb} (96%)
> rename meta/recipes-gnome/libxmlb/{libxmlb_0.3.23.bb => libxmlb_0.3.24.bb}
> (93%)
> rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.26.5.bb =>
> gst-devtools_1.26.7.bb} (95%)
> rename meta/recipes-multimedia/gstreamer/{gst-examples_1.26.5.bb =>
> gst-examples_1.26.7.bb} (96%)
> rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.26.5.bb
> => gstreamer1.0-libav_1.26.7.bb} (91%)
> rename meta/recipes-multimedia/gstreamer/{
> gstreamer1.0-plugins-bad_1.26.5.bb => gstreamer1.0-plugins-bad_1.26.7.bb}
> (98%)
> rename meta/recipes-multimedia/gstreamer/{
> gstreamer1.0-plugins-base_1.26.5.bb => gstreamer1.0-plugins-base_1.26.7.bb}
> (98%)
> rename meta/recipes-multimedia/gstreamer/{
> gstreamer1.0-plugins-good_1.26.5.bb => gstreamer1.0-plugins-good_1.26.7.bb}
> (97%)
> rename meta/recipes-multimedia/gstreamer/{
> gstreamer1.0-plugins-ugly_1.26.5.bb => gstreamer1.0-plugins-ugly_1.26.7.bb}
> (94%)
> rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.26.5.bb
> => gstreamer1.0-python_1.26.7.bb} (91%)
> rename meta/recipes-multimedia/gstreamer/{
> gstreamer1.0-rtsp-server_1.26.5.bb => gstreamer1.0-rtsp-server_1.26.7.bb}
> (90%)
> rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.26.5.bb
> => gstreamer1.0-vaapi_1.26.7.bb} (95%)
> rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.26.5.bb =>
> gstreamer1.0_1.26.7.bb} (97%)
> rename meta/recipes-multimedia/libpng/{libpng_1.6.50.bb =>
> libpng_1.6.51.bb} (97%)
> rename meta/recipes-support/enchant/{enchant2_2.8.12.bb =>
> enchant2_2.8.14.bb} (91%)
> create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-9820.patch
> create mode 100644 meta/recipes-support/sqlite/files/CVE-2025-3277.patch
> create mode 100644 meta/recipes-support/sqlite/files/CVE-2025-6965.patch
>
>
--
Yoann Congal
Smile ECS
[-- Attachment #2: Type: text/html, Size: 15469 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [OE-core][whinlatter 00/29] Pull request (cover letter only)
2026-01-07 10:20 ` Yoann Congal
@ 2026-01-07 12:16 ` Paul Barker
0 siblings, 0 replies; 3+ messages in thread
From: Paul Barker @ 2026-01-07 12:16 UTC (permalink / raw)
To: openembedded-core, Richard Purdie; +Cc: yoann.congal
[-- Attachment #1: Type: text/plain, Size: 7838 bytes --]
On Wed, 2026-01-07 at 11:20 +0100, Yoann Congal via
lists.openembedded.org wrote:
> Le mar. 6 janv. 2026 à 15:58, Yoann Congal <yoann.congal@smile.fr> a écrit :
>
> > Passed a-full on autobuilder(*):
> > https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2997
>
>
> As Paul noticed, this build points to the tip whinlatter-nut and not the
> tip of this pull request (my mistake).
>
> The correct build for this pull request is
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2960
>
>
> > (*): The builds/tests parts passed, only the "Send QA Email" step
> > failed. This is a known bug on AB side :
> > https://bugzilla.yoctoproject.org/show_bug.cgi?id=15696.
> >
> NB: This build (2960) is also touched by this bug (15696) but the
> tests/builds parts are fine.
Hi Richard,
I've reviewed these changes and the a-full build results and all looks
good.
The following changes since commit 9964fa3da2fa1e7243fba1a826e59f7bb1813706:
populate_sdk_ext: keep SDK_TARGETS so SPDX/SBOM tasks remain in locked sigs (2025-12-18 13:11:45 -0800)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib pbarker/whinlatter
for you to fetch changes up to 5c6e573ab4f6125df3381c8ae75d74d00df20588:
cups: upgrade from 2.4.14 to 2.4.15 (2026-01-07 11:58:31 +0000)
----------------------------------------------------------------
Ankur Tyagi (4):
gnutls: patch CVE-2025-9820
sqlite3: patch CVE-2025-3277
sqlite3: patch CVE-2025-6965
libxmlb: upgrade 0.3.23 -> 0.3.24
Chen Qi (1):
cups: upgrade from 2.4.14 to 2.4.15
Deepesh Varatharajan (2):
llvm/clang: Upgrade to 21.1.6 release
llvm/clang: Upgrade to 21.1.7 release
Dmitry Baryshkov (1):
mesa: upgrade 25.2.5 -> 25.2.8
Gyorgy Sarvari (1):
enchant2: upgrade 2.8.12 -> 2.8.14
Jörg Sommer (1):
glib-2.0: Upgrade 2.86.0 -> 2.86.1
Peter Marko (1):
libarchive: upgrade 3.8.2 -> 3.8.3
Robert Yang (2):
e2fsprogs: misc/create_inode.c: Fix for file larger than 2GB
ccache: 4.12.1 -> 4.12.2
Wang Mingyu (13):
ell: upgrade 0.79 -> 0.80
gst-devtools: upgrade 1.26.5 -> 1.26.7
gst-examples: upgrade 1.26.5 -> 1.26.7
gstreamer1.0-libav: upgrade 1.26.5 -> 1.26.7
gstreamer1.0-plugins-bad: upgrade 1.26.5 -> 1.26.7
gstreamer1.0-plugins-base: upgrade 1.26.5 -> 1.26.7
gstreamer1.0-plugins-good: upgrade 1.26.5 -> 1.26.7
gstreamer1.0-plugins-ugly: upgrade 1.26.5 -> 1.26.7
gstreamer1.0-python: upgrade 1.26.5 -> 1.26.7
gstreamer1.0-rtsp-server: upgrade 1.26.5 -> 1.26.7
gstreamer1.0: upgrade 1.26.5 -> 1.26.7
gstreamer1.0-vaapi: upgrade 1.26.5 -> 1.26.7
ccache: upgrade 4.12 -> 4.12.1
Yash Shinde (2):
binutils: fix CVE-2025-11839
binutils: fix CVE-2025-11840
Zhang Peng (1):
libpng: upgrade 1.6.50 -> 1.6.51
meta/conf/distro/include/maintainers.inc | 4 +-
meta/recipes-core/ell/{ell_0.79.bb => ell_0.80.bb} | 2 +-
...nitial_2.86.0.bb => glib-2.0-initial_2.86.1.bb} | 0
.../{glib-2.0_2.86.0.bb => glib-2.0_2.86.1.bb} | 0
meta/recipes-core/glib-2.0/glib.inc | 2 +-
meta/recipes-devtools/binutils/binutils-2.45.inc | 2 +
.../binutils/binutils/0019-CVE-2025-11839.patch | 32 +++
.../binutils/binutils/0020-CVE-2025-11840.patch | 37 ++++
.../ccache/{ccache_4.12.bb => ccache_4.12.2.bb} | 2 +-
meta/recipes-devtools/clang/common-clang.inc | 2 +-
meta/recipes-devtools/clang/common.inc | 2 +-
...eate_inode.c-Fix-for-file-larger-than-2GB.patch | 40 ++++
.../recipes-devtools/e2fsprogs/e2fsprogs_1.47.3.bb | 1 +
.../cups/{cups_2.4.14.bb => cups_2.4.15.bb} | 2 +-
.../{libarchive_3.8.2.bb => libarchive_3.8.3.bb} | 2 +-
.../{libxmlb_0.3.23.bb => libxmlb_0.3.24.bb} | 2 +-
meta/recipes-graphics/mesa/mesa.inc | 4 +-
...t-devtools_1.26.5.bb => gst-devtools_1.26.7.bb} | 2 +-
...t-examples_1.26.5.bb => gst-examples_1.26.7.bb} | 2 +-
...ibav_1.26.5.bb => gstreamer1.0-libav_1.26.7.bb} | 2 +-
....26.5.bb => gstreamer1.0-plugins-bad_1.26.7.bb} | 2 +-
...26.5.bb => gstreamer1.0-plugins-base_1.26.7.bb} | 2 +-
...26.5.bb => gstreamer1.0-plugins-good_1.26.7.bb} | 2 +-
...26.5.bb => gstreamer1.0-plugins-ugly_1.26.7.bb} | 2 +-
...hon_1.26.5.bb => gstreamer1.0-python_1.26.7.bb} | 2 +-
....26.5.bb => gstreamer1.0-rtsp-server_1.26.7.bb} | 2 +-
...aapi_1.26.5.bb => gstreamer1.0-vaapi_1.26.7.bb} | 2 +-
...treamer1.0_1.26.5.bb => gstreamer1.0_1.26.7.bb} | 2 +-
.../libpng/{libpng_1.6.50.bb => libpng_1.6.51.bb} | 2 +-
.../{enchant2_2.8.12.bb => enchant2_2.8.14.bb} | 2 +-
.../gnutls/gnutls/CVE-2025-9820.patch | 233 +++++++++++++++++++++
meta/recipes-support/gnutls/gnutls_3.8.10.bb | 1 +
.../sqlite/files/CVE-2025-3277.patch | 29 +++
.../sqlite/files/CVE-2025-6965.patch | 117 +++++++++++
meta/recipes-support/sqlite/sqlite3_3.48.0.bb | 5 +-
35 files changed, 521 insertions(+), 26 deletions(-)
rename meta/recipes-core/ell/{ell_0.79.bb => ell_0.80.bb} (88%)
rename meta/recipes-core/glib-2.0/{glib-2.0-initial_2.86.0.bb => glib-2.0-initial_2.86.1.bb} (100%)
rename meta/recipes-core/glib-2.0/{glib-2.0_2.86.0.bb => glib-2.0_2.86.1.bb} (100%)
create mode 100644 meta/recipes-devtools/binutils/binutils/0019-CVE-2025-11839.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0020-CVE-2025-11840.patch
rename meta/recipes-devtools/ccache/{ccache_4.12.bb => ccache_4.12.2.bb} (93%)
create mode 100644 meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-misc-create_inode.c-Fix-for-file-larger-than-2GB.patch
rename meta/recipes-extended/cups/{cups_2.4.14.bb => cups_2.4.15.bb} (51%)
rename meta/recipes-extended/libarchive/{libarchive_3.8.2.bb => libarchive_3.8.3.bb} (96%)
rename meta/recipes-gnome/libxmlb/{libxmlb_0.3.23.bb => libxmlb_0.3.24.bb} (93%)
rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.26.5.bb => gst-devtools_1.26.7.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gst-examples_1.26.5.bb => gst-examples_1.26.7.bb} (96%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.26.5.bb => gstreamer1.0-libav_1.26.7.bb} (91%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.26.5.bb => gstreamer1.0-plugins-bad_1.26.7.bb} (98%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.26.5.bb => gstreamer1.0-plugins-base_1.26.7.bb} (98%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.26.5.bb => gstreamer1.0-plugins-good_1.26.7.bb} (97%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.26.5.bb => gstreamer1.0-plugins-ugly_1.26.7.bb} (94%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.26.5.bb => gstreamer1.0-python_1.26.7.bb} (91%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.26.5.bb => gstreamer1.0-rtsp-server_1.26.7.bb} (90%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.26.5.bb => gstreamer1.0-vaapi_1.26.7.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.26.5.bb => gstreamer1.0_1.26.7.bb} (97%)
rename meta/recipes-multimedia/libpng/{libpng_1.6.50.bb => libpng_1.6.51.bb} (97%)
rename meta/recipes-support/enchant/{enchant2_2.8.12.bb => enchant2_2.8.14.bb} (91%)
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-9820.patch
create mode 100644 meta/recipes-support/sqlite/files/CVE-2025-3277.patch
create mode 100644 meta/recipes-support/sqlite/files/CVE-2025-6965.patch
Best regards,
--
Paul Barker
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 252 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2026-01-07 12:16 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-01-06 14:57 [OE-core][whinlatter 00/29] Pull request (cover letter only) Yoann Congal
2026-01-07 10:20 ` Yoann Congal
2026-01-07 12:16 ` Paul Barker
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox