From: Yoann Congal <yoann.congal@smile.fr>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 00/22] Patch review
Date: Tue, 20 Jan 2026 13:08:14 +0100 [thread overview]
Message-ID: <cover.1768910519.git.yoann.congal@smile.fr> (raw)
Please review this set of changes for scarthgap and have comments back by
end of day Thursday, January 22.
This scarthgap patch review request is aimed at getting kirkstone
4.0.33 built on monday:
* Ensuring fixes in kirkstone have their equivalent in more recent
stable branches.
* pseudo upgrade to fix 16117 – AB-INT: do_package: Error executing a python function in exec_func_python() autogenerated
https://bugzilla.yoctoproject.org/show_bug.cgi?id=16117
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/3091
via poky-contrib stable/scarthgap-nut. The tip of OE-Core is at:
https://git.yoctoproject.org/poky-contrib/commit/?h=stable/scarthgap-nut&id=a7e7530d8ece2ee31ffcb220264cc9c52616b526
The following changes since commit 6988157ad983978ffd6b12bcefedd4deaffdbbd1:
build-appliance-image: Update to scarthgap head revision (2026-01-02 06:57:59 -0800)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut
for you to fetch changes up to 199c6518f5e363a2d8648bdfe14233afd9b0ba6e:
pseudo: Update to pull in 'makewrappers: Fix EFAULT implementation' (2026-01-19 17:44:48 +0100)
----------------------------------------------------------------
Paul Barker (1):
pseudo: Add hard sstate dependencies for pseudo-native
Peter Marko (16):
python3: patch CVE-2025-12084
python3: patch CVE-2025-13836
util-linux: patch CVE-2025-14104
qemu: ignore CVE-2025-54566 and CVE-2025-54567
glib-2.0: patch CVE-2025-13601
glib-2.0: patch CVE-2025-14087
glib-2.0: patch CVE-2025-14512
dropbear: patch CVE-2019-6111
libpcap: patch CVE-2025-11961
libpcap: patch CVE-2025-11964
cups: allow unknown directives in conf files
libarchive: fix CVE-2025-60753 regression
curl: patch CVE-2025-14017
curl: patch CVE-2025-14819
curl: patch CVE-2025-15079
curl: patch CVE-2025-15224
Richard Purdie (4):
pseudo: Upgrade to version 1.9.1
pseudo: Update to pull in memleak fix
pseudo: Update to pull in openat2 and efault return code changes
pseudo: Update to pull in 'makewrappers: Fix EFAULT implementation'
Robert Yang (1):
pseudo: 1.9.0 -> 1.9.2
.../libpcap/libpcap/CVE-2025-11961-01.patch | 38 ++
.../libpcap/libpcap/CVE-2025-11961-02.patch | 433 ++++++++++++++++++
.../libpcap/libpcap/CVE-2025-11964.patch | 33 ++
.../libpcap/libpcap_1.10.4.bb | 3 +
.../dropbear/dropbear/CVE-2019-6111.patch | 157 +++++++
.../recipes-core/dropbear/dropbear_2022.83.bb | 1 +
.../glib-2.0/glib-2.0/CVE-2025-13601-01.patch | 125 +++++
.../glib-2.0/glib-2.0/CVE-2025-13601-02.patch | 128 ++++++
.../glib-2.0/glib-2.0/CVE-2025-14087-01.patch | 69 +++
.../glib-2.0/glib-2.0/CVE-2025-14087-02.patch | 240 ++++++++++
.../glib-2.0/glib-2.0/CVE-2025-14087-03.patch | 150 ++++++
.../glib-2.0/glib-2.0/CVE-2025-14512.patch | 70 +++
meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb | 6 +
meta/recipes-core/util-linux/util-linux.inc | 2 +
.../util-linux/CVE-2025-14104-01.patch | 33 ++
.../util-linux/CVE-2025-14104-02.patch | 28 ++
.../0001-configure-Prune-PIE-flags.patch | 44 --
.../pseudo/files/glibc238.patch | 65 ---
.../pseudo/files/older-glibc-symbols.patch | 4 +-
meta/recipes-devtools/pseudo/pseudo.inc | 7 +
meta/recipes-devtools/pseudo/pseudo_git.bb | 6 +-
.../python/python3/CVE-2025-12084.patch | 144 ++++++
.../python/python3/CVE-2025-13836.patch | 162 +++++++
.../python/python3_3.12.12.bb | 2 +
meta/recipes-devtools/qemu/qemu.inc | 3 +
meta/recipes-extended/cups/cups.inc | 1 +
...pping-scheduler-on-unknown-directive.patch | 43 ++
...25-60753.patch => CVE-2025-60753-01.patch} | 0
.../libarchive/CVE-2025-60753-02.patch | 46 ++
.../libarchive/libarchive_3.7.9.bb | 3 +-
...st-qual-fix-or-silence-compiler-warn.patch | 85 ++++
.../curl/curl/CVE-2025-14017.patch | 115 +++++
.../curl/curl/CVE-2025-14819.patch | 73 +++
.../curl/curl/CVE-2025-15079.patch | 32 ++
.../curl/curl/CVE-2025-15224.patch | 31 ++
meta/recipes-support/curl/curl_8.7.1.bb | 5 +
36 files changed, 2271 insertions(+), 116 deletions(-)
create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-01.patch
create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-02.patch
create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch
create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2019-6111.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-13601-01.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-13601-02.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-01.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-02.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-03.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14512.patch
create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2025-14104-01.patch
create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2025-14104-02.patch
delete mode 100644 meta/recipes-devtools/pseudo/files/0001-configure-Prune-PIE-flags.patch
delete mode 100644 meta/recipes-devtools/pseudo/files/glibc238.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2025-12084.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2025-13836.patch
create mode 100644 meta/recipes-extended/cups/cups/0001-conf.c-Fix-stopping-scheduler-on-unknown-directive.patch
rename meta/recipes-extended/libarchive/libarchive/{CVE-2025-60753.patch => CVE-2025-60753-01.patch} (100%)
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-60753-02.patch
create mode 100644 meta/recipes-support/curl/curl/0001-build-enable-Wcast-qual-fix-or-silence-compiler-warn.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2025-14017.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2025-14819.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2025-15079.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2025-15224.patch
next reply other threads:[~2026-01-20 12:09 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-20 12:08 Yoann Congal [this message]
2026-01-20 12:08 ` [OE-core][scarthgap 01/22] python3: patch CVE-2025-12084 Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 02/22] python3: patch CVE-2025-13836 Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 03/22] util-linux: patch CVE-2025-14104 Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 04/22] qemu: ignore CVE-2025-54566 and CVE-2025-54567 Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 05/22] glib-2.0: patch CVE-2025-13601 Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 06/22] glib-2.0: patch CVE-2025-14087 Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 07/22] glib-2.0: patch CVE-2025-14512 Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 08/22] dropbear: patch CVE-2019-6111 Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 09/22] libpcap: patch CVE-2025-11961 Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 10/22] libpcap: patch CVE-2025-11964 Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 11/22] cups: allow unknown directives in conf files Yoann Congal
2026-01-20 12:16 ` Patchtest results for " patchtest
2026-01-20 12:21 ` Marko, Peter
2026-01-20 12:59 ` Yoann Congal
2026-01-20 17:52 ` Trevor Gamblin
2026-01-20 12:08 ` [OE-core][scarthgap 12/22] libarchive: fix CVE-2025-60753 regression Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 13/22] curl: patch CVE-2025-14017 Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 14/22] curl: patch CVE-2025-14819 Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 15/22] curl: patch CVE-2025-15079 Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 16/22] curl: patch CVE-2025-15224 Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 17/22] pseudo: Upgrade to version 1.9.1 Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 18/22] pseudo: 1.9.0 -> 1.9.2 Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 19/22] pseudo: Update to pull in memleak fix Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 20/22] pseudo: Add hard sstate dependencies for pseudo-native Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 21/22] pseudo: Update to pull in openat2 and efault return code changes Yoann Congal
2026-01-20 12:08 ` [OE-core][scarthgap 22/22] pseudo: Update to pull in 'makewrappers: Fix EFAULT implementation' Yoann Congal
-- strict thread matches above, loose matches on Subject: below --
2024-06-17 12:04 [OE-core][scarthgap 00/22] Patch review Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1768910519.git.yoann.congal@smile.fr \
--to=yoann.congal@smile.fr \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox