From: Yoann Congal <yoann.congal@smile.fr>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/26] Patch review
Date: Tue, 20 Jan 2026 14:37:22 +0100 [thread overview]
Message-ID: <cover.1768914702.git.yoann.congal@smile.fr> (raw)
Please review this set of changes for kirkstone and have comments back by
end of day Thursday, January 22.
This is the last patch review request for kirkstone 4.0.33 before it is
built on monday: In addition to normal CVE fixes:
* pseudo upgrade to fix 16117 – AB-INT: do_package: Error executing a python function in exec_func_python() autogenerated
https://bugzilla.yoctoproject.org/show_bug.cgi?id=16117
* A oeqa fix for 16137 – AB-INT: core-image-sato.bb:do_testsdk fails on ftpmirror.gnu.org returning 502 Bad Gateway
https://bugzilla.yoctoproject.org/show_bug.cgi?id=16137
Passed (with rebuild) a-full on autobuilder:
* https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/3090
* via poky-contrib stable/kirkstone-nut :
* OE-core tip is at https://git.yoctoproject.org/poky-contrib/commit/?h=stable/kirkstone-nut&id=08f446ecb3d3b78daaf8e5b90dec1bff6cb1d5d8
* meta-mingw failed https://autobuilder.yoctoproject.org/valkyrie/?#/builders/7/builds/3115
* Bug is: #16145 – [kirkstone] AB-INT: mingw-sdktest fail with "wine %CC" returning 1
* then, with the same commits, meta-mingw was successfully rebuilt https://autobuilder.yoctoproject.org/valkyrie/?#/builders/7/builds/3119
The following changes since commit 0057fc49725db8637656fac10631d8f89799bad3:
go: Fix CVE-2025-61729 (2025-12-29 08:48:27 -0800)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
for you to fetch changes up to 20ff1a4ac744855b54952d7fad7424696500a230:
oeqa: Use 2.14 release of cpio instead of 2.13 (2026-01-19 23:44:02 +0100)
----------------------------------------------------------------
Hitendra Prajapati (1):
python3: fix CVE-2025-13836
Khem Raj (1):
oeqa: Use 2.14 release of cpio instead of 2.13
Paul Barker (1):
pseudo: Add hard sstate dependencies for pseudo-native
Peter Marko (17):
util-linux: patch CVE-2025-14104
glib-2.0: patch CVE-2025-13601
glib-2.0: patch CVE-2025-14087
glib-2.0: patch CVE-2025-14512
qemu: ignore CVE-2025-54566 and CVE-2025-54567
cups: patch CVE-2025-58436
cups: patch CVE-2025-61915
cups: allow unknown directives in conf files
dropbear: patch CVE-2019-6111
python3-urllib3: patch CVE-2025-66418
libpcap: patch CVE-2025-11961
libpcap: patch CVE-2025-11964
libarchive: fix CVE-2025-60753 regression
curl: patch CVE-2025-14017
curl: patch CVE-2025-15079
curl: patch CVE-2025-15224
gnupg: patch CVE-2025-68973
Richard Purdie (4):
pseudo: Upgrade to version 1.9.1
pseudo: Update to pull in memleak fix
pseudo: Update to pull in openat2 and efault return code changes
pseudo: Update to pull in 'makewrappers: Fix EFAULT implementation'
Robert Yang (1):
pseudo: 1.9.0 -> 1.9.2
Vijay Anusuri (1):
binutils: Fix CVE-2025-1181
meta/lib/oeqa/runtime/cases/buildcpio.py | 2 +-
meta/lib/oeqa/sdk/cases/buildcpio.py | 4 +-
meta/lib/oeqa/selftest/cases/meta_ide.py | 2 +-
.../libpcap/libpcap/CVE-2025-11961-01.patch | 38 ++
.../libpcap/libpcap/CVE-2025-11961-02.patch | 433 ++++++++++++
.../libpcap/libpcap/CVE-2025-11964.patch | 33 +
.../libpcap/libpcap_1.10.1.bb | 3 +
meta/recipes-core/dropbear/dropbear.inc | 1 +
.../dropbear/dropbear/CVE-2019-6111.patch | 157 +++++
.../glib-2.0/glib-2.0/CVE-2025-13601-01.patch | 125 ++++
.../glib-2.0/glib-2.0/CVE-2025-13601-02.patch | 128 ++++
.../glib-2.0/glib-2.0/CVE-2025-14087-01.patch | 69 ++
.../glib-2.0/glib-2.0/CVE-2025-14087-02.patch | 240 +++++++
.../glib-2.0/glib-2.0/CVE-2025-14087-03.patch | 150 +++++
.../glib-2.0/glib-2.0/CVE-2025-14512.patch | 70 ++
meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb | 6 +
meta/recipes-core/util-linux/util-linux.inc | 2 +
.../util-linux/CVE-2025-14104-01.patch | 33 +
.../util-linux/CVE-2025-14104-02.patch | 28 +
.../binutils/binutils-2.38.inc | 2 +
.../binutils/binutils/CVE-2025-1181-pre.patch | 149 +++++
.../binutils/binutils/CVE-2025-1181.patch | 342 ++++++++++
.../0001-configure-Prune-PIE-flags.patch | 44 --
.../pseudo/files/glibc238.patch | 65 --
.../pseudo/files/older-glibc-symbols.patch | 4 +-
meta/recipes-devtools/pseudo/pseudo.inc | 7 +
meta/recipes-devtools/pseudo/pseudo_git.bb | 6 +-
.../python3-urllib3/CVE-2025-66418.patch | 70 ++
.../python/python3-urllib3_1.26.20.bb | 1 +
.../python/python3/CVE-2025-13836.patch | 163 +++++
.../python/python3_3.10.19.bb | 1 +
meta/recipes-devtools/qemu/qemu.inc | 3 +
meta/recipes-extended/cups/cups.inc | 3 +
...pping-scheduler-on-unknown-directive.patch | 43 ++
.../cups/cups/CVE-2025-58436.patch | 630 ++++++++++++++++++
.../cups/cups/CVE-2025-61915.patch | 487 ++++++++++++++
...25-60753.patch => CVE-2025-60753-01.patch} | 0
.../libarchive/CVE-2025-60753-02.patch | 46 ++
.../libarchive/libarchive_3.6.2.bb | 3 +-
.../curl/curl/CVE-2025-14017.patch | 115 ++++
.../curl/curl/CVE-2025-15079.patch | 32 +
.../curl/curl/CVE-2025-15224.patch | 31 +
meta/recipes-support/curl/curl_7.82.0.bb | 3 +
.../gnupg/gnupg/CVE-2025-68973.patch | 108 +++
meta/recipes-support/gnupg/gnupg_2.3.7.bb | 1 +
45 files changed, 3763 insertions(+), 120 deletions(-)
create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-01.patch
create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-02.patch
create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch
create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2019-6111.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-13601-01.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-13601-02.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-01.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-02.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-03.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14512.patch
create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2025-14104-01.patch
create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2025-14104-02.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-1181-pre.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-1181.patch
delete mode 100644 meta/recipes-devtools/pseudo/files/0001-configure-Prune-PIE-flags.patch
delete mode 100644 meta/recipes-devtools/pseudo/files/glibc238.patch
create mode 100644 meta/recipes-devtools/python/python3-urllib3/CVE-2025-66418.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2025-13836.patch
create mode 100644 meta/recipes-extended/cups/cups/0001-conf.c-Fix-stopping-scheduler-on-unknown-directive.patch
create mode 100644 meta/recipes-extended/cups/cups/CVE-2025-58436.patch
create mode 100644 meta/recipes-extended/cups/cups/CVE-2025-61915.patch
rename meta/recipes-extended/libarchive/libarchive/{CVE-2025-60753.patch => CVE-2025-60753-01.patch} (100%)
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-60753-02.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2025-14017.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2025-15079.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2025-15224.patch
create mode 100644 meta/recipes-support/gnupg/gnupg/CVE-2025-68973.patch
next reply other threads:[~2026-01-20 13:38 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-20 13:37 Yoann Congal [this message]
2026-01-20 13:37 ` [OE-core][kirkstone 01/26] util-linux: patch CVE-2025-14104 Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 02/26] glib-2.0: patch CVE-2025-13601 Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 03/26] glib-2.0: patch CVE-2025-14087 Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 04/26] glib-2.0: patch CVE-2025-14512 Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 05/26] qemu: ignore CVE-2025-54566 and CVE-2025-54567 Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 06/26] cups: patch CVE-2025-58436 Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 07/26] cups: patch CVE-2025-61915 Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 08/26] cups: allow unknown directives in conf files Yoann Congal
2026-01-20 13:47 ` Patchtest results for " patchtest
2026-01-20 13:37 ` [OE-core][kirkstone 09/26] dropbear: patch CVE-2019-6111 Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 10/26] python3-urllib3: patch CVE-2025-66418 Yoann Congal
2026-01-20 13:47 ` Patchtest results for " patchtest
2026-01-20 13:53 ` Marko, Peter
2026-01-20 13:37 ` [OE-core][kirkstone 11/26] libpcap: patch CVE-2025-11961 Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 12/26] libpcap: patch CVE-2025-11964 Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 13/26] python3: fix CVE-2025-13836 Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 14/26] libarchive: fix CVE-2025-60753 regression Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 15/26] curl: patch CVE-2025-14017 Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 16/26] curl: patch CVE-2025-15079 Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 17/26] curl: patch CVE-2025-15224 Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 18/26] gnupg: patch CVE-2025-68973 Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 19/26] binutils: Fix CVE-2025-1181 Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 20/26] pseudo: Upgrade to version 1.9.1 Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 21/26] pseudo: 1.9.0 -> 1.9.2 Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 22/26] pseudo: Update to pull in memleak fix Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 23/26] pseudo: Add hard sstate dependencies for pseudo-native Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 24/26] pseudo: Update to pull in openat2 and efault return code changes Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 25/26] pseudo: Update to pull in 'makewrappers: Fix EFAULT implementation' Yoann Congal
2026-01-20 13:37 ` [OE-core][kirkstone 26/26] oeqa: Use 2.14 release of cpio instead of 2.13 Yoann Congal
2026-01-20 19:03 ` [OE-core][kirkstone 00/26] Patch review Yoann Congal
-- strict thread matches above, loose matches on Subject: below --
2022-08-19 2:42 Steve Sakoman
2022-06-02 16:51 Steve Sakoman
2022-06-10 8:39 ` [kirkstone " Sundeep KOKKONDA
2022-06-10 9:12 ` [OE-core] " Martin Jansa
2022-06-10 9:13 ` Martin Jansa
2022-06-10 14:19 ` Steve Sakoman
2022-06-16 2:19 ` Sundeep KOKKONDA
2022-06-16 14:19 ` [OE-core] " Randy MacLeod
2022-06-20 3:09 ` Sundeep KOKKONDA
2022-06-27 12:12 ` Randy MacLeod
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1768914702.git.yoann.congal@smile.fr \
--to=yoann.congal@smile.fr \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox