[OE-core][kirkstone 00/26] Pull request (cover letter only)

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

From: Yoann Congal <yoann.congal@smile.fr>
To: openembedded-core@lists.openembedded.org
Cc: Paul Barker <paul@pbarker.dev>
Subject: [OE-core][kirkstone 00/26] Pull request (cover letter only)
Date: Fri, 23 Jan 2026 17:23:11 +0100	[thread overview]
Message-ID: <cover.1769184700.git.yoann.congal@smile.fr> (raw)

Those are the patches from the last patch review:
https://lore.kernel.org/openembedded-core/cover.1768914702.git.yoann.congal@smile.fr/
... with the v2 of "python3-urllib3: patch CVE-2025-66418".

Note: this PR has patchs related to the whinlatter PR:
https://lore.kernel.org/openembedded-core/cover.1769175900.git.yoann.congal@smile.fr/
And the scarthgap PR:
https://lore.kernel.org/openembedded-core/cover.1769177912.git.yoann.congal@smile.fr/

Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/3114
via https://git.yoctoproject.org/poky-contrib/commit/?h=stable/kirkstone-nut&id=323236258711d8f3110c5a3ab1f001f3251d0e03

The following changes since commit 0057fc49725db8637656fac10631d8f89799bad3:

  go: Fix CVE-2025-61729 (2025-12-29 08:48:27 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-next
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next

for you to fetch changes up to 1ce772b2fd97d2e8364a602fdd313355f2df967e:

  oeqa: Use 2.14 release of cpio instead of 2.13 (2026-01-20 15:39:51 +0100)

----------------------------------------------------------------

Hitendra Prajapati (1):
  python3: fix CVE-2025-13836

Khem Raj (1):
  oeqa: Use 2.14 release of cpio instead of 2.13

Paul Barker (1):
  pseudo: Add hard sstate dependencies for pseudo-native

Peter Marko (17):
  util-linux: patch CVE-2025-14104
  glib-2.0: patch CVE-2025-13601
  glib-2.0: patch CVE-2025-14087
  glib-2.0: patch CVE-2025-14512
  qemu: ignore CVE-2025-54566 and CVE-2025-54567
  cups: patch CVE-2025-58436
  cups: patch CVE-2025-61915
  cups: allow unknown directives in conf files
  dropbear: patch CVE-2019-6111
  python3-urllib3: patch CVE-2025-66418
  libpcap: patch CVE-2025-11961
  libpcap: patch CVE-2025-11964
  libarchive: fix CVE-2025-60753 regression
  curl: patch CVE-2025-14017
  curl: patch CVE-2025-15079
  curl: patch CVE-2025-15224
  gnupg: patch CVE-2025-68973

Richard Purdie (4):
  pseudo: Upgrade to version 1.9.1
  pseudo: Update to pull in memleak fix
  pseudo: Update to pull in openat2 and efault return code changes
  pseudo: Update to pull in 'makewrappers: Fix EFAULT implementation'

Robert Yang (1):
  pseudo: 1.9.0 -> 1.9.2

Vijay Anusuri (1):
  binutils: Fix CVE-2025-1181

 meta/lib/oeqa/runtime/cases/buildcpio.py      |   2 +-
 meta/lib/oeqa/sdk/cases/buildcpio.py          |   4 +-
 meta/lib/oeqa/selftest/cases/meta_ide.py      |   2 +-
 .../libpcap/libpcap/CVE-2025-11961-01.patch   |  38 ++
 .../libpcap/libpcap/CVE-2025-11961-02.patch   | 433 ++++++++++++
 .../libpcap/libpcap/CVE-2025-11964.patch      |  33 +
 .../libpcap/libpcap_1.10.1.bb                 |   3 +
 meta/recipes-core/dropbear/dropbear.inc       |   1 +
 .../dropbear/dropbear/CVE-2019-6111.patch     | 157 +++++
 .../glib-2.0/glib-2.0/CVE-2025-13601-01.patch | 125 ++++
 .../glib-2.0/glib-2.0/CVE-2025-13601-02.patch | 128 ++++
 .../glib-2.0/glib-2.0/CVE-2025-14087-01.patch |  69 ++
 .../glib-2.0/glib-2.0/CVE-2025-14087-02.patch | 240 +++++++
 .../glib-2.0/glib-2.0/CVE-2025-14087-03.patch | 150 +++++
 .../glib-2.0/glib-2.0/CVE-2025-14512.patch    |  70 ++
 meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb |   6 +
 meta/recipes-core/util-linux/util-linux.inc   |   2 +
 .../util-linux/CVE-2025-14104-01.patch        |  33 +
 .../util-linux/CVE-2025-14104-02.patch        |  28 +
 .../binutils/binutils-2.38.inc                |   2 +
 .../binutils/binutils/CVE-2025-1181-pre.patch | 149 +++++
 .../binutils/binutils/CVE-2025-1181.patch     | 342 ++++++++++
 .../0001-configure-Prune-PIE-flags.patch      |  44 --
 .../pseudo/files/glibc238.patch               |  65 --
 .../pseudo/files/older-glibc-symbols.patch    |   4 +-
 meta/recipes-devtools/pseudo/pseudo.inc       |   7 +
 meta/recipes-devtools/pseudo/pseudo_git.bb    |   6 +-
 .../python3-urllib3/CVE-2025-66418.patch      |  74 ++
 .../python/python3-urllib3_1.26.20.bb         |   1 +
 .../python/python3/CVE-2025-13836.patch       | 163 +++++
 .../python/python3_3.10.19.bb                 |   1 +
 meta/recipes-devtools/qemu/qemu.inc           |   3 +
 meta/recipes-extended/cups/cups.inc           |   3 +
 ...pping-scheduler-on-unknown-directive.patch |  43 ++
 .../cups/cups/CVE-2025-58436.patch            | 630 ++++++++++++++++++
 .../cups/cups/CVE-2025-61915.patch            | 487 ++++++++++++++
 ...25-60753.patch => CVE-2025-60753-01.patch} |   0
 .../libarchive/CVE-2025-60753-02.patch        |  46 ++
 .../libarchive/libarchive_3.6.2.bb            |   3 +-
 .../curl/curl/CVE-2025-14017.patch            | 115 ++++
 .../curl/curl/CVE-2025-15079.patch            |  32 +
 .../curl/curl/CVE-2025-15224.patch            |  31 +
 meta/recipes-support/curl/curl_7.82.0.bb      |   3 +
 .../gnupg/gnupg/CVE-2025-68973.patch          | 108 +++
 meta/recipes-support/gnupg/gnupg_2.3.7.bb     |   1 +
 45 files changed, 3767 insertions(+), 120 deletions(-)
 create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-01.patch
 create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-02.patch
 create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch
 create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2019-6111.patch
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-13601-01.patch
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-13601-02.patch
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-01.patch
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-02.patch
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-03.patch
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14512.patch
 create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2025-14104-01.patch
 create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2025-14104-02.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-1181-pre.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-1181.patch
 delete mode 100644 meta/recipes-devtools/pseudo/files/0001-configure-Prune-PIE-flags.patch
 delete mode 100644 meta/recipes-devtools/pseudo/files/glibc238.patch
 create mode 100644 meta/recipes-devtools/python/python3-urllib3/CVE-2025-66418.patch
 create mode 100644 meta/recipes-devtools/python/python3/CVE-2025-13836.patch
 create mode 100644 meta/recipes-extended/cups/cups/0001-conf.c-Fix-stopping-scheduler-on-unknown-directive.patch
 create mode 100644 meta/recipes-extended/cups/cups/CVE-2025-58436.patch
 create mode 100644 meta/recipes-extended/cups/cups/CVE-2025-61915.patch
 rename meta/recipes-extended/libarchive/libarchive/{CVE-2025-60753.patch => CVE-2025-60753-01.patch} (100%)
 create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-60753-02.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2025-14017.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2025-15079.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2025-15224.patch
 create mode 100644 meta/recipes-support/gnupg/gnupg/CVE-2025-68973.patch

next             reply	other threads:[~2026-01-23 16:23 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-01-23 16:23 Yoann Congal [this message]
  -- strict thread matches above, loose matches on Subject: below --
2022-08-23 14:13 [OE-core][kirkstone 00/26] Pull request (cover letter only) Steve Sakoman
2022-06-07  2:10 Steve Sakoman
2022-04-28 15:35 Steve Sakoman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1769184700.git.yoann.congal@smile.fr \
    --to=yoann.congal@smile.fr \
    --cc=openembedded-core@lists.openembedded.org \
    --cc=paul@pbarker.dev \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox