From: Yoann Congal <yoann.congal@smile.fr>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][whinlatter 00/22] Patch review
Date: Sat, 31 Jan 2026 08:56:11 +0100 [thread overview]
Message-ID: <cover.1769845858.git.yoann.congal@smile.fr> (raw)
Please review this set of changes for whinlatter and have comments back by
end of day Tuesday, February 3.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/3151
The following changes since commit fa31089d48cac2aa11279e932a77f4dbdc02c02d:
libarchive: upgrade 3.8.4 -> 3.8.5 (2026-01-26 08:44:38 +0000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/whinlatter-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/whinlatter-nut
Hemanth Kumar M D (1):
binutils: Upgrade to 2.45.1 release
Hugo SIMELIERE (1):
libtasn1: Fix CVE-2025-13151
Jiaying Song (1):
grub: fix CVE-2025-54770 CVE-2025-61661 CVE-2025-61662 CVE-2025-61663
CVE-2025-61664
João Marcos Costa (1):
mesa: fix build error with llvmpipe gallium driver
Ken Kurematsu (1):
libtheora: set CVE_PRODUCT
Khai Dang (1):
docbook-xml-dtd4: fix the fetching failure
Mark Hatle (1):
dpkg: Fix ADMINDIR
Mathieu Dubois-Briand (2):
oeqa/gitarchive: Fix git push URL parameter
oeqa/gitarchive: Push tag before copying log files
Peter Marko (11):
go: upgrade 1.25.5 -> 1.25.6
zlib: ignore CVE-2026-22184
python3-urllib3: patch CVE-2026-21441
glibc: stable 2.42 branch updates
expat: patch CVE-2026-24515
dropbear: patch CVE-2025-14282
libpng: upgrade 1.6.53 -> 1.6.54
glib-2.0: patch CVE-2026-0988
libxml2: patch CVE-2026-0989
libxml2: patch CVE-2026-0990
openssl: upgrade 3.5.4 -> 3.5.5
Richard Purdie (2):
scripts/oe-git-archive: Ensure new push parameter is specified
pseudo: Update to 1.9.3 release
meta/lib/oe/package_manager/deb/__init__.py | 4 +
.../oeqa/selftest/cases/gitarchivetests.py | 4 +-
meta/lib/oeqa/utils/gitarchive.py | 8 +-
.../grub/files/CVE-2025-54770.patch | 41 +
.../grub/files/CVE-2025-61661.patch | 40 +
.../grub/files/CVE-2025-61662.patch | 72 +
.../grub/files/CVE-2025-61663_61664.patch | 64 +
meta/recipes-bsp/grub/grub2.inc | 4 +
...ke-history-reporting-when-test-fails.patch | 23 +-
.../0001-extend-check_cwm-test-timeout.patch | 2 +-
.../{openssl_3.5.4.bb => openssl_3.5.5.bb} | 2 +-
.../dropbear/dropbear/CVE-2025-14282-01.patch | 280 +++
.../dropbear/dropbear/CVE-2025-14282-02.patch | 97 +
.../dropbear/dropbear/CVE-2025-14282-03.patch | 282 +++
.../dropbear/dropbear/CVE-2025-14282-04.patch | 72 +
.../dropbear/dropbear/CVE-2025-14282-05.patch | 46 +
.../recipes-core/dropbear/dropbear_2025.88.bb | 5 +
.../expat/expat/CVE-2026-24515-01.patch | 43 +
.../expat/expat/CVE-2026-24515-02.patch | 117 ++
meta/recipes-core/expat/expat_2.7.3.bb | 2 +
.../glib-2.0/files/CVE-2026-0988.patch | 58 +
meta/recipes-core/glib-2.0/glib.inc | 1 +
meta/recipes-core/glibc/glibc-version.inc | 2 +-
meta/recipes-core/glibc/glibc_2.42.bb | 2 +-
.../libxml/libxml2/CVE-2026-0989.patch | 309 +++
.../libxml/libxml2/CVE-2026-0990.patch | 76 +
meta/recipes-core/libxml/libxml2_2.14.6.bb | 2 +
meta/recipes-core/zlib/zlib_1.3.1.bb | 2 +
.../binutils/binutils-2.45.inc | 6 +-
...-system-directories-when-cross-linki.patch | 38 +-
.../binutils/0008-Use-libtool-2.4.patch | 1827 ++++++++---------
.../docbook-xml/docbook-xml-dtd4_4.5.bb | 10 +-
...-dirs.c-set_rootfs-was-not-checking-.patch | 46 +
meta/recipes-devtools/dpkg/dpkg_1.22.21.bb | 1 +
.../go/{go-1.25.5.inc => go-1.25.6.inc} | 2 +-
...e_1.25.5.bb => go-binary-native_1.25.6.bb} | 6 +-
..._1.25.5.bb => go-cross-canadian_1.25.6.bb} | 0
...{go-cross_1.25.5.bb => go-cross_1.25.6.bb} | 0
...osssdk_1.25.5.bb => go-crosssdk_1.25.6.bb} | 0
...runtime_1.25.5.bb => go-runtime_1.25.6.bb} | 0
...ent-based-hash-generation-less-pedan.patch | 8 +-
...ng-cgo-on-386-call-C-sigaction-funct.patch | 4 +-
...d-go-make-GOROOT-precious-by-default.patch | 2 +-
.../go/{go_1.25.5.bb => go_1.25.6.bb} | 0
meta/recipes-devtools/pseudo/pseudo_git.bb | 4 +-
.../python3-urllib3/CVE-2026-21441.patch | 111 +
.../python/python3-urllib3_2.5.0.bb | 1 +
.../files/0001-gallivm-support-LLVM-21.patch | 56 +
meta/recipes-graphics/mesa/mesa.inc | 1 +
.../{libpng_1.6.53.bb => libpng_1.6.54.bb} | 4 +-
.../libtheora/libtheora_1.2.0.bb | 2 +
.../gnutls/libtasn1/CVE-2025-13151.patch | 30 +
.../recipes-support/gnutls/libtasn1_4.20.0.bb | 1 +
scripts/lib/resulttool/store.py | 9 +-
scripts/oe-git-archive | 2 +-
55 files changed, 2752 insertions(+), 1079 deletions(-)
create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-54770.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-61661.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-61662.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-61663_61664.patch
rename meta/recipes-connectivity/openssl/{openssl_3.5.4.bb => openssl_3.5.5.bb} (99%)
create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2025-14282-01.patch
create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2025-14282-02.patch
create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2025-14282-03.patch
create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2025-14282-04.patch
create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2025-14282-05.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2026-24515-01.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2026-24515-02.patch
create mode 100644 meta/recipes-core/glib-2.0/files/CVE-2026-0988.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2026-0989.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2026-0990.patch
create mode 100644 meta/recipes-devtools/dpkg/dpkg/0001-lib-dpkg-options-dirs.c-set_rootfs-was-not-checking-.patch
rename meta/recipes-devtools/go/{go-1.25.5.inc => go-1.25.6.inc} (91%)
rename meta/recipes-devtools/go/{go-binary-native_1.25.5.bb => go-binary-native_1.25.6.bb} (79%)
rename meta/recipes-devtools/go/{go-cross-canadian_1.25.5.bb => go-cross-canadian_1.25.6.bb} (100%)
rename meta/recipes-devtools/go/{go-cross_1.25.5.bb => go-cross_1.25.6.bb} (100%)
rename meta/recipes-devtools/go/{go-crosssdk_1.25.5.bb => go-crosssdk_1.25.6.bb} (100%)
rename meta/recipes-devtools/go/{go-runtime_1.25.5.bb => go-runtime_1.25.6.bb} (100%)
rename meta/recipes-devtools/go/{go_1.25.5.bb => go_1.25.6.bb} (100%)
create mode 100644 meta/recipes-devtools/python/python3-urllib3/CVE-2026-21441.patch
create mode 100644 meta/recipes-graphics/mesa/files/0001-gallivm-support-LLVM-21.patch
rename meta/recipes-multimedia/libpng/{libpng_1.6.53.bb => libpng_1.6.54.bb} (94%)
create mode 100644 meta/recipes-support/gnutls/libtasn1/CVE-2025-13151.patch
next reply other threads:[~2026-01-31 7:57 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-31 7:56 Yoann Congal [this message]
2026-01-31 7:56 ` [OE-core][whinlatter 01/22] oeqa/gitarchive: Fix git push URL parameter Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 02/22] oeqa/gitarchive: Push tag before copying log files Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 03/22] scripts/oe-git-archive: Ensure new push parameter is specified Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 04/22] grub: fix CVE-2025-54770 CVE-2025-61661 CVE-2025-61662 CVE-2025-61663 CVE-2025-61664 Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 05/22] mesa: fix build error with llvmpipe gallium driver Yoann Congal
2026-01-31 8:17 ` Patchtest results for " patchtest
2026-01-31 9:01 ` Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 06/22] go: upgrade 1.25.5 -> 1.25.6 Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 07/22] zlib: ignore CVE-2026-22184 Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 08/22] python3-urllib3: patch CVE-2026-21441 Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 09/22] libtasn1: Fix CVE-2025-13151 Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 10/22] glibc: stable 2.42 branch updates Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 11/22] expat: patch CVE-2026-24515 Yoann Congal
2026-01-31 15:46 ` Marko, Peter
2026-01-31 7:56 ` [OE-core][whinlatter 12/22] pseudo: Update to 1.9.3 release Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 13/22] dpkg: Fix ADMINDIR Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 14/22] docbook-xml-dtd4: fix the fetching failure Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 15/22] dropbear: patch CVE-2025-14282 Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 16/22] libtheora: set CVE_PRODUCT Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 17/22] libpng: upgrade 1.6.53 -> 1.6.54 Yoann Congal
2026-01-31 8:25 ` Yoann Congal
2026-01-31 20:12 ` Marko, Peter
2026-01-31 7:56 ` [OE-core][whinlatter 18/22] glib-2.0: patch CVE-2026-0988 Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 19/22] libxml2: patch CVE-2026-0989 Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 20/22] libxml2: patch CVE-2026-0990 Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 21/22] binutils: Upgrade to 2.45.1 release Yoann Congal
2026-01-31 7:56 ` [OE-core][whinlatter 22/22] openssl: upgrade 3.5.4 -> 3.5.5 Yoann Congal
2026-01-31 8:02 ` Yoann Congal
2026-01-31 8:01 ` [OE-core][whinlatter 00/22] Patch review Yoann Congal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1769845858.git.yoann.congal@smile.fr \
--to=yoann.congal@smile.fr \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox