From: Yoann Congal <yoann.congal@smile.fr>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/17] Patch review
Date: Mon, 16 Mar 2026 10:28:19 +0100 [thread overview]
Message-ID: <cover.1773652940.git.yoann.congal@smile.fr> (raw)
Please review this set of changes for kirkstone and have comments back by
end of day Wednesday, March 18.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/3429
This build was impacted by:
* 16185 – AB-INT: failed connections to git.yoctoproject.org https://bugzilla.yoctoproject.org/show_bug.cgi?id=16185
* https://autobuilder.yoctoproject.org/valkyrie/#/builders/6/builds/3403
* rebuilt successfully as https://autobuilder.yoctoproject.org/valkyrie/#/builders/6/builds/3404
* https://autobuilder.yoctoproject.org/valkyrie/#/builders/78/builds/3404
* rebuilt successfully as https://autobuilder.yoctoproject.org/valkyrie/#/builders/78/builds/3405
* A random network glitch on github:
* https://autobuilder.yoctoproject.org/valkyrie/#/builders/30/builds/3357
* rebuilt successfully as https://autobuilder.yoctoproject.org/valkyrie/#/builders/30/builds/3360
The following changes since commit 7b6c9faa301a6d058ca34e230586f6a81ffa3ffb:
build-appliance-image: Update to kirkstone head revision (2026-02-27 15:59:49 +0000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
for you to fetch changes up to ec995339f1f4143616f1b13814899acaf137b0b5:
createrepo-c: Fix createrepo-c-native build on GCC14 hosts (e.g. Fedora 41) (2026-03-15 23:59:54 +0100)
----------------------------------------------------------------
Aleksandar Nikolic (1):
scripts/install-buildtools: Update to 4.0.33
Hitendra Prajapati (1):
libpam: fix CVE-2024-10963
Ken Kurematsu (1):
libtheora: set CVE_PRODUCT
Martin Jansa (2):
libpam: re-add missing libgen include
lsb.py: strip ' from os-release file
Peter Marko (7):
alsa-lib: patch CVE-2026-25068
ffmpeg: patch CVE-2025-10256
inetutils: patch CVE-2026-28372
busybox: patch CVE-2025-60876
tiff: patch CVE-2025-61143
tiff: patch CVE-2025-61144
tiff: set status of CVE-2025-61145 as fixed by patch for CVE-2025-8961
Shaik Moin (1):
gdk-pixbuf: Fix CVE-2025-6199
Vijay Anusuri (1):
python3-pip: Fix CVE-2026-1703
Yoann Congal (3):
gtk+3: fix incompatible-pointer-types errors for native build on
Fedora 41
libcomps: Fix libcomps-native build on GCC14 hosts (e.g. Fedora 41)
createrepo-c: Fix createrepo-c-native build on GCC14 hosts (e.g.
Fedora 41)
meta/lib/oe/lsb.py | 2 +-
.../inetutils/inetutils/CVE-2026-28372.patch | 86 +++++++
.../inetutils/inetutils_2.2.bb | 1 +
.../busybox/busybox/CVE-2025-60876.patch | 38 +++
meta/recipes-core/busybox/busybox_1.35.0.bb | 1 +
...-proper-cast-for-PyMethodDef.ml_meth.patch | 41 ++++
.../createrepo-c/createrepo-c_0.19.0.bb | 1 +
...orrect-variable-for-category-and-env.patch | 48 ++++
.../libcomps/libcomps_0.1.18.bb | 1 +
.../python/python3-pip/CVE-2026-1703.patch | 37 +++
.../python/python3-pip_22.0.3.bb | 1 +
.../pam/libpam/CVE-2024-10963.patch | 229 ++++++++++++++++++
.../pam/libpam/CVE-2025-6020-01.patch | 4 +-
meta/recipes-extended/pam/libpam_1.5.2.bb | 1 +
.../gdk-pixbuf/gdk-pixbuf/CVE-2025-6199.patch | 36 +++
.../gdk-pixbuf/gdk-pixbuf_2.42.10.bb | 1 +
...-type-when-calling-GtkWidget-methods.patch | 28 +++
...ests-Add-GdkEvent-casts-in-testinput.patch | 48 ++++
meta/recipes-gnome/gtk+/gtk+3_3.24.34.bb | 2 +
.../alsa/alsa-lib/CVE-2026-25068.patch | 34 +++
.../alsa/alsa-lib_1.2.6.1.bb | 1 +
.../ffmpeg/ffmpeg/CVE-2025-10256.patch | 31 +++
.../recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb | 1 +
.../libtheora/libtheora_1.1.1.bb | 2 +
.../libtiff/tiff/CVE-2025-61143.patch | 44 ++++
.../libtiff/tiff/CVE-2025-61144.patch | 27 +++
.../libtiff/tiff/CVE-2025-8961.patch | 1 +
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 2 +
scripts/install-buildtools | 4 +-
29 files changed, 748 insertions(+), 5 deletions(-)
create mode 100644 meta/recipes-connectivity/inetutils/inetutils/CVE-2026-28372.patch
create mode 100644 meta/recipes-core/busybox/busybox/CVE-2025-60876.patch
create mode 100644 meta/recipes-devtools/createrepo-c/createrepo-c/0001-Use-proper-cast-for-PyMethodDef.ml_meth.patch
create mode 100644 meta/recipes-devtools/libcomps/libcomps/0001-Fix-build-use-correct-variable-for-category-and-env.patch
create mode 100644 meta/recipes-devtools/python/python3-pip/CVE-2026-1703.patch
create mode 100644 meta/recipes-extended/pam/libpam/CVE-2024-10963.patch
create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2025-6199.patch
create mode 100644 meta/recipes-gnome/gtk+/gtk+3/0001-Use-the-right-type-when-calling-GtkWidget-methods.patch
create mode 100644 meta/recipes-gnome/gtk+/gtk+3/0002-tests-Add-GdkEvent-casts-in-testinput.patch
create mode 100644 meta/recipes-multimedia/alsa/alsa-lib/CVE-2026-25068.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-10256.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2025-61143.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2025-61144.patch
next reply other threads:[~2026-03-16 9:30 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-16 9:28 Yoann Congal [this message]
2026-03-16 9:28 ` [OE-core][kirkstone 01/17] libtheora: set CVE_PRODUCT Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 02/17] alsa-lib: patch CVE-2026-25068 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 03/17] gdk-pixbuf: Fix CVE-2025-6199 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 04/17] ffmpeg: patch CVE-2025-10256 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 05/17] inetutils: patch CVE-2026-28372 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 06/17] busybox: patch CVE-2025-60876 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 07/17] tiff: patch CVE-2025-61143 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 08/17] tiff: patch CVE-2025-61144 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 09/17] tiff: set status of CVE-2025-61145 as fixed by patch for CVE-2025-8961 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 10/17] gtk+3: fix incompatible-pointer-types errors for native build on Fedora 41 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 11/17] libpam: fix CVE-2024-10963 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 12/17] libpam: re-add missing libgen include Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 13/17] lsb.py: strip ' from os-release file Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 14/17] python3-pip: Fix CVE-2026-1703 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 15/17] scripts/install-buildtools: Update to 4.0.33 Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 16/17] libcomps: Fix libcomps-native build on GCC14 hosts (e.g. Fedora 41) Yoann Congal
2026-03-16 9:28 ` [OE-core][kirkstone 17/17] createrepo-c: Fix createrepo-c-native " Yoann Congal
-- strict thread matches above, loose matches on Subject: below --
2023-09-28 2:48 [OE-core][kirkstone 00/17] Patch review Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1773652940.git.yoann.congal@smile.fr \
--to=yoann.congal@smile.fr \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox