* [OE-core][scarthgap 00/15] Pull request (cover letter only)
@ 2026-03-24 22:27 Yoann Congal
2026-03-25 11:12 ` Ernst Persson
0 siblings, 1 reply; 3+ messages in thread
From: Yoann Congal @ 2026-03-24 22:27 UTC (permalink / raw)
To: openembedded-core; +Cc: Paul Barker
Those are the patches from the last patch review:
https://lore.kernel.org/openembedded-core/cover.1773966414.git.yoann.congal@smile.fr/T/#t
Passed a-full on autobuilder (with an AB-INT):
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/3502
* qemuarm64-tc failed on what look like the bug 16058 – AB-INT: rust do_test_compile/do_install segfault
* rebuilt successfully in https://autobuilder.yoctoproject.org/valkyrie/#/builders/5/builds/3396
The following changes since commit 077f258eb2125359ffe3982c58433ee14cb21f09:
busybox: Fixes CVE-2025-60876 (2026-03-16 09:21:34 +0000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-next
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-next
for you to fetch changes up to 9f2a6cfda6a2305f52411ca8121f27c8a5a91fa2:
python3-pip: drop unused Windows distlib launcher templates (2026-03-20 10:56:43 +0100)
----------------------------------------------------------------
Ankur Tyagi (2):
wireless-regdb: upgrade 2025.10.07 -> 2026.02.04
tiff: ignore CVE-2025-61143, CVE-2025-61144 and CVE-2025-61145
Daniel Turull (3):
improve_kernel_cve_report: do not override backported-patch
improve_kernel_cve_report: do not use custom version
improve_kernel_cve_report: add option to read debugsources.zstd
Eduardo Ferreira (1):
go: Fix CVE-2025-61726.patch variable ordering
Krupal Ka Patel (2):
python3-setuptools: drop Windows launcher executables on non-mingw
builds
python3-pip: drop unused Windows distlib launcher templates
Martin Jansa (1):
lsb.py: strip ' from os-release file
Peter Marko (1):
inetutils: patch CVE-2026-28372
Ryan Eatmon (1):
oe-setup-build: Fix typo
Trent Piepho (1):
systemd-systemctl: Fix instance name parsing with escapes or periods
Vijay Anusuri (3):
freetype: Fix CVE-2026-23865
python3-pip: Fix CVE-2026-1703
inetutils: Fix CVE-2026-32746
meta/lib/oe/lsb.py | 2 +-
.../inetutils/inetutils/CVE-2026-28372.patch | 86 +++++++++++++++++++
.../inetutils/inetutils/CVE-2026-32746.patch | 40 +++++++++
.../inetutils/inetutils_2.5.bb | 2 +
.../systemd/systemd-systemctl/systemctl | 7 +-
.../go/go/CVE-2025-61726.patch | 21 ++---
.../python/python3-pip/CVE-2026-1703.patch | 37 ++++++++
.../python/python3-pip_24.0.bb | 13 ++-
.../python/python3-setuptools_69.1.1.bb | 9 ++
.../freetype/freetype/CVE-2026-23865.patch | 54 ++++++++++++
.../freetype/freetype_2.13.2.bb | 1 +
....10.07.bb => wireless-regdb_2026.02.04.bb} | 2 +-
meta/recipes-multimedia/libtiff/tiff_4.6.0.bb | 2 +-
scripts/contrib/improve_kernel_cve_report.py | 37 +++++++-
scripts/oe-setup-build | 2 +-
15 files changed, 295 insertions(+), 20 deletions(-)
create mode 100644 meta/recipes-connectivity/inetutils/inetutils/CVE-2026-28372.patch
create mode 100644 meta/recipes-connectivity/inetutils/inetutils/CVE-2026-32746.patch
create mode 100644 meta/recipes-devtools/python/python3-pip/CVE-2026-1703.patch
create mode 100644 meta/recipes-graphics/freetype/freetype/CVE-2026-23865.patch
rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2025.10.07.bb => wireless-regdb_2026.02.04.bb} (94%)
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [OE-core][scarthgap 00/15] Pull request (cover letter only)
2026-03-24 22:27 [OE-core][scarthgap 00/15] Pull request (cover letter only) Yoann Congal
@ 2026-03-25 11:12 ` Ernst Persson
2026-03-25 11:14 ` Yoann Congal
0 siblings, 1 reply; 3+ messages in thread
From: Ernst Persson @ 2026-03-25 11:12 UTC (permalink / raw)
To: yoann.congal; +Cc: openembedded-core, Paul Barker
[-- Attachment #1: Type: text/plain, Size: 4298 bytes --]
What happened to [scarthgap][PATCHv2] busybox: fix for CVE-2026-26157,
CVE-2026-26158
from Hitendra Prajapati?
Den tis 24 mars 2026 kl 23:28 skrev Yoann Congal via lists.openembedded.org
<yoann.congal=smile.fr@lists.openembedded.org>:
> Those are the patches from the last patch review:
>
> https://lore.kernel.org/openembedded-core/cover.1773966414.git.yoann.congal@smile.fr/T/#t
>
> Passed a-full on autobuilder (with an AB-INT):
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/3502
> * qemuarm64-tc failed on what look like the bug 16058 – AB-INT: rust
> do_test_compile/do_install segfault
> * rebuilt successfully in
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/5/builds/3396
>
> The following changes since commit
> 077f258eb2125359ffe3982c58433ee14cb21f09:
>
> busybox: Fixes CVE-2025-60876 (2026-03-16 09:21:34 +0000)
>
> are available in the Git repository at:
>
> https://git.openembedded.org/openembedded-core-contrib
> stable/scarthgap-next
>
> https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-next
>
> for you to fetch changes up to 9f2a6cfda6a2305f52411ca8121f27c8a5a91fa2:
>
> python3-pip: drop unused Windows distlib launcher templates (2026-03-20
> 10:56:43 +0100)
>
> ----------------------------------------------------------------
>
> Ankur Tyagi (2):
> wireless-regdb: upgrade 2025.10.07 -> 2026.02.04
> tiff: ignore CVE-2025-61143, CVE-2025-61144 and CVE-2025-61145
>
> Daniel Turull (3):
> improve_kernel_cve_report: do not override backported-patch
> improve_kernel_cve_report: do not use custom version
> improve_kernel_cve_report: add option to read debugsources.zstd
>
> Eduardo Ferreira (1):
> go: Fix CVE-2025-61726.patch variable ordering
>
> Krupal Ka Patel (2):
> python3-setuptools: drop Windows launcher executables on non-mingw
> builds
> python3-pip: drop unused Windows distlib launcher templates
>
> Martin Jansa (1):
> lsb.py: strip ' from os-release file
>
> Peter Marko (1):
> inetutils: patch CVE-2026-28372
>
> Ryan Eatmon (1):
> oe-setup-build: Fix typo
>
> Trent Piepho (1):
> systemd-systemctl: Fix instance name parsing with escapes or periods
>
> Vijay Anusuri (3):
> freetype: Fix CVE-2026-23865
> python3-pip: Fix CVE-2026-1703
> inetutils: Fix CVE-2026-32746
>
> meta/lib/oe/lsb.py | 2 +-
> .../inetutils/inetutils/CVE-2026-28372.patch | 86 +++++++++++++++++++
> .../inetutils/inetutils/CVE-2026-32746.patch | 40 +++++++++
> .../inetutils/inetutils_2.5.bb | 2 +
> .../systemd/systemd-systemctl/systemctl | 7 +-
> .../go/go/CVE-2025-61726.patch | 21 ++---
> .../python/python3-pip/CVE-2026-1703.patch | 37 ++++++++
> .../python/python3-pip_24.0.bb | 13 ++-
> .../python/python3-setuptools_69.1.1.bb | 9 ++
> .../freetype/freetype/CVE-2026-23865.patch | 54 ++++++++++++
> .../freetype/freetype_2.13.2.bb | 1 +
> ....10.07.bb => wireless-regdb_2026.02.04.bb} | 2 +-
> meta/recipes-multimedia/libtiff/tiff_4.6.0.bb | 2 +-
> scripts/contrib/improve_kernel_cve_report.py | 37 +++++++-
> scripts/oe-setup-build | 2 +-
> 15 files changed, 295 insertions(+), 20 deletions(-)
> create mode 100644
> meta/recipes-connectivity/inetutils/inetutils/CVE-2026-28372.patch
> create mode 100644
> meta/recipes-connectivity/inetutils/inetutils/CVE-2026-32746.patch
> create mode 100644
> meta/recipes-devtools/python/python3-pip/CVE-2026-1703.patch
> create mode 100644
> meta/recipes-graphics/freetype/freetype/CVE-2026-23865.patch
> rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2025.10.07.bb
> => wireless-regdb_2026.02.04.bb} (94%)
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#233828):
> https://lists.openembedded.org/g/openembedded-core/message/233828
> Mute This Topic: https://lists.openembedded.org/mt/118492584/4947266
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [
> ernstp@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
>
[-- Attachment #2: Type: text/html, Size: 6774 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [OE-core][scarthgap 00/15] Pull request (cover letter only)
2026-03-25 11:12 ` Ernst Persson
@ 2026-03-25 11:14 ` Yoann Congal
0 siblings, 0 replies; 3+ messages in thread
From: Yoann Congal @ 2026-03-25 11:14 UTC (permalink / raw)
To: Ernst Persson; +Cc: openembedded-core, Paul Barker
On Wed Mar 25, 2026 at 12:12 PM CET, Ernst Persson wrote:
> What happened to [scarthgap][PATCHv2] busybox: fix for CVE-2026-26157,
> CVE-2026-26158
> from Hitendra Prajapati?
It came while I was building this series. I'll include it in the next
review cycle.
Regards,
> Den tis 24 mars 2026 kl 23:28 skrev Yoann Congal via lists.openembedded.org
> <yoann.congal=smile.fr@lists.openembedded.org>:
>
>> Those are the patches from the last patch review:
>>
>> https://lore.kernel.org/openembedded-core/cover.1773966414.git.yoann.congal@smile.fr/T/#t
>>
>> Passed a-full on autobuilder (with an AB-INT):
>> https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/3502
>> * qemuarm64-tc failed on what look like the bug 16058 – AB-INT: rust
>> do_test_compile/do_install segfault
>> * rebuilt successfully in
>> https://autobuilder.yoctoproject.org/valkyrie/#/builders/5/builds/3396
>>
>> The following changes since commit
>> 077f258eb2125359ffe3982c58433ee14cb21f09:
>>
>> busybox: Fixes CVE-2025-60876 (2026-03-16 09:21:34 +0000)
>>
>> are available in the Git repository at:
>>
>> https://git.openembedded.org/openembedded-core-contrib
>> stable/scarthgap-next
>>
>> https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-next
>>
>> for you to fetch changes up to 9f2a6cfda6a2305f52411ca8121f27c8a5a91fa2:
>>
>> python3-pip: drop unused Windows distlib launcher templates (2026-03-20
>> 10:56:43 +0100)
>>
>> ----------------------------------------------------------------
>>
>> Ankur Tyagi (2):
>> wireless-regdb: upgrade 2025.10.07 -> 2026.02.04
>> tiff: ignore CVE-2025-61143, CVE-2025-61144 and CVE-2025-61145
>>
>> Daniel Turull (3):
>> improve_kernel_cve_report: do not override backported-patch
>> improve_kernel_cve_report: do not use custom version
>> improve_kernel_cve_report: add option to read debugsources.zstd
>>
>> Eduardo Ferreira (1):
>> go: Fix CVE-2025-61726.patch variable ordering
>>
>> Krupal Ka Patel (2):
>> python3-setuptools: drop Windows launcher executables on non-mingw
>> builds
>> python3-pip: drop unused Windows distlib launcher templates
>>
>> Martin Jansa (1):
>> lsb.py: strip ' from os-release file
>>
>> Peter Marko (1):
>> inetutils: patch CVE-2026-28372
>>
>> Ryan Eatmon (1):
>> oe-setup-build: Fix typo
>>
>> Trent Piepho (1):
>> systemd-systemctl: Fix instance name parsing with escapes or periods
>>
>> Vijay Anusuri (3):
>> freetype: Fix CVE-2026-23865
>> python3-pip: Fix CVE-2026-1703
>> inetutils: Fix CVE-2026-32746
>>
>> meta/lib/oe/lsb.py | 2 +-
>> .../inetutils/inetutils/CVE-2026-28372.patch | 86 +++++++++++++++++++
>> .../inetutils/inetutils/CVE-2026-32746.patch | 40 +++++++++
>> .../inetutils/inetutils_2.5.bb | 2 +
>> .../systemd/systemd-systemctl/systemctl | 7 +-
>> .../go/go/CVE-2025-61726.patch | 21 ++---
>> .../python/python3-pip/CVE-2026-1703.patch | 37 ++++++++
>> .../python/python3-pip_24.0.bb | 13 ++-
>> .../python/python3-setuptools_69.1.1.bb | 9 ++
>> .../freetype/freetype/CVE-2026-23865.patch | 54 ++++++++++++
>> .../freetype/freetype_2.13.2.bb | 1 +
>> ....10.07.bb => wireless-regdb_2026.02.04.bb} | 2 +-
>> meta/recipes-multimedia/libtiff/tiff_4.6.0.bb | 2 +-
>> scripts/contrib/improve_kernel_cve_report.py | 37 +++++++-
>> scripts/oe-setup-build | 2 +-
>> 15 files changed, 295 insertions(+), 20 deletions(-)
>> create mode 100644
>> meta/recipes-connectivity/inetutils/inetutils/CVE-2026-28372.patch
>> create mode 100644
>> meta/recipes-connectivity/inetutils/inetutils/CVE-2026-32746.patch
>> create mode 100644
>> meta/recipes-devtools/python/python3-pip/CVE-2026-1703.patch
>> create mode 100644
>> meta/recipes-graphics/freetype/freetype/CVE-2026-23865.patch
>> rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2025.10.07.bb
>> => wireless-regdb_2026.02.04.bb} (94%)
>>
>>
>> -=-=-=-=-=-=-=-=-=-=-=-
>> Links: You receive all messages sent to this group.
>> View/Reply Online (#233828):
>> https://lists.openembedded.org/g/openembedded-core/message/233828
>> Mute This Topic: https://lists.openembedded.org/mt/118492584/4947266
>> Group Owner: openembedded-core+owner@lists.openembedded.org
>> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [
>> ernstp@gmail.com]
>> -=-=-=-=-=-=-=-=-=-=-=-
>>
>>
--
Yoann Congal
Smile ECS
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2026-03-25 11:14 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-03-24 22:27 [OE-core][scarthgap 00/15] Pull request (cover letter only) Yoann Congal
2026-03-25 11:12 ` Ernst Persson
2026-03-25 11:14 ` Yoann Congal
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox