From: Yoann Congal <yoann.congal@smile.fr>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/18] Patch review
Date: Mon, 6 Apr 2026 08:26:29 +0200 [thread overview]
Message-ID: <cover.1775435063.git.yoann.congal@smile.fr> (raw)
Please review this set of changes for kirkstone and have comments back by
end of day Wednesday, April 8.
Please note:
- This will be the last review cycle for kirkstone.
- If you expect a patch to get merged and it is not in this series ping
me as soon as possible.
- Some patches look OK to me and are included here but will only be
merged if some patches are sent/fixed in more recent branches:
- Pending a fix for the scarthgap branch:
- curl: patch CVE-2026-3784
- curl: patch CVE-2026-3783
- curl: patch CVE-2026-1965
- Pending an equivalement patch sent for whinlatter:
- vim: Fix CVE-2026-33412
- libarchive: Fix CVE-2026-4111
- Pending an equivalement patch sent for whinlatter and scarthgap
- python3: Fix CVE-2025-15282
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/3603
The following changes since commit c4194cadb1180da37514c55cd97827eb0269c8e2:
build-appliance-image: Update to kirkstone head revision (2026-03-20 09:58:53 +0000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
for you to fetch changes up to 38444a1a8eb2575e2ad273a922d9793e10c3858c:
scripts/install-buildtools: Update to 4.0.34 (2026-04-06 00:08:58 +0200)
----------------------------------------------------------------
Bruce Ashfield (2):
linux-yocto/5.15: update to v5.15.200
linux-yocto/5.15: update to v5.15.201
Fabien Thomas (1):
README.OE-Core: update contributor links and add kirkstone prefix
Hitendra Prajapati (1):
vim: Fix CVE-2026-33412
Jinfeng Wang (1):
tzdata/tzcode-native: upgrade 2025c -> 2026a
Paul Barker (1):
create-pull-request: Keep commit hash to be pulled in cover email
Peter Marko (1):
libtheora: mark CVE-2024-56431 as not vulnerable yet
Vijay Anusuri (10):
tzdata,tzcode-native: Upgrade 2025b -> 2025c
python3: Fix CVE-2025-15282
python3-pyopenssl: Fix CVE-2026-27448
python3-pyopenssl: Fix CVE-2026-27459
libarchive: Fix CVE-2026-4111
sqlite3: Fix CVE-2025-70873
curl: patch CVE-2025-14524
curl: patch CVE-2026-1965
curl: patch CVE-2026-3783
curl: patch CVE-2026-3784
Yoann Congal (1):
scripts/install-buildtools: Update to 4.0.34
README.OE-Core.md | 10 +-
.../python3-pyopenssl/CVE-2026-27448.patch | 125 +++++++
.../python3-pyopenssl/CVE-2026-27459.patch | 106 ++++++
.../python/python3-pyopenssl_22.0.0.bb | 5 +
.../python/python3/CVE-2025-15282.patch | 68 ++++
.../python/python3_3.10.19.bb | 1 +
.../libarchive/CVE-2026-4111-1.patch | 32 ++
.../libarchive/CVE-2026-4111-2.patch | 308 ++++++++++++++++++
.../libarchive/libarchive_3.6.2.bb | 2 +
meta/recipes-extended/timezone/timezone.inc | 6 +-
.../linux/linux-yocto-rt_5.15.bb | 6 +-
.../linux/linux-yocto-tiny_5.15.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +-
.../libtheora/libtheora_1.1.1.bb | 3 +
.../curl/curl/CVE-2025-14524.patch | 42 +++
.../curl/curl/CVE-2026-1965-1.patch | 98 ++++++
.../curl/curl/CVE-2026-1965-2.patch | 29 ++
.../curl/curl/CVE-2026-3783-pre1.patch | 66 ++++
.../curl/curl/CVE-2026-3783.patch | 157 +++++++++
.../curl/curl/CVE-2026-3784.patch | 73 +++++
meta/recipes-support/curl/curl_7.82.0.bb | 6 +
.../sqlite/files/CVE-2025-70873.patch | 33 ++
meta/recipes-support/sqlite/sqlite3_3.38.5.bb | 1 +
.../vim/files/CVE-2026-33412.patch | 61 ++++
meta/recipes-support/vim/vim.inc | 1 +
scripts/create-pull-request | 2 +-
scripts/install-buildtools | 4 +-
27 files changed, 1249 insertions(+), 28 deletions(-)
create mode 100644 meta/recipes-devtools/python/python3-pyopenssl/CVE-2026-27448.patch
create mode 100644 meta/recipes-devtools/python/python3-pyopenssl/CVE-2026-27459.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2025-15282.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2026-4111-1.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2026-4111-2.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2025-14524.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2026-1965-1.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2026-1965-2.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2026-3783-pre1.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2026-3783.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2026-3784.patch
create mode 100644 meta/recipes-support/sqlite/files/CVE-2025-70873.patch
create mode 100644 meta/recipes-support/vim/files/CVE-2026-33412.patch
next reply other threads:[~2026-04-06 6:27 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-06 6:26 Yoann Congal [this message]
2026-04-06 6:26 ` [OE-core][kirkstone 01/18] linux-yocto/5.15: update to v5.15.200 Yoann Congal
2026-04-06 6:26 ` [OE-core][kirkstone 02/18] linux-yocto/5.15: update to v5.15.201 Yoann Congal
2026-04-06 6:26 ` [OE-core][kirkstone 03/18] create-pull-request: Keep commit hash to be pulled in cover email Yoann Congal
2026-04-06 6:26 ` [OE-core][kirkstone 04/18] README.OE-Core: update contributor links and add kirkstone prefix Yoann Congal
2026-04-06 6:26 ` [OE-core][kirkstone 05/18] libtheora: mark CVE-2024-56431 as not vulnerable yet Yoann Congal
2026-04-06 6:26 ` [OE-core][kirkstone 06/18] tzdata,tzcode-native: Upgrade 2025b -> 2025c Yoann Congal
2026-04-06 6:26 ` [OE-core][kirkstone 07/18] tzdata/tzcode-native: upgrade 2025c -> 2026a Yoann Congal
2026-04-06 6:26 ` [OE-core][kirkstone 08/18] python3: Fix CVE-2025-15282 Yoann Congal
2026-04-06 9:09 ` Paul Barker
2026-04-06 11:44 ` Vijay Anusuri
2026-04-06 11:59 ` Paul Barker
2026-04-06 12:27 ` Vijay Anusuri
2026-04-06 6:26 ` [OE-core][kirkstone 09/18] python3-pyopenssl: Fix CVE-2026-27448 Yoann Congal
2026-04-06 6:26 ` [OE-core][kirkstone 10/18] python3-pyopenssl: Fix CVE-2026-27459 Yoann Congal
2026-04-06 6:26 ` [OE-core][kirkstone 11/18] libarchive: Fix CVE-2026-4111 Yoann Congal
2026-04-06 6:26 ` [OE-core][kirkstone 12/18] vim: Fix CVE-2026-33412 Yoann Congal
2026-04-06 6:26 ` [OE-core][kirkstone 13/18] sqlite3: Fix CVE-2025-70873 Yoann Congal
2026-04-06 6:26 ` [OE-core][kirkstone 14/18] curl: patch CVE-2025-14524 Yoann Congal
2026-04-06 6:26 ` [OE-core][kirkstone 15/18] curl: patch CVE-2026-1965 Yoann Congal
2026-04-06 6:26 ` [OE-core][kirkstone 16/18] curl: patch CVE-2026-3783 Yoann Congal
2026-04-06 6:26 ` [OE-core][kirkstone 17/18] curl: patch CVE-2026-3784 Yoann Congal
2026-04-06 6:26 ` [OE-core][kirkstone 18/18] scripts/install-buildtools: Update to 4.0.34 Yoann Congal
-- strict thread matches above, loose matches on Subject: below --
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
2023-08-02 12:04 ` Marta Rybczynska
2022-10-04 15:50 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1775435063.git.yoann.congal@smile.fr \
--to=yoann.congal@smile.fr \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox