From: Yoann Congal <yoann.congal@smile.fr>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap v2 00/41] Patch review
Date: Wed, 24 Jun 2026 00:25:59 +0200 [thread overview]
Message-ID: <cover.1782252148.git.yoann.congal@smile.fr> (raw)
Please review this set of changes for scarthgap and have comments back by
end of day Thursday, June 25.
This v2 adds the kernel v6.6.142 upgrade and patches fixing failure
triggered during integration:
* oeqa/runtime/parselogs: update pci BAR ignore for kernel 6.10
* linux-yocto/6.6: update to v6.6.129
* linux-yocto/6.6: update to v6.6.130
* linux-yocto/6.6: update to v6.6.132
* linux-yocto/6.6: update to v6.6.134
* linux-yocto/6.6: update to v6.6.135
* linux-yocto/6.6: update to v6.6.136
* linux-yocto/6.6: update to v6.6.137
* linux-yocto/6.6: update to v6.6.138
* linux-yocto/6.6: update to v6.6.140
* linux-yocto/6.6: update to v6.6.141
* linux-yocto/6.6: update to v6.6.142
* lttng-modules: Fix trace_hrtimer_start build failure
* linux-yocto/6.6: genericarm64 fix configuration audit warning
* linux-yocto/6.6: address ltp hang
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/4070
* oe-selftest-debian failed
* on a github.com access glitch (I'll report it if that happen again)
* and a graphical VM: This is on Ubuntu 26.04, not yet officially
supported, I'll investigate this before the "official" support.
Retried as https://autobuilder.yoctoproject.org/valkyrie/?#/builders/35/builds/4131
The following changes since commit d4950d6df0867dcd5c380d83ac4d138ec968e698:
python_setuptools_build_meta: clean the build directory in configure (2026-06-17 01:09:26 +0200)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-review
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-review
for you to fetch changes up to 737293bead3e7b994347e47f09bc69437479d50c:
linux-yocto/6.6: address ltp hang (2026-06-23 20:33:35 +0200)
----------------------------------------------------------------
Adarsh Jagadish Kamini (3):
openssh: fix CVE-2026-35386
libsolv: fix CVE-2026-9150
python3: CVE-2026-3087 not applicable
Bruce Ashfield (14):
oeqa/runtime/parselogs: update pci BAR ignore for kernel 6.10
linux-yocto/6.6: update to v6.6.129
linux-yocto/6.6: update to v6.6.130
linux-yocto/6.6: update to v6.6.132
linux-yocto/6.6: update to v6.6.134
linux-yocto/6.6: update to v6.6.135
linux-yocto/6.6: update to v6.6.136
linux-yocto/6.6: update to v6.6.137
linux-yocto/6.6: update to v6.6.138
linux-yocto/6.6: update to v6.6.140
linux-yocto/6.6: update to v6.6.141
linux-yocto/6.6: update to v6.6.142
linux-yocto/6.6: genericarm64 fix configuration audit warning
linux-yocto/6.6: address ltp hang
Deepak Rathore (2):
binutils: Fix CVE-2025-69644
qemu: Fix CVE-2024-6519
He Zhe (1):
lttng-modules: Fix trace_hrtimer_start build failure
Himanshu Jadon (2):
apr-util: Add CVE_PRODUCT to support product name
apr: Add CVE_PRODUCT to support product name
Hitendra Prajapati (1):
libinput: fix for CVE-2026-50292
Jonas Munsin (1):
bzip2: set CVE_PRODUCT
Mark Hatle (1):
pseudo: Update to version 1.9.8
Naman Jain (1):
tiff: fix CVE-2026-4775
Peter Marko (1):
openssl: upgrade 3.5.6 -> 3.5.7
Ross Burton (2):
oeqa/core/runner: stub addDuration in OETestResult
classes/gtk-icon-cache: fix libdir passed to the postrm intercept
Shubham Pushpkar (1):
dpkg: Fix CVE-2026-2219
Sudhir Dumbhare (10):
go: fix CVE-2025-58183
go: fix CVE-2026-25679
go: fix CVE-2026-32288
python3: Fix CVE-2026-3644 and CVE-2026-0672
python3: Fix CVE-2026-4519 and CVE-2026-4786
python3: Fix CVE-2026-6019
python3: Fix CVE-2025-13462
go-binary-native: set status for CVE-2026-39836
go: set status for CVE-2026-39836
rust,libstd-rs: set status for CVE-2024-3566
Yoann Congal (1):
gdb: backport a patch to fix static_assert in recent GCC
meta/classes-recipe/gtk-icon-cache.bbclass | 2 +-
meta/lib/oeqa/core/runner.py | 4 +
.../cases/parselogs-ignores-qemuall.txt | 8 +
...ch => CVE-2025-61984_CVE-2026-35386.patch} | 2 +-
.../openssh/openssh_9.6p1.bb | 2 +-
...1-Configure-do-not-tweak-mips-cflags.patch | 2 +-
.../{openssl_3.5.6.bb => openssl_3.5.7.bb} | 4 +-
.../binutils/binutils-2.42.inc | 2 +-
...ch => CVE-2025-69644-CVE-2025-69647.patch} | 3 +-
.../dpkg/dpkg/CVE-2026-2219.patch | 47 +++++
meta/recipes-devtools/dpkg/dpkg_1.22.0.bb | 1 +
meta/recipes-devtools/gdb/gdb.inc | 1 +
...gnu23-compatibility-wrt-static_asser.patch | 75 ++++++++
meta/recipes-devtools/go/go-1.22.12.inc | 4 +
.../go/go-binary-native_1.22.12.bb | 1 +
.../go/go/CVE-2025-58183.patch | 107 ++++++++++++
.../go/go/CVE-2026-25679.patch | 74 ++++++++
.../go/go/CVE-2026-32288.patch | 162 ++++++++++++++++++
meta/recipes-devtools/pseudo/pseudo_git.bb | 4 +-
.../python/python3/CVE-2025-13462.patch | 142 +++++++++++++++
.../python3/CVE-2026-3644_CVE-2026-0672.patch | 154 +++++++++++++++++
.../python3/CVE-2026-4519_CVE-2026-4786.patch | 66 +++++++
.../python/python3/CVE-2026-4519_p1.patch | 107 ++++++++++++
.../python/python3/CVE-2026-4519_p2.patch | 159 +++++++++++++++++
.../python/python3/CVE-2026-6019_p1.patch | 133 ++++++++++++++
.../python/python3/CVE-2026-6019_p2.patch | 129 ++++++++++++++
.../python/python3_3.12.13.bb | 8 +
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2024-6519.patch | 51 ++++++
meta/recipes-devtools/rust/rust-source.inc | 1 +
meta/recipes-extended/bzip2/bzip2_1.0.8.bb | 2 +
.../libsolv/libsolv/CVE-2026-9150.patch | 68 ++++++++
.../libsolv/libsolv_0.7.28.bb | 1 +
.../wayland/libinput/CVE-2026-50292-01.patch | 109 ++++++++++++
.../wayland/libinput/CVE-2026-50292-02.patch | 99 +++++++++++
.../wayland/libinput_1.25.0.bb | 2 +
.../linux/linux-yocto-rt_6.6.bb | 6 +-
.../linux/linux-yocto-tiny_6.6.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_6.6.bb | 28 +--
...ce-trace-noise-in-hrtimer_start-v7.1.patch | 103 +++++++++++
.../lttng/lttng-modules_2.13.12.bb | 6 +-
.../libtiff/tiff/CVE-2026-4775.patch | 59 +++++++
meta/recipes-multimedia/libtiff/tiff_4.6.0.bb | 1 +
meta/recipes-support/apr/apr-util_1.6.3.bb | 3 +
meta/recipes-support/apr/apr_1.7.5.bb | 3 +
45 files changed, 1920 insertions(+), 32 deletions(-)
rename meta/recipes-connectivity/openssh/openssh/{CVE-2025-61984.patch => CVE-2025-61984_CVE-2026-35386.patch} (99%)
rename meta/recipes-connectivity/openssl/{openssl_3.5.6.bb => openssl_3.5.7.bb} (98%)
rename meta/recipes-devtools/binutils/binutils/{CVE-2025-69647.patch => CVE-2025-69644-CVE-2025-69647.patch} (96%)
create mode 100644 meta/recipes-devtools/dpkg/dpkg/CVE-2026-2219.patch
create mode 100644 meta/recipes-devtools/gdb/gdb/0001-opcodes-fix-std-gnu23-compatibility-wrt-static_asser.patch
create mode 100644 meta/recipes-devtools/go/go/CVE-2025-58183.patch
create mode 100644 meta/recipes-devtools/go/go/CVE-2026-25679.patch
create mode 100644 meta/recipes-devtools/go/go/CVE-2026-32288.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2025-13462.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-3644_CVE-2026-0672.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-4519_CVE-2026-4786.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-4519_p1.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-4519_p2.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-6019_p1.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-6019_p2.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-6519.patch
create mode 100644 meta/recipes-extended/libsolv/libsolv/CVE-2026-9150.patch
create mode 100644 meta/recipes-graphics/wayland/libinput/CVE-2026-50292-01.patch
create mode 100644 meta/recipes-graphics/wayland/libinput/CVE-2026-50292-02.patch
create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-fix-hrtimer-Reduce-trace-noise-in-hrtimer_start-v7.1.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2026-4775.patch
next reply other threads:[~2026-06-23 22:27 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-23 22:25 Yoann Congal [this message]
2026-06-23 22:26 ` [OE-core][scarthgap v2 01/41] pseudo: Update to version 1.9.8 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 02/41] openssh: fix CVE-2026-35386 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 03/41] tiff: fix CVE-2026-4775 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 04/41] go: fix CVE-2025-58183 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 05/41] go: fix CVE-2026-25679 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 06/41] go: fix CVE-2026-32288 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 07/41] binutils: Fix CVE-2025-69644 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 08/41] python3: Fix CVE-2026-3644 and CVE-2026-0672 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 09/41] python3: Fix CVE-2026-4519 and CVE-2026-4786 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 10/41] python3: Fix CVE-2026-6019 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 11/41] python3: Fix CVE-2025-13462 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 12/41] qemu: Fix CVE-2024-6519 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 13/41] dpkg: Fix CVE-2026-2219 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 14/41] libsolv: fix CVE-2026-9150 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 15/41] openssl: upgrade 3.5.6 -> 3.5.7 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 16/41] libinput: fix for CVE-2026-50292 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 17/41] gdb: backport a patch to fix static_assert in recent GCC Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 18/41] oeqa/core/runner: stub addDuration in OETestResult Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 19/41] classes/gtk-icon-cache: fix libdir passed to the postrm intercept Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 20/41] python3: CVE-2026-3087 not applicable Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 21/41] bzip2: set CVE_PRODUCT Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 22/41] apr-util: Add CVE_PRODUCT to support product name Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 23/41] apr: " Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 24/41] go-binary-native: set status for CVE-2026-39836 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 25/41] go: " Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 26/41] rust,libstd-rs: set status for CVE-2024-3566 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 27/41] oeqa/runtime/parselogs: update pci BAR ignore for kernel 6.10 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 28/41] linux-yocto/6.6: update to v6.6.129 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 29/41] linux-yocto/6.6: update to v6.6.130 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 30/41] linux-yocto/6.6: update to v6.6.132 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 31/41] linux-yocto/6.6: update to v6.6.134 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 32/41] linux-yocto/6.6: update to v6.6.135 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 33/41] linux-yocto/6.6: update to v6.6.136 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 34/41] linux-yocto/6.6: update to v6.6.137 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 35/41] linux-yocto/6.6: update to v6.6.138 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 36/41] linux-yocto/6.6: update to v6.6.140 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 37/41] linux-yocto/6.6: update to v6.6.141 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 38/41] linux-yocto/6.6: update to v6.6.142 Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 39/41] lttng-modules: Fix trace_hrtimer_start build failure Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 40/41] linux-yocto/6.6: genericarm64 fix configuration audit warning Yoann Congal
2026-06-23 22:26 ` [OE-core][scarthgap v2 41/41] linux-yocto/6.6: address ltp hang Yoann Congal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1782252148.git.yoann.congal@smile.fr \
--to=yoann.congal@smile.fr \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox