[OE-core][kirkstone 00/22] Patch review

Steve Sakoman Tue, 25 Feb 2025 06:30:14 -0800

Please review this set of hcanges for kirkstone and have comments back by
end of day Thursday, February 27


Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1076

The following changes since commit 573f5b2d8fec9f8a4ed17e836ef3feeb6de62e5a:

  procps: replaced one use of fputs(3) with a write(2) call (2025-02-19 
06:43:20 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Archana Polampalli (5):
  gstreamer1.0-rtsp-server: fix CVE-2024-44331
  ffmpeg: fix CVE-2024-36618
  ffmpeg: fix CVE-2024-28661
  ffmpeg: fix CVE-2024-35369
  ffmpeg: fix CVE-2025-25473

Carlos Dominguez (1):
  u-boot: Fix CVE-2022-30767

Divya Chellam (1):
  vim: Upgrade 9.1.0764 -> 9.1.1043

Hitendra Prajapati (1):
  libcap: fix CVE-2025-1390

Hongxu Jia (6):
  u-boot: fix CVE-2024-57254
  u-boot: fix CVE-2024-57255
  u-boot: fix CVE-2024-57256
  u-boot: fix CVE-2024-57257
  u-boot: fix CVE-2024-57258
  u-boot: fix CVE-2024-57259

Kai Kang (2):
  Revert "ovmf: Fix CVE-2023-45237"
  Revert "ovmf: Fix CVE-2023-45236"

Peter Marko (5):
  libxml2: fix compilation of explicit child axis in pattern
  libxml2: patch CVE-2024-56171
  libxml2: patch CVE-2025-24928
  ffmpeg: ignore 5 CVEs
  ffmpeg: ignore CVE-2024-7272

Sakib Sajal (1):
  u-boot: fix CVE-2022-2347 and CVE-2022-30790

 .../u-boot/files/0001-CVE-2022-30767.patch    |   44 +
 .../u-boot/files/CVE-2022-2347_1.patch        |  129 ++
 .../u-boot/files/CVE-2022-2347_2.patch        |   66 +
 .../u-boot/files/CVE-2022-30790.patch         |  149 ++
 .../u-boot/files/CVE-2024-57254.patch         |   47 +
 .../u-boot/files/CVE-2024-57255.patch         |   53 +
 .../u-boot/files/CVE-2024-57256.patch         |   51 +
 .../u-boot/files/CVE-2024-57257.patch         |  228 +++
 .../u-boot/files/CVE-2024-57258-1.patch       |   47 +
 .../u-boot/files/CVE-2024-57258-2.patch       |   43 +
 .../u-boot/files/CVE-2024-57258-3.patch       |   40 +
 .../u-boot/files/CVE-2024-57259.patch         |   41 +
 meta/recipes-bsp/u-boot/u-boot_2022.01.bb     |   12 +
 ...x-compilation-of-explicit-child-axis.patch |   31 +
 .../libxml/libxml2/CVE-2024-56171.patch       |   42 +
 .../libxml/libxml2/CVE-2025-24928.patch       |   58 +
 meta/recipes-core/libxml/libxml2_2.9.14.bb    |    3 +
 .../ovmf/ovmf/CVE-2023-45236.patch            |  829 -----------
 .../ovmf/ovmf/CVE-2023-45237-0001.patch       |   78 -
 .../ovmf/ovmf/CVE-2023-45237-0002.patch       | 1288 -----------------
 meta/recipes-core/ovmf/ovmf_git.bb            |    3 -
 .../ffmpeg/ffmpeg/CVE-2024-28661.patch        |   40 +
 .../ffmpeg/ffmpeg/CVE-2024-35369.patch        |   38 +
 .../ffmpeg/ffmpeg/CVE-2024-36618.patch        |   36 +
 .../ffmpeg/ffmpeg/CVE-2025-25473.patch        |   36 +
 .../recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb |   27 +
 .../CVE-2024-44331.patch                      |   44 +
 .../gstreamer1.0-rtsp-server_1.20.7.bb        |    4 +-
 .../libcap/files/CVE-2025-1390.patch          |   36 +
 meta/recipes-support/libcap/libcap_2.66.bb    |    1 +
 meta/recipes-support/vim/vim.inc              |    4 +-
 31 files changed, 1347 insertions(+), 2201 deletions(-)
 create mode 100644 meta/recipes-bsp/u-boot/files/0001-CVE-2022-30767.patch
 create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2022-2347_1.patch
 create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2022-2347_2.patch
 create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2022-30790.patch
 create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2024-57254.patch
 create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2024-57255.patch
 create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2024-57256.patch
 create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2024-57257.patch
 create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2024-57258-1.patch
 create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2024-57258-2.patch
 create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2024-57258-3.patch
 create mode 100644 meta/recipes-bsp/u-boot/files/CVE-2024-57259.patch
 create mode 100644 
meta/recipes-core/libxml/libxml2/0001-pattern-Fix-compilation-of-explicit-child-axis.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2024-56171.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-24928.patch
 delete mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45236.patch
 delete mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45237-0001.patch
 delete mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45237-0002.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-28661.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35369.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36618.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-25473.patch
 create mode 100644 
meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server/CVE-2024-44331.patch
 create mode 100644 meta/recipes-support/libcap/files/CVE-2025-1390.patch

-- 
2.43.0

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#211885): 
https://lists.openembedded.org/g/openembedded-core/message/211885
Mute This Topic: https://lists.openembedded.org/mt/111377440/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 00/22] Patch review

Reply via email to