Please review this set of changes for scarthgap and have comments back by end of day Thursday, January 22.
This scarthgap patch review request is aimed at getting kirkstone 4.0.33 built on monday: * Ensuring fixes in kirkstone have their equivalent in more recent stable branches. * pseudo upgrade to fix 16117 – AB-INT: do_package: Error executing a python function in exec_func_python() autogenerated https://bugzilla.yoctoproject.org/show_bug.cgi?id=16117 Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/3091 via poky-contrib stable/scarthgap-nut. The tip of OE-Core is at: https://git.yoctoproject.org/poky-contrib/commit/?h=stable/scarthgap-nut&id=a7e7530d8ece2ee31ffcb220264cc9c52616b526 The following changes since commit 6988157ad983978ffd6b12bcefedd4deaffdbbd1: build-appliance-image: Update to scarthgap head revision (2026-01-02 06:57:59 -0800) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut for you to fetch changes up to 199c6518f5e363a2d8648bdfe14233afd9b0ba6e: pseudo: Update to pull in 'makewrappers: Fix EFAULT implementation' (2026-01-19 17:44:48 +0100) ---------------------------------------------------------------- Paul Barker (1): pseudo: Add hard sstate dependencies for pseudo-native Peter Marko (16): python3: patch CVE-2025-12084 python3: patch CVE-2025-13836 util-linux: patch CVE-2025-14104 qemu: ignore CVE-2025-54566 and CVE-2025-54567 glib-2.0: patch CVE-2025-13601 glib-2.0: patch CVE-2025-14087 glib-2.0: patch CVE-2025-14512 dropbear: patch CVE-2019-6111 libpcap: patch CVE-2025-11961 libpcap: patch CVE-2025-11964 cups: allow unknown directives in conf files libarchive: fix CVE-2025-60753 regression curl: patch CVE-2025-14017 curl: patch CVE-2025-14819 curl: patch CVE-2025-15079 curl: patch CVE-2025-15224 Richard Purdie (4): pseudo: Upgrade to version 1.9.1 pseudo: Update to pull in memleak fix pseudo: Update to pull in openat2 and efault return code changes pseudo: Update to pull in 'makewrappers: Fix EFAULT implementation' Robert Yang (1): pseudo: 1.9.0 -> 1.9.2 .../libpcap/libpcap/CVE-2025-11961-01.patch | 38 ++ .../libpcap/libpcap/CVE-2025-11961-02.patch | 433 ++++++++++++++++++ .../libpcap/libpcap/CVE-2025-11964.patch | 33 ++ .../libpcap/libpcap_1.10.4.bb | 3 + .../dropbear/dropbear/CVE-2019-6111.patch | 157 +++++++ .../recipes-core/dropbear/dropbear_2022.83.bb | 1 + .../glib-2.0/glib-2.0/CVE-2025-13601-01.patch | 125 +++++ .../glib-2.0/glib-2.0/CVE-2025-13601-02.patch | 128 ++++++ .../glib-2.0/glib-2.0/CVE-2025-14087-01.patch | 69 +++ .../glib-2.0/glib-2.0/CVE-2025-14087-02.patch | 240 ++++++++++ .../glib-2.0/glib-2.0/CVE-2025-14087-03.patch | 150 ++++++ .../glib-2.0/glib-2.0/CVE-2025-14512.patch | 70 +++ meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb | 6 + meta/recipes-core/util-linux/util-linux.inc | 2 + .../util-linux/CVE-2025-14104-01.patch | 33 ++ .../util-linux/CVE-2025-14104-02.patch | 28 ++ .../0001-configure-Prune-PIE-flags.patch | 44 -- .../pseudo/files/glibc238.patch | 65 --- .../pseudo/files/older-glibc-symbols.patch | 4 +- meta/recipes-devtools/pseudo/pseudo.inc | 7 + meta/recipes-devtools/pseudo/pseudo_git.bb | 6 +- .../python/python3/CVE-2025-12084.patch | 144 ++++++ .../python/python3/CVE-2025-13836.patch | 162 +++++++ .../python/python3_3.12.12.bb | 2 + meta/recipes-devtools/qemu/qemu.inc | 3 + meta/recipes-extended/cups/cups.inc | 1 + ...pping-scheduler-on-unknown-directive.patch | 43 ++ ...25-60753.patch => CVE-2025-60753-01.patch} | 0 .../libarchive/CVE-2025-60753-02.patch | 46 ++ .../libarchive/libarchive_3.7.9.bb | 3 +- ...st-qual-fix-or-silence-compiler-warn.patch | 85 ++++ .../curl/curl/CVE-2025-14017.patch | 115 +++++ .../curl/curl/CVE-2025-14819.patch | 73 +++ .../curl/curl/CVE-2025-15079.patch | 32 ++ .../curl/curl/CVE-2025-15224.patch | 31 ++ meta/recipes-support/curl/curl_8.7.1.bb | 5 + 36 files changed, 2271 insertions(+), 116 deletions(-) create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-01.patch create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-02.patch create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2019-6111.patch create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-13601-01.patch create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-13601-02.patch create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-01.patch create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-02.patch create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-03.patch create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14512.patch create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2025-14104-01.patch create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2025-14104-02.patch delete mode 100644 meta/recipes-devtools/pseudo/files/0001-configure-Prune-PIE-flags.patch delete mode 100644 meta/recipes-devtools/pseudo/files/glibc238.patch create mode 100644 meta/recipes-devtools/python/python3/CVE-2025-12084.patch create mode 100644 meta/recipes-devtools/python/python3/CVE-2025-13836.patch create mode 100644 meta/recipes-extended/cups/cups/0001-conf.c-Fix-stopping-scheduler-on-unknown-directive.patch rename meta/recipes-extended/libarchive/libarchive/{CVE-2025-60753.patch => CVE-2025-60753-01.patch} (100%) create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-60753-02.patch create mode 100644 meta/recipes-support/curl/curl/0001-build-enable-Wcast-qual-fix-or-silence-compiler-warn.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2025-14017.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2025-14819.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2025-15079.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2025-15224.patch
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#229678): https://lists.openembedded.org/g/openembedded-core/message/229678 Mute This Topic: https://lists.openembedded.org/mt/117361705/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
