On Mon, 2026-02-09 at 11:45 +0100, Yoann Congal wrote: > On Mon Feb 9, 2026 at 10:58 AM CET, Yoann Congal wrote: > > Those are the patches from the last patch review: > > https://lore.kernel.org/openembedded-core/[email protected]/T/#t > > (with added cherry-pick info, where appropriate) > > > > Passed a-full on autobuilder: > > https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/3181 > As Paul wrote on IRC, I forgot to mention that the meta-intel build > failed. But, IMHO it should not prevent the merge: > * meta-intel build also fail on master currently: See the latest nightly: > https://autobuilder.yoctoproject.org/valkyrie/#/builders/41/builds/2992 > => This new failure is not related to this series > * I notified the maintainer (Yogesh Tyagi, CC'd) last week, he is > working on reproducing & fixing it.
Hi Richard, Yoann, The build issue in meta-intel has been reported upstream: https://github.com/intel/media-driver/issues/1984 I agree we can merge this since it's clear that none of the patches in this series caused the issue. The following changes since commit fa31089d48cac2aa11279e932a77f4dbdc02c02d: libarchive: upgrade 3.8.4 -> 3.8.5 (2026-01-26 08:44:38 +0000) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib pbarker/whinlatter for you to fetch changes up to 000a044d285d93ded3280f27360165c943bb5d7e: inetutils: patch CVE-2026-24061 (2026-02-10 21:15:17 +0000) ---------------------------------------------------------------- Hugo SIMELIERE (1): libtasn1: Fix CVE-2025-13151 Jiaying Song (1): grub: fix CVE-2025-54770 CVE-2025-61661 CVE-2025-61662 CVE-2025-61663 CVE-2025-61664 Ken Kurematsu (1): libtheora: set CVE_PRODUCT Khai Dang (1): docbook-xml-dtd4: fix the fetching failure Mark Hatle (1): dpkg: Fix ADMINDIR Mathieu Dubois-Briand (2): oeqa/gitarchive: Fix git push URL parameter oeqa/gitarchive: Push tag before copying log files Peter Marko (13): go: upgrade 1.25.5 -> 1.25.6 zlib: ignore CVE-2026-22184 python3-urllib3: patch CVE-2026-21441 glibc: stable 2.42 branch updates dropbear: patch CVE-2025-14282 libpng: upgrade 1.6.53 -> 1.6.54 glib-2.0: patch CVE-2026-0988 libxml2: patch CVE-2026-0989 libxml2: patch CVE-2026-0990 libxml2: patch CVE-2026-0992 libxml2: add follow-up patch for CVE-2026-0992 expat: upgrade 2.7.3 -> 2.7.4 inetutils: patch CVE-2026-24061 Richard Purdie (2): scripts/oe-git-archive: Ensure new push parameter is specified pseudo: Update to 1.9.3 release meta/lib/oe/package_manager/deb/__init__.py | 4 + meta/lib/oeqa/selftest/cases/gitarchivetests.py | 4 +- meta/lib/oeqa/utils/gitarchive.py | 8 +- meta/recipes-bsp/grub/files/CVE-2025-54770.patch | 41 +++ meta/recipes-bsp/grub/files/CVE-2025-61661.patch | 40 +++ meta/recipes-bsp/grub/files/CVE-2025-61662.patch | 72 +++++ .../grub/files/CVE-2025-61663_61664.patch | 64 ++++ meta/recipes-bsp/grub/grub2.inc | 4 + .../inetutils/inetutils/CVE-2026-24061-01.patch | 38 +++ .../inetutils/inetutils/CVE-2026-24061-02.patch | 82 +++++ .../inetutils/inetutils_2.6.bb | 2 + .../dropbear/dropbear/CVE-2025-14282-01.patch | 280 +++++++++++++++++ .../dropbear/dropbear/CVE-2025-14282-02.patch | 97 ++++++ .../dropbear/dropbear/CVE-2025-14282-03.patch | 282 +++++++++++++++++ .../dropbear/dropbear/CVE-2025-14282-04.patch | 72 +++++ .../dropbear/dropbear/CVE-2025-14282-05.patch | 46 +++ meta/recipes-core/dropbear/dropbear_2025.88.bb | 5 + .../expat/{expat_2.7.3.bb => expat_2.7.4.bb} | 2 +- .../glib-2.0/files/CVE-2026-0988.patch | 58 ++++ meta/recipes-core/glib-2.0/glib.inc | 1 + meta/recipes-core/glibc/glibc-version.inc | 2 +- meta/recipes-core/glibc/glibc_2.42.bb | 2 +- .../libxml/libxml2/CVE-2026-0989.patch | 309 +++++++++++++++++++ .../libxml/libxml2/CVE-2026-0990.patch | 76 +++++ .../libxml/libxml2/CVE-2026-0992-01.patch | 49 +++ .../libxml/libxml2/CVE-2026-0992-02.patch | 336 +++++++++++++++++++++ .../libxml/libxml2/CVE-2026-0992-03.patch | 33 ++ meta/recipes-core/libxml/libxml2_2.14.6.bb | 5 + meta/recipes-core/zlib/zlib_1.3.1.bb | 2 + .../docbook-xml/docbook-xml-dtd4_4.5.bb | 10 +- ...tions-dirs.c-set_rootfs-was-not-checking-.patch | 46 +++ meta/recipes-devtools/dpkg/dpkg_1.22.21.bb | 1 + .../go/{go-1.25.5.inc => go-1.25.6.inc} | 2 +- ...native_1.25.5.bb => go-binary-native_1.25.6.bb} | 6 +- ...adian_1.25.5.bb => go-cross-canadian_1.25.6.bb} | 0 .../go/{go-cross_1.25.5.bb => go-cross_1.25.6.bb} | 0 ...go-crosssdk_1.25.5.bb => go-crosssdk_1.25.6.bb} | 0 .../{go-runtime_1.25.5.bb => go-runtime_1.25.6.bb} | 0 ...-content-based-hash-generation-less-pedan.patch | 8 +- ...n-using-cgo-on-386-call-C-sigaction-funct.patch | 4 +- ...06-cmd-go-make-GOROOT-precious-by-default.patch | 2 +- .../go/{go_1.25.5.bb => go_1.25.6.bb} | 0 meta/recipes-devtools/pseudo/pseudo_git.bb | 4 +- .../python/python3-urllib3/CVE-2026-21441.patch | 111 +++++++ .../python/python3-urllib3_2.5.0.bb | 1 + .../libpng/{libpng_1.6.53.bb => libpng_1.6.54.bb} | 4 +- .../libtheora/libtheora_1.2.0.bb | 2 + .../gnutls/libtasn1/CVE-2025-13151.patch | 30 ++ meta/recipes-support/gnutls/libtasn1_4.20.0.bb | 1 + scripts/lib/resulttool/store.py | 9 +- scripts/oe-git-archive | 2 +- 51 files changed, 2228 insertions(+), 31 deletions(-) create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-54770.patch create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-61661.patch create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-61662.patch create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-61663_61664.patch create mode 100644 meta/recipes-connectivity/inetutils/inetutils/CVE-2026-24061-01.patch create mode 100644 meta/recipes-connectivity/inetutils/inetutils/CVE-2026-24061-02.patch create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2025-14282-01.patch create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2025-14282-02.patch create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2025-14282-03.patch create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2025-14282-04.patch create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2025-14282-05.patch rename meta/recipes-core/expat/{expat_2.7.3.bb => expat_2.7.4.bb} (92%) create mode 100644 meta/recipes-core/glib-2.0/files/CVE-2026-0988.patch create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2026-0989.patch create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2026-0990.patch create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2026-0992-01.patch create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2026-0992-02.patch create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2026-0992-03.patch create mode 100644 meta/recipes-devtools/dpkg/dpkg/0001-lib-dpkg-options-dirs.c-set_rootfs-was-not-checking-.patch rename meta/recipes-devtools/go/{go-1.25.5.inc => go-1.25.6.inc} (91%) rename meta/recipes-devtools/go/{go-binary-native_1.25.5.bb => go-binary-native_1.25.6.bb} (79%) rename meta/recipes-devtools/go/{go-cross-canadian_1.25.5.bb => go-cross-canadian_1.25.6.bb} (100%) rename meta/recipes-devtools/go/{go-cross_1.25.5.bb => go-cross_1.25.6.bb} (100%) rename meta/recipes-devtools/go/{go-crosssdk_1.25.5.bb => go-crosssdk_1.25.6.bb} (100%) rename meta/recipes-devtools/go/{go-runtime_1.25.5.bb => go-runtime_1.25.6.bb} (100%) rename meta/recipes-devtools/go/{go_1.25.5.bb => go_1.25.6.bb} (100%) create mode 100644 meta/recipes-devtools/python/python3-urllib3/CVE-2026-21441.patch rename meta/recipes-multimedia/libpng/{libpng_1.6.53.bb => libpng_1.6.54.bb} (94%) create mode 100644 meta/recipes-support/gnutls/libtasn1/CVE-2025-13151.patch Best regards, -- Paul Barker
signature.asc
Description: This is a digitally signed message part
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#230976): https://lists.openembedded.org/g/openembedded-core/message/230976 Mute This Topic: https://lists.openembedded.org/mt/117716766/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
