Please review this set of changes for whinlatter and have comments back by end of day Monday, February 16.
Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/3205 Note: The only difference between 198bfb003b5 (this build) and ea633ee08 (this review) is that I added cherry-pick info in some commits (IMHO, it is not worth restarting an a-full for this. But you can ask for it if you want) The following changes since commit 000a044d285d93ded3280f27360165c943bb5d7e: inetutils: patch CVE-2026-24061 (2026-02-10 21:15:17 +0000) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/whinlatter-nut https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/whinlatter-nut for you to fetch changes up to ea633ee08638624e18ec14ca69ace3a72b498a31: devtool: deploy: Reset PATH after strip_execs (2026-02-12 23:17:04 +0000) ---------------------------------------------------------------- Adarsh Jagadish Kamini (1): avahi: Backport fix CVE-2025-68276 Aleksandar Nikolic (1): scripts/install-buildtools: Update to 5.3.1 Amaury Couderc (2): avahi: patch CVE-2025-68468 avahi: patch CVE-2025-68471 Ankur Tyagi (3): mobile-broadband-provider-info: upgrade 20250613 -> 20251101 avahi: patch CVE-2026-24401 vim: ignore CVE-2025-66476 Bruce Ashfield (2): linux-yocto/6.12: update to v6.12.69 linux-yocto/6.12: update CVE exclusions (6.12.69) Dragomir, Daniel (2): wic/engine: fix copying directories into wic image with ext* partition oeqa/selftest/wic: test recursive dir copy on ext partitions Hongxu Jia (2): webkitgtk: workaround compile failure for large debug symbols webkitgtk: upgrade 2.50.0 -> 2.50.4 Paul Barker (2): devtool: deploy: Run pseudo with correct PATH devtool: deploy: Reset PATH after strip_execs Peter Marko (4): openssl: upgrade 3.5.4 -> 3.5.5 ffmpeg: ignore 10 CVEs libsndfile1: patch CVE-2025-56226 go: upgrade 1.25.6 -> 1.25.7 .../distro/include/yocto-space-optimize.inc | 3 - meta/lib/oeqa/selftest/cases/wic.py | 65 + meta/recipes-connectivity/avahi/avahi_0.8.bb | 4 + .../avahi/files/CVE-2025-68276.patch | 68 + .../avahi/files/CVE-2025-68468.patch | 32 + .../avahi/files/CVE-2025-68471.patch | 36 + .../avahi/files/CVE-2026-24401.patch | 74 + ...obile-broadband-provider-info_20251101.bb} | 2 +- ...ke-history-reporting-when-test-fails.patch | 23 +- .../0001-extend-check_cwm-test-timeout.patch | 2 +- .../{openssl_3.5.4.bb => openssl_3.5.5.bb} | 2 +- .../go/{go-1.25.6.inc => go-1.25.7.inc} | 2 +- ...e_1.25.6.bb => go-binary-native_1.25.7.bb} | 6 +- ..._1.25.6.bb => go-cross-canadian_1.25.7.bb} | 0 ...{go-cross_1.25.6.bb => go-cross_1.25.7.bb} | 0 ...osssdk_1.25.6.bb => go-crosssdk_1.25.7.bb} | 0 ...runtime_1.25.6.bb => go-runtime_1.25.7.bb} | 0 .../go/{go_1.25.6.bb => go_1.25.7.bb} | 0 .../linux/cve-exclusion_6.12.inc | 13004 ++++++++++------ .../linux/linux-yocto-rt_6.12.bb | 6 +- .../linux/linux-yocto-tiny_6.12.bb | 6 +- meta/recipes-kernel/linux/linux-yocto_6.12.bb | 28 +- meta/recipes-multimedia/ffmpeg/ffmpeg_8.0.bb | 7 + .../libsndfile1/CVE-2025-56226-01.patch | 36 + .../libsndfile1/CVE-2025-56226-02.patch | 43 + .../libsndfile/libsndfile1_1.2.2.bb | 2 + ...able-to-control-macro-__PAS_ALWAYS_I.patch | 8 +- ...spection.cmake-prefix-variables-obta.patch | 2 +- ...-on-RISCV-https-bugs.webkit.org-show.patch | 4 +- .../webkit/webkitgtk/fix-ftbfs-riscv64.patch | 24 +- .../webkitgtk/fix-musl-compilation.patch | 94 - ...ceof_handler_for_32-bit_C-loop_build.patch | 122 - .../webkit/webkitgtk/reproducibility.patch | 2 +- .../webkit/webkitgtk/sys_futex.patch | 11 +- .../webkit/webkitgtk/t6-not-declared.patch | 6 +- ...ebkitgtk_2.50.0.bb => webkitgtk_2.50.4.bb} | 15 +- meta/recipes-support/vim/vim_9.1.bb | 2 + scripts/install-buildtools | 4 +- scripts/lib/devtool/__init__.py | 3 +- scripts/lib/devtool/deploy.py | 9 +- scripts/lib/wic/engine.py | 63 +- 41 files changed, 8390 insertions(+), 5430 deletions(-) create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2025-68276.patch create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2025-68468.patch create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2025-68471.patch create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2026-24401.patch rename meta/recipes-connectivity/mobile-broadband-provider-info/{mobile-broadband-provider-info_20250613.bb => mobile-broadband-provider-info_20251101.bb} (91%) rename meta/recipes-connectivity/openssl/{openssl_3.5.4.bb => openssl_3.5.5.bb} (99%) rename meta/recipes-devtools/go/{go-1.25.6.inc => go-1.25.7.inc} (91%) rename meta/recipes-devtools/go/{go-binary-native_1.25.6.bb => go-binary-native_1.25.7.bb} (79%) rename meta/recipes-devtools/go/{go-cross-canadian_1.25.6.bb => go-cross-canadian_1.25.7.bb} (100%) rename meta/recipes-devtools/go/{go-cross_1.25.6.bb => go-cross_1.25.7.bb} (100%) rename meta/recipes-devtools/go/{go-crosssdk_1.25.6.bb => go-crosssdk_1.25.7.bb} (100%) rename meta/recipes-devtools/go/{go-runtime_1.25.6.bb => go-runtime_1.25.7.bb} (100%) rename meta/recipes-devtools/go/{go_1.25.6.bb => go_1.25.7.bb} (100%) create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2025-56226-01.patch create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2025-56226-02.patch delete mode 100644 meta/recipes-sato/webkit/webkitgtk/fix-musl-compilation.patch delete mode 100644 meta/recipes-sato/webkit/webkitgtk/fix_op_instanceof_handler_for_32-bit_C-loop_build.patch rename meta/recipes-sato/webkit/{webkitgtk_2.50.0.bb => webkitgtk_2.50.4.bb} (93%)
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#231082): https://lists.openembedded.org/g/openembedded-core/message/231082 Mute This Topic: https://lists.openembedded.org/mt/117789163/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
