[OE-core][scarthgap 0/8] Patch review

Yoann Congal via lists.openembedded.org Thu, 07 May 2026 23:26:50 -0700

Please review this set of changes for scarthgap and have comments back by
end of day Monday, May 11.


Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/3794

The following changes since commit 3c2f2b6f7af2bb743655859b64faae4786080cb9:

  libsoup: fix CVE-2025-32049 (2026-05-05 13:01:04 +0200)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

for you to fetch changes up to 7952d214393b6c5230ba115f63b6f6d245a728bc:

  glibc: Fix recipe bug that disabled stack protector (2026-05-08 01:06:24 
+0200)

----------------------------------------------------------------

Hitendra Prajapati (4):
  libarchive: fix for CVE-2026-4426
  vim: fix for CVE-2026-39881
  sudo: fix for CVE-2026-35535
  inetutils: fix for CVE-2026-32772

Ivan Nestlerode (1):
  glibc: Fix recipe bug that disabled stack protector

Moritz Haase (1):
  devtool: Disable gpg signing when setting up source tree repos

Peter Marko (1):
  coreutils: set CVE_PRODUCT

Xiangyu Chen (1):
  grub: update search parameter

 meta/recipes-bsp/grub/files/cfg               |   2 +-
 .../inetutils/inetutils/CVE-2026-32772.patch  | 172 ++++++++++++
 .../inetutils/inetutils_2.5.bb                |   1 +
 meta/recipes-core/coreutils/coreutils_9.4.bb  |   2 +
 meta/recipes-core/glibc/glibc.inc             |   3 -
 .../libarchive/libarchive/CVE-2026-4426.patch |  58 ++++
 .../libarchive/libarchive_3.7.9.bb            |   1 +
 .../sudo/files/CVE-2026-35535.patch           | 150 +++++++++++
 meta/recipes-extended/sudo/sudo_1.9.17p2.bb   |   1 +
 .../vim/files/CVE-2026-39881.patch            | 248 ++++++++++++++++++
 meta/recipes-support/vim/vim.inc              |   1 +
 scripts/lib/devtool/__init__.py               |   2 +-
 12 files changed, 636 insertions(+), 5 deletions(-)
 create mode 100644 
meta/recipes-connectivity/inetutils/inetutils/CVE-2026-32772.patch
 create mode 100644 
meta/recipes-extended/libarchive/libarchive/CVE-2026-4426.patch
 create mode 100644 meta/recipes-extended/sudo/files/CVE-2026-35535.patch
 create mode 100644 meta/recipes-support/vim/files/CVE-2026-39881.patch

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#236632): 
https://lists.openembedded.org/g/openembedded-core/message/236632
Mute This Topic: https://lists.openembedded.org/mt/119210345/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][scarthgap 0/8] Patch review

Reply via email to