Those are the patches from the last patch review:
https://lore.kernel.org/openembedded-core/[email protected]/
... with "nfs-utils: fix CVE-2025-12801" removed,
see 
https://lore.kernel.org/openembedded-core/[email protected]/

Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/4001
qemuarm64-ptest got impacted by 16267 – [scarthgap] AB-INT PTEST: python3 
failure (test_wrong_cert_tls13)
Succesfully rebuilt in 
https://autobuilder.yoctoproject.org/valkyrie/?#/builders/61/builds/3824>

The following changes since commit e2864ea1ac022e43af92badc701fa1e2a9571f46:

  pseudo: Upgrade 1.9.6 -> 1.9.7 (2026-06-05 11:02:52 +0200)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-next
  
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-next

for you to fetch changes up to dd74c1388d5bfefd2adcdb6abd622297138e2eb1:

  meta/lib/oe/package.py: fix path to kernel sources in save_debugsources_info 
(2026-06-15 11:54:08 +0200)

----------------------------------------------------------------

Enrico Jörns (1):
  devtool: prevent 'devtool modify -n' from corrupting kernel Git repos

Hugo SIMELIERE (Schneider Electric) (3):
  busybox: Fix CVE-2026-29004
  xz: Fix CVE-2026-34743
  util-linux: Fix CVE-2026-27456

João Marcos Costa (Schneider Electric) (1):
  meta/lib/oe/package.py: fix path to kernel sources in
    save_debugsources_info

Theo Gaige (Schneider Electric) (14):
  go: patch CVE-2026-27142
  go: patch CVE-2026-32280
  go: patch CVE-2026-32283
  go: patch CVE-2026-32289
  go: patch CVE-2026-33811
  go: patch CVE-2026-39817
  go: patch CVE-2026-39819
  go: patch CVE-2026-39820
  go: patch CVE-2026-39825
  go: patch CVE-2026-39826
  go: patch CVE-2026-42499
  go: patch CVE-2026-42501
  go: patch CVE-2026-42504
  go: patch CVE-2026-42507

Zahir Hussain (1):
  libpng: Fix CVE-2026-33416

 meta/classes/create-spdx-2.2.bbclass          |   2 +-
 meta/lib/oe/package.py                        |   4 +-
 .../busybox/busybox/CVE-2026-29004-01.patch   |  41 ++
 .../busybox/busybox/CVE-2026-29004-02.patch   |  46 +++
 meta/recipes-core/busybox/busybox_1.36.1.bb   |   2 +
 meta/recipes-core/util-linux/util-linux.inc   |   1 +
 .../util-linux/CVE-2026-27456.patch           | 115 ++++++
 meta/recipes-devtools/go/go-1.22.12.inc       |  14 +
 .../go/go/CVE-2026-27142.patch                | 386 ++++++++++++++++++
 .../go/go/CVE-2026-32280.patch                | 289 +++++++++++++
 .../go/go/CVE-2026-32283.patch                | 177 ++++++++
 .../go/go/CVE-2026-32289.patch                | 217 ++++++++++
 .../go/go/CVE-2026-33811.patch                |  46 +++
 .../go/go/CVE-2026-39817.patch                | 105 +++++
 .../go/go/CVE-2026-39819.patch                |  48 +++
 .../go/go/CVE-2026-39820.patch                | 112 +++++
 .../go/go/CVE-2026-39825.patch                | 104 +++++
 .../go/go/CVE-2026-39826.patch                |  65 +++
 .../go/go/CVE-2026-42499.patch                |  91 +++++
 .../go/go/CVE-2026-42501.patch                | 127 ++++++
 .../go/go/CVE-2026-42504.patch                |  58 +++
 .../go/go/CVE-2026-42507.patch                | 160 ++++++++
 .../xz/xz/CVE-2026-34743.patch                |  68 +++
 meta/recipes-extended/xz/xz_5.4.7.bb          |   1 +
 .../libpng/files/CVE-2026-33416-01.patch      | 143 +++++++
 .../libpng/files/CVE-2026-33416-02.patch      |  53 +++
 .../libpng/files/CVE-2026-33416-03.patch      | 163 ++++++++
 .../libpng/files/CVE-2026-33416-04.patch      |  53 +++
 .../libpng/libpng_1.6.42.bb                   |   4 +
 scripts/lib/devtool/standard.py               |   3 +-
 30 files changed, 2694 insertions(+), 4 deletions(-)
 create mode 100644 meta/recipes-core/busybox/busybox/CVE-2026-29004-01.patch
 create mode 100644 meta/recipes-core/busybox/busybox/CVE-2026-29004-02.patch
 create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2026-27456.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2026-27142.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2026-32280.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2026-32283.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2026-32289.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2026-33811.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2026-39817.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2026-39819.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2026-39820.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2026-39825.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2026-39826.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2026-42499.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2026-42501.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2026-42504.patch
 create mode 100644 meta/recipes-devtools/go/go/CVE-2026-42507.patch
 create mode 100644 meta/recipes-extended/xz/xz/CVE-2026-34743.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2026-33416-01.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2026-33416-02.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2026-33416-03.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2026-33416-04.patch

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#238917): 
https://lists.openembedded.org/g/openembedded-core/message/238917
Mute This Topic: https://lists.openembedded.org/mt/119836508/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to