Please review this set of changes for scarthgap and have comments back by end of day Thursday, June 25.
This v2 adds the kernel v6.6.142 upgrade and patches fixing failure triggered during integration: * oeqa/runtime/parselogs: update pci BAR ignore for kernel 6.10 * linux-yocto/6.6: update to v6.6.129 * linux-yocto/6.6: update to v6.6.130 * linux-yocto/6.6: update to v6.6.132 * linux-yocto/6.6: update to v6.6.134 * linux-yocto/6.6: update to v6.6.135 * linux-yocto/6.6: update to v6.6.136 * linux-yocto/6.6: update to v6.6.137 * linux-yocto/6.6: update to v6.6.138 * linux-yocto/6.6: update to v6.6.140 * linux-yocto/6.6: update to v6.6.141 * linux-yocto/6.6: update to v6.6.142 * lttng-modules: Fix trace_hrtimer_start build failure * linux-yocto/6.6: genericarm64 fix configuration audit warning * linux-yocto/6.6: address ltp hang Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/4070 * oe-selftest-debian failed * on a github.com access glitch (I'll report it if that happen again) * and a graphical VM: This is on Ubuntu 26.04, not yet officially supported, I'll investigate this before the "official" support. Retried as https://autobuilder.yoctoproject.org/valkyrie/?#/builders/35/builds/4131 The following changes since commit d4950d6df0867dcd5c380d83ac4d138ec968e698: python_setuptools_build_meta: clean the build directory in configure (2026-06-17 01:09:26 +0200) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-review https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-review for you to fetch changes up to 737293bead3e7b994347e47f09bc69437479d50c: linux-yocto/6.6: address ltp hang (2026-06-23 20:33:35 +0200) ---------------------------------------------------------------- Adarsh Jagadish Kamini (3): openssh: fix CVE-2026-35386 libsolv: fix CVE-2026-9150 python3: CVE-2026-3087 not applicable Bruce Ashfield (14): oeqa/runtime/parselogs: update pci BAR ignore for kernel 6.10 linux-yocto/6.6: update to v6.6.129 linux-yocto/6.6: update to v6.6.130 linux-yocto/6.6: update to v6.6.132 linux-yocto/6.6: update to v6.6.134 linux-yocto/6.6: update to v6.6.135 linux-yocto/6.6: update to v6.6.136 linux-yocto/6.6: update to v6.6.137 linux-yocto/6.6: update to v6.6.138 linux-yocto/6.6: update to v6.6.140 linux-yocto/6.6: update to v6.6.141 linux-yocto/6.6: update to v6.6.142 linux-yocto/6.6: genericarm64 fix configuration audit warning linux-yocto/6.6: address ltp hang Deepak Rathore (2): binutils: Fix CVE-2025-69644 qemu: Fix CVE-2024-6519 He Zhe (1): lttng-modules: Fix trace_hrtimer_start build failure Himanshu Jadon (2): apr-util: Add CVE_PRODUCT to support product name apr: Add CVE_PRODUCT to support product name Hitendra Prajapati (1): libinput: fix for CVE-2026-50292 Jonas Munsin (1): bzip2: set CVE_PRODUCT Mark Hatle (1): pseudo: Update to version 1.9.8 Naman Jain (1): tiff: fix CVE-2026-4775 Peter Marko (1): openssl: upgrade 3.5.6 -> 3.5.7 Ross Burton (2): oeqa/core/runner: stub addDuration in OETestResult classes/gtk-icon-cache: fix libdir passed to the postrm intercept Shubham Pushpkar (1): dpkg: Fix CVE-2026-2219 Sudhir Dumbhare (10): go: fix CVE-2025-58183 go: fix CVE-2026-25679 go: fix CVE-2026-32288 python3: Fix CVE-2026-3644 and CVE-2026-0672 python3: Fix CVE-2026-4519 and CVE-2026-4786 python3: Fix CVE-2026-6019 python3: Fix CVE-2025-13462 go-binary-native: set status for CVE-2026-39836 go: set status for CVE-2026-39836 rust,libstd-rs: set status for CVE-2024-3566 Yoann Congal (1): gdb: backport a patch to fix static_assert in recent GCC meta/classes-recipe/gtk-icon-cache.bbclass | 2 +- meta/lib/oeqa/core/runner.py | 4 + .../cases/parselogs-ignores-qemuall.txt | 8 + ...ch => CVE-2025-61984_CVE-2026-35386.patch} | 2 +- .../openssh/openssh_9.6p1.bb | 2 +- ...1-Configure-do-not-tweak-mips-cflags.patch | 2 +- .../{openssl_3.5.6.bb => openssl_3.5.7.bb} | 4 +- .../binutils/binutils-2.42.inc | 2 +- ...ch => CVE-2025-69644-CVE-2025-69647.patch} | 3 +- .../dpkg/dpkg/CVE-2026-2219.patch | 47 +++++ meta/recipes-devtools/dpkg/dpkg_1.22.0.bb | 1 + meta/recipes-devtools/gdb/gdb.inc | 1 + ...gnu23-compatibility-wrt-static_asser.patch | 75 ++++++++ meta/recipes-devtools/go/go-1.22.12.inc | 4 + .../go/go-binary-native_1.22.12.bb | 1 + .../go/go/CVE-2025-58183.patch | 107 ++++++++++++ .../go/go/CVE-2026-25679.patch | 74 ++++++++ .../go/go/CVE-2026-32288.patch | 162 ++++++++++++++++++ meta/recipes-devtools/pseudo/pseudo_git.bb | 4 +- .../python/python3/CVE-2025-13462.patch | 142 +++++++++++++++ .../python3/CVE-2026-3644_CVE-2026-0672.patch | 154 +++++++++++++++++ .../python3/CVE-2026-4519_CVE-2026-4786.patch | 66 +++++++ .../python/python3/CVE-2026-4519_p1.patch | 107 ++++++++++++ .../python/python3/CVE-2026-4519_p2.patch | 159 +++++++++++++++++ .../python/python3/CVE-2026-6019_p1.patch | 133 ++++++++++++++ .../python/python3/CVE-2026-6019_p2.patch | 129 ++++++++++++++ .../python/python3_3.12.13.bb | 8 + meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2024-6519.patch | 51 ++++++ meta/recipes-devtools/rust/rust-source.inc | 1 + meta/recipes-extended/bzip2/bzip2_1.0.8.bb | 2 + .../libsolv/libsolv/CVE-2026-9150.patch | 68 ++++++++ .../libsolv/libsolv_0.7.28.bb | 1 + .../wayland/libinput/CVE-2026-50292-01.patch | 109 ++++++++++++ .../wayland/libinput/CVE-2026-50292-02.patch | 99 +++++++++++ .../wayland/libinput_1.25.0.bb | 2 + .../linux/linux-yocto-rt_6.6.bb | 6 +- .../linux/linux-yocto-tiny_6.6.bb | 6 +- meta/recipes-kernel/linux/linux-yocto_6.6.bb | 28 +-- ...ce-trace-noise-in-hrtimer_start-v7.1.patch | 103 +++++++++++ .../lttng/lttng-modules_2.13.12.bb | 6 +- .../libtiff/tiff/CVE-2026-4775.patch | 59 +++++++ meta/recipes-multimedia/libtiff/tiff_4.6.0.bb | 1 + meta/recipes-support/apr/apr-util_1.6.3.bb | 3 + meta/recipes-support/apr/apr_1.7.5.bb | 3 + 45 files changed, 1920 insertions(+), 32 deletions(-) rename meta/recipes-connectivity/openssh/openssh/{CVE-2025-61984.patch => CVE-2025-61984_CVE-2026-35386.patch} (99%) rename meta/recipes-connectivity/openssl/{openssl_3.5.6.bb => openssl_3.5.7.bb} (98%) rename meta/recipes-devtools/binutils/binutils/{CVE-2025-69647.patch => CVE-2025-69644-CVE-2025-69647.patch} (96%) create mode 100644 meta/recipes-devtools/dpkg/dpkg/CVE-2026-2219.patch create mode 100644 meta/recipes-devtools/gdb/gdb/0001-opcodes-fix-std-gnu23-compatibility-wrt-static_asser.patch create mode 100644 meta/recipes-devtools/go/go/CVE-2025-58183.patch create mode 100644 meta/recipes-devtools/go/go/CVE-2026-25679.patch create mode 100644 meta/recipes-devtools/go/go/CVE-2026-32288.patch create mode 100644 meta/recipes-devtools/python/python3/CVE-2025-13462.patch create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-3644_CVE-2026-0672.patch create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-4519_CVE-2026-4786.patch create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-4519_p1.patch create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-4519_p2.patch create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-6019_p1.patch create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-6019_p2.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-6519.patch create mode 100644 meta/recipes-extended/libsolv/libsolv/CVE-2026-9150.patch create mode 100644 meta/recipes-graphics/wayland/libinput/CVE-2026-50292-01.patch create mode 100644 meta/recipes-graphics/wayland/libinput/CVE-2026-50292-02.patch create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-fix-hrtimer-Reduce-trace-noise-in-hrtimer_start-v7.1.patch create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2026-4775.patch
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#239423): https://lists.openembedded.org/g/openembedded-core/message/239423 Mute This Topic: https://lists.openembedded.org/mt/119949375/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
