Please review this set of changes for scarthgap and have comments back by end of day Friday, July 10. This is a bit shorter period than usual, ping me if you need more time (I've spent some time to understand the below AB error).
*Somewhat* passed a-full on autobuilder: https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/4178 3 sub builds failed: * oe-selftest-armhost#4305 * oe-selftest-debian#4250 * oe-selftest-fedora#4075 Sadly, I did not got successful retries. I think this is related to: 15289 – [scarthgap] AB-INT: sstatetests.SStatePrintdiff.test_gcc_runtime_vs_gcc_source failure https://bugzilla.yoctoproject.org/show_bug.cgi?id=15289 I'm still trying to understand what is happening but now I think this issue is *NOT* related to this series. The main issue for this series is that it prevented to fully run the oe-selftests. I plan to get a green-ish build before doing the pull-request. The following changes since commit 2814f0962f56c8d1afa4de76d2895ba9b5cb767d: build-appliance-image: Update to scarthgap head revisions (2026-07-02 13:50:35 +0100) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut for you to fetch changes up to 728706a9dc79a8c70429b805fc40429bcd8e09fc: cve-update: Avoid NFS caching issues (2026-07-08 16:32:46 +0200) ---------------------------------------------------------------- Adarsh Jagadish Kamini (1): curl: fix CVE-2026-6276 Anil Dongare (2): cargo: Fix CVE-2026-5222 cargo: Fix CVE-2026-5223 Ashishkumar Parmar (3): qemu: Fix CVE-2025-14876 qemu: Fix CVE-2026-0665 qemu: Fix CVE-2026-2243 Benjamin Robin (Schneider Electric) (1): openssh: CVE-2026-35387 patch also fixes CVE-2026-35414 Daniel Turull (2): libssh2: fix CVE-2026-55200 libssh2: fix CVE-2026-55199 Esa Jaaskela (1): linux-yocto/6.6: update CVE exclusions (6.6.142) Harish Sadineni (1): binutils: Add CVE-2025-69646 to "CVE:" tag Himanshu Jadon (1): tar: Fix CVE-2026-5704 Hitendra Prajapati (4): vim: fix for CVE-2026-34982, CVE-2026-34714 & CVE-2026-35177 vim: fix for CVE-2026-28421, CVE-2026-41411 & CVE-2026-44656 vim: Fix for CVE-2026-28417, CVE-2026-32249, CVE-2026-45130 vim: Security fix for CVE-2026-28420 & CVE-2026-46483 Jaipaul Cheernam (1): curl: fix CVE-2026-5773 - wrong reuse of SMB connection Jakub Szczudlo (1): libgcrypt: upgrade 1.10.3 -> 1.10.4 Nate Kent (1): sudo: fix pam-wheel sed for sudo 1.9.17p2 sudoers Paul Barker (1): cve-update: Avoid NFS caching issues Shubham Pushpkar (1): binutils: Fix CVE-2026-6846 Theo Gaige (Schneider Electric) (4): dhcpcd: patch CVE-2026-56113 dhcpcd: patch CVE-2026-56114 dhcpcd: patch CVE-2026-56117 perl: patch CVE-2026-8376 .../dhcpcd/dhcpcd_10.0.6.bb | 3 + .../dhcpcd/files/CVE-2026-56113.patch | 92 + .../dhcpcd/files/CVE-2026-56114.patch | 34 + .../dhcpcd/files/CVE-2026-56117.patch | 167 + ...ch => CVE-2026-35414-CVE-2026-35387.patch} | 2 +- .../openssh/openssh_9.6p1.bb | 2 +- .../meta/cve-update-nvd2-native.bb | 9 +- .../binutils/binutils-2.42.inc | 1 + .../binutils/binutils/CVE-2025-69648.patch | 2 +- .../binutils/binutils/CVE-2026-6846.patch | 57 + .../perl/files/CVE-2026-8376-01.patch | 62 + .../perl/files/CVE-2026-8376-02.patch | 49 + meta/recipes-devtools/perl/perl_5.38.4.bb | 2 + meta/recipes-devtools/qemu/qemu.inc | 4 + .../qemu/qemu/CVE-2025-14876_p1.patch | 52 + .../qemu/qemu/CVE-2025-14876_p2.patch | 56 + .../qemu/qemu/CVE-2026-0665.patch | 38 + .../qemu/qemu/CVE-2026-2243.patch | 45 + .../rust/files/CVE-2026-5222.patch | 92 + .../rust/files/CVE-2026-5223.patch | 114 + meta/recipes-devtools/rust/rust-source.inc | 2 + meta/recipes-extended/sudo/sudo_1.9.17p2.bb | 2 +- .../tar/tar/CVE-2026-5704-dependent_p1.patch | 484 +++ .../tar/tar/CVE-2026-5704-dependent_p2.patch | 169 + .../tar/tar/CVE-2026-5704-regression.patch | 176 + .../tar/tar/CVE-2026-5704.patch | 556 +++ meta/recipes-extended/tar/tar_1.35.bb | 4 + .../linux/cve-exclusion_6.6.inc | 3418 +++++++++++++---- .../curl/curl/CVE-2026-5773.patch | 40 + .../curl/curl/CVE-2026-6276.patch | 135 + meta/recipes-support/curl/curl_8.7.1.bb | 2 + ...ilding-error-with-O2-in-sysroot-path.patch | 64 - ...r-handle-substitution-in-sed-command.patch | 49 + ...ibgcrypt_1.10.3.bb => libgcrypt_1.10.4.bb} | 4 +- .../libssh2/libssh2/CVE-2026-55199.patch | 44 + .../libssh2/libssh2/CVE-2026-55200.patch | 36 + .../recipes-support/libssh2/libssh2_1.11.1.bb | 2 + .../vim/files/CVE-2026-28417.patch | 92 + .../vim/files/CVE-2026-28420.patch | 162 + .../vim/files/CVE-2026-28421.patch | 148 + .../vim/files/CVE-2026-32249.patch | 117 + .../vim/files/CVE-2026-34714.patch | 109 + .../vim/files/CVE-2026-34982.patch | 105 + .../vim/files/CVE-2026-35177.patch | 60 + .../vim/files/CVE-2026-41411.patch | 75 + .../vim/files/CVE-2026-44656.patch | 130 + .../vim/files/CVE-2026-45130.patch | 115 + .../vim/files/CVE-2026-46483.patch | 77 + meta/recipes-support/vim/vim.inc | 11 + 49 files changed, 6449 insertions(+), 822 deletions(-) create mode 100644 meta/recipes-connectivity/dhcpcd/files/CVE-2026-56113.patch create mode 100644 meta/recipes-connectivity/dhcpcd/files/CVE-2026-56114.patch create mode 100644 meta/recipes-connectivity/dhcpcd/files/CVE-2026-56117.patch rename meta/recipes-connectivity/openssh/openssh/{CVE-2026-35387.patch => CVE-2026-35414-CVE-2026-35387.patch} (99%) create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2026-6846.patch create mode 100644 meta/recipes-devtools/perl/files/CVE-2026-8376-01.patch create mode 100644 meta/recipes-devtools/perl/files/CVE-2026-8376-02.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2025-14876_p1.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2025-14876_p2.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2026-0665.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2026-2243.patch create mode 100644 meta/recipes-devtools/rust/files/CVE-2026-5222.patch create mode 100644 meta/recipes-devtools/rust/files/CVE-2026-5223.patch create mode 100644 meta/recipes-extended/tar/tar/CVE-2026-5704-dependent_p1.patch create mode 100644 meta/recipes-extended/tar/tar/CVE-2026-5704-dependent_p2.patch create mode 100644 meta/recipes-extended/tar/tar/CVE-2026-5704-regression.patch create mode 100644 meta/recipes-extended/tar/tar/CVE-2026-5704.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2026-5773.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2026-6276.patch delete mode 100644 meta/recipes-support/libgcrypt/files/0001-Fix-building-error-with-O2-in-sysroot-path.patch create mode 100644 meta/recipes-support/libgcrypt/files/0002-random-cipher-handle-substitution-in-sed-command.patch rename meta/recipes-support/libgcrypt/{libgcrypt_1.10.3.bb => libgcrypt_1.10.4.bb} (92%) create mode 100644 meta/recipes-support/libssh2/libssh2/CVE-2026-55199.patch create mode 100644 meta/recipes-support/libssh2/libssh2/CVE-2026-55200.patch create mode 100644 meta/recipes-support/vim/files/CVE-2026-28417.patch create mode 100644 meta/recipes-support/vim/files/CVE-2026-28420.patch create mode 100644 meta/recipes-support/vim/files/CVE-2026-28421.patch create mode 100644 meta/recipes-support/vim/files/CVE-2026-32249.patch create mode 100644 meta/recipes-support/vim/files/CVE-2026-34714.patch create mode 100644 meta/recipes-support/vim/files/CVE-2026-34982.patch create mode 100644 meta/recipes-support/vim/files/CVE-2026-35177.patch create mode 100644 meta/recipes-support/vim/files/CVE-2026-41411.patch create mode 100644 meta/recipes-support/vim/files/CVE-2026-44656.patch create mode 100644 meta/recipes-support/vim/files/CVE-2026-45130.patch create mode 100644 meta/recipes-support/vim/files/CVE-2026-46483.patch
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#240547): https://lists.openembedded.org/g/openembedded-core/message/240547 Mute This Topic: https://lists.openembedded.org/mt/120187562/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
