mbox series

Kirkstone merge request: July 20th.

Message ID 848eafbf-de50-4a28-87a0-6f30eadfa543@gmail.com
State New
Headers show
Series Kirkstone merge request: July 20th. | expand

Pull-request

https://git.openembedded.org/meta-openembedded kirkstone-next

Message

akuster808 July 20, 2025, 6:38 p.m. UTC 
The following changes since commit 058249f9a836e3aa866436aa6e37d6d48ff768fd:

   libssh: fix CVE-2025-5318 (2025-07-02 20:42:48 -0400)

are available in the Git repository at:

   https://git.openembedded.org/meta-openembedded kirkstone-next

for you to fetch changes up to 06fc0278f10d630838d703dde707bbf0e2999873:

   poco: Fix ptests (2025-07-13 14:41:35 -0400)

----------------------------------------------------------------
Archana Polampalli (1):
       tcpreplay: fix CVE-2024-22654

Changqing Li (2):
       libblockdev: fix CVE-2025-6019
       udisks2: Hardening measure of CVE-2025-6019

Colin McAllister (1):
       jq: Fix CVEs

Hitendra Prajapati (1):
       open-vm-tools: fix CVE-2025-22247

Khem Raj (2):
       poco: Remove pushd/popd from run-ptest
       poco: Fix ptests

Peter Marko (2):
       spdlog: patch CVE-2025-6140
       poco: patch CVE-2025-6375

Sana Kazi (1):
       imagemagick: Fix CVE vulnerablities

  .../open-vm-tools/open-vm-tools/CVE-2025-22247.patch            | 383 
++++++++++++++++++++++++++++
  .../recipes-support/open-vm-tools/open-vm-tools_11.3.5.bb       | 1 +
  .../tcpreplay/tcpreplay/CVE-2024-22654-0001.patch               | 90 
+++++++
  .../tcpreplay/tcpreplay/CVE-2024-22654-0002.patch               | 35 +++
  meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.4.bb    | 2 +
  meta-oe/recipes-devtools/jq/jq/CVE-2024-23337.patch             | 219 
++++++++++++++++
  meta-oe/recipes-devtools/jq/jq/CVE-2024-53427-01.patch          | 69 +++++
  meta-oe/recipes-devtools/jq/jq/CVE-2024-53427-02.patch          | 56 ++++
  meta-oe/recipes-devtools/jq/jq/CVE-2025-48060.patch             | 46 ++++
  meta-oe/recipes-devtools/jq/jq_git.bb                           | 8 +-
  meta-oe/recipes-extended/libblockdev/files/CVE-2025-6019.patch  | 31 +++
  meta-oe/recipes-extended/libblockdev/libblockdev_2.26.bb        | 1 +
  meta-oe/recipes-support/imagemagick/files/CVE-2022-1114.patch   | 44 ++++
  meta-oe/recipes-support/imagemagick/files/CVE-2023-1289-1.patch | 114 
+++++++++
  meta-oe/recipes-support/imagemagick/files/CVE-2023-1289.patch   | 21 ++
  meta-oe/recipes-support/imagemagick/files/CVE-2023-34474.patch  | 35 +++
  meta-oe/recipes-support/imagemagick/files/CVE-2023-5341.patch   | 28 ++
  meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb       | 5 +
  meta-oe/recipes-support/poco/poco/CVE-2025-6375.patch           | 34 +++
  meta-oe/recipes-support/poco/poco/run-ptest                     | 7 +-
  meta-oe/recipes-support/poco/poco_1.11.2.bb                     | 10 +-
  meta-oe/recipes-support/spdlog/spdlog/CVE-2025-6140.patch       | 35 +++
  meta-oe/recipes-support/spdlog/spdlog_1.9.2.bb                  | 4 +-
  meta-oe/recipes-support/udisks/udisks2/CVE-2025-6019.patch      | 51 ++++
  meta-oe/recipes-support/udisks/udisks2_2.9.4.bb                 | 3 +-
  25 files changed, 1321 insertions(+), 11 deletions(-)
  create mode 100644 
meta-networking/recipes-support/open-vm-tools/open-vm-tools/CVE-2025-22247.patch
  create mode 100644 
meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2024-22654-0001.patch
  create mode 100644 
meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2024-22654-0002.patch
  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2024-23337.patch
  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2024-53427-01.patch
  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2024-53427-02.patch
  create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2025-48060.patch
  create mode 100644 
meta-oe/recipes-extended/libblockdev/files/CVE-2025-6019.patch
  create mode 100644 
meta-oe/recipes-support/imagemagick/files/CVE-2022-1114.patch
  create mode 100644 
meta-oe/recipes-support/imagemagick/files/CVE-2023-1289-1.patch
  create mode 100644 
meta-oe/recipes-support/imagemagick/files/CVE-2023-1289.patch
  create mode 100644 
meta-oe/recipes-support/imagemagick/files/CVE-2023-34474.patch
  create mode 100644 
meta-oe/recipes-support/imagemagick/files/CVE-2023-5341.patch
  create mode 100644 meta-oe/recipes-support/poco/poco/CVE-2025-6375.patch
  create mode 100644 
meta-oe/recipes-support/spdlog/spdlog/CVE-2025-6140.patch
  create mode 100644 
meta-oe/recipes-support/udisks/udisks2/CVE-2025-6019.patch

Comments

Khem Raj July 20, 2025, 8:08 p.m. UTC | #1 
merged.
thanks Armin.

On Sun, Jul 20, 2025 at 11:38 AM akuster808 <akuster808@gmail.com> wrote:
>
> The following changes since commit 058249f9a836e3aa866436aa6e37d6d48ff768fd:
>
>    libssh: fix CVE-2025-5318 (2025-07-02 20:42:48 -0400)
>
> are available in the Git repository at:
>
>    https://git.openembedded.org/meta-openembedded kirkstone-next
>
> for you to fetch changes up to 06fc0278f10d630838d703dde707bbf0e2999873:
>
>    poco: Fix ptests (2025-07-13 14:41:35 -0400)
>
> ----------------------------------------------------------------
> Archana Polampalli (1):
>        tcpreplay: fix CVE-2024-22654
>
> Changqing Li (2):
>        libblockdev: fix CVE-2025-6019
>        udisks2: Hardening measure of CVE-2025-6019
>
> Colin McAllister (1):
>        jq: Fix CVEs
>
> Hitendra Prajapati (1):
>        open-vm-tools: fix CVE-2025-22247
>
> Khem Raj (2):
>        poco: Remove pushd/popd from run-ptest
>        poco: Fix ptests
>
> Peter Marko (2):
>        spdlog: patch CVE-2025-6140
>        poco: patch CVE-2025-6375
>
> Sana Kazi (1):
>        imagemagick: Fix CVE vulnerablities
>
>   .../open-vm-tools/open-vm-tools/CVE-2025-22247.patch            | 383
> ++++++++++++++++++++++++++++
>   .../recipes-support/open-vm-tools/open-vm-tools_11.3.5.bb       | 1 +
>   .../tcpreplay/tcpreplay/CVE-2024-22654-0001.patch               | 90
> +++++++
>   .../tcpreplay/tcpreplay/CVE-2024-22654-0002.patch               | 35 +++
>   meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.4.bb    | 2 +
>   meta-oe/recipes-devtools/jq/jq/CVE-2024-23337.patch             | 219
> ++++++++++++++++
>   meta-oe/recipes-devtools/jq/jq/CVE-2024-53427-01.patch          | 69 +++++
>   meta-oe/recipes-devtools/jq/jq/CVE-2024-53427-02.patch          | 56 ++++
>   meta-oe/recipes-devtools/jq/jq/CVE-2025-48060.patch             | 46 ++++
>   meta-oe/recipes-devtools/jq/jq_git.bb                           | 8 +-
>   meta-oe/recipes-extended/libblockdev/files/CVE-2025-6019.patch  | 31 +++
>   meta-oe/recipes-extended/libblockdev/libblockdev_2.26.bb        | 1 +
>   meta-oe/recipes-support/imagemagick/files/CVE-2022-1114.patch   | 44 ++++
>   meta-oe/recipes-support/imagemagick/files/CVE-2023-1289-1.patch | 114
> +++++++++
>   meta-oe/recipes-support/imagemagick/files/CVE-2023-1289.patch   | 21 ++
>   meta-oe/recipes-support/imagemagick/files/CVE-2023-34474.patch  | 35 +++
>   meta-oe/recipes-support/imagemagick/files/CVE-2023-5341.patch   | 28 ++
>   meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb       | 5 +
>   meta-oe/recipes-support/poco/poco/CVE-2025-6375.patch           | 34 +++
>   meta-oe/recipes-support/poco/poco/run-ptest                     | 7 +-
>   meta-oe/recipes-support/poco/poco_1.11.2.bb                     | 10 +-
>   meta-oe/recipes-support/spdlog/spdlog/CVE-2025-6140.patch       | 35 +++
>   meta-oe/recipes-support/spdlog/spdlog_1.9.2.bb                  | 4 +-
>   meta-oe/recipes-support/udisks/udisks2/CVE-2025-6019.patch      | 51 ++++
>   meta-oe/recipes-support/udisks/udisks2_2.9.4.bb                 | 3 +-
>   25 files changed, 1321 insertions(+), 11 deletions(-)
>   create mode 100644
> meta-networking/recipes-support/open-vm-tools/open-vm-tools/CVE-2025-22247.patch
>   create mode 100644
> meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2024-22654-0001.patch
>   create mode 100644
> meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2024-22654-0002.patch
>   create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2024-23337.patch
>   create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2024-53427-01.patch
>   create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2024-53427-02.patch
>   create mode 100644 meta-oe/recipes-devtools/jq/jq/CVE-2025-48060.patch
>   create mode 100644
> meta-oe/recipes-extended/libblockdev/files/CVE-2025-6019.patch
>   create mode 100644
> meta-oe/recipes-support/imagemagick/files/CVE-2022-1114.patch
>   create mode 100644
> meta-oe/recipes-support/imagemagick/files/CVE-2023-1289-1.patch
>   create mode 100644
> meta-oe/recipes-support/imagemagick/files/CVE-2023-1289.patch
>   create mode 100644
> meta-oe/recipes-support/imagemagick/files/CVE-2023-34474.patch
>   create mode 100644
> meta-oe/recipes-support/imagemagick/files/CVE-2023-5341.patch
>   create mode 100644 meta-oe/recipes-support/poco/poco/CVE-2025-6375.patch
>   create mode 100644
> meta-oe/recipes-support/spdlog/spdlog/CVE-2025-6140.patch
>   create mode 100644
> meta-oe/recipes-support/udisks/udisks2/CVE-2025-6019.patch
>