[kirkstone,0/7] Patch review

Message ID	cover.1741961309.git.steve@sakoman.com
State	Not Applicable, archived
Delegated to:	Steve Sakoman
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.214.181, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 0/7] Patch review Date: Fri, 14 Mar 2025 07:10:02 -0700 Message-ID: <cover.1741961309.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit

Message ID

cover.1741961309.git.steve@sakoman.com

State

Not Applicable, archived

Delegated to:

Steve Sakoman

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 0/7] Patch review
Date: Fri, 14 Mar 2025 07:10:02 -0700
Message-ID: <cover.1741961309.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Message

Steve Sakoman March 14, 2025, 2:10 p.m. UTC

Please review this set of changes for kirkstone and have comments back by
end of day Tuesday, March 18

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1187

The following changes since commit 0216c229d5c60d0023b0a7d6e8ee41bdfa16f8ef:

  tzcode-native: Fix compiler setting from 2023d version (2025-03-07 07:00:55 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Ashish Sharma (1):
  ruby: Fix CVE-2025-27219

Divya Chellam (1):
  vim: Upgrade 9.1.1043 -> 9.1.1115

Hitendra Prajapati (2):
  grub: Fix multiple CVEs
  grub: Fix multiple CVEs

Peter Marko (2):
  puzzles: ignore three new CVEs for a different puzzles
  libarchive: patch CVE-2025-25724

Zhang Peng (1):
  mpg123: fix CVE-2024-10573

 .../0001-misc-Implement-grub_strlcpy.patch    |  68 ++
 .../grub/files/CVE-2024-45774.patch           |  40 +
 .../grub/files/CVE-2024-45775.patch           |  41 +
 .../grub/files/CVE-2024-45776.patch           |  42 +
 .../grub/files/CVE-2024-45777.patch           |  60 ++
 .../files/CVE-2024-45778_CVE-2024-45779.patch |  58 ++
 .../grub/files/CVE-2024-45780.patch           |  96 ++
 .../grub/files/CVE-2024-45781.patch           |  38 +
 .../files/CVE-2024-45782_CVE-2024-56737.patch |  39 +
 .../grub/files/CVE-2024-45783.patch           |  42 +
 .../grub/files/CVE-2025-0622-01.patch         |  39 +
 .../grub/files/CVE-2025-0622-02.patch         |  44 +
 .../grub/files/CVE-2025-0622-03.patch         |  41 +
 .../grub/files/CVE-2025-0624.patch            |  87 ++
 ...025-0685_CVE-2025-0686_CVE-2025-0689.patch | 380 +++++++
 .../files/CVE-2025-0678_CVE-2025-1125.patch   |  90 ++
 .../grub/files/CVE-2025-0690.patch            |  75 ++
 .../grub/files/CVE-2025-1118.patch            |  40 +
 meta/recipes-bsp/grub/grub2.inc               |  18 +
 .../ruby/ruby/CVE-2025-27219.patch            |  31 +
 meta/recipes-devtools/ruby/ruby_3.1.3.bb      |   1 +
 .../libarchive/CVE-2025-25724.patch           |  40 +
 .../libarchive/libarchive_3.6.2.bb            |   1 +
 .../mpg123/mpg123/CVE-2024-10573.patch        | 978 ++++++++++++++++++
 .../mpg123/mpg123_1.29.3.bb                   |   4 +-
 meta/recipes-sato/puzzles/puzzles_git.bb      |   2 +
 meta/recipes-support/vim/vim.inc              |   4 +-
 27 files changed, 2396 insertions(+), 3 deletions(-)
 create mode 100644 meta/recipes-bsp/grub/files/0001-misc-Implement-grub_strlcpy.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45774.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45775.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45776.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45777.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45778_CVE-2024-45779.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45780.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45781.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45782_CVE-2024-56737.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45783.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0622-01.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0622-02.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0622-03.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0624.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0677_CVE-2025-0684_CVE-2025-0685_CVE-2025-0686_CVE-2025-0689.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0678_CVE-2025-1125.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0690.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-1118.patch
 create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2025-27219.patch
 create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-25724.patch
 create mode 100644 meta/recipes-multimedia/mpg123/mpg123/CVE-2024-10573.patch

[kirkstone,0/7] Patch review

Pull-request

Message