[kirkstone,00/10] Patch review

Message ID	cover.1744145328.git.steve@sakoman.com
State	Not Applicable, archived
Delegated to:	Steve Sakoman
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.214.171, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 00/10] Patch review Date: Tue, 8 Apr 2025 13:50:56 -0700 Message-ID: <cover.1744145328.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit

Message ID

cover.1744145328.git.steve@sakoman.com

State

Not Applicable, archived

Delegated to:

Steve Sakoman

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/10] Patch review
Date: Tue,  8 Apr 2025 13:50:56 -0700
Message-ID: <cover.1744145328.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Message

Steve Sakoman April 8, 2025, 8:50 p.m. UTC

Please review this set of changes for kirkstone and have comments back by
end of day Thursday, April 10

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1367

The following changes since commit 1efbe1004bc82e7c14c1e8bd4ce644f5015c3346:

  build-appliance-image: Update to kirkstone head revision (2025-04-04 08:43:24 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Haixiao Yan (1):
  glibc: Add single-threaded fast path to rand()

Peter Marko (2):
  ofono: patch CVE-2024-7537
  qemu: ignore CVE-2023-1386

Vijay Anusuri (6):
  ghostscript: Fix CVE-2025-27830
  ghostscript: Fix CVE-2025-27831
  ghostscript: Fix CVE-2025-27832
  ghostscript: Fix CVE-2025-27834
  ghostscript: Fix CVE-2025-27835
  ghostscript: Fix CVE-2025-27836

Yogita Urade (1):
  curl: ignore CVE-2025-0725

 .../ofono/ofono/CVE-2024-7537.patch           | 59 +++++++++++++
 meta/recipes-connectivity/ofono/ofono_1.34.bb |  1 +
 ...dd-single-threaded-fast-path-to-rand.patch | 47 +++++++++++
 meta/recipes-core/glibc/glibc_2.35.bb         |  1 +
 meta/recipes-devtools/qemu/qemu.inc           |  3 +
 .../ghostscript/CVE-2025-27830.patch          | 79 +++++++++++++++++
 .../ghostscript/CVE-2025-27831-pre1.patch     | 50 +++++++++++
 .../ghostscript/CVE-2025-27831.patch          | 84 +++++++++++++++++++
 .../ghostscript/CVE-2025-27832.patch          | 45 ++++++++++
 .../ghostscript/CVE-2025-27834.patch          | 57 +++++++++++++
 .../ghostscript/CVE-2025-27835.patch          | 34 ++++++++
 .../ghostscript/CVE-2025-27836-1.patch        | 64 ++++++++++++++
 .../ghostscript/CVE-2025-27836-2.patch        | 46 ++++++++++
 .../ghostscript/ghostscript_9.55.0.bb         |  8 ++
 meta/recipes-support/curl/curl_7.82.0.bb      |  2 +
 15 files changed, 580 insertions(+)
 create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2024-7537.patch
 create mode 100644 meta/recipes-core/glibc/glibc/0001-stdlib-Add-single-threaded-fast-path-to-rand.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-27830.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-27831-pre1.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-27831.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-27832.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-27834.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-27835.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-27836-1.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-27836-2.patch

[kirkstone,00/10] Patch review

Pull-request

Message