[kirkstone,00/15] Patch review

Message ID	cover.1747163155.git.steve@sakoman.com
State	Not Applicable, archived
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.215.169, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 00/15] Patch review Date: Tue, 13 May 2025 12:07:57 -0700 Message-ID: <cover.1747163155.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit

Message ID

cover.1747163155.git.steve@sakoman.com

State

Not Applicable, archived

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/15] Patch review
Date: Tue, 13 May 2025 12:07:57 -0700
Message-ID: <cover.1747163155.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Message

Steve Sakoman May 13, 2025, 7:07 p.m. UTC

Please review this set of changes for kirkstone and have comments back by
end of day Thursday, May 15

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1582

The following changes since commit 00f7a2f60dd6de95a1a47fa642978613ce76dc56:

  glibc: Add single-threaded fast path to rand() (2025-05-09 09:01:16 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Aleksandar Nikolic (1):
  scripts/install-buildtools: Update to 4.0.26

Alexander Kanavin (1):
  perl: enable _GNU_SOURCE define via d_gnulibc

Alon Bar-Lev (1):
  module.bbclass: add KBUILD_EXTRA_SYMBOLS to install

Deepesh Varatharajan (1):
  glibc: stable 2.35 branch updates

Peter Marko (1):
  perl: patch CVE-2024-56406

Vijay Anusuri (10):
  libsoup-2.4: Update fix CVE-2024-52532
  libsoup-2.4: Fix CVE-2025-32906
  libsoup-2.4: Fix CVE-2025-32909
  libsoup: update fix CVE-2024-52532
  libsoup: Fix CVE-2025-32906
  libsoup: Fix CVE-2025-32909
  libsoup: Fix CVE-2025-32910
  libsoup: Fix CVE-2025-32911 & CVE-2025-32913
  libsoup: Fix CVE-2025-32912
  libsoup: Fix CVE-2025-32914

 meta/classes/module.bbclass                   |   1 +
 meta/recipes-core/glibc/glibc-version.inc     |   2 +-
 ...4-56406-Heap-buffer-overflow-with-tr.patch |  30 ++++
 meta/recipes-devtools/perl/perl_5.34.3.bb     |   2 +
 .../libsoup-2.4/CVE-2024-52532-3.patch        |  46 ++++++
 .../libsoup-2.4/CVE-2025-32906-1.patch        |  61 +++++++
 .../libsoup-2.4/CVE-2025-32906-2.patch        |  83 ++++++++++
 .../libsoup/libsoup-2.4/CVE-2025-32909.patch  |  36 +++++
 .../libsoup/libsoup-2.4_2.74.2.bb             |   4 +
 .../libsoup/libsoup/CVE-2024-52532-3.patch    |  46 ++++++
 .../libsoup/libsoup/CVE-2025-32906-1.patch    |  61 +++++++
 .../libsoup/libsoup/CVE-2025-32906-2.patch    |  83 ++++++++++
 .../libsoup/libsoup/CVE-2025-32909.patch      |  36 +++++
 .../libsoup/libsoup/CVE-2025-32910-1.patch    |  98 ++++++++++++
 .../libsoup/libsoup/CVE-2025-32910-2.patch    | 149 ++++++++++++++++++
 .../libsoup/libsoup/CVE-2025-32910-3.patch    |  27 ++++
 .../CVE-2025-32911_CVE-2025-32913-1.patch     |  72 +++++++++
 .../CVE-2025-32911_CVE-2025-32913-2.patch     |  44 ++++++
 .../libsoup/libsoup/CVE-2025-32912-1.patch    |  41 +++++
 .../libsoup/libsoup/CVE-2025-32912-2.patch    |  30 ++++
 .../libsoup/libsoup/CVE-2025-32914.patch      | 111 +++++++++++++
 meta/recipes-support/libsoup/libsoup_3.0.7.bb |  12 ++
 scripts/install-buildtools                    |   4 +-
 23 files changed, 1076 insertions(+), 3 deletions(-)
 create mode 100644 meta/recipes-devtools/perl/files/0001-CVE-2024-56406-Heap-buffer-overflow-with-tr.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2024-52532-3.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32906-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32906-2.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32909.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2024-52532-3.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32906-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32906-2.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32909.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32910-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32910-2.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32910-3.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32911_CVE-2025-32913-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32911_CVE-2025-32913-2.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32912-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32912-2.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32914.patch

[kirkstone,00/15] Patch review

Pull-request

Message