[scarthgap,00/11] Patch review

Message ID	cover.1748443238.git.steve@sakoman.com
State	Not Applicable, archived
Delegated to:	Steve Sakoman
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.214.176, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 00/11] Patch review Date: Wed, 28 May 2025 07:43:03 -0700 Message-ID: <cover.1748443238.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit

Message ID

cover.1748443238.git.steve@sakoman.com

State

Not Applicable, archived

Delegated to:

Steve Sakoman

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 00/11] Patch review
Date: Wed, 28 May 2025 07:43:03 -0700
Message-ID: <cover.1748443238.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Message

Steve Sakoman May 28, 2025, 2:43 p.m. UTC

Please review this set of changes for scarthgap and have comments back by
end of day Friday, May 30

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1672

The following changes since commit 29d920f4c2249df7a69f00100924b4525e03c0d9:

  libatomic-ops: Update GITHUB_BASE_URI (2025-05-20 08:59:39 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Ashish Sharma (1):
  libsoup: patch CVE-2025-4476

Divya Chellam (1):
  ruby: fix CVE-2025-27221

Divyanshu Rathore (1):
  ffmpeg: upgrade 6.1.1 -> 6.1.2

Harish Sadineni (2):
  binutils: Fix CVE-2025-1179
  binutils: set CVE_STATUS for CVE-2025-1180

Rogerio Guerra Borin (1):
  u-boot: ensure keys are generated before assembling U-Boot FIT image

Vijay Anusuri (4):
  libsoup-2.4: Fix CVE-2025-32910
  libsoup-2.4: Fix CVE-2025-32911 & CVE-2025-32913
  libsoup-2.4: Fix CVE-2025-32912
  libsoup-2.4: Fix CVE-2025-32914

Virendra Thakur (1):
  util-linux: Add fix to isolate test fstab entries using CUSTOM_FSTAB

 meta/classes-recipe/uboot-sign.bbclass        |    2 +
 meta/recipes-core/util-linux/util-linux.inc   |    1 +
 .../util-linux/fstab-isolation.patch          |  448 +++++++
 .../binutils/binutils-2.42.inc                |    3 +
 .../binutils/binutils/CVE-2025-1179-pre.patch | 1086 +++++++++++++++++
 .../binutils/binutils/CVE-2025-1179.patch     |  269 ++++
 .../ruby/ruby/CVE-2025-27221-0001.patch       |   57 +
 .../ruby/ruby/CVE-2025-27221-0002.patch       |   73 ++
 meta/recipes-devtools/ruby/ruby_3.3.5.bb      |    2 +
 .../ffmpeg/ffmpeg/CVE-2024-32230.patch        |   36 -
 .../ffmpeg/ffmpeg/CVE-2024-35366.patch        |   35 -
 .../ffmpeg/ffmpeg/CVE-2024-36613.patch        |   37 -
 .../ffmpeg/ffmpeg/CVE-2024-36616.patch        |   35 -
 .../ffmpeg/ffmpeg/CVE-2024-36617.patch        |   36 -
 .../ffmpeg/ffmpeg/CVE-2024-36619.patch        |   36 -
 .../ffmpeg/ffmpeg/CVE-2024-7055.patch         |   38 -
 .../ffmpeg/ffmpeg/vulkan_av1_stable_API.patch |   40 +-
 .../{ffmpeg_6.1.1.bb => ffmpeg_6.1.2.bb}      |    9 +-
 .../libsoup-2.4/CVE-2025-32910-1.patch        |   97 ++
 .../libsoup-2.4/CVE-2025-32910-2.patch        |  148 +++
 .../libsoup-2.4/CVE-2025-32910-3.patch        |   26 +
 .../CVE-2025-32911_CVE-2025-32913-1.patch     |   72 ++
 .../CVE-2025-32911_CVE-2025-32913-2.patch     |   44 +
 .../libsoup-2.4/CVE-2025-32912-1.patch        |   41 +
 .../libsoup-2.4/CVE-2025-32912-2.patch        |   30 +
 .../libsoup/libsoup-2.4/CVE-2025-32914.patch  |  137 +++
 .../libsoup/libsoup-2.4_2.74.3.bb             |    8 +
 .../libsoup/libsoup-3.4.4/CVE-2025-4476.patch |   38 +
 meta/recipes-support/libsoup/libsoup_3.4.4.bb |    1 +
 29 files changed, 2604 insertions(+), 281 deletions(-)
 create mode 100644 meta/recipes-core/util-linux/util-linux/fstab-isolation.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-1179-pre.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-1179.patch
 create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2025-27221-0001.patch
 create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2025-27221-0002.patch
 delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-32230.patch
 delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35366.patch
 delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36613.patch
 delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36616.patch
 delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36617.patch
 delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36619.patch
 delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-7055.patch
 rename meta/recipes-multimedia/ffmpeg/{ffmpeg_6.1.1.bb => ffmpeg_6.1.2.bb} (96%)
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-2.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-3.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32911_CVE-2025-32913-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32911_CVE-2025-32913-2.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32912-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32912-2.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32914.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4476.patch

[scarthgap,00/11] Patch review

Pull-request

Message