mbox

[scarthgap,00/12] Patch review

Message ID cover.1752029282.git.steve@sakoman.com
State Not Applicable, archived
Delegated to: Steve Sakoman
Headers show

Pull-request

https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut

Message

Steve Sakoman July 9, 2025, 2:51 a.m. UTC
Please review this set of changes for scarthgap and have comments back by
end of day Tursday, July 10

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1980

The following changes since commit 15881f41f8c00c5f0a68628c2d49ca1aa1999c2e:

  xwayland: fix CVE-2025-49180 (2025-07-03 09:04:44 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Bruce Ashfield (3):
  linux-yocto/6.6: update to v6.6.93
  linux-yocto/6.6: update to v6.6.94
  linux-yocto/6.6: update to v6.6.96

Changqing Li (4):
  icu: fix CVE-2025-5222
  libsoup-2.4: refresh CVE-2025-4969.patch
  libsoup-2.4: fix CVE-2025-4945
  libsoup: fix CVE-2025-4945

Guocai He (1):
  minicom: correct the SRC_URI

Hitendra Prajapati (1):
  libxml2: fix CVE-2025-6021

Vijay Anusuri (1):
  sudo: Fix CVE-2025-32462

Virendra Thakur (1):
  curl: set conditional CVE_STATUS for CVE-2025-5025

Yogita Urade (1):
  python3-urllib3: fix CVE-2025-50181

 .../libxml/libxml2/CVE-2025-6021.patch        |  56 ++++
 meta/recipes-core/libxml/libxml2_2.12.10.bb   |   1 +
 .../python3-urllib3/CVE-2025-50181.patch      | 283 ++++++++++++++++++
 .../python/python3-urllib3_2.2.2.bb           |   4 +
 meta/recipes-extended/minicom/minicom_2.9.bb  |   2 +-
 .../sudo/files/CVE-2025-32462.patch           |  42 +++
 meta/recipes-extended/sudo/sudo_1.9.15p5.bb   |   1 +
 .../linux/linux-yocto-rt_6.6.bb               |   6 +-
 .../linux/linux-yocto-tiny_6.6.bb             |   6 +-
 meta/recipes-kernel/linux/linux-yocto_6.6.bb  |  28 +-
 meta/recipes-support/curl/curl_8.7.1.bb       |   2 +
 .../icu/icu/CVE-2025-5222.patch               | 166 ++++++++++
 meta/recipes-support/icu/icu_74-2.bb          |   1 +
 .../libsoup/libsoup-2.4/CVE-2025-4945.patch   | 117 ++++++++
 .../libsoup/libsoup-2.4/CVE-2025-4969.patch   |  54 +---
 .../libsoup/libsoup-2.4_2.74.3.bb             |   1 +
 .../libsoup/libsoup-3.4.4/CVE-2025-4945.patch | 118 ++++++++
 meta/recipes-support/libsoup/libsoup_3.4.4.bb |   1 +
 18 files changed, 826 insertions(+), 63 deletions(-)
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-6021.patch
 create mode 100644 meta/recipes-devtools/python/python3-urllib3/CVE-2025-50181.patch
 create mode 100644 meta/recipes-extended/sudo/files/CVE-2025-32462.patch
 create mode 100644 meta/recipes-support/icu/icu/CVE-2025-5222.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4945.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4945.patch