mbox

[kirkstone,00/11] Patch review

Message ID cover.1752073806.git.steve@sakoman.com
State Not Applicable, archived
Headers show

Pull-request

https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut

Message

Steve Sakoman July 9, 2025, 3:19 p.m. UTC
Please review this set of changes for kirkstone and have comments bach by
end of day Friday, July 11

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1983

The following changes since commit 78055e8b6a9ea5063658886c5b5d22821d689fc5:

  xwayland: fix CVE-2025-49180 (2025-07-05 06:12:53 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Bruce Ashfield (1):
  linux-yocto/5.15: update to v5.15.186

Changqing Li (3):
  libsoup-2.4: refresh CVE-2025-4969.patch
  libsoup-2.4: fix CVE-2025-4945
  libsoup: fix CVE-2025-4945

Chen Qi (1):
  coreutils: fix CVE-2025-5278

Divya Chellam (3):
  libarchive: fix CVE-2025-5915
  libarchive: fix CVE-2025-5916
  libarchive: fix CVE-2025-5917

Hitendra Prajapati (1):
  libxml2: fix CVE-2025-6021

Yogita Urade (2):
  curl: fix CVE-2024-11053
  curl: fix CVE-2025-0167

 .../coreutils/coreutils/CVE-2025-5278.patch   | 113 +++
 meta/recipes-core/coreutils/coreutils_9.0.bb  |   1 +
 .../libxml/libxml2/CVE-2025-6021.patch        |  56 ++
 meta/recipes-core/libxml/libxml2_2.9.14.bb    |   1 +
 .../libarchive/libarchive/CVE-2025-5915.patch | 217 +++++
 .../libarchive/libarchive/CVE-2025-5916.patch | 116 +++
 .../libarchive/libarchive/CVE-2025-5917.patch |  54 ++
 .../libarchive/libarchive_3.6.2.bb            |   3 +
 .../linux/linux-yocto-rt_5.15.bb              |   6 +-
 .../linux/linux-yocto-tiny_5.15.bb            |   6 +-
 meta/recipes-kernel/linux/linux-yocto_5.15.bb |  26 +-
 .../curl/curl/CVE-2024-11053-0001.patch       | 340 ++++++++
 .../curl/curl/CVE-2024-11053-0002.patch       | 746 ++++++++++++++++++
 .../curl/curl/CVE-2025-0167.patch             | 175 ++++
 meta/recipes-support/curl/curl_7.82.0.bb      |   3 +
 .../libsoup/libsoup-2.4/CVE-2025-4945.patch   | 117 +++
 .../libsoup/libsoup-2.4/CVE-2025-4969.patch   |  54 +-
 .../libsoup/libsoup-2.4_2.74.2.bb             |   1 +
 .../libsoup/libsoup/CVE-2025-4945.patch       | 118 +++
 meta/recipes-support/libsoup/libsoup_3.0.7.bb |   1 +
 20 files changed, 2093 insertions(+), 61 deletions(-)
 create mode 100644 meta/recipes-core/coreutils/coreutils/CVE-2025-5278.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-6021.patch
 create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-5915.patch
 create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-5916.patch
 create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-5917.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2024-11053-0001.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2024-11053-0002.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2025-0167.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4945.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-4945.patch