[scarthgap,0/9] Patch review

Message ID	cover.1755276097.git.steve@sakoman.com
State	Not Applicable, archived
Delegated to:	Steve Sakoman
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.215.181, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 0/9] Patch review Date: Fri, 15 Aug 2025 09:44:51 -0700 Message-ID: <cover.1755276097.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit

Message ID

cover.1755276097.git.steve@sakoman.com

State

Not Applicable, archived

Delegated to:

Steve Sakoman

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 0/9] Patch review
Date: Fri, 15 Aug 2025 09:44:51 -0700
Message-ID: <cover.1755276097.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Message

Steve Sakoman Aug. 15, 2025, 4:44 p.m. UTC

Please review this set of changes for scarthgap and have comments back by
end of day Tuesday, August 19

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2203

The following changes since commit f023779af6c0e5c838bdacbd6d9765d1c6740575:

  linux-libc-headers: Fix invalid conversion in cn_proc.h (2025-07-30 08:54:31 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Hitendra Prajapati (3):
  gstreamer1.0-plugins-base: fix CVE-2025-47808
  gstreamer1.0-plugins-base: fix CVE-2025-47806
  gstreamer1.0-plugins-good: fix multiple CVEs

Martin Jansa (1):
  libpam: re-add missing libgen include

Nikhil R (1):
  cmake: Add PACKAGECONFIG option for debugger support

Peter Marko (2):
  python3: patch CVE-2025-8194
  go: ignore CVE-2025-0913

Quentin Schulz (1):
  go-helloworld: fix license

Zhang Peng (1):
  avahi: fix CVE-2024-52615

 meta/recipes-connectivity/avahi/avahi_0.8.bb  |   1 +
 .../avahi/files/CVE-2024-52615.patch          | 228 ++++++++++++++++++
 meta/recipes-devtools/cmake/cmake_3.28.3.bb   |   4 +-
 meta/recipes-devtools/go/go-1.22.12.inc       |   2 +
 .../python/python3/CVE-2025-8194.patch        | 219 +++++++++++++++++
 .../python/python3_3.12.11.bb                 |   9 +-
 .../go-examples/go-helloworld_0.1.bb          |   4 +-
 .../libpam/0002-pam-namespace-rebase.patch    |   4 +-
 .../CVE-2025-47806.patch                      |  50 ++++
 .../CVE-2025-47808.patch                      |  36 +++
 .../gstreamer1.0-plugins-base_1.22.12.bb      |   2 +
 .../CVE-2025-47183-001.patch                  | 151 ++++++++++++
 .../CVE-2025-47183-002.patch                  |  80 ++++++
 .../CVE-2025-47219.patch                      |  40 +++
 .../gstreamer1.0-plugins-good_1.22.12.bb      |   3 +
 15 files changed, 824 insertions(+), 9 deletions(-)
 create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2024-52615.patch
 create mode 100644 meta/recipes-devtools/python/python3/CVE-2025-8194.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2025-47806.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2025-47808.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2025-47183-001.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2025-47183-002.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2025-47219.patch

[scarthgap,0/9] Patch review

Pull-request

Message