[walnascar,00/19] Patch review

Message ID	cover.1756215509.git.steve@sakoman.com
State	Not Applicable, archived
Delegated to:	Steve Sakoman
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.216.50, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 00/19] Patch review Date: Tue, 26 Aug 2025 06:40:34 -0700 Message-ID: <cover.1756215509.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit

Message ID

cover.1756215509.git.steve@sakoman.com

State

Not Applicable, archived

Delegated to:

Steve Sakoman

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][walnascar 00/19] Patch review
Date: Tue, 26 Aug 2025 06:40:34 -0700
Message-ID: <cover.1756215509.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Message

Steve Sakoman Aug. 26, 2025, 1:40 p.m. UTC

Please review this set of changes for walnascar and have comments back by
end of day Thursday, August 28

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2268

The following changes since commit 4b785d2d416944a78bf4c09e85a508ae80e35ca4:

  linux-firmware: fix FILES to drop RDEPENDS on full package (2025-08-20 13:27:57 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/walnascar-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/walnascar-nut

Archana Polampalli (10):
  gst-devtools: upgrade 1.24.12 -> 1.24.13
  gstreamer1.0-libav: upgrade 1.24.12 -> 1.24.13
  gstreamer1.0-plugins-bad: upgrade 1.24.12 -> 1.24.13
  gstreamer1.0-plugins-base: upgrade 1.24.12 -> 1.24.13
  gstreamer1.0-plugins-good: upgrade 1.24.12 -> 1.24.13
  gstreamer1.0-plugins-ugly: upgrade 1.24.12 -> 1.24.13
  gstreamer1.0-python: upgrade 1.24.12 -> 1.24.13
  gstreamer1.0-rtsp-server: upgrade 1.24.12 -> 1.24.13
  gstreamer1.0-vaapi: upgrade 1.24.12 -> 1.24.13
  gstreamer1.0: upgrade 1.24.12 -> 1.24.13

Michael Halstead (2):
  yocto-uninative: Update to 4.8 for GCC 15.1
  yocto-uninative: Update to 4.9 for glibc 2.42

Peter Marko (7):
  gnutls: mark CVE-2025-32989 and CVE-2025-32990 as fixed
  libarchive: patch CVE-2025-5916
  libarchive: patch CVE-2025-5917
  libarchive: patch CVE-2025-5918
  binutils: set status for CVE-2025-8224
  cve-update-db-native: fix fetcher for CVEs missing nodes
  vim: upgrade 9.1.1198 -> 9.1.1652

 meta/conf/distro/include/yocto-uninative.inc  |  10 +-
 .../recipes-core/meta/cve-update-db-native.bb |   2 +-
 .../binutils/binutils-2.44.inc                |   1 +
 .../0001-Improve-lseek-handling-2564.patch    | 319 ++++++++++++++++++
 .../libarchive/libarchive/CVE-2025-5916.patch | 111 ++++++
 .../libarchive/libarchive/CVE-2025-5917.patch |  49 +++
 .../libarchive/CVE-2025-5918-01.patch         | 217 ++++++++++++
 .../libarchive/CVE-2025-5918-02.patch         |  51 +++
 .../libarchive/libarchive_3.7.9.bb            |   5 +
 ...ols_1.24.12.bb => gst-devtools_1.24.13.bb} |   2 +-
 ...24.12.bb => gstreamer1.0-libav_1.24.13.bb} |   2 +-
 ...bb => gstreamer1.0-plugins-bad_1.24.13.bb} |   2 +-
 ...b => gstreamer1.0-plugins-base_1.24.13.bb} |   2 +-
 ...b => gstreamer1.0-plugins-good_1.24.13.bb} |   2 +-
 ...b => gstreamer1.0-plugins-ugly_1.24.13.bb} |   2 +-
 ...4.12.bb => gstreamer1.0-python_1.24.13.bb} |   2 +-
 ...bb => gstreamer1.0-rtsp-server_1.24.13.bb} |   2 +-
 ...24.12.bb => gstreamer1.0-vaapi_1.24.13.bb} |   2 +-
 ...1.0_1.24.12.bb => gstreamer1.0_1.24.13.bb} |   2 +-
 meta/recipes-support/gnutls/gnutls_3.8.10.bb  |   3 +
 ...src-Makefile-improve-reproducibility.patch |  10 +-
 .../vim/files/disable_acl_header_check.patch  |  12 +-
 .../vim/files/no-path-adjust.patch            |   2 +-
 meta/recipes-support/vim/vim.inc              |   7 +-
 24 files changed, 788 insertions(+), 31 deletions(-)
 create mode 100644 meta/recipes-extended/libarchive/libarchive/0001-Improve-lseek-handling-2564.patch
 create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-5916.patch
 create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-5917.patch
 create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-5918-01.patch
 create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-5918-02.patch
 rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.24.12.bb => gst-devtools_1.24.13.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.24.12.bb => gstreamer1.0-libav_1.24.13.bb} (91%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.24.12.bb => gstreamer1.0-plugins-bad_1.24.13.bb} (98%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.24.12.bb => gstreamer1.0-plugins-base_1.24.13.bb} (98%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.24.12.bb => gstreamer1.0-plugins-good_1.24.13.bb} (97%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.24.12.bb => gstreamer1.0-plugins-ugly_1.24.13.bb} (94%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.24.12.bb => gstreamer1.0-python_1.24.13.bb} (91%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.24.12.bb => gstreamer1.0-rtsp-server_1.24.13.bb} (90%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.24.12.bb => gstreamer1.0-vaapi_1.24.13.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.24.12.bb => gstreamer1.0_1.24.13.bb} (97%)

[walnascar,00/19] Patch review

Pull-request

Message