mbox

[scarthgap,0/8] Patch review

Message ID cover.1761596406.git.steve@sakoman.com
State Not Applicable, archived
Delegated to: Steve Sakoman
Headers show

Pull-request

https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut

Message

Steve Sakoman Oct. 28, 2025, 1:46 p.m. UTC 
Please review this set of changes for scarthgap and have comments back by
end of day Thursday, October 30

Passed a-full on the autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2645

with the exception of the meta-aws test, which failed due to a meta-aws commit
changing the distro from poky-agl to agl
The following changes since commit 649147913e89cd8f7390cb17cd0be94c9710ffa6:

  oeqa/runtime/ping: don't bother trying to ping localhost (2025-10-17 07:47:32 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Anders Heimer (1):
  libpam: mark CVE-2025-6018 as not applicable

Daniel Semkowicz (1):
  gstreamer1.0-plugins-bad: fix buffer allocation fail for v4l2codecs

Martin Jansa (1):
  flex: fix build with gcc-15 on host

Matthias Schiffer (1):
  curl: only set CA bundle in target build

Peter Marko (1):
  expat: patch CVE-2025-59375

Rasmus Villemoes (1):
  iptables: remove /etc/ethertypes

Soumya Sambu (2):
  elfutils: Fix CVE-2025-1376
  elfutils: Fix CVE-2025-1377

 .../expat/expat/CVE-2025-59375-00.patch       |  52 ++
 .../expat/expat/CVE-2025-59375-01.patch       |  48 ++
 .../expat/expat/CVE-2025-59375-02.patch       | 109 ++++
 .../expat/expat/CVE-2025-59375-03.patch       | 127 ++++
 .../expat/expat/CVE-2025-59375-04.patch       |  62 ++
 .../expat/expat/CVE-2025-59375-05.patch       |  64 ++
 .../expat/expat/CVE-2025-59375-06.patch       |  68 +++
 .../expat/expat/CVE-2025-59375-07.patch       |  52 ++
 .../expat/expat/CVE-2025-59375-08.patch       | 577 ++++++++++++++++++
 .../expat/expat/CVE-2025-59375-09.patch       |  43 ++
 .../expat/expat/CVE-2025-59375-10.patch       |  54 ++
 .../expat/expat/CVE-2025-59375-11.patch       |  66 ++
 .../expat/expat/CVE-2025-59375-12.patch       |  58 ++
 .../expat/expat/CVE-2025-59375-13.patch       | 309 ++++++++++
 .../expat/expat/CVE-2025-59375-14.patch       | 122 ++++
 .../expat/expat/CVE-2025-59375-15.patch       |  70 +++
 .../expat/expat/CVE-2025-59375-16.patch       | 146 +++++
 .../expat/expat/CVE-2025-59375-17.patch       |  28 +
 .../expat/expat/CVE-2025-59375-18.patch       |  74 +++
 .../expat/expat/CVE-2025-59375-19.patch       | 103 ++++
 .../expat/expat/CVE-2025-59375-20.patch       | 285 +++++++++
 .../expat/expat/CVE-2025-59375-21.patch       | 196 ++++++
 .../expat/expat/CVE-2025-59375-22.patch       |  37 ++
 .../expat/expat/CVE-2025-59375-23.patch       |  47 ++
 .../expat/expat/CVE-2025-59375-24.patch       |  36 ++
 meta/recipes-core/expat/expat_2.6.4.bb        |  25 +
 .../elfutils/elfutils_0.191.bb                |   2 +
 .../elfutils/files/CVE-2025-1376.patch        |  58 ++
 .../elfutils/files/CVE-2025-1377.patch        |  69 +++
 ...01-Match-malloc-signature-to-its-use.patch |  25 +
 meta/recipes-devtools/flex/flex_2.6.4.bb      |   1 +
 .../iptables/iptables_1.8.10.bb               |   2 +
 meta/recipes-extended/pam/libpam_1.5.3.bb     |   2 +
 ...s-chain-up-to-parent-decide_allocati.patch |  87 +++
 .../gstreamer1.0-plugins-bad_1.22.12.bb       |   1 +
 meta/recipes-support/curl/curl_8.7.1.bb       |   4 +-
 36 files changed, 3108 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-00.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-01.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-02.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-03.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-04.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-05.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-06.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-07.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-08.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-09.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-10.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-11.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-12.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-13.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-14.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-15.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-16.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-17.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-18.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-19.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-20.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-21.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-22.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-23.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2025-59375-24.patch
 create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2025-1376.patch
 create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2025-1377.patch
 create mode 100644 meta/recipes-devtools/flex/flex/0001-Match-malloc-signature-to-its-use.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad/0005-v4l2codecs-Always-chain-up-to-parent-decide_allocati.patch