[kirkstone,00/10] Patch review

Message ID	cover.1764688053.git.steve@sakoman.com
State	Not Applicable, archived
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.210.176, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 00/10] Patch review Date: Tue, 2 Dec 2025 07:09:23 -0800 Message-ID: <cover.1764688053.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit

Message ID

cover.1764688053.git.steve@sakoman.com

State

Not Applicable, archived

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/10] Patch review
Date: Tue,  2 Dec 2025 07:09:23 -0800
Message-ID: <cover.1764688053.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Message

Steve Sakoman Dec. 2, 2025, 3:09 p.m. UTC

Please review this set of changes for kirkstone and have comments back by
end of day Thursday, December 4

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2808

The following changes since commit ceef3cde9b761b7b5de6f7b6b1fb8e99663af9ca:

  flac: patch seeking bug (2025-11-24 07:34:36 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Archana Polampalli (4):
  go: fix CVE-2025-58187
  go: fix CVE-2025-58189
  go: fix CVE-2025-61723
  go: fix CVE-2025-61724

Gyorgy Sarvari (1):
  systemd-bootchart: update SRC_URI branch

Peter Marko (5):
  gnutls: patch CVE-2025-9820
  libpng: patch CVE-2025-64505
  libpng: patch CVE-2025-64506
  libpng: patch CVE-2025-64720
  libpng: patch CVE-2025-65018

 meta/recipes-devtools/go/go-1.17.13.inc       |   4 +
 .../go/go-1.18/CVE-2025-58187.patch           | 349 ++++++++++++++++++
 .../go/go-1.18/CVE-2025-58189.patch           |  51 +++
 .../go/go-1.18/CVE-2025-61723.patch           | 221 +++++++++++
 .../go/go-1.18/CVE-2025-61724.patch           |  74 ++++
 .../systemd-bootchart_234.bb                  |   2 +-
 .../libpng/files/CVE-2025-64505-01.patch      | 111 ++++++
 .../libpng/files/CVE-2025-64505-02.patch      | 163 ++++++++
 .../libpng/files/CVE-2025-64505-03.patch      |  52 +++
 .../libpng/files/CVE-2025-64506.patch         |  57 +++
 .../libpng/files/CVE-2025-64720.patch         | 103 ++++++
 .../libpng/files/CVE-2025-65018-01.patch      |  60 +++
 .../libpng/files/CVE-2025-65018-02.patch      | 163 ++++++++
 .../libpng/libpng_1.6.39.bb                   |   7 +
 .../gnutls/gnutls/CVE-2025-9820.patch         | 250 +++++++++++++
 meta/recipes-support/gnutls/gnutls_3.7.4.bb   |   1 +
 16 files changed, 1667 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2025-58187.patch
 create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2025-58189.patch
 create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2025-61723.patch
 create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2025-61724.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2025-64505-01.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2025-64505-02.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2025-64505-03.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2025-64506.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2025-64720.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2025-65018-01.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2025-65018-02.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-9820.patch

[kirkstone,00/10] Patch review

Pull-request

Message