mbox

[wrynose,00/17] Pull request (cover letter only)

Message ID cover.1784282125.git.yoann.congal@smile.fr
State Not Applicable, archived
Headers show

Pull-request

https://git.openembedded.org/openembedded-core-contrib stable/wrynose-next

Message

Yoann Congal July 17, 2026, 9:59 a.m. UTC
Those are the patches from the last patch review:
https://lore.kernel.org/all/cover.1783697455.git.yoann.congal@smile.fr/
Removed "util-linux: upgrade 2.41.3 -> 2.41.5" per Paul's review.

Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/4214

The following changes since commit c2746a4a165fd99c2d1aafed17533555787f37ce:

  clang/llvm: Upgrade to 22.1.8 release (2026-07-09 16:58:55 +0100)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/wrynose-next
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/wrynose-next

for you to fetch changes up to 6f5681afb324aed2cba4e5b819ffc878f74a2bac:

  gnutls: fix CVE-2026-33846 (2026-07-16 20:54:12 +0200)

----------------------------------------------------------------

Amaury Couderc (1):
  expat: fix CVE-2026-41080

Benjamin Robin (Schneider Electric) (3):
  python3: fix CVE-2026-11940
  python3: fix CVE-2026-11972
  glib-2.0: fix CVE-2026-58016

Deepak Rathore (1):
  libcap: Fix CVE-2026-4878

Deepesh Varatharajan (1):
  gdb: Upgrade 17.1 -> 17.2

Eilís 'pidge' Ní Fhlannagáin (1):
  ovmf: fix tpm PACKAGECONFIG to use TPM2_ENABLE

Eric Meyers (1):
  create-spdx-image-3.0: correct SSTATE_SKIP_CREATION key for
    do_create_image_sbom_spdx

Gustavo Henrique Nihei (1):
  opensbi: don't override ELFFLAGS, silence ldflags QA for bare-metal
    ELFs

Hitendra Prajapati (1):
  vim: Fix for CVE-2026-52858,CVE-2026-52859,CVE-2026-52860

Jaipaul Cheernam (1):
  curl: fix CVE-2026-5773 - wrong reuse of SMB connection

Peter Marko (1):
  python3: upgrade 3.14.5 -> 3.14.6

Pritam Srichandan Sahoo (1):
  gnutls: fix CVE-2026-33846

Ross Burton (1):
  xmlto: update SRC_URI

Sudhir Dumbhare (2):
  python3-urllib3: Fix CVE-2026-44431
  socat: upgrade 1.8.1.1 -> 1.8.1.3

Theo Gaige (Schneider Electric) (1):
  expat: patch CVE-2026-45186

 .../create-spdx-image-3.0.bbclass             |   2 +-
 meta/classes-recipe/nospdx.bbclass            |   2 +-
 meta/recipes-bsp/opensbi/opensbi_1.8.1.bb     |   6 +-
 .../{socat_1.8.1.1.bb => socat_1.8.1.3.bb}    |   2 +-
 .../expat/expat/CVE-2026-41080-1.patch        | 517 ++++++++++++++++++
 .../expat/expat/CVE-2026-41080-2.patch        |  33 ++
 .../expat/expat/CVE-2026-45186-01.patch       |  70 +++
 .../expat/expat/CVE-2026-45186-02.patch       | 318 +++++++++++
 .../expat/expat/CVE-2026-45186-03.patch       |  46 ++
 .../expat/expat/CVE-2026-45186-04.patch       |  32 ++
 .../expat/expat/CVE-2026-45186-05.patch       |  32 ++
 .../expat/expat/CVE-2026-45186-06.patch       |  87 +++
 .../expat/expat/CVE-2026-45186-07.patch       |  52 ++
 meta/recipes-core/expat/expat_2.7.5.bb        |   9 +
 .../glib-2.0/files/CVE-2026-58016-1.patch     |  94 ++++
 .../glib-2.0/files/CVE-2026-58016-2.patch     |  98 ++++
 meta/recipes-core/glib-2.0/glib.inc           |   2 +
 meta/recipes-core/ovmf/ovmf_git.bb            |   2 +-
 ...ian_17.1.bb => gdb-cross-canadian_17.2.bb} |   0
 .../{gdb-cross_17.1.bb => gdb-cross_17.2.bb}  |   0
 meta/recipes-devtools/gdb/gdb.inc             |   4 +-
 ...-ser-unix-modernize-Linux-custom-bau.patch | 248 ---------
 ...ux-Fix-build-failure-on-musl-systems.patch | 196 -------
 .../gdb/{gdb_17.1.bb => gdb_17.2.bb}          |   0
 .../python3-urllib3/CVE-2026-44431.patch      | 157 ++++++
 .../python/python3-urllib3_2.6.3.bb           |   3 +
 ...eadingMock-call-count-race-condition.patch |  37 --
 .../python/python3/CVE-2026-11940.patch       |  67 +++
 .../python/python3/CVE-2026-11972.patch       |  61 +++
 .../{python3_3.14.5.bb => python3_3.14.6.bb}  |   9 +-
 meta/recipes-devtools/xmlto/xmlto_0.0.29.bb   |   2 +-
 .../curl/curl/CVE-2026-5773.patch             |  47 ++
 meta/recipes-support/curl/curl_8.19.0.bb      |   1 +
 ...fragments-implement-a-basic-DTLS-tes.patch | 258 +++++++++
 ...merge_handshake_packet-using-recv_bu.patch |  96 ++++
 ...s-add-more-checks-to-DTLS-reassembly.patch |  65 +++
 ...fragments-extend-with-a-1816-reprodu.patch | 159 ++++++
 ...fragments-extend-with-fragmenting-Cl.patch | 149 +++++
 ...ch-DTLS-datagrams-by-sequence-number.patch |  42 ++
 ...fragments-1839-mismatching-message_s.patch | 104 ++++
 ...ts-mini-dtls-framents-link-to-gnulib.patch |  27 +
 meta/recipes-support/gnutls/gnutls_3.8.12.bb  |   8 +
 .../libcap/files/CVE-2026-4878.patch          | 163 ++++++
 meta/recipes-support/libcap/libcap_2.77.bb    |   4 +-
 .../vim/files/CVE-2026-52858.patch            | 167 ++++++
 .../vim/files/CVE-2026-52859.patch            | 274 ++++++++++
 .../vim/files/CVE-2026-52860.patch            | 446 +++++++++++++++
 meta/recipes-support/vim/vim.inc              |   3 +
 48 files changed, 3705 insertions(+), 496 deletions(-)
 rename meta/recipes-connectivity/socat/{socat_1.8.1.1.bb => socat_1.8.1.3.bb} (94%)
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-41080-1.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-41080-2.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-01.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-02.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-03.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-04.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-05.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-06.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-45186-07.patch
 create mode 100644 meta/recipes-core/glib-2.0/files/CVE-2026-58016-1.patch
 create mode 100644 meta/recipes-core/glib-2.0/files/CVE-2026-58016-2.patch
 rename meta/recipes-devtools/gdb/{gdb-cross-canadian_17.1.bb => gdb-cross-canadian_17.2.bb} (100%)
 rename meta/recipes-devtools/gdb/{gdb-cross_17.1.bb => gdb-cross_17.2.bb} (100%)
 delete mode 100644 meta/recipes-devtools/gdb/gdb/0009-PR-gdb-33747-gdb-ser-unix-modernize-Linux-custom-bau.patch
 delete mode 100644 meta/recipes-devtools/gdb/gdb/0010-GDB-aarch64-linux-Fix-build-failure-on-musl-systems.patch
 rename meta/recipes-devtools/gdb/{gdb_17.1.bb => gdb_17.2.bb} (100%)
 create mode 100644 meta/recipes-devtools/python/python3-urllib3/CVE-2026-44431.patch
 delete mode 100644 meta/recipes-devtools/python/python3/0001-Fix-ThreadingMock-call-count-race-condition.patch
 create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-11940.patch
 create mode 100644 meta/recipes-devtools/python/python3/CVE-2026-11972.patch
 rename meta/recipes-devtools/python/{python3_3.14.5.bb => python3_3.14.6.bb} (98%)
 create mode 100644 meta/recipes-support/curl/curl/CVE-2026-5773.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0001-tests-mini-dtls-fragments-implement-a-basic-DTLS-tes.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0002-buffers-shorten-merge_handshake_packet-using-recv_bu.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0003-buffers-add-more-checks-to-DTLS-reassembly.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0004-tests-mini-dtls-fragments-extend-with-a-1816-reprodu.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0005-tests-mini-dtls-fragments-extend-with-fragmenting-Cl.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0006-buffers-match-DTLS-datagrams-by-sequence-number.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0007-tests-mini-dtls-fragments-1839-mismatching-message_s.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0008-tests-mini-dtls-framents-link-to-gnulib.patch
 create mode 100644 meta/recipes-support/libcap/files/CVE-2026-4878.patch
 create mode 100644 meta/recipes-support/vim/files/CVE-2026-52858.patch
 create mode 100644 meta/recipes-support/vim/files/CVE-2026-52859.patch
 create mode 100644 meta/recipes-support/vim/files/CVE-2026-52860.patch