Please review this set of changes for kirkstone and have comments back by end of day Thursday, February 20
Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1038 The following changes since commit 5a794fd244f7fdeb426bd5e3def6b4effc0e8c62: build-appliance-image: Update to kirkstone head revision (2025-02-15 06:06:50 -0800) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut Aleksandar Nikolic (1): scripts/install-buildtools: Update to 4.0.24 Archana Polampalli (5): gnutls: fix CVE-2024-12243 ffmpeg: CVE-2025-0518 ffmpeg: fix CVE-2024-36613 ffmpeg: fix CVE-2024-36616 ffmpeg: fix CVE-2024-36617 Divya Chellam (1): ruby: fix CVE-2024-41946 Mingli Yu (1): procps: replaced one use of fputs(3) with a write(2) call Peter Marko (2): subversion: ignore CVE-2024-45720 libpcre2: ignore CVE-2022-1586 Richard Purdie (1): scritps/runqemu: Ensure we only have two serial ports Vijay Anusuri (1): libxml2: Fix for CVE-2022-49043 .../libxml/libxml2/CVE-2022-49043.patch | 38 + meta/recipes-core/libxml/libxml2_2.9.14.bb | 1 + .../ruby/ruby/CVE-2024-41946.patch | 117 ++ meta/recipes-devtools/ruby/ruby_3.1.3.bb | 1 + .../subversion/subversion_1.14.2.bb | 3 + ...x-for-the-bye_bye-function-merge-127.patch | 58 + ...e-use-of-fputs-3-with-a-write-2-call.patch | 50 + meta/recipes-extended/procps/procps_3.3.17.bb | 2 + .../ffmpeg/ffmpeg/CVE-2024-36613.patch | 38 + .../ffmpeg/ffmpeg/CVE-2024-36616.patch | 37 + .../ffmpeg/ffmpeg/CVE-2024-36617.patch | 38 + .../ffmpeg/ffmpeg/CVE-2025-0518.patch | 34 + .../recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb | 4 + .../gnutls/gnutls/CVE-2024-12243.patch | 1160 +++++++++++++++++ meta/recipes-support/gnutls/gnutls_3.7.4.bb | 1 + .../recipes-support/libpcre/libpcre2_10.40.bb | 4 + scripts/install-buildtools | 4 +- scripts/runqemu | 17 +- 18 files changed, 1601 insertions(+), 6 deletions(-) create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2022-49043.patch create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-41946.patch create mode 100644 meta/recipes-extended/procps/procps/0001-top-fix-a-fix-for-the-bye_bye-function-merge-127.patch create mode 100644 meta/recipes-extended/procps/procps/0001-top-replaced-one-use-of-fputs-3-with-a-write-2-call.patch create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36613.patch create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36616.patch create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36617.patch create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-0518.patch create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2024-12243.patch -- 2.43.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#211639): https://lists.openembedded.org/g/openembedded-core/message/211639 Mute This Topic: https://lists.openembedded.org/mt/111258765/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
