Please review this set of changes for whinlatter and have comments back by end of day Friday, January 9.
Note that this series contains the revert of 2 commits (merged on whinlatter before they were on master) Passed a-full on autobuilder(*): https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/3002 The following changes since commit 6c4c6d39ea3202d756acc13f8ce81b114a468541: cups: upgrade from 2.4.14 to 2.4.15 (2025-12-29 09:49:31 -0800) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/whinlatter-nut https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/whinlatter-nut Alexander Kanavin (1): glib-2.0: upgrade 2.86.1 -> 2.86.3 Peter Marko (8): dropbear: patch CVE-2019-6111 sqlite3: mark CVE-2025-29087 as patched python3-urllib3: patch CVE-2025-66418 python3-urllib3: patch CVE-2025-66471 python3: upgrade 3.13.9 -> 3.13.11 libarchive: upgrade 3.8.3 -> 3.8.4 libpng: upgrade 1.6.51 -> 1.6.52 libpcap: upgrade 1.10.5 -> 1.10.6 Yoann Congal (2): Revert "populate_sdk_ext: keep SDK_TARGETS so SPDX/SBOM tasks remain in locked sigs" Revert "create-spdx-image-3.0: Image SPDX/SBOM tasks are retained for eSDK installation" .../create-spdx-image-3.0.bbclass | 2 +- meta/classes-recipe/populate_sdk_ext.bbclass | 9 - .../{libpcap_1.10.5.bb => libpcap_1.10.6.bb} | 2 +- .../dropbear/dropbear/CVE-2019-6111.patch | 157 +++ .../recipes-core/dropbear/dropbear_2025.88.bb | 1 + ...t-write-bindir-into-pkg-config-files.patch | 10 +- ...0001-Fix-DATADIRNAME-on-uclibc-Linux.patch | 2 +- ...-gio-querymodules-as-libexec_PROGRAM.patch | 6 +- ...ng-about-deprecated-paths-in-schemas.patch | 2 +- ...ces.c-comment-out-a-build-host-only-.patch | 2 +- ...on-Run-atomics-test-on-clang-as-well.patch | 6 +- ...ot-enable-pidfd-features-on-native-g.patch | 6 +- ...dcode-python-path-into-various-tools.patch | 2 +- .../glib-2.0/files/relocate-modules.patch | 8 +- .../glib-2.0/files/skip-timeout.patch | 2 +- ...l_2.86.1.bb => glib-2.0-initial_2.86.3.bb} | 0 ...{glib-2.0_2.86.1.bb => glib-2.0_2.86.3.bb} | 0 meta/recipes-core/glib-2.0/glib.inc | 2 +- .../python3-urllib3/CVE-2025-66418.patch | 74 ++ .../python3-urllib3/CVE-2025-66471.patch | 930 ++++++++++++++++++ .../python/python3-urllib3_2.5.0.bb | 5 + .../{python3_3.13.9.bb => python3_3.13.11.bb} | 2 +- ...ibarchive_3.8.3.bb => libarchive_3.8.4.bb} | 2 +- .../{libpng_1.6.51.bb => libpng_1.6.52.bb} | 2 +- .../sqlite/files/CVE-2025-3277.patch | 1 + 25 files changed, 1197 insertions(+), 38 deletions(-) rename meta/recipes-connectivity/libpcap/{libpcap_1.10.5.bb => libpcap_1.10.6.bb} (95%) create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2019-6111.patch rename meta/recipes-core/glib-2.0/{glib-2.0-initial_2.86.1.bb => glib-2.0-initial_2.86.3.bb} (100%) rename meta/recipes-core/glib-2.0/{glib-2.0_2.86.1.bb => glib-2.0_2.86.3.bb} (100%) create mode 100644 meta/recipes-devtools/python/python3-urllib3/CVE-2025-66418.patch create mode 100644 meta/recipes-devtools/python/python3-urllib3/CVE-2025-66471.patch rename meta/recipes-devtools/python/{python3_3.13.9.bb => python3_3.13.11.bb} (99%) rename meta/recipes-extended/libarchive/{libarchive_3.8.3.bb => libarchive_3.8.4.bb} (96%) rename meta/recipes-multimedia/libpng/{libpng_1.6.51.bb => libpng_1.6.52.bb} (97%)
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#228947): https://lists.openembedded.org/g/openembedded-core/message/228947 Mute This Topic: https://lists.openembedded.org/mt/117130975/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
