Those are the patches from the last patch review: https://lore.kernel.org/openembedded-core/[email protected]/ ... with the v2 of "python3-urllib3: patch CVE-2025-66418".
Note: this PR has patchs related to the whinlatter PR: https://lore.kernel.org/openembedded-core/[email protected]/ And the scarthgap PR: https://lore.kernel.org/openembedded-core/[email protected]/ Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/3114 via https://git.yoctoproject.org/poky-contrib/commit/?h=stable/kirkstone-nut&id=323236258711d8f3110c5a3ab1f001f3251d0e03 The following changes since commit 0057fc49725db8637656fac10631d8f89799bad3: go: Fix CVE-2025-61729 (2025-12-29 08:48:27 -0800) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-next https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next for you to fetch changes up to 1ce772b2fd97d2e8364a602fdd313355f2df967e: oeqa: Use 2.14 release of cpio instead of 2.13 (2026-01-20 15:39:51 +0100) ---------------------------------------------------------------- Hitendra Prajapati (1): python3: fix CVE-2025-13836 Khem Raj (1): oeqa: Use 2.14 release of cpio instead of 2.13 Paul Barker (1): pseudo: Add hard sstate dependencies for pseudo-native Peter Marko (17): util-linux: patch CVE-2025-14104 glib-2.0: patch CVE-2025-13601 glib-2.0: patch CVE-2025-14087 glib-2.0: patch CVE-2025-14512 qemu: ignore CVE-2025-54566 and CVE-2025-54567 cups: patch CVE-2025-58436 cups: patch CVE-2025-61915 cups: allow unknown directives in conf files dropbear: patch CVE-2019-6111 python3-urllib3: patch CVE-2025-66418 libpcap: patch CVE-2025-11961 libpcap: patch CVE-2025-11964 libarchive: fix CVE-2025-60753 regression curl: patch CVE-2025-14017 curl: patch CVE-2025-15079 curl: patch CVE-2025-15224 gnupg: patch CVE-2025-68973 Richard Purdie (4): pseudo: Upgrade to version 1.9.1 pseudo: Update to pull in memleak fix pseudo: Update to pull in openat2 and efault return code changes pseudo: Update to pull in 'makewrappers: Fix EFAULT implementation' Robert Yang (1): pseudo: 1.9.0 -> 1.9.2 Vijay Anusuri (1): binutils: Fix CVE-2025-1181 meta/lib/oeqa/runtime/cases/buildcpio.py | 2 +- meta/lib/oeqa/sdk/cases/buildcpio.py | 4 +- meta/lib/oeqa/selftest/cases/meta_ide.py | 2 +- .../libpcap/libpcap/CVE-2025-11961-01.patch | 38 ++ .../libpcap/libpcap/CVE-2025-11961-02.patch | 433 ++++++++++++ .../libpcap/libpcap/CVE-2025-11964.patch | 33 + .../libpcap/libpcap_1.10.1.bb | 3 + meta/recipes-core/dropbear/dropbear.inc | 1 + .../dropbear/dropbear/CVE-2019-6111.patch | 157 +++++ .../glib-2.0/glib-2.0/CVE-2025-13601-01.patch | 125 ++++ .../glib-2.0/glib-2.0/CVE-2025-13601-02.patch | 128 ++++ .../glib-2.0/glib-2.0/CVE-2025-14087-01.patch | 69 ++ .../glib-2.0/glib-2.0/CVE-2025-14087-02.patch | 240 +++++++ .../glib-2.0/glib-2.0/CVE-2025-14087-03.patch | 150 +++++ .../glib-2.0/glib-2.0/CVE-2025-14512.patch | 70 ++ meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb | 6 + meta/recipes-core/util-linux/util-linux.inc | 2 + .../util-linux/CVE-2025-14104-01.patch | 33 + .../util-linux/CVE-2025-14104-02.patch | 28 + .../binutils/binutils-2.38.inc | 2 + .../binutils/binutils/CVE-2025-1181-pre.patch | 149 +++++ .../binutils/binutils/CVE-2025-1181.patch | 342 ++++++++++ .../0001-configure-Prune-PIE-flags.patch | 44 -- .../pseudo/files/glibc238.patch | 65 -- .../pseudo/files/older-glibc-symbols.patch | 4 +- meta/recipes-devtools/pseudo/pseudo.inc | 7 + meta/recipes-devtools/pseudo/pseudo_git.bb | 6 +- .../python3-urllib3/CVE-2025-66418.patch | 74 ++ .../python/python3-urllib3_1.26.20.bb | 1 + .../python/python3/CVE-2025-13836.patch | 163 +++++ .../python/python3_3.10.19.bb | 1 + meta/recipes-devtools/qemu/qemu.inc | 3 + meta/recipes-extended/cups/cups.inc | 3 + ...pping-scheduler-on-unknown-directive.patch | 43 ++ .../cups/cups/CVE-2025-58436.patch | 630 ++++++++++++++++++ .../cups/cups/CVE-2025-61915.patch | 487 ++++++++++++++ ...25-60753.patch => CVE-2025-60753-01.patch} | 0 .../libarchive/CVE-2025-60753-02.patch | 46 ++ .../libarchive/libarchive_3.6.2.bb | 3 +- .../curl/curl/CVE-2025-14017.patch | 115 ++++ .../curl/curl/CVE-2025-15079.patch | 32 + .../curl/curl/CVE-2025-15224.patch | 31 + meta/recipes-support/curl/curl_7.82.0.bb | 3 + .../gnupg/gnupg/CVE-2025-68973.patch | 108 +++ meta/recipes-support/gnupg/gnupg_2.3.7.bb | 1 + 45 files changed, 3767 insertions(+), 120 deletions(-) create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-01.patch create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-02.patch create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2019-6111.patch create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-13601-01.patch create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-13601-02.patch create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-01.patch create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-02.patch create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-03.patch create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14512.patch create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2025-14104-01.patch create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2025-14104-02.patch create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-1181-pre.patch create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-1181.patch delete mode 100644 meta/recipes-devtools/pseudo/files/0001-configure-Prune-PIE-flags.patch delete mode 100644 meta/recipes-devtools/pseudo/files/glibc238.patch create mode 100644 meta/recipes-devtools/python/python3-urllib3/CVE-2025-66418.patch create mode 100644 meta/recipes-devtools/python/python3/CVE-2025-13836.patch create mode 100644 meta/recipes-extended/cups/cups/0001-conf.c-Fix-stopping-scheduler-on-unknown-directive.patch create mode 100644 meta/recipes-extended/cups/cups/CVE-2025-58436.patch create mode 100644 meta/recipes-extended/cups/cups/CVE-2025-61915.patch rename meta/recipes-extended/libarchive/libarchive/{CVE-2025-60753.patch => CVE-2025-60753-01.patch} (100%) create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-60753-02.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2025-14017.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2025-15079.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2025-15224.patch create mode 100644 meta/recipes-support/gnupg/gnupg/CVE-2025-68973.patch
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#229896): https://lists.openembedded.org/g/openembedded-core/message/229896 Mute This Topic: https://lists.openembedded.org/mt/117420841/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
