[OE-core][whinlatter 00/22] Patch review

Yoann Congal via lists.openembedded.org Fri, 30 Jan 2026 23:57:02 -0800

Please review this set of changes for whinlatter and have comments back by
end of day Tuesday, February 3.


Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/3151

The following changes since commit fa31089d48cac2aa11279e932a77f4dbdc02c02d:

  libarchive: upgrade 3.8.4 -> 3.8.5 (2026-01-26 08:44:38 +0000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/whinlatter-nut
  
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/whinlatter-nut

Hemanth Kumar M D (1):
  binutils: Upgrade to 2.45.1 release

Hugo SIMELIERE (1):
  libtasn1: Fix CVE-2025-13151

Jiaying Song (1):
  grub: fix CVE-2025-54770 CVE-2025-61661 CVE-2025-61662 CVE-2025-61663
    CVE-2025-61664

João Marcos Costa (1):
  mesa: fix build error with llvmpipe gallium driver

Ken Kurematsu (1):
  libtheora: set CVE_PRODUCT

Khai Dang (1):
  docbook-xml-dtd4: fix the fetching failure

Mark Hatle (1):
  dpkg: Fix ADMINDIR

Mathieu Dubois-Briand (2):
  oeqa/gitarchive: Fix git push URL parameter
  oeqa/gitarchive: Push tag before copying log files

Peter Marko (11):
  go: upgrade 1.25.5 -> 1.25.6
  zlib: ignore CVE-2026-22184
  python3-urllib3: patch CVE-2026-21441
  glibc: stable 2.42 branch updates
  expat: patch CVE-2026-24515
  dropbear: patch CVE-2025-14282
  libpng: upgrade 1.6.53 -> 1.6.54
  glib-2.0: patch CVE-2026-0988
  libxml2: patch CVE-2026-0989
  libxml2: patch CVE-2026-0990
  openssl: upgrade 3.5.4 -> 3.5.5

Richard Purdie (2):
  scripts/oe-git-archive: Ensure new push parameter is specified
  pseudo: Update to 1.9.3 release

 meta/lib/oe/package_manager/deb/__init__.py   |    4 +
 .../oeqa/selftest/cases/gitarchivetests.py    |    4 +-
 meta/lib/oeqa/utils/gitarchive.py             |    8 +-
 .../grub/files/CVE-2025-54770.patch           |   41 +
 .../grub/files/CVE-2025-61661.patch           |   40 +
 .../grub/files/CVE-2025-61662.patch           |   72 +
 .../grub/files/CVE-2025-61663_61664.patch     |   64 +
 meta/recipes-bsp/grub/grub2.inc               |    4 +
 ...ke-history-reporting-when-test-fails.patch |   23 +-
 .../0001-extend-check_cwm-test-timeout.patch  |    2 +-
 .../{openssl_3.5.4.bb => openssl_3.5.5.bb}    |    2 +-
 .../dropbear/dropbear/CVE-2025-14282-01.patch |  280 +++
 .../dropbear/dropbear/CVE-2025-14282-02.patch |   97 +
 .../dropbear/dropbear/CVE-2025-14282-03.patch |  282 +++
 .../dropbear/dropbear/CVE-2025-14282-04.patch |   72 +
 .../dropbear/dropbear/CVE-2025-14282-05.patch |   46 +
 .../recipes-core/dropbear/dropbear_2025.88.bb |    5 +
 .../expat/expat/CVE-2026-24515-01.patch       |   43 +
 .../expat/expat/CVE-2026-24515-02.patch       |  117 ++
 meta/recipes-core/expat/expat_2.7.3.bb        |    2 +
 .../glib-2.0/files/CVE-2026-0988.patch        |   58 +
 meta/recipes-core/glib-2.0/glib.inc           |    1 +
 meta/recipes-core/glibc/glibc-version.inc     |    2 +-
 meta/recipes-core/glibc/glibc_2.42.bb         |    2 +-
 .../libxml/libxml2/CVE-2026-0989.patch        |  309 +++
 .../libxml/libxml2/CVE-2026-0990.patch        |   76 +
 meta/recipes-core/libxml/libxml2_2.14.6.bb    |    2 +
 meta/recipes-core/zlib/zlib_1.3.1.bb          |    2 +
 .../binutils/binutils-2.45.inc                |    6 +-
 ...-system-directories-when-cross-linki.patch |   38 +-
 .../binutils/0008-Use-libtool-2.4.patch       | 1827 ++++++++---------
 .../docbook-xml/docbook-xml-dtd4_4.5.bb       |   10 +-
 ...-dirs.c-set_rootfs-was-not-checking-.patch |   46 +
 meta/recipes-devtools/dpkg/dpkg_1.22.21.bb    |    1 +
 .../go/{go-1.25.5.inc => go-1.25.6.inc}       |    2 +-
 ...e_1.25.5.bb => go-binary-native_1.25.6.bb} |    6 +-
 ..._1.25.5.bb => go-cross-canadian_1.25.6.bb} |    0
 ...{go-cross_1.25.5.bb => go-cross_1.25.6.bb} |    0
 ...osssdk_1.25.5.bb => go-crosssdk_1.25.6.bb} |    0
 ...runtime_1.25.5.bb => go-runtime_1.25.6.bb} |    0
 ...ent-based-hash-generation-less-pedan.patch |    8 +-
 ...ng-cgo-on-386-call-C-sigaction-funct.patch |    4 +-
 ...d-go-make-GOROOT-precious-by-default.patch |    2 +-
 .../go/{go_1.25.5.bb => go_1.25.6.bb}         |    0
 meta/recipes-devtools/pseudo/pseudo_git.bb    |    4 +-
 .../python3-urllib3/CVE-2026-21441.patch      |  111 +
 .../python/python3-urllib3_2.5.0.bb           |    1 +
 .../files/0001-gallivm-support-LLVM-21.patch  |   56 +
 meta/recipes-graphics/mesa/mesa.inc           |    1 +
 .../{libpng_1.6.53.bb => libpng_1.6.54.bb}    |    4 +-
 .../libtheora/libtheora_1.2.0.bb              |    2 +
 .../gnutls/libtasn1/CVE-2025-13151.patch      |   30 +
 .../recipes-support/gnutls/libtasn1_4.20.0.bb |    1 +
 scripts/lib/resulttool/store.py               |    9 +-
 scripts/oe-git-archive                        |    2 +-
 55 files changed, 2752 insertions(+), 1079 deletions(-)
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-54770.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-61661.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-61662.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-61663_61664.patch
 rename meta/recipes-connectivity/openssl/{openssl_3.5.4.bb => 
openssl_3.5.5.bb} (99%)
 create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2025-14282-01.patch
 create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2025-14282-02.patch
 create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2025-14282-03.patch
 create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2025-14282-04.patch
 create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2025-14282-05.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-24515-01.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2026-24515-02.patch
 create mode 100644 meta/recipes-core/glib-2.0/files/CVE-2026-0988.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2026-0989.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2026-0990.patch
 create mode 100644 
meta/recipes-devtools/dpkg/dpkg/0001-lib-dpkg-options-dirs.c-set_rootfs-was-not-checking-.patch
 rename meta/recipes-devtools/go/{go-1.25.5.inc => go-1.25.6.inc} (91%)
 rename meta/recipes-devtools/go/{go-binary-native_1.25.5.bb => 
go-binary-native_1.25.6.bb} (79%)
 rename meta/recipes-devtools/go/{go-cross-canadian_1.25.5.bb => 
go-cross-canadian_1.25.6.bb} (100%)
 rename meta/recipes-devtools/go/{go-cross_1.25.5.bb => go-cross_1.25.6.bb} 
(100%)
 rename meta/recipes-devtools/go/{go-crosssdk_1.25.5.bb => 
go-crosssdk_1.25.6.bb} (100%)
 rename meta/recipes-devtools/go/{go-runtime_1.25.5.bb => go-runtime_1.25.6.bb} 
(100%)
 rename meta/recipes-devtools/go/{go_1.25.5.bb => go_1.25.6.bb} (100%)
 create mode 100644 
meta/recipes-devtools/python/python3-urllib3/CVE-2026-21441.patch
 create mode 100644 
meta/recipes-graphics/mesa/files/0001-gallivm-support-LLVM-21.patch
 rename meta/recipes-multimedia/libpng/{libpng_1.6.53.bb => libpng_1.6.54.bb} 
(94%)
 create mode 100644 meta/recipes-support/gnutls/libtasn1/CVE-2025-13151.patch

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#230205): 
https://lists.openembedded.org/g/openembedded-core/message/230205
Mute This Topic: https://lists.openembedded.org/mt/117558510/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][whinlatter 00/22] Patch review

Reply via email to