Based on reviews and discussions, here is the updated state of the patch
review request:
* Updated "python3-cryptography: Fix CVE-2026-26007" to v2
* Re-added "gnutls: Fix CVE-2025-14831" v2
* This one is quite big but its equivalent has already merged in
whinlatter
* Removed the series for glibc 2.43 support
Given the change and the release build due this week, I don't plan to
extend the review deadline (end of day today).
Ping me if you need more time.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/3558
Got some failures caused by disk space on stream9-vk-1 worker.
Successfully rebuilt:
* https://autobuilder.yoctoproject.org/valkyrie/#/builders/19/builds/3498
* https://autobuilder.yoctoproject.org/valkyrie/#/builders/48/builds/3444
* https://autobuilder.yoctoproject.org/valkyrie/#/builders/25/builds/3502
The following changes since commit 41597b5260fb5ca811d0fb4ae7e65246d61734eb:
Revert "scripts/install-buildtools: Update to 5.0.16" (2026-03-26 09:48:20
+0000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut
for you to fetch changes up to d0e844108702e553950cab60d51f1cc4cfeed993:
gnutls: Fix CVE-2025-14831 (2026-03-30 16:36:58 +0200)
----------------------------------------------------------------
João Marcos Costa (Schneider Electric) (1):
spdx: add option to include only compiled sources
Nguyen Dat Tho (1):
python3-cryptography: Fix CVE-2026-26007
Paul Barker (1):
tzdata,tzcode-native: Upgrade 2025b -> 2025c
Vijay Anusuri (3):
python3-pyopenssl: Fix CVE-2026-27448
python3-pyopenssl: Fix CVE-2026-27459
gnutls: Fix CVE-2025-14831
meta/classes/spdx-common.bbclass | 3 +
meta/lib/oe/spdx30_tasks.py | 12 +
.../python3-cryptography/CVE-2026-26007.patch | 149 ++++++
.../python/python3-cryptography_42.0.5.bb | 1 +
.../python3-pyopenssl/CVE-2026-27448.patch | 124 +++++
.../python3-pyopenssl/CVE-2026-27459.patch | 109 ++++
.../python/python3-pyopenssl_24.0.0.bb | 5 +
meta/recipes-extended/timezone/timezone.inc | 6 +-
.../gnutls/gnutls/CVE-2025-14831-1.patch | 61 +++
.../gnutls/gnutls/CVE-2025-14831-2.patch | 30 ++
.../gnutls/gnutls/CVE-2025-14831-3.patch | 45 ++
.../gnutls/gnutls/CVE-2025-14831-4.patch | 200 +++++++
.../gnutls/gnutls/CVE-2025-14831-5.patch | 500 ++++++++++++++++++
.../gnutls/gnutls/CVE-2025-14831-6.patch | 119 +++++
.../gnutls/gnutls/CVE-2025-14831-7.patch | 150 ++++++
.../gnutls/gnutls/CVE-2025-14831-8.patch | 105 ++++
.../gnutls/gnutls/CVE-2025-14831-9.patch | 421 +++++++++++++++
meta/recipes-support/gnutls/gnutls_3.8.4.bb | 9 +
18 files changed, 2046 insertions(+), 3 deletions(-)
create mode 100644
meta/recipes-devtools/python/python3-cryptography/CVE-2026-26007.patch
create mode 100644
meta/recipes-devtools/python/python3-pyopenssl/CVE-2026-27448.patch
create mode 100644
meta/recipes-devtools/python/python3-pyopenssl/CVE-2026-27459.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-14831-1.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-14831-2.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-14831-3.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-14831-4.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-14831-5.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-14831-6.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-14831-7.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-14831-8.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-14831-9.patch
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#234262):
https://lists.openembedded.org/g/openembedded-core/message/234262
Mute This Topic: https://lists.openembedded.org/mt/118592685/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
