summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--bitbake/lib/bb/tests/fetch.py27
-rw-r--r--bitbake/lib/toaster/tests/builds/buildtest.py2
-rw-r--r--documentation/brief-yoctoprojectqs/index.rst2
-rw-r--r--documentation/ref-manual/variables.rst2
-rw-r--r--meta-poky/conf/templates/default/local.conf.sample5
-rw-r--r--meta/conf/bitbake.conf2
-rw-r--r--meta/lib/oeqa/selftest/cases/sstatetests.py2
-rw-r--r--meta/recipes-core/busybox/busybox.inc1
-rw-r--r--meta/recipes-core/coreutils/coreutils/0001-cksum-port-to-32-bit-uint_fast32_t.patch47
-rw-r--r--meta/recipes-core/coreutils/coreutils/0001-ls-fix-crash-with-context.patch101
-rw-r--r--meta/recipes-core/coreutils/coreutils/intermittent-testfailure.patch30
-rw-r--r--meta/recipes-core/coreutils/coreutils_9.7.bb (renamed from meta/recipes-core/coreutils/coreutils_9.6.bb)5
-rw-r--r--meta/recipes-core/readline/files/inputrc8
-rw-r--r--meta/recipes-core/seatd/seatd_0.9.1.bb8
-rw-r--r--meta/recipes-core/systemd/systemd-boot_257.5.bb3
-rw-r--r--meta/recipes-core/util-linux/util-linux-libuuid_2.41.bb (renamed from meta/recipes-core/util-linux/util-linux-libuuid_2.40.4.bb)0
-rw-r--r--meta/recipes-core/util-linux/util-linux.inc12
-rw-r--r--meta/recipes-core/util-linux/util-linux/0001-cfdisk-add-sector-size-commanand-line-option.patch90
-rw-r--r--meta/recipes-core/util-linux/util-linux/0001-lsfd-mkfds-foreign-sockets-skip-when-lacking-sock_di.patch36
-rw-r--r--meta/recipes-core/util-linux/util-linux/0001-tests-ts-kill-decode-avoid-using-shell-built-in-kill.patch36
-rw-r--r--meta/recipes-core/util-linux/util-linux/0002-sfdisk-add-sector-size-commanand-line-option.patch105
-rw-r--r--meta/recipes-core/util-linux/util-linux/avoid_parallel_tests.patch4
-rw-r--r--meta/recipes-core/util-linux/util-linux/configure-sbindir.patch4
-rw-r--r--meta/recipes-core/util-linux/util-linux/display_testname_for_subtest.patch6
-rw-r--r--meta/recipes-core/util-linux/util-linux/ptest.patch6
-rw-r--r--meta/recipes-core/util-linux/util-linux/run-ptest4
-rw-r--r--meta/recipes-core/util-linux/util-linux_2.41.bb (renamed from meta/recipes-core/util-linux/util-linux_2.40.4.bb)4
-rw-r--r--meta/recipes-devtools/binutils/binutils-2.44.inc1
-rw-r--r--meta/recipes-devtools/binutils/binutils/CVE-2025-1182.patch36
-rw-r--r--meta/recipes-devtools/gcc/gcc-multilib-config.inc2
-rw-r--r--meta/recipes-devtools/gcc/gcc-runtime.inc2
-rw-r--r--meta/recipes-devtools/rust/files/0001-Disable-libunwind-cross-architecture-unwinding.patch46
-rw-r--r--meta/recipes-devtools/rust/rust-source.inc1
-rw-r--r--meta/recipes-extended/diffutils/diffutils_3.12.bb (renamed from meta/recipes-extended/diffutils/diffutils_3.11.bb)3
-rw-r--r--meta/recipes-extended/shadow/shadow_4.17.4.bb (renamed from meta/recipes-extended/shadow/shadow_4.17.3.bb)2
-rw-r--r--meta/recipes-graphics/jpeg/libjpeg-turbo_3.1.0.bb6
-rw-r--r--meta/recipes-graphics/mesa/files/0001-meson-stop-building-XA-by-default.patch33
-rw-r--r--meta/recipes-graphics/mesa/mesa-gl.bb4
-rw-r--r--meta/recipes-graphics/mesa/mesa.inc11
-rw-r--r--meta/recipes-graphics/vulkan/vulkan-samples_git.bb4
-rw-r--r--meta/recipes-kernel/linux/cve-exclusion_6.12.inc374
-rwxr-xr-xmeta/recipes-kernel/linux/generate-cve-exclusions.py14
-rw-r--r--meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb6
-rw-r--r--meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb6
-rw-r--r--meta/recipes-kernel/linux/linux-yocto_6.12.bb33
-rw-r--r--meta/recipes-kernel/systemtap/systemtap_git.bb4
-rw-r--r--meta/recipes-sato/webkit/webkitgtk/fix-ftbfs-non-arm-non-x86.patch31
-rw-r--r--meta/recipes-sato/webkit/webkitgtk_2.48.2.bb (renamed from meta/recipes-sato/webkit/webkitgtk_2.48.1.bb)3
48 files changed, 603 insertions, 571 deletions
diff --git a/bitbake/lib/bb/tests/fetch.py b/bitbake/lib/bb/tests/fetch.py
index 3f42332588..077472b8b3 100644
--- a/bitbake/lib/bb/tests/fetch.py
+++ b/bitbake/lib/bb/tests/fetch.py
@@ -2238,6 +2238,33 @@ class GitShallowTest(FetcherTest):
2238 self.assertIn("Unable to find revision v0.0 even from upstream", cm.output[0]) 2238 self.assertIn("Unable to find revision v0.0 even from upstream", cm.output[0])
2239 2239
2240 @skipIfNoNetwork() 2240 @skipIfNoNetwork()
2241 def test_git_shallow_fetch_premirrors(self):
2242 url = "git://git.openembedded.org/bitbake;branch=master;protocol=https"
2243
2244 # Create a separate premirror directory within tempdir
2245 premirror = os.path.join(self.tempdir, "premirror")
2246 os.mkdir(premirror)
2247
2248 # Fetch a non-shallow clone into the premirror subdir
2249 self.d.setVar('BB_GIT_SHALLOW', '0')
2250 self.d.setVar("DL_DIR", premirror)
2251 fetcher, ud = self.fetch(url)
2252
2253 # Fetch a shallow clone from the premirror subdir with unpacking
2254 # using the original recipe URL and the premirror mapping
2255 self.d.setVar('BB_GIT_SHALLOW', '1')
2256 self.d.setVar("DL_DIR", self.dldir)
2257 self.d.setVar('BB_FETCH_PREMIRRORONLY', '1')
2258 self.d.setVar('BB_NO_NETWORK', '1')
2259 self.d.setVar('BB_GENERATE_MIRROR_TARBALLS', '0')
2260 self.d.setVar("PREMIRRORS", "git://.*/.* git://{0};protocol=file".format(premirror + "/git2/" + ud.host + ud.path.replace("/", ".")))
2261 fetcher = self.fetch_and_unpack(url)
2262
2263 # Verify that the unpacked sources are shallow clones
2264 self.assertRevCount(1)
2265 assert os.path.exists(os.path.join(self.gitdir, '.git', 'shallow'))
2266
2267 @skipIfNoNetwork()
2241 def test_bitbake(self): 2268 def test_bitbake(self):
2242 self.git('remote add --mirror=fetch origin https://github.com/openembedded/bitbake', cwd=self.srcdir) 2269 self.git('remote add --mirror=fetch origin https://github.com/openembedded/bitbake', cwd=self.srcdir)
2243 self.git('config core.bare true', cwd=self.srcdir) 2270 self.git('config core.bare true', cwd=self.srcdir)
diff --git a/bitbake/lib/toaster/tests/builds/buildtest.py b/bitbake/lib/toaster/tests/builds/buildtest.py
index cacfccd4d3..e54d561334 100644
--- a/bitbake/lib/toaster/tests/builds/buildtest.py
+++ b/bitbake/lib/toaster/tests/builds/buildtest.py
@@ -128,7 +128,7 @@ class BuildTest(unittest.TestCase):
128 if os.environ.get("TOASTER_TEST_USE_SSTATE_MIRROR"): 128 if os.environ.get("TOASTER_TEST_USE_SSTATE_MIRROR"):
129 ProjectVariable.objects.get_or_create( 129 ProjectVariable.objects.get_or_create(
130 name="SSTATE_MIRRORS", 130 name="SSTATE_MIRRORS",
131 value="file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH", 131 value="file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH",
132 project=project) 132 project=project)
133 133
134 ProjectTarget.objects.create(project=project, 134 ProjectTarget.objects.create(project=project,
diff --git a/documentation/brief-yoctoprojectqs/index.rst b/documentation/brief-yoctoprojectqs/index.rst
index 48f81b16a9..fed511c2b6 100644
--- a/documentation/brief-yoctoprojectqs/index.rst
+++ b/documentation/brief-yoctoprojectqs/index.rst
@@ -253,7 +253,7 @@ an entire Linux distribution, including the toolchain, from source.
253 file in the :term:`Build Directory`:: 253 file in the :term:`Build Directory`::
254 254
255 BB_HASHSERVE_UPSTREAM = "wss://hashserv.yoctoproject.org/ws" 255 BB_HASHSERVE_UPSTREAM = "wss://hashserv.yoctoproject.org/ws"
256 SSTATE_MIRRORS ?= "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH" 256 SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
257 BB_HASHSERVE = "auto" 257 BB_HASHSERVE = "auto"
258 BB_SIGNATURE_HANDLER = "OEEquivHash" 258 BB_SIGNATURE_HANDLER = "OEEquivHash"
259 259
diff --git a/documentation/ref-manual/variables.rst b/documentation/ref-manual/variables.rst
index c697bdbbb7..9768d8f5b8 100644
--- a/documentation/ref-manual/variables.rst
+++ b/documentation/ref-manual/variables.rst
@@ -9117,7 +9117,7 @@ system and gives an overview of their function and contents.
9117 The Yocto Project actually shares the cache data objects built by its 9117 The Yocto Project actually shares the cache data objects built by its
9118 autobuilder:: 9118 autobuilder::
9119 9119
9120 SSTATE_MIRRORS ?= "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH" 9120 SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
9121 9121
9122 As such binary artifacts are built for the generic QEMU machines 9122 As such binary artifacts are built for the generic QEMU machines
9123 supported by the various Poky releases, they are less likely to be 9123 supported by the various Poky releases, they are less likely to be
diff --git a/meta-poky/conf/templates/default/local.conf.sample b/meta-poky/conf/templates/default/local.conf.sample
index 7dc44d91d6..ecc33c06f3 100644
--- a/meta-poky/conf/templates/default/local.conf.sample
+++ b/meta-poky/conf/templates/default/local.conf.sample
@@ -240,10 +240,7 @@ BB_DISKMON_DIRS ??= "\
240# Using the CDN rather than the yoctoproject.org address is suggested/preferred. 240# Using the CDN rather than the yoctoproject.org address is suggested/preferred.
241# 241#
242#BB_HASHSERVE_UPSTREAM = 'wss://hashserv.yoctoproject.org/ws' 242#BB_HASHSERVE_UPSTREAM = 'wss://hashserv.yoctoproject.org/ws'
243#SSTATE_MIRRORS ?= "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH" 243#SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
244#
245###SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
246
247 244
248# 245#
249# Qemu configuration 246# Qemu configuration
diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
index e5037c6277..13d55923b7 100644
--- a/meta/conf/bitbake.conf
+++ b/meta/conf/bitbake.conf
@@ -699,7 +699,7 @@ DEBIAN_MIRROR = "http://deb.debian.org/debian/pool"
699GENTOO_MIRROR = "http://distfiles.gentoo.org/distfiles" 699GENTOO_MIRROR = "http://distfiles.gentoo.org/distfiles"
700GNOME_GIT = "git://gitlab.gnome.org/GNOME" 700GNOME_GIT = "git://gitlab.gnome.org/GNOME"
701GNOME_MIRROR = "https://download.gnome.org/sources/" 701GNOME_MIRROR = "https://download.gnome.org/sources/"
702GNU_MIRROR = "https://ftp.gnu.org/gnu" 702GNU_MIRROR = "https://ftpmirror.gnu.org/gnu"
703GNUPG_MIRROR = "https://www.gnupg.org/ftp/gcrypt" 703GNUPG_MIRROR = "https://www.gnupg.org/ftp/gcrypt"
704GPE_MIRROR = "http://gpe.linuxtogo.org/download/source" 704GPE_MIRROR = "http://gpe.linuxtogo.org/download/source"
705KERNELORG_MIRROR = "https://cdn.kernel.org/pub" 705KERNELORG_MIRROR = "https://cdn.kernel.org/pub"
diff --git a/meta/lib/oeqa/selftest/cases/sstatetests.py b/meta/lib/oeqa/selftest/cases/sstatetests.py
index 681a57f4db..487995acc3 100644
--- a/meta/lib/oeqa/selftest/cases/sstatetests.py
+++ b/meta/lib/oeqa/selftest/cases/sstatetests.py
@@ -972,7 +972,7 @@ class SStateMirrors(SStateCheckObjectPresence):
972 self.append_config(""" 972 self.append_config("""
973MACHINE = "{}" 973MACHINE = "{}"
974BB_HASHSERVE_UPSTREAM = "hashserv.yoctoproject.org:8686" 974BB_HASHSERVE_UPSTREAM = "hashserv.yoctoproject.org:8686"
975SSTATE_MIRRORS ?= "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH" 975SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
976""".format(machine)) 976""".format(machine))
977 else: 977 else:
978 self.append_config(""" 978 self.append_config("""
diff --git a/meta/recipes-core/busybox/busybox.inc b/meta/recipes-core/busybox/busybox.inc
index 638b40c758..4ebaeb92c9 100644
--- a/meta/recipes-core/busybox/busybox.inc
+++ b/meta/recipes-core/busybox/busybox.inc
@@ -16,6 +16,7 @@ SECTION = "base"
16# Whether to split the suid apps into a seperate binary 16# Whether to split the suid apps into a seperate binary
17BUSYBOX_SPLIT_SUID ?= "1" 17BUSYBOX_SPLIT_SUID ?= "1"
18 18
19CFLAGS:append:toolchain-clang = " -DBB_GLOBAL_CONST=''"
19export EXTRA_CFLAGS = "${CFLAGS}" 20export EXTRA_CFLAGS = "${CFLAGS}"
20export EXTRA_LDFLAGS = "${LDFLAGS}" 21export EXTRA_LDFLAGS = "${LDFLAGS}"
21 22
diff --git a/meta/recipes-core/coreutils/coreutils/0001-cksum-port-to-32-bit-uint_fast32_t.patch b/meta/recipes-core/coreutils/coreutils/0001-cksum-port-to-32-bit-uint_fast32_t.patch
deleted file mode 100644
index 95d7aca809..0000000000
--- a/meta/recipes-core/coreutils/coreutils/0001-cksum-port-to-32-bit-uint_fast32_t.patch
+++ /dev/null
@@ -1,47 +0,0 @@
1From 7eada35b4fbb48e7fe430d1b18dae7d191f84f8e Mon Sep 17 00:00:00 2001
2From: Paul Eggert <eggert@cs.ucla.edu>
3Date: Mon, 17 Feb 2025 02:27:09 -0800
4Subject: [PATCH 2/2] cksum: port to 32-bit uint_fast32_t
5MIME-Version: 1.0
6Content-Type: text/plain; charset=UTF-8
7Content-Transfer-Encoding: 8bit
8
9* src/cksum_vmull.c (cksum_vmull): Don’t assume
10uint_fast32_t can hold 64 bits.
11Problem reported by Alyssa Ross (Bug#76360).
12
13Upstream-Status: Backport [7eada35b4fbb48e7fe430d1b18dae7d191f84f8e]
14Signed-off-by: Ross Burton <ross.burton@arm.com>
15---
16 NEWS | 3 +++
17 src/cksum_vmull.c | 7 +++++--
18 2 files changed, 8 insertions(+), 2 deletions(-)
19
20diff --git a/src/cksum_vmull.c b/src/cksum_vmull.c
21index 7611c4244..0ff81e225 100644
22--- a/src/cksum_vmull.c
23+++ b/src/cksum_vmull.c
24@@ -92,7 +92,9 @@ cksum_vmull (FILE *fp, uint_fast32_t *crc_out, uintmax_t *length_out)
25 data = bswap_neon (data);
26 /* XOR in initial CRC value (for us 0 so no effect), or CRC value
27 calculated for previous BUFLEN buffer from fread */
28- xor_crc = vcombine_u64 (vcreate_u64 (0), vcreate_u64 (crc << 32));
29+
30+ uint64_t wcrc = crc;
31+ xor_crc = vcombine_u64 (vcreate_u64 (0), vcreate_u64 (wcrc << 32));
32 crc = 0;
33 data = veorq_u64 (data, xor_crc);
34 data3 = vld1q_u64 ((uint64_t *) (datap + 1));
35@@ -193,7 +195,8 @@ cksum_vmull (FILE *fp, uint_fast32_t *crc_out, uintmax_t *length_out)
36 {
37 data = vld1q_u64 ((uint64_t *) (datap));
38 data = bswap_neon (data);
39- xor_crc = vcombine_u64 (vcreate_u64 (0), vcreate_u64 (crc << 32));
40+ uint64_t wcrc = crc;
41+ xor_crc = vcombine_u64 (vcreate_u64 (0), vcreate_u64 (wcrc << 32));
42 crc = 0;
43 data = veorq_u64 (data, xor_crc);
44 while (bytes_read >= 32)
45--
462.45.2
47
diff --git a/meta/recipes-core/coreutils/coreutils/0001-ls-fix-crash-with-context.patch b/meta/recipes-core/coreutils/coreutils/0001-ls-fix-crash-with-context.patch
deleted file mode 100644
index b1a92875a6..0000000000
--- a/meta/recipes-core/coreutils/coreutils/0001-ls-fix-crash-with-context.patch
+++ /dev/null
@@ -1,101 +0,0 @@
1From 43a63408630e5064317823702518099f0ea652dd Mon Sep 17 00:00:00 2001
2From: =?UTF-8?q?P=C3=A1draig=20Brady?= <P@draigBrady.com>
3Date: Fri, 17 Jan 2025 17:29:34 +0000
4Subject: [PATCH] ls: fix crash with --context
5
6* src/ls.c (main): Flag that we need to stat()
7if we're going to get security context (call file_has_aclinfo_cache).
8(file_has_aclinfo_cache): Be defensive and only lookup the device
9for the file if the stat has been performed.
10(has_capability_cache): Likewise.
11* tests/ls/selinux-segfault.sh: Add a test case.
12* NEWS: Mention the bug fix.
13Reported by Bruno Haible.
14
15Upstream-Status: Backport
16[https://git.savannah.gnu.org/cgit/coreutils.git/commit/?id=915004f403cb25fadb207ddfdbe6a2f43bd44fac]
17
18Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
19---
20 NEWS | 3 +++
21 src/ls.c | 10 +++++-----
22 tests/ls/selinux-segfault.sh | 3 +++
23 3 files changed, 11 insertions(+), 5 deletions(-)
24
25diff --git a/NEWS b/NEWS
26index 3799f75..65867f9 100644
27--- a/NEWS
28+++ b/NEWS
29@@ -4,6 +4,9 @@ GNU coreutils NEWS -*- outline -*-
30
31 ** Bug fixes
32
33+ `ls -Z dir` would crash.
34+ [bug introduced in coreutils-9.6]
35+
36 cp fixes support for --update=none-fail, which would have been
37 rejected as an invalid option.
38 [bug introduced in coreutils-9.5]
39diff --git a/src/ls.c b/src/ls.c
40index 3215360..f67167f 100644
41--- a/src/ls.c
42+++ b/src/ls.c
43@@ -1768,7 +1768,7 @@ main (int argc, char **argv)
44
45 format_needs_stat = ((sort_type == sort_time) | (sort_type == sort_size)
46 | (format == long_format)
47- | print_block_size | print_hyperlink);
48+ | print_block_size | print_hyperlink | print_scontext);
49 format_needs_type = ((! format_needs_stat)
50 & (recursive | print_with_color | print_scontext
51 | directories_first
52@@ -3309,7 +3309,7 @@ file_has_aclinfo_cache (char const *file, struct fileinfo *f,
53 static int unsupported_scontext_err;
54 static dev_t unsupported_device;
55
56- if (f->stat.st_dev == unsupported_device)
57+ if (f->stat_ok && f->stat.st_dev == unsupported_device)
58 {
59 ai->buf = ai->u.__gl_acl_ch;
60 ai->size = 0;
61@@ -3322,7 +3322,7 @@ file_has_aclinfo_cache (char const *file, struct fileinfo *f,
62 errno = 0;
63 int n = file_has_aclinfo (file, ai, flags);
64 int err = errno;
65- if (n <= 0 && !acl_errno_valid (err))
66+ if (f->stat_ok && n <= 0 && !acl_errno_valid (err))
67 {
68 unsupported_return = n;
69 unsupported_scontext = ai->scontext;
70@@ -3342,14 +3342,14 @@ has_capability_cache (char const *file, struct fileinfo *f)
71 found that has_capability fails indicating lack of support. */
72 static dev_t unsupported_device;
73
74- if (f->stat.st_dev == unsupported_device)
75+ if (f->stat_ok && f->stat.st_dev == unsupported_device)
76 {
77 errno = ENOTSUP;
78 return 0;
79 }
80
81 bool b = has_capability (file);
82- if ( !b && !acl_errno_valid (errno))
83+ if (f->stat_ok && !b && !acl_errno_valid (errno))
84 unsupported_device = f->stat.st_dev;
85 return b;
86 }
87diff --git a/tests/ls/selinux-segfault.sh b/tests/ls/selinux-segfault.sh
88index 11623ac..1cac2b5 100755
89--- a/tests/ls/selinux-segfault.sh
90+++ b/tests/ls/selinux-segfault.sh
91@@ -30,4 +30,7 @@ mkdir sedir || framework_failure_
92 ln -sf missing sedir/broken || framework_failure_
93 returns_ 1 ls -L -R -Z -m sedir > out || fail=1
94
95+# ls 9.6 would segfault with the following
96+ls -Z . > out || fail=1
97+
98 Exit $fail
99--
1002.34.1
101
diff --git a/meta/recipes-core/coreutils/coreutils/intermittent-testfailure.patch b/meta/recipes-core/coreutils/coreutils/intermittent-testfailure.patch
deleted file mode 100644
index 0794532bdf..0000000000
--- a/meta/recipes-core/coreutils/coreutils/intermittent-testfailure.patch
+++ /dev/null
@@ -1,30 +0,0 @@
1tests/df: Fix intermittent test failure
2
3The test writes to the disk and means the space used changes. If this
4crosses a number boundary, the heading spacing can change:
5
6-Filesystem 1024-blocks Used Available Capacity Mounted on
7+Filesystem 1024-blocks Used Available Capacity Mounted on
8
9The test is to make sure the 1024 blocks element remains the same and
10the spacing doesn't matter. Therefore strip any duplicate spaces using tr.
11
12Submitted: https://github.com/coreutils/coreutils/pull/88
13Upstream-Status: Backport [https://github.com/coreutils/coreutils/commit/c5725c8c4bb21903490a48035286d0f94463642e]
14Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
15
16Index: coreutils-9.5/tests/df/df-P.sh
17===================================================================
18--- coreutils-9.5.orig/tests/df/df-P.sh
19+++ coreutils-9.5/tests/df/df-P.sh
20@@ -20,8 +20,8 @@
21 print_ver_ df
22
23
24- df -P . > t1 || fail=1
25-BLOCK_SIZE=1M df -P . > t2 || fail=1
26+ df -P . | tr -s ' ' > t1 || fail=1
27+BLOCK_SIZE=1M df -P . | tr -s ' ' > t2 || fail=1
28
29 # Since file system utilization may be changing, compare only df's header line.
30 # That records the block size. E.g., for "1M", it would be:
diff --git a/meta/recipes-core/coreutils/coreutils_9.6.bb b/meta/recipes-core/coreutils/coreutils_9.7.bb
index a966c4b448..091e1ea2c5 100644
--- a/meta/recipes-core/coreutils/coreutils_9.6.bb
+++ b/meta/recipes-core/coreutils/coreutils_9.7.bb
@@ -15,12 +15,9 @@ inherit autotools gettext texinfo
15 15
16SRC_URI = "${GNU_MIRROR}/coreutils/${BP}.tar.xz \ 16SRC_URI = "${GNU_MIRROR}/coreutils/${BP}.tar.xz \
17 file://remove-usr-local-lib-from-m4.patch \ 17 file://remove-usr-local-lib-from-m4.patch \
18 file://intermittent-testfailure.patch \
19 file://0001-ls-fix-crash-with-context.patch \
20 file://0001-cksum-port-to-32-bit-uint_fast32_t.patch \
21 file://run-ptest \ 18 file://run-ptest \
22 " 19 "
23SRC_URI[sha256sum] = "7a0124327b398fd9eb1a6abde583389821422c744ffa10734b24f557610d3283" 20SRC_URI[sha256sum] = "e8bb26ad0293f9b5a1fc43fb42ba970e312c66ce92c1b0b16713d7500db251bf"
24 21
25# http://git.savannah.gnu.org/cgit/coreutils.git/commit/?id=v8.27-101-gf5d7c0842 22# http://git.savannah.gnu.org/cgit/coreutils.git/commit/?id=v8.27-101-gf5d7c0842
26# 23#
diff --git a/meta/recipes-core/readline/files/inputrc b/meta/recipes-core/readline/files/inputrc
index b5c4c8af24..4a2874bccc 100644
--- a/meta/recipes-core/readline/files/inputrc
+++ b/meta/recipes-core/readline/files/inputrc
@@ -24,12 +24,12 @@ set output-meta on
24$if mode=emacs 24$if mode=emacs
25 25
26# allow the use of the Home/End keys 26# allow the use of the Home/End keys
27# "\e[1~": beginning-of-line 27"\e[1~": beginning-of-line
28# "\e[4~": end-of-line 28"\e[4~": end-of-line
29 29
30# allow the use of the Delete/Insert keys 30# allow the use of the Delete/Insert keys
31# "\e[3~": delete-char 31"\e[3~": delete-char
32# "\e[2~": quoted-insert 32"\e[2~": quoted-insert
33 33
34# mappings for "page up" and "page down" to step to the beginning/end 34# mappings for "page up" and "page down" to step to the beginning/end
35# of the history 35# of the history
diff --git a/meta/recipes-core/seatd/seatd_0.9.1.bb b/meta/recipes-core/seatd/seatd_0.9.1.bb
index 8ee43a3dc8..87e1c3b67d 100644
--- a/meta/recipes-core/seatd/seatd_0.9.1.bb
+++ b/meta/recipes-core/seatd/seatd_0.9.1.bb
@@ -15,6 +15,14 @@ inherit meson pkgconfig systemd update-rc.d useradd
15 15
16# https://www.openwall.com/lists/musl/2020/01/20/3 16# https://www.openwall.com/lists/musl/2020/01/20/3
17CFLAGS:append:libc-musl:powerpc64le = " -Wno-error=overflow" 17CFLAGS:append:libc-musl:powerpc64le = " -Wno-error=overflow"
18#../git/common/connection.c:154:55: error: comparison of integers of different signs: 'unsigned long' and 'long' [-Werror,-Wsign-compare]
19# 154 | for (cmsg = CMSG_FIRSTHDR(msg); cmsg != NULL; cmsg = CMSG_NXTHDR(msg, cmsg)) {
20# | ^~~~~~~~~~~~~~~~~~~~~~
21#/mnt/b/yoe/master/sources/poky/build/tmp/work/riscv64-poky-linux-musl/seatd/0.9.1/recipe-sysroot/usr/include/sys/socket.h:358:44: note: expanded from macro 'CMSG_NXTHDR'
22# 358 | __CMSG_LEN(cmsg) + sizeof(struct cmsghdr) >= __MHDR_END(mhdr) - (unsigned char *)(cmsg) \
23# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
24#1 error generated.
25CFLAGS:append:libc-musl:toolchain-clang = " -Wno-error=sign-compare"
18 26
19PACKAGECONFIG ?= " \ 27PACKAGECONFIG ?= " \
20 ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \ 28 ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \
diff --git a/meta/recipes-core/systemd/systemd-boot_257.5.bb b/meta/recipes-core/systemd/systemd-boot_257.5.bb
index 151e4a9537..c6c443f929 100644
--- a/meta/recipes-core/systemd/systemd-boot_257.5.bb
+++ b/meta/recipes-core/systemd/systemd-boot_257.5.bb
@@ -54,6 +54,9 @@ TUNE_CCARGS:remove = "-mfpmath=sse"
54 54
55CFLAGS:append:libc-musl = " -D__DEFINED_wchar_t" 55CFLAGS:append:libc-musl = " -D__DEFINED_wchar_t"
56 56
57# arm-poky-linux-musleabi-clang: error: unsupported option '-mgeneral-regs-only' for target 'arm-poky-linux-musleabi'
58TOOLCHAIN:arm = "gcc"
59
57COMPATIBLE_HOST = "(aarch64.*|arm.*|x86_64.*|i.86.*|riscv.*)-linux" 60COMPATIBLE_HOST = "(aarch64.*|arm.*|x86_64.*|i.86.*|riscv.*)-linux"
58COMPATIBLE_HOST:x86-x32 = "null" 61COMPATIBLE_HOST:x86-x32 = "null"
59 62
diff --git a/meta/recipes-core/util-linux/util-linux-libuuid_2.40.4.bb b/meta/recipes-core/util-linux/util-linux-libuuid_2.41.bb
index ec04c1d384..ec04c1d384 100644
--- a/meta/recipes-core/util-linux/util-linux-libuuid_2.40.4.bb
+++ b/meta/recipes-core/util-linux/util-linux-libuuid_2.41.bb
diff --git a/meta/recipes-core/util-linux/util-linux.inc b/meta/recipes-core/util-linux/util-linux.inc
index 4e8701ffdf..b0f2a9d497 100644
--- a/meta/recipes-core/util-linux/util-linux.inc
+++ b/meta/recipes-core/util-linux/util-linux.inc
@@ -6,20 +6,22 @@ disk partitioning, kernel message management, filesystem creation, and system lo
6 6
7SECTION = "base" 7SECTION = "base"
8 8
9LICENSE = "GPL-1.0-or-later & GPL-2.0-only & GPL-2.0-or-later & LGPL-2.1-or-later & BSD-2-Clause & BSD-3-Clause & BSD-4-Clause-UC & MIT" 9LICENSE = "GPL-1.0-or-later & GPL-2.0-only & GPL-2.0-or-later & LGPL-2.1-or-later & BSD-2-Clause & BSD-3-Clause & BSD-4-Clause-UC & MIT & EUPL-1.2"
10LICENSE:${PN}-fcntl-lock = "MIT" 10LICENSE:${PN}-fcntl-lock = "MIT"
11LICENSE:${PN}-fdisk = "GPL-1.0-or-later" 11LICENSE:${PN}-fdisk = "GPL-1.0-or-later"
12LICENSE:${PN}-libblkid = "LGPL-2.1-or-later" 12LICENSE:${PN}-libblkid = "LGPL-2.1-or-later"
13LICENSE:${PN}-libfdisk = "LGPL-2.1-or-later" 13LICENSE:${PN}-libfdisk = "LGPL-2.1-or-later"
14LICENSE:${PN}-libmount = "LGPL-2.1-or-later" 14LICENSE:${PN}-libmount = "LGPL-2.1-or-later"
15LICENSE:${PN}-libsmartcols = "LGPL-2.1-or-later" 15LICENSE:${PN}-libsmartcols = "LGPL-2.1-or-later"
16LICENSE:${PN}-coresched = "EUPL-1.2"
16 17
17LIC_FILES_CHKSUM = "file://README.licensing;md5=ddd58b6c94da86ff4f03e91208eb9cfc \ 18LIC_FILES_CHKSUM = "file://README.licensing;md5=55e895a80bdd4ffc65e167a76d2e7569 \
18 file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ 19 file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
19 file://Documentation/licenses/COPYING.GPL-2.0-or-later;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ 20 file://Documentation/licenses/COPYING.GPL-2.0-or-later;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
20 file://Documentation/licenses/COPYING.LGPL-2.1-or-later;md5=4fbd65380cdd255951079008b364516c \ 21 file://Documentation/licenses/COPYING.LGPL-2.1-or-later;md5=4fbd65380cdd255951079008b364516c \
21 file://Documentation/licenses/COPYING.BSD-3-Clause;md5=58dcd8452651fc8b07d1f65ce07ca8af \ 22 file://Documentation/licenses/COPYING.BSD-3-Clause;md5=58dcd8452651fc8b07d1f65ce07ca8af \
22 file://Documentation/licenses/COPYING.BSD-4-Clause-UC;md5=263860f8968d8bafa5392cab74285262 \ 23 file://Documentation/licenses/COPYING.BSD-4-Clause-UC;md5=263860f8968d8bafa5392cab74285262 \
24 file://Documentation/licenses/COPYING.EUPL-1.2;md5=c075d2767167a2355b23392018a1cbbd \
23 file://libuuid/COPYING;md5=6d2cafc999feb2c2de84d4d24b23290c \ 25 file://libuuid/COPYING;md5=6d2cafc999feb2c2de84d4d24b23290c \
24 file://libmount/COPYING;md5=7c7e39fb7d70ffe5d693a643e29987c2 \ 26 file://libmount/COPYING;md5=7c7e39fb7d70ffe5d693a643e29987c2 \
25 file://libblkid/COPYING;md5=693bcbbe16d3a4a4b37bc906bc01cc04 \ 27 file://libblkid/COPYING;md5=693bcbbe16d3a4a4b37bc906bc01cc04 \
@@ -38,10 +40,10 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/util-linux/v${MAJOR_VERSION}/util-lin
38 file://display_testname_for_subtest.patch \ 40 file://display_testname_for_subtest.patch \
39 file://avoid_parallel_tests.patch \ 41 file://avoid_parallel_tests.patch \
40 file://fcntl-lock.c \ 42 file://fcntl-lock.c \
41 file://0001-cfdisk-add-sector-size-commanand-line-option.patch \ 43 file://0001-tests-ts-kill-decode-avoid-using-shell-built-in-kill.patch \
42 file://0002-sfdisk-add-sector-size-commanand-line-option.patch \ 44 file://0001-lsfd-mkfds-foreign-sockets-skip-when-lacking-sock_di.patch \
43 " 45 "
44 46
45SRC_URI[sha256sum] = "5c1daf733b04e9859afdc3bd87cc481180ee0f88b5c0946b16fdec931975fb79" 47SRC_URI[sha256sum] = "81ee93b3cfdfeb7d7c4090cedeba1d7bbce9141fd0b501b686b3fe475ddca4c6"
46 48
47CVE_PRODUCT = "util-linux" 49CVE_PRODUCT = "util-linux"
diff --git a/meta/recipes-core/util-linux/util-linux/0001-cfdisk-add-sector-size-commanand-line-option.patch b/meta/recipes-core/util-linux/util-linux/0001-cfdisk-add-sector-size-commanand-line-option.patch
deleted file mode 100644
index 73031318d2..0000000000
--- a/meta/recipes-core/util-linux/util-linux/0001-cfdisk-add-sector-size-commanand-line-option.patch
+++ /dev/null
@@ -1,90 +0,0 @@
1From 724b95ee6847613e23ca18f4918d4e65ff5b270e Mon Sep 17 00:00:00 2001
2From: Karel Zak <kzak@redhat.com>
3Date: Mon, 14 Oct 2024 15:48:46 +0200
4Subject: [PATCH 1/2] cfdisk: add --sector-size commanand line option
5
6* improves compatibility with fdisk
7* add ability to work with disk images where libfdisk defaults to 512
8
9Signed-off-by: Karel Zak <kzak@redhat.com>
10
11Upstream-Status: Backport [fd38ee2274f7a30393d3839dfce556260355c3fa]
12
13Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
14---
15 disk-utils/cfdisk.8.adoc | 3 +++
16 disk-utils/cfdisk.c | 15 ++++++++++++++-
17 2 files changed, 17 insertions(+), 1 deletion(-)
18
19diff --git a/disk-utils/cfdisk.8.adoc b/disk-utils/cfdisk.8.adoc
20index 97fad621d..759f39f0e 100644
21--- a/disk-utils/cfdisk.8.adoc
22+++ b/disk-utils/cfdisk.8.adoc
23@@ -55,6 +55,9 @@ Use exclusive BSD lock for device or file it operates. The optional argument _mo
24 *-r*, *--read-only*::
25 Forced open in read-only mode.
26
27+*-b*, *--sector-size* _sectorsize_::
28+Specify the sector size of the disk. Valid values are 512, 1024, 2048, and 4096. The kernel is aware of the sector size for regular block devices. Use this option only on very old kernels, when working with disk images, or to override the kernel's default sector size. Since util-linux-2.17, *fdisk* distinguishes between logical and physical sector size. This option changes both sector sizes to the specified _sectorsize_.
29+
30 *-z*, *--zero*::
31 Start with an in-memory zeroed partition table. This option does not zero the partition table on the disk; rather, it simply starts the program without reading the existing partition table. This option allows you to create a new partition table from scratch or from an *sfdisk*(8)-compatible script.
32
33diff --git a/disk-utils/cfdisk.c b/disk-utils/cfdisk.c
34index 183b7671e..f37e2d72a 100644
35--- a/disk-utils/cfdisk.c
36+++ b/disk-utils/cfdisk.c
37@@ -2739,6 +2739,8 @@ static void __attribute__((__noreturn__)) usage(void)
38 _(" --lock[=<mode>] use exclusive device lock (%s, %s or %s)\n"), "yes", "no", "nonblock");
39 fputs(_(" -r, --read-only forced open cfdisk in read-only mode\n"), out);
40
41+ fputs(_(" -b, --sector-size <size> physical and logical sector size\n"), out);
42+
43 fputs(USAGE_SEPARATOR, out);
44 fprintf(out, USAGE_HELP_OPTIONS(26));
45
46@@ -2751,6 +2753,7 @@ int main(int argc, char *argv[])
47 const char *diskpath = NULL, *lockmode = NULL;
48 int rc, c, colormode = UL_COLORMODE_UNDEF;
49 int read_only = 0;
50+ size_t user_ss = 0;
51 struct cfdisk _cf = { .lines_idx = 0 },
52 *cf = &_cf;
53 enum {
54@@ -2760,6 +2763,7 @@ int main(int argc, char *argv[])
55 { "color", optional_argument, NULL, 'L' },
56 { "lock", optional_argument, NULL, OPT_LOCK },
57 { "help", no_argument, NULL, 'h' },
58+ { "sector-size", required_argument, NULL, 'b' },
59 { "version", no_argument, NULL, 'V' },
60 { "zero", no_argument, NULL, 'z' },
61 { "read-only", no_argument, NULL, 'r' },
62@@ -2771,8 +2775,15 @@ int main(int argc, char *argv[])
63 textdomain(PACKAGE);
64 close_stdout_atexit();
65
66- while((c = getopt_long(argc, argv, "L::hVzr", longopts, NULL)) != -1) {
67+ while((c = getopt_long(argc, argv, "b:L::hVzr", longopts, NULL)) != -1) {
68 switch(c) {
69+ case 'b':
70+ user_ss = strtou32_or_err(optarg,
71+ _("invalid sector size argument"));
72+ if (user_ss != 512 && user_ss != 1024 &&
73+ user_ss != 2048 && user_ss != 4096)
74+ errx(EXIT_FAILURE, _("invalid sector size argument"));
75+ break;
76 case 'h':
77 usage();
78 break;
79@@ -2811,6 +2822,8 @@ int main(int argc, char *argv[])
80 cf->cxt = fdisk_new_context();
81 if (!cf->cxt)
82 err(EXIT_FAILURE, _("failed to allocate libfdisk context"));
83+ if (user_ss)
84+ fdisk_save_user_sector_size(cf->cxt, user_ss, user_ss);
85
86 fdisk_set_ask(cf->cxt, ask_callback, (void *) cf);
87
88--
892.25.1
90
diff --git a/meta/recipes-core/util-linux/util-linux/0001-lsfd-mkfds-foreign-sockets-skip-when-lacking-sock_di.patch b/meta/recipes-core/util-linux/util-linux/0001-lsfd-mkfds-foreign-sockets-skip-when-lacking-sock_di.patch
new file mode 100644
index 0000000000..e3f9112192
--- /dev/null
+++ b/meta/recipes-core/util-linux/util-linux/0001-lsfd-mkfds-foreign-sockets-skip-when-lacking-sock_di.patch
@@ -0,0 +1,36 @@
1From b3a1d92a9078fada31b2cf64b802edd616026766 Mon Sep 17 00:00:00 2001
2From: Chen Qi <Qi.Chen@windriver.com>
3Date: Mon, 26 May 2025 15:24:16 +0800
4Subject: [PATCH] lsfd/mkfds-foreign-sockets: skip when lacking sock_diag
5 ability
6
7The ENDPOINTS will need sock_diag ability. The kernel might not
8enable related configs. Check and skip in case of lacking such ability.
9
10Fixes: https://github.com/util-linux/util-linux/issues/3590
11
12Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
13
14Upstream-Status: Submitted [https://github.com/util-linux/util-linux/pull/3591]
15
16Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
17---
18 tests/ts/lsfd/mkfds-foreign-sockets | 2 ++
19 1 file changed, 2 insertions(+)
20
21diff --git a/tests/ts/lsfd/mkfds-foreign-sockets b/tests/ts/lsfd/mkfds-foreign-sockets
22index cd94da799..76138a7a6 100755
23--- a/tests/ts/lsfd/mkfds-foreign-sockets
24+++ b/tests/ts/lsfd/mkfds-foreign-sockets
25@@ -30,6 +30,8 @@ ts_skip_nonroot
26 ts_skip_qemu_user
27 ts_cd "$TS_OUTDIR"
28
29+lsfd_check_sockdiag "unix"
30+
31 declare -A tcase
32 tcase[NAME]="state=connected"
33 tcase[SOCK.NETNS]=
34--
352.34.1
36
diff --git a/meta/recipes-core/util-linux/util-linux/0001-tests-ts-kill-decode-avoid-using-shell-built-in-kill.patch b/meta/recipes-core/util-linux/util-linux/0001-tests-ts-kill-decode-avoid-using-shell-built-in-kill.patch
new file mode 100644
index 0000000000..dece0e94b7
--- /dev/null
+++ b/meta/recipes-core/util-linux/util-linux/0001-tests-ts-kill-decode-avoid-using-shell-built-in-kill.patch
@@ -0,0 +1,36 @@
1From d2eeccf36542d506b660641a07a44f3976772897 Mon Sep 17 00:00:00 2001
2From: Chen Qi <Qi.Chen@windriver.com>
3Date: Thu, 15 May 2025 16:44:33 +0800
4Subject: [PATCH] tests/ts/kill/decode: avoid using shell built-in kill command
5
6This test case should do the same as other kill test cases, avoiding
7using shell built-in kill command.
8
9Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
10
11Upstream-Status: Backport [https://github.com/util-linux/util-linux/commit/d2eeccf36542d506b660641a07a44f3976772897]
12
13Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
14---
15 tests/ts/kill/decode | 5 +++++
16 1 file changed, 5 insertions(+)
17
18diff --git a/tests/ts/kill/decode b/tests/ts/kill/decode
19index 03bc25ff6..57149899e 100755
20--- a/tests/ts/kill/decode
21+++ b/tests/ts/kill/decode
22@@ -18,6 +18,11 @@ TS_DESC="decode functions"
23 . "$TS_TOPDIR/functions.sh"
24 ts_init "$*"
25
26+# make sure we do not use shell built-in command
27+if [ "$TS_USE_SYSTEM_COMMANDS" == "yes" ]; then
28+ TS_CMD_KILL="$(which kill)"
29+fi
30+
31 ts_skip_qemu_user
32
33 ts_check_test_command "$TS_CMD_KILL"
34--
352.34.1
36
diff --git a/meta/recipes-core/util-linux/util-linux/0002-sfdisk-add-sector-size-commanand-line-option.patch b/meta/recipes-core/util-linux/util-linux/0002-sfdisk-add-sector-size-commanand-line-option.patch
deleted file mode 100644
index 8d47d8de71..0000000000
--- a/meta/recipes-core/util-linux/util-linux/0002-sfdisk-add-sector-size-commanand-line-option.patch
+++ /dev/null
@@ -1,105 +0,0 @@
1From 96570c03f46e0a5c17e721737a38c717c67e358b Mon Sep 17 00:00:00 2001
2From: Karel Zak <kzak@redhat.com>
3Date: Mon, 14 Oct 2024 15:50:40 +0200
4Subject: [PATCH 2/2] sfdisk: add --sector-size commanand line option
5
6* improves compatibility with fdisk
7* add ability to work with disk images where libfdisk defaults to 512
8
9Addresses: https://github.com/util-linux/util-linux/pull/3235
10Signed-off-by: Karel Zak <kzak@redhat.com>
11
12Upstream-Status: Backport [ef7b76baa17ddb5414691fa8f49d61415c30871c]
13
14Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
15---
16 disk-utils/sfdisk.8.adoc | 5 ++++-
17 disk-utils/sfdisk.c | 14 ++++++++++++++
18 2 files changed, 18 insertions(+), 1 deletion(-)
19
20diff --git a/disk-utils/sfdisk.8.adoc b/disk-utils/sfdisk.8.adoc
21index bc3ff9bb8..d1eaa3712 100644
22--- a/disk-utils/sfdisk.8.adoc
23+++ b/disk-utils/sfdisk.8.adoc
24@@ -201,6 +201,9 @@ The default list of columns may be extended if _list_ is specified in the format
25 *-q*, *--quiet*::
26 Suppress extra info messages.
27
28+*--sector-size* _sectorsize_::
29+Specify the sector size of the disk. Valid values are 512, 1024, 2048, and 4096. The kernel is aware of the sector size for regular block devices. Use this option only on very old kernels, when working with disk images, or to override the kernel's default sector size. Since util-linux-2.17, *fdisk* distinguishes between logical and physical sector size. This option changes both sector sizes to the specified _sectorsize_.
30+
31 *-u*, *--unit S*::
32 Deprecated option. Only the sector unit is supported. This option is not supported when using the *--show-size* command.
33
34@@ -249,7 +252,7 @@ Specify the maximal number of GPT partitions.
35 *grain*::
36 Specify minimal size in bytes used to calculate partitions alignment. The default is 1MiB and it's strongly recommended to use the default. Do not modify this variable if you're not sure.
37 *sector-size*::
38-Specify sector size. *sfdisk* always uses device sector size. Since version 2.39 *sfdisk* recalculates sizes from dump if the script and device sector size differ.
39+Specifies the sector size used in the input. *sfdisk* always internally uses the device sector size provided by the kernel for the block device, or as specified by the user on the command line (see *--sector-size*). Starting with version 2.39, *sfdisk* recalculates sizes from the input if the *sector-size* header and device sector size are different.
40
41 Note that it is only possible to use header lines before the first partition is specified in the input.
42
43diff --git a/disk-utils/sfdisk.c b/disk-utils/sfdisk.c
44index d8dd8d296..97d426559 100644
45--- a/disk-utils/sfdisk.c
46+++ b/disk-utils/sfdisk.c
47@@ -2084,6 +2084,8 @@ static void __attribute__((__noreturn__)) usage(void)
48 _(" --color[=<when>] colorize output (%s, %s or %s)\n"), "auto", "always", "never");
49 fprintf(out,
50 " %s\n", USAGE_COLORS_DEFAULT);
51+ fputs(_(" --sector-size <size> physical and logical sector size\n"), out);
52+
53 fprintf(out,
54 _(" --lock[=<mode>] use exclusive device lock (%s, %s or %s)\n"), "yes", "no", "nonblock");
55 fputs(_(" -N, --partno <num> specify partition number\n"), out);
56@@ -2120,6 +2122,7 @@ int main(int argc, char *argv[])
57 const char *outarg = NULL;
58 int rc = -EINVAL, c, longidx = -1, bytes = 0;
59 int colormode = UL_COLORMODE_UNDEF;
60+ size_t user_ss = 0;
61 struct sfdisk _sf = {
62 .partno = -1,
63 .wipemode = WIPEMODE_AUTO,
64@@ -2145,6 +2148,7 @@ int main(int argc, char *argv[])
65 OPT_NOTELL,
66 OPT_RELOCATE,
67 OPT_LOCK,
68+ OPT_SECTORSIZE
69 };
70
71 static const struct option longopts[] = {
72@@ -2174,6 +2178,7 @@ int main(int argc, char *argv[])
73 { "output", required_argument, NULL, 'o' },
74 { "partno", required_argument, NULL, 'N' },
75 { "reorder", no_argument, NULL, 'r' },
76+ { "sector-size", required_argument, NULL, OPT_SECTORSIZE },
77 { "show-geometry", no_argument, NULL, 'g' },
78 { "quiet", no_argument, NULL, 'q' },
79 { "verify", no_argument, NULL, 'V' },
80@@ -2373,6 +2378,13 @@ int main(int argc, char *argv[])
81 sf->lockmode = optarg;
82 }
83 break;
84+ case OPT_SECTORSIZE:
85+ user_ss = strtou32_or_err(optarg,
86+ _("invalid sector size argument"));
87+ if (user_ss != 512 && user_ss != 1024 &&
88+ user_ss != 2048 && user_ss != 4096)
89+ errx(EXIT_FAILURE, _("invalid sector size argument"));
90+ break;
91 default:
92 errtryhelp(EXIT_FAILURE);
93 }
94@@ -2383,6 +2395,8 @@ int main(int argc, char *argv[])
95 sfdisk_init(sf);
96 if (bytes)
97 fdisk_set_size_unit(sf->cxt, FDISK_SIZEUNIT_BYTES);
98+ if (user_ss)
99+ fdisk_save_user_sector_size(sf->cxt, user_ss, user_ss);
100
101 if (outarg)
102 init_fields(NULL, outarg, NULL);
103--
1042.25.1
105
diff --git a/meta/recipes-core/util-linux/util-linux/avoid_parallel_tests.patch b/meta/recipes-core/util-linux/util-linux/avoid_parallel_tests.patch
index 8ea00dbb95..fe92afbc53 100644
--- a/meta/recipes-core/util-linux/util-linux/avoid_parallel_tests.patch
+++ b/meta/recipes-core/util-linux/util-linux/avoid_parallel_tests.patch
@@ -1,4 +1,4 @@
1From da58b4150f6932de36c962ea657713bcf4ea44be Mon Sep 17 00:00:00 2001 1From 43030388e831642d36cb7b9d4b63755e9696714a Mon Sep 17 00:00:00 2001
2From: Tudor Florea <tudor.florea@enea.com> 2From: Tudor Florea <tudor.florea@enea.com>
3Date: Mon, 14 Jun 2021 14:00:31 +0200 3Date: Mon, 14 Jun 2021 14:00:31 +0200
4Subject: [PATCH] util-linux: Add ptest 4Subject: [PATCH] util-linux: Add ptest
@@ -14,7 +14,7 @@ Upstream-Status: Inappropriate
14 1 file changed, 1 insertion(+), 1 deletion(-) 14 1 file changed, 1 insertion(+), 1 deletion(-)
15 15
16diff --git a/configure.ac b/configure.ac 16diff --git a/configure.ac b/configure.ac
17index 651ef2b..2a8012e 100644 17index 43a23a5..4a84531 100644
18--- a/configure.ac 18--- a/configure.ac
19+++ b/configure.ac 19+++ b/configure.ac
20@@ -11,7 +11,7 @@ AC_CONFIG_MACRO_DIR([m4]) 20@@ -11,7 +11,7 @@ AC_CONFIG_MACRO_DIR([m4])
diff --git a/meta/recipes-core/util-linux/util-linux/configure-sbindir.patch b/meta/recipes-core/util-linux/util-linux/configure-sbindir.patch
index 74abdc2038..ebb32a6845 100644
--- a/meta/recipes-core/util-linux/util-linux/configure-sbindir.patch
+++ b/meta/recipes-core/util-linux/util-linux/configure-sbindir.patch
@@ -1,4 +1,4 @@
1From 0387d71516c978899cfd556ca512f530a212b4a9 Mon Sep 17 00:00:00 2001 1From 378998bf82e3b6ff46569077b29f95e72b734681 Mon Sep 17 00:00:00 2001
2From: Phil Blundell <pb@pbcl.net> 2From: Phil Blundell <pb@pbcl.net>
3Date: Mon, 24 Sep 2012 07:24:51 +0100 3Date: Mon, 24 Sep 2012 07:24:51 +0100
4Subject: [PATCH] util-linux: Ensure that ${sbindir} is respected 4Subject: [PATCH] util-linux: Ensure that ${sbindir} is respected
@@ -14,7 +14,7 @@ Upstream-Status: Inappropriate [configuration]
14 1 file changed, 4 insertions(+), 1 deletion(-) 14 1 file changed, 4 insertions(+), 1 deletion(-)
15 15
16diff --git a/configure.ac b/configure.ac 16diff --git a/configure.ac b/configure.ac
17index 23594ff..651ef2b 100644 17index a5d9102..43a23a5 100644
18--- a/configure.ac 18--- a/configure.ac
19+++ b/configure.ac 19+++ b/configure.ac
20@@ -110,7 +110,10 @@ AC_SUBST([runstatedir]) 20@@ -110,7 +110,10 @@ AC_SUBST([runstatedir])
diff --git a/meta/recipes-core/util-linux/util-linux/display_testname_for_subtest.patch b/meta/recipes-core/util-linux/util-linux/display_testname_for_subtest.patch
index 871b0b2d30..fa4ae02bc3 100644
--- a/meta/recipes-core/util-linux/util-linux/display_testname_for_subtest.patch
+++ b/meta/recipes-core/util-linux/util-linux/display_testname_for_subtest.patch
@@ -1,4 +1,4 @@
1From 45450d0339cd7ee27f53c0f2fac1cc74ed9bbfb8 Mon Sep 17 00:00:00 2001 1From 728c2abd889d225535008c3e7a1eef4b8a0aeea2 Mon Sep 17 00:00:00 2001
2From: Tudor Florea <tudor.florea@enea.com> 2From: Tudor Florea <tudor.florea@enea.com>
3Date: Thu, 3 Dec 2015 04:08:00 +0100 3Date: Thu, 3 Dec 2015 04:08:00 +0100
4Subject: [PATCH] Display testname for subtest 4Subject: [PATCH] Display testname for subtest
@@ -10,10 +10,10 @@ Upstream-Status: Pending
10 1 file changed, 1 insertion(+), 1 deletion(-) 10 1 file changed, 1 insertion(+), 1 deletion(-)
11 11
12diff --git a/tests/functions.sh b/tests/functions.sh 12diff --git a/tests/functions.sh b/tests/functions.sh
13index 5fe5ba0..a6c703e 100644 13index 1d7a425..b1f0986 100644
14--- a/tests/functions.sh 14--- a/tests/functions.sh
15+++ b/tests/functions.sh 15+++ b/tests/functions.sh
16@@ -450,7 +450,7 @@ function ts_init_subtest { 16@@ -455,7 +455,7 @@ function ts_init_subtest {
17 17
18 if [ "$TS_PARSABLE" != "yes" ]; then 18 if [ "$TS_PARSABLE" != "yes" ]; then
19 [ $TS_NSUBTESTS -eq 1 ] && echo 19 [ $TS_NSUBTESTS -eq 1 ] && echo
diff --git a/meta/recipes-core/util-linux/util-linux/ptest.patch b/meta/recipes-core/util-linux/util-linux/ptest.patch
index 7345926b88..ad23001cfa 100644
--- a/meta/recipes-core/util-linux/util-linux/ptest.patch
+++ b/meta/recipes-core/util-linux/util-linux/ptest.patch
@@ -1,4 +1,4 @@
1From f9be73c3e2b0a4f0923950dcb058be85d3ee8ed7 Mon Sep 17 00:00:00 2001 1From 18bf6aded9b2a75185ae4b23a41cd2e4322c5e31 Mon Sep 17 00:00:00 2001
2From: Tudor Florea <tudor.florea@enea.com> 2From: Tudor Florea <tudor.florea@enea.com>
3Date: Thu, 3 Dec 2015 04:08:00 +0100 3Date: Thu, 3 Dec 2015 04:08:00 +0100
4Subject: [PATCH] Define TESTS variable 4Subject: [PATCH] Define TESTS variable
@@ -10,10 +10,10 @@ Upstream-Status: Pending
10 1 file changed, 1 insertion(+) 10 1 file changed, 1 insertion(+)
11 11
12diff --git a/Makefile.am b/Makefile.am 12diff --git a/Makefile.am b/Makefile.am
13index 50ab8d0..7e2340d 100644 13index 01e9970..c3313ff 100644
14--- a/Makefile.am 14--- a/Makefile.am
15+++ b/Makefile.am 15+++ b/Makefile.am
16@@ -64,6 +64,7 @@ tmpfiles_DATA = 16@@ -66,6 +66,7 @@ sysusers_DATA =
17 dist_bashcompletion_DATA = 17 dist_bashcompletion_DATA =
18 check_PROGRAMS = 18 check_PROGRAMS =
19 dist_check_SCRIPTS = 19 dist_check_SCRIPTS =
diff --git a/meta/recipes-core/util-linux/util-linux/run-ptest b/meta/recipes-core/util-linux/util-linux/run-ptest
index 6886b66c49..1410229172 100644
--- a/meta/recipes-core/util-linux/util-linux/run-ptest
+++ b/meta/recipes-core/util-linux/util-linux/run-ptest
@@ -22,10 +22,8 @@ modprobe loop
22# for a long description of mount namespaces in Linux 22# for a long description of mount namespaces in Linux
23mount --make-shared / 23mount --make-shared /
24 24
25# lsfd/option-inet has races in the test script:
26# https://github.com/util-linux/util-linux/issues/2399
27# lsfd/mkfds-bpf* have issues with the gcc 15 upgrade 25# lsfd/mkfds-bpf* have issues with the gcc 15 upgrade
28./tests/run.sh --use-system-commands --parsable --show-diff --exclude='lsfd/option-inet lsfd/mkfds-bpf-map lsfd/mkfds-bpf-prog' | sed -u '{ 26./tests/run.sh --use-system-commands --parsable --show-diff --exclude='lsfd/mkfds-bpf-map lsfd/mkfds-bpf-prog' | sed -u '{
29 s/^\(.*\):\(.*\) \.\.\. OK$/PASS: \1:\2/ 27 s/^\(.*\):\(.*\) \.\.\. OK$/PASS: \1:\2/
30 s/^\(.*\):\(.*\) \.\.\. FAILED \(.*\)$/FAIL: \1:\2 \3/ 28 s/^\(.*\):\(.*\) \.\.\. FAILED \(.*\)$/FAIL: \1:\2 \3/
31 s/^\(.*\):\(.*\) \.\.\. SKIPPED \(.*\)$/SKIP: \1:\2 \3/ 29 s/^\(.*\):\(.*\) \.\.\. SKIPPED \(.*\)$/SKIP: \1:\2 \3/
diff --git a/meta/recipes-core/util-linux/util-linux_2.40.4.bb b/meta/recipes-core/util-linux/util-linux_2.41.bb
index 81bd298dd9..00036e8a68 100644
--- a/meta/recipes-core/util-linux/util-linux_2.40.4.bb
+++ b/meta/recipes-core/util-linux/util-linux_2.41.bb
@@ -356,9 +356,11 @@ do_install_ptest() {
356 356
357 sed -i 's|@base_sbindir@|${base_sbindir}|g' ${D}${PTEST_PATH}/run-ptest 357 sed -i 's|@base_sbindir@|${base_sbindir}|g' ${D}${PTEST_PATH}/run-ptest
358 358
359 # chfn needs PAM
360 if ! ${@bb.utils.contains('PACKAGECONFIG', 'pam', 'true', 'false', d)}; then 359 if ! ${@bb.utils.contains('PACKAGECONFIG', 'pam', 'true', 'false', d)}; then
360 # chfn needs PAM
361 rm -rf ${D}${PTEST_PATH}/tests/ts/chfn 361 rm -rf ${D}${PTEST_PATH}/tests/ts/chfn
362 # su is not enabled when pam is not in PACKAGECONFIG
363 rm -rf ${D}${PTEST_PATH}/tests/ts/su
362 fi 364 fi
363 # remove raid tests, known failures and avoid dependency on mdadm therefore 365 # remove raid tests, known failures and avoid dependency on mdadm therefore
364 # See https://github.com/util-linux/util-linux/commit/7519c3edab120b14623931d5ddb16fdc6e7cad5d 366 # See https://github.com/util-linux/util-linux/commit/7519c3edab120b14623931d5ddb16fdc6e7cad5d
diff --git a/meta/recipes-devtools/binutils/binutils-2.44.inc b/meta/recipes-devtools/binutils/binutils-2.44.inc
index 40a9a53310..7d1de61e10 100644
--- a/meta/recipes-devtools/binutils/binutils-2.44.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.44.inc
@@ -37,5 +37,6 @@ SRC_URI = "\
37 file://0014-Remove-duplicate-pe-dll.o-entry-deom-targ_extra_ofil.patch \ 37 file://0014-Remove-duplicate-pe-dll.o-entry-deom-targ_extra_ofil.patch \
38 file://0015-CVE-2025-1178.patch \ 38 file://0015-CVE-2025-1178.patch \
39 file://CVE-2025-1180.patch \ 39 file://CVE-2025-1180.patch \
40 file://CVE-2025-1182.patch \
40" 41"
41S = "${WORKDIR}/git" 42S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2025-1182.patch b/meta/recipes-devtools/binutils/binutils/CVE-2025-1182.patch
new file mode 100644
index 0000000000..4a3b6f072b
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2025-1182.patch
@@ -0,0 +1,36 @@
1From 92bcd04fcd97f261ff40e9248e00a1dbebf3a536 Mon Sep 17 00:00:00 2001
2From: Nick Clifton <nickc@redhat.com>
3Date: Tue, 27 May 2025 03:37:50 -0700
4Subject: [PATCH] Backport fix for PR 32644(CVE-2025-1182)
5
6Fix another illegal memory access triggered by corrupt ELF input files.
7
8PR 32644
9
10(cherry picked from commit:b425859021d17adf62f06fb904797cf8642986ad)
11Upstream-Status: Submitted [https://sourceware.org/pipermail/binutils/2025-May/141415.html]
12CVE: CVE-2025-1182
13
14Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
15---
16 bfd/elflink.c | 4 ++++
17 1 file changed, 4 insertions(+)
18
19diff --git a/bfd/elflink.c b/bfd/elflink.c
20index 6346d7e2b4b..a0b237b2224 100644
21--- a/bfd/elflink.c
22+++ b/bfd/elflink.c
23@@ -15084,6 +15084,10 @@ bfd_elf_reloc_symbol_deleted_p (bfd_vma offset, void *cookie)
24 }
25 else
26 {
27+ if (r_symndx >= rcookie->locsymcount)
28+ /* This can happen with corrupt input. */
29+ return false;
30+
31 /* It's not a relocation against a global symbol,
32 but it could be a relocation against a local
33 symbol for a discarded section. */
34--
352.49.0
36
diff --git a/meta/recipes-devtools/gcc/gcc-multilib-config.inc b/meta/recipes-devtools/gcc/gcc-multilib-config.inc
index d9959364c3..1a4169f91a 100644
--- a/meta/recipes-devtools/gcc/gcc-multilib-config.inc
+++ b/meta/recipes-devtools/gcc/gcc-multilib-config.inc
@@ -149,6 +149,7 @@ python gcc_multilib_setup() {
149 'i686' : ['gcc/config/i386/t-linux64'], 149 'i686' : ['gcc/config/i386/t-linux64'],
150 'mips' : ['gcc/config/mips/t-linux64'], 150 'mips' : ['gcc/config/mips/t-linux64'],
151 'mips64' : ['gcc/config/mips/t-linux64'], 151 'mips64' : ['gcc/config/mips/t-linux64'],
152 'riscv32' : ['gcc/config/riscv/t-linux-multilib'],
152 'riscv64' : ['gcc/config/riscv/t-linux-multilib'], 153 'riscv64' : ['gcc/config/riscv/t-linux-multilib'],
153 'powerpc' : ['gcc/config/rs6000/t-linux64'], 154 'powerpc' : ['gcc/config/rs6000/t-linux64'],
154 'powerpc64' : ['gcc/config/rs6000/t-linux64'], 155 'powerpc64' : ['gcc/config/rs6000/t-linux64'],
@@ -166,6 +167,7 @@ python gcc_multilib_setup() {
166 'powerpc64' : ['gcc/config/linux.h', 'gcc/config/rs6000/linux64.h'], 167 'powerpc64' : ['gcc/config/linux.h', 'gcc/config/rs6000/linux64.h'],
167 'aarch64' : ['gcc/config/linux.h', 'gcc/config/aarch64/aarch64-linux.h', 'gcc/config/arm/linux-eabi.h'], 168 'aarch64' : ['gcc/config/linux.h', 'gcc/config/aarch64/aarch64-linux.h', 'gcc/config/arm/linux-eabi.h'],
168 'arm' : ['gcc/config/linux.h', 'gcc/config/aarch64/aarch64-linux.h', 'gcc/config/arm/linux-eabi.h'], 169 'arm' : ['gcc/config/linux.h', 'gcc/config/aarch64/aarch64-linux.h', 'gcc/config/arm/linux-eabi.h'],
170 'riscv32' : ['gcc/config/linux.h'],
169 'riscv64' : ['gcc/config/linux.h'], 171 'riscv64' : ['gcc/config/linux.h'],
170 } 172 }
171 173
diff --git a/meta/recipes-devtools/gcc/gcc-runtime.inc b/meta/recipes-devtools/gcc/gcc-runtime.inc
index fe1f43b2fd..c4e1c5b9a5 100644
--- a/meta/recipes-devtools/gcc/gcc-runtime.inc
+++ b/meta/recipes-devtools/gcc/gcc-runtime.inc
@@ -144,7 +144,7 @@ do_install:append:class-target () {
144 ln -sf ../${X86ARCH32}${TARGET_VENDOR}-${TARGET_OS} ${D}${includedir}/c++/${BINV}/${TARGET_ARCH}${TARGET_VENDOR}-${TARGET_OS}/32 144 ln -sf ../${X86ARCH32}${TARGET_VENDOR}-${TARGET_OS} ${D}${includedir}/c++/${BINV}/${TARGET_ARCH}${TARGET_VENDOR}-${TARGET_OS}/32
145 fi 145 fi
146 146
147 if [ "${TARGET_ARCH}" = "riscv64" -a "${MULTILIB_VARIANTS}" = "" ]; then 147 if [ "${TARGET_ARCH}" = "riscv32" -o "${TARGET_ARCH}" = "riscv64" ] && [ -z "${MULTILIB_VARIANTS}" ]; then
148 mv ${D}${includedir}/c++/${BINV}/${TARGET_SYS}/bits/* ${D}${includedir}/c++/${BINV}/bits 148 mv ${D}${includedir}/c++/${BINV}/${TARGET_SYS}/bits/* ${D}${includedir}/c++/${BINV}/bits
149 mv ${D}${includedir}/c++/${BINV}/${TARGET_SYS}/ext/* ${D}${includedir}/c++/${BINV}/ext 149 mv ${D}${includedir}/c++/${BINV}/${TARGET_SYS}/ext/* ${D}${includedir}/c++/${BINV}/ext
150 fi 150 fi
diff --git a/meta/recipes-devtools/rust/files/0001-Disable-libunwind-cross-architecture-unwinding.patch b/meta/recipes-devtools/rust/files/0001-Disable-libunwind-cross-architecture-unwinding.patch
new file mode 100644
index 0000000000..4a282032eb
--- /dev/null
+++ b/meta/recipes-devtools/rust/files/0001-Disable-libunwind-cross-architecture-unwinding.patch
@@ -0,0 +1,46 @@
1From 56b669cd7adcc413bb1e64c3d2d7c347a82ae35a Mon Sep 17 00:00:00 2001
2From: Khem Raj <raj.khem@gmail.com>
3Date: Wed, 21 May 2025 18:47:09 -0700
4Subject: [PATCH] Disable libunwind cross-architecture unwinding
5
6Building with _LIBUNWIND_IS_NATIVE_ONLY disables code for cross-architecture unwinding
7it is disabled by default in LLVM [1], replicate the cmake behavior in bootstrap process
8
9It also enables some additional code that handles PAC-specific unwind info
10it helps compiling with the -mbranch-protection=pac or -mbranch-protection=standard flags
11
12This fixes build with clang/musl on aarch64
13
14[1] https://github.com/llvm/llvm-project/commit/85624c5de3e831ffa01fdc2d159e3d69c30de08d
15
16Upstream-Status: Submitted [https://github.com/rust-lang/rust/pull/141375]
17Signed-off-by: Khem Raj <raj.khem@gmail.com>
18---
19 src/bootstrap/src/core/build_steps/llvm.rs | 3 +--
20 1 file changed, 1 insertion(+), 2 deletions(-)
21
22diff --git a/src/bootstrap/src/core/build_steps/llvm.rs b/src/bootstrap/src/core/build_steps/llvm.rs
23index a3788197471..5e4a1c7d9f0 100644
24--- a/src/bootstrap/src/core/build_steps/llvm.rs
25+++ b/src/bootstrap/src/core/build_steps/llvm.rs
26@@ -1430,6 +1430,7 @@ fn run(self, builder: &Builder<'_>) -> Self::Output {
27 cfg.flag("-funwind-tables");
28 cfg.flag("-fvisibility=hidden");
29 cfg.define("_LIBUNWIND_DISABLE_VISIBILITY_ANNOTATIONS", None);
30+ cfg.define("_LIBUNWIND_IS_NATIVE_ONLY", "1");
31 cfg.include(root.join("include"));
32 cfg.cargo_metadata(false);
33 cfg.out_dir(&out_dir);
34@@ -1447,12 +1448,10 @@ fn run(self, builder: &Builder<'_>) -> Self::Output {
35 cfg.define("__NO_STRING_INLINES", None);
36 cfg.define("__NO_MATH_INLINES", None);
37 cfg.define("_LIBUNWIND_IS_BAREMETAL", None);
38- cfg.define("__LIBUNWIND_IS_NATIVE_ONLY", None);
39 cfg.define("NDEBUG", None);
40 }
41 if self.target.is_windows() {
42 cfg.define("_LIBUNWIND_HIDE_SYMBOLS", "1");
43- cfg.define("_LIBUNWIND_IS_NATIVE_ONLY", "1");
44 }
45 }
46
diff --git a/meta/recipes-devtools/rust/rust-source.inc b/meta/recipes-devtools/rust/rust-source.inc
index 82d28cf09f..6cb08b7c38 100644
--- a/meta/recipes-devtools/rust/rust-source.inc
+++ b/meta/recipes-devtools/rust/rust-source.inc
@@ -9,6 +9,7 @@ SRC_URI += "https://static.rust-lang.org/dist/rustc-${RUST_VERSION}-src.tar.xz;n
9 file://revert-link-std-statically-in-rustc_driver-feature.patch;patchdir=${RUSTSRC} \ 9 file://revert-link-std-statically-in-rustc_driver-feature.patch;patchdir=${RUSTSRC} \
10 file://Zdual-proc-macros-additional-check.patch;patchdir=${RUSTSRC} \ 10 file://Zdual-proc-macros-additional-check.patch;patchdir=${RUSTSRC} \
11 file://0001-libunwind-Use-gcs-instead-of-gcs-target-attribute.patch;patchdir=${RUSTSRC} \ 11 file://0001-libunwind-Use-gcs-instead-of-gcs-target-attribute.patch;patchdir=${RUSTSRC} \
12 file://0001-Disable-libunwind-cross-architecture-unwinding.patch;patchdir=${RUSTSRC} \
12" 13"
13SRC_URI[rust.sha256sum] = "b1fbf809efe9f036939401e142631c201a53bcf43ec1696bd9f5290ba236a266" 14SRC_URI[rust.sha256sum] = "b1fbf809efe9f036939401e142631c201a53bcf43ec1696bd9f5290ba236a266"
14 15
diff --git a/meta/recipes-extended/diffutils/diffutils_3.11.bb b/meta/recipes-extended/diffutils/diffutils_3.12.bb
index a4badc044e..d00dd772ad 100644
--- a/meta/recipes-extended/diffutils/diffutils_3.11.bb
+++ b/meta/recipes-extended/diffutils/diffutils_3.12.bb
@@ -8,9 +8,10 @@ SRC_URI = "${GNU_MIRROR}/diffutils/diffutils-${PV}.tar.xz \
8 file://0001-Skip-strip-trailing-cr-test-case.patch \ 8 file://0001-Skip-strip-trailing-cr-test-case.patch \
9 " 9 "
10 10
11SRC_URI[sha256sum] = "a73ef05fe37dd585f7d87068e4a0639760419f810138bd75c61ddaa1f9e2131e" 11SRC_URI[sha256sum] = "7c8b7f9fc8609141fdea9cece85249d308624391ff61dedaf528fcb337727dfd"
12 12
13EXTRA_OECONF += "ac_cv_path_PR_PROGRAM=${bindir}/pr --without-libsigsegv-prefix" 13EXTRA_OECONF += "ac_cv_path_PR_PROGRAM=${bindir}/pr --without-libsigsegv-prefix"
14EXTRA_OECONF += "gl_cv_func_strcasecmp_works=yes"
14 15
15# latest gnulib is no longer able to handle this - I dare not try to fix that maze of abstractions and generators 16# latest gnulib is no longer able to handle this - I dare not try to fix that maze of abstractions and generators
16CFLAGS:mingw32 = " -DSA_RESTART=0" 17CFLAGS:mingw32 = " -DSA_RESTART=0"
diff --git a/meta/recipes-extended/shadow/shadow_4.17.3.bb b/meta/recipes-extended/shadow/shadow_4.17.4.bb
index 3d07aec3d6..73942888b6 100644
--- a/meta/recipes-extended/shadow/shadow_4.17.3.bb
+++ b/meta/recipes-extended/shadow/shadow_4.17.4.bb
@@ -25,7 +25,7 @@ SRC_URI:append:class-native = " \
25 file://commonio.c-fix-unexpected-open-failure-in-chroot-env.patch \ 25 file://commonio.c-fix-unexpected-open-failure-in-chroot-env.patch \
26 file://disable_syslog.patch \ 26 file://disable_syslog.patch \
27 " 27 "
28SRC_URI[sha256sum] = "2a029091d2c2f116f51b3a817ec16e7da22310a6c8116394457483c668c84b36" 28SRC_URI[sha256sum] = "0a288c251f339846af6bdfd4447b196153204deba42407bce5b0917998322e9b"
29UPSTREAM_CHECK_REGEX = "releases/tag/v?(?P<pver>\d+(\.\d+)+)$" 29UPSTREAM_CHECK_REGEX = "releases/tag/v?(?P<pver>\d+(\.\d+)+)$"
30 30
31# Additional Policy files for PAM 31# Additional Policy files for PAM
diff --git a/meta/recipes-graphics/jpeg/libjpeg-turbo_3.1.0.bb b/meta/recipes-graphics/jpeg/libjpeg-turbo_3.1.0.bb
index 8533bd8525..a5f1932a90 100644
--- a/meta/recipes-graphics/jpeg/libjpeg-turbo_3.1.0.bb
+++ b/meta/recipes-graphics/jpeg/libjpeg-turbo_3.1.0.bb
@@ -47,6 +47,12 @@ EXTRA_OECMAKE:append:class-target:powerpc64le = " ${@bb.utils.contains("TUNE_FEA
47DEBUG_OPTIMIZATION:append:armv4 = " ${@bb.utils.contains('TUNE_CCARGS', '-mthumb', '-fomit-frame-pointer', '', d)}" 47DEBUG_OPTIMIZATION:append:armv4 = " ${@bb.utils.contains('TUNE_CCARGS', '-mthumb', '-fomit-frame-pointer', '', d)}"
48DEBUG_OPTIMIZATION:append:armv5 = " ${@bb.utils.contains('TUNE_CCARGS', '-mthumb', '-fomit-frame-pointer', '', d)}" 48DEBUG_OPTIMIZATION:append:armv5 = " ${@bb.utils.contains('TUNE_CCARGS', '-mthumb', '-fomit-frame-pointer', '', d)}"
49 49
50# libjpeg-turbo-2.0.2/simd/mips/jsimd_dspr2.S
51# <instantiation>:13:5: error: invalid token in expression
52# .if $17 != 0
53# ^
54CFLAGS:append:toolchain-clang:mipsarch = " -fno-integrated-as"
55
50PACKAGES =+ "jpeg-tools libturbojpeg" 56PACKAGES =+ "jpeg-tools libturbojpeg"
51 57
52DESCRIPTION:jpeg-tools = "The jpeg-tools package includes client programs to access libjpeg functionality. These tools allow for the compression, decompression, transformation and display of JPEG files and benchmarking of the libjpeg library." 58DESCRIPTION:jpeg-tools = "The jpeg-tools package includes client programs to access libjpeg functionality. These tools allow for the compression, decompression, transformation and display of JPEG files and benchmarking of the libjpeg library."
diff --git a/meta/recipes-graphics/mesa/files/0001-meson-stop-building-XA-by-default.patch b/meta/recipes-graphics/mesa/files/0001-meson-stop-building-XA-by-default.patch
new file mode 100644
index 0000000000..4372675952
--- /dev/null
+++ b/meta/recipes-graphics/mesa/files/0001-meson-stop-building-XA-by-default.patch
@@ -0,0 +1,33 @@
1From 31a835dd2573c17d77efa8803c7fb28e0d58abc6 Mon Sep 17 00:00:00 2001
2From: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
3Date: Thu, 22 May 2025 20:11:46 +0300
4Subject: [PATCH] meson: stop building XA by default
5
6Commit cf40099730c4 ("meson: deprecate gallium-xa") deprecated XA
7tracker, but didn't disable it by default. Thus any attempt to disable
8it would cause a deprecated option warning. Flip the default to disable
9XA tracker by default.
10
11Fixes: cf40099730c4 ("meson: deprecate gallium-xa")
12Backport-to: 25.1
13Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
14Upstream-Status: Backport [https://gitlab.freedesktop.org/mesa/mesa/-/commit/31cf6b94ad1dfaf4272b22a39d7e2805d03f9375]
15---
16 meson.options | 1 +
17 1 file changed, 1 insertion(+)
18
19diff --git a/meson.options b/meson.options
20index e6c9567ade86..a56bcef6e2ca 100644
21--- a/meson.options
22+++ b/meson.options
23@@ -127,6 +127,7 @@ option(
24 option(
25 'gallium-xa',
26 type : 'feature',
27+ value : 'disabled',
28 description : 'enable gallium xa frontend.',
29 deprecated: true,
30 )
31--
322.47.2
33
diff --git a/meta/recipes-graphics/mesa/mesa-gl.bb b/meta/recipes-graphics/mesa/mesa-gl.bb
index ca160f1bfc..680fda1be5 100644
--- a/meta/recipes-graphics/mesa/mesa-gl.bb
+++ b/meta/recipes-graphics/mesa/mesa-gl.bb
@@ -10,6 +10,6 @@ TARGET_CFLAGS = "-I${STAGING_INCDIR}/drm"
10 10
11# At least one DRI rendering engine is required to build mesa. 11# At least one DRI rendering engine is required to build mesa.
12# When no X11 is available, use osmesa for the rendering engine. 12# When no X11 is available, use osmesa for the rendering engine.
13PACKAGECONFIG ??= "opengl gallium ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11', 'osmesa', d)}" 13PACKAGECONFIG ??= "opengl gallium ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11', '', d)}"
14PACKAGECONFIG:class-target = "opengl gallium ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11', 'osmesa', d)}" 14PACKAGECONFIG:class-target = "opengl gallium ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11', '', d)}"
15 15
diff --git a/meta/recipes-graphics/mesa/mesa.inc b/meta/recipes-graphics/mesa/mesa.inc
index 7c067420c1..4b1e427ad5 100644
--- a/meta/recipes-graphics/mesa/mesa.inc
+++ b/meta/recipes-graphics/mesa/mesa.inc
@@ -18,6 +18,7 @@ SRC_URI = "https://archive.mesa3d.org/mesa-${PV}.tar.xz \
18 file://0001-meson-misdetects-64bit-atomics-on-mips-clang.patch \ 18 file://0001-meson-misdetects-64bit-atomics-on-mips-clang.patch \
19 file://0001-freedreno-don-t-encode-build-path-into-binaries.patch \ 19 file://0001-freedreno-don-t-encode-build-path-into-binaries.patch \
20 file://0001-dont-build-clover-frontend.patch \ 20 file://0001-dont-build-clover-frontend.patch \
21 file://0001-meson-stop-building-XA-by-default.patch \
21" 22"
22 23
23SRC_URI[sha256sum] = "cf942a18b7b9e9b88524dcbf0b31fed3cde18e6d52b3375b0ab6587a14415bce" 24SRC_URI[sha256sum] = "cf942a18b7b9e9b88524dcbf0b31fed3cde18e6d52b3375b0ab6587a14415bce"
@@ -197,7 +198,6 @@ MESA_NATIVE:class-native = ""
197PACKAGECONFIG[gallium] = "-Dgallium-drivers=${@strip_comma('${GALLIUMDRIVERS}')}, -Dgallium-drivers='', libdrm" 198PACKAGECONFIG[gallium] = "-Dgallium-drivers=${@strip_comma('${GALLIUMDRIVERS}')}, -Dgallium-drivers='', libdrm"
198PACKAGECONFIG[gallium-llvm] = "-Dllvm=enabled -Dshared-llvm=enabled, -Dllvm=disabled, llvm llvm-native elfutils" 199PACKAGECONFIG[gallium-llvm] = "-Dllvm=enabled -Dshared-llvm=enabled, -Dllvm=disabled, llvm llvm-native elfutils"
199PACKAGECONFIG[libclc] = "-Dmesa-clc=${MESA_CLC} -Dinstall-mesa-clc=${INSTALL_MESA_CLC} -Dmesa-clc-bundle-headers=enabled,,libclc spirv-tools spirv-llvm-translator ${MESA_NATIVE}" 200PACKAGECONFIG[libclc] = "-Dmesa-clc=${MESA_CLC} -Dinstall-mesa-clc=${INSTALL_MESA_CLC} -Dmesa-clc-bundle-headers=enabled,,libclc spirv-tools spirv-llvm-translator ${MESA_NATIVE}"
200PACKAGECONFIG[xa] = "-Dgallium-xa=enabled, -Dgallium-xa=disabled"
201PACKAGECONFIG[va] = "-Dgallium-va=enabled,-Dgallium-va=disabled,libva-initial" 201PACKAGECONFIG[va] = "-Dgallium-va=enabled,-Dgallium-va=disabled,libva-initial"
202PACKAGECONFIG[vdpau] = "-Dgallium-vdpau=enabled,-Dgallium-vdpau=disabled,libvdpau" 202PACKAGECONFIG[vdpau] = "-Dgallium-vdpau=enabled,-Dgallium-vdpau=disabled,libvdpau"
203 203
@@ -228,6 +228,8 @@ PACKAGECONFIG[lmsensors] = "-Dlmsensors=enabled,-Dlmsensors=disabled,lmsensors"
228VIDEO_CODECS ?= "${@bb.utils.contains('LICENSE_FLAGS_ACCEPTED', 'commercial', 'all', 'all_free', d)}" 228VIDEO_CODECS ?= "${@bb.utils.contains('LICENSE_FLAGS_ACCEPTED', 'commercial', 'all', 'all_free', d)}"
229PACKAGECONFIG[video-codecs] = "-Dvideo-codecs=${VIDEO_CODECS}, -Dvideo-codecs=''" 229PACKAGECONFIG[video-codecs] = "-Dvideo-codecs=${VIDEO_CODECS}, -Dvideo-codecs=''"
230 230
231PACKAGECONFIG[teflon] = "-Dteflon=true, -Dteflon=false"
232
231# llvmpipe is slow if compiled with -fomit-frame-pointer (e.g. -O2) 233# llvmpipe is slow if compiled with -fomit-frame-pointer (e.g. -O2)
232FULL_OPTIMIZATION:append = " -fno-omit-frame-pointer" 234FULL_OPTIMIZATION:append = " -fno-omit-frame-pointer"
233 235
@@ -253,7 +255,7 @@ PACKAGES =+ "libegl-mesa libegl-mesa-dev \
253 libgles1-mesa libgles1-mesa-dev \ 255 libgles1-mesa libgles1-mesa-dev \
254 libgles2-mesa libgles2-mesa-dev \ 256 libgles2-mesa libgles2-mesa-dev \
255 libopencl-mesa \ 257 libopencl-mesa \
256 libxatracker libxatracker-dev \ 258 libteflon \
257 mesa-megadriver mesa-vulkan-drivers \ 259 mesa-megadriver mesa-vulkan-drivers \
258 mesa-vdpau-drivers mesa-tools \ 260 mesa-vdpau-drivers mesa-tools \
259 " 261 "
@@ -345,7 +347,6 @@ FILES:libgl-mesa = "${libdir}/libGL.so.*"
345FILES:libglx-mesa = "${libdir}/libGLX*.so.*" 347FILES:libglx-mesa = "${libdir}/libGLX*.so.*"
346FILES:libopencl-mesa = "${libdir}/lib*OpenCL.so* ${sysconfdir}/OpenCL/vendors/*.icd" 348FILES:libopencl-mesa = "${libdir}/lib*OpenCL.so* ${sysconfdir}/OpenCL/vendors/*.icd"
347FILES:libglapi = "${libdir}/libglapi.so.*" 349FILES:libglapi = "${libdir}/libglapi.so.*"
348FILES:libxatracker = "${libdir}/libxatracker.so.*"
349 350
350FILES:${PN}-dev = "${libdir}/pkgconfig/dri.pc ${includedir}/GL/internal/dri_interface.h ${includedir}/vulkan ${libdir}/vdpau/*.so" 351FILES:${PN}-dev = "${libdir}/pkgconfig/dri.pc ${includedir}/GL/internal/dri_interface.h ${includedir}/vulkan ${libdir}/vdpau/*.so"
351FILES:libegl-mesa-dev = "${libdir}/libEGL*.* ${includedir}/EGL ${includedir}/KHR ${libdir}/pkgconfig/egl.pc" 352FILES:libegl-mesa-dev = "${libdir}/libEGL*.* ${includedir}/EGL ${includedir}/KHR ${libdir}/pkgconfig/egl.pc"
@@ -354,9 +355,7 @@ FILES:libgl-mesa-dev = "${libdir}/libGL.* ${includedir}/GL/*.h ${libdir}/pkgconf
354FILES:libglapi-dev = "${libdir}/libglapi.*" 355FILES:libglapi-dev = "${libdir}/libglapi.*"
355FILES:libgles1-mesa-dev = "${libdir}/libGLESv1*.* ${includedir}/GLES ${libdir}/pkgconfig/glesv1*.pc" 356FILES:libgles1-mesa-dev = "${libdir}/libGLESv1*.* ${includedir}/GLES ${libdir}/pkgconfig/glesv1*.pc"
356FILES:libgles2-mesa-dev = "${libdir}/libGLESv2.* ${includedir}/GLES2 ${includedir}/GLES3 ${libdir}/pkgconfig/glesv2.pc" 357FILES:libgles2-mesa-dev = "${libdir}/libGLESv2.* ${includedir}/GLES2 ${includedir}/GLES3 ${libdir}/pkgconfig/glesv2.pc"
357FILES:libxatracker-dev = "${libdir}/libxatracker.so ${libdir}/libxatracker.la \ 358FILES:libteflon = "${libdir}/libteflon.so"
358 ${includedir}/xa_tracker.h ${includedir}/xa_composite.h ${includedir}/xa_context.h \
359 ${libdir}/pkgconfig/xatracker.pc"
360# catch all to get all the tools and data 359# catch all to get all the tools and data
361FILES:${PN}-tools = "${bindir} ${datadir}" 360FILES:${PN}-tools = "${bindir} ${datadir}"
362ALLOW_EMPTY:${PN}-tools = "1" 361ALLOW_EMPTY:${PN}-tools = "1"
diff --git a/meta/recipes-graphics/vulkan/vulkan-samples_git.bb b/meta/recipes-graphics/vulkan/vulkan-samples_git.bb
index 22b5546631..1caff12a5b 100644
--- a/meta/recipes-graphics/vulkan/vulkan-samples_git.bb
+++ b/meta/recipes-graphics/vulkan/vulkan-samples_git.bb
@@ -31,4 +31,8 @@ EXTRA_OECMAKE += "-DCMAKE_DISABLE_PRECOMPILE_HEADERS=ON"
31# This needs to be specified explicitly to avoid xcb/xlib dependencies 31# This needs to be specified explicitly to avoid xcb/xlib dependencies
32EXTRA_OECMAKE += "-DVKB_WSI_SELECTION=D2D" 32EXTRA_OECMAKE += "-DVKB_WSI_SELECTION=D2D"
33 33
34# Clang is fussy about incompatible options on aarch64/x86_64
35# x86_64-poky-linux-clang++: error: overriding '-ffp-model=precise' option with '-ffp-contract=fast' [-Werror,-Woverriding-option]
36CXXFLAGS:append:toolchain-clang = " -Wno-error=overriding-option"
37
34COMPATIBLE_HOST = "(aarch64|x86_64).*-linux" 38COMPATIBLE_HOST = "(aarch64|x86_64).*-linux"
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
index 656d1f6898..d33880eae0 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
@@ -1,9 +1,11 @@
1 1
2# Auto-generated CVE metadata, DO NOT EDIT BY HAND. 2# Auto-generated CVE metadata, DO NOT EDIT BY HAND.
3# Generated at 2025-05-12 13:07:15.166162+00:00 for version 6.12.27 3# Generated at 2025-05-29 10:54:43.823437+00:00 for kernel version 6.12.30
4# From cvelistV5 cve_2025-05-29_1000Z-1-g4f2590b715f
5
4 6
5python check_kernel_cve_status_version() { 7python check_kernel_cve_status_version() {
6 this_version = "6.12.27" 8 this_version = "6.12.30"
7 kernel_version = d.getVar("LINUX_VERSION") 9 kernel_version = d.getVar("LINUX_VERSION")
8 if kernel_version != this_version: 10 if kernel_version != this_version:
9 bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) 11 bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -1956,7 +1958,7 @@ CVE_STATUS[CVE-2022-48840] = "fixed-version: Fixed from version 5.16.17"
1956 1958
1957CVE_STATUS[CVE-2022-48841] = "fixed-version: Fixed from version 5.17" 1959CVE_STATUS[CVE-2022-48841] = "fixed-version: Fixed from version 5.17"
1958 1960
1959CVE_STATUS[CVE-2022-48842] = "fixed-version: Fixed from version 5.17" 1961CVE_STATUS[CVE-2022-48842] = "fixed-version: Fixed from version 5.16.16"
1960 1962
1961CVE_STATUS[CVE-2022-48843] = "fixed-version: Fixed from version 5.17" 1963CVE_STATUS[CVE-2022-48843] = "fixed-version: Fixed from version 5.17"
1962 1964
@@ -2358,8 +2360,6 @@ CVE_STATUS[CVE-2022-49054] = "fixed-version: Fixed from version 5.18"
2358 2360
2359CVE_STATUS[CVE-2022-49055] = "fixed-version: Fixed from version 5.18" 2361CVE_STATUS[CVE-2022-49055] = "fixed-version: Fixed from version 5.18"
2360 2362
2361CVE_STATUS[CVE-2022-49056] = "fixed-version: Fixed from version 5.17.4"
2362
2363CVE_STATUS[CVE-2022-49057] = "fixed-version: Fixed from version 5.18" 2363CVE_STATUS[CVE-2022-49057] = "fixed-version: Fixed from version 5.18"
2364 2364
2365CVE_STATUS[CVE-2022-49058] = "fixed-version: Fixed from version 5.18" 2365CVE_STATUS[CVE-2022-49058] = "fixed-version: Fixed from version 5.18"
@@ -4078,8 +4078,6 @@ CVE_STATUS[CVE-2022-49931] = "fixed-version: Fixed from version 6.1"
4078 4078
4079CVE_STATUS[CVE-2022-49932] = "fixed-version: Fixed from version 6.3" 4079CVE_STATUS[CVE-2022-49932] = "fixed-version: Fixed from version 6.3"
4080 4080
4081CVE_STATUS[CVE-2022-49933] = "fixed-version: Fixed from version 6.3"
4082
4083# CVE-2023-34319 has no known resolution 4081# CVE-2023-34319 has no known resolution
4084 4082
4085# CVE-2023-34324 has no known resolution 4083# CVE-2023-34324 has no known resolution
@@ -4564,7 +4562,7 @@ CVE_STATUS[CVE-2023-52731] = "fixed-version: Fixed from version 6.2"
4564 4562
4565CVE_STATUS[CVE-2023-52732] = "fixed-version: Fixed from version 6.2" 4563CVE_STATUS[CVE-2023-52732] = "fixed-version: Fixed from version 6.2"
4566 4564
4567CVE_STATUS[CVE-2023-52733] = "fixed-version: Fixed from version 6.2" 4565# CVE-2023-52733 has no known resolution
4568 4566
4569CVE_STATUS[CVE-2023-52735] = "fixed-version: Fixed from version 6.2" 4567CVE_STATUS[CVE-2023-52735] = "fixed-version: Fixed from version 6.2"
4570 4568
@@ -5284,6 +5282,8 @@ CVE_STATUS[CVE-2023-53144] = "fixed-version: Fixed from version 6.3"
5284 5282
5285CVE_STATUS[CVE-2023-53145] = "fixed-version: Fixed from version 6.3" 5283CVE_STATUS[CVE-2023-53145] = "fixed-version: Fixed from version 6.3"
5286 5284
5285CVE_STATUS[CVE-2023-53146] = "fixed-version: Fixed from version 6.6"
5286
5287CVE_STATUS[CVE-2024-26581] = "fixed-version: Fixed from version 6.8" 5287CVE_STATUS[CVE-2024-26581] = "fixed-version: Fixed from version 6.8"
5288 5288
5289CVE_STATUS[CVE-2024-26582] = "fixed-version: Fixed from version 6.8" 5289CVE_STATUS[CVE-2024-26582] = "fixed-version: Fixed from version 6.8"
@@ -6896,8 +6896,6 @@ CVE_STATUS[CVE-2024-36905] = "fixed-version: Fixed from version 6.9"
6896 6896
6897CVE_STATUS[CVE-2024-36906] = "fixed-version: Fixed from version 6.9" 6897CVE_STATUS[CVE-2024-36906] = "fixed-version: Fixed from version 6.9"
6898 6898
6899# CVE-2024-36907 has no known resolution
6900
6901CVE_STATUS[CVE-2024-36908] = "fixed-version: Fixed from version 6.9" 6899CVE_STATUS[CVE-2024-36908] = "fixed-version: Fixed from version 6.9"
6902 6900
6903CVE_STATUS[CVE-2024-36909] = "fixed-version: Fixed from version 6.9" 6901CVE_STATUS[CVE-2024-36909] = "fixed-version: Fixed from version 6.9"
@@ -11236,7 +11234,7 @@ CVE_STATUS[CVE-2024-57975] = "cpe-stable-backport: Backported in 6.12.13"
11236 11234
11237CVE_STATUS[CVE-2024-57977] = "cpe-stable-backport: Backported in 6.12.13" 11235CVE_STATUS[CVE-2024-57977] = "cpe-stable-backport: Backported in 6.12.13"
11238 11236
11239CVE_STATUS[CVE-2024-57978] = "fixed-version: only affects 6.13 onwards" 11237CVE_STATUS[CVE-2024-57978] = "cpe-stable-backport: Backported in 6.12.13"
11240 11238
11241CVE_STATUS[CVE-2024-57979] = "cpe-stable-backport: Backported in 6.12.13" 11239CVE_STATUS[CVE-2024-57979] = "cpe-stable-backport: Backported in 6.12.13"
11242 11240
@@ -11298,7 +11296,7 @@ CVE_STATUS[CVE-2024-58007] = "cpe-stable-backport: Backported in 6.12.14"
11298 11296
11299CVE_STATUS[CVE-2024-58008] = "cpe-stable-backport: Backported in 6.12.14" 11297CVE_STATUS[CVE-2024-58008] = "cpe-stable-backport: Backported in 6.12.14"
11300 11298
11301CVE_STATUS[CVE-2024-58009] = "fixed-version: only affects 6.13 onwards" 11299CVE_STATUS[CVE-2024-58009] = "cpe-stable-backport: Backported in 6.12.14"
11302 11300
11303CVE_STATUS[CVE-2024-58010] = "cpe-stable-backport: Backported in 6.12.14" 11301CVE_STATUS[CVE-2024-58010] = "cpe-stable-backport: Backported in 6.12.14"
11304 11302
@@ -11414,15 +11412,15 @@ CVE_STATUS[CVE-2024-58090] = "cpe-stable-backport: Backported in 6.12.18"
11414 11412
11415CVE_STATUS[CVE-2024-58092] = "cpe-stable-backport: Backported in 6.12.22" 11413CVE_STATUS[CVE-2024-58092] = "cpe-stable-backport: Backported in 6.12.22"
11416 11414
11417# CVE-2024-58093 needs backporting (fixed from 6.15rc1) 11415# CVE-2024-58093 needs backporting (fixed from 6.15)
11418 11416
11419# CVE-2024-58094 needs backporting (fixed from 6.15rc1) 11417# CVE-2024-58094 needs backporting (fixed from 6.15)
11420 11418
11421# CVE-2024-58095 needs backporting (fixed from 6.15rc1) 11419# CVE-2024-58095 needs backporting (fixed from 6.15)
11422 11420
11423# CVE-2024-58096 needs backporting (fixed from 6.15rc1) 11421# CVE-2024-58096 needs backporting (fixed from 6.15)
11424 11422
11425# CVE-2024-58097 needs backporting (fixed from 6.15rc1) 11423# CVE-2024-58097 needs backporting (fixed from 6.15)
11426 11424
11427CVE_STATUS[CVE-2024-58098] = "cpe-stable-backport: Backported in 6.12.25" 11425CVE_STATUS[CVE-2024-58098] = "cpe-stable-backport: Backported in 6.12.25"
11428 11426
@@ -11438,8 +11436,6 @@ CVE_STATUS[CVE-2025-21631] = "cpe-stable-backport: Backported in 6.12.10"
11438 11436
11439CVE_STATUS[CVE-2025-21632] = "cpe-stable-backport: Backported in 6.12.10" 11437CVE_STATUS[CVE-2025-21632] = "cpe-stable-backport: Backported in 6.12.10"
11440 11438
11441CVE_STATUS[CVE-2025-21633] = "cpe-stable-backport: Backported in 6.12.10"
11442
11443CVE_STATUS[CVE-2025-21634] = "cpe-stable-backport: Backported in 6.12.10" 11439CVE_STATUS[CVE-2025-21634] = "cpe-stable-backport: Backported in 6.12.10"
11444 11440
11445CVE_STATUS[CVE-2025-21635] = "cpe-stable-backport: Backported in 6.12.10" 11441CVE_STATUS[CVE-2025-21635] = "cpe-stable-backport: Backported in 6.12.10"
@@ -11544,11 +11540,9 @@ CVE_STATUS[CVE-2025-21684] = "cpe-stable-backport: Backported in 6.12.11"
11544 11540
11545CVE_STATUS[CVE-2025-21685] = "cpe-stable-backport: Backported in 6.12.11" 11541CVE_STATUS[CVE-2025-21685] = "cpe-stable-backport: Backported in 6.12.11"
11546 11542
11547CVE_STATUS[CVE-2025-21686] = "cpe-stable-backport: Backported in 6.12.12"
11548
11549CVE_STATUS[CVE-2025-21687] = "cpe-stable-backport: Backported in 6.12.12" 11543CVE_STATUS[CVE-2025-21687] = "cpe-stable-backport: Backported in 6.12.12"
11550 11544
11551CVE_STATUS[CVE-2025-21688] = "fixed-version: only affects 6.13 onwards" 11545CVE_STATUS[CVE-2025-21688] = "cpe-stable-backport: Backported in 6.12.12"
11552 11546
11553CVE_STATUS[CVE-2025-21689] = "cpe-stable-backport: Backported in 6.12.12" 11547CVE_STATUS[CVE-2025-21689] = "cpe-stable-backport: Backported in 6.12.12"
11554 11548
@@ -11576,7 +11570,7 @@ CVE_STATUS[CVE-2025-21701] = "cpe-stable-backport: Backported in 6.12.13"
11576 11570
11577CVE_STATUS[CVE-2025-21702] = "cpe-stable-backport: Backported in 6.12.14" 11571CVE_STATUS[CVE-2025-21702] = "cpe-stable-backport: Backported in 6.12.14"
11578 11572
11579CVE_STATUS[CVE-2025-21703] = "fixed-version: only affects 6.13 onwards" 11573CVE_STATUS[CVE-2025-21703] = "cpe-stable-backport: Backported in 6.12.14"
11580 11574
11581CVE_STATUS[CVE-2025-21704] = "cpe-stable-backport: Backported in 6.12.16" 11575CVE_STATUS[CVE-2025-21704] = "cpe-stable-backport: Backported in 6.12.16"
11582 11576
@@ -11790,7 +11784,7 @@ CVE_STATUS[CVE-2025-21811] = "cpe-stable-backport: Backported in 6.12.13"
11790 11784
11791CVE_STATUS[CVE-2025-21812] = "cpe-stable-backport: Backported in 6.12.13" 11785CVE_STATUS[CVE-2025-21812] = "cpe-stable-backport: Backported in 6.12.13"
11792 11786
11793CVE_STATUS[CVE-2025-21813] = "fixed-version: only affects 6.13 onwards" 11787CVE_STATUS[CVE-2025-21813] = "cpe-stable-backport: Backported in 6.12.14"
11794 11788
11795CVE_STATUS[CVE-2025-21814] = "cpe-stable-backport: Backported in 6.12.14" 11789CVE_STATUS[CVE-2025-21814] = "cpe-stable-backport: Backported in 6.12.14"
11796 11790
@@ -11800,7 +11794,7 @@ CVE_STATUS[CVE-2025-21816] = "cpe-stable-backport: Backported in 6.12.14"
11800 11794
11801# CVE-2025-21817 needs backporting (fixed from 6.14) 11795# CVE-2025-21817 needs backporting (fixed from 6.14)
11802 11796
11803CVE_STATUS[CVE-2025-21819] = "fixed-version: only affects 6.13 onwards" 11797CVE_STATUS[CVE-2025-21819] = "cpe-stable-backport: Backported in 6.12.14"
11804 11798
11805CVE_STATUS[CVE-2025-21820] = "cpe-stable-backport: Backported in 6.12.14" 11799CVE_STATUS[CVE-2025-21820] = "cpe-stable-backport: Backported in 6.12.14"
11806 11800
@@ -11836,8 +11830,6 @@ CVE_STATUS[CVE-2025-21835] = "cpe-stable-backport: Backported in 6.12.16"
11836 11830
11837CVE_STATUS[CVE-2025-21836] = "cpe-stable-backport: Backported in 6.12.16" 11831CVE_STATUS[CVE-2025-21836] = "cpe-stable-backport: Backported in 6.12.16"
11838 11832
11839# CVE-2025-21837 needs backporting (fixed from 6.14)
11840
11841CVE_STATUS[CVE-2025-21838] = "cpe-stable-backport: Backported in 6.12.16" 11833CVE_STATUS[CVE-2025-21838] = "cpe-stable-backport: Backported in 6.12.16"
11842 11834
11843CVE_STATUS[CVE-2025-21839] = "cpe-stable-backport: Backported in 6.12.16" 11835CVE_STATUS[CVE-2025-21839] = "cpe-stable-backport: Backported in 6.12.16"
@@ -11892,7 +11884,7 @@ CVE_STATUS[CVE-2025-21863] = "cpe-stable-backport: Backported in 6.12.17"
11892 11884
11893CVE_STATUS[CVE-2025-21864] = "cpe-stable-backport: Backported in 6.12.17" 11885CVE_STATUS[CVE-2025-21864] = "cpe-stable-backport: Backported in 6.12.17"
11894 11886
11895CVE_STATUS[CVE-2025-21865] = "fixed-version: only affects 6.13 onwards" 11887CVE_STATUS[CVE-2025-21865] = "cpe-stable-backport: Backported in 6.12.17"
11896 11888
11897CVE_STATUS[CVE-2025-21866] = "cpe-stable-backport: Backported in 6.12.17" 11889CVE_STATUS[CVE-2025-21866] = "cpe-stable-backport: Backported in 6.12.17"
11898 11890
@@ -11966,7 +11958,7 @@ CVE_STATUS[CVE-2025-21900] = "cpe-stable-backport: Backported in 6.12.18"
11966 11958
11967CVE_STATUS[CVE-2025-21901] = "cpe-stable-backport: Backported in 6.12.18" 11959CVE_STATUS[CVE-2025-21901] = "cpe-stable-backport: Backported in 6.12.18"
11968 11960
11969CVE_STATUS[CVE-2025-21902] = "fixed-version: only affects 6.13 onwards" 11961CVE_STATUS[CVE-2025-21902] = "cpe-stable-backport: Backported in 6.12.19"
11970 11962
11971CVE_STATUS[CVE-2025-21903] = "cpe-stable-backport: Backported in 6.12.19" 11963CVE_STATUS[CVE-2025-21903] = "cpe-stable-backport: Backported in 6.12.19"
11972 11964
@@ -12220,11 +12212,11 @@ CVE_STATUS[CVE-2025-22027] = "cpe-stable-backport: Backported in 6.12.23"
12220 12212
12221CVE_STATUS[CVE-2025-22028] = "cpe-stable-backport: Backported in 6.12.23" 12213CVE_STATUS[CVE-2025-22028] = "cpe-stable-backport: Backported in 6.12.23"
12222 12214
12223CVE_STATUS[CVE-2025-22030] = "fixed-version: only affects 6.13 onwards" 12215CVE_STATUS[CVE-2025-22030] = "cpe-stable-backport: Backported in 6.12.23"
12224 12216
12225CVE_STATUS[CVE-2025-22031] = "fixed-version: only affects 6.13 onwards" 12217CVE_STATUS[CVE-2025-22031] = "fixed-version: only affects 6.13 onwards"
12226 12218
12227CVE_STATUS[CVE-2025-22032] = "fixed-version: only affects 6.14 onwards" 12219CVE_STATUS[CVE-2025-22032] = "cpe-stable-backport: Backported in 6.12.23"
12228 12220
12229CVE_STATUS[CVE-2025-22033] = "cpe-stable-backport: Backported in 6.12.23" 12221CVE_STATUS[CVE-2025-22033] = "cpe-stable-backport: Backported in 6.12.23"
12230 12222
@@ -12254,9 +12246,9 @@ CVE_STATUS[CVE-2025-22045] = "cpe-stable-backport: Backported in 6.12.23"
12254 12246
12255CVE_STATUS[CVE-2025-22046] = "cpe-stable-backport: Backported in 6.12.23" 12247CVE_STATUS[CVE-2025-22046] = "cpe-stable-backport: Backported in 6.12.23"
12256 12248
12257CVE_STATUS[CVE-2025-22047] = "fixed-version: only affects 6.14 onwards" 12249CVE_STATUS[CVE-2025-22047] = "cpe-stable-backport: Backported in 6.12.23"
12258 12250
12259CVE_STATUS[CVE-2025-22048] = "fixed-version: only affects 6.13 onwards" 12251CVE_STATUS[CVE-2025-22048] = "cpe-stable-backport: Backported in 6.12.23"
12260 12252
12261CVE_STATUS[CVE-2025-22049] = "cpe-stable-backport: Backported in 6.12.23" 12253CVE_STATUS[CVE-2025-22049] = "cpe-stable-backport: Backported in 6.12.23"
12262 12254
@@ -12308,13 +12300,13 @@ CVE_STATUS[CVE-2025-22072] = "cpe-stable-backport: Backported in 6.12.23"
12308 12300
12309CVE_STATUS[CVE-2025-22073] = "cpe-stable-backport: Backported in 6.12.23" 12301CVE_STATUS[CVE-2025-22073] = "cpe-stable-backport: Backported in 6.12.23"
12310 12302
12311CVE_STATUS[CVE-2025-22074] = "fixed-version: only affects 6.14 onwards" 12303CVE_STATUS[CVE-2025-22074] = "cpe-stable-backport: Backported in 6.12.23"
12312 12304
12313CVE_STATUS[CVE-2025-22075] = "cpe-stable-backport: Backported in 6.12.23" 12305CVE_STATUS[CVE-2025-22075] = "cpe-stable-backport: Backported in 6.12.23"
12314 12306
12315CVE_STATUS[CVE-2025-22076] = "cpe-stable-backport: Backported in 6.12.23" 12307CVE_STATUS[CVE-2025-22076] = "cpe-stable-backport: Backported in 6.12.23"
12316 12308
12317CVE_STATUS[CVE-2025-22077] = "fixed-version: only affects 6.13 onwards" 12309CVE_STATUS[CVE-2025-22077] = "cpe-stable-backport: Backported in 6.12.25"
12318 12310
12319CVE_STATUS[CVE-2025-22078] = "cpe-stable-backport: Backported in 6.12.23" 12311CVE_STATUS[CVE-2025-22078] = "cpe-stable-backport: Backported in 6.12.23"
12320 12312
@@ -12346,7 +12338,7 @@ CVE_STATUS[CVE-2025-22091] = "cpe-stable-backport: Backported in 6.12.23"
12346 12338
12347CVE_STATUS[CVE-2025-22092] = "fixed-version: only affects 6.13 onwards" 12339CVE_STATUS[CVE-2025-22092] = "fixed-version: only affects 6.13 onwards"
12348 12340
12349CVE_STATUS[CVE-2025-22093] = "fixed-version: only affects 6.13 onwards" 12341CVE_STATUS[CVE-2025-22093] = "cpe-stable-backport: Backported in 6.12.23"
12350 12342
12351CVE_STATUS[CVE-2025-22094] = "fixed-version: only affects 6.13 onwards" 12343CVE_STATUS[CVE-2025-22094] = "fixed-version: only affects 6.13 onwards"
12352 12344
@@ -12362,79 +12354,79 @@ CVE_STATUS[CVE-2025-22099] = "fixed-version: only affects 6.14 onwards"
12362 12354
12363CVE_STATUS[CVE-2025-22100] = "fixed-version: only affects 6.13 onwards" 12355CVE_STATUS[CVE-2025-22100] = "fixed-version: only affects 6.13 onwards"
12364 12356
12365# CVE-2025-22101 needs backporting (fixed from 6.15rc1) 12357# CVE-2025-22101 needs backporting (fixed from 6.15)
12366 12358
12367# CVE-2025-22102 needs backporting (fixed from 6.15rc1) 12359CVE_STATUS[CVE-2025-22102] = "cpe-stable-backport: Backported in 6.12.30"
12368 12360
12369# CVE-2025-22103 needs backporting (fixed from 6.15rc1) 12361# CVE-2025-22103 needs backporting (fixed from 6.15)
12370 12362
12371# CVE-2025-22104 needs backporting (fixed from 6.15rc1) 12363# CVE-2025-22104 needs backporting (fixed from 6.15)
12372 12364
12373# CVE-2025-22105 needs backporting (fixed from 6.15rc1) 12365# CVE-2025-22105 needs backporting (fixed from 6.15)
12374 12366
12375# CVE-2025-22106 needs backporting (fixed from 6.15rc1) 12367# CVE-2025-22106 needs backporting (fixed from 6.15)
12376 12368
12377# CVE-2025-22107 needs backporting (fixed from 6.15rc1) 12369# CVE-2025-22107 needs backporting (fixed from 6.15)
12378 12370
12379# CVE-2025-22108 needs backporting (fixed from 6.15rc1) 12371# CVE-2025-22108 needs backporting (fixed from 6.15)
12380 12372
12381# CVE-2025-22109 needs backporting (fixed from 6.15rc1) 12373# CVE-2025-22109 needs backporting (fixed from 6.15)
12382 12374
12383CVE_STATUS[CVE-2025-22110] = "fixed-version: only affects 6.14 onwards" 12375CVE_STATUS[CVE-2025-22110] = "fixed-version: only affects 6.14 onwards"
12384 12376
12385# CVE-2025-22111 needs backporting (fixed from 6.15rc1) 12377# CVE-2025-22111 needs backporting (fixed from 6.15)
12386 12378
12387CVE_STATUS[CVE-2025-22112] = "fixed-version: only affects 6.14 onwards" 12379CVE_STATUS[CVE-2025-22112] = "fixed-version: only affects 6.14 onwards"
12388 12380
12389# CVE-2025-22113 needs backporting (fixed from 6.15rc1) 12381# CVE-2025-22113 needs backporting (fixed from 6.15)
12390 12382
12391CVE_STATUS[CVE-2025-22114] = "fixed-version: only affects 6.14 onwards" 12383CVE_STATUS[CVE-2025-22114] = "fixed-version: only affects 6.14 onwards"
12392 12384
12393# CVE-2025-22115 needs backporting (fixed from 6.15rc1) 12385# CVE-2025-22115 needs backporting (fixed from 6.15)
12394 12386
12395# CVE-2025-22116 needs backporting (fixed from 6.15rc1) 12387# CVE-2025-22116 needs backporting (fixed from 6.15)
12396 12388
12397# CVE-2025-22117 needs backporting (fixed from 6.15rc1) 12389# CVE-2025-22117 needs backporting (fixed from 6.15)
12398 12390
12399CVE_STATUS[CVE-2025-22118] = "fixed-version: only affects 6.13 onwards" 12391CVE_STATUS[CVE-2025-22118] = "fixed-version: only affects 6.13 onwards"
12400 12392
12401CVE_STATUS[CVE-2025-22119] = "fixed-version: only affects 6.14 onwards" 12393CVE_STATUS[CVE-2025-22119] = "fixed-version: only affects 6.14 onwards"
12402 12394
12403CVE_STATUS[CVE-2025-22120] = "fixed-version: only affects 6.13 onwards" 12395CVE_STATUS[CVE-2025-22120] = "cpe-stable-backport: Backported in 6.12.26"
12404 12396
12405# CVE-2025-22121 needs backporting (fixed from 6.15rc1) 12397# CVE-2025-22121 needs backporting (fixed from 6.15)
12406 12398
12407# CVE-2025-22122 needs backporting (fixed from 6.15rc1) 12399# CVE-2025-22122 needs backporting (fixed from 6.15)
12408 12400
12409# CVE-2025-22123 needs backporting (fixed from 6.15rc1) 12401# CVE-2025-22123 needs backporting (fixed from 6.15)
12410 12402
12411# CVE-2025-22124 needs backporting (fixed from 6.15rc1) 12403# CVE-2025-22124 needs backporting (fixed from 6.15)
12412 12404
12413# CVE-2025-22125 needs backporting (fixed from 6.15rc1) 12405# CVE-2025-22125 needs backporting (fixed from 6.15)
12414 12406
12415CVE_STATUS[CVE-2025-22126] = "cpe-stable-backport: Backported in 6.12.25" 12407CVE_STATUS[CVE-2025-22126] = "cpe-stable-backport: Backported in 6.12.25"
12416 12408
12417# CVE-2025-22127 needs backporting (fixed from 6.15rc1) 12409# CVE-2025-22127 needs backporting (fixed from 6.15)
12418 12410
12419# CVE-2025-22128 needs backporting (fixed from 6.15rc1) 12411# CVE-2025-22128 needs backporting (fixed from 6.15)
12420 12412
12421# CVE-2025-23129 needs backporting (fixed from 6.15rc1) 12413# CVE-2025-23129 needs backporting (fixed from 6.15)
12422 12414
12423# CVE-2025-23130 needs backporting (fixed from 6.15rc1) 12415# CVE-2025-23130 needs backporting (fixed from 6.15)
12424 12416
12425# CVE-2025-23131 needs backporting (fixed from 6.15rc1) 12417# CVE-2025-23131 needs backporting (fixed from 6.15)
12426 12418
12427# CVE-2025-23132 needs backporting (fixed from 6.15rc1) 12419# CVE-2025-23132 needs backporting (fixed from 6.15)
12428 12420
12429# CVE-2025-23133 needs backporting (fixed from 6.15rc1) 12421# CVE-2025-23133 needs backporting (fixed from 6.15)
12430 12422
12431CVE_STATUS[CVE-2025-23134] = "cpe-stable-backport: Backported in 6.12.23" 12423CVE_STATUS[CVE-2025-23134] = "cpe-stable-backport: Backported in 6.12.23"
12432 12424
12433# CVE-2025-23135 needs backporting (fixed from 6.15rc1) 12425# CVE-2025-23135 needs backporting (fixed from 6.15)
12434 12426
12435CVE_STATUS[CVE-2025-23136] = "cpe-stable-backport: Backported in 6.12.23" 12427CVE_STATUS[CVE-2025-23136] = "cpe-stable-backport: Backported in 6.12.23"
12436 12428
12437# CVE-2025-23137 needs backporting (fixed from 6.15rc1) 12429# CVE-2025-23137 needs backporting (fixed from 6.15)
12438 12430
12439CVE_STATUS[CVE-2025-23138] = "cpe-stable-backport: Backported in 6.12.23" 12431CVE_STATUS[CVE-2025-23138] = "cpe-stable-backport: Backported in 6.12.23"
12440 12432
@@ -12468,7 +12460,7 @@ CVE_STATUS[CVE-2025-23153] = "fixed-version: only affects 6.14 onwards"
12468 12460
12469CVE_STATUS[CVE-2025-23154] = "cpe-stable-backport: Backported in 6.12.24" 12461CVE_STATUS[CVE-2025-23154] = "cpe-stable-backport: Backported in 6.12.24"
12470 12462
12471# CVE-2025-23155 needs backporting (fixed from 6.15rc1) 12463# CVE-2025-23155 needs backporting (fixed from 6.15)
12472 12464
12473CVE_STATUS[CVE-2025-23156] = "cpe-stable-backport: Backported in 6.12.24" 12465CVE_STATUS[CVE-2025-23156] = "cpe-stable-backport: Backported in 6.12.24"
12474 12466
@@ -12496,13 +12488,13 @@ CVE_STATUS[CVE-2025-37741] = "cpe-stable-backport: Backported in 6.12.24"
12496 12488
12497CVE_STATUS[CVE-2025-37742] = "cpe-stable-backport: Backported in 6.12.24" 12489CVE_STATUS[CVE-2025-37742] = "cpe-stable-backport: Backported in 6.12.24"
12498 12490
12499# CVE-2025-37743 needs backporting (fixed from 6.15rc1) 12491# CVE-2025-37743 needs backporting (fixed from 6.15)
12500 12492
12501CVE_STATUS[CVE-2025-37744] = "cpe-stable-backport: Backported in 6.12.24" 12493CVE_STATUS[CVE-2025-37744] = "cpe-stable-backport: Backported in 6.12.24"
12502 12494
12503CVE_STATUS[CVE-2025-37745] = "cpe-stable-backport: Backported in 6.12.24" 12495CVE_STATUS[CVE-2025-37745] = "cpe-stable-backport: Backported in 6.12.24"
12504 12496
12505# CVE-2025-37746 needs backporting (fixed from 6.15rc1) 12497# CVE-2025-37746 needs backporting (fixed from 6.15)
12506 12498
12507CVE_STATUS[CVE-2025-37747] = "cpe-stable-backport: Backported in 6.12.24" 12499CVE_STATUS[CVE-2025-37747] = "cpe-stable-backport: Backported in 6.12.24"
12508 12500
@@ -12514,9 +12506,7 @@ CVE_STATUS[CVE-2025-37750] = "cpe-stable-backport: Backported in 6.12.24"
12514 12506
12515CVE_STATUS[CVE-2025-37751] = "fixed-version: only affects 6.14 onwards" 12507CVE_STATUS[CVE-2025-37751] = "fixed-version: only affects 6.14 onwards"
12516 12508
12517CVE_STATUS[CVE-2025-37752] = "fixed-version: only affects 6.14 onwards" 12509CVE_STATUS[CVE-2025-37752] = "cpe-stable-backport: Backported in 6.12.24"
12518
12519CVE_STATUS[CVE-2025-37753] = "fixed-version: only affects 6.15rc1 onwards"
12520 12510
12521CVE_STATUS[CVE-2025-37754] = "cpe-stable-backport: Backported in 6.12.24" 12511CVE_STATUS[CVE-2025-37754] = "cpe-stable-backport: Backported in 6.12.24"
12522 12512
@@ -12530,7 +12520,7 @@ CVE_STATUS[CVE-2025-37758] = "cpe-stable-backport: Backported in 6.12.24"
12530 12520
12531CVE_STATUS[CVE-2025-37759] = "cpe-stable-backport: Backported in 6.12.24" 12521CVE_STATUS[CVE-2025-37759] = "cpe-stable-backport: Backported in 6.12.24"
12532 12522
12533CVE_STATUS[CVE-2025-37760] = "fixed-version: only affects 6.14 onwards" 12523CVE_STATUS[CVE-2025-37760] = "cpe-stable-backport: Backported in 6.12.25"
12534 12524
12535CVE_STATUS[CVE-2025-37761] = "cpe-stable-backport: Backported in 6.12.25" 12525CVE_STATUS[CVE-2025-37761] = "cpe-stable-backport: Backported in 6.12.25"
12536 12526
@@ -12578,7 +12568,7 @@ CVE_STATUS[CVE-2025-37782] = "cpe-stable-backport: Backported in 6.12.25"
12578 12568
12579CVE_STATUS[CVE-2025-37783] = "fixed-version: only affects 6.14 onwards" 12569CVE_STATUS[CVE-2025-37783] = "fixed-version: only affects 6.14 onwards"
12580 12570
12581CVE_STATUS[CVE-2025-37784] = "fixed-version: only affects 6.13 onwards" 12571CVE_STATUS[CVE-2025-37784] = "cpe-stable-backport: Backported in 6.12.25"
12582 12572
12583CVE_STATUS[CVE-2025-37785] = "cpe-stable-backport: Backported in 6.12.23" 12573CVE_STATUS[CVE-2025-37785] = "cpe-stable-backport: Backported in 6.12.23"
12584 12574
@@ -12614,9 +12604,7 @@ CVE_STATUS[CVE-2025-37801] = "cpe-stable-backport: Backported in 6.12.26"
12614 12604
12615CVE_STATUS[CVE-2025-37802] = "cpe-stable-backport: Backported in 6.12.26" 12605CVE_STATUS[CVE-2025-37802] = "cpe-stable-backport: Backported in 6.12.26"
12616 12606
12617# CVE-2025-37803 needs backporting (fixed from 6.15rc2) 12607# CVE-2025-37803 needs backporting (fixed from 6.15)
12618
12619CVE_STATUS[CVE-2025-37804] = "cpe-stable-backport: Backported in 6.12.26"
12620 12608
12621CVE_STATUS[CVE-2025-37805] = "cpe-stable-backport: Backported in 6.12.26" 12609CVE_STATUS[CVE-2025-37805] = "cpe-stable-backport: Backported in 6.12.26"
12622 12610
@@ -12630,15 +12618,15 @@ CVE_STATUS[CVE-2025-37809] = "cpe-stable-backport: Backported in 6.12.26"
12630 12618
12631CVE_STATUS[CVE-2025-37810] = "cpe-stable-backport: Backported in 6.12.26" 12619CVE_STATUS[CVE-2025-37810] = "cpe-stable-backport: Backported in 6.12.26"
12632 12620
12633CVE_STATUS[CVE-2025-37811] = "fixed-version: only affects 6.13 onwards" 12621CVE_STATUS[CVE-2025-37811] = "cpe-stable-backport: Backported in 6.12.26"
12634 12622
12635CVE_STATUS[CVE-2025-37812] = "cpe-stable-backport: Backported in 6.12.26" 12623CVE_STATUS[CVE-2025-37812] = "cpe-stable-backport: Backported in 6.12.26"
12636 12624
12637CVE_STATUS[CVE-2025-37813] = "fixed-version: only affects 6.13 onwards" 12625CVE_STATUS[CVE-2025-37813] = "cpe-stable-backport: Backported in 6.12.26"
12638 12626
12639CVE_STATUS[CVE-2025-37814] = "fixed-version: only affects 6.14 onwards" 12627CVE_STATUS[CVE-2025-37814] = "cpe-stable-backport: Backported in 6.12.26"
12640 12628
12641CVE_STATUS[CVE-2025-37815] = "fixed-version: only affects 6.13 onwards" 12629CVE_STATUS[CVE-2025-37815] = "cpe-stable-backport: Backported in 6.12.26"
12642 12630
12643CVE_STATUS[CVE-2025-37816] = "cpe-stable-backport: Backported in 6.12.26" 12631CVE_STATUS[CVE-2025-37816] = "cpe-stable-backport: Backported in 6.12.26"
12644 12632
@@ -12650,7 +12638,7 @@ CVE_STATUS[CVE-2025-37819] = "cpe-stable-backport: Backported in 6.12.26"
12650 12638
12651CVE_STATUS[CVE-2025-37820] = "cpe-stable-backport: Backported in 6.12.26" 12639CVE_STATUS[CVE-2025-37820] = "cpe-stable-backport: Backported in 6.12.26"
12652 12640
12653# CVE-2025-37821 needs backporting (fixed from 6.15rc4) 12641CVE_STATUS[CVE-2025-37821] = "cpe-stable-backport: Backported in 6.12.29"
12654 12642
12655CVE_STATUS[CVE-2025-37822] = "cpe-stable-backport: Backported in 6.12.26" 12643CVE_STATUS[CVE-2025-37822] = "cpe-stable-backport: Backported in 6.12.26"
12656 12644
@@ -12690,13 +12678,13 @@ CVE_STATUS[CVE-2025-37840] = "cpe-stable-backport: Backported in 6.12.24"
12690 12678
12691CVE_STATUS[CVE-2025-37841] = "cpe-stable-backport: Backported in 6.12.24" 12679CVE_STATUS[CVE-2025-37841] = "cpe-stable-backport: Backported in 6.12.24"
12692 12680
12693# CVE-2025-37842 needs backporting (fixed from 6.15rc1) 12681# CVE-2025-37842 needs backporting (fixed from 6.15)
12694 12682
12695CVE_STATUS[CVE-2025-37843] = "cpe-stable-backport: Backported in 6.12.24" 12683CVE_STATUS[CVE-2025-37843] = "cpe-stable-backport: Backported in 6.12.24"
12696 12684
12697CVE_STATUS[CVE-2025-37844] = "cpe-stable-backport: Backported in 6.12.24" 12685CVE_STATUS[CVE-2025-37844] = "cpe-stable-backport: Backported in 6.12.24"
12698 12686
12699CVE_STATUS[CVE-2025-37845] = "fixed-version: only affects 6.14 onwards" 12687CVE_STATUS[CVE-2025-37845] = "cpe-stable-backport: Backported in 6.12.24"
12700 12688
12701CVE_STATUS[CVE-2025-37846] = "cpe-stable-backport: Backported in 6.12.24" 12689CVE_STATUS[CVE-2025-37846] = "cpe-stable-backport: Backported in 6.12.24"
12702 12690
@@ -12716,7 +12704,7 @@ CVE_STATUS[CVE-2025-37853] = "cpe-stable-backport: Backported in 6.12.24"
12716 12704
12717CVE_STATUS[CVE-2025-37854] = "cpe-stable-backport: Backported in 6.12.24" 12705CVE_STATUS[CVE-2025-37854] = "cpe-stable-backport: Backported in 6.12.24"
12718 12706
12719# CVE-2025-37855 needs backporting (fixed from 6.15rc1) 12707# CVE-2025-37855 needs backporting (fixed from 6.15)
12720 12708
12721CVE_STATUS[CVE-2025-37856] = "cpe-stable-backport: Backported in 6.12.24" 12709CVE_STATUS[CVE-2025-37856] = "cpe-stable-backport: Backported in 6.12.24"
12722 12710
@@ -12726,7 +12714,7 @@ CVE_STATUS[CVE-2025-37858] = "cpe-stable-backport: Backported in 6.12.24"
12726 12714
12727CVE_STATUS[CVE-2025-37859] = "cpe-stable-backport: Backported in 6.12.24" 12715CVE_STATUS[CVE-2025-37859] = "cpe-stable-backport: Backported in 6.12.24"
12728 12716
12729# CVE-2025-37860 needs backporting (fixed from 6.15rc1) 12717# CVE-2025-37860 needs backporting (fixed from 6.15)
12730 12718
12731CVE_STATUS[CVE-2025-37861] = "cpe-stable-backport: Backported in 6.12.24" 12719CVE_STATUS[CVE-2025-37861] = "cpe-stable-backport: Backported in 6.12.24"
12732 12720
@@ -12742,13 +12730,13 @@ CVE_STATUS[CVE-2025-37866] = "fixed-version: only affects 6.14 onwards"
12742 12730
12743CVE_STATUS[CVE-2025-37867] = "cpe-stable-backport: Backported in 6.12.25" 12731CVE_STATUS[CVE-2025-37867] = "cpe-stable-backport: Backported in 6.12.25"
12744 12732
12745CVE_STATUS[CVE-2025-37868] = "fixed-version: only affects 6.14 onwards" 12733CVE_STATUS[CVE-2025-37868] = "cpe-stable-backport: Backported in 6.12.25"
12746 12734
12747CVE_STATUS[CVE-2025-37869] = "cpe-stable-backport: Backported in 6.12.25" 12735CVE_STATUS[CVE-2025-37869] = "cpe-stable-backport: Backported in 6.12.25"
12748 12736
12749CVE_STATUS[CVE-2025-37870] = "cpe-stable-backport: Backported in 6.12.25" 12737CVE_STATUS[CVE-2025-37870] = "cpe-stable-backport: Backported in 6.12.25"
12750 12738
12751CVE_STATUS[CVE-2025-37871] = "fixed-version: only affects 6.15rc1 onwards" 12739CVE_STATUS[CVE-2025-37871] = "cpe-stable-backport: Backported in 6.12.25"
12752 12740
12753CVE_STATUS[CVE-2025-37872] = "cpe-stable-backport: Backported in 6.12.25" 12741CVE_STATUS[CVE-2025-37872] = "cpe-stable-backport: Backported in 6.12.25"
12754 12742
@@ -12766,7 +12754,7 @@ CVE_STATUS[CVE-2025-37878] = "cpe-stable-backport: Backported in 6.12.26"
12766 12754
12767CVE_STATUS[CVE-2025-37879] = "cpe-stable-backport: Backported in 6.12.26" 12755CVE_STATUS[CVE-2025-37879] = "cpe-stable-backport: Backported in 6.12.26"
12768 12756
12769CVE_STATUS[CVE-2025-37880] = "cpe-stable-backport: Backported in 6.12.26" 12757# CVE-2025-37880 needs backporting (fixed from 6.15)
12770 12758
12771CVE_STATUS[CVE-2025-37881] = "cpe-stable-backport: Backported in 6.12.26" 12759CVE_STATUS[CVE-2025-37881] = "cpe-stable-backport: Backported in 6.12.26"
12772 12760
@@ -12786,13 +12774,213 @@ CVE_STATUS[CVE-2025-37888] = "cpe-stable-backport: Backported in 6.12.26"
12786 12774
12787CVE_STATUS[CVE-2025-37889] = "cpe-stable-backport: Backported in 6.12.20" 12775CVE_STATUS[CVE-2025-37889] = "cpe-stable-backport: Backported in 6.12.20"
12788 12776
12777CVE_STATUS[CVE-2025-37890] = "cpe-stable-backport: Backported in 6.12.28"
12778
12779CVE_STATUS[CVE-2025-37891] = "cpe-stable-backport: Backported in 6.12.28"
12780
12781CVE_STATUS[CVE-2025-37892] = "cpe-stable-backport: Backported in 6.12.24"
12782
12789CVE_STATUS[CVE-2025-37893] = "cpe-stable-backport: Backported in 6.12.23" 12783CVE_STATUS[CVE-2025-37893] = "cpe-stable-backport: Backported in 6.12.23"
12790 12784
12791# CVE-2025-37925 needs backporting (fixed from 6.15rc1) 12785CVE_STATUS[CVE-2025-37894] = "cpe-stable-backport: Backported in 6.12.28"
12786
12787CVE_STATUS[CVE-2025-37895] = "cpe-stable-backport: Backported in 6.12.28"
12788
12789CVE_STATUS[CVE-2025-37896] = "fixed-version: only affects 6.14 onwards"
12790
12791CVE_STATUS[CVE-2025-37897] = "cpe-stable-backport: Backported in 6.12.28"
12792
12793CVE_STATUS[CVE-2025-37898] = "fixed-version: only affects 6.13 onwards"
12794
12795CVE_STATUS[CVE-2025-37899] = "cpe-stable-backport: Backported in 6.12.28"
12796
12797CVE_STATUS[CVE-2025-37900] = "cpe-stable-backport: Backported in 6.12.28"
12798
12799CVE_STATUS[CVE-2025-37901] = "cpe-stable-backport: Backported in 6.12.28"
12800
12801CVE_STATUS[CVE-2025-37903] = "cpe-stable-backport: Backported in 6.12.28"
12802
12803CVE_STATUS[CVE-2025-37904] = "fixed-version: only affects 6.13 onwards"
12804
12805CVE_STATUS[CVE-2025-37905] = "cpe-stable-backport: Backported in 6.12.28"
12806
12807# CVE-2025-37906 needs backporting (fixed from 6.15)
12808
12809CVE_STATUS[CVE-2025-37907] = "cpe-stable-backport: Backported in 6.12.28"
12810
12811CVE_STATUS[CVE-2025-37908] = "cpe-stable-backport: Backported in 6.12.28"
12812
12813CVE_STATUS[CVE-2025-37909] = "cpe-stable-backport: Backported in 6.12.28"
12814
12815CVE_STATUS[CVE-2025-37910] = "cpe-stable-backport: Backported in 6.12.28"
12816
12817CVE_STATUS[CVE-2025-37911] = "cpe-stable-backport: Backported in 6.12.28"
12818
12819CVE_STATUS[CVE-2025-37912] = "cpe-stable-backport: Backported in 6.12.28"
12820
12821CVE_STATUS[CVE-2025-37913] = "cpe-stable-backport: Backported in 6.12.28"
12822
12823CVE_STATUS[CVE-2025-37914] = "cpe-stable-backport: Backported in 6.12.28"
12824
12825CVE_STATUS[CVE-2025-37915] = "cpe-stable-backport: Backported in 6.12.28"
12826
12827CVE_STATUS[CVE-2025-37916] = "cpe-stable-backport: Backported in 6.12.28"
12828
12829CVE_STATUS[CVE-2025-37917] = "cpe-stable-backport: Backported in 6.12.28"
12830
12831CVE_STATUS[CVE-2025-37918] = "cpe-stable-backport: Backported in 6.12.28"
12832
12833CVE_STATUS[CVE-2025-37919] = "cpe-stable-backport: Backported in 6.12.28"
12834
12835CVE_STATUS[CVE-2025-37920] = "cpe-stable-backport: Backported in 6.12.28"
12836
12837CVE_STATUS[CVE-2025-37921] = "cpe-stable-backport: Backported in 6.12.28"
12838
12839CVE_STATUS[CVE-2025-37922] = "cpe-stable-backport: Backported in 6.12.28"
12840
12841CVE_STATUS[CVE-2025-37923] = "cpe-stable-backport: Backported in 6.12.28"
12842
12843CVE_STATUS[CVE-2025-37924] = "cpe-stable-backport: Backported in 6.12.28"
12844
12845# CVE-2025-37925 needs backporting (fixed from 6.15)
12846
12847CVE_STATUS[CVE-2025-37926] = "cpe-stable-backport: Backported in 6.12.28"
12848
12849CVE_STATUS[CVE-2025-37927] = "cpe-stable-backport: Backported in 6.12.28"
12850
12851CVE_STATUS[CVE-2025-37928] = "cpe-stable-backport: Backported in 6.12.28"
12852
12853CVE_STATUS[CVE-2025-37929] = "cpe-stable-backport: Backported in 6.12.28"
12854
12855CVE_STATUS[CVE-2025-37930] = "cpe-stable-backport: Backported in 6.12.28"
12856
12857CVE_STATUS[CVE-2025-37931] = "cpe-stable-backport: Backported in 6.12.28"
12858
12859CVE_STATUS[CVE-2025-37932] = "cpe-stable-backport: Backported in 6.12.28"
12860
12861CVE_STATUS[CVE-2025-37933] = "cpe-stable-backport: Backported in 6.12.28"
12862
12863CVE_STATUS[CVE-2025-37934] = "cpe-stable-backport: Backported in 6.12.28"
12864
12865CVE_STATUS[CVE-2025-37935] = "cpe-stable-backport: Backported in 6.12.28"
12866
12867CVE_STATUS[CVE-2025-37936] = "cpe-stable-backport: Backported in 6.12.28"
12868
12869CVE_STATUS[CVE-2025-37937] = "cpe-stable-backport: Backported in 6.12.23"
12870
12871CVE_STATUS[CVE-2025-37938] = "cpe-stable-backport: Backported in 6.12.26"
12872
12873CVE_STATUS[CVE-2025-37939] = "fixed-version: only affects 6.13 onwards"
12874
12875CVE_STATUS[CVE-2025-37940] = "cpe-stable-backport: Backported in 6.12.24"
12876
12877CVE_STATUS[CVE-2025-37941] = "cpe-stable-backport: Backported in 6.12.24"
12878
12879CVE_STATUS[CVE-2025-37942] = "cpe-stable-backport: Backported in 6.12.24"
12880
12881CVE_STATUS[CVE-2025-37943] = "cpe-stable-backport: Backported in 6.12.24"
12882
12883CVE_STATUS[CVE-2025-37944] = "cpe-stable-backport: Backported in 6.12.25"
12884
12885CVE_STATUS[CVE-2025-37945] = "cpe-stable-backport: Backported in 6.12.24"
12886
12887CVE_STATUS[CVE-2025-37946] = "cpe-stable-backport: Backported in 6.12.29"
12888
12889CVE_STATUS[CVE-2025-37947] = "cpe-stable-backport: Backported in 6.12.29"
12890
12891CVE_STATUS[CVE-2025-37948] = "cpe-stable-backport: Backported in 6.12.29"
12892
12893CVE_STATUS[CVE-2025-37949] = "cpe-stable-backport: Backported in 6.12.29"
12894
12895CVE_STATUS[CVE-2025-37950] = "fixed-version: only affects 6.14 onwards"
12896
12897CVE_STATUS[CVE-2025-37951] = "cpe-stable-backport: Backported in 6.12.29"
12898
12899CVE_STATUS[CVE-2025-37952] = "cpe-stable-backport: Backported in 6.12.29"
12900
12901CVE_STATUS[CVE-2025-37953] = "cpe-stable-backport: Backported in 6.12.29"
12902
12903CVE_STATUS[CVE-2025-37954] = "cpe-stable-backport: Backported in 6.12.29"
12904
12905CVE_STATUS[CVE-2025-37955] = "cpe-stable-backport: Backported in 6.12.29"
12906
12907CVE_STATUS[CVE-2025-37956] = "cpe-stable-backport: Backported in 6.12.29"
12908
12909CVE_STATUS[CVE-2025-37957] = "cpe-stable-backport: Backported in 6.12.29"
12910
12911CVE_STATUS[CVE-2025-37958] = "cpe-stable-backport: Backported in 6.12.29"
12912
12913CVE_STATUS[CVE-2025-37959] = "cpe-stable-backport: Backported in 6.12.29"
12914
12915CVE_STATUS[CVE-2025-37960] = "cpe-stable-backport: Backported in 6.12.29"
12916
12917CVE_STATUS[CVE-2025-37961] = "cpe-stable-backport: Backported in 6.12.29"
12918
12919CVE_STATUS[CVE-2025-37962] = "cpe-stable-backport: Backported in 6.12.29"
12920
12921CVE_STATUS[CVE-2025-37963] = "cpe-stable-backport: Backported in 6.12.29"
12922
12923CVE_STATUS[CVE-2025-37964] = "cpe-stable-backport: Backported in 6.12.29"
12924
12925CVE_STATUS[CVE-2025-37965] = "cpe-stable-backport: Backported in 6.12.29"
12926
12927CVE_STATUS[CVE-2025-37966] = "fixed-version: only affects 6.13 onwards"
12928
12929CVE_STATUS[CVE-2025-37967] = "cpe-stable-backport: Backported in 6.12.30"
12930
12931CVE_STATUS[CVE-2025-37968] = "cpe-stable-backport: Backported in 6.12.30"
12932
12933CVE_STATUS[CVE-2025-37969] = "cpe-stable-backport: Backported in 6.12.29"
12934
12935CVE_STATUS[CVE-2025-37970] = "cpe-stable-backport: Backported in 6.12.29"
12936
12937CVE_STATUS[CVE-2025-37971] = "cpe-stable-backport: Backported in 6.12.29"
12938
12939CVE_STATUS[CVE-2025-37972] = "cpe-stable-backport: Backported in 6.12.29"
12940
12941CVE_STATUS[CVE-2025-37973] = "cpe-stable-backport: Backported in 6.12.29"
12942
12943CVE_STATUS[CVE-2025-37974] = "cpe-stable-backport: Backported in 6.12.29"
12944
12945CVE_STATUS[CVE-2025-37975] = "cpe-stable-backport: Backported in 6.12.25"
12946
12947# CVE-2025-37976 has no known resolution
12948
12949CVE_STATUS[CVE-2025-37977] = "cpe-stable-backport: Backported in 6.12.26"
12950
12951CVE_STATUS[CVE-2025-37978] = "cpe-stable-backport: Backported in 6.12.25"
12952
12953CVE_STATUS[CVE-2025-37979] = "cpe-stable-backport: Backported in 6.12.25"
12954
12955CVE_STATUS[CVE-2025-37980] = "cpe-stable-backport: Backported in 6.12.25"
12956
12957CVE_STATUS[CVE-2025-37981] = "cpe-stable-backport: Backported in 6.12.25"
12958
12959CVE_STATUS[CVE-2025-37982] = "cpe-stable-backport: Backported in 6.12.25"
12960
12961CVE_STATUS[CVE-2025-37983] = "cpe-stable-backport: Backported in 6.12.26"
12962
12963# CVE-2025-37984 needs backporting (fixed from 6.15)
12964
12965CVE_STATUS[CVE-2025-37985] = "cpe-stable-backport: Backported in 6.12.26"
12966
12967CVE_STATUS[CVE-2025-37986] = "cpe-stable-backport: Backported in 6.12.26"
12968
12969CVE_STATUS[CVE-2025-37987] = "cpe-stable-backport: Backported in 6.12.26"
12970
12971CVE_STATUS[CVE-2025-37988] = "cpe-stable-backport: Backported in 6.12.26"
12972
12973CVE_STATUS[CVE-2025-37989] = "cpe-stable-backport: Backported in 6.12.26"
12974
12975CVE_STATUS[CVE-2025-37990] = "cpe-stable-backport: Backported in 6.12.28"
12976
12977CVE_STATUS[CVE-2025-37991] = "cpe-stable-backport: Backported in 6.12.28"
12978
12979CVE_STATUS[CVE-2025-37992] = "cpe-stable-backport: Backported in 6.12.30"
12792 12980
12793CVE_STATUS[CVE-2025-38049] = "cpe-stable-backport: Backported in 6.12.23" 12981CVE_STATUS[CVE-2025-38049] = "cpe-stable-backport: Backported in 6.12.23"
12794 12982
12795# CVE-2025-38104 needs backporting (fixed from 6.15rc1) 12983# CVE-2025-38104 needs backporting (fixed from 6.15)
12796 12984
12797CVE_STATUS[CVE-2025-38152] = "cpe-stable-backport: Backported in 6.12.23" 12985CVE_STATUS[CVE-2025-38152] = "cpe-stable-backport: Backported in 6.12.23"
12798 12986
@@ -12808,7 +12996,7 @@ CVE_STATUS[CVE-2025-39688] = "cpe-stable-backport: Backported in 6.12.23"
12808 12996
12809CVE_STATUS[CVE-2025-39728] = "cpe-stable-backport: Backported in 6.12.23" 12997CVE_STATUS[CVE-2025-39728] = "cpe-stable-backport: Backported in 6.12.23"
12810 12998
12811CVE_STATUS[CVE-2025-39735] = "fixed-version: only affects 6.13 onwards" 12999CVE_STATUS[CVE-2025-39735] = "cpe-stable-backport: Backported in 6.12.23"
12812 13000
12813CVE_STATUS[CVE-2025-39755] = "fixed-version: only affects 6.13 onwards" 13001CVE_STATUS[CVE-2025-39755] = "fixed-version: only affects 6.13 onwards"
12814 13002
@@ -12818,11 +13006,11 @@ CVE_STATUS[CVE-2025-39930] = "fixed-version: only affects 6.14 onwards"
12818 13006
12819CVE_STATUS[CVE-2025-39989] = "cpe-stable-backport: Backported in 6.12.23" 13007CVE_STATUS[CVE-2025-39989] = "cpe-stable-backport: Backported in 6.12.23"
12820 13008
12821# CVE-2025-40014 needs backporting (fixed from 6.15rc1) 13009# CVE-2025-40014 needs backporting (fixed from 6.15)
12822 13010
12823CVE_STATUS[CVE-2025-40114] = "cpe-stable-backport: Backported in 6.12.23" 13011CVE_STATUS[CVE-2025-40114] = "cpe-stable-backport: Backported in 6.12.23"
12824 13012
12825# CVE-2025-40325 needs backporting (fixed from 6.15rc1) 13013# CVE-2025-40325 needs backporting (fixed from 6.15)
12826 13014
12827# CVE-2025-40364 has no known resolution 13015# CVE-2025-40364 has no known resolution
12828 13016
diff --git a/meta/recipes-kernel/linux/generate-cve-exclusions.py b/meta/recipes-kernel/linux/generate-cve-exclusions.py
index 302ec8ebc9..dfc16663a5 100755
--- a/meta/recipes-kernel/linux/generate-cve-exclusions.py
+++ b/meta/recipes-kernel/linux/generate-cve-exclusions.py
@@ -11,6 +11,7 @@ import json
11import pathlib 11import pathlib
12import os 12import os
13import glob 13import glob
14import subprocess
14 15
15from packaging.version import Version 16from packaging.version import Version
16 17
@@ -42,9 +43,11 @@ def get_fixed_versions(cve_info, base_version):
42 if affected["defaultStatus"] == "affected": 43 if affected["defaultStatus"] == "affected":
43 for version in affected["versions"]: 44 for version in affected["versions"]:
44 v = Version(version["version"]) 45 v = Version(version["version"])
45 if v == 0: 46 if v == Version('0'):
46 #Skiping non-affected 47 #Skiping non-affected
47 continue 48 continue
49 if version["status"] == "unaffected" and first_affected and v < first_affected:
50 first_affected = Version(f"{v.major}.{v.minor}")
48 if version["status"] == "affected" and not first_affected: 51 if version["status"] == "affected" and not first_affected:
49 first_affected = v 52 first_affected = v
50 elif (version["status"] == "unaffected" and 53 elif (version["status"] == "unaffected" and
@@ -90,13 +93,16 @@ def main(argp=None):
90 parser.add_argument("version", type=Version, help="Kernel version number to generate data for, such as 6.1.38") 93 parser.add_argument("version", type=Version, help="Kernel version number to generate data for, such as 6.1.38")
91 94
92 args = parser.parse_args(argp) 95 args = parser.parse_args(argp)
93 datadir = args.datadir 96 datadir = args.datadir.resolve()
94 version = args.version 97 version = args.version
95 base_version = Version(f"{version.major}.{version.minor}") 98 base_version = Version(f"{version.major}.{version.minor}")
96 99
100 data_version = subprocess.check_output(("git", "describe", "--tags", "HEAD"), cwd=datadir, text=True)
101
97 print(f""" 102 print(f"""
98# Auto-generated CVE metadata, DO NOT EDIT BY HAND. 103# Auto-generated CVE metadata, DO NOT EDIT BY HAND.
99# Generated at {datetime.datetime.now(datetime.timezone.utc)} for version {version} 104# Generated at {datetime.datetime.now(datetime.timezone.utc)} for kernel version {version}
105# From {datadir.name} {data_version}
100 106
101python check_kernel_cve_status_version() {{ 107python check_kernel_cve_status_version() {{
102 this_version = "{version}" 108 this_version = "{version}"
@@ -139,7 +145,7 @@ do_cve_check[prefuncs] += "check_kernel_cve_status_version"
139 f'CVE_STATUS[{cve}] = "cpe-stable-backport: Backported in {backport_ver}"' 145 f'CVE_STATUS[{cve}] = "cpe-stable-backport: Backported in {backport_ver}"'
140 ) 146 )
141 else: 147 else:
142 print(f"# {cve} needs backporting (fixed from {backport_ver})") 148 print(f"# {cve} may need backporting (fixed from {backport_ver})")
143 else: 149 else:
144 print(f"# {cve} needs backporting (fixed from {fixed})") 150 print(f"# {cve} needs backporting (fixed from {fixed})")
145 151
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb
index 6560175461..24d93645ca 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb
@@ -14,13 +14,13 @@ python () {
14 raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") 14 raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
15} 15}
16 16
17SRCREV_machine ?= "28fcf1f308c59515410f6a0d0bc3278d5296a3c1" 17SRCREV_machine ?= "3d3d56a846c993611859096016322dccea1317cd"
18SRCREV_meta ?= "a50ff542f8d79235030741f9e850d34768907d2d" 18SRCREV_meta ?= "60484dda26122958e5f4d8f813424fa637770bf6"
19 19
20SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \ 20SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
21 git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.12;destsuffix=${KMETA};protocol=https" 21 git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.12;destsuffix=${KMETA};protocol=https"
22 22
23LINUX_VERSION ?= "6.12.27" 23LINUX_VERSION ?= "6.12.30"
24 24
25LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" 25LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
26 26
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb
index cf6014efad..042adf94d0 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb
@@ -8,7 +8,7 @@ require recipes-kernel/linux/linux-yocto.inc
8# CVE exclusions 8# CVE exclusions
9include recipes-kernel/linux/cve-exclusion_6.12.inc 9include recipes-kernel/linux/cve-exclusion_6.12.inc
10 10
11LINUX_VERSION ?= "6.12.27" 11LINUX_VERSION ?= "6.12.30"
12LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" 12LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
13 13
14DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" 14DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -17,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native"
17KMETA = "kernel-meta" 17KMETA = "kernel-meta"
18KCONF_BSP_AUDIT_LEVEL = "2" 18KCONF_BSP_AUDIT_LEVEL = "2"
19 19
20SRCREV_machine ?= "5b22e7aef539a991b75fa45101cbc02051327cb6" 20SRCREV_machine ?= "0898369ce44f92eba60ae9bf0013bc4338ce840e"
21SRCREV_meta ?= "a50ff542f8d79235030741f9e850d34768907d2d" 21SRCREV_meta ?= "60484dda26122958e5f4d8f813424fa637770bf6"
22 22
23PV = "${LINUX_VERSION}+git" 23PV = "${LINUX_VERSION}+git"
24 24
diff --git a/meta/recipes-kernel/linux/linux-yocto_6.12.bb b/meta/recipes-kernel/linux/linux-yocto_6.12.bb
index fefed8c9c5..e282a89983 100644
--- a/meta/recipes-kernel/linux/linux-yocto_6.12.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_6.12.bb
@@ -18,25 +18,25 @@ KBRANCH:qemux86.104 ?= "v6.12/standard/base"
18KBRANCH:qemuloongarch64 ?= "v6.12/standard/base" 18KBRANCH:qemuloongarch64 ?= "v6.12/standard/base"
19KBRANCH:qemumips64 ?= "v6.12/standard/mti-malta64" 19KBRANCH:qemumips64 ?= "v6.12/standard/mti-malta64"
20 20
21SRCREV_machine:qemuarm ?= "e1aec462165a127bd7a549f77e8e955c6d38ba79" 21SRCREV_machine:qemuarm ?= "5c1cc01b780f83de6f9c0bacf45ffa2de68be95c"
22SRCREV_machine:qemuarm64 ?= "5b22e7aef539a991b75fa45101cbc02051327cb6" 22SRCREV_machine:qemuarm64 ?= "0898369ce44f92eba60ae9bf0013bc4338ce840e"
23SRCREV_machine:qemuloongarch64 ?= "5b22e7aef539a991b75fa45101cbc02051327cb6" 23SRCREV_machine:qemuloongarch64 ?= "0898369ce44f92eba60ae9bf0013bc4338ce840e"
24SRCREV_machine:qemumips ?= "c8eb4283f60d76e0f0e3db984bb09e1309550604" 24SRCREV_machine:qemumips ?= "87d7d289ec3d56a1bd1d7a7c7cb46af8cf6c0f27"
25SRCREV_machine:qemuppc ?= "5b22e7aef539a991b75fa45101cbc02051327cb6" 25SRCREV_machine:qemuppc ?= "0898369ce44f92eba60ae9bf0013bc4338ce840e"
26SRCREV_machine:qemuriscv64 ?= "5b22e7aef539a991b75fa45101cbc02051327cb6" 26SRCREV_machine:qemuriscv64 ?= "0898369ce44f92eba60ae9bf0013bc4338ce840e"
27SRCREV_machine:qemuriscv32 ?= "5b22e7aef539a991b75fa45101cbc02051327cb6" 27SRCREV_machine:qemuriscv32 ?= "0898369ce44f92eba60ae9bf0013bc4338ce840e"
28SRCREV_machine:qemux86 ?= "5b22e7aef539a991b75fa45101cbc02051327cb6" 28SRCREV_machine:qemux86 ?= "0898369ce44f92eba60ae9bf0013bc4338ce840e"
29SRCREV_machine:qemux86-64 ?= "5b22e7aef539a991b75fa45101cbc02051327cb6" 29SRCREV_machine:qemux86-64 ?= "0898369ce44f92eba60ae9bf0013bc4338ce840e"
30SRCREV_machine:qemumips64 ?= "8e88d1714f7f56efc4650cf84b86845d44c01eb1" 30SRCREV_machine:qemumips64 ?= "98a85ed93bd5eaefe30c4aa3f7c15549be2bd032"
31SRCREV_machine ?= "5b22e7aef539a991b75fa45101cbc02051327cb6" 31SRCREV_machine ?= "0898369ce44f92eba60ae9bf0013bc4338ce840e"
32SRCREV_meta ?= "a50ff542f8d79235030741f9e850d34768907d2d" 32SRCREV_meta ?= "60484dda26122958e5f4d8f813424fa637770bf6"
33 33
34# set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll 34# set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
35# get the <version>/base branch, which is pure upstream -stable, and the same 35# get the <version>/base branch, which is pure upstream -stable, and the same
36# meta SRCREV as the linux-yocto-standard builds. Select your version using the 36# meta SRCREV as the linux-yocto-standard builds. Select your version using the
37# normal PREFERRED_VERSION settings. 37# normal PREFERRED_VERSION settings.
38BBCLASSEXTEND = "devupstream:target" 38BBCLASSEXTEND = "devupstream:target"
39SRCREV_machine:class-devupstream ?= "b801eaa96a5a2f2a8fe0b5982ffe4a1fba3c1e93" 39SRCREV_machine:class-devupstream ?= "e0e2f78243385e7188a57fcfceb6a19f723f1dff"
40PN:class-devupstream = "linux-yocto-upstream" 40PN:class-devupstream = "linux-yocto-upstream"
41KBRANCH:class-devupstream = "v6.12/base" 41KBRANCH:class-devupstream = "v6.12/base"
42 42
@@ -44,7 +44,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
44 git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.12;destsuffix=${KMETA};protocol=https" 44 git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.12;destsuffix=${KMETA};protocol=https"
45 45
46LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" 46LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
47LINUX_VERSION ?= "6.12.27" 47LINUX_VERSION ?= "6.12.30"
48 48
49PV = "${LINUX_VERSION}+git" 49PV = "${LINUX_VERSION}+git"
50 50
@@ -72,5 +72,8 @@ KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "ptest", " cg
72KERNEL_FEATURES:append:powerpc = " arch/powerpc/powerpc-debug.scc" 72KERNEL_FEATURES:append:powerpc = " arch/powerpc/powerpc-debug.scc"
73KERNEL_FEATURES:append:powerpc64 = " arch/powerpc/powerpc-debug.scc" 73KERNEL_FEATURES:append:powerpc64 = " arch/powerpc/powerpc-debug.scc"
74KERNEL_FEATURES:append:powerpc64le = " arch/powerpc/powerpc-debug.scc" 74KERNEL_FEATURES:append:powerpc64le = " arch/powerpc/powerpc-debug.scc"
75 75# Do not add debug info for riscv32, it fails during depmod
76# ERROR: modpost: __ex_table+0x17a4 references non-executable section '.debug_loclists'
77# Check again during next major version upgrade
78KERNEL_FEATURES:remove:riscv32 = "features/debug/debug-kernel.scc"
76INSANE_SKIP:kernel-vmlinux:qemuppc64 = "textrel" 79INSANE_SKIP:kernel-vmlinux:qemuppc64 = "textrel"
diff --git a/meta/recipes-kernel/systemtap/systemtap_git.bb b/meta/recipes-kernel/systemtap/systemtap_git.bb
index 21d50ffb04..254bac4d6f 100644
--- a/meta/recipes-kernel/systemtap/systemtap_git.bb
+++ b/meta/recipes-kernel/systemtap/systemtap_git.bb
@@ -99,3 +99,7 @@ do_install:append () {
99} 99}
100 100
101BBCLASSEXTEND = "nativesdk" 101BBCLASSEXTEND = "nativesdk"
102
103# Emits lot of warning which are treated as errors
104# They must be looked into before disabling
105TOOLCHAIN = "gcc"
diff --git a/meta/recipes-sato/webkit/webkitgtk/fix-ftbfs-non-arm-non-x86.patch b/meta/recipes-sato/webkit/webkitgtk/fix-ftbfs-non-arm-non-x86.patch
deleted file mode 100644
index 2381acb1b0..0000000000
--- a/meta/recipes-sato/webkit/webkitgtk/fix-ftbfs-non-arm-non-x86.patch
+++ /dev/null
@@ -1,31 +0,0 @@
1From 8bee9eb95ae24c6a410f9cd614976f4653d020d9 Mon Sep 17 00:00:00 2001
2From: Michael Catanzaro <mcatanzaro@redhat.com>
3Date: Wed, 2 Apr 2025 15:01:55 -0500
4Subject: [PATCH] REGRESSION(290945.129@webkitglib/2.48): Broke non-x86,
5 non-ARM builds https://bugs.webkit.org/show_bug.cgi?id=287662
6
7Unreviewed stable branch build fix.
8
9* Source/WebCore/platform/audio/DenormalDisabler.cpp:
10
11Canonical link: https://commits.webkit.org/290945.155@webkitglib/2.48
12
13Upstream-Status: Backport [https://github.com/WebKit/WebKit/commit/8bee9eb95ae24c6a410f9cd614976f4653d020d9]
14Signed-off-by: Khem Raj <raj.khem@gmail.com>
15---
16 Source/WebCore/platform/audio/DenormalDisabler.cpp | 2 +-
17 1 file changed, 1 insertion(+), 1 deletion(-)
18
19diff --git a/Source/WebCore/platform/audio/DenormalDisabler.cpp b/Source/WebCore/platform/audio/DenormalDisabler.cpp
20index 35715e663ce7e..44ba08a33d5d9 100644
21--- a/Source/WebCore/platform/audio/DenormalDisabler.cpp
22+++ b/Source/WebCore/platform/audio/DenormalDisabler.cpp
23@@ -91,7 +91,7 @@ DenormalDisabler::~DenormalDisabler()
24 }
25 }
26 #else
27-DenormalDisabler::DenormalDisabler() = default
28+DenormalDisabler::DenormalDisabler() = default;
29 DenormalDisabler::~DenormalDisabler() = default;
30 #endif
31
diff --git a/meta/recipes-sato/webkit/webkitgtk_2.48.1.bb b/meta/recipes-sato/webkit/webkitgtk_2.48.2.bb
index a58b44440e..75a39558db 100644
--- a/meta/recipes-sato/webkit/webkitgtk_2.48.1.bb
+++ b/meta/recipes-sato/webkit/webkitgtk_2.48.2.bb
@@ -18,9 +18,8 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \
18 file://sys_futex.patch \ 18 file://sys_futex.patch \
19 file://0001-Fix-build-errors-on-RISCV-https-bugs.webkit.org-show.patch \ 19 file://0001-Fix-build-errors-on-RISCV-https-bugs.webkit.org-show.patch \
20 file://fix-ftbfs-riscv64.patch \ 20 file://fix-ftbfs-riscv64.patch \
21 file://fix-ftbfs-non-arm-non-x86.patch \
22 " 21 "
23SRC_URI[sha256sum] = "98efdf21c4cdca0fe0b73ab5a8cb52093b5aa52d9b1b016a93f71dbfa1eb258f" 22SRC_URI[sha256sum] = "ec58f6dfc25d3b360388e192f865068d69aab09b4d7df021f90e314d2fa54f37"
24 23
25inherit cmake pkgconfig gobject-introspection perlnative features_check upstream-version-is-even gi-docgen 24inherit cmake pkgconfig gobject-introspection perlnative features_check upstream-version-is-even gi-docgen
26 25
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-06-01 05:57:29 +0000