From: Kai <kai.kang@windriver.com>
To: yoann.congal@smile.fr, Jinfeng.Wang.CN@windriver.com,
openembedded-core@lists.openembedded.org
Subject: Re: [OE-core] [scarthgap][PATCH 12/12] libpcap: 1.10.4 -> 1.10.6
Date: Wed, 6 May 2026 11:05:39 +0800 [thread overview]
Message-ID: <150bd5e7-5929-463c-b4eb-8fcaab2fde30@windriver.com> (raw)
In-Reply-To: <DI18MGLHCOVA.322PMTYWVZE49@smile.fr>
On 4/24/26 16:21, Yoann Congal via lists.openembedded.org wrote:
> On Thu Apr 9, 2026 at 8:16 AM CEST, Jinfeng (CN) via lists.openembedded.org Wang wrote:
>> From: Kai Kang <kai.kang@windriver.com>
>>
>> Upgrade libpcap from 1.10.4 to 1.10.6 which includes fix for CVEs.
>>
>> Remove backported patches which have been incorporated in 1.10.6:
>>
>> * CVE-2023-7256-pre1.patch
>> * CVE-2023-7256.patch
>> * CVE-2024-8006.patch
>> * CVE-2025-11961-01.patch
>> * CVE-2025-11961-02.patch
>> * CVE-2025-11964.patch
>>
>> [1]: https://nvd.nist.gov/vuln/detail/CVE-2025-11961
>> [2]: https://nvd.nist.gov/vuln/detail/CVE-2025-11964
>>
>> Signed-off-by: Kai Kang <kai.kang@windriver.com>
>> Signed-off-by: Jinfeng Wang <jinfeng.wang.cn@windriver.com>
>> ---
> (Same as the zlib patch) Please add the changelog:
> https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.10.6/CHANGES#L1-L271
>
> In this release, I see:
> * a lot of "Add <new link type>" => sounds like new features
> * Some API changes:
> pcap: make the seconds and microseconds/nanoseconds fields unsigned.
> Rename helper routines for pcap modules to have names beginning with
> pcapint_, to avoid namespace collisions for code linking statically
> with libpcap.
>
> Sorry, I don't think I can accept this upgrade.
Hi Yoann,
I asked the libpcap community that the upper issues should not block to
upgrade, please see
https://github.com/the-tcpdump-group/libpcap/issues/1674
Regards,
Kai
>
>> .../libpcap/libpcap/CVE-2023-7256-pre1.patch | 37 --
>> .../libpcap/libpcap/CVE-2023-7256.patch | 365 ---------------
>> .../libpcap/libpcap/CVE-2024-8006.patch | 42 --
>> .../libpcap/libpcap/CVE-2025-11961-01.patch | 38 --
>> .../libpcap/libpcap/CVE-2025-11961-02.patch | 433 ------------------
>> .../libpcap/libpcap/CVE-2025-11964.patch | 33 --
>> .../{libpcap_1.10.4.bb => libpcap_1.10.6.bb} | 8 +-
>> 7 files changed, 1 insertion(+), 955 deletions(-)
>> delete mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256-pre1.patch
>> delete mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256.patch
>> delete mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2024-8006.patch
>> delete mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-01.patch
>> delete mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-02.patch
>> delete mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch
>> rename meta/recipes-connectivity/libpcap/{libpcap_1.10.4.bb => libpcap_1.10.6.bb} (83%)
>>
>> diff --git a/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256-pre1.patch b/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256-pre1.patch
>> deleted file mode 100644
>> index 64abfb85cd..0000000000
>> --- a/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256-pre1.patch
>> +++ /dev/null
>> @@ -1,37 +0,0 @@
>> -From 73da0d4d65ef0925772b7b7f82a5fbb3ff2c5e4f Mon Sep 17 00:00:00 2001
>> -From: Rose <83477269+AtariDreams@users.noreply.github.com>
>> -Date: Tue, 16 May 2023 12:37:11 -0400
>> -Subject: [PATCH] Remove unused variable retval in sock_present2network
>> -
>> -This quiets the compiler since it is not even returned anyway, and is a misleading variable name.
>> -
>> -(cherry picked from commit c7b90298984c46d820d3cee79a96d24870b5f200)
>> -
>> -Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/73da0d4d65ef0925772b7b7f82a5fbb3ff2c5e4f]
>> -CVE: CVE-2023-7256 #Dependency Patch
>> -Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
>> ----
>> - sockutils.c | 3 +--
>> - 1 file changed, 1 insertion(+), 2 deletions(-)
>> -
>> -diff --git a/sockutils.c b/sockutils.c
>> -index 1c07f76fd1..6752f296af 100644
>> ---- a/sockutils.c
>> -+++ b/sockutils.c
>> -@@ -2082,7 +2082,6 @@ int sock_getascii_addrport(const struct sockaddr_storage *sockaddr, char *addres
>> - */
>> - int sock_present2network(const char *address, struct sockaddr_storage *sockaddr, int addr_family, char *errbuf, int errbuflen)
>> - {
>> -- int retval;
>> - struct addrinfo *addrinfo;
>> - struct addrinfo hints;
>> -
>> -@@ -2090,7 +2089,7 @@ int sock_present2network(const char *address, struct sockaddr_storage *sockaddr,
>> -
>> - hints.ai_family = addr_family;
>> -
>> -- if ((retval = sock_initaddress(address, "22222" /* fake port */, &hints, &addrinfo, errbuf, errbuflen)) == -1)
>> -+ if (sock_initaddress(address, "22222" /* fake port */, &hints, &addrinfo, errbuf, errbuflen) == -1)
>> - return 0;
>> -
>> - if (addrinfo->ai_family == PF_INET)
>> diff --git a/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256.patch b/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256.patch
>> deleted file mode 100644
>> index fffcb2704a..0000000000
>> --- a/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256.patch
>> +++ /dev/null
>> @@ -1,365 +0,0 @@
>> -From 2aa69b04d8173b18a0e3492e0c8f2f7fabdf642d Mon Sep 17 00:00:00 2001
>> -From: Guy Harris <gharris@sonic.net>
>> -Date: Thu, 28 Sep 2023 00:37:57 -0700
>> -Subject: [PATCH] Have sock_initaddress() return the list of addrinfo
>> - structures or NULL.
>> -
>> -Its return address is currently 0 for success and -1 for failure, with a
>> -pointer to the first element of the list of struct addrinfos returned
>> -through a pointer on success; change it to return that pointer on
>> -success and NULL on failure.
>> -
>> -That way, we don't have to worry about what happens to the pointer
>> -pointeed to by the argument in question on failure; we know that we got
>> -NULL back if no struct addrinfos were found because getaddrinfo()
>> -failed. Thus, we know that we have something to free iff
>> -sock_initaddress() returned a pointer to that something rather than
>> -returning NULL.
>> -
>> -This avoids a double-free in some cases.
>> -
>> -This is apparently CVE-2023-40400.
>> -
>> -(backported from commit 262e4f34979872d822ccedf9f318ed89c4d31c03)
>> -
>> -Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/2aa69b04d8173b18a0e3492e0c8f2f7fabdf642d]
>> -CVE: CVE-2023-7256
>> -Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
>> ----
>> - pcap-rpcap.c | 48 ++++++++++++++++++++--------------------
>> - rpcapd/daemon.c | 8 +++++--
>> - rpcapd/rpcapd.c | 8 +++++--
>> - sockutils.c | 58 ++++++++++++++++++++++++++++---------------------
>> - sockutils.h | 5 ++---
>> - 5 files changed, 72 insertions(+), 55 deletions(-)
>> -
>> -diff --git a/pcap-rpcap.c b/pcap-rpcap.c
>> -index ef0cd6e49c..f1992e4aea 100644
>> ---- a/pcap-rpcap.c
>> -+++ b/pcap-rpcap.c
>> -@@ -1024,7 +1024,6 @@ rpcap_remoteact_getsock(const char *host, int *error, char *errbuf)
>> - {
>> - struct activehosts *temp; /* temp var needed to scan the host list chain */
>> - struct addrinfo hints, *addrinfo, *ai_next; /* temp var needed to translate between hostname to its address */
>> -- int retval;
>> -
>> - /* retrieve the network address corresponding to 'host' */
>> - addrinfo = NULL;
>> -@@ -1032,9 +1031,9 @@ rpcap_remoteact_getsock(const char *host, int *error, char *errbuf)
>> - hints.ai_family = PF_UNSPEC;
>> - hints.ai_socktype = SOCK_STREAM;
>> -
>> -- retval = sock_initaddress(host, NULL, &hints, &addrinfo, errbuf,
>> -+ addrinfo = sock_initaddress(host, NULL, &hints, errbuf,
>> - PCAP_ERRBUF_SIZE);
>> -- if (retval != 0)
>> -+ if (addrinfo == NULL)
>> - {
>> - *error = 1;
>> - return NULL;
>> -@@ -1186,7 +1185,9 @@ static int pcap_startcapture_remote(pcap_t *fp)
>> - hints.ai_flags = AI_PASSIVE; /* Data connection is opened by the server toward the client */
>> -
>> - /* Let's the server pick up a free network port for us */
>> -- if (sock_initaddress(NULL, NULL, &hints, &addrinfo, fp->errbuf, PCAP_ERRBUF_SIZE) == -1)
>> -+ addrinfo = sock_initaddress(NULL, NULL, &hints, fp->errbuf,
>> -+ PCAP_ERRBUF_SIZE);
>> -+ if (addrinfo == NULL)
>> - goto error_nodiscard;
>> -
>> - if ((sockdata = sock_open(NULL, addrinfo, SOCKOPEN_SERVER,
>> -@@ -1311,7 +1312,9 @@ static int pcap_startcapture_remote(pcap_t *fp)
>> - snprintf(portstring, PCAP_BUF_SIZE, "%d", ntohs(startcapreply.portdata));
>> -
>> - /* Let's the server pick up a free network port for us */
>> -- if (sock_initaddress(host, portstring, &hints, &addrinfo, fp->errbuf, PCAP_ERRBUF_SIZE) == -1)
>> -+ addrinfo = sock_initaddress(host, portstring, &hints,
>> -+ fp->errbuf, PCAP_ERRBUF_SIZE);
>> -+ if (addrinfo == NULL)
>> - goto error;
>> -
>> - if ((sockdata = sock_open(host, addrinfo, SOCKOPEN_CLIENT, 0, fp->errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
>> -@@ -2340,16 +2343,16 @@ rpcap_setup_session(const char *source, struct pcap_rmtauth *auth,
>> - if (port[0] == 0)
>> - {
>> - /* the user chose not to specify the port */
>> -- if (sock_initaddress(host, RPCAP_DEFAULT_NETPORT,
>> -- &hints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
>> -- return -1;
>> -+ addrinfo = sock_initaddress(host, RPCAP_DEFAULT_NETPORT,
>> -+ &hints, errbuf, PCAP_ERRBUF_SIZE);
>> - }
>> - else
>> - {
>> -- if (sock_initaddress(host, port, &hints, &addrinfo,
>> -- errbuf, PCAP_ERRBUF_SIZE) == -1)
>> -- return -1;
>> -+ addrinfo = sock_initaddress(host, port, &hints,
>> -+ errbuf, PCAP_ERRBUF_SIZE);
>> - }
>> -+ if (addrinfo == NULL)
>> -+ return -1;
>> -
>> - if ((*sockctrlp = sock_open(host, addrinfo, SOCKOPEN_CLIENT, 0,
>> - errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
>> -@@ -2950,19 +2953,19 @@ SOCKET pcap_remoteact_accept_ex(const char *address, const char *port, const cha
>> - /* Do the work */
>> - if ((port == NULL) || (port[0] == 0))
>> - {
>> -- if (sock_initaddress(address, RPCAP_DEFAULT_NETPORT_ACTIVE, &hints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
>> -- {
>> -- return (SOCKET)-2;
>> -- }
>> -+ addrinfo = sock_initaddress(address,
>> -+ RPCAP_DEFAULT_NETPORT_ACTIVE, &hints, errbuf,
>> -+ PCAP_ERRBUF_SIZE);
>> - }
>> - else
>> - {
>> -- if (sock_initaddress(address, port, &hints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
>> -- {
>> -- return (SOCKET)-2;
>> -- }
>> -+ addrinfo = sock_initaddress(address, port, &hints, errbuf,
>> -+ PCAP_ERRBUF_SIZE);
>> -+ }
>> -+ if (addrinfo == NULL)
>> -+ {
>> -+ return (SOCKET)-2;
>> - }
>> --
>> -
>> - if ((sockmain = sock_open(NULL, addrinfo, SOCKOPEN_SERVER, 1, errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
>> - {
>> -@@ -3122,7 +3125,6 @@ int pcap_remoteact_close(const char *host, char *errbuf)
>> - {
>> - struct activehosts *temp, *prev; /* temp var needed to scan the host list chain */
>> - struct addrinfo hints, *addrinfo, *ai_next; /* temp var needed to translate between hostname to its address */
>> -- int retval;
>> -
>> - temp = activeHosts;
>> - prev = NULL;
>> -@@ -3133,9 +3135,9 @@ int pcap_remoteact_close(const char *host, char *errbuf)
>> - hints.ai_family = PF_UNSPEC;
>> - hints.ai_socktype = SOCK_STREAM;
>> -
>> -- retval = sock_initaddress(host, NULL, &hints, &addrinfo, errbuf,
>> -+ addrinfo = sock_initaddress(host, NULL, &hints, errbuf,
>> - PCAP_ERRBUF_SIZE);
>> -- if (retval != 0)
>> -+ if (addrinfo == NULL)
>> - {
>> - return -1;
>> - }
>> -diff --git a/rpcapd/daemon.c b/rpcapd/daemon.c
>> -index 8d620dd604..b04b29f107 100644
>> ---- a/rpcapd/daemon.c
>> -+++ b/rpcapd/daemon.c
>> -@@ -2085,7 +2085,9 @@ daemon_msg_startcap_req(uint8 ver, struct daemon_slpars *pars, uint32 plen,
>> - goto error;
>> - }
>> -
>> -- if (sock_initaddress(peerhost, portdata, &hints, &addrinfo, errmsgbuf, PCAP_ERRBUF_SIZE) == -1)
>> -+ addrinfo = sock_initaddress(peerhost, portdata, &hints,
>> -+ errmsgbuf, PCAP_ERRBUF_SIZE);
>> -+ if (addrinfo == NULL)
>> - goto error;
>> -
>> - if ((session->sockdata = sock_open(peerhost, addrinfo, SOCKOPEN_CLIENT, 0, errmsgbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
>> -@@ -2096,7 +2098,9 @@ daemon_msg_startcap_req(uint8 ver, struct daemon_slpars *pars, uint32 plen,
>> - hints.ai_flags = AI_PASSIVE;
>> -
>> - // Make the server socket pick up a free network port for us
>> -- if (sock_initaddress(NULL, NULL, &hints, &addrinfo, errmsgbuf, PCAP_ERRBUF_SIZE) == -1)
>> -+ addrinfo = sock_initaddress(NULL, NULL, &hints, errmsgbuf,
>> -+ PCAP_ERRBUF_SIZE);
>> -+ if (addrinfo == NULL)
>> - goto error;
>> -
>> - if ((session->sockdata = sock_open(NULL, addrinfo, SOCKOPEN_SERVER, 1 /* max 1 connection in queue */, errmsgbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
>> -diff --git a/rpcapd/rpcapd.c b/rpcapd/rpcapd.c
>> -index e1f3f05299..d166522c9f 100644
>> ---- a/rpcapd/rpcapd.c
>> -+++ b/rpcapd/rpcapd.c
>> -@@ -611,7 +611,9 @@ void main_startup(void)
>> - //
>> - // Get a list of sockets on which to listen.
>> - //
>> -- if (sock_initaddress((address[0]) ? address : NULL, port, &mainhints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
>> -+ addrinfo = sock_initaddress((address[0]) ? address : NULL,
>> -+ port, &mainhints, errbuf, PCAP_ERRBUF_SIZE);
>> -+ if (addrinfo == NULL)
>> - {
>> - rpcapd_log(LOGPRIO_DEBUG, "%s", errbuf);
>> - return;
>> -@@ -1350,7 +1352,9 @@ main_active(void *ptr)
>> - memset(errbuf, 0, sizeof(errbuf));
>> -
>> - // Do the work
>> -- if (sock_initaddress(activepars->address, activepars->port, &hints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
>> -+ addrinfo = sock_initaddress(activepars->address, activepars->port,
>> -+ &hints, errbuf, PCAP_ERRBUF_SIZE);
>> -+ if (addrinfo == NULL)
>> - {
>> - rpcapd_log(LOGPRIO_DEBUG, "%s", errbuf);
>> - return 0;
>> -diff --git a/sockutils.c b/sockutils.c
>> -index a1bfa1b5e2..823c2363e0 100644
>> ---- a/sockutils.c
>> -+++ b/sockutils.c
>> -@@ -1069,20 +1069,21 @@ get_gai_errstring(char *errbuf, int errbuflen, const char *prefix, int err,
>> - * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
>> - * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
>> - *
>> -- * \return '0' if everything is fine, '-1' if some errors occurred. The error message is returned
>> -- * in the 'errbuf' variable. The addrinfo variable that has to be used in the following sockets calls is
>> -- * returned into the addrinfo parameter.
>> -+ * \return a pointer to the first element in a list of addrinfo structures
>> -+ * if everything is fine, NULL if some errors occurred. The error message
>> -+ * is returned in the 'errbuf' variable.
>> - *
>> -- * \warning The 'addrinfo' variable has to be deleted by the programmer by calling freeaddrinfo() when
>> -- * it is no longer needed.
>> -+ * \warning The list of addrinfo structures returned has to be deleted by
>> -+ * the programmer by calling freeaddrinfo() when it is no longer needed.
>> - *
>> - * \warning This function requires the 'hints' variable as parameter. The semantic of this variable is the same
>> - * of the one of the corresponding variable used into the standard getaddrinfo() socket function. We suggest
>> - * the programmer to look at that function in order to set the 'hints' variable appropriately.
>> - */
>> --int sock_initaddress(const char *host, const char *port,
>> -- struct addrinfo *hints, struct addrinfo **addrinfo, char *errbuf, int errbuflen)
>> -+struct addrinfo *sock_initaddress(const char *host, const char *port,
>> -+ struct addrinfo *hints, char *errbuf, int errbuflen)
>> - {
>> -+ struct addrinfo *addrinfo;
>> - int retval;
>> -
>> - /*
>> -@@ -1094,9 +1095,13 @@ int sock_initaddress(const char *host, const char *port,
>> - * as those messages won't talk about a problem with the port if
>> - * no port was specified.
>> - */
>> -- retval = getaddrinfo(host, port == NULL ? "0" : port, hints, addrinfo);
>> -+ retval = getaddrinfo(host, port == NULL ? "0" : port, hints, &addrinfo);
>> - if (retval != 0)
>> - {
>> -+ /*
>> -+ * That call failed.
>> -+ * Determine whether the problem is that the host is bad.
>> -+ */
>> - if (errbuf)
>> - {
>> - if (host != NULL && port != NULL) {
>> -@@ -1108,7 +1113,7 @@ int sock_initaddress(const char *host, const char *port,
>> - int try_retval;
>> -
>> - try_retval = getaddrinfo(host, NULL, hints,
>> -- addrinfo);
>> -+ &addrinfo);
>> - if (try_retval == 0) {
>> - /*
>> - * Worked with just the host,
>> -@@ -1117,14 +1122,16 @@ int sock_initaddress(const char *host, const char *port,
>> - *
>> - * Free up the address info first.
>> - */
>> -- freeaddrinfo(*addrinfo);
>> -+ freeaddrinfo(addrinfo);
>> - get_gai_errstring(errbuf, errbuflen,
>> - "", retval, NULL, port);
>> - } else {
>> - /*
>> - * Didn't work with just the host,
>> - * so assume the problem is
>> -- * with the host.
>> -+ * with the host; we assume
>> -+ * the original error indicates
>> -+ * the underlying problem.
>> - */
>> - get_gai_errstring(errbuf, errbuflen,
>> - "", retval, host, NULL);
>> -@@ -1132,13 +1139,14 @@ int sock_initaddress(const char *host, const char *port,
>> - } else {
>> - /*
>> - * Either the host or port was null, so
>> -- * there's nothing to determine.
>> -+ * there's nothing to determine; report
>> -+ * the error from the original call.
>> - */
>> - get_gai_errstring(errbuf, errbuflen, "",
>> - retval, host, port);
>> - }
>> - }
>> -- return -1;
>> -+ return NULL;
>> - }
>> - /*
>> - * \warning SOCKET: I should check all the accept() in order to bind to all addresses in case
>> -@@ -1153,30 +1161,28 @@ int sock_initaddress(const char *host, const char *port,
>> - * ignore all addresses that are neither? (What, no IPX
>> - * support? :-))
>> - */
>> -- if (((*addrinfo)->ai_family != PF_INET) &&
>> -- ((*addrinfo)->ai_family != PF_INET6))
>> -+ if ((addrinfo->ai_family != PF_INET) &&
>> -+ (addrinfo->ai_family != PF_INET6))
>> - {
>> - if (errbuf)
>> - snprintf(errbuf, errbuflen, "getaddrinfo(): socket type not supported");
>> -- freeaddrinfo(*addrinfo);
>> -- *addrinfo = NULL;
>> -- return -1;
>> -+ freeaddrinfo(addrinfo);
>> -+ return NULL;
>> - }
>> -
>> - /*
>> - * You can't do multicast (or broadcast) TCP.
>> - */
>> -- if (((*addrinfo)->ai_socktype == SOCK_STREAM) &&
>> -- (sock_ismcastaddr((*addrinfo)->ai_addr) == 0))
>> -+ if ((addrinfo->ai_socktype == SOCK_STREAM) &&
>> -+ (sock_ismcastaddr(addrinfo->ai_addr) == 0))
>> - {
>> - if (errbuf)
>> - snprintf(errbuf, errbuflen, "getaddrinfo(): multicast addresses are not valid when using TCP streams");
>> -- freeaddrinfo(*addrinfo);
>> -- *addrinfo = NULL;
>> -- return -1;
>> -+ freeaddrinfo(addrinfo);
>> -+ return NULL;
>> - }
>> -
>> -- return 0;
>> -+ return addrinfo;
>> - }
>> -
>> - /*
>> -@@ -2089,7 +2095,9 @@ int sock_present2network(const char *address, struct sockaddr_storage *sockaddr,
>> -
>> - hints.ai_family = addr_family;
>> -
>> -- if (sock_initaddress(address, "22222" /* fake port */, &hints, &addrinfo, errbuf, errbuflen) == -1)
>> -+ addrinfo = sock_initaddress(address, "22222" /* fake port */, &hints,
>> -+ errbuf, errbuflen);
>> -+ if (addrinfo == NULL)
>> - return 0;
>> -
>> - if (addrinfo->ai_family == PF_INET)
>> -diff --git a/sockutils.h b/sockutils.h
>> -index a488d8fcb4..30b8cfe0b7 100644
>> ---- a/sockutils.h
>> -+++ b/sockutils.h
>> -@@ -138,9 +138,8 @@ void sock_fmterrmsg(char *errbuf, size_t errbuflen, int errcode,
>> - PCAP_FORMAT_STRING(const char *fmt), ...) PCAP_PRINTFLIKE(4, 5);
>> - void sock_geterrmsg(char *errbuf, size_t errbuflen,
>> - PCAP_FORMAT_STRING(const char *fmt), ...) PCAP_PRINTFLIKE(3, 4);
>> --int sock_initaddress(const char *address, const char *port,
>> -- struct addrinfo *hints, struct addrinfo **addrinfo,
>> -- char *errbuf, int errbuflen);
>> -+struct addrinfo *sock_initaddress(const char *address, const char *port,
>> -+ struct addrinfo *hints, char *errbuf, int errbuflen);
>> - int sock_recv(SOCKET sock, SSL *, void *buffer, size_t size, int receiveall,
>> - char *errbuf, int errbuflen);
>> - int sock_recv_dgram(SOCKET sock, SSL *, void *buffer, size_t size,
>> diff --git a/meta/recipes-connectivity/libpcap/libpcap/CVE-2024-8006.patch b/meta/recipes-connectivity/libpcap/libpcap/CVE-2024-8006.patch
>> deleted file mode 100644
>> index 6819aedd20..0000000000
>> --- a/meta/recipes-connectivity/libpcap/libpcap/CVE-2024-8006.patch
>> +++ /dev/null
>> @@ -1,42 +0,0 @@
>> -From 8a633ee5b9ecd9d38a587ac9b204e2380713b0d6 Mon Sep 17 00:00:00 2001
>> -From: Nicolas Badoux <n.badoux@hotmail.com>
>> -Date: Mon, 19 Aug 2024 12:31:53 +0200
>> -Subject: [PATCH] makes pcap_findalldevs_ex errors out if the directory does
>> - not exist
>> -
>> -(backported from commit 0f8a103469ce87d2b8d68c5130a46ddb7fb5eb29)
>> -
>> -Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/8a633ee5b9ecd9d38a587ac9b204e2380713b0d6]
>> -CVE: CVE-2024-8006
>> -Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
>> ----
>> - pcap-new.c | 9 ++++++++-
>> - 1 file changed, 8 insertions(+), 1 deletion(-)
>> -
>> -diff --git a/pcap-new.c b/pcap-new.c
>> -index be91b3f8db..d449ee623c 100644
>> ---- a/pcap-new.c
>> -+++ b/pcap-new.c
>> -@@ -230,6 +230,13 @@ int pcap_findalldevs_ex(const char *source, struct pcap_rmtauth *auth, pcap_if_t
>> - #else
>> - /* opening the folder */
>> - unixdir= opendir(path);
>> -+ if (unixdir == NULL) {
>> -+ DIAG_OFF_FORMAT_TRUNCATION
>> -+ snprintf(errbuf, PCAP_ERRBUF_SIZE,
>> -+ "Error when listing files: does folder '%s' exist?", path);
>> -+ DIAG_ON_FORMAT_TRUNCATION
>> -+ return -1;
>> -+ }
>> -
>> - /* get the first file into it */
>> - filedata= readdir(unixdir);
>> -@@ -237,7 +244,7 @@ int pcap_findalldevs_ex(const char *source, struct pcap_rmtauth *auth, pcap_if_t
>> - if (filedata == NULL)
>> - {
>> - DIAG_OFF_FORMAT_TRUNCATION
>> -- snprintf(errbuf, PCAP_ERRBUF_SIZE, "Error when listing files: does folder '%s' exist?", path);
>> -+ snprintf(errbuf, PCAP_ERRBUF_SIZE, "Error when listing files: does folder '%s' contain files?", path);
>> - DIAG_ON_FORMAT_TRUNCATION
>> - closedir(unixdir);
>> - return -1;
>> diff --git a/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-01.patch b/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-01.patch
>> deleted file mode 100644
>> index 73c3ab3f5c..0000000000
>> --- a/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-01.patch
>> +++ /dev/null
>> @@ -1,38 +0,0 @@
>> -From 7224be0fe2f4beb916b7b69141f478facd0f0634 Mon Sep 17 00:00:00 2001
>> -From: Denis Ovsienko <denis@ovsienko.info>
>> -Date: Sat, 27 Dec 2025 21:36:11 +0000
>> -Subject: [PATCH] Rename one of the xdtoi() copies to simplify backporting.
>> -
>> -CVE: CVE-2025-11961
>> -Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/7224be0fe2f4beb916b7b69141f478facd0f0634]
>> -Signed-off-by: Peter Marko <peter.marko@siemens.com>
>> ----
>> - nametoaddr.c | 6 +++---
>> - 1 file changed, 3 insertions(+), 3 deletions(-)
>> -
>> -diff --git a/nametoaddr.c b/nametoaddr.c
>> -index dc75495c..bdaacbf1 100644
>> ---- a/nametoaddr.c
>> -+++ b/nametoaddr.c
>> -@@ -646,7 +646,7 @@ pcap_nametollc(const char *s)
>> -
>> - /* Hex digit to 8-bit unsigned integer. */
>> - static inline u_char
>> --xdtoi(u_char c)
>> -+pcapint_xdtoi(u_char c)
>> - {
>> - if (c >= '0' && c <= '9')
>> - return (u_char)(c - '0');
>> -@@ -728,10 +728,10 @@ pcap_ether_aton(const char *s)
>> - while (*s) {
>> - if (*s == ':' || *s == '.' || *s == '-')
>> - s += 1;
>> -- d = xdtoi(*s++);
>> -+ d = pcapint_xdtoi(*s++);
>> - if (PCAP_ISXDIGIT(*s)) {
>> - d <<= 4;
>> -- d |= xdtoi(*s++);
>> -+ d |= pcapint_xdtoi(*s++);
>> - }
>> - *ep++ = d;
>> - }
>> diff --git a/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-02.patch b/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-02.patch
>> deleted file mode 100644
>> index 2dca7908ef..0000000000
>> --- a/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-02.patch
>> +++ /dev/null
>> @@ -1,433 +0,0 @@
>> -From b2d2f9a9a0581c40780bde509f7cc715920f1c02 Mon Sep 17 00:00:00 2001
>> -From: Denis Ovsienko <denis@ovsienko.info>
>> -Date: Fri, 19 Dec 2025 17:31:13 +0000
>> -Subject: [PATCH] CVE-2025-11961: Fix OOBR and OOBW in pcap_ether_aton().
>> -
>> -pcap_ether_aton() has for a long time required its string argument to be
>> -a well-formed MAC-48 address, which is always the case when the argument
>> -comes from other libpcap code, so the function has never validated the
>> -input and used a simple loop to parse any of the three common MAC-48
>> -address formats. However, the function has also been a part of the
>> -public API, so calling it directly with a malformed address can cause
>> -the loop to read beyond the end of the input string and/or to write
>> -beyond the end of the allocated output buffer.
>> -
>> -To handle invalid input more appropriately, replace the simple loop with
>> -new functions and require the input to match a supported address format.
>> -
>> -This problem was reported by Jin Wei, Kunwei Qian and Ping Chen.
>> -
>> -(backported from commit dd08e53e9380e217ae7c7768da9cc3d7bf37bf83)
>> -
>> -CVE: CVE-2025-11961
>> -Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/b2d2f9a9a0581c40780bde509f7cc715920f1c02]
>> -Signed-off-by: Peter Marko <peter.marko@siemens.com>
>> ----
>> - gencode.c | 5 +
>> - nametoaddr.c | 367 +++++++++++++++++++++++++++++++++++++++++++++++----
>> - 2 files changed, 349 insertions(+), 23 deletions(-)
>> -
>> -diff --git a/gencode.c b/gencode.c
>> -index 3ddd15f8..76fb2d82 100644
>> ---- a/gencode.c
>> -+++ b/gencode.c
>> -@@ -7228,6 +7228,11 @@ gen_ecode(compiler_state_t *cstate, const char *s, struct qual q)
>> - return (NULL);
>> -
>> - if ((q.addr == Q_HOST || q.addr == Q_DEFAULT) && q.proto == Q_LINK) {
>> -+ /*
>> -+ * Because the lexer guards the input string format, in this
>> -+ * context the function returns NULL iff the implicit malloc()
>> -+ * has failed.
>> -+ */
>> - cstate->e = pcap_ether_aton(s);
>> - if (cstate->e == NULL)
>> - bpf_error(cstate, "malloc");
>> -diff --git a/nametoaddr.c b/nametoaddr.c
>> -index f9fcd288..f50d0da5 100644
>> ---- a/nametoaddr.c
>> -+++ b/nametoaddr.c
>> -@@ -703,39 +703,360 @@ __pcap_atodn(const char *s, bpf_u_int32 *addr)
>> - return(32);
>> - }
>> -
>> -+// Man page: "xxxxxxxxxxxx", regexp: "^[0-9a-fA-F]{12}$".
>> -+static u_char
>> -+pcapint_atomac48_xxxxxxxxxxxx(const char *s, uint8_t *addr)
>> -+{
>> -+ if (strlen(s) == 12 &&
>> -+ PCAP_ISXDIGIT(s[0]) &&
>> -+ PCAP_ISXDIGIT(s[1]) &&
>> -+ PCAP_ISXDIGIT(s[2]) &&
>> -+ PCAP_ISXDIGIT(s[3]) &&
>> -+ PCAP_ISXDIGIT(s[4]) &&
>> -+ PCAP_ISXDIGIT(s[5]) &&
>> -+ PCAP_ISXDIGIT(s[6]) &&
>> -+ PCAP_ISXDIGIT(s[7]) &&
>> -+ PCAP_ISXDIGIT(s[8]) &&
>> -+ PCAP_ISXDIGIT(s[9]) &&
>> -+ PCAP_ISXDIGIT(s[10]) &&
>> -+ PCAP_ISXDIGIT(s[11])) {
>> -+ addr[0] = pcapint_xdtoi(s[0]) << 4 | pcapint_xdtoi(s[1]);
>> -+ addr[1] = pcapint_xdtoi(s[2]) << 4 | pcapint_xdtoi(s[3]);
>> -+ addr[2] = pcapint_xdtoi(s[4]) << 4 | pcapint_xdtoi(s[5]);
>> -+ addr[3] = pcapint_xdtoi(s[6]) << 4 | pcapint_xdtoi(s[7]);
>> -+ addr[4] = pcapint_xdtoi(s[8]) << 4 | pcapint_xdtoi(s[9]);
>> -+ addr[5] = pcapint_xdtoi(s[10]) << 4 | pcapint_xdtoi(s[11]);
>> -+ return 1;
>> -+ }
>> -+ return 0;
>> -+}
>> -+
>> -+// Man page: "xxxx.xxxx.xxxx", regexp: "^[0-9a-fA-F]{4}(\.[0-9a-fA-F]{4}){2}$".
>> -+static u_char
>> -+pcapint_atomac48_xxxx_3_times(const char *s, uint8_t *addr)
>> -+{
>> -+ const char sep = '.';
>> -+ if (strlen(s) == 14 &&
>> -+ PCAP_ISXDIGIT(s[0]) &&
>> -+ PCAP_ISXDIGIT(s[1]) &&
>> -+ PCAP_ISXDIGIT(s[2]) &&
>> -+ PCAP_ISXDIGIT(s[3]) &&
>> -+ s[4] == sep &&
>> -+ PCAP_ISXDIGIT(s[5]) &&
>> -+ PCAP_ISXDIGIT(s[6]) &&
>> -+ PCAP_ISXDIGIT(s[7]) &&
>> -+ PCAP_ISXDIGIT(s[8]) &&
>> -+ s[9] == sep &&
>> -+ PCAP_ISXDIGIT(s[10]) &&
>> -+ PCAP_ISXDIGIT(s[11]) &&
>> -+ PCAP_ISXDIGIT(s[12]) &&
>> -+ PCAP_ISXDIGIT(s[13])) {
>> -+ addr[0] = pcapint_xdtoi(s[0]) << 4 | pcapint_xdtoi(s[1]);
>> -+ addr[1] = pcapint_xdtoi(s[2]) << 4 | pcapint_xdtoi(s[3]);
>> -+ addr[2] = pcapint_xdtoi(s[5]) << 4 | pcapint_xdtoi(s[6]);
>> -+ addr[3] = pcapint_xdtoi(s[7]) << 4 | pcapint_xdtoi(s[8]);
>> -+ addr[4] = pcapint_xdtoi(s[10]) << 4 | pcapint_xdtoi(s[11]);
>> -+ addr[5] = pcapint_xdtoi(s[12]) << 4 | pcapint_xdtoi(s[13]);
>> -+ return 1;
>> -+ }
>> -+ return 0;
>> -+}
>> -+
>> - /*
>> -- * Convert 's', which can have the one of the forms:
>> -+ * Man page: "xx:xx:xx:xx:xx:xx", regexp: "^[0-9a-fA-F]{1,2}(:[0-9a-fA-F]{1,2}){5}$".
>> -+ * Man page: "xx-xx-xx-xx-xx-xx", regexp: "^[0-9a-fA-F]{1,2}(-[0-9a-fA-F]{1,2}){5}$".
>> -+ * Man page: "xx.xx.xx.xx.xx.xx", regexp: "^[0-9a-fA-F]{1,2}(\.[0-9a-fA-F]{1,2}){5}$".
>> -+ * (Any "xx" above can be "x", which is equivalent to "0x".)
>> - *
>> -- * "xx:xx:xx:xx:xx:xx"
>> -- * "xx.xx.xx.xx.xx.xx"
>> -- * "xx-xx-xx-xx-xx-xx"
>> -- * "xxxx.xxxx.xxxx"
>> -- * "xxxxxxxxxxxx"
>> -+ * An equivalent (and parametrisable for EUI-64) FSM could be implemented using
>> -+ * a smaller graph, but that graph would be neither acyclic nor planar nor
>> -+ * trivial to verify.
>> - *
>> -- * (or various mixes of ':', '.', and '-') into a new
>> -- * ethernet address. Assumes 's' is well formed.
>> -+ * |
>> -+ * [.] v
>> -+ * +<---------- START
>> -+ * | |
>> -+ * | | [0-9a-fA-F]
>> -+ * | [.] v
>> -+ * +<--------- BYTE0_X ----------+
>> -+ * | | |
>> -+ * | | [0-9a-fA-F] |
>> -+ * | [.] v |
>> -+ * +<--------- BYTE0_XX | [:\.-]
>> -+ * | | |
>> -+ * | | [:\.-] |
>> -+ * | [.] v |
>> -+ * +<----- BYTE0_SEP_BYTE1 <-----+
>> -+ * | |
>> -+ * | | [0-9a-fA-F]
>> -+ * | [.] v
>> -+ * +<--------- BYTE1_X ----------+
>> -+ * | | |
>> -+ * | | [0-9a-fA-F] |
>> -+ * | [.] v |
>> -+ * +<--------- BYTE1_XX | <sep>
>> -+ * | | |
>> -+ * | | <sep> |
>> -+ * | [.] v |
>> -+ * +<----- BYTE1_SEP_BYTE2 <-----+
>> -+ * | |
>> -+ * | | [0-9a-fA-F]
>> -+ * | [.] v
>> -+ * +<--------- BYTE2_X ----------+
>> -+ * | | |
>> -+ * | | [0-9a-fA-F] |
>> -+ * | [.] v |
>> -+ * +<--------- BYTE2_XX | <sep>
>> -+ * | | |
>> -+ * | | <sep> |
>> -+ * | [.] v |
>> -+ * +<----- BYTE2_SEP_BYTE3 <-----+
>> -+ * | |
>> -+ * | | [0-9a-fA-F]
>> -+ * | [.] v
>> -+ * +<--------- BYTE3_X ----------+
>> -+ * | | |
>> -+ * | | [0-9a-fA-F] |
>> -+ * | [.] v |
>> -+ * +<--------- BYTE3_XX | <sep>
>> -+ * | | |
>> -+ * | | <sep> |
>> -+ * | [.] v |
>> -+ * +<----- BYTE3_SEP_BYTE4 <-----+
>> -+ * | |
>> -+ * | | [0-9a-fA-F]
>> -+ * | [.] v
>> -+ * +<--------- BYTE4_X ----------+
>> -+ * | | |
>> -+ * | | [0-9a-fA-F] |
>> -+ * | [.] v |
>> -+ * +<--------- BYTE4_XX | <sep>
>> -+ * | | |
>> -+ * | | <sep> |
>> -+ * | [.] v |
>> -+ * +<----- BYTE4_SEP_BYTE5 <-----+
>> -+ * | |
>> -+ * | | [0-9a-fA-F]
>> -+ * | [.] v
>> -+ * +<--------- BYTE5_X ----------+
>> -+ * | | |
>> -+ * | | [0-9a-fA-F] |
>> -+ * | [.] v |
>> -+ * +<--------- BYTE5_XX | \0
>> -+ * | | |
>> -+ * | | \0 |
>> -+ * | | v
>> -+ * +--> (reject) +---------> (accept)
>> -+ *
>> -+ */
>> -+static u_char
>> -+pcapint_atomac48_x_xx_6_times(const char *s, uint8_t *addr)
>> -+{
>> -+ enum {
>> -+ START,
>> -+ BYTE0_X,
>> -+ BYTE0_XX,
>> -+ BYTE0_SEP_BYTE1,
>> -+ BYTE1_X,
>> -+ BYTE1_XX,
>> -+ BYTE1_SEP_BYTE2,
>> -+ BYTE2_X,
>> -+ BYTE2_XX,
>> -+ BYTE2_SEP_BYTE3,
>> -+ BYTE3_X,
>> -+ BYTE3_XX,
>> -+ BYTE3_SEP_BYTE4,
>> -+ BYTE4_X,
>> -+ BYTE4_XX,
>> -+ BYTE4_SEP_BYTE5,
>> -+ BYTE5_X,
>> -+ BYTE5_XX,
>> -+ } fsm_state = START;
>> -+ uint8_t buf[6];
>> -+ const char *seplist = ":.-";
>> -+ char sep;
>> -+
>> -+ while (*s) {
>> -+ switch (fsm_state) {
>> -+ case START:
>> -+ if (PCAP_ISXDIGIT(*s)) {
>> -+ buf[0] = pcapint_xdtoi(*s);
>> -+ fsm_state = BYTE0_X;
>> -+ break;
>> -+ }
>> -+ goto reject;
>> -+ case BYTE0_X:
>> -+ if (strchr(seplist, *s)) {
>> -+ sep = *s;
>> -+ fsm_state = BYTE0_SEP_BYTE1;
>> -+ break;
>> -+ }
>> -+ if (PCAP_ISXDIGIT(*s)) {
>> -+ buf[0] = buf[0] << 4 | pcapint_xdtoi(*s);
>> -+ fsm_state = BYTE0_XX;
>> -+ break;
>> -+ }
>> -+ goto reject;
>> -+ case BYTE0_XX:
>> -+ if (strchr(seplist, *s)) {
>> -+ sep = *s;
>> -+ fsm_state = BYTE0_SEP_BYTE1;
>> -+ break;
>> -+ }
>> -+ goto reject;
>> -+ case BYTE0_SEP_BYTE1:
>> -+ if (PCAP_ISXDIGIT(*s)) {
>> -+ buf[1] = pcapint_xdtoi(*s);
>> -+ fsm_state = BYTE1_X;
>> -+ break;
>> -+ }
>> -+ goto reject;
>> -+ case BYTE1_X:
>> -+ if (*s == sep) {
>> -+ fsm_state = BYTE1_SEP_BYTE2;
>> -+ break;
>> -+ }
>> -+ if (PCAP_ISXDIGIT(*s)) {
>> -+ buf[1] = buf[1] << 4 | pcapint_xdtoi(*s);
>> -+ fsm_state = BYTE1_XX;
>> -+ break;
>> -+ }
>> -+ goto reject;
>> -+ case BYTE1_XX:
>> -+ if (*s == sep) {
>> -+ fsm_state = BYTE1_SEP_BYTE2;
>> -+ break;
>> -+ }
>> -+ goto reject;
>> -+ case BYTE1_SEP_BYTE2:
>> -+ if (PCAP_ISXDIGIT(*s)) {
>> -+ buf[2] = pcapint_xdtoi(*s);
>> -+ fsm_state = BYTE2_X;
>> -+ break;
>> -+ }
>> -+ goto reject;
>> -+ case BYTE2_X:
>> -+ if (*s == sep) {
>> -+ fsm_state = BYTE2_SEP_BYTE3;
>> -+ break;
>> -+ }
>> -+ if (PCAP_ISXDIGIT(*s)) {
>> -+ buf[2] = buf[2] << 4 | pcapint_xdtoi(*s);
>> -+ fsm_state = BYTE2_XX;
>> -+ break;
>> -+ }
>> -+ goto reject;
>> -+ case BYTE2_XX:
>> -+ if (*s == sep) {
>> -+ fsm_state = BYTE2_SEP_BYTE3;
>> -+ break;
>> -+ }
>> -+ goto reject;
>> -+ case BYTE2_SEP_BYTE3:
>> -+ if (PCAP_ISXDIGIT(*s)) {
>> -+ buf[3] = pcapint_xdtoi(*s);
>> -+ fsm_state = BYTE3_X;
>> -+ break;
>> -+ }
>> -+ goto reject;
>> -+ case BYTE3_X:
>> -+ if (*s == sep) {
>> -+ fsm_state = BYTE3_SEP_BYTE4;
>> -+ break;
>> -+ }
>> -+ if (PCAP_ISXDIGIT(*s)) {
>> -+ buf[3] = buf[3] << 4 | pcapint_xdtoi(*s);
>> -+ fsm_state = BYTE3_XX;
>> -+ break;
>> -+ }
>> -+ goto reject;
>> -+ case BYTE3_XX:
>> -+ if (*s == sep) {
>> -+ fsm_state = BYTE3_SEP_BYTE4;
>> -+ break;
>> -+ }
>> -+ goto reject;
>> -+ case BYTE3_SEP_BYTE4:
>> -+ if (PCAP_ISXDIGIT(*s)) {
>> -+ buf[4] = pcapint_xdtoi(*s);
>> -+ fsm_state = BYTE4_X;
>> -+ break;
>> -+ }
>> -+ goto reject;
>> -+ case BYTE4_X:
>> -+ if (*s == sep) {
>> -+ fsm_state = BYTE4_SEP_BYTE5;
>> -+ break;
>> -+ }
>> -+ if (PCAP_ISXDIGIT(*s)) {
>> -+ buf[4] = buf[4] << 4 | pcapint_xdtoi(*s);
>> -+ fsm_state = BYTE4_XX;
>> -+ break;
>> -+ }
>> -+ goto reject;
>> -+ case BYTE4_XX:
>> -+ if (*s == sep) {
>> -+ fsm_state = BYTE4_SEP_BYTE5;
>> -+ break;
>> -+ }
>> -+ goto reject;
>> -+ case BYTE4_SEP_BYTE5:
>> -+ if (PCAP_ISXDIGIT(*s)) {
>> -+ buf[5] = pcapint_xdtoi(*s);
>> -+ fsm_state = BYTE5_X;
>> -+ break;
>> -+ }
>> -+ goto reject;
>> -+ case BYTE5_X:
>> -+ if (PCAP_ISXDIGIT(*s)) {
>> -+ buf[5] = buf[5] << 4 | pcapint_xdtoi(*s);
>> -+ fsm_state = BYTE5_XX;
>> -+ break;
>> -+ }
>> -+ goto reject;
>> -+ case BYTE5_XX:
>> -+ goto reject;
>> -+ } // switch
>> -+ s++;
>> -+ } // while
>> -+
>> -+ if (fsm_state == BYTE5_X || fsm_state == BYTE5_XX) {
>> -+ // accept
>> -+ memcpy(addr, buf, sizeof(buf));
>> -+ return 1;
>> -+ }
>> -+
>> -+reject:
>> -+ return 0;
>> -+}
>> -+
>> -+// The 'addr' argument must point to an array of at least 6 elements.
>> -+static int
>> -+pcapint_atomac48(const char *s, uint8_t *addr)
>> -+{
>> -+ return s && (
>> -+ pcapint_atomac48_xxxxxxxxxxxx(s, addr) ||
>> -+ pcapint_atomac48_xxxx_3_times(s, addr) ||
>> -+ pcapint_atomac48_x_xx_6_times(s, addr)
>> -+ );
>> -+}
>> -+
>> -+/*
>> -+ * If 's' is a MAC-48 address in one of the forms documented in pcap-filter(7)
>> -+ * for "ether host", return a pointer to an allocated buffer with the binary
>> -+ * value of the address. Return NULL on any error.
>> - */
>> - u_char *
>> - pcap_ether_aton(const char *s)
>> - {
>> -- register u_char *ep, *e;
>> -- register u_char d;
>> -+ uint8_t tmp[6];
>> -+ if (! pcapint_atomac48(s, tmp))
>> -+ return (NULL);
>> -
>> -- e = ep = (u_char *)malloc(6);
>> -+ u_char *e = malloc(6);
>> - if (e == NULL)
>> - return (NULL);
>> --
>> -- while (*s) {
>> -- if (*s == ':' || *s == '.' || *s == '-')
>> -- s += 1;
>> -- d = pcapint_xdtoi(*s++);
>> -- if (PCAP_ISXDIGIT(*s)) {
>> -- d <<= 4;
>> -- d |= pcapint_xdtoi(*s++);
>> -- }
>> -- *ep++ = d;
>> -- }
>> --
>> -+ memcpy(e, tmp, sizeof(tmp));
>> - return (e);
>> - }
>> -
>> diff --git a/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch b/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch
>> deleted file mode 100644
>> index 003d21fb1f..0000000000
>> --- a/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch
>> +++ /dev/null
>> @@ -1,33 +0,0 @@
>> -From 7fabf607f2319a36a0bd78444247180acb838e69 Mon Sep 17 00:00:00 2001
>> -From: Guy Harris <gharris@sonic.net>
>> -Date: Sun, 7 Sep 2025 12:51:56 -0700
>> -Subject: [PATCH] Fix a copy-and-pasteo in utf_16le_to_utf_8_truncated().
>> -
>> -For the four octets of UTF-8 case, it was decrementing the remaining
>> -buffer length by 3, not 4.
>> -
>> -Thanks to a team of developers from the Univesity of Waterloo for
>> -reporting this.
>> -
>> -(cherry picked from commit aebfca1aea2fc8c177760a26e8f4de27b51d1b3b)
>> -
>> -CVE: CVE-2025-11964
>> -Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/7fabf607f2319a36a0bd78444247180acb838e69]
>> -Signed-off-by: Peter Marko <peter.marko@siemens.com>
>> ----
>> - fmtutils.c | 2 +-
>> - 1 file changed, 1 insertion(+), 1 deletion(-)
>> -
>> -diff --git a/fmtutils.c b/fmtutils.c
>> -index a5a4fe62..78a0f8b7 100644
>> ---- a/fmtutils.c
>> -+++ b/fmtutils.c
>> -@@ -235,7 +235,7 @@ utf_16le_to_utf_8_truncated(const wchar_t *utf_16, char *utf_8,
>> - *utf_8++ = ((uc >> 12) & 0x3F) | 0x80;
>> - *utf_8++ = ((uc >> 6) & 0x3F) | 0x80;
>> - *utf_8++ = ((uc >> 0) & 0x3F) | 0x80;
>> -- utf_8_len -= 3;
>> -+ utf_8_len -= 4;
>> - }
>> - }
>> -
>> diff --git a/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb b/meta/recipes-connectivity/libpcap/libpcap_1.10.6.bb
>> similarity index 83%
>> rename from meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb
>> rename to meta/recipes-connectivity/libpcap/libpcap_1.10.6.bb
>> index ee7d7540f6..5cba790012 100644
>> --- a/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb
>> +++ b/meta/recipes-connectivity/libpcap/libpcap_1.10.6.bb
>> @@ -11,15 +11,9 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5eb289217c160e2920d2e35bddc36453 \
>> DEPENDS = "flex-native bison-native"
>>
>> SRC_URI = "https://www.tcpdump.org/release/${BP}.tar.gz \
>> - file://CVE-2023-7256-pre1.patch \
>> - file://CVE-2023-7256.patch \
>> - file://CVE-2024-8006.patch \
>> - file://CVE-2025-11961-01.patch \
>> - file://CVE-2025-11961-02.patch \
>> - file://CVE-2025-11964.patch \
>> "
>>
>> -SRC_URI[sha256sum] = "ed19a0383fad72e3ad435fd239d7cd80d64916b87269550159d20e47160ebe5f"
>> +SRC_URI[sha256sum] = "872dd11337fe1ab02ad9d4fee047c9da244d695c6ddf34e2ebb733efd4ed8aa9"
>>
>> inherit autotools binconfig-disabled pkgconfig
>>
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#235844): https://lists.openembedded.org/g/openembedded-core/message/235844
> Mute This Topic: https://lists.openembedded.org/mt/118738405/3616933
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [kai.kang@windriver.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
--
Kai Kang
Wind River Linux
next prev parent reply other threads:[~2026-05-06 3:06 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-09 6:16 [scarthgap][PATCH 00/12] Fix multiple CVEs jinfeng.wang.cn
2026-04-09 6:16 ` [scarthgap][PATCH 01/12] gi-docgen: fix CVE-2025-11687 jinfeng.wang.cn
2026-04-09 6:16 ` [scarthgap][PATCH 02/12] libsoup: fix CVE-2025-14523/CVE-2025-32049 jinfeng.wang.cn
2026-04-23 17:09 ` [OE-core] " Yoann Congal
2026-04-24 7:16 ` Li, Changqing
2026-04-09 6:16 ` [scarthgap][PATCH 03/12] libsoup-2.4: " jinfeng.wang.cn
2026-04-23 17:13 ` [OE-core] " Yoann Congal
2026-04-24 7:37 ` Li, Changqing
2026-04-09 6:16 ` [scarthgap][PATCH 04/12] python3-ply: fix CVE-2025-56005 jinfeng.wang.cn
2026-04-24 6:45 ` [OE-core] " Yoann Congal
2026-04-27 6:20 ` Chen, Libo (CN)
[not found] ` <18AA22684C0F041F.2188217@lists.openembedded.org>
2026-05-06 8:24 ` Chen, Libo (CN)
2026-05-07 11:02 ` Yoann Congal
2026-04-09 6:16 ` [scarthgap][PATCH 05/12] python3-pyasn1: fix CVE-2026-23490 jinfeng.wang.cn
2026-04-09 6:16 ` [scarthgap][PATCH 06/12] python3-wheel: fix CVE-2026-24049 jinfeng.wang.cn
2026-04-09 6:16 ` [scarthgap][PATCH 07/12] gnupg: fix CVE-2026-24882 jinfeng.wang.cn
2026-04-09 6:16 ` [scarthgap][PATCH 08/12] libxml2: Fix CVE-2026-1757 jinfeng.wang.cn
2026-04-09 6:16 ` [scarthgap][PATCH 09/12] python3-pyasn1: fix CVE-2026-30922 jinfeng.wang.cn
2026-04-24 7:36 ` [OE-core] " Yoann Congal
2026-04-27 6:04 ` Song, Jiaying (CN)
2026-05-07 23:01 ` Yoann Congal
2026-04-09 6:16 ` [scarthgap][PATCH 10/12] busybox: fix CVE-2026-26157 and CVE-2026-26158 jinfeng.wang.cn
2026-04-09 6:16 ` [scarthgap][PATCH 11/12] zlib: upgrade 1.3.1 -> 1.3.2 jinfeng.wang.cn
2026-04-24 8:10 ` [OE-core] " Yoann Congal
2026-04-09 6:16 ` [scarthgap][PATCH 12/12] libpcap: 1.10.4 -> 1.10.6 jinfeng.wang.cn
2026-04-24 8:21 ` [OE-core] " Yoann Congal
2026-05-06 3:05 ` Kai [this message]
2026-05-07 16:32 ` Yoann Congal
2026-05-09 6:17 ` Kai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=150bd5e7-5929-463c-b4eb-8fcaab2fde30@windriver.com \
--to=kai.kang@windriver.com \
--cc=Jinfeng.Wang.CN@windriver.com \
--cc=openembedded-core@lists.openembedded.org \
--cc=yoann.congal@smile.fr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.