[scarthgap][PATCH] openssl: fix CVE-2025-69419

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

* [scarthgap][PATCH] openssl: fix CVE-2025-69419
@ 2026-02-02 12:35 Hitendra Prajapati
  2026-02-04 17:06 ` [OE-core] " Yoann Congal
  2026-02-19 11:17 ` Yoann Congal
  0 siblings, 2 replies; 3+ messages in thread
From: Hitendra Prajapati @ 2026-02-02 12:35 UTC (permalink / raw)
  To: openembedded-core; +Cc: Hitendra Prajapati

Upstream-Status: Backport from https://github.com/openssl/openssl/commit/41be0f216404f14457bbf3b9cc488dba60b49296

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
---
 .../openssl/openssl/CVE-2025-69419.patch      | 61 +++++++++++++++++++
 .../openssl/openssl_3.2.6.bb                  |  1 +
 2 files changed, 62 insertions(+)
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2025-69419.patch

diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2025-69419.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2025-69419.patch
new file mode 100644
index 0000000000..dcfdba82ac
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2025-69419.patch
@@ -0,0 +1,61 @@
+From 41be0f216404f14457bbf3b9cc488dba60b49296 Mon Sep 17 00:00:00 2001
+From: Norbert Pocs <norbertp@openssl.org>
+Date: Thu, 11 Dec 2025 12:49:00 +0100
+Subject: [PATCH] Check return code of UTF8_putc
+
+Signed-off-by: Norbert Pocs <norbertp@openssl.org>
+
+Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
+Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/29376)
+
+CVE: CVE-2025-69419
+Upstream-Status: Backport [https://github.com/openssl/openssl/commit/41be0f216404f14457bbf3b9cc488dba60b49296]
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ crypto/asn1/a_strex.c   |  6 ++++--
+ crypto/pkcs12/p12_utl.c | 11 +++++++++--
+ 2 files changed, 13 insertions(+), 4 deletions(-)
+
+diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c
+index f64e352..7d76700 100644
+--- a/crypto/asn1/a_strex.c
++++ b/crypto/asn1/a_strex.c
+@@ -204,8 +204,10 @@ static int do_buf(unsigned char *buf, int buflen,
+             orflags = CHARTYPE_LAST_ESC_2253;
+         if (type & BUF_TYPE_CONVUTF8) {
+             unsigned char utfbuf[6];
+-            int utflen;
+-            utflen = UTF8_putc(utfbuf, sizeof(utfbuf), c);
++            int utflen = UTF8_putc(utfbuf, sizeof(utfbuf), c);
++
++            if (utflen < 0)
++                return -1; /* error happened with UTF8 */
+             for (i = 0; i < utflen; i++) {
+                 /*
+                  * We don't need to worry about setting orflags correctly
+diff --git a/crypto/pkcs12/p12_utl.c b/crypto/pkcs12/p12_utl.c
+index a96623f..b109dab 100644
+--- a/crypto/pkcs12/p12_utl.c
++++ b/crypto/pkcs12/p12_utl.c
+@@ -206,8 +206,15 @@ char *OPENSSL_uni2utf8(const unsigned char *uni, int unilen)
+     /* re-run the loop emitting UTF-8 string */
+     for (asclen = 0, i = 0; i < unilen; ) {
+         j = bmp_to_utf8(asctmp+asclen, uni+i, unilen-i);
+-        if (j == 4) i += 4;
+-        else        i += 2;
++	/* when UTF8_putc fails */
++        if (j < 0) {
++            OPENSSL_free(asctmp);
++            return NULL;
++        }
++        if (j == 4)
++	    i += 4;
++        else
++	    i += 2;
+         asclen += j;
+     }
+ 
+-- 
+2.50.1
+
diff --git a/meta/recipes-connectivity/openssl/openssl_3.2.6.bb b/meta/recipes-connectivity/openssl/openssl_3.2.6.bb
index 4fd13d52fe..88fa0285cd 100644
--- a/meta/recipes-connectivity/openssl/openssl_3.2.6.bb
+++ b/meta/recipes-connectivity/openssl/openssl_3.2.6.bb
@@ -17,6 +17,7 @@ SRC_URI = "https://github.com/openssl/openssl/releases/download/openssl-${PV}/op
            file://CVE-2025-15467-02.patch \
            file://CVE-2025-15467-03.patch \
            file://CVE-2025-15468.patch \
+           file://CVE-2025-69419.patch \
            "
 
 SRC_URI:append:class-nativesdk = " \
-- 
2.50.1



^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [OE-core] [scarthgap][PATCH] openssl: fix CVE-2025-69419
  2026-02-02 12:35 [scarthgap][PATCH] openssl: fix CVE-2025-69419 Hitendra Prajapati
@ 2026-02-04 17:06 ` Yoann Congal
  2026-02-19 11:17 ` Yoann Congal
  1 sibling, 0 replies; 3+ messages in thread
From: Yoann Congal @ 2026-02-04 17:06 UTC (permalink / raw)
  To: hprajapati, openembedded-core

On Mon Feb 2, 2026 at 1:35 PM CET, Hitendra Prajapati via lists.openembedded.org wrote:
> Upstream-Status: Backport from https://github.com/openssl/openssl/commit/41be0f216404f14457bbf3b9cc488dba60b49296
>
> Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
> ---
>  .../openssl/openssl/CVE-2025-69419.patch      | 61 +++++++++++++++++++
>  .../openssl/openssl_3.2.6.bb                  |  1 +
>  2 files changed, 62 insertions(+)
>  create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2025-69419.patch

Hello,

Thanks for the patch.

(Same as CVE-2025-15467)
As far as I can tell, CVE-2025-69419 does also impact whinlatter. Can you
send a fix there (either by then backport or maybe an upgrade?)

Thanks!

-- 
Yoann Congal
Smile ECS



^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [OE-core] [scarthgap][PATCH] openssl: fix CVE-2025-69419
  2026-02-02 12:35 [scarthgap][PATCH] openssl: fix CVE-2025-69419 Hitendra Prajapati
  2026-02-04 17:06 ` [OE-core] " Yoann Congal
@ 2026-02-19 11:17 ` Yoann Congal
  1 sibling, 0 replies; 3+ messages in thread
From: Yoann Congal @ 2026-02-19 11:17 UTC (permalink / raw)
  To: hprajapati, openembedded-core

On Mon Feb 2, 2026 at 1:35 PM CET, Hitendra Prajapati via lists.openembedded.org wrote:
> Upstream-Status: Backport from https://github.com/openssl/openssl/commit/41be0f216404f14457bbf3b9cc488dba60b49296

Same remark as https://lists.openembedded.org/g/openembedded-core/topic/117540534#msg231419

Can you send a V2 with an improved commit message please? Content of the
patch looks good.

Thanks!

>
> Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
> ---
>  .../openssl/openssl/CVE-2025-69419.patch      | 61 +++++++++++++++++++
>  .../openssl/openssl_3.2.6.bb                  |  1 +
>  2 files changed, 62 insertions(+)
>  create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2025-69419.patch
>
> diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2025-69419.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2025-69419.patch
> new file mode 100644
> index 0000000000..dcfdba82ac
> --- /dev/null
> +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2025-69419.patch
> @@ -0,0 +1,61 @@
> +From 41be0f216404f14457bbf3b9cc488dba60b49296 Mon Sep 17 00:00:00 2001
> +From: Norbert Pocs <norbertp@openssl.org>
> +Date: Thu, 11 Dec 2025 12:49:00 +0100
> +Subject: [PATCH] Check return code of UTF8_putc
> +
> +Signed-off-by: Norbert Pocs <norbertp@openssl.org>
> +
> +Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
> +Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
> +(Merged from https://github.com/openssl/openssl/pull/29376)
> +
> +CVE: CVE-2025-69419
> +Upstream-Status: Backport [https://github.com/openssl/openssl/commit/41be0f216404f14457bbf3b9cc488dba60b49296]
> +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
> +---
> + crypto/asn1/a_strex.c   |  6 ++++--
> + crypto/pkcs12/p12_utl.c | 11 +++++++++--
> + 2 files changed, 13 insertions(+), 4 deletions(-)
> +
> +diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c
> +index f64e352..7d76700 100644
> +--- a/crypto/asn1/a_strex.c
> ++++ b/crypto/asn1/a_strex.c
> +@@ -204,8 +204,10 @@ static int do_buf(unsigned char *buf, int buflen,
> +             orflags = CHARTYPE_LAST_ESC_2253;
> +         if (type & BUF_TYPE_CONVUTF8) {
> +             unsigned char utfbuf[6];
> +-            int utflen;
> +-            utflen = UTF8_putc(utfbuf, sizeof(utfbuf), c);
> ++            int utflen = UTF8_putc(utfbuf, sizeof(utfbuf), c);
> ++
> ++            if (utflen < 0)
> ++                return -1; /* error happened with UTF8 */
> +             for (i = 0; i < utflen; i++) {
> +                 /*
> +                  * We don't need to worry about setting orflags correctly
> +diff --git a/crypto/pkcs12/p12_utl.c b/crypto/pkcs12/p12_utl.c
> +index a96623f..b109dab 100644
> +--- a/crypto/pkcs12/p12_utl.c
> ++++ b/crypto/pkcs12/p12_utl.c
> +@@ -206,8 +206,15 @@ char *OPENSSL_uni2utf8(const unsigned char *uni, int unilen)
> +     /* re-run the loop emitting UTF-8 string */
> +     for (asclen = 0, i = 0; i < unilen; ) {
> +         j = bmp_to_utf8(asctmp+asclen, uni+i, unilen-i);
> +-        if (j == 4) i += 4;
> +-        else        i += 2;
> ++	/* when UTF8_putc fails */
> ++        if (j < 0) {
> ++            OPENSSL_free(asctmp);
> ++            return NULL;
> ++        }
> ++        if (j == 4)
> ++	    i += 4;
> ++        else
> ++	    i += 2;
> +         asclen += j;
> +     }
> + 
> +-- 
> +2.50.1
> +
> diff --git a/meta/recipes-connectivity/openssl/openssl_3.2.6.bb b/meta/recipes-connectivity/openssl/openssl_3.2.6.bb
> index 4fd13d52fe..88fa0285cd 100644
> --- a/meta/recipes-connectivity/openssl/openssl_3.2.6.bb
> +++ b/meta/recipes-connectivity/openssl/openssl_3.2.6.bb
> @@ -17,6 +17,7 @@ SRC_URI = "https://github.com/openssl/openssl/releases/download/openssl-${PV}/op
>             file://CVE-2025-15467-02.patch \
>             file://CVE-2025-15467-03.patch \
>             file://CVE-2025-15468.patch \
> +           file://CVE-2025-69419.patch \
>             "
>  
>  SRC_URI:append:class-nativesdk = " \


-- 
Yoann Congal
Smile ECS



^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2026-02-19 11:17 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-02-02 12:35 [scarthgap][PATCH] openssl: fix CVE-2025-69419 Hitendra Prajapati
2026-02-04 17:06 ` [OE-core] " Yoann Congal
2026-02-19 11:17 ` Yoann Congal

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox