From: "Yoann Congal" <yoann.congal@smile.fr>
To: "Marko, Peter" <Peter.Marko@siemens.com>,
"hprajapati@mvista.com" <hprajapati@mvista.com>,
"openembedded-core@lists.openembedded.org"
<openembedded-core@lists.openembedded.org>
Subject: Re: [OE-core] [scarthgap][PATCH] openssl: fix CVE-2025-15467
Date: Wed, 04 Feb 2026 18:29:36 +0100 [thread overview]
Message-ID: <DG6CT2K57CNL.3DJCTHMJC8YS7@smile.fr> (raw)
In-Reply-To: <AS1PR10MB56972FCF587B6954B626995EFD98A@AS1PR10MB5697.EURPRD10.PROD.OUTLOOK.COM>
On Wed Feb 4, 2026 at 6:11 PM CET, Peter Marko wrote:
> Whinlatter should take openssl upgrade instead of patches.
> https://lists.openembedded.org/g/openembedded-core/message/230229
> It is now merged to master so that blocked is gone and it can be taken.
>
> Peter
Yes. Thanks Peter.
I'll will take that patch for the next whinlatter cycle and, then, taking
those scarthgap openssl backports.
> -----Original Message-----
> From: openembedded-core@lists.openembedded.org <openembedded-core@lists.openembedded.org> On Behalf Of Yoann Congal via lists.openembedded.org
> Sent: Wednesday, February 4, 2026 17:50
> To: hprajapati@mvista.com; openembedded-core@lists.openembedded.org
> Subject: Re: [OE-core] [scarthgap][PATCH] openssl: fix CVE-2025-15467
>
> On Fri Jan 30, 2026 at 6:43 AM CET, Hitendra Prajapati via lists.openembedded.org wrote:
>> Upstream-Status: Backport from https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e && https://github.com/openssl/openssl/commit/cdccf8f2ef17ae020bd69360c43a39306b89c381 && https://github.com/openssl/openssl/commit/e0666f72294691a808443970b654412a6d92fa0f
>>
>> Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
>> ---
>> .../openssl/openssl/CVE-2025-15467-01.patch | 40 ++++++
>> .../openssl/openssl/CVE-2025-15467-02.patch | 65 +++++++++
>> .../openssl/openssl/CVE-2025-15467-03.patch | 128 ++++++++++++++++++
>> .../openssl/openssl_3.2.6.bb | 3 +
>> 4 files changed, 236 insertions(+)
>> create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2025-15467-01.patch
>> create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2025-15467-02.patch
>> create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2025-15467-03.patch
>
> Hello,
>
> Thanks for the patch.
>
> As far as I can tell, CVE-2025-15467 does also impact whinlatter. Can you
> send a fix there (either by then backport or maybe an upgrade?)
>
> Thanks!
--
Yoann Congal
Smile ECS
next prev parent reply other threads:[~2026-02-04 17:29 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-30 5:43 [scarthgap][PATCH] openssl: fix CVE-2025-15467 Hitendra Prajapati
2026-02-04 16:49 ` [OE-core] " Yoann Congal
2026-02-04 17:11 ` Marko, Peter
2026-02-04 17:29 ` Yoann Congal [this message]
2026-02-19 10:02 ` Yoann Congal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DG6CT2K57CNL.3DJCTHMJC8YS7@smile.fr \
--to=yoann.congal@smile.fr \
--cc=Peter.Marko@siemens.com \
--cc=hprajapati@mvista.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox