* [OE-core][scarthgap 01/16] libsoup-2.4: fix CVE-2025-32052
2025-06-10 19:33 [OE-core][scarthgap 00/16] Patch review Steve Sakoman
@ 2025-06-10 19:33 ` Steve Sakoman
2025-06-10 19:33 ` [OE-core][scarthgap 02/16] libsoup: " Steve Sakoman
` (14 subsequent siblings)
15 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:33 UTC (permalink / raw)
To: openembedded-core
From: Changqing Li <changqing.li@windriver.com>
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/425
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../libsoup/libsoup-2.4/CVE-2025-32052.patch | 32 +++++++++++++++++++
.../libsoup/libsoup-2.4_2.74.3.bb | 1 +
2 files changed, 33 insertions(+)
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32052.patch
diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32052.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32052.patch
new file mode 100644
index 0000000000..34bc8113a4
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32052.patch
@@ -0,0 +1,32 @@
+From f4a67a9a3033586edaee715d40d5992e02d32893 Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Sat, 16 Nov 2024 12:07:30 -0600
+Subject: [PATCH] Fix heap buffer overflow in soup_content_sniffer_sniff
+
+Co-Author: Ar Jun <pkillarjun@protonmail.com>
+
+CVE: CVE-2025-32052
+Upstream-Status: Backport
+[https://gitlab.gnome.org/GNOME/libsoup/-/commit/f182429e5b1fc034050510da20c93256c4fa9652#500da7cfde649872c49169be34b03a1c42a53ddb]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-content-sniffer.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-content-sniffer.c b/libsoup/soup-content-sniffer.c
+index 9554636..eac9e7b 100644
+--- a/libsoup/soup-content-sniffer.c
++++ b/libsoup/soup-content-sniffer.c
+@@ -504,7 +504,7 @@ sniff_unknown (SoupContentSniffer *sniffer, SoupBuffer *buffer,
+ guint index_pattern = 0;
+ gboolean skip_row = FALSE;
+
+- while ((index_stream < resource_length) &&
++ while ((index_stream < resource_length - 1) &&
+ (index_pattern <= type_row->pattern_length)) {
+ /* Skip insignificant white space ("WS" in the spec) */
+ if (type_row->pattern[index_pattern] == ' ') {
+--
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
index 9a2778bf92..96bb53a033 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
@@ -34,6 +34,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
file://CVE-2025-4969.patch \
file://CVE-2025-32907.patch \
file://CVE-2025-32053.patch \
+ file://CVE-2025-32052.patch \
"
SRC_URI[sha256sum] = "e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13"
--
2.43.0
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][scarthgap 02/16] libsoup: fix CVE-2025-32052
2025-06-10 19:33 [OE-core][scarthgap 00/16] Patch review Steve Sakoman
2025-06-10 19:33 ` [OE-core][scarthgap 01/16] libsoup-2.4: fix CVE-2025-32052 Steve Sakoman
@ 2025-06-10 19:33 ` Steve Sakoman
2025-06-10 19:33 ` [OE-core][scarthgap 03/16] libsoup: fix CVE-2025-32051 Steve Sakoman
` (13 subsequent siblings)
15 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:33 UTC (permalink / raw)
To: openembedded-core
From: Changqing Li <changqing.li@windriver.com>
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/425
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../libsoup-3.4.4/CVE-2025-32052.patch | 31 +++++++++++++++++++
meta/recipes-support/libsoup/libsoup_3.4.4.bb | 1 +
2 files changed, 32 insertions(+)
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32052.patch
diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32052.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32052.patch
new file mode 100644
index 0000000000..78b712070b
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32052.patch
@@ -0,0 +1,31 @@
+From 779bcb279b1dc4eb8bcb22c5e727b1174630c3fc Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Sat, 16 Nov 2024 12:07:30 -0600
+Subject: [PATCH] Fix heap buffer overflow in soup_content_sniffer_sniff
+
+Co-Author: Ar Jun <pkillarjun@protonmail.com>
+
+CVE: CVE-2025-32052
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/f182429e5b1fc034050510da20c93256c4fa9652]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/content-sniffer/soup-content-sniffer.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libsoup/content-sniffer/soup-content-sniffer.c b/libsoup/content-sniffer/soup-content-sniffer.c
+index 23d5aaa..aeee2e2 100644
+--- a/libsoup/content-sniffer/soup-content-sniffer.c
++++ b/libsoup/content-sniffer/soup-content-sniffer.c
+@@ -529,7 +529,7 @@ sniff_unknown (SoupContentSniffer *sniffer, GBytes *buffer,
+ guint index_pattern = 0;
+ gboolean skip_row = FALSE;
+
+- while ((index_stream < resource_length) &&
++ while ((index_stream < resource_length - 1) &&
+ (index_pattern <= type_row->pattern_length)) {
+ /* Skip insignificant white space ("WS" in the spec) */
+ if (type_row->pattern[index_pattern] == ' ') {
+--
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
index ff0ae0afad..e7dccb6380 100644
--- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
@@ -37,6 +37,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
file://CVE-2025-32907-1.patch \
file://CVE-2025-32907-2.patch \
file://CVE-2025-32053.patch \
+ file://CVE-2025-32052.patch \
"
SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa"
--
2.43.0
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][scarthgap 03/16] libsoup: fix CVE-2025-32051
2025-06-10 19:33 [OE-core][scarthgap 00/16] Patch review Steve Sakoman
2025-06-10 19:33 ` [OE-core][scarthgap 01/16] libsoup-2.4: fix CVE-2025-32052 Steve Sakoman
2025-06-10 19:33 ` [OE-core][scarthgap 02/16] libsoup: " Steve Sakoman
@ 2025-06-10 19:33 ` Steve Sakoman
2025-06-10 19:33 ` [OE-core][scarthgap 04/16] libsoup-2.4: fix CVE-2025-32050 Steve Sakoman
` (12 subsequent siblings)
15 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:33 UTC (permalink / raw)
To: openembedded-core
From: Changqing Li <changqing.li@windriver.com>
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/401
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../libsoup-3.4.4/CVE-2025-32051-1.patch | 29 ++++++++++
.../libsoup-3.4.4/CVE-2025-32051-2.patch | 57 +++++++++++++++++++
meta/recipes-support/libsoup/libsoup_3.4.4.bb | 2 +
3 files changed, 88 insertions(+)
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-1.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-2.patch
diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-1.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-1.patch
new file mode 100644
index 0000000000..efeda48b11
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-1.patch
@@ -0,0 +1,29 @@
+From dc5db30989f385303c79ec3188c52e33f6f5886e Mon Sep 17 00:00:00 2001
+From: Ar Jun <pkillarjun@protonmail.com>
+Date: Sat, 16 Nov 2024 11:50:09 -0600
+Subject: [PATCH 1/2] Fix possible NULL deref in soup_uri_decode_data_uri
+
+CVE: CVE-2025-32051
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/0713ba4a719da938dc8facc89fca99cd0aa3069f]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-uri-utils.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libsoup/soup-uri-utils.c b/libsoup/soup-uri-utils.c
+index be2b79b..0251279 100644
+--- a/libsoup/soup-uri-utils.c
++++ b/libsoup/soup-uri-utils.c
+@@ -303,6 +303,8 @@ soup_uri_decode_data_uri (const char *uri,
+
+ uri_string = g_uri_to_string (soup_uri);
+ g_uri_unref (soup_uri);
++ if (!uri_string)
++ return NULL;
+
+ start = uri_string + 5;
+ comma = strchr (start, ',');
+--
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-2.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-2.patch
new file mode 100644
index 0000000000..24c184bb86
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-2.patch
@@ -0,0 +1,57 @@
+From 7d1557a60145927806c88d321e8322a9d9f49bb2 Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Fri, 22 Nov 2024 13:39:51 -0600
+Subject: [PATCH 2/2] soup_uri_decode_data_uri(): Handle URIs with a path
+ starting with //
+
+CVE: CVE-2025-32051
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/79cfd65c9bd8024cd45dd725c284766329873709]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-uri-utils.c | 8 ++++++++
+ tests/uri-parsing-test.c | 2 ++
+ 2 files changed, 10 insertions(+)
+
+diff --git a/libsoup/soup-uri-utils.c b/libsoup/soup-uri-utils.c
+index 0251279..1ff11cd 100644
+--- a/libsoup/soup-uri-utils.c
++++ b/libsoup/soup-uri-utils.c
+@@ -286,6 +286,7 @@ soup_uri_decode_data_uri (const char *uri,
+ gboolean base64 = FALSE;
+ char *uri_string;
+ GBytes *bytes;
++ const char *path;
+
+ g_return_val_if_fail (uri != NULL, NULL);
+
+@@ -301,6 +302,13 @@ soup_uri_decode_data_uri (const char *uri,
+ if (content_type)
+ *content_type = NULL;
+
++ /* g_uri_to_string() is picky about paths that start with `//` and will assert. */
++ path = g_uri_get_path (soup_uri);
++ if (path[0] == '/' && path[1] == '/') {
++ g_uri_unref (soup_uri);
++ return NULL;
++ }
++
+ uri_string = g_uri_to_string (soup_uri);
+ g_uri_unref (soup_uri);
+ if (!uri_string)
+diff --git a/tests/uri-parsing-test.c b/tests/uri-parsing-test.c
+index 1f16273..418391e 100644
+--- a/tests/uri-parsing-test.c
++++ b/tests/uri-parsing-test.c
+@@ -141,6 +141,8 @@ static struct {
+ { "data:text/plain;base64,aGVsbG8=", "hello", "text/plain" },
+ { "data:text/plain;base64,invalid=", "", "text/plain" },
+ { "data:,", "", CONTENT_TYPE_DEFAULT },
++ { "data:.///", NULL, NULL },
++ { "data:/.//", NULL, NULL },
+ };
+
+ static void
+--
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
index e7dccb6380..9af7de192f 100644
--- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
@@ -38,6 +38,8 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
file://CVE-2025-32907-2.patch \
file://CVE-2025-32053.patch \
file://CVE-2025-32052.patch \
+ file://CVE-2025-32051-1.patch \
+ file://CVE-2025-32051-2.patch \
"
SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa"
--
2.43.0
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][scarthgap 04/16] libsoup-2.4: fix CVE-2025-32050
2025-06-10 19:33 [OE-core][scarthgap 00/16] Patch review Steve Sakoman
` (2 preceding siblings ...)
2025-06-10 19:33 ` [OE-core][scarthgap 03/16] libsoup: fix CVE-2025-32051 Steve Sakoman
@ 2025-06-10 19:33 ` Steve Sakoman
2025-06-10 19:34 ` [OE-core][scarthgap 05/16] libsoup: " Steve Sakoman
` (11 subsequent siblings)
15 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:33 UTC (permalink / raw)
To: openembedded-core
From: Changqing Li <changqing.li@windriver.com>
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/424
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../libsoup/libsoup-2.4/CVE-2025-32050.patch | 29 +++++++++++++++++++
.../libsoup/libsoup-2.4_2.74.3.bb | 1 +
2 files changed, 30 insertions(+)
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32050.patch
diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32050.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32050.patch
new file mode 100644
index 0000000000..c032846ef0
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32050.patch
@@ -0,0 +1,29 @@
+From 5709dfffb6fdc5b66ce001bf82a755ad8ad1d992 Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Mon, 28 Oct 2024 12:29:48 -0500
+Subject: [PATCH] Fix using int instead of size_t for strcspn return
+
+CVE: CVE-2025-32050
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/9bb0a55de55c6940ced811a64fbca82fe93a9323]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-headers.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-headers.c b/libsoup/soup-headers.c
+index 9707ca0..67905b2 100644
+--- a/libsoup/soup-headers.c
++++ b/libsoup/soup-headers.c
+@@ -902,7 +902,7 @@ append_param_quoted (GString *string,
+ const char *name,
+ const char *value)
+ {
+- int len;
++ gsize len;
+
+ g_string_append (string, name);
+ g_string_append (string, "=\"");
+--
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
index 96bb53a033..a4a8a03152 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
@@ -35,6 +35,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
file://CVE-2025-32907.patch \
file://CVE-2025-32053.patch \
file://CVE-2025-32052.patch \
+ file://CVE-2025-32050.patch \
"
SRC_URI[sha256sum] = "e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13"
--
2.43.0
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][scarthgap 05/16] libsoup: fix CVE-2025-32050
2025-06-10 19:33 [OE-core][scarthgap 00/16] Patch review Steve Sakoman
` (3 preceding siblings ...)
2025-06-10 19:33 ` [OE-core][scarthgap 04/16] libsoup-2.4: fix CVE-2025-32050 Steve Sakoman
@ 2025-06-10 19:34 ` Steve Sakoman
2025-06-10 19:34 ` [OE-core][scarthgap 06/16] libsoup-2.4: fix CVE-2025-46421 Steve Sakoman
` (10 subsequent siblings)
15 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:34 UTC (permalink / raw)
To: openembedded-core
From: Changqing Li <changqing.li@windriver.com>
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/424
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../libsoup-3.4.4/CVE-2025-32050.patch | 29 +++++++++++++++++++
meta/recipes-support/libsoup/libsoup_3.4.4.bb | 1 +
2 files changed, 30 insertions(+)
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32050.patch
diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32050.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32050.patch
new file mode 100644
index 0000000000..e5a4d747a1
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32050.patch
@@ -0,0 +1,29 @@
+From 30c86c9a284cf6f366ac87df0bca3e18a5de8671 Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Mon, 28 Oct 2024 12:29:48 -0500
+Subject: [PATCH] Fix using int instead of size_t for strcspn return
+
+CVE: CVE-2025-32050
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/9bb0a55de55c6940ced811a64fbca82fe93a9323]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-headers.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-headers.c b/libsoup/soup-headers.c
+index 5fb32c2..52ef2ec 100644
+--- a/libsoup/soup-headers.c
++++ b/libsoup/soup-headers.c
+@@ -906,7 +906,7 @@ append_param_quoted (GString *string,
+ const char *name,
+ const char *value)
+ {
+- int len;
++ gsize len;
+
+ g_string_append (string, name);
+ g_string_append (string, "=\"");
+--
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
index 9af7de192f..23d44d1572 100644
--- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
@@ -40,6 +40,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
file://CVE-2025-32052.patch \
file://CVE-2025-32051-1.patch \
file://CVE-2025-32051-2.patch \
+ file://CVE-2025-32050.patch \
"
SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa"
--
2.43.0
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][scarthgap 06/16] libsoup-2.4: fix CVE-2025-46421
2025-06-10 19:33 [OE-core][scarthgap 00/16] Patch review Steve Sakoman
` (4 preceding siblings ...)
2025-06-10 19:34 ` [OE-core][scarthgap 05/16] libsoup: " Steve Sakoman
@ 2025-06-10 19:34 ` Steve Sakoman
2025-06-10 19:34 ` [OE-core][scarthgap 07/16] libsoup: " Steve Sakoman
` (9 subsequent siblings)
15 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:34 UTC (permalink / raw)
To: openembedded-core
From: Changqing Li <changqing.li@windriver.com>
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/439
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../libsoup/libsoup-2.4/CVE-2025-46421.patch | 47 +++++++++++++++++++
.../libsoup/libsoup-2.4_2.74.3.bb | 1 +
2 files changed, 48 insertions(+)
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-46421.patch
diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-46421.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-46421.patch
new file mode 100644
index 0000000000..26067c4bb8
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-46421.patch
@@ -0,0 +1,47 @@
+From 5eb225f02bb35de56cfeedd87bde716bf1cb750b Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Wed, 5 Feb 2025 16:18:10 -0600
+Subject: [PATCH] session: Strip authentication credentails on
+ cross-origin redirect
+
+This should match the behavior of Firefox and Safari but not of Chromium.
+
+CVE: CVE-2025-46421
+Upstream-Status: Backport
+[https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/436/diffs?commit_id=3e5c26415811f19e7737238bb23305ffaf96f66b]
+
+Test code not added since it included some headers not in version 2.74.3
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-session.c | 8 +++++++-
+ 1 files changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-session.c b/libsoup/soup-session.c
+index 83421ef..8d6ac61 100644
+--- a/libsoup/soup-session.c
++++ b/libsoup/soup-session.c
+@@ -1189,12 +1189,18 @@ soup_session_redirect_message (SoupSession *session, SoupMessage *msg)
+ SOUP_ENCODING_NONE);
+ }
+
++ /* Strip all credentials on cross-origin redirect. */
++ if (!soup_uri_host_equal (soup_message_get_uri (msg), new_uri)) {
++ soup_message_headers_remove (msg->request_headers, "Authorization");
++ soup_message_set_auth (msg, NULL);
++ }
++
+ soup_message_set_uri (msg, new_uri);
+ soup_uri_free (new_uri);
+
+ soup_session_requeue_message (session, msg);
+ return TRUE;
+-}
++}
+
+ static void
+ redirect_handler (SoupMessage *msg, gpointer user_data)
+
+--
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
index a4a8a03152..4a00dafe47 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
@@ -36,6 +36,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
file://CVE-2025-32053.patch \
file://CVE-2025-32052.patch \
file://CVE-2025-32050.patch \
+ file://CVE-2025-46421.patch \
"
SRC_URI[sha256sum] = "e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13"
--
2.43.0
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][scarthgap 07/16] libsoup: fix CVE-2025-46421
2025-06-10 19:33 [OE-core][scarthgap 00/16] Patch review Steve Sakoman
` (5 preceding siblings ...)
2025-06-10 19:34 ` [OE-core][scarthgap 06/16] libsoup-2.4: fix CVE-2025-46421 Steve Sakoman
@ 2025-06-10 19:34 ` Steve Sakoman
2025-06-10 19:34 ` [OE-core][scarthgap 08/16] libsoup-2.4: fix CVE-2025-4948 Steve Sakoman
` (8 subsequent siblings)
15 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:34 UTC (permalink / raw)
To: openembedded-core
From: Changqing Li <changqing.li@windriver.com>
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/439
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../libsoup-3.4.4/CVE-2025-46421.patch | 139 ++++++++++++++++++
meta/recipes-support/libsoup/libsoup_3.4.4.bb | 1 +
2 files changed, 140 insertions(+)
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-46421.patch
diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-46421.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-46421.patch
new file mode 100644
index 0000000000..72683d8fce
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-46421.patch
@@ -0,0 +1,139 @@
+From 85c5227eef7370832044eb918e8a99c0bcbab86f Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Wed, 5 Feb 2025 16:18:10 -0600
+Subject: [PATCH] session: Strip authentication credentails on cross-origin
+ redirect
+
+This should match the behavior of Firefox and Safari but not of Chromium.
+
+CVE: CVE-2025-46421
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/436/diffs?commit_id=3e5c26415811f19e7737238bb23305ffaf96f66b]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-session.c | 6 ++++
+ tests/auth-test.c | 77 ++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 83 insertions(+)
+
+diff --git a/libsoup/soup-session.c b/libsoup/soup-session.c
+index 631bec0..9f00b05 100644
+--- a/libsoup/soup-session.c
++++ b/libsoup/soup-session.c
+@@ -1230,6 +1230,12 @@ soup_session_redirect_message (SoupSession *session,
+ SOUP_ENCODING_NONE);
+ }
+
++ /* Strip all credentials on cross-origin redirect. */
++ if (!soup_uri_host_equal (soup_message_get_uri (msg), new_uri)) {
++ soup_message_headers_remove_common (soup_message_get_request_headers (msg), SOUP_HEADER_AUTHORIZATION);
++ soup_message_set_auth (msg, NULL);
++ }
++
+ soup_message_set_request_host_from_uri (msg, new_uri);
+ soup_message_set_uri (msg, new_uri);
+ g_uri_unref (new_uri);
+diff --git a/tests/auth-test.c b/tests/auth-test.c
+index 484097f..7c3b551 100644
+--- a/tests/auth-test.c
++++ b/tests/auth-test.c
+@@ -1,6 +1,7 @@
+ /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+ #include "test-utils.h"
++#include "soup-uri-utils-private.h"
+
+ static const char *base_uri;
+ static GMainLoop *loop;
+@@ -1916,6 +1917,81 @@ do_missing_params_test (gconstpointer auth_header)
+ soup_test_server_quit_unref (server);
+ }
+
++static void
++redirect_server_callback (SoupServer *server,
++ SoupServerMessage *msg,
++ const char *path,
++ GHashTable *query,
++ gpointer user_data)
++{
++ static gboolean redirected = FALSE;
++
++ if (!redirected) {
++ char *redirect_uri = g_uri_to_string (user_data);
++ soup_server_message_set_redirect (msg, SOUP_STATUS_MOVED_PERMANENTLY, redirect_uri);
++ g_free (redirect_uri);
++ redirected = TRUE;
++ return;
++ }
++
++ g_assert_not_reached ();
++}
++
++static gboolean
++auth_for_redirect_callback (SoupMessage *msg, SoupAuth *auth, gboolean retrying, gpointer user_data)
++{
++ GUri *known_server_uri = user_data;
++
++ if (!soup_uri_host_equal (known_server_uri, soup_message_get_uri (msg)))
++ return FALSE;
++
++ soup_auth_authenticate (auth, "user", "good-basic");
++
++ return TRUE;
++}
++
++static void
++do_strip_on_crossorigin_redirect (void)
++{
++ SoupSession *session;
++ SoupMessage *msg;
++ SoupServer *server1, *server2;
++ SoupAuthDomain *auth_domain;
++ GUri *uri;
++ gint status;
++
++ server1 = soup_test_server_new (SOUP_TEST_SERVER_IN_THREAD);
++ server2 = soup_test_server_new (SOUP_TEST_SERVER_IN_THREAD);
++
++ /* Both servers have the same credentials. */
++ auth_domain = soup_auth_domain_basic_new ("realm", "auth-test", "auth-callback", server_basic_auth_callback, NULL);
++ soup_auth_domain_add_path (auth_domain, "/");
++ soup_server_add_auth_domain (server1, auth_domain);
++ soup_server_add_auth_domain (server2, auth_domain);
++ g_object_unref (auth_domain);
++
++ /* Server 1 asks for auth, then redirects to Server 2. */
++ soup_server_add_handler (server1, NULL,
++ redirect_server_callback,
++ soup_test_server_get_uri (server2, "http", NULL), (GDestroyNotify)g_uri_unref);
++ /* Server 2 requires auth. */
++ soup_server_add_handler (server2, NULL, server_callback, NULL, NULL);
++
++ session = soup_test_session_new (NULL);
++ uri = soup_test_server_get_uri (server1, "http", NULL);
++ msg = soup_message_new_from_uri ("GET", uri);
++ /* The client only sends credentials for the host it knows. */
++ g_signal_connect (msg, "authenticate", G_CALLBACK (auth_for_redirect_callback), uri);
++
++ status = soup_test_session_send_message (session, msg);
++
++ g_assert_cmpint (status, ==, SOUP_STATUS_UNAUTHORIZED);
++
++ g_uri_unref (uri);
++ soup_test_server_quit_unref (server1);
++ soup_test_server_quit_unref (server2);
++}
++
+ int
+ main (int argc, char **argv)
+ {
+@@ -1949,6 +2025,7 @@ main (int argc, char **argv)
+ g_test_add_func ("/auth/auth-uri", do_auth_uri_test);
+ g_test_add_func ("/auth/cancel-request-on-authenticate", do_cancel_request_on_authenticate);
+ g_test_add_func ("/auth/multiple-algorithms", do_multiple_digest_algorithms);
++ g_test_add_func ("/auth/strip-on-crossorigin-redirect", do_strip_on_crossorigin_redirect);
+ g_test_add_data_func ("/auth/missing-params/realm", "Digest qop=\"auth\"", do_missing_params_test);
+ g_test_add_data_func ("/auth/missing-params/nonce", "Digest realm=\"auth-test\", qop=\"auth,auth-int\", opaque=\"5ccc069c403ebaf9f0171e9517f40e41\"", do_missing_params_test);
+ g_test_add_data_func ("/auth/missing-params/nonce-md5-sess", "Digest realm=\"auth-test\", qop=\"auth,auth-int\", opaque=\"5ccc069c403ebaf9f0171e9517f40e41\" algorithm=\"MD5-sess\"", do_missing_params_test);
+--
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
index 23d44d1572..473a980b1a 100644
--- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
@@ -41,6 +41,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
file://CVE-2025-32051-1.patch \
file://CVE-2025-32051-2.patch \
file://CVE-2025-32050.patch \
+ file://CVE-2025-46421.patch \
"
SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa"
--
2.43.0
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][scarthgap 08/16] libsoup-2.4: fix CVE-2025-4948
2025-06-10 19:33 [OE-core][scarthgap 00/16] Patch review Steve Sakoman
` (6 preceding siblings ...)
2025-06-10 19:34 ` [OE-core][scarthgap 07/16] libsoup: " Steve Sakoman
@ 2025-06-10 19:34 ` Steve Sakoman
2025-06-10 19:34 ` [OE-core][scarthgap 09/16] libsoup: " Steve Sakoman
` (7 subsequent siblings)
15 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:34 UTC (permalink / raw)
To: openembedded-core
From: Changqing Li <changqing.li@windriver.com>
Refer:
http://gitlab.gnome.org/GNOME/libsoup/-/issues/449
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../libsoup/libsoup-2.4/CVE-2025-4948.patch | 38 +++++++++++++++++++
.../libsoup/libsoup-2.4_2.74.3.bb | 1 +
2 files changed, 39 insertions(+)
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4948.patch
diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4948.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4948.patch
new file mode 100644
index 0000000000..b15b8c763d
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4948.patch
@@ -0,0 +1,38 @@
+From dfdc9b3cc73e6fe88cc12792ba00e14642572339 Mon Sep 17 00:00:00 2001
+From: Milan Crha <mcrha@redhat.com>
+Date: Thu, 15 May 2025 17:49:11 +0200
+Subject: [PATCH] soup-multipart: Verify boundary limits for multipart body
+
+It could happen that the boundary started at a place which resulted into
+a negative number, which in an unsigned integer is a very large value.
+Check the body size is not a negative value before setting it.
+
+Closes https://gitlab.gnome.org/GNOME/libsoup/-/issues/449
+
+Part-of: <https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/463>
+
+CVE: CVE-2025-4948
+Upstream-Status: Backport
+[https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/463/diffs?commit_id=f2f28afe0b3b2b3009ab67d6874457ec6bac70c0]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-multipart.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-multipart.c b/libsoup/soup-multipart.c
+index dd93973..ce2fc10 100644
+--- a/libsoup/soup-multipart.c
++++ b/libsoup/soup-multipart.c
+@@ -214,7 +214,7 @@ soup_multipart_new_from_message (SoupMessageHeaders *headers,
+ */
+ part_body = soup_buffer_new_subbuffer (flattened,
+ split - flattened->data,
+- end - 2 - split);
++ end - 2 >= split ? end - 2 - split : 0);
+ g_ptr_array_add (multipart->bodies, part_body);
+
+ start = end;
+--
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
index 4a00dafe47..5c834e394a 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
@@ -37,6 +37,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
file://CVE-2025-32052.patch \
file://CVE-2025-32050.patch \
file://CVE-2025-46421.patch \
+ file://CVE-2025-4948.patch \
"
SRC_URI[sha256sum] = "e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13"
--
2.43.0
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][scarthgap 09/16] libsoup: fix CVE-2025-4948
2025-06-10 19:33 [OE-core][scarthgap 00/16] Patch review Steve Sakoman
` (7 preceding siblings ...)
2025-06-10 19:34 ` [OE-core][scarthgap 08/16] libsoup-2.4: fix CVE-2025-4948 Steve Sakoman
@ 2025-06-10 19:34 ` Steve Sakoman
2025-06-10 19:34 ` [OE-core][scarthgap 10/16] libsoup-2.4: fix CVE-2025-4476 Steve Sakoman
` (6 subsequent siblings)
15 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:34 UTC (permalink / raw)
To: openembedded-core
From: Changqing Li <changqing.li@windriver.com>
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/449
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../libsoup/libsoup-3.4.4/CVE-2025-4948.patch | 97 +++++++++++++++++++
meta/recipes-support/libsoup/libsoup_3.4.4.bb | 1 +
2 files changed, 98 insertions(+)
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4948.patch
diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4948.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4948.patch
new file mode 100644
index 0000000000..07c85f5381
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4948.patch
@@ -0,0 +1,97 @@
+From a23ce8f8e60e79990e26376c8b0d40841aed4b81 Mon Sep 17 00:00:00 2001
+From: Milan Crha <mcrha@redhat.com>
+Date: Thu, 15 May 2025 17:49:11 +0200
+Subject: [PATCH] soup-multipart: Verify boundary limits for multipart body
+
+It could happen that the boundary started at a place which resulted into
+a negative number, which in an unsigned integer is a very large value.
+Check the body size is not a negative value before setting it.
+
+Closes https://gitlab.gnome.org/GNOME/libsoup/-/issues/449
+
+Part-of: <https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/463>
+
+CVE: CVE-2025-4948
+Upstream-Status: Backport
+[https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/463/diffs?commit_id=f2f28afe0b3b2b3009ab67d6874457ec6bac70c0]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-multipart.c | 2 +-
+ tests/multipart-test.c | 40 ++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 41 insertions(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-multipart.c b/libsoup/soup-multipart.c
+index e1c442e..27257e4 100644
+--- a/libsoup/soup-multipart.c
++++ b/libsoup/soup-multipart.c
+@@ -204,7 +204,7 @@ soup_multipart_new_from_message (SoupMessageHeaders *headers,
+ */
+ part_body = g_bytes_new_from_bytes (body, // FIXME
+ split - body_data,
+- end - 2 - split);
++ end - 2 >= split ? end - 2 - split : 0);
+ g_ptr_array_add (multipart->bodies, part_body);
+
+ start = end;
+diff --git a/tests/multipart-test.c b/tests/multipart-test.c
+index 84852e2..2ae888c 100644
+--- a/tests/multipart-test.c
++++ b/tests/multipart-test.c
+@@ -548,6 +548,45 @@ test_multipart_bounds_bad_2 (void)
+ g_bytes_unref (bytes);
+ }
+
++static void
++test_multipart_too_large (void)
++{
++ const char *raw_body =
++ "-------------------\r\n"
++ "-\n"
++ "Cont\"\r\n"
++ "Content-Tynt----e:n\x8erQK\r\n"
++ "Content-Disposition: name= form-; name=\"file\"; filename=\"ype:i/ -d; ----\xae\r\n"
++ "Content-Typimag\x01/png--\\\n"
++ "\r\n"
++ "---:\n\r\n"
++ "\r\n"
++ "-------------------------------------\r\n"
++ "---------\r\n"
++ "----------------------";
++ GBytes *body;
++ GHashTable *params;
++ SoupMessageHeaders *headers;
++ SoupMultipart *multipart;
++
++ params = g_hash_table_new (g_str_hash, g_str_equal);
++ g_hash_table_insert (params, (gpointer) "boundary", (gpointer) "-----------------");
++ headers = soup_message_headers_new (SOUP_MESSAGE_HEADERS_MULTIPART);
++ soup_message_headers_set_content_type (headers, "multipart/form-data", params);
++ g_hash_table_unref (params);
++
++ body = g_bytes_new_static (raw_body, strlen (raw_body));
++ multipart = soup_multipart_new_from_message (headers, body);
++ soup_message_headers_unref (headers);
++ g_bytes_unref (body);
++
++ g_assert_nonnull (multipart);
++ g_assert_cmpint (soup_multipart_get_length (multipart), ==, 1);
++ g_assert_true (soup_multipart_get_part (multipart, 0, &headers, &body));
++ g_assert_cmpint (g_bytes_get_size (body), ==, 0);
++ soup_multipart_free (multipart);
++}
++
+ int
+ main (int argc, char **argv)
+ {
+@@ -578,6 +617,7 @@ main (int argc, char **argv)
+ g_test_add_func ("/multipart/bounds-good", test_multipart_bounds_good);
+ g_test_add_func ("/multipart/bounds-bad", test_multipart_bounds_bad);
+ g_test_add_func ("/multipart/bounds-bad-2", test_multipart_bounds_bad_2);
++ g_test_add_func ("/multipart/too-large", test_multipart_too_large);
+
+ ret = g_test_run ();
+
+--
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
index 473a980b1a..9b8bf5b9a2 100644
--- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
@@ -42,6 +42,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
file://CVE-2025-32051-2.patch \
file://CVE-2025-32050.patch \
file://CVE-2025-46421.patch \
+ file://CVE-2025-4948.patch \
"
SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa"
--
2.43.0
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][scarthgap 10/16] libsoup-2.4: fix CVE-2025-4476
2025-06-10 19:33 [OE-core][scarthgap 00/16] Patch review Steve Sakoman
` (8 preceding siblings ...)
2025-06-10 19:34 ` [OE-core][scarthgap 09/16] libsoup: " Steve Sakoman
@ 2025-06-10 19:34 ` Steve Sakoman
2025-06-10 19:34 ` [OE-core][scarthgap 11/16] libsoup-2.4: fix CVE-2025-2784 Steve Sakoman
` (5 subsequent siblings)
15 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:34 UTC (permalink / raw)
To: openembedded-core
From: Changqing Li <changqing.li@windriver.com>
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/440
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../libsoup/libsoup-2.4/CVE-2025-4476.patch | 38 +++++++++++++++++++
.../libsoup/libsoup-2.4_2.74.3.bb | 1 +
2 files changed, 39 insertions(+)
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch
diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch
new file mode 100644
index 0000000000..874f62e7ad
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch
@@ -0,0 +1,38 @@
+From 52a0f9234d384b9dab368835b22e5a5a01542168 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Fri, 16 May 2025 14:16:10 +0800
+Subject: [PATCH] auth-digest: fix crash in
+ soup_auth_digest_get_protection_space()
+
+We need to validate the Domain parameter in the WWW-Authenticate header.
+
+Unfortunately this crash only occurs when listening on default ports 80
+and 443, so there's no good way to test for this. The test would require
+running as root.
+
+Fixes #440
+
+CVE: CVE-2025-4476
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/e64c221f9c7d09b48b610c5626b3b8c400f0907c?merge_request_iid=457]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-auth-digest.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-auth-digest.c b/libsoup/soup-auth-digest.c
+index f1621ec..a2dc560 100644
+--- a/libsoup/soup-auth-digest.c
++++ b/libsoup/soup-auth-digest.c
+@@ -229,7 +229,7 @@ soup_auth_digest_get_protection_space (SoupAuth *auth, SoupURI *source_uri)
+ uri = soup_uri_new (d);
+ if (uri && uri->scheme == source_uri->scheme &&
+ uri->port == source_uri->port &&
+- !strcmp (uri->host, source_uri->host))
++ !g_strcmp0 (uri->host, source_uri->host))
+ dir = g_strdup (uri->path);
+ else
+ dir = NULL;
+--
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
index 5c834e394a..8f0b706276 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
@@ -38,6 +38,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
file://CVE-2025-32050.patch \
file://CVE-2025-46421.patch \
file://CVE-2025-4948.patch \
+ file://CVE-2025-4476.patch \
"
SRC_URI[sha256sum] = "e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13"
--
2.43.0
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][scarthgap 11/16] libsoup-2.4: fix CVE-2025-2784
2025-06-10 19:33 [OE-core][scarthgap 00/16] Patch review Steve Sakoman
` (9 preceding siblings ...)
2025-06-10 19:34 ` [OE-core][scarthgap 10/16] libsoup-2.4: fix CVE-2025-4476 Steve Sakoman
@ 2025-06-10 19:34 ` Steve Sakoman
2025-06-10 19:34 ` [OE-core][scarthgap 12/16] libsoup: " Steve Sakoman
` (4 subsequent siblings)
15 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:34 UTC (permalink / raw)
To: openembedded-core
From: Changqing Li <changqing.li@windriver.com>
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/422
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../libsoup/libsoup-2.4/CVE-2025-2784.patch | 56 +++++++++++++++++++
.../libsoup/libsoup-2.4_2.74.3.bb | 1 +
2 files changed, 57 insertions(+)
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-2784.patch
diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-2784.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-2784.patch
new file mode 100644
index 0000000000..106f907168
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-2784.patch
@@ -0,0 +1,56 @@
+From 2eacbd762332795e00692ddab2515c6da23198d3 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Mon, 12 May 2025 14:06:41 +0800
+Subject: [PATCH] sniffer: Add better coverage of skip_insignificant_space()
+
+CVE: CVE-2025-2784
+Upstream-Status: Backport
+[https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/435/diffs?commit_id=242a10fbb12dbdc12d254bd8fc8669a0ac055304;
+ https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/442/diffs?commit_id=c415ad0b6771992e66c70edf373566c6e247089d]
+
+Test code is not added since it uses some functions not defined in
+version 2.74. These tests are not used now, so just ignore them.
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-content-sniffer.c | 9 +++----
+ 1 files changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/libsoup/soup-content-sniffer.c b/libsoup/soup-content-sniffer.c
+index 5f2896e..9554636 100644
+--- a/libsoup/soup-content-sniffer.c
++++ b/libsoup/soup-content-sniffer.c
+@@ -612,8 +612,10 @@ sniff_text_or_binary (SoupContentSniffer *sniffer, SoupBuffer *buffer)
+ }
+
+ static gboolean
+-skip_insignificant_space (const char *resource, int *pos, int resource_length)
++skip_insignificant_space (const char *resource, gsize *pos, gsize resource_length)
+ {
++ if (*pos >= resource_length)
++ return TRUE;
+ while ((resource[*pos] == '\x09') ||
+ (resource[*pos] == '\x20') ||
+ (resource[*pos] == '\x0A') ||
+@@ -632,7 +634,7 @@ sniff_feed_or_html (SoupContentSniffer *sniffer, SoupBuffer *buffer)
+ {
+ const char *resource = (const char *)buffer->data;
+ int resource_length = MIN (512, buffer->length);
+- int pos = 0;
++ gsize pos = 0;
+
+ if (resource_length < 3)
+ goto text_html;
+@@ -642,9 +644,6 @@ sniff_feed_or_html (SoupContentSniffer *sniffer, SoupBuffer *buffer)
+ pos = 3;
+
+ look_for_tag:
+- if (pos > resource_length)
+- goto text_html;
+-
+ if (skip_insignificant_space (resource, &pos, resource_length))
+ goto text_html;
+
+--
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
index 8f0b706276..0da309ebd8 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
@@ -39,6 +39,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
file://CVE-2025-46421.patch \
file://CVE-2025-4948.patch \
file://CVE-2025-4476.patch \
+ file://CVE-2025-2784.patch \
"
SRC_URI[sha256sum] = "e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13"
--
2.43.0
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][scarthgap 12/16] libsoup: fix CVE-2025-2784
2025-06-10 19:33 [OE-core][scarthgap 00/16] Patch review Steve Sakoman
` (10 preceding siblings ...)
2025-06-10 19:34 ` [OE-core][scarthgap 11/16] libsoup-2.4: fix CVE-2025-2784 Steve Sakoman
@ 2025-06-10 19:34 ` Steve Sakoman
2025-06-10 19:34 ` [OE-core][scarthgap 13/16] kea: upgrade 2.4.1 -> 2.4.2 Steve Sakoman
` (3 subsequent siblings)
15 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:34 UTC (permalink / raw)
To: openembedded-core
From: Changqing Li <changqing.li@windriver.com>
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/422
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../libsoup/libsoup-3.4.4/CVE-2025-2784.patch | 137 ++++++++++++++++++
meta/recipes-support/libsoup/libsoup_3.4.4.bb | 1 +
2 files changed, 138 insertions(+)
create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-2784.patch
diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-2784.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-2784.patch
new file mode 100644
index 0000000000..b2e1c12d48
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-2784.patch
@@ -0,0 +1,137 @@
+From dd10ae267e33bcc35646610d7cc1841da77d05e7 Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Wed, 5 Feb 2025 14:39:42 -0600
+Subject: [PATCH] Fix CVE-2025-2784
+
+CVE: CVE-2025-2784
+Upstream-Status: Backport
+[https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/435/diffs?commit_id=242a10fbb12dbdc12d254bd8fc8669a0ac055304
+https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/442/diffs?commit_id=c415ad0b6771992e66c70edf373566c6e247089d]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ .../content-sniffer/soup-content-sniffer.c | 10 ++--
+ tests/meson.build | 4 +-
+ tests/sniffing-test.c | 48 +++++++++++++++++++
+ 3 files changed, 56 insertions(+), 6 deletions(-)
+
+diff --git a/libsoup/content-sniffer/soup-content-sniffer.c b/libsoup/content-sniffer/soup-content-sniffer.c
+index aeee2e2..a5e18d5 100644
+--- a/libsoup/content-sniffer/soup-content-sniffer.c
++++ b/libsoup/content-sniffer/soup-content-sniffer.c
+@@ -638,8 +638,11 @@ sniff_text_or_binary (SoupContentSniffer *sniffer, GBytes *buffer)
+ }
+
+ static gboolean
+-skip_insignificant_space (const char *resource, int *pos, int resource_length)
++skip_insignificant_space (const char *resource, gsize *pos, gsize resource_length)
+ {
++ if (*pos >= resource_length)
++ return TRUE;
++
+ while ((resource[*pos] == '\x09') ||
+ (resource[*pos] == '\x20') ||
+ (resource[*pos] == '\x0A') ||
+@@ -659,7 +662,7 @@ sniff_feed_or_html (SoupContentSniffer *sniffer, GBytes *buffer)
+ gsize resource_length;
+ const char *resource = g_bytes_get_data (buffer, &resource_length);
+ resource_length = MIN (512, resource_length);
+- int pos = 0;
++ gsize pos = 0;
+
+ if (resource_length < 3)
+ goto text_html;
+@@ -669,9 +672,6 @@ sniff_feed_or_html (SoupContentSniffer *sniffer, GBytes *buffer)
+ pos = 3;
+
+ look_for_tag:
+- if (pos > resource_length)
+- goto text_html;
+-
+ if (skip_insignificant_space (resource, &pos, resource_length))
+ goto text_html;
+
+diff --git a/tests/meson.build b/tests/meson.build
+index 7ef7ac5..95b13b8 100644
+--- a/tests/meson.build
++++ b/tests/meson.build
+@@ -95,7 +95,9 @@ tests = [
+ {'name': 'server-auth'},
+ {'name': 'server-mem-limit'},
+ {'name': 'server'},
+- {'name': 'sniffing'},
++ {'name': 'sniffing',
++ 'depends': [test_resources],
++ },
+ {'name': 'ssl',
+ 'dependencies': [gnutls_dep],
+ 'depends': mock_pkcs11_module,
+diff --git a/tests/sniffing-test.c b/tests/sniffing-test.c
+index 6116719..7857732 100644
+--- a/tests/sniffing-test.c
++++ b/tests/sniffing-test.c
+@@ -342,6 +342,52 @@ test_disabled (gconstpointer data)
+ g_uri_unref (uri);
+ }
+
++static const gsize MARKUP_LENGTH = strlen ("<!--") + strlen ("-->");
++
++static void
++do_skip_whitespace_test (void)
++{
++ SoupContentSniffer *sniffer = soup_content_sniffer_new ();
++ SoupMessage *msg = soup_message_new (SOUP_METHOD_GET, "http://example.org");
++ const char *test_cases[] = {
++ "",
++ "<rdf:RDF",
++ "<rdf:RDFxmlns:rdf=\"http://www.w3.org/1999/02/22-rdf-syntax-ns#\"",
++ "<rdf:RDFxmlns=\"http://purl.org/rss/1.0/\"",
++ };
++
++ soup_message_headers_set_content_type (soup_message_get_response_headers (msg), "text/html", NULL);
++
++ for (guint i = 0; i < G_N_ELEMENTS (test_cases); i++) {
++ const char *trailing_data = test_cases[i];
++ gsize leading_zeros = 512 - MARKUP_LENGTH - strlen (trailing_data);
++ gsize testsize = MARKUP_LENGTH + leading_zeros + strlen (trailing_data);
++ guint8 *data = g_malloc0 (testsize);
++ guint8 *p = data;
++ char *content_type;
++ GBytes *buffer;
++
++ // Format of <!--[0x00 * $leading_zeros]-->$trailing_data
++ memcpy (p, "<!--", strlen ("<!--"));
++ p += strlen ("<!--");
++ p += leading_zeros;
++ memcpy (p, "-->", strlen ("-->"));
++ p += strlen ("-->");
++ if (strlen (trailing_data))
++ memcpy (p, trailing_data, strlen (trailing_data));
++ // Purposefully not NUL terminated.
++
++ buffer = g_bytes_new_take (g_steal_pointer (&data), testsize);
++ content_type = soup_content_sniffer_sniff (sniffer, msg, buffer, NULL);
++
++ g_free (content_type);
++ g_bytes_unref (buffer);
++ }
++
++ g_object_unref (msg);
++ g_object_unref (sniffer);
++}
++
+ int
+ main (int argc, char **argv)
+ {
+@@ -517,6 +563,8 @@ main (int argc, char **argv)
+ "/text_or_binary/home.gif",
+ test_disabled);
+
++ g_test_add_func ("/sniffing/whitespace", do_skip_whitespace_test);
++
+ ret = g_test_run ();
+
+ g_uri_unref (base_uri);
+--
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
index 9b8bf5b9a2..37319f007f 100644
--- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
@@ -43,6 +43,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
file://CVE-2025-32050.patch \
file://CVE-2025-46421.patch \
file://CVE-2025-4948.patch \
+ file://CVE-2025-2784.patch \
"
SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa"
--
2.43.0
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][scarthgap 13/16] kea: upgrade 2.4.1 -> 2.4.2
2025-06-10 19:33 [OE-core][scarthgap 00/16] Patch review Steve Sakoman
` (11 preceding siblings ...)
2025-06-10 19:34 ` [OE-core][scarthgap 12/16] libsoup: " Steve Sakoman
@ 2025-06-10 19:34 ` Steve Sakoman
2025-06-10 19:34 ` [OE-core][scarthgap 14/16] python3: upgrade 3.12.9 -> 3.12.11 Steve Sakoman
` (2 subsequent siblings)
15 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:34 UTC (permalink / raw)
To: openembedded-core
From: Vijay Anusuri <vanusuri@mvista.com>
Changelog
https://downloads.isc.org/isc/kea/2.4.2/Kea-2.4.2-ReleaseNotes.txt
License-Update: Update copyright year
Includes security fixes for CVE-2025-32801, CVE-2025-32802 and CVE-2025-32803
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-connectivity/kea/{kea_2.4.1.bb => kea_2.4.2.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-connectivity/kea/{kea_2.4.1.bb => kea_2.4.2.bb} (94%)
diff --git a/meta/recipes-connectivity/kea/kea_2.4.1.bb b/meta/recipes-connectivity/kea/kea_2.4.2.bb
similarity index 94%
rename from meta/recipes-connectivity/kea/kea_2.4.1.bb
rename to meta/recipes-connectivity/kea/kea_2.4.2.bb
index fcdb4889d9..6bb7cb9164 100644
--- a/meta/recipes-connectivity/kea/kea_2.4.1.bb
+++ b/meta/recipes-connectivity/kea/kea_2.4.2.bb
@@ -3,7 +3,7 @@ DESCRIPTION = "Kea is the next generation of DHCP software developed by ISC. It
HOMEPAGE = "http://kea.isc.org"
SECTION = "connectivity"
LICENSE = "MPL-2.0"
-LIC_FILES_CHKSUM = "file://COPYING;md5=ea061fa0188838072c4248c1318ec131"
+LIC_FILES_CHKSUM = "file://COPYING;md5=ee16e7280a6cf2a1487717faf33190dc"
DEPENDS = "boost log4cplus openssl"
@@ -18,7 +18,7 @@ SRC_URI = "http://ftp.isc.org/isc/kea/${PV}/${BP}.tar.gz \
file://fix_pid_keactrl.patch \
file://0001-src-lib-log-logger_unittest_support.cc-do-not-write-.patch \
"
-SRC_URI[sha256sum] = "815c61f5c271caa4a1db31dd656eb50a7f6ea973da3690f7c8581408e180131a"
+SRC_URI[sha256sum] = "6e82fb319d3b871c0d39bbd504f2cda0c66fa1262865872985fb4fb91b4eaafc"
inherit autotools systemd update-rc.d upstream-version-is-even
--
2.43.0
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][scarthgap 14/16] python3: upgrade 3.12.9 -> 3.12.11
2025-06-10 19:33 [OE-core][scarthgap 00/16] Patch review Steve Sakoman
` (12 preceding siblings ...)
2025-06-10 19:34 ` [OE-core][scarthgap 13/16] kea: upgrade 2.4.1 -> 2.4.2 Steve Sakoman
@ 2025-06-10 19:34 ` Steve Sakoman
2025-06-10 19:34 ` [OE-core][scarthgap 15/16] gtk+: add missing libdrm dependency Steve Sakoman
2025-06-10 19:34 ` [OE-core][scarthgap 16/16] testimage: get real os-release file Steve Sakoman
15 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:34 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
Drop upstreamed patch and refresh remaining patches.
* https://www.python.org/downloads/release/python-31210/
Python 3.12.10 is the latest maintenance release of Python 3.12, and
the last full maintenance release. Subsequent releases of 3.12 will be
security-fixes only.
* https://www.python.org/downloads/release/python-31211/
Security content in this release
* gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330]
[CVE 2025-4435] [CVE 2025-4517] Fixes multiple issues that allowed
tarfile extraction filters (filter="data" and filter="tar") to be
bypassed using crafted symlinks and hard links.
* gh-133767: Fix use-after-free in the “unicode-escape” decoder with a
non-“strict” error handler.
* gh-128840: Short-circuit the processing of long IPv6 addresses early
in ipaddress to prevent excessive memory consumption and a minor
denial-of-service.
gh-133767 got meawhile CVE-2025-4516 assigned.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...shebang-overflow-on-python-config.py.patch | 2 +-
...-use-prefix-value-from-build-configu.patch | 2 +-
...sts-due-to-load-variability-on-YP-AB.patch | 6 +--
...001-ctypes-correct-gcc-check-in-test.patch | 53 -------------------
...e-treat-overflow-in-UID-GID-as-failu.patch | 2 +-
..._fileno-test-due-to-load-variability.patch | 2 +-
...orlines-skip-due-to-load-variability.patch | 2 +-
.../python/python3/makerace.patch | 2 +-
.../{python3_3.12.9.bb => python3_3.12.11.bb} | 3 +-
9 files changed, 10 insertions(+), 64 deletions(-)
delete mode 100644 meta/recipes-devtools/python/python3/0001-ctypes-correct-gcc-check-in-test.patch
rename meta/recipes-devtools/python/{python3_3.12.9.bb => python3_3.12.11.bb} (99%)
diff --git a/meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch b/meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch
index 6e4930b9ec..a8f98d873e 100644
--- a/meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch
+++ b/meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch
@@ -19,7 +19,7 @@ diff --git a/Makefile.pre.in b/Makefile.pre.in
index 2d235d2..1ac2263 100644
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
-@@ -2355,6 +2355,8 @@ python-config: $(srcdir)/Misc/python-config.in Misc/python-config.sh
+@@ -2356,6 +2356,8 @@ python-config: $(srcdir)/Misc/python-config.in Misc/python-config.sh
@ # Substitution happens here, as the completely-expanded BINDIR
@ # is not available in configure
sed -e "s,@EXENAME@,$(EXENAME)," < $(srcdir)/Misc/python-config.in >python-config.py
diff --git a/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch b/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch
index 1b9f3565d3..c42a56bcb3 100644
--- a/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch
+++ b/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch
@@ -17,7 +17,7 @@ diff --git a/Lib/sysconfig.py b/Lib/sysconfig.py
index 6258b68..d59ec6e 100644
--- a/Lib/sysconfig.py
+++ b/Lib/sysconfig.py
-@@ -668,6 +668,11 @@ def _init_config_vars():
+@@ -675,6 +675,11 @@ def _init_config_vars():
_CONFIG_VARS['VPATH'] = sys._vpath
if os.name == 'posix':
_init_posix(_CONFIG_VARS)
diff --git a/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch b/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch
index ec3bb9cbbd..051ec2c635 100644
--- a/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch
+++ b/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch
@@ -26,7 +26,7 @@ diff --git a/Lib/test/_test_multiprocessing.py b/Lib/test/_test_multiprocessing.
index 3b4415b..1f94dec 100644
--- a/Lib/test/_test_multiprocessing.py
+++ b/Lib/test/_test_multiprocessing.py
-@@ -688,6 +688,7 @@ class _TestProcess(BaseTestCase):
+@@ -692,6 +692,7 @@ class _TestProcess(BaseTestCase):
close_queue(q)
@support.requires_resource('walltime')
@@ -34,7 +34,7 @@ index 3b4415b..1f94dec 100644
def test_many_processes(self):
if self.TYPE == 'threads':
self.skipTest('test not appropriate for {}'.format(self.TYPE))
-@@ -2211,6 +2212,7 @@ class _TestBarrier(BaseTestCase):
+@@ -2223,6 +2224,7 @@ class _TestBarrier(BaseTestCase):
except threading.BrokenBarrierError:
results.append(True)
@@ -42,7 +42,7 @@ index 3b4415b..1f94dec 100644
def test_timeout(self):
"""
Test wait(timeout)
-@@ -5208,6 +5210,7 @@ class TestWait(unittest.TestCase):
+@@ -5220,6 +5222,7 @@ class TestWait(unittest.TestCase):
time.sleep(period)
@support.requires_resource('walltime')
diff --git a/meta/recipes-devtools/python/python3/0001-ctypes-correct-gcc-check-in-test.patch b/meta/recipes-devtools/python/python3/0001-ctypes-correct-gcc-check-in-test.patch
deleted file mode 100644
index 3dd762e519..0000000000
--- a/meta/recipes-devtools/python/python3/0001-ctypes-correct-gcc-check-in-test.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-From 2e2a0c8593a38f2020cc2baeeaa7972eb86773f9 Mon Sep 17 00:00:00 2001
-From: Peter Marko <peter.marko@siemens.com>
-Date: Sat, 8 Feb 2025 23:57:17 +0100
-Subject: [PATCH] ctypes: correct gcc check in test
-
-In case gcc is not available, it will throw exception and test fails.
-So chatch the exception to skip the test correctly.
-
-======================================================================
-ERROR: test_null_dlsym (test.test_ctypes.test_dlerror.TestNullDlsym.test_null_dlsym)
-----------------------------------------------------------------------
-Traceback (most recent call last):
- File "/usr/lib/python3.12/test/test_ctypes/test_dlerror.py", line 61, in test_null_dlsym
- retcode = subprocess.call(["gcc", "--version"],
- ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
- File "/usr/lib/python3.12/subprocess.py", line 391, in call
- with Popen(*popenargs, **kwargs) as p:
- ^^^^^^^^^^^^^^^^^^^^^^^^^^^
- File "/usr/lib/python3.12/subprocess.py", line 1028, in __init__
- self._execute_child(args, executable, preexec_fn, close_fds,
- File "/usr/lib/python3.12/subprocess.py", line 1963, in _execute_child
- raise child_exception_type(errno_num, err_msg, err_filename)
-FileNotFoundError: [Errno 2] No such file or directory: 'gcc'
-
-Upstream-Status: Submitted [https://github.com/python/cpython/pull/129872]
-Signed-off-by: Peter Marko <peter.marko@siemens.com>
----
- Lib/test/test_ctypes/test_dlerror.py | 11 +++++++----
- 1 file changed, 7 insertions(+), 4 deletions(-)
-
-diff --git a/Lib/test/test_ctypes/test_dlerror.py b/Lib/test/test_ctypes/test_dlerror.py
-index 6bf492399cb..56eb7622b4d 100644
---- a/Lib/test/test_ctypes/test_dlerror.py
-+++ b/Lib/test/test_ctypes/test_dlerror.py
-@@ -58,11 +58,14 @@ def test_null_dlsym(self):
- import subprocess
- import tempfile
-
-- retcode = subprocess.call(["gcc", "--version"],
-- stdout=subprocess.DEVNULL,
-- stderr=subprocess.DEVNULL)
-- if retcode != 0:
-+ try:
-+ retcode = subprocess.call(["gcc", "--version"],
-+ stdout=subprocess.DEVNULL,
-+ stderr=subprocess.DEVNULL)
-+ except:
- self.skipTest("gcc is missing")
-+ if retcode != 0:
-+ self.skipTest("gcc is not working")
-
- pipe_r, pipe_w = os.pipe()
- self.addCleanup(os.close, pipe_r)
diff --git a/meta/recipes-devtools/python/python3/0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch b/meta/recipes-devtools/python/python3/0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch
index 5c74443e62..1cffdd6e05 100644
--- a/meta/recipes-devtools/python/python3/0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch
+++ b/meta/recipes-devtools/python/python3/0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch
@@ -16,7 +16,7 @@ diff --git a/Lib/tarfile.py b/Lib/tarfile.py
index 0a0f31e..4dfb67d 100755
--- a/Lib/tarfile.py
+++ b/Lib/tarfile.py
-@@ -2590,7 +2590,8 @@ class TarFile(object):
+@@ -2685,7 +2685,8 @@ class TarFile(object):
os.lchown(targetpath, u, g)
else:
os.chown(targetpath, u, g)
diff --git a/meta/recipes-devtools/python/python3/0001-skip-no_stdout_fileno-test-due-to-load-variability.patch b/meta/recipes-devtools/python/python3/0001-skip-no_stdout_fileno-test-due-to-load-variability.patch
index e105f36eca..4920cb9ad9 100644
--- a/meta/recipes-devtools/python/python3/0001-skip-no_stdout_fileno-test-due-to-load-variability.patch
+++ b/meta/recipes-devtools/python/python3/0001-skip-no_stdout_fileno-test-due-to-load-variability.patch
@@ -19,7 +19,7 @@ diff --git a/Lib/test/test_builtin.py b/Lib/test/test_builtin.py
index c71c568..e41ab5e 100644
--- a/Lib/test/test_builtin.py
+++ b/Lib/test/test_builtin.py
-@@ -2352,6 +2352,7 @@ class PtyTests(unittest.TestCase):
+@@ -2375,6 +2375,7 @@ class PtyTests(unittest.TestCase):
# Check stdin/stdout error handler is used when invoking PyOS_Readline()
self.check_input_tty("prompté", b"quux\xe9", "ascii")
diff --git a/meta/recipes-devtools/python/python3/0001-test_storlines-skip-due-to-load-variability.patch b/meta/recipes-devtools/python/python3/0001-test_storlines-skip-due-to-load-variability.patch
index 22aabbb2ed..88cd93a51f 100644
--- a/meta/recipes-devtools/python/python3/0001-test_storlines-skip-due-to-load-variability.patch
+++ b/meta/recipes-devtools/python/python3/0001-test_storlines-skip-due-to-load-variability.patch
@@ -19,7 +19,7 @@ diff --git a/Lib/test/test_ftplib.py b/Lib/test/test_ftplib.py
index 4c4a449..b8c79a4 100644
--- a/Lib/test/test_ftplib.py
+++ b/Lib/test/test_ftplib.py
-@@ -626,6 +626,7 @@ class TestFTPClass(TestCase):
+@@ -629,6 +629,7 @@ class TestFTPClass(TestCase):
self.client.storbinary('stor', f, rest=r)
self.assertEqual(self.server.handler_instance.rest, str(r))
diff --git a/meta/recipes-devtools/python/python3/makerace.patch b/meta/recipes-devtools/python/python3/makerace.patch
index 862b648685..fbe12a5fca 100644
--- a/meta/recipes-devtools/python/python3/makerace.patch
+++ b/meta/recipes-devtools/python/python3/makerace.patch
@@ -20,7 +20,7 @@ diff --git a/Makefile.pre.in b/Makefile.pre.in
index dce36a5..2d235d2 100644
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
-@@ -2266,7 +2266,7 @@ COMPILEALL_OPTS=-j0
+@@ -2267,7 +2267,7 @@ COMPILEALL_OPTS=-j0
TEST_MODULES=@TEST_MODULES@
.PHONY: libinstall
diff --git a/meta/recipes-devtools/python/python3_3.12.9.bb b/meta/recipes-devtools/python/python3_3.12.11.bb
similarity index 99%
rename from meta/recipes-devtools/python/python3_3.12.9.bb
rename to meta/recipes-devtools/python/python3_3.12.11.bb
index 8e03ff5f2b..706dabb5cd 100644
--- a/meta/recipes-devtools/python/python3_3.12.9.bb
+++ b/meta/recipes-devtools/python/python3_3.12.11.bb
@@ -34,14 +34,13 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
file://0001-test_deadlock-skip-problematic-test.patch \
file://0001-test_active_children-skip-problematic-test.patch \
file://0001-test_readline-skip-limited-history-test.patch \
- file://0001-ctypes-correct-gcc-check-in-test.patch \
"
SRC_URI:append:class-native = " \
file://0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch \
"
-SRC_URI[sha256sum] = "7220835d9f90b37c006e9842a8dff4580aaca4318674f947302b8d28f3f81112"
+SRC_URI[sha256sum] = "c30bb24b7f1e9a19b11b55a546434f74e739bb4c271a3e3a80ff4380d49f7adb"
# exclude pre-releases for both python 2.x and 3.x
UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"
--
2.43.0
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][scarthgap 15/16] gtk+: add missing libdrm dependency
2025-06-10 19:33 [OE-core][scarthgap 00/16] Patch review Steve Sakoman
` (13 preceding siblings ...)
2025-06-10 19:34 ` [OE-core][scarthgap 14/16] python3: upgrade 3.12.9 -> 3.12.11 Steve Sakoman
@ 2025-06-10 19:34 ` Steve Sakoman
2025-06-10 19:34 ` [OE-core][scarthgap 16/16] testimage: get real os-release file Steve Sakoman
15 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:34 UTC (permalink / raw)
To: openembedded-core
From: Andrew Fernandes <andrew@fernandes.org>
Fixes [YOCTO #15513]
When built without the wayland feature, gtk4 does not
build due to a missing explicit dependency on libdrm.
Signed-off-by: Andrew Fernandes <andrew@fernandes.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b32290d9bbcfccc9b85fa5acbeaee5d32d9a9091)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-gnome/gtk+/gtk4_4.14.1.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-gnome/gtk+/gtk4_4.14.1.bb b/meta/recipes-gnome/gtk+/gtk4_4.14.1.bb
index 497be6805a..aae69271ac 100644
--- a/meta/recipes-gnome/gtk+/gtk4_4.14.1.bb
+++ b/meta/recipes-gnome/gtk+/gtk4_4.14.1.bb
@@ -16,6 +16,7 @@ DEPENDS = " \
graphene \
harfbuzz \
jpeg \
+ libdrm \
libepoxy \
libpng \
librsvg \
--
2.43.0
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][scarthgap 16/16] testimage: get real os-release file
2025-06-10 19:33 [OE-core][scarthgap 00/16] Patch review Steve Sakoman
` (14 preceding siblings ...)
2025-06-10 19:34 ` [OE-core][scarthgap 15/16] gtk+: add missing libdrm dependency Steve Sakoman
@ 2025-06-10 19:34 ` Steve Sakoman
15 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:34 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
/etc/os-release is a symlink to /usr/lib.
Symlink is retrieved as a dead link which points to nowhere if also the
original file is not accompanying it.
Fetch the real file in addition to this link.
Alternative could be to use "tar -h" (supported also by busybox tar),
however that could lose some important information if links are relevant
for failure analysis.
(From OE-Core rev: ed43f9ccb3c08845259e24440912631afd780d12)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/classes-recipe/testimage.bbclass | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/meta/classes-recipe/testimage.bbclass b/meta/classes-recipe/testimage.bbclass
index 954c213912..33b1c13f9d 100644
--- a/meta/classes-recipe/testimage.bbclass
+++ b/meta/classes-recipe/testimage.bbclass
@@ -25,7 +25,9 @@ TESTIMAGE_AUTO ??= "0"
TESTIMAGE_FAILED_QA_ARTIFACTS = "\
${localstatedir}/log \
${sysconfdir}/version \
- ${sysconfdir}/os-release"
+ ${sysconfdir}/os-release \
+ ${nonarch_libdir}/os-release \
+"
# If some ptests are run and fail, retrieve corresponding directories
TESTIMAGE_FAILED_QA_ARTIFACTS += "${@bb.utils.contains('DISTRO_FEATURES', 'ptest', '${libdir}/${MCNAME}/ptest', '', d)}"
--
2.43.0
^ permalink raw reply related [flat|nested] 23+ messages in thread