* [OE-core][kirkstone 00/15] Patch review
@ 2022-06-19 19:30 Steve Sakoman
0 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2022-06-19 19:30 UTC (permalink / raw)
To: openembedded-core
Please review this set of patches for kirkstone and have comments back by
end of day Tuesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3799
The following changes since commit 0f7a8359ba370c7f5d5153453ed699e9566f5b1d:
rootfs.py: close kernel_abi_ver_file (2022-06-10 05:13:53 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Jack Mitchell (1):
meson.bbclass: add cython binary to cross/native toolchain config
Jose Quaresma (2):
archiver: use bb.note instead of echo
archiver: don't use machine variables in shared recipes
Kai Kang (1):
xxhash: fix build with gcc 12
Mingli Yu (1):
oescripts: change compare logic in OEListPackageconfigTests
Pavel Zhukov (1):
systemd: update 0008-add-missing-FTW_-macros-for-musl.patch
Rasmus Villemoes (1):
e2fsprogs: add alternatives handling of lsattr as well
Richard Purdie (5):
vim: Upgrade 8.2.5034 -> 8.2.5083
uboot-sign: Fix potential index error issues
selftest/multiconfig: Test that multiconfigs in separate layers works
gcc-source: Fix incorrect task dependencies from ${B}
liberror-perl: Update sstate/equiv versions to clean cache
Xiaobing Luo (1):
devtool: Fix _copy_file() TypeError
Yi Zhao (2):
popt: fix override syntax in RDEPENDS
git: fix override syntax in RDEPENDS
meta-selftest/conf/multiconfig/muslmc.conf | 2 ++
meta/classes/archiver.bbclass | 11 ++++++++---
meta/classes/meson.bbclass | 2 ++
meta/classes/uboot-sign.bbclass | 2 ++
meta/lib/oeqa/selftest/cases/multiconfig.py | 13 +++++++++++++
meta/lib/oeqa/selftest/cases/oescripts.py | 3 ++-
.../0008-add-missing-FTW_-macros-for-musl.patch | 8 ++++----
meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.5.bb | 5 ++++-
meta/recipes-devtools/gcc/gcc-common.inc | 2 +-
meta/recipes-devtools/gcc/gcc-source.inc | 1 +
meta/recipes-devtools/git/git_2.35.3.bb | 2 +-
meta/recipes-devtools/perl/liberror-perl_0.17029.bb | 4 ++++
meta/recipes-support/popt/popt_1.18.bb | 2 +-
meta/recipes-support/vim/vim.inc | 4 ++--
meta/recipes-support/xxhash/xxhash_0.8.1.bb | 2 ++
scripts/lib/devtool/standard.py | 2 +-
16 files changed, 50 insertions(+), 15 deletions(-)
create mode 100644 meta-selftest/conf/multiconfig/muslmc.conf
--
2.25.1
^ permalink raw reply [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 00/15] Patch review
@ 2022-07-27 0:40 Steve Sakoman
0 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2022-07-27 0:40 UTC (permalink / raw)
To: openembedded-core
Please review this set of patches for kirkstone and have comments back by
end of day Thursday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3979
The following changes since commit f1c2e21a28f8ad5dc6ff7b0db877aa22e01a9e00:
pulseaudio: add m4-native to DEPENDS (2022-07-17 16:59:57 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Alexander Kanavin (1):
gnupg: update 2.3.4 -> 2.3.6
Joshua Watt (1):
sstatesig: Include all dependencies in SPDX task signatures
Khem Raj (2):
lua: Backport fix for CVE-2022-33099
gcc-runtime: Pass -nostartfiles when building dummy libstdc++.so
Ming Liu (1):
rootfs-postcommands.bbclass: move host-user-contaminated.txt to ${S}
Naveen (1):
gcc: Backport a fix for gcc bug 105039
Richard Purdie (1):
vim: Upgrade 9.0.0021 -> 9.0.0063
Sakib Sajal (3):
dpkg: fix CVE-2022-1664
go: update v1.17.10 -> v1.17.12
git: upgrade v2.35.3 -> v2.35.4
Tom Hochstein (1):
gobject-introspection-data: Disable cache for g-ir-scanner
Yi Zhao (1):
tiff: Security fixes CVE-2022-1354 and CVE-2022-1355
Yue Tao (1):
gnupg: upgrade to 2.3.7 to fix CVE-2022-34903
wangmy (2):
bind: upgrade 9.18.2 -> 9.18.3
bind: upgrade 9.18.3 -> 9.18.4
.../gobject-introspection-data.bbclass | 5 +
meta/classes/rootfs-postcommands.bbclass | 2 +-
meta/lib/oe/sstatesig.py | 9 +
...1-avoid-start-failure-with-bind-user.patch | 0
...d-V-and-start-log-hide-build-options.patch | 0
...ching-for-json-headers-searches-sysr.patch | 0
.../bind/{bind-9.18.2 => bind-9.18.4}/bind9 | 0
.../{bind-9.18.2 => bind-9.18.4}/conf.patch | 0
.../generate-rndc-key.sh | 0
...t.d-add-support-for-read-only-rootfs.patch | 0
.../make-etc-initd-bind-stop-work.patch | 0
.../named.service | 0
.../bind/{bind_9.18.2.bb => bind_9.18.4.bb} | 2 +-
...ive-Prevent-directory-traversal-for-.patch | 328 ++++++++++++++++++
meta/recipes-devtools/dpkg/dpkg_1.21.4.bb | 1 +
meta/recipes-devtools/gcc/gcc-11.3.inc | 2 +-
meta/recipes-devtools/gcc/gcc-runtime.inc | 3 +-
.../gcc/gcc/0030-rust-recursion-limit.patch | 92 +++++
.../git/{git_2.35.3.bb => git_2.35.4.bb} | 2 +-
.../go/{go-1.17.10.inc => go-1.17.12.inc} | 2 +-
...1.17.10.bb => go-binary-native_1.17.12.bb} | 4 +-
....17.10.bb => go-cross-canadian_1.17.12.bb} | 0
...o-cross_1.17.10.bb => go-cross_1.17.12.bb} | 0
...ssdk_1.17.10.bb => go-crosssdk_1.17.12.bb} | 0
...native_1.17.10.bb => go-native_1.17.12.bb} | 0
...ntime_1.17.10.bb => go-runtime_1.17.12.bb} | 0
.../go/{go_1.17.10.bb => go_1.17.12.bb} | 0
.../lua/lua/CVE-2022-33099.patch | 61 ++++
meta/recipes-devtools/lua/lua_5.4.4.bb | 1 +
.../gobject-introspection_1.72.0.bb | 3 -
.../libtiff/tiff/CVE-2022-1354.patch | 212 +++++++++++
.../libtiff/tiff/CVE-2022-1355.patch | 62 ++++
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 2 +
...-a-custom-value-for-the-location-of-.patch | 6 +-
.../0003-dirmngr-uses-libgpg-error.patch | 29 --
.../gnupg/gnupg/relocate.patch | 18 +-
.../gnupg/{gnupg_2.3.4.bb => gnupg_2.3.7.bb} | 3 +-
.../vim/files/crosscompile.patch | 51 +++
meta/recipes-support/vim/files/racefix.patch | 12 +-
meta/recipes-support/vim/vim.inc | 9 +-
40 files changed, 860 insertions(+), 61 deletions(-)
rename meta/recipes-connectivity/bind/{bind-9.18.2 => bind-9.18.4}/0001-avoid-start-failure-with-bind-user.patch (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.2 => bind-9.18.4}/0001-named-lwresd-V-and-start-log-hide-build-options.patch (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.2 => bind-9.18.4}/bind-ensure-searching-for-json-headers-searches-sysr.patch (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.2 => bind-9.18.4}/bind9 (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.2 => bind-9.18.4}/conf.patch (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.2 => bind-9.18.4}/generate-rndc-key.sh (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.2 => bind-9.18.4}/init.d-add-support-for-read-only-rootfs.patch (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.2 => bind-9.18.4}/make-etc-initd-bind-stop-work.patch (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.2 => bind-9.18.4}/named.service (100%)
rename meta/recipes-connectivity/bind/{bind_9.18.2.bb => bind_9.18.4.bb} (98%)
create mode 100644 meta/recipes-devtools/dpkg/dpkg/0001-Dpkg-Source-Archive-Prevent-directory-traversal-for-.patch
create mode 100644 meta/recipes-devtools/gcc/gcc/0030-rust-recursion-limit.patch
rename meta/recipes-devtools/git/{git_2.35.3.bb => git_2.35.4.bb} (98%)
rename meta/recipes-devtools/go/{go-1.17.10.inc => go-1.17.12.inc} (92%)
rename meta/recipes-devtools/go/{go-binary-native_1.17.10.bb => go-binary-native_1.17.12.bb} (83%)
rename meta/recipes-devtools/go/{go-cross-canadian_1.17.10.bb => go-cross-canadian_1.17.12.bb} (100%)
rename meta/recipes-devtools/go/{go-cross_1.17.10.bb => go-cross_1.17.12.bb} (100%)
rename meta/recipes-devtools/go/{go-crosssdk_1.17.10.bb => go-crosssdk_1.17.12.bb} (100%)
rename meta/recipes-devtools/go/{go-native_1.17.10.bb => go-native_1.17.12.bb} (100%)
rename meta/recipes-devtools/go/{go-runtime_1.17.10.bb => go-runtime_1.17.12.bb} (100%)
rename meta/recipes-devtools/go/{go_1.17.10.bb => go_1.17.12.bb} (100%)
create mode 100644 meta/recipes-devtools/lua/lua/CVE-2022-33099.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-1354.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-1355.patch
delete mode 100644 meta/recipes-support/gnupg/gnupg/0003-dirmngr-uses-libgpg-error.patch
rename meta/recipes-support/gnupg/{gnupg_2.3.4.bb => gnupg_2.3.7.bb} (95%)
create mode 100644 meta/recipes-support/vim/files/crosscompile.patch
--
2.25.1
^ permalink raw reply [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 00/15] Patch review
@ 2023-05-06 15:24 Steve Sakoman
0 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2023-05-06 15:24 UTC (permalink / raw)
To: openembedded-core
Please review this set of patches for kirkstone and have comments back by
end of day Tuesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5269
The following changes since commit 2d67702bdfc64358d364dd6484ae41842ee7c52f:
glibc: stable 2.35 branch updates. (2023-04-28 03:55:33 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Arturo Buzarra (1):
run-postinsts: Set dependency for ldconfig to avoid boot issues
Deepthi Hemraj (4):
binutils : Fix CVE-2023-25584
binutils : Fix CVE-2023-25585
binutils : Fix CVE-2023-1972
binutils : Fix CVE-2023-25588
Hitendra Prajapati (1):
connman: fix CVE-2023-28488 DoS in client.c
Kai Kang (1):
webkitgtk: fix CVE-2022-32888 & CVE-2022-32923
Narpat Mali (2):
ffmpeg: fix for CVE-2022-48434
python3-cryptography: fix for CVE-2023-23931
Randolph Sapp (2):
wic/bootimg-efi: if fixed-size is set then use that for mkdosfs
kernel-devicetree: allow specification of dtb directory
Ranjitsinh Rathod (1):
libbsd: Add correct license for all packages
Shubham Kulkarni (1):
go: Security fix for CVE-2023-24538
Vivek Kumbhar (2):
freetype: fix CVE-2023-2004 integer overflowin in
tt_hvadvance_adjust() in src/truetype/ttgxvar.c
go: fix CVE-2023-24534 denial of service from excessive memory
allocation
meta/classes/kernel-devicetree.bbclass | 22 +-
meta/classes/kernel.bbclass | 2 +
.../connman/connman/CVE-2023-28488.patch | 60 ++
.../connman/connman_1.41.bb | 1 +
.../binutils/binutils-2.38.inc | 6 +
.../binutils/0022-CVE-2023-25584-1.patch | 56 ++
.../binutils/0022-CVE-2023-25584-2.patch | 38 ++
.../binutils/0022-CVE-2023-25584-3.patch | 534 ++++++++++++++++++
.../binutils/0023-CVE-2023-25585.patch | 54 ++
.../binutils/0025-CVE-2023-25588.patch | 147 +++++
.../binutils/0026-CVE-2023-1972.patch | 41 ++
meta/recipes-devtools/go/go-1.17.13.inc | 2 +
.../go/go-1.18/CVE-2023-24534.patch | 200 +++++++
.../go/go-1.18/CVE-2023-24538.patch | 208 +++++++
.../python3-cryptography/CVE-2023-23931.patch | 49 ++
.../python/python3-cryptography_36.0.2.bb | 1 +
.../run-postinsts/run-postinsts.service | 2 +-
.../freetype/freetype/CVE-2023-2004.patch | 41 ++
.../freetype/freetype_2.11.1.bb | 1 +
.../ffmpeg/ffmpeg/CVE-2022-48434.patch | 130 +++++
.../recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb | 3 +-
.../webkit/webkitgtk/CVE-2022-32888.patch | 41 ++
.../webkit/webkitgtk/CVE-2022-32923.patch | 435 ++++++++++++++
meta/recipes-sato/webkit/webkitgtk_2.36.8.bb | 2 +
meta/recipes-support/libbsd/libbsd_0.11.5.bb | 7 +
scripts/lib/wic/plugins/source/bootimg-efi.py | 7 +
26 files changed, 2083 insertions(+), 7 deletions(-)
create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2023-28488.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0022-CVE-2023-25584-1.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0022-CVE-2023-25584-2.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0022-CVE-2023-25584-3.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0023-CVE-2023-25585.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0025-CVE-2023-25588.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0026-CVE-2023-1972.patch
create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2023-24534.patch
create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2023-24538.patch
create mode 100644 meta/recipes-devtools/python/python3-cryptography/CVE-2023-23931.patch
create mode 100644 meta/recipes-graphics/freetype/freetype/CVE-2023-2004.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-48434.patch
create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-32888.patch
create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-32923.patch
--
2.34.1
^ permalink raw reply [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 00/15] Patch review
@ 2023-05-09 22:32 Steve Sakoman
0 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2023-05-09 22:32 UTC (permalink / raw)
To: openembedded-core
Please review this set of patches for kirkstone and have comments back by
end of day Thursday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5285
The following changes since commit 5fca673d8fe0ee97dc37ed2c9941696842cd667a:
run-postinsts: Set dependency for ldconfig to avoid boot issues (2023-05-08 04:15:11 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Archana Polampalli (2):
git: fix CVE-2023-29007
git: fix CVE-2023-25652
Bruce Ashfield (1):
kernel: improve initramfs bundle processing time
Dmitry Baryshkov (1):
linux-firmware: upgrade 20230210 -> 20230404
Martin Jansa (1):
populate_sdk_ext.bbclass: set METADATA_REVISION with an DISTRO
override
Peter Bergin (1):
update-alternatives.bbclass: fix old override syntax
Peter Marko (1):
libxml2: patch CVE-2023-28484 and CVE-2023-29469
Piotr Łobacz (1):
libarchive: Enable acls, xattr for native as well as target
Steve Sakoman (1):
Revert "xserver-xorg: backport fix for CVE-2023-1393"
Thomas Roos (1):
oeqa/utils/metadata.py: Fix running oe-selftest running with no distro
set
Wang Mingyu (2):
wpebackend-fdo: upgrade 1.14.0 -> 1.14.2
xserver-xorg: upgrade 21.1.7 -> 21.1.8
Yoann Congal (1):
linux-yocto: Exclude 121 CVEs already fixed upstream
Zhixiong Chi (1):
libpam: Fix the xtests/tst-pam_motd[1|3] failures
bkylerussell@gmail.com (1):
kernel-devsrc: depend on python3-core instead of python3
meta/classes/kernel.bbclass | 2 +-
meta/classes/populate_sdk_ext.bbclass | 3 +-
meta/classes/update-alternatives.bbclass | 4 +-
meta/lib/oeqa/utils/metadata.py | 6 +-
.../libxml/libxml2/CVE-2023-28484.patch | 79 ++
.../libxml/libxml2/CVE-2023-29469.patch | 42 +
meta/recipes-core/libxml/libxml2_2.9.14.bb | 2 +
.../git/git/CVE-2023-25652.patch | 94 ++
.../git/git/CVE-2023-29007.patch | 162 ++++
meta/recipes-devtools/git/git_2.35.7.bb | 2 +
.../libarchive/libarchive_3.6.2.bb | 6 +-
...rely-on-all-filesystems-providing-a-.patch | 108 +++
meta/recipes-extended/pam/libpam_1.5.2.bb | 1 +
...posite-Fix-use-after-free-of-the-COW.patch | 46 -
...-xorg_21.1.7.bb => xserver-xorg_21.1.8.bb} | 5 +-
...20230210.bb => linux-firmware_20230404.bb} | 6 +-
meta/recipes-kernel/linux/cve-exclusion.inc | 875 ++++++++++++++++++
meta/recipes-kernel/linux/kernel-devsrc.bb | 2 +-
meta/recipes-kernel/linux/linux-yocto.inc | 3 +
...fdo_1.14.0.bb => wpebackend-fdo_1.14.2.bb} | 2 +-
20 files changed, 1384 insertions(+), 66 deletions(-)
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2023-28484.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2023-29469.patch
create mode 100644 meta/recipes-devtools/git/git/CVE-2023-25652.patch
create mode 100644 meta/recipes-devtools/git/git/CVE-2023-29007.patch
create mode 100644 meta/recipes-extended/pam/libpam/0001-pam_motd-do-not-rely-on-all-filesystems-providing-a-.patch
delete mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-composite-Fix-use-after-free-of-the-COW.patch
rename meta/recipes-graphics/xorg-xserver/{xserver-xorg_21.1.7.bb => xserver-xorg_21.1.8.bb} (80%)
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20230210.bb => linux-firmware_20230404.bb} (99%)
create mode 100644 meta/recipes-kernel/linux/cve-exclusion.inc
rename meta/recipes-sato/webkit/{wpebackend-fdo_1.14.0.bb => wpebackend-fdo_1.14.2.bb} (90%)
--
2.34.1
^ permalink raw reply [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 00/15] Patch review
@ 2023-12-08 2:33 Steve Sakoman
0 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2023-12-08 2:33 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Monday, December 11
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6300
The following changes since commit 11da43b58e19583a9bc16044309610cfb2e86469:
systemtap_git: fix used uninitialized error (2023-11-28 05:11:52 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Bruce Ashfield (3):
linux-yocto/5.10: update to v5.10.198
linux-yocto/5.10: update to v5.10.200
linux-yocto/5.10: update to v5.10.202
Lee Chee Yang (1):
xwayland: fix CVE-2023-5367
Narpat Mali (1):
python3-cryptography: fix CVE-2023-49083
Niko Mauno (1):
rust-llvm: Allow overriding LLVM target archs
Richard Purdie (5):
rust-common: Set llvm-target correctly for cross SDK targets
rust-cross-canadian: Fix ordering of target json config generation
rust-cross/rust-common: Merge arm target handling code to fix
cross-canadian
rust-cross: Simplfy the rust_gen_target calls
native: Clear TUNE_FEATURES/ABIEXTENSION
Steve Sakoman (1):
cve-exclusion_5.10.inc: update for 5.10.202
Tim Orling (1):
vim: upgrade 9.0.2068 -> 9.0.2130
Vivek Kumbhar (1):
libsndfile: fix CVE-2022-33065 Signed integer overflow in src/mat4.c
Wenlin Kang (1):
bash: changes to SIGINT handler while waiting for a child
meta/classes/native.bbclass | 2 +
.../python3-cryptography/CVE-2023-49083.patch | 53 ++++
.../python/python3-cryptography_36.0.2.bb | 1 +
meta/recipes-devtools/rust/rust-common.inc | 24 +-
.../rust/rust-cross-canadian-common.inc | 5 +-
meta/recipes-devtools/rust/rust-cross.inc | 21 +-
meta/recipes-devtools/rust/rust-llvm.inc | 4 +-
...T-handler-while-waiting-for-a-child-.patch | 229 ++++++++++++++++++
meta/recipes-extended/bash/bash_5.1.16.bb | 1 +
.../xwayland/xwayland/CVE-2023-5367.patch | 85 +++++++
.../xwayland/xwayland_22.1.8.bb | 4 +-
.../linux/cve-exclusion_5.10.inc | 92 +++++--
.../linux/linux-yocto-rt_5.10.bb | 6 +-
.../linux/linux-yocto-tiny_5.10.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.10.bb | 24 +-
.../libsndfile1/CVE-2022-33065.patch | 46 ++++
.../libsndfile/libsndfile1_1.0.31.bb | 1 +
meta/recipes-support/vim/vim.inc | 4 +-
18 files changed, 542 insertions(+), 68 deletions(-)
create mode 100644 meta/recipes-devtools/python/python3-cryptography/CVE-2023-49083.patch
create mode 100644 meta/recipes-extended/bash/bash/0001-changes-to-SIGINT-handler-while-waiting-for-a-child-.patch
create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2023-5367.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065.patch
--
2.34.1
^ permalink raw reply [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 00/15] Patch review
@ 2024-03-20 16:09 Steve Sakoman
0 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2024-03-20 16:09 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Friday, March 22
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6699
The following changes since commit 2501534c9581c6c3439f525d630be11554a57d24:
build-appliance-image: Update to kirkstone head revision (2024-03-13 07:39:46 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Alex Kiernan (1):
wireless-regdb: Upgrade 2023.09.01 -> 2024.01.23
Alexander Kanavin (1):
linux-firmware: upgrade 20231211 -> 20240220
Haitao Liu (1):
glibc: Fix subscript typos for get_nscd_addresses
Martin Jansa (1):
stress-ng: avoid calling sync during do_compile
Meenali Gupta (1):
expat: fix CVE-2023-52426
Michael Halstead (1):
yocto-uninative: Update to 4.4 for glibc 2.39
Peter Marko (1):
expat: patch CVE-2024-28757
Vijay Anusuri (1):
python3-cryptography: Backport fix for CVE-2024-26130
Wang Mingyu (1):
wireless-regdb: upgrade 2023.05.03 -> 2023.09.01
Yoann Congal (6):
cve-update-nvd2-native: Fix typo in comment
cve-update-nvd2-native: Add an age threshold for incremental update
cve-update-nvd2-native: Remove duplicated CVE_CHECK_DB_FILE definition
cve-update-nvd2-native: nvd_request_next: Improve comment
cve-update-nvd2-native: Fix CVE configuration update
cve-update-nvd2-native: Remove rejected CVE from database
meta/conf/distro/include/yocto-uninative.inc | 10 +-
.../expat/expat/CVE-2023-52426-001.patch | 35 ++
.../expat/expat/CVE-2023-52426-002.patch | 72 +++
.../expat/expat/CVE-2023-52426-003.patch | 28 ++
.../expat/expat/CVE-2023-52426-004.patch | 429 ++++++++++++++++++
.../expat/expat/CVE-2023-52426-005.patch | 34 ++
.../expat/expat/CVE-2023-52426-006.patch | 174 +++++++
.../expat/expat/CVE-2023-52426-007.patch | 53 +++
.../expat/expat/CVE-2023-52426-008.patch | 37 ++
.../expat/expat/CVE-2023-52426-009.patch | 354 +++++++++++++++
.../expat/expat/CVE-2023-52426-010.patch | 50 ++
.../expat/expat/CVE-2023-52426-011.patch | 45 ++
.../expat/expat/CVE-2024-28757.patch | 58 +++
meta/recipes-core/expat/expat_2.5.0.bb | 12 +
...dresses-Fix-subscript-typos-BZ-29605.patch | 40 ++
meta/recipes-core/glibc/glibc_2.35.bb | 1 +
.../meta/cve-update-nvd2-native.bb | 35 +-
.../python3-cryptography/CVE-2024-26130.patch | 66 +++
.../python/python3-cryptography_36.0.2.bb | 1 +
.../0001-Makefile-avoid-calling-sync.patch | 35 ++
.../stress-ng/stress-ng_0.13.12.bb | 1 +
...20231211.bb => linux-firmware_20240220.bb} | 6 +-
....05.03.bb => wireless-regdb_2024.01.23.bb} | 4 +-
23 files changed, 1562 insertions(+), 18 deletions(-)
create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52426-001.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52426-002.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52426-003.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52426-004.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52426-005.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52426-006.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52426-007.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52426-008.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52426-009.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52426-010.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52426-011.patch
create mode 100755 meta/recipes-core/expat/expat/CVE-2024-28757.patch
create mode 100644 meta/recipes-core/glibc/glibc/0002-get_nscd_addresses-Fix-subscript-typos-BZ-29605.patch
create mode 100644 meta/recipes-devtools/python/python3-cryptography/CVE-2024-26130.patch
create mode 100644 meta/recipes-extended/stress-ng/stress-ng-0.13.12/0001-Makefile-avoid-calling-sync.patch
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20231211.bb => linux-firmware_20240220.bb} (99%)
rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2023.05.03.bb => wireless-regdb_2024.01.23.bb} (88%)
--
2.34.1
^ permalink raw reply [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 00/15] Patch review
@ 2024-09-23 13:13 Steve Sakoman
0 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2024-09-23 13:13 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Tuesday, September 24
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/7353
The following changes since commit 88630352d6d1cfee06787fa84b73ca8ad335cb08:
libedit: Make docs generation deterministic (2024-09-11 05:03:48 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Colin McAllister (2):
busybox: Fix cut with "-s" flag
udev-extraconf: Add collect flag to mount
Divya Chellam (1):
python3: Upgrade 3.10.14 -> 3.10.15
Konrad Weihmann (3):
runqemu: keep generating tap devices
testimage: fallback for empty IMAGE_LINK_NAME
testexport: fallback for empty IMAGE_LINK_NAME
Michael Halstead (2):
yocto-uninative: Update to 4.5 for gcc 14
yocto-uninative: Update to 4.6 for glibc 2.40
Pedro Ferreira (2):
buildhistory: Fix intermittent package file list creation
buildhistory: Restoring files from preserve list
Richard Purdie (1):
buildhistory: Simplify intercept call sites and drop
SSTATEPOSTINSTFUNC usage
Rohini Sangam (1):
cups: Security fix for CVE-2024-35235
Ross Burton (1):
lib/oeqa: rename assertRaisesRegexp to assertRaisesRegex
Vijay Anusuri (1):
libpcap: Security fix for CVE-2023-7256 & CVE-2024-8006
Vivek Kumbhar (1):
webkitgtk: Security fix CVE-2024-40779
meta/classes/buildhistory.bbclass | 71 ++-
meta/classes/sstate.bbclass | 5 +-
meta/classes/testexport.bbclass | 2 +-
meta/classes/testimage.bbclass | 4 +-
meta/conf/distro/include/yocto-uninative.inc | 10 +-
meta/lib/oeqa/selftest/cases/runcmd.py | 4 +-
.../libpcap/libpcap/CVE-2023-7256-pre1.patch | 99 ++++
.../libpcap/libpcap/CVE-2023-7256-pre2.patch | 131 +++++
.../libpcap/libpcap/CVE-2023-7256-pre3.patch | 67 +++
.../libpcap/libpcap/CVE-2023-7256-pre4.patch | 37 ++
.../libpcap/libpcap/CVE-2023-7256.patch | 368 +++++++++++++
.../libpcap/libpcap/CVE-2024-8006.patch | 42 ++
.../libpcap/libpcap_1.10.1.bb | 10 +-
...1-cut-Fix-s-flag-to-omit-blank-lines.patch | 66 +++
meta/recipes-core/busybox/busybox_1.35.0.bb | 1 +
.../recipes-core/udev/udev-extraconf/mount.sh | 2 +-
.../python/python3/CVE-2023-27043.patch | 510 ------------------
.../python/python3/CVE-2024-6232.patch | 251 ---------
.../python/python3/CVE-2024-7592.patch | 140 -----
.../python/python3/CVE-2024-8088.patch | 124 -----
...{python3_3.10.14.bb => python3_3.10.15.bb} | 6 +-
meta/recipes-extended/cups/cups.inc | 1 +
.../cups/cups/CVE-2024-35235.patch | 121 +++++
.../webkit/webkitgtk/CVE-2024-40779.patch | 91 ++++
meta/recipes-sato/webkit/webkitgtk_2.36.8.bb | 1 +
scripts/runqemu | 24 +-
26 files changed, 1109 insertions(+), 1079 deletions(-)
create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256-pre1.patch
create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256-pre2.patch
create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256-pre3.patch
create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256-pre4.patch
create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256.patch
create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2024-8006.patch
create mode 100644 meta/recipes-core/busybox/busybox/0001-cut-Fix-s-flag-to-omit-blank-lines.patch
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2023-27043.patch
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2024-6232.patch
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2024-7592.patch
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2024-8088.patch
rename meta/recipes-devtools/python/{python3_3.10.14.bb => python3_3.10.15.bb} (98%)
create mode 100644 meta/recipes-extended/cups/cups/CVE-2024-35235.patch
create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2024-40779.patch
--
2.34.1
^ permalink raw reply [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 00/15] Patch review
@ 2025-02-27 17:39 Steve Sakoman
0 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2025-02-27 17:39 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Monday, March 3
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1094
The following changes since commit 73b5570a16708d1e749b1ec525299d10557cbf56:
vim: Upgrade 9.1.0764 -> 9.1.1043 (2025-02-24 06:54:05 -0800)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Guocai He (2):
tzcode: Update SRC_URI
xz: Update SRC_URI
Jiaying Song (1):
boost: fix do_fetch error
Libo Chen (1):
virglrenderer: fix do_fetch error
Moritz Haase (1):
meta: Enable '-o pipefail' for the SDK installer
Narpat Mali (1):
systemd: upgrade 250.5 -> 250.14
Vijay Anusuri (9):
xserver-xorg: Fix for CVE-2025-26594
xserver-xorg: Fix for CVE-2025-26595
xserver-xorg: Fix for CVE-2025-26596
xserver-xorg: Fix for CVE-2025-26597
xserver-xorg: Fix for CVE-2025-26598
xserver-xorg: Fix for CVE-2025-26599
xserver-xorg: Fix for CVE-2025-26600
xserver-xorg: Fix for CVE-2025-26601
bind: Upgrade 9.18.28 -> 9.18.33
meta/files/toolchain-shar-extract.sh | 5 +
.../bind/{bind_9.18.28.bb => bind_9.18.33.bb} | 2 +-
...d-boot_250.5.bb => systemd-boot_250.14.bb} | 0
meta/recipes-core/systemd/systemd.inc | 2 +-
.../0001-Adjust-for-musl-headers.patch | 20 +-
...sysctl.d-binfmt.d-modules-load.d-to-.patch | 18 +-
...1-core-fix-build-when-seccomp-is-off.patch | 41 ++
...ass-correct-parameters-to-getdents64.patch | 49 ++-
...w-json_variant_dump-to-return-an-err.patch | 60 ---
.../0002-Add-sys-stat.h-for-S_IFDIR.patch | 6 +-
...3-missing_type.h-add-comparison_fn_t.patch | 6 +-
...k-parse_printf_format-implementation.patch | 6 +-
...missing.h-check-for-missing-strndupa.patch | 62 ++-
...OB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch | 8 +-
...008-add-missing-FTW_-macros-for-musl.patch | 4 +-
..._register_atfork-for-non-glibc-build.patch | 6 +-
...10-Use-uintmax_t-for-handling-rlim_t.patch | 6 +-
...sable-tests-for-missing-typedefs-in-.patch | 2 +-
...T_SYMLINK_NOFOLLOW-flag-to-faccessat.patch | 4 +-
...patible-basename-for-non-glibc-syste.patch | 2 +-
...uffering-when-writing-to-oom_score_a.patch | 6 +-
...compliant-strerror_r-from-GNU-specif.patch | 2 +-
...definition-of-prctl_mm_map-structure.patch | 2 +-
.../0021-test-json.c-define-M_PIl.patch | 4 +-
...-not-disable-buffer-in-writing-files.patch | 38 +-
.../0025-Handle-__cpu_mask-usage.patch | 2 +-
.../systemd/0026-Handle-missing-gshadow.patch | 4 +-
...l.h-Define-MIPS-ABI-defines-for-musl.patch | 4 +-
.../systemd/systemd/CVE-2022-3821.patch | 45 --
.../systemd/systemd/CVE-2022-4415-1.patch | 109 -----
.../systemd/systemd/CVE-2022-4415-2.patch | 391 ------------------
.../systemd/systemd/CVE-2022-45873.patch | 124 ------
.../systemd/systemd/CVE-2023-7008.patch | 40 --
.../{systemd_250.5.bb => systemd_250.14.bb} | 7 +-
meta/recipes-extended/timezone/timezone.inc | 8 +-
meta/recipes-extended/xz/xz_5.2.6.bb | 2 +-
.../virglrenderer/virglrenderer_0.9.1.bb | 2 +-
.../xserver-xorg/CVE-2025-26594-1.patch | 54 +++
.../xserver-xorg/CVE-2025-26594-2.patch | 51 +++
.../xserver-xorg/CVE-2025-26595.patch | 65 +++
.../xserver-xorg/CVE-2025-26596.patch | 49 +++
.../xserver-xorg/CVE-2025-26597.patch | 46 +++
.../xserver-xorg/CVE-2025-26598.patch | 120 ++++++
.../xserver-xorg/CVE-2025-26599-1.patch | 66 +++
.../xserver-xorg/CVE-2025-26599-2.patch | 129 ++++++
.../xserver-xorg/CVE-2025-26600.patch | 68 +++
.../xserver-xorg/CVE-2025-26601-1.patch | 71 ++++
.../xserver-xorg/CVE-2025-26601-2.patch | 85 ++++
.../xserver-xorg/CVE-2025-26601-3.patch | 52 +++
.../xserver-xorg/CVE-2025-26601-4.patch | 132 ++++++
.../xorg-xserver/xserver-xorg_21.1.8.bb | 13 +
meta/recipes-support/boost/boost-1.78.0.inc | 2 +-
52 files changed, 1201 insertions(+), 901 deletions(-)
rename meta/recipes-connectivity/bind/{bind_9.18.28.bb => bind_9.18.33.bb} (97%)
rename meta/recipes-core/systemd/{systemd-boot_250.5.bb => systemd-boot_250.14.bb} (100%)
create mode 100644 meta/recipes-core/systemd/systemd/0001-core-fix-build-when-seccomp-is-off.patch
delete mode 100644 meta/recipes-core/systemd/systemd/0001-shared-json-allow-json_variant_dump-to-return-an-err.patch
delete mode 100644 meta/recipes-core/systemd/systemd/CVE-2022-3821.patch
delete mode 100644 meta/recipes-core/systemd/systemd/CVE-2022-4415-1.patch
delete mode 100644 meta/recipes-core/systemd/systemd/CVE-2022-4415-2.patch
delete mode 100644 meta/recipes-core/systemd/systemd/CVE-2022-45873.patch
delete mode 100644 meta/recipes-core/systemd/systemd/CVE-2023-7008.patch
rename meta/recipes-core/systemd/{systemd_250.5.bb => systemd_250.14.bb} (99%)
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2025-26594-1.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2025-26594-2.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2025-26595.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2025-26596.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2025-26597.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2025-26598.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2025-26599-1.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2025-26599-2.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2025-26600.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2025-26601-1.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2025-26601-2.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2025-26601-3.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2025-26601-4.patch
--
2.43.0
^ permalink raw reply [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 00/15] Patch review
@ 2025-05-13 19:07 Steve Sakoman
0 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2025-05-13 19:07 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Thursday, May 15
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1582
The following changes since commit 00f7a2f60dd6de95a1a47fa642978613ce76dc56:
glibc: Add single-threaded fast path to rand() (2025-05-09 09:01:16 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Aleksandar Nikolic (1):
scripts/install-buildtools: Update to 4.0.26
Alexander Kanavin (1):
perl: enable _GNU_SOURCE define via d_gnulibc
Alon Bar-Lev (1):
module.bbclass: add KBUILD_EXTRA_SYMBOLS to install
Deepesh Varatharajan (1):
glibc: stable 2.35 branch updates
Peter Marko (1):
perl: patch CVE-2024-56406
Vijay Anusuri (10):
libsoup-2.4: Update fix CVE-2024-52532
libsoup-2.4: Fix CVE-2025-32906
libsoup-2.4: Fix CVE-2025-32909
libsoup: update fix CVE-2024-52532
libsoup: Fix CVE-2025-32906
libsoup: Fix CVE-2025-32909
libsoup: Fix CVE-2025-32910
libsoup: Fix CVE-2025-32911 & CVE-2025-32913
libsoup: Fix CVE-2025-32912
libsoup: Fix CVE-2025-32914
meta/classes/module.bbclass | 1 +
meta/recipes-core/glibc/glibc-version.inc | 2 +-
...4-56406-Heap-buffer-overflow-with-tr.patch | 30 ++++
meta/recipes-devtools/perl/perl_5.34.3.bb | 2 +
.../libsoup-2.4/CVE-2024-52532-3.patch | 46 ++++++
.../libsoup-2.4/CVE-2025-32906-1.patch | 61 +++++++
.../libsoup-2.4/CVE-2025-32906-2.patch | 83 ++++++++++
.../libsoup/libsoup-2.4/CVE-2025-32909.patch | 36 +++++
.../libsoup/libsoup-2.4_2.74.2.bb | 4 +
.../libsoup/libsoup/CVE-2024-52532-3.patch | 46 ++++++
.../libsoup/libsoup/CVE-2025-32906-1.patch | 61 +++++++
.../libsoup/libsoup/CVE-2025-32906-2.patch | 83 ++++++++++
.../libsoup/libsoup/CVE-2025-32909.patch | 36 +++++
.../libsoup/libsoup/CVE-2025-32910-1.patch | 98 ++++++++++++
.../libsoup/libsoup/CVE-2025-32910-2.patch | 149 ++++++++++++++++++
.../libsoup/libsoup/CVE-2025-32910-3.patch | 27 ++++
.../CVE-2025-32911_CVE-2025-32913-1.patch | 72 +++++++++
.../CVE-2025-32911_CVE-2025-32913-2.patch | 44 ++++++
.../libsoup/libsoup/CVE-2025-32912-1.patch | 41 +++++
.../libsoup/libsoup/CVE-2025-32912-2.patch | 30 ++++
.../libsoup/libsoup/CVE-2025-32914.patch | 111 +++++++++++++
meta/recipes-support/libsoup/libsoup_3.0.7.bb | 12 ++
scripts/install-buildtools | 4 +-
23 files changed, 1076 insertions(+), 3 deletions(-)
create mode 100644 meta/recipes-devtools/perl/files/0001-CVE-2024-56406-Heap-buffer-overflow-with-tr.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2024-52532-3.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32906-1.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32906-2.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32909.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2024-52532-3.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32906-1.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32906-2.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32909.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32910-1.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32910-2.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32910-3.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32911_CVE-2025-32913-1.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32911_CVE-2025-32913-2.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32912-1.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32912-2.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32914.patch
--
2.43.0
^ permalink raw reply [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 00/15] Patch review
@ 2025-06-10 19:38 Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 01/15] ghostscript: fix CVE-2025-48708 Steve Sakoman
` (14 more replies)
0 siblings, 15 replies; 25+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:38 UTC (permalink / raw)
To: openembedded-core
Please review this set of hcanges for kirkstone and have comments back by
end of day Thursday, June 12
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1770
The following changes since commit 415e73d53e5342f3f6ff6acd521ded2df3fbca1f:
nfs-utils: don't use signals to shut down nfs server. (2025-05-29 08:22:59 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Archana Polampalli (4):
ghostscript: fix CVE-2025-48708
ffmpeg: upgrade 5.0.1 -> 5.0.3
ffmpeg: fix CVE-2025-22919
ffmpeg: fix CVE-2025-22921
Deepesh Varatharajan (1):
binutils: Fix CVE-2025-5244 & CVE-2025-5245
Divya Chellam (2):
screen: fix CVE-2025-46802
screen: fix CVE-2025-46804
Harish Sadineni (1):
binutils: add CVE-2025-1182 patch file to SRC_URI
Hitendra Prajapati (1):
icu: fix CVE-2025-5222
Jiaying Song (1):
taglib: fix CVE-2023-47466
Martin Jansa (1):
kernel.bbclass: add original package name to RPROVIDES for -image and
-base
Peter Marko (1):
python3: upgrade 3.10.16 -> 3.10.18
Vijay Anusuri (3):
libsoup-2.4: Backport auth tests for CVE-2025-32910
python3-setuptools: Fix CVE-2025-47273
git: Fix CVE-2024-50349 and CVE-2024-52006
meta/classes/kernel.bbclass | 3 +-
.../binutils/binutils-2.38.inc | 3 +
.../binutils/0040-CVE-2025-1182.patch | 18 +-
.../binutils/0041-CVE-2025-5244.patch | 25 ++
.../binutils/0042-CVE-2025-5245.patch | 38 +++
.../git/git/CVE-2024-50349-0001.patch | 100 ++++++
.../git/git/CVE-2024-50349-0002.patch | 321 ++++++++++++++++++
.../git/git/CVE-2024-52006.patch | 165 +++++++++
meta/recipes-devtools/git/git_2.35.7.bb | 3 +
.../CVE-2025-47273-pre1.patch | 54 +++
.../python3-setuptools/CVE-2025-47273.patch | 59 ++++
.../python/python3-setuptools_59.5.0.bb | 2 +
...ib-termcap-to-linker-flags-to-avoid-.patch | 2 +-
...hell-version-of-python-config-that-w.patch | 2 +-
...file-do-not-compile-.pyc-in-parallel.patch | 2 +-
...sts-due-to-load-variability-on-YP-AB.patch | 6 +-
...e-treat-overflow-in-UID-GID-as-failu.patch | 2 +-
...asename-to-replace-CC-for-checking-c.patch | 16 +-
...detect-multiarch-paths-when-cross-co.patch | 2 +-
...orlines-skip-due-to-load-variability.patch | 2 +-
...report-missing-dependencies-for-disa.patch | 2 +-
...up.py-do-not-add-a-curses-include-pa.patch | 4 +-
.../python/python3/CVE-2025-0938.patch | 131 -------
.../python3/avoid_warning_about_tkinter.patch | 2 +-
.../python/python3/makerace.patch | 2 +-
...{python3_3.10.16.bb => python3_3.10.18.bb} | 3 +-
.../ghostscript/CVE-2025-48708.patch | 46 +++
.../ghostscript/ghostscript_9.55.0.bb | 1 +
.../screen/screen/CVE-2025-46802.patch | 146 ++++++++
.../screen/screen/CVE-2025-46804.patch | 131 +++++++
meta/recipes-extended/screen/screen_4.9.0.bb | 2 +
.../ffmpeg/ffmpeg/CVE-2024-36613.patch | 18 +-
.../ffmpeg/ffmpeg/CVE-2025-22919.patch | 41 +++
.../ffmpeg/ffmpeg/CVE-2025-22921.patch | 34 ++
.../{ffmpeg_5.0.1.bb => ffmpeg_5.0.3.bb} | 9 +-
.../icu/icu/CVE-2025-5222.patch | 164 +++++++++
meta/recipes-support/icu/icu_70.1.bb | 1 +
...ckport-auth-tests-for-CVE-2025-32910.patch | 76 +++++
.../libsoup/libsoup-2.4_2.74.2.bb | 1 +
.../taglib/files/CVE-2023-47466.patch | 38 +++
meta/recipes-support/taglib/taglib_1.12.bb | 4 +-
41 files changed, 1500 insertions(+), 181 deletions(-)
create mode 100644 meta/recipes-devtools/binutils/binutils/0041-CVE-2025-5244.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0042-CVE-2025-5245.patch
create mode 100644 meta/recipes-devtools/git/git/CVE-2024-50349-0001.patch
create mode 100644 meta/recipes-devtools/git/git/CVE-2024-50349-0002.patch
create mode 100644 meta/recipes-devtools/git/git/CVE-2024-52006.patch
create mode 100644 meta/recipes-devtools/python/python3-setuptools/CVE-2025-47273-pre1.patch
create mode 100644 meta/recipes-devtools/python/python3-setuptools/CVE-2025-47273.patch
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2025-0938.patch
rename meta/recipes-devtools/python/{python3_3.10.16.bb => python3_3.10.18.bb} (99%)
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-48708.patch
create mode 100644 meta/recipes-extended/screen/screen/CVE-2025-46802.patch
create mode 100644 meta/recipes-extended/screen/screen/CVE-2025-46804.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22919.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22921.patch
rename meta/recipes-multimedia/ffmpeg/{ffmpeg_5.0.1.bb => ffmpeg_5.0.3.bb} (96%)
create mode 100644 meta/recipes-support/icu/icu/CVE-2025-5222.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/Backport-auth-tests-for-CVE-2025-32910.patch
create mode 100644 meta/recipes-support/taglib/files/CVE-2023-47466.patch
--
2.43.0
^ permalink raw reply [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 01/15] ghostscript: fix CVE-2025-48708
2025-06-10 19:38 [OE-core][kirkstone 00/15] Patch review Steve Sakoman
@ 2025-06-10 19:38 ` Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 02/15] icu: fix CVE-2025-5222 Steve Sakoman
` (13 subsequent siblings)
14 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:38 UTC (permalink / raw)
To: openembedded-core
From: Archana Polampalli <archana.polampalli@windriver.com>
gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1
lacks argument sanitization for the # case. A created PDF document includes
its password in cleartext.
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../ghostscript/CVE-2025-48708.patch | 46 +++++++++++++++++++
.../ghostscript/ghostscript_9.55.0.bb | 1 +
2 files changed, 47 insertions(+)
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-48708.patch
diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2025-48708.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2025-48708.patch
new file mode 100644
index 0000000000..5c8069a4ea
--- /dev/null
+++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2025-48708.patch
@@ -0,0 +1,46 @@
+From 5b5968c306b3e35cdeec83bb15026fd74a7334de Mon Sep 17 00:00:00 2001
+From: Ken Sharp <Ken.Sharp@artifex.com>
+Date: Sat, 12 Apr 2025 10:24:43 +0100
+Subject: [PATCH] Argument sanitisation - handle '#' as per '='
+
+Bug 708446
+
+CVE: CVE-2025-48708
+
+Upstream-Status: Backport [https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=5b5968c306b3e35cdeec83bb15026fd74a7334de]
+
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ base/gslibctx.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/base/gslibctx.c b/base/gslibctx.c
+index 2cf5c9dda..40ff984f9 100644
+--- a/base/gslibctx.c
++++ b/base/gslibctx.c
+@@ -1225,9 +1225,9 @@ gs_lib_ctx_stash_sanitized_arg(gs_lib_ctx_t *ctx, const char *arg)
+ case '-': /* Need to check for permitted file lists */
+ /* By default, we want to keep the key, but lose the value */
+ p = arg+2;
+- while (*p && *p != '=')
++ while (*p && *p != '=' && *p != '#')
+ p++;
+- if (*p == '=')
++ if (*p == '=' || *p == '#')
+ p++;
+ if (*p == 0)
+ break; /* No value to elide */
+@@ -1269,9 +1269,9 @@ gs_lib_ctx_stash_sanitized_arg(gs_lib_ctx_t *ctx, const char *arg)
+ case 'S':
+ /* By default, we want to keep the key, but lose the value */
+ p = arg+2;
+- while (*p && *p != '=')
++ while (*p && *p != '=' && *p != '#')
+ p++;
+- if (*p == '=')
++ if (*p == '=' || *p == '#')
+ p++;
+ if (*p == 0)
+ break; /* No value to elide */
+--
+2.40.0
diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb b/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
index e872fbe88c..3b50ac1409 100644
--- a/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
+++ b/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
@@ -73,6 +73,7 @@ SRC_URI_BASE = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/d
file://CVE-2025-27835.patch \
file://CVE-2025-27836-1.patch \
file://CVE-2025-27836-2.patch \
+ file://CVE-2025-48708.patch \
"
SRC_URI = "${SRC_URI_BASE} \
--
2.43.0
^ permalink raw reply related [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 02/15] icu: fix CVE-2025-5222
2025-06-10 19:38 [OE-core][kirkstone 00/15] Patch review Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 01/15] ghostscript: fix CVE-2025-48708 Steve Sakoman
@ 2025-06-10 19:38 ` Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 03/15] libsoup-2.4: Backport auth tests for CVE-2025-32910 Steve Sakoman
` (12 subsequent siblings)
14 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:38 UTC (permalink / raw)
To: openembedded-core
From: Hitendra Prajapati <hprajapati@mvista.com>
Upstream-Status: Backport from https://github.com/unicode-org/icu/commit/2c667e31cfd0b6bb1923627a932fd3453a5bac77
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../icu/icu/CVE-2025-5222.patch | 164 ++++++++++++++++++
meta/recipes-support/icu/icu_70.1.bb | 1 +
2 files changed, 165 insertions(+)
create mode 100644 meta/recipes-support/icu/icu/CVE-2025-5222.patch
diff --git a/meta/recipes-support/icu/icu/CVE-2025-5222.patch b/meta/recipes-support/icu/icu/CVE-2025-5222.patch
new file mode 100644
index 0000000000..f71287c935
--- /dev/null
+++ b/meta/recipes-support/icu/icu/CVE-2025-5222.patch
@@ -0,0 +1,164 @@
+From 2c667e31cfd0b6bb1923627a932fd3453a5bac77 Mon Sep 17 00:00:00 2001
+From: Frank Tang <ftang@chromium.org>
+Date: Wed, 22 Jan 2025 11:50:59 -0800
+Subject: [PATCH] ICU-22973 Fix buffer overflow by using CharString
+
+Upstream-Status: Backport [https://github.com/unicode-org/icu/commit/2c667e31cfd0b6bb1923627a932fd3453a5bac77]
+CVE: CVE-2025-5222
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ tools/genrb/parse.cpp | 47 +++++++++++++++++++++---------------
+ 1 file changed, 28 insertions(+), 19 deletions(-)
+
+diff --git a/tools/genrb/parse.cpp b/tools/genrb/parse.cpp
+index 7d5ffe1..175def0 100644
+--- a/tools/genrb/parse.cpp
++++ b/tools/genrb/parse.cpp
+@@ -818,7 +818,7 @@ addCollation(ParseState* state, TableResource *result, const char *collationTyp
+ struct UString *tokenValue;
+ struct UString comment;
+ enum ETokenType token;
+- char subtag[1024];
++ CharString subtag;
+ UnicodeString rules;
+ UBool haveRules = FALSE;
+ UVersionInfo version;
+@@ -854,7 +854,8 @@ addCollation(ParseState* state, TableResource *result, const char *collationTyp
+ return NULL;
+ }
+
+- u_UCharsToChars(tokenValue->fChars, subtag, u_strlen(tokenValue->fChars) + 1);
++ subtag.clear();
++ subtag.appendInvariantChars(tokenValue->fChars, u_strlen(tokenValue->fChars), *status);
+
+ if (U_FAILURE(*status))
+ {
+@@ -862,7 +863,7 @@ addCollation(ParseState* state, TableResource *result, const char *collationTyp
+ return NULL;
+ }
+
+- member = parseResource(state, subtag, NULL, status);
++ member = parseResource(state, subtag.data(), NULL, status);
+
+ if (U_FAILURE(*status))
+ {
+@@ -873,7 +874,7 @@ addCollation(ParseState* state, TableResource *result, const char *collationTyp
+ {
+ // Ignore the parsed resources, continue parsing.
+ }
+- else if (uprv_strcmp(subtag, "Version") == 0 && member->isString())
++ else if (uprv_strcmp(subtag.data(), "Version") == 0 && member->isString())
+ {
+ StringResource *sr = static_cast<StringResource *>(member);
+ char ver[40];
+@@ -890,11 +891,11 @@ addCollation(ParseState* state, TableResource *result, const char *collationTyp
+ result->add(member, line, *status);
+ member = NULL;
+ }
+- else if(uprv_strcmp(subtag, "%%CollationBin")==0)
++ else if(uprv_strcmp(subtag.data(), "%%CollationBin")==0)
+ {
+ /* discard duplicate %%CollationBin if any*/
+ }
+- else if (uprv_strcmp(subtag, "Sequence") == 0 && member->isString())
++ else if (uprv_strcmp(subtag.data(), "Sequence") == 0 && member->isString())
+ {
+ StringResource *sr = static_cast<StringResource *>(member);
+ rules = sr->fString;
+@@ -1047,7 +1048,7 @@ parseCollationElements(ParseState* state, char *tag, uint32_t startline, UBool n
+ struct UString *tokenValue;
+ struct UString comment;
+ enum ETokenType token;
+- char subtag[1024], typeKeyword[1024];
++ CharString subtag, typeKeyword;
+ uint32_t line;
+
+ result = table_open(state->bundle, tag, NULL, status);
+@@ -1089,7 +1090,8 @@ parseCollationElements(ParseState* state, char *tag, uint32_t startline, UBool n
+ return NULL;
+ }
+
+- u_UCharsToChars(tokenValue->fChars, subtag, u_strlen(tokenValue->fChars) + 1);
++ subtag.clear();
++ subtag.appendInvariantChars(tokenValue->fChars, u_strlen(tokenValue->fChars), *status);
+
+ if (U_FAILURE(*status))
+ {
+@@ -1097,9 +1099,9 @@ parseCollationElements(ParseState* state, char *tag, uint32_t startline, UBool n
+ return NULL;
+ }
+
+- if (uprv_strcmp(subtag, "default") == 0)
++ if (uprv_strcmp(subtag.data(), "default") == 0)
+ {
+- member = parseResource(state, subtag, NULL, status);
++ member = parseResource(state, subtag.data(), NULL, status);
+
+ if (U_FAILURE(*status))
+ {
+@@ -1118,22 +1120,28 @@ parseCollationElements(ParseState* state, char *tag, uint32_t startline, UBool n
+ if(token == TOK_OPEN_BRACE) {
+ token = getToken(state, &tokenValue, &comment, &line, status);
+ TableResource *collationRes;
+- if (keepCollationType(subtag)) {
+- collationRes = table_open(state->bundle, subtag, NULL, status);
++ if (keepCollationType(subtag.data())) {
++ collationRes = table_open(state->bundle, subtag.data(), NULL, status);
+ } else {
+ collationRes = NULL;
+ }
+ // need to parse the collation data regardless
+- collationRes = addCollation(state, collationRes, subtag, startline, status);
++ collationRes = addCollation(state, collationRes, subtag.data(), startline, status);
+ if (collationRes != NULL) {
+ result->add(collationRes, startline, *status);
+ }
+ } else if(token == TOK_COLON) { /* right now, we'll just try to see if we have aliases */
+ /* we could have a table too */
+ token = peekToken(state, 1, &tokenValue, &line, &comment, status);
+- u_UCharsToChars(tokenValue->fChars, typeKeyword, u_strlen(tokenValue->fChars) + 1);
+- if(uprv_strcmp(typeKeyword, "alias") == 0) {
+- member = parseResource(state, subtag, NULL, status);
++ typeKeyword.clear();
++ typeKeyword.appendInvariantChars(tokenValue->fChars, u_strlen(tokenValue->fChars), *status);
++ if (U_FAILURE(*status))
++ {
++ res_close(result);
++ return nullptr;
++ }
++ if(uprv_strcmp(typeKeyword.data(), "alias") == 0) {
++ member = parseResource(state, subtag.data(), NULL, status);
+ if (U_FAILURE(*status))
+ {
+ res_close(result);
+@@ -1175,7 +1183,7 @@ realParseTable(ParseState* state, TableResource *table, char *tag, uint32_t star
+ struct UString *tokenValue=NULL;
+ struct UString comment;
+ enum ETokenType token;
+- char subtag[1024];
++ CharString subtag;
+ uint32_t line;
+ UBool readToken = FALSE;
+
+@@ -1214,7 +1222,8 @@ realParseTable(ParseState* state, TableResource *table, char *tag, uint32_t star
+ }
+
+ if(uprv_isInvariantUString(tokenValue->fChars, -1)) {
+- u_UCharsToChars(tokenValue->fChars, subtag, u_strlen(tokenValue->fChars) + 1);
++ subtag.clear();
++ subtag.appendInvariantChars(tokenValue->fChars, u_strlen(tokenValue->fChars), *status);
+ } else {
+ *status = U_INVALID_FORMAT_ERROR;
+ error(line, "invariant characters required for table keys");
+@@ -1227,7 +1236,7 @@ realParseTable(ParseState* state, TableResource *table, char *tag, uint32_t star
+ return NULL;
+ }
+
+- member = parseResource(state, subtag, &comment, status);
++ member = parseResource(state, subtag.data(), &comment, status);
+
+ if (member == NULL || U_FAILURE(*status))
+ {
+--
+2.49.0
+
diff --git a/meta/recipes-support/icu/icu_70.1.bb b/meta/recipes-support/icu/icu_70.1.bb
index dd684fe5b9..0a4e7f90f6 100644
--- a/meta/recipes-support/icu/icu_70.1.bb
+++ b/meta/recipes-support/icu/icu_70.1.bb
@@ -107,6 +107,7 @@ SRC_URI = "${BASE_SRC_URI};name=code \
file://filter.json \
file://fix-install-manx.patch \
file://0001-icu-Added-armeb-support.patch \
+ file://CVE-2025-5222.patch \
"
SRC_URI:append:class-target = "\
--
2.43.0
^ permalink raw reply related [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 03/15] libsoup-2.4: Backport auth tests for CVE-2025-32910
2025-06-10 19:38 [OE-core][kirkstone 00/15] Patch review Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 01/15] ghostscript: fix CVE-2025-48708 Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 02/15] icu: fix CVE-2025-5222 Steve Sakoman
@ 2025-06-10 19:38 ` Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 04/15] taglib: fix CVE-2023-47466 Steve Sakoman
` (11 subsequent siblings)
14 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:38 UTC (permalink / raw)
To: openembedded-core
From: Vijay Anusuri <vanusuri@mvista.com>
libsoup-2.74.2/tests/auth-test.c:1554:39: error: unknown type name 'SoupServerMessage'; did you mean 'SoupServerClass'?
Fix auth-test.c compilation failure caused by CVE-2025-32910 patch
Link: https://gitlab.gnome.org/GNOME/libsoup/-/commit/9af7d0fc751f7afcd8b03bc827a4d3af0c4556f8
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...ckport-auth-tests-for-CVE-2025-32910.patch | 76 +++++++++++++++++++
.../libsoup/libsoup-2.4_2.74.2.bb | 1 +
2 files changed, 77 insertions(+)
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/Backport-auth-tests-for-CVE-2025-32910.patch
diff --git a/meta/recipes-support/libsoup/libsoup-2.4/Backport-auth-tests-for-CVE-2025-32910.patch b/meta/recipes-support/libsoup/libsoup-2.4/Backport-auth-tests-for-CVE-2025-32910.patch
new file mode 100644
index 0000000000..2c23f57ccf
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/Backport-auth-tests-for-CVE-2025-32910.patch
@@ -0,0 +1,76 @@
+From: Andreas Henriksson <andreas@fatal.se>
+Date: Sat, 26 Apr 2025 20:09:29 +0200
+Subject: Backport auth tests for CVE-2025-32910
+
+Upstream-Status: Backport [import from debian https://salsa.debian.org/gnome-team/libsoup/-/blob/debian/bullseye/debian/patches/Backport-auth-tests-for-CVE-2025-32910.patch?ref_type=heads
+Upstream commit https://gitlab.gnome.org/GNOME/libsoup/-/commit/9af7d0fc751f7afcd8b03bc827a4d3af0c4556f8]
+CVE: CVE-2025-32910
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ tests/auth-test.c | 28 ++++++++++++++++++++--------
+ 1 file changed, 20 insertions(+), 8 deletions(-)
+
+diff --git a/tests/auth-test.c b/tests/auth-test.c
+index 548ac94..f582033 100644
+--- a/tests/auth-test.c
++++ b/tests/auth-test.c
+@@ -1549,14 +1549,26 @@ do_cancel_after_retry_test (void)
+ soup_test_session_abort_unref (session);
+ }
+
++//from upstream commit 9af7d0fc751f7afcd8b03bc827a4d3af0c4556f8
++static gboolean
++on_digest_authenticate (SoupMessage *msg,
++ SoupAuth *auth,
++ gboolean retrying,
++ gpointer user_data)
++{
++ g_assert_false (retrying);
++ soup_auth_authenticate (auth, "user", "good");
++ return TRUE;
++}
++
+ static void
+ on_request_read_for_missing_params (SoupServer *server,
+- SoupServerMessage *msg,
++ SoupMessage *msg,
++ SoupClientContext *client,
+ gpointer user_data)
+ {
+ const char *auth_header = user_data;
+- SoupMessageHeaders *response_headers = soup_server_message_get_response_headers (msg);
+- soup_message_headers_replace (response_headers, "WWW-Authenticate", auth_header);
++ soup_message_headers_replace (msg->response_headers, "WWW-Authenticate", auth_header);
+ }
+
+ static void
+@@ -1567,7 +1579,7 @@ do_missing_params_test (gconstpointer auth_header)
+ SoupServer *server;
+ SoupAuthDomain *digest_auth_domain;
+ gint status;
+- GUri *uri;
++ SoupURI *uri;
+
+ server = soup_test_server_new (SOUP_TEST_SERVER_IN_THREAD);
+ soup_server_add_handler (server, NULL,
+@@ -1586,16 +1598,16 @@ do_missing_params_test (gconstpointer auth_header)
+ G_CALLBACK (on_request_read_for_missing_params),
+ (gpointer)auth_header);
+
+- session = soup_test_session_new (NULL);
++ session = soup_test_session_new (SOUP_TYPE_SESSION_ASYNC, NULL);
+ msg = soup_message_new_from_uri ("GET", uri);
+- g_signal_connect (msg, "authenticate",
++ g_signal_connect (session, "authenticate",
+ G_CALLBACK (on_digest_authenticate),
+ NULL);
+
+- status = soup_test_session_send_message (session, msg);
++ status = soup_session_send_message (session, msg);
+
+ g_assert_cmpint (status, ==, SOUP_STATUS_UNAUTHORIZED);
+- g_uri_unref (uri);
++ soup_uri_free (uri);
+ soup_test_server_quit_unref (server);
+ }
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb
index 46b9e10ac5..bb15e8b926 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb
@@ -26,6 +26,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
file://CVE-2025-32910-1.patch \
file://CVE-2025-32910-2.patch \
file://CVE-2025-32910-3.patch \
+ file://Backport-auth-tests-for-CVE-2025-32910.patch \
file://CVE-2025-32911_CVE-2025-32913-1.patch \
file://CVE-2025-32911_CVE-2025-32913-2.patch \
file://CVE-2025-32912-1.patch \
--
2.43.0
^ permalink raw reply related [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 04/15] taglib: fix CVE-2023-47466
2025-06-10 19:38 [OE-core][kirkstone 00/15] Patch review Steve Sakoman
` (2 preceding siblings ...)
2025-06-10 19:38 ` [OE-core][kirkstone 03/15] libsoup-2.4: Backport auth tests for CVE-2025-32910 Steve Sakoman
@ 2025-06-10 19:38 ` Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 05/15] ffmpeg: upgrade 5.0.1 -> 5.0.3 Steve Sakoman
` (10 subsequent siblings)
14 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:38 UTC (permalink / raw)
To: openembedded-core
From: Jiaying Song <jiaying.song.cn@windriver.com>
TagLib before 2.0 allows a segmentation violation and application crash
during tag writing via a crafted WAV file in which an id3 chunk is the
only valid chunk.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2023-47466
Upstream patch:
https://github.com/taglib/taglib/commit/dfa33bec0806cbb45785accb8cc6c2048a7d40cf
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../taglib/files/CVE-2023-47466.patch | 38 +++++++++++++++++++
meta/recipes-support/taglib/taglib_1.12.bb | 4 +-
2 files changed, 41 insertions(+), 1 deletion(-)
create mode 100644 meta/recipes-support/taglib/files/CVE-2023-47466.patch
diff --git a/meta/recipes-support/taglib/files/CVE-2023-47466.patch b/meta/recipes-support/taglib/files/CVE-2023-47466.patch
new file mode 100644
index 0000000000..8ea8793e0a
--- /dev/null
+++ b/meta/recipes-support/taglib/files/CVE-2023-47466.patch
@@ -0,0 +1,38 @@
+From 41c1c2b3609fc542e357cc80185d90a9a6fccc1a Mon Sep 17 00:00:00 2001
+From: Urs Fleisch <ufleisch@users.sourceforge.net>
+Date: Sun, 5 Nov 2023 14:40:18 +0100
+Subject: [PATCH] Fix crash with invalid WAV files (#1163) (#1164)
+
+With specially crafted WAV files having the "id3 " chunk as the
+only valid chunk, when trying to write the tags, the existing
+"id3 " chunk is removed, and then vector::front() is called on
+the now empty chunks vector.
+Now it is checked if the vector is empty to avoid the crash.
+
+CVE: CVE-2023-47466
+
+Upstream-Status: Backport
+[https://github.com/taglib/taglib/commit/dfa33bec0806cbb45785accb8cc6c2048a7d40cf]
+
+Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
+---
+ taglib/riff/rifffile.cpp | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/taglib/riff/rifffile.cpp b/taglib/riff/rifffile.cpp
+index 005551f..f615e6c 100644
+--- a/taglib/riff/rifffile.cpp
++++ b/taglib/riff/rifffile.cpp
+@@ -361,6 +361,9 @@ void RIFF::File::writeChunk(const ByteVector &name, const ByteVector &data,
+
+ void RIFF::File::updateGlobalSize()
+ {
++ if(d->chunks.empty())
++ return;
++
+ const Chunk first = d->chunks.front();
+ const Chunk last = d->chunks.back();
+ d->size = last.offset + last.size + last.padding - first.offset + 12;
+--
+2.34.1
+
diff --git a/meta/recipes-support/taglib/taglib_1.12.bb b/meta/recipes-support/taglib/taglib_1.12.bb
index 47ad8aacb6..51e03888b4 100644
--- a/meta/recipes-support/taglib/taglib_1.12.bb
+++ b/meta/recipes-support/taglib/taglib_1.12.bb
@@ -9,7 +9,9 @@ LIC_FILES_CHKSUM = "file://COPYING.LGPL;md5=4fbd65380cdd255951079008b364516c \
DEPENDS = "zlib"
-SRC_URI = "http://taglib.github.io/releases/${BP}.tar.gz"
+SRC_URI = "http://taglib.github.io/releases/${BP}.tar.gz \
+ file://CVE-2023-47466.patch \
+ "
SRC_URI[md5sum] = "4313ed2671234e029b7af8f97c84e9af"
SRC_URI[sha256sum] = "7fccd07669a523b07a15bd24c8da1bbb92206cb19e9366c3692af3d79253b703"
--
2.43.0
^ permalink raw reply related [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 05/15] ffmpeg: upgrade 5.0.1 -> 5.0.3
2025-06-10 19:38 [OE-core][kirkstone 00/15] Patch review Steve Sakoman
` (3 preceding siblings ...)
2025-06-10 19:38 ` [OE-core][kirkstone 04/15] taglib: fix CVE-2023-47466 Steve Sakoman
@ 2025-06-10 19:38 ` Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 06/15] ffmpeg: fix CVE-2025-22919 Steve Sakoman
` (9 subsequent siblings)
14 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:38 UTC (permalink / raw)
To: openembedded-core
From: Archana Polampalli <archana.polampalli@windriver.com>
Refreshed CVE-2024-36613.patch against to the current version
Removed below patches since already fixed in this version
0001-avcodec-rpzaenc-stop-accessing-out-of-bounds-frame.patch [1]
0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch [2]
0001-avcodec-vp3-Add-missing-check-for-av_malloc.patch [3]
0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch [4]
CVE-2022-48434.patch [5]
[1] https://github.com/FFmpeg/FFmpeg/commit/1eb002596e3761d88de4aeea3158692b82fb6307
[2] https://github.com/FFmpeg/FFmpeg/commit/293dc39bcaa99f213c6b7a703e11f146abf5d3be
[3] https://github.com/FFmpeg/FFmpeg/commit/2cdddcd6ec90c7a248ffe792d85faa4d89eab9f7
[4] https://github.com/FFmpeg/FFmpeg/commit/481e81be1271ac9a0124ee615700390c2371bd89
[5] https://github.com/FFmpeg/FFmpeg/commit/3bc28e9d1ab33627cea3c632dd6b0c33e22e93ba
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../ffmpeg/ffmpeg/CVE-2024-36613.patch | 18 +++++++++---------
.../{ffmpeg_5.0.1.bb => ffmpeg_5.0.3.bb} | 7 +------
2 files changed, 10 insertions(+), 15 deletions(-)
rename meta/recipes-multimedia/ffmpeg/{ffmpeg_5.0.1.bb => ffmpeg_5.0.3.bb} (96%)
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36613.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36613.patch
index 300b8d1e49..8dc43c3b68 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36613.patch
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36613.patch
@@ -1,8 +1,7 @@
From 1f6fcc64179377114b4ecc3b9f63bd5774a64edf Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Sat, 30 Sep 2023 00:51:29 +0200
-Subject: [PATCH 2/4] avformat/dxa: Adjust order of operations around block
- align
+Subject: [PATCH] avformat/dxa: Adjust order of operations around block align
Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_DXA_fuzzer-5730576523198464
Fixes: signed integer overflow: 2147483566 + 82 cannot be represented in type 'int'
@@ -22,17 +21,18 @@ Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavformat/dxa.c b/libavformat/dxa.c
-index 16fbb08..53747c8 100644
+index 474b852..b4d9d00 100644
--- a/libavformat/dxa.c
+++ b/libavformat/dxa.c
-@@ -120,7 +120,7 @@ static int dxa_read_header(AVFormatContext *s)
- }
- c->bpc = (fsize + c->frames - 1) / c->frames;
- if(ast->codecpar->block_align)
+@@ -122,7 +122,7 @@ static int dxa_read_header(AVFormatContext *s)
+ if(ast->codecpar->block_align) {
+ if (c->bpc > INT_MAX - ast->codecpar->block_align + 1)
+ return AVERROR_INVALIDDATA;
- c->bpc = ((c->bpc + ast->codecpar->block_align - 1) / ast->codecpar->block_align) * ast->codecpar->block_align;
+ c->bpc = ((c->bpc - 1 + ast->codecpar->block_align) / ast->codecpar->block_align) * ast->codecpar->block_align;
+ }
c->bytes_left = fsize;
c->wavpos = avio_tell(pb);
- avio_seek(pb, c->vidpos, SEEK_SET);
---
+--
2.40.0
+
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
similarity index 96%
rename from meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
rename to meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
index 4b99c0fa21..127552396d 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
@@ -24,11 +24,6 @@ LIC_FILES_CHKSUM = "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \
- file://0001-avcodec-rpzaenc-stop-accessing-out-of-bounds-frame.patch \
- file://0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch \
- file://0001-avcodec-vp3-Add-missing-check-for-av_malloc.patch \
- file://0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch \
- file://CVE-2022-48434.patch \
file://CVE-2024-32230.patch \
file://CVE-2023-51793.patch \
file://CVE-2023-50008.patch \
@@ -53,7 +48,7 @@ SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
file://CVE-2025-25473.patch \
"
-SRC_URI[sha256sum] = "ef2efae259ce80a240de48ec85ecb062cecca26e4352ffb3fda562c21a93007b"
+SRC_URI[sha256sum] = "04c70c377de233a4b217c2fdf76b19aeb225a287daeb2348bccd978c47b1a1db"
# CVE-2023-39018 issue belongs to ffmpeg-cli-wrapper (Java wrapper around the FFmpeg CLI)
# and not ffmepg itself.
--
2.43.0
^ permalink raw reply related [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 06/15] ffmpeg: fix CVE-2025-22919
2025-06-10 19:38 [OE-core][kirkstone 00/15] Patch review Steve Sakoman
` (4 preceding siblings ...)
2025-06-10 19:38 ` [OE-core][kirkstone 05/15] ffmpeg: upgrade 5.0.1 -> 5.0.3 Steve Sakoman
@ 2025-06-10 19:38 ` Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 07/15] ffmpeg: fix CVE-2025-22921 Steve Sakoman
` (8 subsequent siblings)
14 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:38 UTC (permalink / raw)
To: openembedded-core
From: Archana Polampalli <archana.polampalli@windriver.com>
A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows
attackers to cause a Denial of Service (DoS) via opening a crafted AAC file.
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../ffmpeg/ffmpeg/CVE-2025-22919.patch | 41 +++++++++++++++++++
.../recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb | 1 +
2 files changed, 42 insertions(+)
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22919.patch
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22919.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22919.patch
new file mode 100644
index 0000000000..5e27ad9d5b
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22919.patch
@@ -0,0 +1,41 @@
+From 145a3a84550a1c3a3b848c12a64b53c3c41d2888 Mon Sep 17 00:00:00 2001
+From: James Almer <jamrial@gmail.com>
+Date: Mon, 30 Dec 2024 00:25:41 -0300
+Subject: [PATCH] avfilter/buffersrc: check for valid sample rate
+
+A sample rate <= 0 is invalid.
+
+Fixes an assert in ffmpeg_enc.c that assumed a valid sample rate would be set.
+Fixes ticket #11385.
+
+Signed-off-by: James Almer <jamrial@gmail.com>
+(cherry picked from commit 1446e37d3d032e1452844778b3e6ba2c20f0c322)
+
+CVE: CVE-2025-22919
+
+Upstream-Status: Backport [https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/145a3a84550a1c3a3b848c12a64b53c3c41d2888]
+
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ libavfilter/buffersrc.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/libavfilter/buffersrc.c b/libavfilter/buffersrc.c
+index b061187..cd2b05d 100644
+--- a/libavfilter/buffersrc.c
++++ b/libavfilter/buffersrc.c
+@@ -335,6 +335,11 @@ static av_cold int init_audio(AVFilterContext *ctx)
+ "channel layout specified\n");
+ return AVERROR(EINVAL);
+ }
++
++ if (s->sample_rate <= 0) {
++ av_log(ctx, AV_LOG_ERROR, "Sample rate not set\n");
++ return AVERROR(EINVAL);
++ }
+
+ if (!s->time_base.num)
+ s->time_base = (AVRational){1, s->sample_rate};
+--
+2.40.0
+
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
index 127552396d..49277f9e2b 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
@@ -46,6 +46,7 @@ SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
file://CVE-2024-28661.patch \
file://CVE-2024-35369.patch \
file://CVE-2025-25473.patch \
+ file://CVE-2025-22919.patch \
"
SRC_URI[sha256sum] = "04c70c377de233a4b217c2fdf76b19aeb225a287daeb2348bccd978c47b1a1db"
--
2.43.0
^ permalink raw reply related [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 07/15] ffmpeg: fix CVE-2025-22921
2025-06-10 19:38 [OE-core][kirkstone 00/15] Patch review Steve Sakoman
` (5 preceding siblings ...)
2025-06-10 19:38 ` [OE-core][kirkstone 06/15] ffmpeg: fix CVE-2025-22919 Steve Sakoman
@ 2025-06-10 19:38 ` Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 08/15] binutils: add CVE-2025-1182 patch file to SRC_URI Steve Sakoman
` (7 subsequent siblings)
14 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:38 UTC (permalink / raw)
To: openembedded-core
From: Archana Polampalli <archana.polampalli@windriver.com>
FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation
violation via the component /libavcodec/jpeg2000dec.c.
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../ffmpeg/ffmpeg/CVE-2025-22921.patch | 34 +++++++++++++++++++
.../recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb | 1 +
2 files changed, 35 insertions(+)
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22921.patch
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22921.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22921.patch
new file mode 100644
index 0000000000..1319dd6a7c
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22921.patch
@@ -0,0 +1,34 @@
+From 7f9c7f9849a2155224711f0ff57ecdac6e4bfb57 Mon Sep 17 00:00:00 2001
+From: James Almer <jamrial@gmail.com>
+Date: Wed, 1 Jan 2025 23:58:39 -0300
+Subject: [PATCH] avcodec/jpeg2000dec: clear array length when freeing it
+
+Fixes NULL pointer dereferences.
+Fixes ticket #11393.
+
+Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
+Signed-off-by: James Almer <jamrial@gmail.com>
+
+CVE: CVE-2025-22921
+
+Upstream-Status: Backport [https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/7f9c7f9849a2155224711f0ff57ecdac6e4bfb57]
+
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ libavcodec/jpeg2000dec.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/libavcodec/jpeg2000dec.c b/libavcodec/jpeg2000dec.c
+index a317040..6c0bd25 100644
+--- a/libavcodec/jpeg2000dec.c
++++ b/libavcodec/jpeg2000dec.c
+@@ -1280,6 +1280,7 @@ static int jpeg2000_decode_packet(Jpeg2000DecoderContext *s, Jpeg2000Tile *tile,
+ }
+ }
+ av_freep(&cblk->lengthinc);
++ cblk->nb_lengthinc = 0;
+ }
+ }
+ // Save state of stream
+--
+2.40.0
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
index 49277f9e2b..4ae444258f 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
@@ -47,6 +47,7 @@ SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
file://CVE-2024-35369.patch \
file://CVE-2025-25473.patch \
file://CVE-2025-22919.patch \
+ file://CVE-2025-22921.patch \
"
SRC_URI[sha256sum] = "04c70c377de233a4b217c2fdf76b19aeb225a287daeb2348bccd978c47b1a1db"
--
2.43.0
^ permalink raw reply related [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 08/15] binutils: add CVE-2025-1182 patch file to SRC_URI
2025-06-10 19:38 [OE-core][kirkstone 00/15] Patch review Steve Sakoman
` (6 preceding siblings ...)
2025-06-10 19:38 ` [OE-core][kirkstone 07/15] ffmpeg: fix CVE-2025-22921 Steve Sakoman
@ 2025-06-10 19:38 ` Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 09/15] python3-setuptools: Fix CVE-2025-47273 Steve Sakoman
` (6 subsequent siblings)
14 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:38 UTC (permalink / raw)
To: openembedded-core
From: Harish Sadineni <Harish.Sadineni@windriver.com>
Forgot to add CVE-2025-1182 patch file to SRC_URI in the following commit
https://lists.openembedded.org/g/openembedded-core/message/217350
After rebasing the CVE-2025-1180.patch, we encountered hunk errors while applying the
CVE-2025-1182.patch, so I have modified the patch accordingly.
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../binutils/binutils-2.38.inc | 1 +
.../binutils/binutils/0040-CVE-2025-1182.patch | 18 +++++++++---------
2 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc
index 01fd03d2f4..085ca2301e 100644
--- a/meta/recipes-devtools/binutils/binutils-2.38.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.38.inc
@@ -75,5 +75,6 @@ SRC_URI = "\
file://0038-CVE-2025-0840.patch \
file://0039-CVE-2025-1178.patch \
file://0040-CVE-2025-1180.patch \
+ file://0040-CVE-2025-1182.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/0040-CVE-2025-1182.patch b/meta/recipes-devtools/binutils/binutils/0040-CVE-2025-1182.patch
index 682f633927..03604bfdd4 100644
--- a/meta/recipes-devtools/binutils/binutils/0040-CVE-2025-1182.patch
+++ b/meta/recipes-devtools/binutils/binutils/0040-CVE-2025-1182.patch
@@ -18,14 +18,14 @@ Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
diff --git a/bfd/elflink.c b/bfd/elflink.c
--- a/bfd/elflink.c
+++ b/bfd/elflink.c
-@@ -14711,6 +14711,10 @@
- }
+@@ -14712,6 +14712,10 @@
+ }
else
- {
-+ if (r_symndx >= rcookie->locsymcount)
-+ /* This can happen with corrupt input. */
-+ return false;
+ {
++ if (r_symndx >= rcookie->locsymcount)
++ /* This can happen with corrupt input. */
++ return false;
+
- /* It's not a relocation against a global symbol,
- but it could be a relocation against a local
- symbol for a discarded section. */
+ /* It's not a relocation against a global symbol,
+ but it could be a relocation against a local
+ symbol for a discarded section. */
--
2.43.0
^ permalink raw reply related [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 09/15] python3-setuptools: Fix CVE-2025-47273
2025-06-10 19:38 [OE-core][kirkstone 00/15] Patch review Steve Sakoman
` (7 preceding siblings ...)
2025-06-10 19:38 ` [OE-core][kirkstone 08/15] binutils: add CVE-2025-1182 patch file to SRC_URI Steve Sakoman
@ 2025-06-10 19:38 ` Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 10/15] binutils: Fix CVE-2025-5244 & CVE-2025-5245 Steve Sakoman
` (5 subsequent siblings)
14 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:38 UTC (permalink / raw)
To: openembedded-core
From: Vijay Anusuri <vanusuri@mvista.com>
Upstream-Status: Backport from
https://github.com/pypa/setuptools/commit/d8390feaa99091d1ba9626bec0e4ba7072fc507a
& https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../CVE-2025-47273-pre1.patch | 54 +++++++++++++++++
.../python3-setuptools/CVE-2025-47273.patch | 59 +++++++++++++++++++
.../python/python3-setuptools_59.5.0.bb | 2 +
3 files changed, 115 insertions(+)
create mode 100644 meta/recipes-devtools/python/python3-setuptools/CVE-2025-47273-pre1.patch
create mode 100644 meta/recipes-devtools/python/python3-setuptools/CVE-2025-47273.patch
diff --git a/meta/recipes-devtools/python/python3-setuptools/CVE-2025-47273-pre1.patch b/meta/recipes-devtools/python/python3-setuptools/CVE-2025-47273-pre1.patch
new file mode 100644
index 0000000000..b273551ffc
--- /dev/null
+++ b/meta/recipes-devtools/python/python3-setuptools/CVE-2025-47273-pre1.patch
@@ -0,0 +1,54 @@
+From d8390feaa99091d1ba9626bec0e4ba7072fc507a Mon Sep 17 00:00:00 2001
+From: "Jason R. Coombs" <jaraco@jaraco.com>
+Date: Sat, 19 Apr 2025 12:49:55 -0400
+Subject: [PATCH] Extract _resolve_download_filename with test.
+
+Upstream-Status: Backport [https://github.com/pypa/setuptools/commit/d8390feaa99091d1ba9626bec0e4ba7072fc507a]
+CVE: CVE-2025-47273 #Dependency Patch
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ setuptools/package_index.py | 20 ++++++++++++++++----
+ 1 file changed, 16 insertions(+), 4 deletions(-)
+
+diff --git a/setuptools/package_index.py b/setuptools/package_index.py
+index 3a893df..f350e11 100644
+--- a/setuptools/package_index.py
++++ b/setuptools/package_index.py
+@@ -786,9 +786,16 @@ class PackageIndex(Environment):
+ raise DistutilsError("Download error for %s: %s"
+ % (url, v)) from v
+
+- def _download_url(self, url, tmpdir):
+- # Determine download filename
+- #
++ @staticmethod
++ def _resolve_download_filename(url, tmpdir):
++ """
++ >>> du = PackageIndex._resolve_download_filename
++ >>> root = getfixture('tmp_path')
++ >>> url = 'https://files.pythonhosted.org/packages/a9/5a/0db.../setuptools-78.1.0.tar.gz'
++ >>> import pathlib
++ >>> str(pathlib.Path(du(url, root)).relative_to(root))
++ 'setuptools-78.1.0.tar.gz'
++ """
+ name, fragment = egg_info_for_url(url)
+ if name:
+ while '..' in name:
+@@ -799,8 +806,13 @@ class PackageIndex(Environment):
+ if name.endswith('.egg.zip'):
+ name = name[:-4] # strip the extra .zip before download
+
+- filename = os.path.join(tmpdir, name)
++ return os.path.join(tmpdir, name)
+
++ def _download_url(self, url, tmpdir):
++ """
++ Determine the download filename.
++ """
++ filename = self._resolve_download_filename(url, tmpdir)
+ return self._download_vcs(url, filename) or self._download_other(url, filename)
+
+ @staticmethod
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/python/python3-setuptools/CVE-2025-47273.patch b/meta/recipes-devtools/python/python3-setuptools/CVE-2025-47273.patch
new file mode 100644
index 0000000000..4b1a01cd34
--- /dev/null
+++ b/meta/recipes-devtools/python/python3-setuptools/CVE-2025-47273.patch
@@ -0,0 +1,59 @@
+From 250a6d17978f9f6ac3ac887091f2d32886fbbb0b Mon Sep 17 00:00:00 2001
+From: "Jason R. Coombs" <jaraco@jaraco.com>
+Date: Sat, 19 Apr 2025 13:03:47 -0400
+Subject: [PATCH] Add a check to ensure the name resolves relative to the
+ tmpdir.
+
+Closes #4946
+
+Upstream-Status: Backport [https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b]
+CVE: CVE-2025-47273
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ setuptools/package_index.py | 18 ++++++++++++++++--
+ 1 file changed, 16 insertions(+), 2 deletions(-)
+
+diff --git a/setuptools/package_index.py b/setuptools/package_index.py
+index f350e11..86bf851 100644
+--- a/setuptools/package_index.py
++++ b/setuptools/package_index.py
+@@ -789,12 +789,20 @@ class PackageIndex(Environment):
+ @staticmethod
+ def _resolve_download_filename(url, tmpdir):
+ """
++ >>> import pathlib
+ >>> du = PackageIndex._resolve_download_filename
+ >>> root = getfixture('tmp_path')
+ >>> url = 'https://files.pythonhosted.org/packages/a9/5a/0db.../setuptools-78.1.0.tar.gz'
+- >>> import pathlib
+ >>> str(pathlib.Path(du(url, root)).relative_to(root))
+ 'setuptools-78.1.0.tar.gz'
++
++ Ensures the target is always in tmpdir.
++
++ >>> url = 'https://anyhost/%2fhome%2fuser%2f.ssh%2fauthorized_keys'
++ >>> du(url, root)
++ Traceback (most recent call last):
++ ...
++ ValueError: Invalid filename...
+ """
+ name, fragment = egg_info_for_url(url)
+ if name:
+@@ -806,7 +814,13 @@ class PackageIndex(Environment):
+ if name.endswith('.egg.zip'):
+ name = name[:-4] # strip the extra .zip before download
+
+- return os.path.join(tmpdir, name)
++ filename = os.path.join(tmpdir, name)
++
++ # ensure path resolves within the tmpdir
++ if not filename.startswith(str(tmpdir)):
++ raise ValueError(f"Invalid filename {filename}")
++
++ return filename
+
+ def _download_url(self, url, tmpdir):
+ """
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/python/python3-setuptools_59.5.0.bb b/meta/recipes-devtools/python/python3-setuptools_59.5.0.bb
index 0c0f1e9d81..b106b188f3 100644
--- a/meta/recipes-devtools/python/python3-setuptools_59.5.0.bb
+++ b/meta/recipes-devtools/python/python3-setuptools_59.5.0.bb
@@ -13,6 +13,8 @@ SRC_URI += "\
file://0001-_distutils-sysconfig-append-STAGING_LIBDIR-python-sy.patch \
file://0001-Limit-the-amount-of-whitespace-to-search-backtrack.-.patch \
file://CVE-2024-6345.patch \
+ file://CVE-2025-47273-pre1.patch \
+ file://CVE-2025-47273.patch \
"
SRC_URI[sha256sum] = "d144f85102f999444d06f9c0e8c737fd0194f10f2f7e5fdb77573f6e2fa4fad0"
--
2.43.0
^ permalink raw reply related [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 10/15] binutils: Fix CVE-2025-5244 & CVE-2025-5245
2025-06-10 19:38 [OE-core][kirkstone 00/15] Patch review Steve Sakoman
` (8 preceding siblings ...)
2025-06-10 19:38 ` [OE-core][kirkstone 09/15] python3-setuptools: Fix CVE-2025-47273 Steve Sakoman
@ 2025-06-10 19:38 ` Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 11/15] screen: fix CVE-2025-46802 Steve Sakoman
` (4 subsequent siblings)
14 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:38 UTC (permalink / raw)
To: openembedded-core
From: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
PR32858 ld segfault on fuzzed object
We missed one place where it is necessary to check for empty groups.
PR32829, SEGV on objdump function debug_type_samep
u.kenum is always non-NULL, see debug_make_enum_type.
Upstream-Status: Backport
[https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=d1458933830456e54223d9fc61f0d9b3a19256f5]
&& [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=6c3458a8b7ee7d39f070c7b2350851cb2110c65a]
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../binutils/binutils-2.38.inc | 2 +
.../binutils/0041-CVE-2025-5244.patch | 25 ++++++++++++
.../binutils/0042-CVE-2025-5245.patch | 38 +++++++++++++++++++
3 files changed, 65 insertions(+)
create mode 100644 meta/recipes-devtools/binutils/binutils/0041-CVE-2025-5244.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0042-CVE-2025-5245.patch
diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc
index 085ca2301e..f1c29015bc 100644
--- a/meta/recipes-devtools/binutils/binutils-2.38.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.38.inc
@@ -76,5 +76,7 @@ SRC_URI = "\
file://0039-CVE-2025-1178.patch \
file://0040-CVE-2025-1180.patch \
file://0040-CVE-2025-1182.patch \
+ file://0041-CVE-2025-5244.patch \
+ file://0042-CVE-2025-5245.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/0041-CVE-2025-5244.patch b/meta/recipes-devtools/binutils/binutils/0041-CVE-2025-5244.patch
new file mode 100644
index 0000000000..e8855a4b4b
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0041-CVE-2025-5244.patch
@@ -0,0 +1,25 @@
+From: Alan Modra <amodra@gmail.com>
+Date: Thu, 10 Apr 2025 19:41:49 +0930
+
+Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=d1458933830456e54223d9fc61f0d9b3a19256f5]
+CVE: CVE-2025-5244
+
+PR32858 ld segfault on fuzzed object
+We missed one place where it is necessary to check for empty groups.
+
+Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
+
+diff --git a/bfd/elflink.c b/bfd/elflink.c
+index a76e8e38da7..549b7b7dd92 100644
+--- a/bfd/elflink.c
++++ b/bfd/elflink.c
+@@ -14408,7 +14408,8 @@ elf_gc_sweep (bfd *abfd, struct bfd_link_info *info)
+ if (o->flags & SEC_GROUP)
+ {
+ asection *first = elf_next_in_group (o);
+- o->gc_mark = first->gc_mark;
++ if (first != NULL)
++ o->gc_mark = first->gc_mark;
+ }
+
+ if (o->gc_mark)
diff --git a/meta/recipes-devtools/binutils/binutils/0042-CVE-2025-5245.patch b/meta/recipes-devtools/binutils/binutils/0042-CVE-2025-5245.patch
new file mode 100644
index 0000000000..2de6abbe93
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0042-CVE-2025-5245.patch
@@ -0,0 +1,38 @@
+From: Alan Modra <amodra@gmail.com>
+Date: Tue, 1 Apr 2025 22:36:54 +1030
+
+PR32829, SEGV on objdump function debug_type_samep
+u.kenum is always non-NULL, see debug_make_enum_type.
+
+Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=6c3458a8b7ee7d39f070c7b2350851cb2110c65a]
+CVE: CVE-2025-5245
+
+Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
+
+diff --git a/binutils/debug.c b/binutils/debug.c
+index dcc8ccde..465b18e7 100644
+--- a/binutils/debug.c
++++ b/binutils/debug.c
+@@ -2554,9 +2554,6 @@ debug_write_type (struct debug_handle *info,
+ case DEBUG_KIND_UNION_CLASS:
+ return debug_write_class_type (info, fns, fhandle, type, tag);
+ case DEBUG_KIND_ENUM:
+- if (type->u.kenum == NULL)
+- return (*fns->enum_type) (fhandle, tag, (const char **) NULL,
+- (bfd_signed_vma *) NULL);
+ return (*fns->enum_type) (fhandle, tag, type->u.kenum->names,
+ type->u.kenum->values);
+ case DEBUG_KIND_POINTER:
+@@ -3098,9 +3095,9 @@ debug_type_samep (struct debug_handle *info, struct debug_type_s *t1,
+ break;
+
+ case DEBUG_KIND_ENUM:
+- if (t1->u.kenum == NULL)
+- ret = t2->u.kenum == NULL;
+- else if (t2->u.kenum == NULL)
++ if (t1->u.kenum->names == NULL)
++ ret = t2->u.kenum->names == NULL;
++ else if (t2->u.kenum->names == NULL)
+ ret = false;
+ else
+ {
--
2.43.0
^ permalink raw reply related [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 11/15] screen: fix CVE-2025-46802
2025-06-10 19:38 [OE-core][kirkstone 00/15] Patch review Steve Sakoman
` (9 preceding siblings ...)
2025-06-10 19:38 ` [OE-core][kirkstone 10/15] binutils: Fix CVE-2025-5244 & CVE-2025-5245 Steve Sakoman
@ 2025-06-10 19:38 ` Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 12/15] screen: fix CVE-2025-46804 Steve Sakoman
` (3 subsequent siblings)
14 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:38 UTC (permalink / raw)
To: openembedded-core
From: Divya Chellam <divya.chellam@windriver.com>
For a short time they PTY is set to mode 666, allowing any user on the
system to connect to the screen session.
Reference:
https://security-tracker.debian.org/tracker/CVE-2025-46802
Upstream-patch:
https://cgit.git.savannah.gnu.org/cgit/screen.git/commit/?id=049b26b22e197ba3be9c46e5c193032e01a4724a
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../screen/screen/CVE-2025-46802.patch | 146 ++++++++++++++++++
meta/recipes-extended/screen/screen_4.9.0.bb | 1 +
2 files changed, 147 insertions(+)
create mode 100644 meta/recipes-extended/screen/screen/CVE-2025-46802.patch
diff --git a/meta/recipes-extended/screen/screen/CVE-2025-46802.patch b/meta/recipes-extended/screen/screen/CVE-2025-46802.patch
new file mode 100644
index 0000000000..aa2cbeac21
--- /dev/null
+++ b/meta/recipes-extended/screen/screen/CVE-2025-46802.patch
@@ -0,0 +1,146 @@
+From 049b26b22e197ba3be9c46e5c193032e01a4724a Mon Sep 17 00:00:00 2001
+From: Matthias Gerstner <matthias.gerstner@suse.de>
+Date: Mon, 12 May 2025 15:15:38 +0200
+Subject: [PATCH] fix CVE-2025-46802: attacher.c - prevent temporary 0666 mode
+ on PTYs
+
+This temporary chmod of the PTY to mode 0666 is most likely a remnant of
+past times, before the PTY file descriptor was passed to the target
+session via the UNIX domain socket.
+
+This chmod() causes a race condition during which any other user in the
+system can open the PTY for reading and writing, and thus allows PTY
+hijacking.
+
+Simply remove this logic completely.
+
+CVE: CVE-2025-46802
+
+Upstream-Status: Backport [https://cgit.git.savannah.gnu.org/cgit/screen.git/commit/?id=049b26b22e197ba3be9c46e5c193032e01a4724a]
+
+Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
+---
+ attacher.c | 27 ---------------------------
+ screen.c | 19 -------------------
+ 2 files changed, 46 deletions(-)
+
+diff --git a/attacher.c b/attacher.c
+index 18ba43c..257bd75 100644
+--- a/attacher.c
++++ b/attacher.c
+@@ -73,7 +73,6 @@ extern int MasterPid, attach_fd;
+ #ifdef MULTIUSER
+ extern char *multi;
+ extern int multiattach, multi_uid, own_uid;
+-extern int tty_mode, tty_oldmode;
+ # ifndef USE_SETEUID
+ static int multipipe[2];
+ # endif
+@@ -160,9 +159,6 @@ int how;
+
+ if (pipe(multipipe))
+ Panic(errno, "pipe");
+- if (chmod(attach_tty, 0666))
+- Panic(errno, "chmod %s", attach_tty);
+- tty_oldmode = tty_mode;
+ eff_uid = -1; /* make UserContext fork */
+ real_uid = multi_uid;
+ if ((ret = UserContext()) <= 0)
+@@ -174,11 +170,6 @@ int how;
+ Panic(errno, "UserContext");
+ close(multipipe[1]);
+ read(multipipe[0], &dummy, 1);
+- if (tty_oldmode >= 0)
+- {
+- chmod(attach_tty, tty_oldmode);
+- tty_oldmode = -1;
+- }
+ ret = UserStatus();
+ #ifdef LOCK
+ if (ret == SIG_LOCK)
+@@ -224,9 +215,6 @@ int how;
+ xseteuid(multi_uid);
+ xseteuid(own_uid);
+ #endif
+- if (chmod(attach_tty, 0666))
+- Panic(errno, "chmod %s", attach_tty);
+- tty_oldmode = tty_mode;
+ }
+ # endif /* USE_SETEUID */
+ #endif /* MULTIUSER */
+@@ -423,13 +411,6 @@ int how;
+ ContinuePlease = 0;
+ # ifndef USE_SETEUID
+ close(multipipe[1]);
+-# else
+- xseteuid(own_uid);
+- if (tty_oldmode >= 0)
+- if (chmod(attach_tty, tty_oldmode))
+- Panic(errno, "chmod %s", attach_tty);
+- tty_oldmode = -1;
+- xseteuid(real_uid);
+ # endif
+ }
+ #endif
+@@ -505,14 +486,6 @@ AttacherFinit SIGDEFARG
+ close(s);
+ }
+ }
+-#ifdef MULTIUSER
+- if (tty_oldmode >= 0)
+- {
+- if (setuid(own_uid))
+- Panic(errno, "setuid");
+- chmod(attach_tty, tty_oldmode);
+- }
+-#endif
+ exit(0);
+ SIGRETURN;
+ }
+diff --git a/screen.c b/screen.c
+index 8bce303..f2e8171 100644
+--- a/screen.c
++++ b/screen.c
+@@ -230,8 +230,6 @@ char *multi_home;
+ int multi_uid;
+ int own_uid;
+ int multiattach;
+-int tty_mode;
+-int tty_oldmode = -1;
+ #endif
+
+ char HostName[MAXSTR];
+@@ -1009,9 +1007,6 @@ int main(int ac, char** av)
+
+ /* ttyname implies isatty */
+ SetTtyname(true, &st);
+-#ifdef MULTIUSER
+- tty_mode = (int)st.st_mode & 0777;
+-#endif
+
+ fl = fcntl(0, F_GETFL, 0);
+ if (fl != -1 && (fl & (O_RDWR|O_RDONLY|O_WRONLY)) == O_RDWR)
+@@ -2170,20 +2165,6 @@ DEFINE_VARARGS_FN(Panic)
+ if (D_userpid)
+ Kill(D_userpid, SIG_BYE);
+ }
+-#ifdef MULTIUSER
+- if (tty_oldmode >= 0) {
+-
+-# ifdef USE_SETEUID
+- if (setuid(own_uid))
+- xseteuid(own_uid); /* may be a loop. sigh. */
+-# else
+- setuid(own_uid);
+-# endif
+-
+- debug1("Panic: changing back modes from %s\n", attach_tty);
+- chmod(attach_tty, tty_oldmode);
+- }
+-#endif
+ eexit(1);
+ }
+
+--
+2.40.0
+
diff --git a/meta/recipes-extended/screen/screen_4.9.0.bb b/meta/recipes-extended/screen/screen_4.9.0.bb
index d137c85600..540a78e04b 100644
--- a/meta/recipes-extended/screen/screen_4.9.0.bb
+++ b/meta/recipes-extended/screen/screen_4.9.0.bb
@@ -23,6 +23,7 @@ SRC_URI = "${GNU_MIRROR}/screen/screen-${PV}.tar.gz \
file://0001-Remove-more-compatibility-stuff.patch \
file://CVE-2023-24626.patch \
file://CVE-2025-46805.patch \
+ file://CVE-2025-46802.patch \
"
SRC_URI[sha256sum] = "f9335281bb4d1538ed078df78a20c2f39d3af9a4e91c57d084271e0289c730f4"
--
2.43.0
^ permalink raw reply related [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 12/15] screen: fix CVE-2025-46804
2025-06-10 19:38 [OE-core][kirkstone 00/15] Patch review Steve Sakoman
` (10 preceding siblings ...)
2025-06-10 19:38 ` [OE-core][kirkstone 11/15] screen: fix CVE-2025-46802 Steve Sakoman
@ 2025-06-10 19:38 ` Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 13/15] git: Fix CVE-2024-50349 and CVE-2024-52006 Steve Sakoman
` (2 subsequent siblings)
14 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:38 UTC (permalink / raw)
To: openembedded-core
From: Divya Chellam <divya.chellam@windriver.com>
A minor information leak when running Screen with setuid-root
privileges allosw unprivileged users to deduce information
about a path that would otherwise not be available.
Affected are older Screen versions, as well as version 5.0.0.
Reference:
https://security-tracker.debian.org/tracker/CVE-2025-46804
Upstream-patch:
https://cgit.git.savannah.gnu.org/cgit/screen.git/commit/?id=e0eef5aac453fa98a2664416a56c50ad1d00cb30
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../screen/screen/CVE-2025-46804.patch | 131 ++++++++++++++++++
meta/recipes-extended/screen/screen_4.9.0.bb | 1 +
2 files changed, 132 insertions(+)
create mode 100644 meta/recipes-extended/screen/screen/CVE-2025-46804.patch
diff --git a/meta/recipes-extended/screen/screen/CVE-2025-46804.patch b/meta/recipes-extended/screen/screen/CVE-2025-46804.patch
new file mode 100644
index 0000000000..4cb1465535
--- /dev/null
+++ b/meta/recipes-extended/screen/screen/CVE-2025-46804.patch
@@ -0,0 +1,131 @@
+From e0eef5aac453fa98a2664416a56c50ad1d00cb30 Mon Sep 17 00:00:00 2001
+From: Matthias Gerstner <matthias.gerstner@suse.de>
+Date: Mon, 12 May 2025 15:26:11 +0200
+Subject: [PATCH] fix CVE-2025-46804: avoid file existence test information
+ leaks
+
+In setuid-root context the current error messages give away whether
+certain paths not accessible by the real user exist and what type they
+have. To prevent this only output generic error messages in setuid-root
+context.
+
+In some situations, when an error is pertaining a directory and the
+directory is owner by the real user then we can still output more
+detailed diagnostics.
+
+This change can lead to less helpful error messages when Screen is
+install setuid-root. More complex changes would be needed to avoid this
+(e.g. only open the `SocketPath` with raised privileges when
+multi-attach is requested).
+
+There might still be lingering some code paths that allow such
+information leaks, since `SocketPath` is a global variable that is used
+across the code base. The majority of issues should be caught with this
+fix, however.
+
+CVE: CVE-2025-46804
+
+Upstream-Status: Backport [https://cgit.git.savannah.gnu.org/cgit/screen.git/commit/?id=e0eef5aac453fa98a2664416a56c50ad1d00cb30]
+
+Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
+---
+ screen.c | 45 ++++++++++++++++++++++++++++++++++-----------
+ socket.c | 9 +++++++--
+ 2 files changed, 41 insertions(+), 13 deletions(-)
+
+diff --git a/screen.c b/screen.c
+index f2e8171..ef6c26a 100644
+--- a/screen.c
++++ b/screen.c
+@@ -1122,15 +1122,28 @@ int main(int ac, char** av)
+ #endif
+ }
+
+- if (stat(SockPath, &st) == -1)
+- Panic(errno, "Cannot access %s", SockPath);
+- else
+- if (!S_ISDIR(st.st_mode))
++ if (stat(SockPath, &st) == -1) {
++ if (eff_uid == real_uid) {
++ Panic(errno, "Cannot access %s", SockPath);
++ } else {
++ Panic(0, "Error accessing %s", SockPath);
++ }
++ } else if (!S_ISDIR(st.st_mode)) {
++ if (eff_uid == real_uid || st.st_uid == real_uid) {
+ Panic(0, "%s is not a directory.", SockPath);
++ } else {
++ Panic(0, "Error accessing %s", SockPath);
++ }
++ }
+ #ifdef MULTIUSER
+ if (multi) {
+- if ((int)st.st_uid != multi_uid)
+- Panic(0, "%s is not the owner of %s.", multi, SockPath);
++ if ((int)st.st_uid != multi_uid) {
++ if (eff_uid == real_uid || st.st_uid == real_uid) {
++ Panic(0, "%s is not the owner of %s.", multi, SockPath);
++ } else {
++ Panic(0, "Error accessing %s", SockPath);
++ }
++ }
+ }
+ else
+ #endif
+@@ -1144,9 +1157,13 @@ int main(int ac, char** av)
+ Panic(0, "You are not the owner of %s.", SockPath);
+ #endif
+ }
+-
+- if ((st.st_mode & 0777) != 0700)
+- Panic(0, "Directory %s must have mode 700.", SockPath);
++ if ((st.st_mode & 0777) != 0700) {
++ if (eff_uid == real_uid || st.st_uid == real_uid) {
++ Panic(0, "Directory %s must have mode 700.", SockPath);
++ } else {
++ Panic(0, "Error accessing %s", SockPath);
++ }
++ }
+ if (SockMatch && index(SockMatch, '/'))
+ Panic(0, "Bad session name '%s'", SockMatch);
+ SockName = SockPath + strlen(SockPath) + 1;
+@@ -1184,8 +1201,14 @@ int main(int ac, char** av)
+ else
+ exit(9 + (fo || oth ? 1 : 0) + fo);
+ }
+- if (fo == 0)
+- Panic(0, "No Sockets found in %s.\n", SockPath);
++ if (fo == 0) {
++ if (eff_uid == real_uid || st.st_uid == real_uid) {
++ Panic(0, "No Sockets found in %s.\n", SockPath);
++ } else {
++ Panic(0, "Error accessing %s", SockPath);
++ }
++ }
++
+ Msg(0, "%d Socket%s in %s.", fo, fo > 1 ? "s" : "", SockPath);
+ eexit(0);
+ }
+diff --git a/socket.c b/socket.c
+index 3bbd64e..5661e6e 100644
+--- a/socket.c
++++ b/socket.c
+@@ -169,8 +169,13 @@ bool *is_sock;
+ xsetegid(real_gid);
+ #endif
+
+- if ((dirp = opendir(SockPath)) == 0)
+- Panic(errno, "Cannot opendir %s", SockPath);
++ if ((dirp = opendir(SockPath)) == 0) {
++ if (eff_uid == real_uid) {
++ Panic(errno, "Cannot opendir %s", SockPath);
++ } else {
++ Panic(0, "Error accessing %s", SockPath);
++ }
++ }
+
+ slist = 0;
+ slisttail = &slist;
+--
+2.40.0
+
diff --git a/meta/recipes-extended/screen/screen_4.9.0.bb b/meta/recipes-extended/screen/screen_4.9.0.bb
index 540a78e04b..574b738dbf 100644
--- a/meta/recipes-extended/screen/screen_4.9.0.bb
+++ b/meta/recipes-extended/screen/screen_4.9.0.bb
@@ -24,6 +24,7 @@ SRC_URI = "${GNU_MIRROR}/screen/screen-${PV}.tar.gz \
file://CVE-2023-24626.patch \
file://CVE-2025-46805.patch \
file://CVE-2025-46802.patch \
+ file://CVE-2025-46804.patch \
"
SRC_URI[sha256sum] = "f9335281bb4d1538ed078df78a20c2f39d3af9a4e91c57d084271e0289c730f4"
--
2.43.0
^ permalink raw reply related [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 13/15] git: Fix CVE-2024-50349 and CVE-2024-52006
2025-06-10 19:38 [OE-core][kirkstone 00/15] Patch review Steve Sakoman
` (11 preceding siblings ...)
2025-06-10 19:38 ` [OE-core][kirkstone 12/15] screen: fix CVE-2025-46804 Steve Sakoman
@ 2025-06-10 19:38 ` Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 14/15] python3: upgrade 3.10.16 -> 3.10.18 Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 15/15] kernel.bbclass: add original package name to RPROVIDES for -image and -base Steve Sakoman
14 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:38 UTC (permalink / raw)
To: openembedded-core
From: Vijay Anusuri <vanusuri@mvista.com>
Upstream-Status: Backport from
https://github.com/git/git/commit/c903985bf7e772e2d08275c1a95c8a55ab011577
&
https://github.com/git/git/commit/7725b8100ffbbff2750ee4d61a0fcc1f53a086e8
& https://github.com/git/git/commit/b01b9b81d36759cdcd07305e78765199e1bc2060
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../git/git/CVE-2024-50349-0001.patch | 100 ++++++
.../git/git/CVE-2024-50349-0002.patch | 321 ++++++++++++++++++
.../git/git/CVE-2024-52006.patch | 165 +++++++++
meta/recipes-devtools/git/git_2.35.7.bb | 3 +
4 files changed, 589 insertions(+)
create mode 100644 meta/recipes-devtools/git/git/CVE-2024-50349-0001.patch
create mode 100644 meta/recipes-devtools/git/git/CVE-2024-50349-0002.patch
create mode 100644 meta/recipes-devtools/git/git/CVE-2024-52006.patch
diff --git a/meta/recipes-devtools/git/git/CVE-2024-50349-0001.patch b/meta/recipes-devtools/git/git/CVE-2024-50349-0001.patch
new file mode 100644
index 0000000000..a4567f83f5
--- /dev/null
+++ b/meta/recipes-devtools/git/git/CVE-2024-50349-0001.patch
@@ -0,0 +1,100 @@
+From c903985bf7e772e2d08275c1a95c8a55ab011577 Mon Sep 17 00:00:00 2001
+From: Johannes Schindelin <johannes.schindelin@gmx.de>
+Date: Thu, 7 Nov 2024 08:57:52 +0100
+Subject: [PATCH] credential_format(): also encode <host>[:<port>]
+
+An upcoming change wants to sanitize the credential password prompt
+where a URL is displayed that may potentially come from a `.gitmodules`
+file. To this end, the `credential_format()` function is employed.
+
+To sanitize the host name (and optional port) part of the URL, we need a
+new mode of the `strbuf_add_percentencode()` function because the
+current mode is both too strict and too lenient: too strict because it
+encodes `:`, `[` and `]` (which should be left unencoded in
+`<host>:<port>` and in IPv6 addresses), and too lenient because it does
+not encode invalid host name characters `/`, `_` and `~`.
+
+So let's introduce and use a new mode specifically to encode the host
+name and optional port part of a URI, leaving alpha-numerical
+characters, periods, colons and brackets alone and encoding all others.
+
+This only leads to a change of behavior for URLs that contain invalid
+host names.
+
+Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
+
+Upstream-Status: Backport [https://github.com/git/git/commit/c903985bf7e772e2d08275c1a95c8a55ab011577]
+CVE: CVE-2024-50349
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ credential.c | 3 ++-
+ strbuf.c | 4 +++-
+ strbuf.h | 1 +
+ t/t0300-credentials.sh | 13 +++++++++++++
+ 4 files changed, 19 insertions(+), 2 deletions(-)
+
+diff --git a/credential.c b/credential.c
+index f32011343f9400..572f1785da7d3e 100644
+--- a/credential.c
++++ b/credential.c
+@@ -164,7 +164,8 @@ static void credential_format(struct credential *c, struct strbuf *out)
+ strbuf_addch(out, '@');
+ }
+ if (c->host)
+- strbuf_addstr(out, c->host);
++ strbuf_add_percentencode(out, c->host,
++ STRBUF_ENCODE_HOST_AND_PORT);
+ if (c->path) {
+ strbuf_addch(out, '/');
+ strbuf_add_percentencode(out, c->path, 0);
+diff --git a/strbuf.c b/strbuf.c
+index c383f41a3c5ccc..756b96c56157c3 100644
+--- a/strbuf.c
++++ b/strbuf.c
+@@ -492,7 +492,9 @@ void strbuf_add_percentencode(struct strbuf *dst, const char *src, int flags)
+ unsigned char ch = src[i];
+ if (ch <= 0x1F || ch >= 0x7F ||
+ (ch == '/' && (flags & STRBUF_ENCODE_SLASH)) ||
+- strchr(URL_UNSAFE_CHARS, ch))
++ ((flags & STRBUF_ENCODE_HOST_AND_PORT) ?
++ !isalnum(ch) && !strchr("-.:[]", ch) :
++ !!strchr(URL_UNSAFE_CHARS, ch)))
+ strbuf_addf(dst, "%%%02X", (unsigned char)ch);
+ else
+ strbuf_addch(dst, ch);
+diff --git a/strbuf.h b/strbuf.h
+index f6dbb9681ee768..f9f8bb0381b3c5 100644
+--- a/strbuf.h
++++ b/strbuf.h
+@@ -380,6 +380,7 @@ size_t strbuf_expand_dict_cb(struct strbuf *sb,
+ void strbuf_addbuf_percentquote(struct strbuf *dst, const struct strbuf *src);
+
+ #define STRBUF_ENCODE_SLASH 1
++#define STRBUF_ENCODE_HOST_AND_PORT 2
+
+ /**
+ * Append the contents of a string to a strbuf, percent-encoding any characters
+diff --git a/t/t0300-credentials.sh b/t/t0300-credentials.sh
+index c66d91e82d8bc7..cb91be1427f1d2 100755
+--- a/t/t0300-credentials.sh
++++ b/t/t0300-credentials.sh
+@@ -514,6 +514,19 @@ test_expect_success 'match percent-encoded values in username' '
+ EOF
+ '
+
++test_expect_success 'match percent-encoded values in hostname' '
++ test_config "credential.https://a%20b%20c/.helper" "$HELPER" &&
++ check fill <<-\EOF
++ url=https://a b c/
++ --
++ protocol=https
++ host=a b c
++ username=foo
++ password=bar
++ --
++ EOF
++'
++
+ test_expect_success 'fetch with multiple path components' '
+ test_unconfig credential.helper &&
+ test_config credential.https://example.com/foo/repo.git.helper "verbatim foo bar" &&
diff --git a/meta/recipes-devtools/git/git/CVE-2024-50349-0002.patch b/meta/recipes-devtools/git/git/CVE-2024-50349-0002.patch
new file mode 100644
index 0000000000..6135b00737
--- /dev/null
+++ b/meta/recipes-devtools/git/git/CVE-2024-50349-0002.patch
@@ -0,0 +1,321 @@
+From 7725b8100ffbbff2750ee4d61a0fcc1f53a086e8 Mon Sep 17 00:00:00 2001
+From: Johannes Schindelin <johannes.schindelin@gmx.de>
+Date: Wed, 30 Oct 2024 13:26:10 +0100
+Subject: [PATCH] credential: sanitize the user prompt
+
+When asking the user interactively for credentials, we want to avoid
+misleading them e.g. via control sequences that pretend that the URL
+targets a trusted host when it does not.
+
+While Git learned, over the course of the preceding commits, to disallow
+URLs containing URL-encoded control characters by default, credential
+helpers are still allowed to specify values very freely (apart from Line
+Feed and NUL characters, anything is allowed), and this would allow,
+say, a username containing control characters to be specified that would
+then be displayed in the interactive terminal prompt asking the user for
+the password, potentially sending those control characters directly to
+the terminal. This is undesirable because control characters can be used
+to mislead users to divulge secret information to untrusted sites.
+
+To prevent such an attack vector, let's add a `git_prompt()` that forces
+the displayed text to be sanitized, i.e. displaying question marks
+instead of control characters.
+
+Note: While this commit's diff changes a lot of `user@host` strings to
+`user%40host`, which may look suspicious on the surface, there is a good
+reason for that: this string specifies a user name, not a
+<username>@<hostname> combination! In the context of t5541, the actual
+combination looks like this: `user%40@127.0.0.1:5541`. Therefore, these
+string replacements document a net improvement introduced by this
+commit, as `user@host@127.0.0.1` could have left readers wondering where
+the user name ends and where the host name begins.
+
+Hinted-at-by: Jeff King <peff@peff.net>
+Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
+
+Upstream-Status: Backport [https://github.com/git/git/commit/7725b8100ffbbff2750ee4d61a0fcc1f53a086e8]
+CVE: CVE-2024-50349
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ Documentation/config/credential.txt | 6 ++++++
+ credential.c | 7 ++++++-
+ credential.h | 4 +++-
+ t/t0300-credentials.sh | 20 ++++++++++++++++++++
+ t/t5541-http-push-smart.sh | 6 +++---
+ t/t5550-http-fetch-dumb.sh | 14 +++++++-------
+ t/t5551-http-fetch-smart.sh | 16 ++++++++--------
+ 7 files changed, 53 insertions(+), 20 deletions(-)
+
+diff --git a/Documentation/config/credential.txt b/Documentation/config/credential.txt
+index 512f318..fd8113d 100644
+--- a/Documentation/config/credential.txt
++++ b/Documentation/config/credential.txt
+@@ -14,6 +14,12 @@ credential.useHttpPath::
+ or https URL to be important. Defaults to false. See
+ linkgit:gitcredentials[7] for more information.
+
++credential.sanitizePrompt::
++ By default, user names and hosts that are shown as part of the
++ password prompt are not allowed to contain control characters (they
++ will be URL-encoded by default). Configure this setting to `false` to
++ override that behavior.
++
+ credential.username::
+ If no username is set for a network authentication, use this username
+ by default. See credential.<context>.* below, and
+diff --git a/credential.c b/credential.c
+index 195556d..a071ead 100644
+--- a/credential.c
++++ b/credential.c
+@@ -66,6 +66,8 @@ static int credential_config_callback(const char *var, const char *value,
+ }
+ else if (!strcmp(key, "usehttppath"))
+ c->use_http_path = git_config_bool(var, value);
++ else if (!strcmp(key, "sanitizeprompt"))
++ c->sanitize_prompt = git_config_bool(var, value);
+
+ return 0;
+ }
+@@ -177,7 +179,10 @@ static char *credential_ask_one(const char *what, struct credential *c,
+ struct strbuf prompt = STRBUF_INIT;
+ char *r;
+
+- credential_describe(c, &desc);
++ if (c->sanitize_prompt)
++ credential_format(c, &desc);
++ else
++ credential_describe(c, &desc);
+ if (desc.len)
+ strbuf_addf(&prompt, "%s for '%s': ", what, desc.buf);
+ else
+diff --git a/credential.h b/credential.h
+index f430e77..222bbf1 100644
+--- a/credential.h
++++ b/credential.h
+@@ -119,7 +119,8 @@ struct credential {
+ configured:1,
+ quit:1,
+ use_http_path:1,
+- username_from_proto:1;
++ username_from_proto:1,
++ sanitize_prompt:1;
+
+ char *username;
+ char *password;
+@@ -130,6 +131,7 @@ struct credential {
+
+ #define CREDENTIAL_INIT { \
+ .helpers = STRING_LIST_INIT_DUP, \
++ .sanitize_prompt = 1, \
+ }
+
+ /* Initialize a credential structure, setting all fields to empty. */
+diff --git a/t/t0300-credentials.sh b/t/t0300-credentials.sh
+index c13be4f..9e27499 100755
+--- a/t/t0300-credentials.sh
++++ b/t/t0300-credentials.sh
+@@ -35,6 +35,10 @@ test_expect_success 'setup helper scripts' '
+ test -z "$pass" || echo password=$pass
+ EOF
+
++ write_script git-credential-cntrl-in-username <<-\EOF &&
++ printf "username=\\007latrix Lestrange\\n"
++ EOF
++
+ PATH="$PWD:$PATH"
+ '
+
+@@ -731,4 +735,20 @@ test_expect_success 'credential config with partial URLs' '
+ test_i18ngrep "skipping credential lookup for key" stderr
+ '
+
++BEL="$(printf '\007')"
++
++test_expect_success 'interactive prompt is sanitized' '
++ check fill cntrl-in-username <<-EOF
++ protocol=https
++ host=example.org
++ --
++ protocol=https
++ host=example.org
++ username=${BEL}latrix Lestrange
++ password=askpass-password
++ --
++ askpass: Password for ${SQ}https://%07latrix%20Lestrange@example.org${SQ}:
++ EOF
++'
++
+ test_done
+diff --git a/t/t5541-http-push-smart.sh b/t/t5541-http-push-smart.sh
+index 8ca50f8..66e7da0 100755
+--- a/t/t5541-http-push-smart.sh
++++ b/t/t5541-http-push-smart.sh
+@@ -363,7 +363,7 @@ test_expect_success 'push over smart http with auth' '
+ git push "$HTTPD_URL"/auth/smart/test_repo.git &&
+ git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/test_repo.git" \
+ log -1 --format=%s >actual &&
+- expect_askpass both user@host &&
++ expect_askpass both user%40host &&
+ test_cmp expect actual
+ '
+
+@@ -375,7 +375,7 @@ test_expect_success 'push to auth-only-for-push repo' '
+ git push "$HTTPD_URL"/auth-push/smart/test_repo.git &&
+ git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/test_repo.git" \
+ log -1 --format=%s >actual &&
+- expect_askpass both user@host &&
++ expect_askpass both user%40host &&
+ test_cmp expect actual
+ '
+
+@@ -405,7 +405,7 @@ test_expect_success 'push into half-auth-complete requires password' '
+ git push "$HTTPD_URL/half-auth-complete/smart/half-auth.git" &&
+ git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/half-auth.git" \
+ log -1 --format=%s >actual &&
+- expect_askpass both user@host &&
++ expect_askpass both user%40host &&
+ test_cmp expect actual
+ '
+
+diff --git a/t/t5550-http-fetch-dumb.sh b/t/t5550-http-fetch-dumb.sh
+index 2592039..fed22e5 100755
+--- a/t/t5550-http-fetch-dumb.sh
++++ b/t/t5550-http-fetch-dumb.sh
+@@ -95,13 +95,13 @@ test_expect_success 'http auth can use user/pass in URL' '
+ test_expect_success 'http auth can use just user in URL' '
+ set_askpass wrong pass@host &&
+ git clone "$HTTPD_URL_USER/auth/dumb/repo.git" clone-auth-pass &&
+- expect_askpass pass user@host
++ expect_askpass pass user%40host
+ '
+
+ test_expect_success 'http auth can request both user and pass' '
+ set_askpass user@host pass@host &&
+ git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-both &&
+- expect_askpass both user@host
++ expect_askpass both user%40host
+ '
+
+ test_expect_success 'http auth respects credential helper config' '
+@@ -119,14 +119,14 @@ test_expect_success 'http auth can get username from config' '
+ test_config_global "credential.$HTTPD_URL.username" user@host &&
+ set_askpass wrong pass@host &&
+ git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-user &&
+- expect_askpass pass user@host
++ expect_askpass pass user%40host
+ '
+
+ test_expect_success 'configured username does not override URL' '
+ test_config_global "credential.$HTTPD_URL.username" wrong &&
+ set_askpass wrong pass@host &&
+ git clone "$HTTPD_URL_USER/auth/dumb/repo.git" clone-auth-user2 &&
+- expect_askpass pass user@host
++ expect_askpass pass user%40host
+ '
+
+ test_expect_success 'set up repo with http submodules' '
+@@ -147,7 +147,7 @@ test_expect_success 'cmdline credential config passes to submodule via clone' '
+ set_askpass wrong pass@host &&
+ git -c "credential.$HTTPD_URL.username=user@host" \
+ clone --recursive super super-clone &&
+- expect_askpass pass user@host
++ expect_askpass pass user%40host
+ '
+
+ test_expect_success 'cmdline credential config passes submodule via fetch' '
+@@ -158,7 +158,7 @@ test_expect_success 'cmdline credential config passes submodule via fetch' '
+ git -C super-clone \
+ -c "credential.$HTTPD_URL.username=user@host" \
+ fetch --recurse-submodules &&
+- expect_askpass pass user@host
++ expect_askpass pass user%40host
+ '
+
+ test_expect_success 'cmdline credential config passes submodule update' '
+@@ -175,7 +175,7 @@ test_expect_success 'cmdline credential config passes submodule update' '
+ git -C super-clone \
+ -c "credential.$HTTPD_URL.username=user@host" \
+ submodule update &&
+- expect_askpass pass user@host
++ expect_askpass pass user%40host
+ '
+
+ test_expect_success 'fetch changes via http' '
+diff --git a/t/t5551-http-fetch-smart.sh b/t/t5551-http-fetch-smart.sh
+index f92c79c..53a21f6 100755
+--- a/t/t5551-http-fetch-smart.sh
++++ b/t/t5551-http-fetch-smart.sh
+@@ -142,7 +142,7 @@ test_expect_success 'clone from password-protected repository' '
+ echo two >expect &&
+ set_askpass user@host pass@host &&
+ git clone --bare "$HTTPD_URL/auth/smart/repo.git" smart-auth &&
+- expect_askpass both user@host &&
++ expect_askpass both user%40host &&
+ git --git-dir=smart-auth log -1 --format=%s >actual &&
+ test_cmp expect actual
+ '
+@@ -160,7 +160,7 @@ test_expect_success 'clone from auth-only-for-objects repository' '
+ echo two >expect &&
+ set_askpass user@host pass@host &&
+ git clone --bare "$HTTPD_URL/auth-fetch/smart/repo.git" half-auth &&
+- expect_askpass both user@host &&
++ expect_askpass both user%40host &&
+ git --git-dir=half-auth log -1 --format=%s >actual &&
+ test_cmp expect actual
+ '
+@@ -185,14 +185,14 @@ test_expect_success 'redirects send auth to new location' '
+ set_askpass user@host pass@host &&
+ git -c credential.useHttpPath=true \
+ clone $HTTPD_URL/smart-redir-auth/repo.git repo-redir-auth &&
+- expect_askpass both user@host auth/smart/repo.git
++ expect_askpass both user%40host auth/smart/repo.git
+ '
+
+ test_expect_success 'GIT_TRACE_CURL redacts auth details' '
+ rm -rf redact-auth trace &&
+ set_askpass user@host pass@host &&
+ GIT_TRACE_CURL="$(pwd)/trace" git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth &&
+- expect_askpass both user@host &&
++ expect_askpass both user%40host &&
+
+ # Ensure that there is no "Basic" followed by a base64 string, but that
+ # the auth details are redacted
+@@ -204,7 +204,7 @@ test_expect_success 'GIT_CURL_VERBOSE redacts auth details' '
+ rm -rf redact-auth trace &&
+ set_askpass user@host pass@host &&
+ GIT_CURL_VERBOSE=1 git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth 2>trace &&
+- expect_askpass both user@host &&
++ expect_askpass both user%40host &&
+
+ # Ensure that there is no "Basic" followed by a base64 string, but that
+ # the auth details are redacted
+@@ -217,7 +217,7 @@ test_expect_success 'GIT_TRACE_CURL does not redact auth details if GIT_TRACE_RE
+ set_askpass user@host pass@host &&
+ GIT_TRACE_REDACT=0 GIT_TRACE_CURL="$(pwd)/trace" \
+ git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth &&
+- expect_askpass both user@host &&
++ expect_askpass both user%40host &&
+
+ grep -i "Authorization: Basic [0-9a-zA-Z+/]" trace
+ '
+@@ -524,7 +524,7 @@ test_expect_success 'http auth remembers successful credentials' '
+ # the first request prompts the user...
+ set_askpass user@host pass@host &&
+ git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null &&
+- expect_askpass both user@host &&
++ expect_askpass both user%40host &&
+
+ # ...and the second one uses the stored value rather than
+ # prompting the user.
+@@ -555,7 +555,7 @@ test_expect_success 'http auth forgets bogus credentials' '
+ # us to prompt the user again.
+ set_askpass user@host pass@host &&
+ git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null &&
+- expect_askpass both user@host
++ expect_askpass both user%40host
+ '
+
+ test_expect_success 'client falls back from v2 to v0 to match server' '
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/git/git/CVE-2024-52006.patch b/meta/recipes-devtools/git/git/CVE-2024-52006.patch
new file mode 100644
index 0000000000..403f9752b7
--- /dev/null
+++ b/meta/recipes-devtools/git/git/CVE-2024-52006.patch
@@ -0,0 +1,165 @@
+From b01b9b81d36759cdcd07305e78765199e1bc2060 Mon Sep 17 00:00:00 2001
+From: Johannes Schindelin <johannes.schindelin@gmx.de>
+Date: Mon, 4 Nov 2024 14:48:22 +0100
+Subject: [PATCH] credential: disallow Carriage Returns in the protocol by
+ default
+
+While Git has documented that the credential protocol is line-based,
+with newlines as terminators, the exact shape of a newline has not been
+documented.
+
+From Git's perspective, which is firmly rooted in the Linux ecosystem,
+it is clear that "a newline" means a Line Feed character.
+
+However, even Git's credential protocol respects Windows line endings
+(a Carriage Return character followed by a Line Feed character, "CR/LF")
+by virtue of using `strbuf_getline()`.
+
+There is a third category of line endings that has been used originally
+by MacOS, and that is respected by the default line readers of .NET and
+node.js: bare Carriage Returns.
+
+Git cannot handle those, and what is worse: Git's remedy against
+CVE-2020-5260 does not catch when credential helpers are used that
+interpret bare Carriage Returns as newlines.
+
+Git Credential Manager addressed this as CVE-2024-50338, but other
+credential helpers may still be vulnerable. So let's not only disallow
+Line Feed characters as part of the values in the credential protocol,
+but also disallow Carriage Return characters.
+
+In the unlikely event that a credential helper relies on Carriage
+Returns in the protocol, introduce an escape hatch via the
+`credential.protectProtocol` config setting.
+
+This addresses CVE-2024-52006.
+
+Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
+
+Upstream-Status: Backport [https://github.com/git/git/commit/b01b9b81d36759cdcd07305e78765199e1bc2060]
+CVE: CVE-2024-52006
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ Documentation/config/credential.txt | 5 +++++
+ credential.c | 19 +++++++++++++------
+ credential.h | 4 +++-
+ t/t0300-credentials.sh | 16 ++++++++++++++++
+ 4 files changed, 37 insertions(+), 7 deletions(-)
+
+diff --git a/Documentation/config/credential.txt b/Documentation/config/credential.txt
+index fd8113d..9cadca7 100644
+--- a/Documentation/config/credential.txt
++++ b/Documentation/config/credential.txt
+@@ -20,6 +20,11 @@ credential.sanitizePrompt::
+ will be URL-encoded by default). Configure this setting to `false` to
+ override that behavior.
+
++credential.protectProtocol::
++ By default, Carriage Return characters are not allowed in the protocol
++ that is used when Git talks to a credential helper. This setting allows
++ users to override this default.
++
+ credential.username::
+ If no username is set for a network authentication, use this username
+ by default. See credential.<context>.* below, and
+diff --git a/credential.c b/credential.c
+index a071ead..b427d55 100644
+--- a/credential.c
++++ b/credential.c
+@@ -68,6 +68,8 @@ static int credential_config_callback(const char *var, const char *value,
+ c->use_http_path = git_config_bool(var, value);
+ else if (!strcmp(key, "sanitizeprompt"))
+ c->sanitize_prompt = git_config_bool(var, value);
++ else if (!strcmp(key, "protectprotocol"))
++ c->protect_protocol = git_config_bool(var, value);
+
+ return 0;
+ }
+@@ -255,7 +257,8 @@ int credential_read(struct credential *c, FILE *fp)
+ return 0;
+ }
+
+-static void credential_write_item(FILE *fp, const char *key, const char *value,
++static void credential_write_item(const struct credential *c,
++ FILE *fp, const char *key, const char *value,
+ int required)
+ {
+ if (!value && required)
+@@ -264,16 +267,20 @@ static void credential_write_item(FILE *fp, const char *key, const char *value,
+ return;
+ if (strchr(value, '\n'))
+ die("credential value for %s contains newline", key);
++ if (c->protect_protocol && strchr(value, '\r'))
++ die("credential value for %s contains carriage return\n"
++ "If this is intended, set `credential.protectProtocol=false`",
++ key);
+ fprintf(fp, "%s=%s\n", key, value);
+ }
+
+ void credential_write(const struct credential *c, FILE *fp)
+ {
+- credential_write_item(fp, "protocol", c->protocol, 1);
+- credential_write_item(fp, "host", c->host, 1);
+- credential_write_item(fp, "path", c->path, 0);
+- credential_write_item(fp, "username", c->username, 0);
+- credential_write_item(fp, "password", c->password, 0);
++ credential_write_item(c, fp, "protocol", c->protocol, 1);
++ credential_write_item(c, fp, "host", c->host, 1);
++ credential_write_item(c, fp, "path", c->path, 0);
++ credential_write_item(c, fp, "username", c->username, 0);
++ credential_write_item(c, fp, "password", c->password, 0);
+ }
+
+ static int run_credential_helper(struct credential *c,
+diff --git a/credential.h b/credential.h
+index 222bbf1..b4b837c 100644
+--- a/credential.h
++++ b/credential.h
+@@ -120,7 +120,8 @@ struct credential {
+ quit:1,
+ use_http_path:1,
+ username_from_proto:1,
+- sanitize_prompt:1;
++ sanitize_prompt:1,
++ protect_protocol:1;
+
+ char *username;
+ char *password;
+@@ -132,6 +133,7 @@ struct credential {
+ #define CREDENTIAL_INIT { \
+ .helpers = STRING_LIST_INIT_DUP, \
+ .sanitize_prompt = 1, \
++ .protect_protocol = 1, \
+ }
+
+ /* Initialize a credential structure, setting all fields to empty. */
+diff --git a/t/t0300-credentials.sh b/t/t0300-credentials.sh
+index 9e27499..ca158fe 100755
+--- a/t/t0300-credentials.sh
++++ b/t/t0300-credentials.sh
+@@ -626,6 +626,22 @@ test_expect_success 'url parser rejects embedded newlines' '
+ test_cmp expect stderr
+ '
+
++test_expect_success 'url parser rejects embedded carriage returns' '
++ test_config credential.helper "!true" &&
++ test_must_fail git credential fill 2>stderr <<-\EOF &&
++ url=https://example%0d.com/
++ EOF
++ cat >expect <<-\EOF &&
++ fatal: credential value for host contains carriage return
++ If this is intended, set `credential.protectProtocol=false`
++ EOF
++ test_cmp expect stderr &&
++ GIT_ASKPASS=true \
++ git -c credential.protectProtocol=false credential fill <<-\EOF
++ url=https://example%0d.com/
++ EOF
++'
++
+ test_expect_success 'host-less URLs are parsed as empty host' '
+ check fill "verbatim foo bar" <<-\EOF
+ url=cert:///path/to/cert.pem
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/git/git_2.35.7.bb b/meta/recipes-devtools/git/git_2.35.7.bb
index 94352d38ef..765180a38d 100644
--- a/meta/recipes-devtools/git/git_2.35.7.bb
+++ b/meta/recipes-devtools/git/git_2.35.7.bb
@@ -23,6 +23,9 @@ SRC_URI = "${KERNELORG_MIRROR}/software/scm/git/git-${PV}.tar.gz;name=tarball \
file://CVE-2024-32021-0001.patch \
file://CVE-2024-32021-0002.patch \
file://CVE-2024-32465.patch \
+ file://CVE-2024-50349-0001.patch \
+ file://CVE-2024-50349-0002.patch \
+ file://CVE-2024-52006.patch \
"
S = "${WORKDIR}/git-${PV}"
--
2.43.0
^ permalink raw reply related [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 14/15] python3: upgrade 3.10.16 -> 3.10.18
2025-06-10 19:38 [OE-core][kirkstone 00/15] Patch review Steve Sakoman
` (12 preceding siblings ...)
2025-06-10 19:38 ` [OE-core][kirkstone 13/15] git: Fix CVE-2024-50349 and CVE-2024-52006 Steve Sakoman
@ 2025-06-10 19:38 ` Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 15/15] kernel.bbclass: add original package name to RPROVIDES for -image and -base Steve Sakoman
14 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:38 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
Drop upstreamed patch and refresh remaining patches.
* https://www.python.org/downloads/release/python-31017/
Security content in this release
* gh-131809: Upgrade vendored expat to 2.7.1
* gh-80222: Folding of quoted string in display_name violates RFC
* gh-121284: Invalid RFC 2047 address header after refolding with
email.policy.default
* gh-131261: Update libexpat to 2.7.0
* gh-105704: CVE-2025-0938 urlparse does not flag hostname containing
[ or ] as incorrect
* gh-119511: OOM vulnerability in the imaplib module
* https://www.python.org/downloads/release/python-31018/
Security content in this release
* gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330]
[CVE 2025-4435] [CVE 2025-4517] Fixes multiple issues that allowed
tarfile extraction filters (filter="data" and filter="tar") to be
bypassed using crafted symlinks and hard links.
* gh-133767: Fix use-after-free in the “unicode-escape” decoder with a
non-“strict” error handler.
* gh-128840: Short-circuit the processing of long IPv6 addresses early
in ipaddress to prevent excessive memory consumption and a minor
denial-of-service.
gh-133767 got meawhile CVE-2025-4516 assigned.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...ib-termcap-to-linker-flags-to-avoid-.patch | 2 +-
...hell-version-of-python-config-that-w.patch | 2 +-
...file-do-not-compile-.pyc-in-parallel.patch | 2 +-
...sts-due-to-load-variability-on-YP-AB.patch | 6 +-
...e-treat-overflow-in-UID-GID-as-failu.patch | 2 +-
...asename-to-replace-CC-for-checking-c.patch | 16 +--
...detect-multiarch-paths-when-cross-co.patch | 2 +-
...orlines-skip-due-to-load-variability.patch | 2 +-
...report-missing-dependencies-for-disa.patch | 2 +-
...up.py-do-not-add-a-curses-include-pa.patch | 4 +-
.../python/python3/CVE-2025-0938.patch | 131 ------------------
.../python3/avoid_warning_about_tkinter.patch | 2 +-
.../python/python3/makerace.patch | 2 +-
...{python3_3.10.16.bb => python3_3.10.18.bb} | 3 +-
14 files changed, 23 insertions(+), 155 deletions(-)
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2025-0938.patch
rename meta/recipes-devtools/python/{python3_3.10.16.bb => python3_3.10.18.bb} (99%)
diff --git a/meta/recipes-devtools/python/python3/0001-Do-not-add-usr-lib-termcap-to-linker-flags-to-avoid-.patch b/meta/recipes-devtools/python/python3/0001-Do-not-add-usr-lib-termcap-to-linker-flags-to-avoid-.patch
index 62ef6efc28..47637d24d8 100644
--- a/meta/recipes-devtools/python/python3/0001-Do-not-add-usr-lib-termcap-to-linker-flags-to-avoid-.patch
+++ b/meta/recipes-devtools/python/python3/0001-Do-not-add-usr-lib-termcap-to-linker-flags-to-avoid-.patch
@@ -15,7 +15,7 @@ diff --git a/setup.py b/setup.py
index 43e807f..11b5cf5 100644
--- a/setup.py
+++ b/setup.py
-@@ -1149,7 +1149,6 @@ class PyBuildExt(build_ext):
+@@ -1153,7 +1153,6 @@ class PyBuildExt(build_ext):
'termcap'):
readline_libs.append('termcap')
self.add(Extension('readline', ['readline.c'],
diff --git a/meta/recipes-devtools/python/python3/0001-Do-not-use-the-shell-version-of-python-config-that-w.patch b/meta/recipes-devtools/python/python3/0001-Do-not-use-the-shell-version-of-python-config-that-w.patch
index d98f243cb1..c74a1c58a1 100644
--- a/meta/recipes-devtools/python/python3/0001-Do-not-use-the-shell-version-of-python-config-that-w.patch
+++ b/meta/recipes-devtools/python/python3/0001-Do-not-use-the-shell-version-of-python-config-that-w.patch
@@ -18,7 +18,7 @@ diff --git a/Makefile.pre.in b/Makefile.pre.in
index ee85f35..f0aedb7 100644
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
-@@ -1640,12 +1640,9 @@ python-config: $(srcdir)/Misc/python-config.in Misc/python-config.sh
+@@ -1641,12 +1641,9 @@ python-config: $(srcdir)/Misc/python-config.in Misc/python-config.sh
sed -e "s,@EXENAME@,$(BINDIR)/python$(LDVERSION)$(EXE)," < $(srcdir)/Misc/python-config.in >python-config.py
@ # Replace makefile compat. variable references with shell script compat. ones; $(VAR) -> ${VAR}
LC_ALL=C sed -e 's,\$$(\([A-Za-z0-9_]*\)),\$$\{\1\},g' < Misc/python-config.sh >python-config
diff --git a/meta/recipes-devtools/python/python3/0001-Makefile-do-not-compile-.pyc-in-parallel.patch b/meta/recipes-devtools/python/python3/0001-Makefile-do-not-compile-.pyc-in-parallel.patch
index 2f037ecb09..88ba84d64d 100644
--- a/meta/recipes-devtools/python/python3/0001-Makefile-do-not-compile-.pyc-in-parallel.patch
+++ b/meta/recipes-devtools/python/python3/0001-Makefile-do-not-compile-.pyc-in-parallel.patch
@@ -26,7 +26,7 @@ diff --git a/Makefile.pre.in b/Makefile.pre.in
index edd70d4..5e13ba2 100644
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
-@@ -1601,30 +1601,30 @@ libinstall: build_all $(srcdir)/Modules/xxmodule.c
+@@ -1602,30 +1602,30 @@ libinstall: build_all $(srcdir)/Modules/xxmodule.c
fi
-PYTHONPATH=$(DESTDIR)$(LIBDEST) $(RUNSHARED) \
$(PYTHON_FOR_BUILD) -Wi $(DESTDIR)$(LIBDEST)/compileall.py \
diff --git a/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch b/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch
index 96c5a3c840..07ab4ed540 100644
--- a/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch
+++ b/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch
@@ -20,7 +20,7 @@ diff --git a/Lib/test/_test_multiprocessing.py b/Lib/test/_test_multiprocessing.
index 3bc5b8f..a6e106d 100644
--- a/Lib/test/_test_multiprocessing.py
+++ b/Lib/test/_test_multiprocessing.py
-@@ -568,6 +568,7 @@ class _TestProcess(BaseTestCase):
+@@ -575,6 +575,7 @@ class _TestProcess(BaseTestCase):
close_queue(q)
@@ -28,7 +28,7 @@ index 3bc5b8f..a6e106d 100644
def test_many_processes(self):
if self.TYPE == 'threads':
self.skipTest('test not appropriate for {}'.format(self.TYPE))
-@@ -4817,6 +4818,7 @@ class TestWait(unittest.TestCase):
+@@ -4829,6 +4830,7 @@ class TestWait(unittest.TestCase):
sem.release()
time.sleep(period)
@@ -40,7 +40,7 @@ diff --git a/Lib/test/test_time.py b/Lib/test/test_time.py
index 875615a..aebaa8c 100644
--- a/Lib/test/test_time.py
+++ b/Lib/test/test_time.py
-@@ -474,6 +474,7 @@ class TimeTestCase(unittest.TestCase):
+@@ -475,6 +475,7 @@ class TimeTestCase(unittest.TestCase):
def test_perf_counter(self):
time.perf_counter()
diff --git a/meta/recipes-devtools/python/python3/0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch b/meta/recipes-devtools/python/python3/0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch
index 88b84c6024..e6d7778ccd 100644
--- a/meta/recipes-devtools/python/python3/0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch
+++ b/meta/recipes-devtools/python/python3/0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch
@@ -16,7 +16,7 @@ diff --git a/Lib/tarfile.py b/Lib/tarfile.py
index 3bbbcaa..473167d 100755
--- a/Lib/tarfile.py
+++ b/Lib/tarfile.py
-@@ -2557,7 +2557,8 @@ class TarFile(object):
+@@ -2675,7 +2675,8 @@ class TarFile(object):
os.lchown(targetpath, u, g)
else:
os.chown(targetpath, u, g)
diff --git a/meta/recipes-devtools/python/python3/0001-python3-use-cc_basename-to-replace-CC-for-checking-c.patch b/meta/recipes-devtools/python/python3/0001-python3-use-cc_basename-to-replace-CC-for-checking-c.patch
index 6bb85fcb34..49c918b3b0 100644
--- a/meta/recipes-devtools/python/python3/0001-python3-use-cc_basename-to-replace-CC-for-checking-c.patch
+++ b/meta/recipes-devtools/python/python3/0001-python3-use-cc_basename-to-replace-CC-for-checking-c.patch
@@ -47,7 +47,7 @@ index 0c06914..299786b 100644
gcc) AC_PATH_TOOL(CXX, [g++], [g++], [notfound]) ;;
cc) AC_PATH_TOOL(CXX, [c++], [c++], [notfound]) ;;
clang|*/clang) AC_PATH_TOOL(CXX, [clang++], [clang++], [notfound]) ;;
-@@ -976,7 +977,7 @@ rmdir CaseSensitiveTestDir
+@@ -981,7 +982,7 @@ rmdir CaseSensitiveTestDir
case $ac_sys_system in
hp*|HP*)
@@ -56,7 +56,7 @@ index 0c06914..299786b 100644
cc|*/cc) CC="$CC -Ae";;
esac;;
esac
-@@ -1374,7 +1375,7 @@ else
+@@ -1379,7 +1380,7 @@ else
fi],
[AC_MSG_RESULT(no)])
if test "$Py_LTO" = 'true' ; then
@@ -65,7 +65,7 @@ index 0c06914..299786b 100644
*clang*)
AC_SUBST(LLVM_AR)
AC_PATH_TOOL(LLVM_AR, llvm-ar, '', ${llvm_path})
-@@ -1467,7 +1468,7 @@ then
+@@ -1472,7 +1473,7 @@ then
fi
fi
LLVM_PROF_ERR=no
@@ -74,7 +74,7 @@ index 0c06914..299786b 100644
*clang*)
# Any changes made here should be reflected in the GCC+Darwin case below
PGO_PROF_GEN_FLAG="-fprofile-instr-generate"
-@@ -1528,7 +1529,7 @@ esac
+@@ -1533,7 +1534,7 @@ esac
# compiler and platform. BASECFLAGS tweaks need to be made even if the
# user set OPT.
@@ -83,7 +83,7 @@ index 0c06914..299786b 100644
*clang*)
cc_is_clang=1
;;
-@@ -1664,7 +1665,7 @@ yes)
+@@ -1669,7 +1670,7 @@ yes)
# ICC doesn't recognize the option, but only emits a warning
## XXX does it emit an unused result warning and can it be disabled?
@@ -92,7 +92,7 @@ index 0c06914..299786b 100644
*icc*)
ac_cv_disable_unused_result_warning=no
;;
-@@ -2018,7 +2019,7 @@ yes)
+@@ -2023,7 +2024,7 @@ yes)
;;
esac
@@ -101,7 +101,7 @@ index 0c06914..299786b 100644
*icc*)
# ICC needs -fp-model strict or floats behave badly
CFLAGS_NODIST="$CFLAGS_NODIST -fp-model strict"
-@@ -2836,7 +2837,7 @@ then
+@@ -2841,7 +2842,7 @@ then
then
LINKFORSHARED="-Wl,--export-dynamic"
fi;;
@@ -110,7 +110,7 @@ index 0c06914..299786b 100644
*gcc*)
if $CC -Xlinker --help 2>&1 | grep export-dynamic >/dev/null
then
-@@ -5622,7 +5623,7 @@ if test "$have_gcc_asm_for_x87" = yes; then
+@@ -5628,7 +5629,7 @@ if test "$have_gcc_asm_for_x87" = yes; then
# Some versions of gcc miscompile inline asm:
# http://gcc.gnu.org/bugzilla/show_bug.cgi?id=46491
# http://gcc.gnu.org/ml/gcc/2010-11/msg00366.html
diff --git a/meta/recipes-devtools/python/python3/0001-setup.py-Do-not-detect-multiarch-paths-when-cross-co.patch b/meta/recipes-devtools/python/python3/0001-setup.py-Do-not-detect-multiarch-paths-when-cross-co.patch
index 1844e0efa3..0e243325c7 100644
--- a/meta/recipes-devtools/python/python3/0001-setup.py-Do-not-detect-multiarch-paths-when-cross-co.patch
+++ b/meta/recipes-devtools/python/python3/0001-setup.py-Do-not-detect-multiarch-paths-when-cross-co.patch
@@ -27,7 +27,7 @@ diff --git a/setup.py b/setup.py
index 2e7f263..f7a3d39 100644
--- a/setup.py
+++ b/setup.py
-@@ -840,7 +840,8 @@ class PyBuildExt(build_ext):
+@@ -839,7 +839,8 @@ class PyBuildExt(build_ext):
# only change this for cross builds for 3.3, issues on Mageia
if CROSS_COMPILING:
self.add_cross_compiling_paths()
diff --git a/meta/recipes-devtools/python/python3/0001-test_storlines-skip-due-to-load-variability.patch b/meta/recipes-devtools/python/python3/0001-test_storlines-skip-due-to-load-variability.patch
index 199031d42a..20d125963f 100644
--- a/meta/recipes-devtools/python/python3/0001-test_storlines-skip-due-to-load-variability.patch
+++ b/meta/recipes-devtools/python/python3/0001-test_storlines-skip-due-to-load-variability.patch
@@ -19,7 +19,7 @@ diff --git a/Lib/test/test_ftplib.py b/Lib/test/test_ftplib.py
index 082a90d46b..508814d56a 100644
--- a/Lib/test/test_ftplib.py
+++ b/Lib/test/test_ftplib.py
-@@ -629,6 +629,7 @@ def test_storbinary_rest(self):
+@@ -629,6 +629,7 @@ class TestFTPClass(TestCase):
self.client.storbinary('stor', f, rest=r)
self.assertEqual(self.server.handler_instance.rest, str(r))
diff --git a/meta/recipes-devtools/python/python3/0017-setup.py-do-not-report-missing-dependencies-for-disa.patch b/meta/recipes-devtools/python/python3/0017-setup.py-do-not-report-missing-dependencies-for-disa.patch
index 8c554feb4b..025239df1d 100644
--- a/meta/recipes-devtools/python/python3/0017-setup.py-do-not-report-missing-dependencies-for-disa.patch
+++ b/meta/recipes-devtools/python/python3/0017-setup.py-do-not-report-missing-dependencies-for-disa.patch
@@ -23,7 +23,7 @@ diff --git a/setup.py b/setup.py
index 85a2b26357..7605347bf5 100644
--- a/setup.py
+++ b/setup.py
-@@ -517,6 +517,14 @@ def print_three_column(lst):
+@@ -517,6 +517,14 @@ class PyBuildExt(build_ext):
print("%-*s %-*s %-*s" % (longest, e, longest, f,
longest, g))
diff --git a/meta/recipes-devtools/python/python3/0020-configure.ac-setup.py-do-not-add-a-curses-include-pa.patch b/meta/recipes-devtools/python/python3/0020-configure.ac-setup.py-do-not-add-a-curses-include-pa.patch
index 30d2906439..78295e6791 100644
--- a/meta/recipes-devtools/python/python3/0020-configure.ac-setup.py-do-not-add-a-curses-include-pa.patch
+++ b/meta/recipes-devtools/python/python3/0020-configure.ac-setup.py-do-not-add-a-curses-include-pa.patch
@@ -21,7 +21,7 @@ diff --git a/configure.ac b/configure.ac
index e5e3df8..bfdd987 100644
--- a/configure.ac
+++ b/configure.ac
-@@ -5092,12 +5092,6 @@ then
+@@ -5097,12 +5097,6 @@ then
[Define if you have struct stat.st_mtimensec])
fi
@@ -38,7 +38,7 @@ diff --git a/setup.py b/setup.py
index 62f0e18..c190002 100644
--- a/setup.py
+++ b/setup.py
-@@ -1169,8 +1169,6 @@ class PyBuildExt(build_ext):
+@@ -1173,8 +1173,6 @@ class PyBuildExt(build_ext):
panel_library = 'panel'
if curses_library == 'ncursesw':
curses_defines.append(('HAVE_NCURSESW', '1'))
diff --git a/meta/recipes-devtools/python/python3/CVE-2025-0938.patch b/meta/recipes-devtools/python/python3/CVE-2025-0938.patch
deleted file mode 100644
index 5730008f4b..0000000000
--- a/meta/recipes-devtools/python/python3/CVE-2025-0938.patch
+++ /dev/null
@@ -1,131 +0,0 @@
-From b8b4b713c5f8ec0958c7ef8d29d6711889bc94ab Mon Sep 17 00:00:00 2001
-From: "Miss Islington (bot)"
- <31488909+miss-islington@users.noreply.github.com>
-Date: Wed, 19 Feb 2025 14:36:23 +0100
-Subject: [PATCH] [3.10] gh-105704: Disallow square brackets (`[` and `]`) in
- domain names for parsed URLs (GH-129418) (#129529)
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-(cherry picked from commit d89a5f6a6e65511a5f6e0618c4c30a7aa5aba56a)
-
-Co-authored-by: Seth Michael Larson <seth@python.org>
-Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
-Co-authored-by: Łukasz Langa <lukasz@langa.pl>
-
-CVE: CVE-2025-0938
-Upstream-Status: Backport [https://github.com/python/cpython/commit/b8b4b713c5f8ec0958c7ef8d29d6711889bc94ab]
-Signed-off-by: Peter Marko <peter.marko@siemens.com>
----
- Lib/test/test_urlparse.py | 37 ++++++++++++++++++-
- Lib/urllib/parse.py | 20 +++++++++-
- ...-01-28-14-08-03.gh-issue-105704.EnhHxu.rst | 4 ++
- 3 files changed, 58 insertions(+), 3 deletions(-)
- create mode 100644 Misc/NEWS.d/next/Security/2025-01-28-14-08-03.gh-issue-105704.EnhHxu.rst
-
-diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py
-index f2ffc452e5..280644ef0b 100644
---- a/Lib/test/test_urlparse.py
-+++ b/Lib/test/test_urlparse.py
-@@ -1149,16 +1149,51 @@ class UrlParseTestCase(unittest.TestCase):
- self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[0439:23af::2309::fae7:1234]/Path?Query')
- self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[0439:23af:2309::fae7:1234:2342:438e:192.0.2.146]/Path?Query')
- self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@]v6a.ip[/Path')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[v6a.ip]')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[v6a.ip].suffix')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[v6a.ip]/')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[v6a.ip].suffix/')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[v6a.ip]?')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[v6a.ip].suffix?')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]/')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix/')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]?')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix?')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]:a')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix:a')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]:a1')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix:a1')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]:1a')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix:1a')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]:')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix:/')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]:?')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://user@prefix.[v6a.ip]')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://user@[v6a.ip].suffix')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[v6a.ip')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://v6a.ip]')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://]v6a.ip[')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://]v6a.ip')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://v6a.ip[')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[v6a.ip')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://v6a.ip].suffix')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix]v6a.ip[suffix')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix]v6a.ip')
-+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://v6a.ip[suffix')
-
- def test_splitting_bracketed_hosts(self):
-- p1 = urllib.parse.urlsplit('scheme://user@[v6a.ip]/path?query')
-+ p1 = urllib.parse.urlsplit('scheme://user@[v6a.ip]:1234/path?query')
- self.assertEqual(p1.hostname, 'v6a.ip')
- self.assertEqual(p1.username, 'user')
- self.assertEqual(p1.path, '/path')
-+ self.assertEqual(p1.port, 1234)
- p2 = urllib.parse.urlsplit('scheme://user@[0439:23af:2309::fae7%test]/path?query')
- self.assertEqual(p2.hostname, '0439:23af:2309::fae7%test')
- self.assertEqual(p2.username, 'user')
- self.assertEqual(p2.path, '/path')
-+ self.assertIs(p2.port, None)
- p3 = urllib.parse.urlsplit('scheme://user@[0439:23af:2309::fae7:1234:192.0.2.146%test]/path?query')
- self.assertEqual(p3.hostname, '0439:23af:2309::fae7:1234:192.0.2.146%test')
- self.assertEqual(p3.username, 'user')
-diff --git a/Lib/urllib/parse.py b/Lib/urllib/parse.py
-index 07e3248504..e1ee36d98e 100644
---- a/Lib/urllib/parse.py
-+++ b/Lib/urllib/parse.py
-@@ -442,6 +442,23 @@ def _checknetloc(netloc):
- raise ValueError("netloc '" + netloc + "' contains invalid " +
- "characters under NFKC normalization")
-
-+def _check_bracketed_netloc(netloc):
-+ # Note that this function must mirror the splitting
-+ # done in NetlocResultMixins._hostinfo().
-+ hostname_and_port = netloc.rpartition('@')[2]
-+ before_bracket, have_open_br, bracketed = hostname_and_port.partition('[')
-+ if have_open_br:
-+ # No data is allowed before a bracket.
-+ if before_bracket:
-+ raise ValueError("Invalid IPv6 URL")
-+ hostname, _, port = bracketed.partition(']')
-+ # No data is allowed after the bracket but before the port delimiter.
-+ if port and not port.startswith(":"):
-+ raise ValueError("Invalid IPv6 URL")
-+ else:
-+ hostname, _, port = hostname_and_port.partition(':')
-+ _check_bracketed_host(hostname)
-+
- # Valid bracketed hosts are defined in
- # https://www.rfc-editor.org/rfc/rfc3986#page-49 and https://url.spec.whatwg.org/
- def _check_bracketed_host(hostname):
-@@ -505,8 +522,7 @@ def urlsplit(url, scheme='', allow_fragments=True):
- (']' in netloc and '[' not in netloc)):
- raise ValueError("Invalid IPv6 URL")
- if '[' in netloc and ']' in netloc:
-- bracketed_host = netloc.partition('[')[2].partition(']')[0]
-- _check_bracketed_host(bracketed_host)
-+ _check_bracketed_netloc(netloc)
- if allow_fragments and '#' in url:
- url, fragment = url.split('#', 1)
- if '?' in url:
-diff --git a/Misc/NEWS.d/next/Security/2025-01-28-14-08-03.gh-issue-105704.EnhHxu.rst b/Misc/NEWS.d/next/Security/2025-01-28-14-08-03.gh-issue-105704.EnhHxu.rst
-new file mode 100644
-index 0000000000..bff1bc6b0d
---- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2025-01-28-14-08-03.gh-issue-105704.EnhHxu.rst
-@@ -0,0 +1,4 @@
-+When using :func:`urllib.parse.urlsplit` and :func:`urllib.parse.urlparse` host
-+parsing would not reject domain names containing square brackets (``[`` and
-+``]``). Square brackets are only valid for IPv6 and IPvFuture hosts according to
-+`RFC 3986 Section 3.2.2 <https://www.rfc-editor.org/rfc/rfc3986#section-3.2.2>`__.
diff --git a/meta/recipes-devtools/python/python3/avoid_warning_about_tkinter.patch b/meta/recipes-devtools/python/python3/avoid_warning_about_tkinter.patch
index 2de72b7199..3b4b170f7f 100644
--- a/meta/recipes-devtools/python/python3/avoid_warning_about_tkinter.patch
+++ b/meta/recipes-devtools/python/python3/avoid_warning_about_tkinter.patch
@@ -18,7 +18,7 @@ diff --git a/setup.py b/setup.py
index 11b5cf5..2be4738 100644
--- a/setup.py
+++ b/setup.py
-@@ -1895,8 +1895,8 @@ class PyBuildExt(build_ext):
+@@ -1902,8 +1902,8 @@ class PyBuildExt(build_ext):
self.detect_decimal()
self.detect_ctypes()
self.detect_multiprocessing()
diff --git a/meta/recipes-devtools/python/python3/makerace.patch b/meta/recipes-devtools/python/python3/makerace.patch
index 2c06784ffc..cfcc798c05 100644
--- a/meta/recipes-devtools/python/python3/makerace.patch
+++ b/meta/recipes-devtools/python/python3/makerace.patch
@@ -21,7 +21,7 @@ diff --git a/Makefile.pre.in b/Makefile.pre.in
index 5e13ba2..026bffd 100644
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
-@@ -1527,7 +1527,7 @@ TESTSUBDIRS= ctypes/test \
+@@ -1528,7 +1528,7 @@ TESTSUBDIRS= ctypes/test \
unittest/test unittest/test/testmock
TEST_MODULES=@TEST_MODULES@
diff --git a/meta/recipes-devtools/python/python3_3.10.16.bb b/meta/recipes-devtools/python/python3_3.10.18.bb
similarity index 99%
rename from meta/recipes-devtools/python/python3_3.10.16.bb
rename to meta/recipes-devtools/python/python3_3.10.18.bb
index 932791f38d..0b57a0ebee 100644
--- a/meta/recipes-devtools/python/python3_3.10.16.bb
+++ b/meta/recipes-devtools/python/python3_3.10.18.bb
@@ -37,7 +37,6 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
file://0001-Avoid-shebang-overflow-on-python-config.py.patch \
file://0001-test_storlines-skip-due-to-load-variability.patch \
file://0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch \
- file://CVE-2025-0938.patch \
"
SRC_URI:append:class-native = " \
@@ -46,7 +45,7 @@ SRC_URI:append:class-native = " \
file://12-distutils-prefix-is-inside-staging-area.patch \
file://0001-Don-t-search-system-for-headers-libraries.patch \
"
-SRC_URI[sha256sum] = "bfb249609990220491a1b92850a07135ed0831e41738cf681d63cf01b2a8fbd1"
+SRC_URI[sha256sum] = "ae665bc678abd9ab6a6e1573d2481625a53719bc517e9a634ed2b9fefae3817f"
# exclude pre-releases for both python 2.x and 3.x
UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"
--
2.43.0
^ permalink raw reply related [flat|nested] 25+ messages in thread
* [OE-core][kirkstone 15/15] kernel.bbclass: add original package name to RPROVIDES for -image and -base
2025-06-10 19:38 [OE-core][kirkstone 00/15] Patch review Steve Sakoman
` (13 preceding siblings ...)
2025-06-10 19:38 ` [OE-core][kirkstone 14/15] python3: upgrade 3.10.16 -> 3.10.18 Steve Sakoman
@ 2025-06-10 19:38 ` Steve Sakoman
14 siblings, 0 replies; 25+ messages in thread
From: Steve Sakoman @ 2025-06-10 19:38 UTC (permalink / raw)
To: openembedded-core
From: Martin Jansa <martin.jansa@gmail.com>
* -image and -base change PKG to:
PKG:${KERNEL_PACKAGE_NAME}-image = "${KERNEL_PACKAGE_NAME}-image-${@legitimize_package_name(d.getVar(KERNEL_VERSION))}"
PKG:${KERNEL_PACKAGE_NAME}-base = "${KERNEL_PACKAGE_NAME}-${@legitimize_package_name(d.getVar(KERNEL_VERSION))}"
* but only when debian.bbclass is inheritted they add the original package name into RPROVIDES by:
https://git.openembedded.org/openembedded-core/commit/?id=3409c4379559afbb1d1d29045582995147a33bbc
* fixes the build if some packagegroup or something RDEPENDS on kernel-image or kernel-base
and the DISTRO doesn't inherit debian.bbclass
* as shown in pkgdata:
linux-raspberrypi $ egrep "^(PKG:)|(RPRO)" 6.6.36+git-*/pkgdata/runtime/kernel-image
6.6.36+git-debian/pkgdata/runtime/kernel-image:RPROVIDES:kernel-image: kernel-image (=6.6.36+git@PRSERV_PV_AUTOINC@+733366844f_769634f344)
6.6.36+git-debian/pkgdata/runtime/kernel-image:PKG:kernel-image: kernel-image-6.6.36-v8
6.6.36+git-without-debian/pkgdata/runtime/kernel-image:PKG:kernel-image: kernel-image-6.6.36-v8
linux-raspberrypi $ egrep "^(PKG:)|(RPRO)" 6.6.36+git-*/pkgdata/runtime/kernel-image-image
6.6.36+git-debian/pkgdata/runtime/kernel-image-image:RPROVIDES:kernel-image-image: kernel-image-image (=6.6.36+git@PRSERV_PV_AUTOINC@+733366844f_769634f344)
6.6.36+git-debian/pkgdata/runtime/kernel-image-image:PKG:kernel-image-image: kernel-image-image-6.6.36-v8
6.6.36+git-without-debian/pkgdata/runtime/kernel-image-image:PKG:kernel-image-image: kernel-image-image-6.6.36-v8
(From OE-Core rev: 05498781657a3f8b38b000f91594ecd78850ce47)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9cb954884bc3905defa1ff533e668dea13e17cba)
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/classes/kernel.bbclass | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/meta/classes/kernel.bbclass b/meta/classes/kernel.bbclass
index 988a489396..54fbba5b2e 100644
--- a/meta/classes/kernel.bbclass
+++ b/meta/classes/kernel.bbclass
@@ -706,9 +706,10 @@ RDEPENDS:${KERNEL_PACKAGE_NAME} = "${KERNEL_PACKAGE_NAME}-base (= ${EXTENDPKGV})
# not wanted in images as standard
RRECOMMENDS:${KERNEL_PACKAGE_NAME}-base ?= "${KERNEL_PACKAGE_NAME}-image (= ${EXTENDPKGV})"
PKG:${KERNEL_PACKAGE_NAME}-image = "${KERNEL_PACKAGE_NAME}-image-${@legitimize_package_name(d.getVar('KERNEL_VERSION'))}"
+RPROVIDES:${KERNEL_PACKAGE_NAME}-image += "${KERNEL_PACKAGE_NAME}-image"
RDEPENDS:${KERNEL_PACKAGE_NAME}-image += "${@oe.utils.conditional('KERNEL_IMAGETYPE', 'vmlinux', '${KERNEL_PACKAGE_NAME}-vmlinux (= ${EXTENDPKGV})', '', d)}"
PKG:${KERNEL_PACKAGE_NAME}-base = "${KERNEL_PACKAGE_NAME}-${@legitimize_package_name(d.getVar('KERNEL_VERSION'))}"
-RPROVIDES:${KERNEL_PACKAGE_NAME}-base += "${KERNEL_PACKAGE_NAME}-${KERNEL_VERSION}"
+RPROVIDES:${KERNEL_PACKAGE_NAME}-base += "${KERNEL_PACKAGE_NAME}-${KERNEL_VERSION} ${KERNEL_PACKAGE_NAME}-base"
ALLOW_EMPTY:${KERNEL_PACKAGE_NAME} = "1"
ALLOW_EMPTY:${KERNEL_PACKAGE_NAME}-base = "1"
ALLOW_EMPTY:${KERNEL_PACKAGE_NAME}-image = "1"
--
2.43.0
^ permalink raw reply related [flat|nested] 25+ messages in thread
end of thread, other threads:[~2025-06-10 19:39 UTC | newest]
Thread overview: 25+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-06-10 19:38 [OE-core][kirkstone 00/15] Patch review Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 01/15] ghostscript: fix CVE-2025-48708 Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 02/15] icu: fix CVE-2025-5222 Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 03/15] libsoup-2.4: Backport auth tests for CVE-2025-32910 Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 04/15] taglib: fix CVE-2023-47466 Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 05/15] ffmpeg: upgrade 5.0.1 -> 5.0.3 Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 06/15] ffmpeg: fix CVE-2025-22919 Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 07/15] ffmpeg: fix CVE-2025-22921 Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 08/15] binutils: add CVE-2025-1182 patch file to SRC_URI Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 09/15] python3-setuptools: Fix CVE-2025-47273 Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 10/15] binutils: Fix CVE-2025-5244 & CVE-2025-5245 Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 11/15] screen: fix CVE-2025-46802 Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 12/15] screen: fix CVE-2025-46804 Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 13/15] git: Fix CVE-2024-50349 and CVE-2024-52006 Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 14/15] python3: upgrade 3.10.16 -> 3.10.18 Steve Sakoman
2025-06-10 19:38 ` [OE-core][kirkstone 15/15] kernel.bbclass: add original package name to RPROVIDES for -image and -base Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-05-13 19:07 [OE-core][kirkstone 00/15] Patch review Steve Sakoman
2025-02-27 17:39 Steve Sakoman
2024-09-23 13:13 Steve Sakoman
2024-03-20 16:09 Steve Sakoman
2023-12-08 2:33 Steve Sakoman
2023-05-09 22:32 Steve Sakoman
2023-05-06 15:24 Steve Sakoman
2022-07-27 0:40 Steve Sakoman
2022-06-19 19:30 Steve Sakoman
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox