[OE-core][kirkstone 00/10] Patch review

[OE-core][kirkstone 00/10] Patch review

[Steve Sakoman]

Please review this set of changes for kirkstone and have comments back by
end of day Friday, August 1

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2113

The following changes since commit 277b5ec3c0212ca8600dd89d0a33f784a060131f:

  db: ignore implicit-int and implicit-function-declaration issues fatal with gcc-14 (2025-07-25 08:37:09 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Deepesh Varatharajan (1):
  binutils: Fix CVE-2025-7545

Peter Marko (8):
  dropbear: patch CVE-2025-47203
  gnutls: patch CVE-2025-32989
  gnutls: patch read buffer overrun in the "pre_shared_key" extension
  gnutls: patch reject zero-length version in certificate request
  gnutls: patch CVE-2025-32988
  gnutls: patch CVE-2025-32990
  gnutls: patch CVE-2025-6395
  libxml2: patch CVE-2025-6170

Vijay Anusuri (1):
  sqlite3: Fix CVE-2025-6965

 meta/recipes-core/dropbear/dropbear.inc       |    3 +
 ..._snprintf-that-won-t-return-negative.patch |   48 +
 ...-length-paths-and-commands-in-multih.patch |  126 +
 .../dropbear/dropbear/CVE-2025-47203.patch    |  344 +++
 .../libxml/libxml2/CVE-2025-6170.patch        |  103 +
 meta/recipes-core/libxml/libxml2_2.9.14.bb    |    1 +
 .../binutils/binutils-2.38.inc                |    1 +
 .../binutils/0043-CVE-2025-7545.patch         |   39 +
 ...fer-overrun-in-the-pre_shared_key-ex.patch |   34 +
 ...-length-version-in-certificate-reque.patch |   37 +
 .../04939b75417cc95b7372c6f208c4bda4579bdc34  |  Bin 0 -> 1782 bytes
 .../3e94dcdff862ef5d6db8b5cc8e59310b5f0cdfe2  |  Bin 0 -> 830 bytes
 .../5477db1bb507a35e8833c758ce344f4b5b246d8e  |  Bin 0 -> 111 bytes
 .../gnutls/gnutls/CVE-2025-32988.patch        |   58 +
 .../gnutls/gnutls/CVE-2025-32989.patch        |   50 +
 .../gnutls/gnutls/CVE-2025-32990.patch        | 2109 +++++++++++++++++
 .../gnutls/gnutls/CVE-2025-6395.patch         |  299 +++
 meta/recipes-support/gnutls/gnutls_3.7.4.bb   |   15 +
 .../sqlite/files/CVE-2025-6965.patch          |  115 +
 meta/recipes-support/sqlite/sqlite3_3.38.5.bb |    1 +
 20 files changed, 3383 insertions(+)
 create mode 100644 meta/recipes-core/dropbear/dropbear/0001-Add-m_snprintf-that-won-t-return-negative.patch
 create mode 100644 meta/recipes-core/dropbear/dropbear/0001-Handle-arbitrary-length-paths-and-commands-in-multih.patch
 create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2025-47203.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-6170.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0043-CVE-2025-7545.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0001-psk-fix-read-buffer-overrun-in-the-pre_shared_key-ex.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0001-x509-reject-zero-length-version-in-certificate-reque.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/04939b75417cc95b7372c6f208c4bda4579bdc34
 create mode 100644 meta/recipes-support/gnutls/gnutls/3e94dcdff862ef5d6db8b5cc8e59310b5f0cdfe2
 create mode 100644 meta/recipes-support/gnutls/gnutls/5477db1bb507a35e8833c758ce344f4b5b246d8e
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-32988.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-32989.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-32990.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-6395.patch
 create mode 100644 meta/recipes-support/sqlite/files/CVE-2025-6965.patch

-- 
2.43.0

[OE-core][kirkstone 01/10] dropbear: patch CVE-2025-47203

[Steve Sakoman]

From: Peter Marko <peter.marko@siemens.com>

CVE patch [1] as mentioned in [2] relies on several patches not yet
available in version 2020.81 we have in kirkstone.
The good folks from Debian did the hard work identifying them as they
have the same version in bullseye release.
The commits were picked from [3] and they have their references to
dropbear upstream commits.

[1] https://github.com/mkj/dropbear/commit/e5a0ef27c227f7ae69d9a9fec98a056494409b9b
[2] https://security-tracker.debian.org/tracker/CVE-2025-47203
[3] https://salsa.debian.org/debian/dropbear/-/commit/7f48e75892c40cfc6336137d62581d2c4ca7d84c

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/dropbear/dropbear.inc       |   3 +
 ..._snprintf-that-won-t-return-negative.patch |  48 +++
 ...-length-paths-and-commands-in-multih.patch | 126 +++++++
 .../dropbear/dropbear/CVE-2025-47203.patch    | 344 ++++++++++++++++++
 4 files changed, 521 insertions(+)
 create mode 100644 meta/recipes-core/dropbear/dropbear/0001-Add-m_snprintf-that-won-t-return-negative.patch
 create mode 100644 meta/recipes-core/dropbear/dropbear/0001-Handle-arbitrary-length-paths-and-commands-in-multih.patch
 create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2025-47203.patch

diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc
index a32242949b..94059df258 100644
--- a/meta/recipes-core/dropbear/dropbear.inc
+++ b/meta/recipes-core/dropbear/dropbear.inc
@@ -31,6 +31,9 @@ SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \
 	   file://CVE-2021-36369.patch \
 	   file://CVE-2023-36328.patch \
 	   file://CVE-2023-48795.patch \
+           file://0001-Add-m_snprintf-that-won-t-return-negative.patch \
+           file://0001-Handle-arbitrary-length-paths-and-commands-in-multih.patch \
+           file://CVE-2025-47203.patch \
 	   "
 
 PAM_SRC_URI = "file://0005-dropbear-enable-pam.patch \
diff --git a/meta/recipes-core/dropbear/dropbear/0001-Add-m_snprintf-that-won-t-return-negative.patch b/meta/recipes-core/dropbear/dropbear/0001-Add-m_snprintf-that-won-t-return-negative.patch
new file mode 100644
index 0000000000..ec75fcbc61
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear/0001-Add-m_snprintf-that-won-t-return-negative.patch
@@ -0,0 +1,48 @@
+From ac2433cb8daa1279d14f8b2cd4c7e1f3405787d4 Mon Sep 17 00:00:00 2001
+From: Matt Johnston <matt@ucc.asn.au>
+Date: Fri, 1 Apr 2022 12:10:48 +0800
+Subject: [PATCH] Add m_snprintf() that won't return negative
+
+Origin: https://github.com/mkj/dropbear/commit/ac2433cb8daa1279d14f8b2cd4c7e1f3405787d4
+
+Upstream-Status: Backport [https://github.com/mkj/dropbear/commit/ac2433cb8daa1279d14f8b2cd4c7e1f3405787d4]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ dbutil.c | 13 +++++++++++++
+ dbutil.h |  2 ++
+ 2 files changed, 15 insertions(+)
+
+diff --git a/dbutil.c b/dbutil.c
+index 5af6330..d4c3298 100644
+--- a/dbutil.c
++++ b/dbutil.c
+@@ -691,3 +691,16 @@ void fsync_parent_dir(const char* fn) {
+ 	m_free(fn_dir);
+ #endif
+ }
++
++int m_snprintf(char *str, size_t size, const char *format, ...) {
++	va_list param;
++	int ret;
++
++	va_start(param, format);
++	ret = vsnprintf(str, size, format, param);
++	va_end(param);
++	if (ret < 0) {
++		dropbear_exit("snprintf failed");
++	}
++	return ret;
++}
+diff --git a/dbutil.h b/dbutil.h
+index 2a1c82c..71cffe8 100644
+--- a/dbutil.h
++++ b/dbutil.h
+@@ -70,6 +70,8 @@ void m_close(int fd);
+ void setnonblocking(int fd);
+ void disallow_core(void);
+ int m_str_to_uint(const char* str, unsigned int *val);
++/* The same as snprintf() but exits rather than returning negative */
++int m_snprintf(char *str, size_t size, const char *format, ...);
+ 
+ /* Used to force mp_ints to be initialised */
+ #define DEF_MP_INT(X) mp_int X = {0, 0, 0, NULL}
diff --git a/meta/recipes-core/dropbear/dropbear/0001-Handle-arbitrary-length-paths-and-commands-in-multih.patch b/meta/recipes-core/dropbear/dropbear/0001-Handle-arbitrary-length-paths-and-commands-in-multih.patch
new file mode 100644
index 0000000000..dbc457209d
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear/0001-Handle-arbitrary-length-paths-and-commands-in-multih.patch
@@ -0,0 +1,126 @@
+From fe15c36664a984de9e1b2386ac52d4b8577cac93 Mon Sep 17 00:00:00 2001
+From: Matt Johnston <matt@ucc.asn.au>
+Date: Mon, 1 Apr 2024 11:50:26 +0800
+Subject: [PATCH] Handle arbitrary length paths and commands in
+ multihop_passthrough_args()
+
+Origin: https://github.com/mkj/dropbear/commit/7894254afa9b1d3a836911b7ccea1fe18391b881
+Origin: https://github.com/mkj/dropbear/commit/2f1177e55f33afd676e08c9449ab7ab517fc3b30
+Origin: https://github.com/mkj/dropbear/commit/697b1f86c0b2b0caf12e9e32bab29161093ab5d4
+Origin: https://github.com/mkj/dropbear/commit/dd03da772bfad6174425066ff9752b60e25ed183
+Origin: https://github.com/mkj/dropbear/commit/d59436a4d56de58b856142a5d489a4a8fc7382ed
+
+Upstream-Status: Backport [see commits above]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ cli-runopts.c | 63 +++++++++++++++++++++------------------------------
+ 1 file changed, 26 insertions(+), 37 deletions(-)
+
+diff --git a/cli-runopts.c b/cli-runopts.c
+index 255b47e..9798f62 100644
+--- a/cli-runopts.c
++++ b/cli-runopts.c
+@@ -523,61 +523,50 @@ static void loadidentityfile(const char* filename, int warnfail) {
+ 
+ #if DROPBEAR_CLI_MULTIHOP
+ 
+-static char*
+-multihop_passthrough_args() {
+-	char *ret;
+-	int total;
+-	unsigned int len = 0;
++/* Fill out -i, -y, -W options that make sense for all
++ * the intermediate processes */
++static char* multihop_passthrough_args(void) {
++	char *args = NULL;
++	unsigned int len, total;
++#if DROPBEAR_CLI_PUBKEY_AUTH
+ 	m_list_elem *iter;
+-	/* Fill out -i, -y, -W options that make sense for all
+-	 * the intermediate processes */
++#endif
++	/* Sufficient space for non-string args */
++	len = 100;
++
++	/* String arguments have arbitrary length, so determine space required */
+ #if DROPBEAR_CLI_PUBKEY_AUTH
+ 	for (iter = cli_opts.privkeys->first; iter; iter = iter->next)
+ 	{
+ 		sign_key * key = (sign_key*)iter->item;
+-		len += 3 + strlen(key->filename);
++		len += 4 + strlen(key->filename);
+ 	}
+-#endif /* DROPBEAR_CLI_PUBKEY_AUTH */
++#endif
+ 
+-	len += 30; /* space for -W <size>, terminator. */
+-	ret = m_malloc(len);
++	args = m_malloc(len);
+ 	total = 0;
+ 
+-	if (cli_opts.no_hostkey_check)
+-	{
+-		int written = snprintf(ret+total, len-total, "-y -y ");
+-		total += written;
+-	}
+-	else if (cli_opts.always_accept_key)
+-	{
+-		int written = snprintf(ret+total, len-total, "-y ");
+-		total += written;
++	/* Create new argument string */
++
++	if (cli_opts.no_hostkey_check) {
++		total += m_snprintf(args+total, len-total, "-y -y ");
++	} else if (cli_opts.always_accept_key) {
++		total += m_snprintf(args+total, len-total, "-y ");
+ 	}
+ 
+-	if (opts.recv_window != DEFAULT_RECV_WINDOW)
+-	{
+-		int written = snprintf(ret+total, len-total, "-W %u ", opts.recv_window);
+-		total += written;
++	if (opts.recv_window != DEFAULT_RECV_WINDOW) {
++		total += m_snprintf(args+total, len-total, "-W %u ", opts.recv_window);
+ 	}
+ 
+ #if DROPBEAR_CLI_PUBKEY_AUTH
+ 	for (iter = cli_opts.privkeys->first; iter; iter = iter->next)
+ 	{
+ 		sign_key * key = (sign_key*)iter->item;
+-		const size_t size = len - total;
+-		int written = snprintf(ret+total, size, "-i %s ", key->filename);
+-		dropbear_assert((unsigned int)written < size);
+-		total += written;
++		total += m_snprintf(args+total, len-total, "-i %s ", key->filename);
+ 	}
+ #endif /* DROPBEAR_CLI_PUBKEY_AUTH */
+ 
+-	/* if args were passed, total will be not zero, and it will have a space at the end, so remove that */
+-	if (total > 0) 
+-	{
+-		total--;
+-	}
+-
+-	return ret;
++	return args;
+ }
+ 
+ /* Sets up 'onion-forwarding' connections. This will spawn
+@@ -608,7 +597,7 @@ static void parse_multihop_hostname(const char* orighostarg, const char* argv0)
+ 			&& strchr(cli_opts.username, '@')) {
+ 		unsigned int len = strlen(orighostarg) + strlen(cli_opts.username) + 2;
+ 		hostbuf = m_malloc(len);
+-		snprintf(hostbuf, len, "%s@%s", cli_opts.username, orighostarg);
++		m_snprintf(hostbuf, len, "%s@%s", cli_opts.username, orighostarg);
+ 	} else {
+ 		hostbuf = m_strdup(orighostarg);
+ 	}
+@@ -642,7 +631,7 @@ static void parse_multihop_hostname(const char* orighostarg, const char* argv0)
+ 			+ strlen(passthrough_args)
+ 			+ 30;
+ 		cli_opts.proxycmd = m_malloc(cmd_len);
+-		snprintf(cli_opts.proxycmd, cmd_len, "%s -B %s:%s %s %s", 
++		m_snprintf(cli_opts.proxycmd, cmd_len, "%s -B %s:%s %s %s",
+ 				argv0, cli_opts.remotehost, cli_opts.remoteport, 
+ 				passthrough_args, remainder);
+ #ifndef DISABLE_ZLIB
diff --git a/meta/recipes-core/dropbear/dropbear/CVE-2025-47203.patch b/meta/recipes-core/dropbear/dropbear/CVE-2025-47203.patch
new file mode 100644
index 0000000000..3a51927cfe
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear/CVE-2025-47203.patch
@@ -0,0 +1,344 @@
+From e5a0ef27c227f7ae69d9a9fec98a056494409b9b Mon Sep 17 00:00:00 2001
+From: Matt Johnston <matt@ucc.asn.au>
+Date: Mon, 5 May 2025 23:14:19 +0800
+Subject: [PATCH] Execute multihop commands directly, no shell
+
+This avoids problems with shell escaping if arguments contain special
+characters.
+
+Origin: https://github.com/mkj/dropbear/commit/e5a0ef27c227f7ae69d9a9fec98a056494409b9b
+Bug: https://www.openwall.com/lists/oss-security/2025/05/13/1
+Bug-Debian: https://deb.freexian.com/extended-lts/tracker/CVE-2025-47203
+
+CVE: CVE-2025-47203
+Upstream-Status: Backport [https://github.com/mkj/dropbear/commit/e5a0ef27c227f7ae69d9a9fec98a056494409b9b]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ cli-main.c    | 60 ++++++++++++++++++++++++++++--------------
+ cli-runopts.c | 84 +++++++++++++++++++++++++++++++++++------------------------
+ dbutil.c      |  9 +++++--
+ dbutil.h      |  1 +
+ runopts.h     |  5 ++++
+ 5 files changed, 104 insertions(+), 55 deletions(-)
+
+diff --git a/cli-main.c b/cli-main.c
+index 7f455d1..53c55c1 100644
+--- a/cli-main.c
++++ b/cli-main.c
+@@ -73,9 +73,8 @@ int main(int argc, char ** argv) {
+ 
+ 	pid_t proxy_cmd_pid = 0;
+ #if DROPBEAR_CLI_PROXYCMD
+-	if (cli_opts.proxycmd) {
++	if (cli_opts.proxycmd || cli_opts.proxyexec) {
+ 		cli_proxy_cmd(&sock_in, &sock_out, &proxy_cmd_pid);
+-		m_free(cli_opts.proxycmd);
+ 		if (signal(SIGINT, kill_proxy_sighandler) == SIG_ERR ||
+ 			signal(SIGTERM, kill_proxy_sighandler) == SIG_ERR ||
+ 			signal(SIGHUP, kill_proxy_sighandler) == SIG_ERR) {
+@@ -96,7 +95,8 @@ int main(int argc, char ** argv) {
+ }
+ #endif /* DBMULTI stuff */
+ 
+-static void exec_proxy_cmd(const void *user_data_cmd) {
++#if DROPBEAR_CLI_PROXYCMD
++static void shell_proxy_cmd(const void *user_data_cmd) {
+ 	const char *cmd = user_data_cmd;
+ 	char *usershell;
+ 
+@@ -105,40 +105,62 @@ static void exec_proxy_cmd(const void *user_data_cmd) {
+ 	dropbear_exit("Failed to run '%s'\n", cmd);
+ }
+ 
+-#if DROPBEAR_CLI_PROXYCMD
++static void exec_proxy_cmd(const void *unused) {
++	(void)unused;
++	run_command(cli_opts.proxyexec[0], cli_opts.proxyexec, ses.maxfd);
++	dropbear_exit("Failed to run '%s'\n", cli_opts.proxyexec[0]);
++}
++
+ static void cli_proxy_cmd(int *sock_in, int *sock_out, pid_t *pid_out) {
+-	char * ex_cmd = NULL;
+-	size_t ex_cmdlen;
++	char * cmd_arg = NULL;
++	void (*exec_fn)(const void *user_data) = NULL;
+ 	int ret;
+ 
++	/* exactly one of cli_opts.proxycmd or cli_opts.proxyexec should be set */
++
+ 	/* File descriptor "-j &3" */
+-	if (*cli_opts.proxycmd == '&') {
++	if (cli_opts.proxycmd && *cli_opts.proxycmd == '&') {
+ 		char *p = cli_opts.proxycmd + 1;
+ 		int sock = strtoul(p, &p, 10);
+ 		/* must be a single number, and not stdin/stdout/stderr */
+ 		if (sock > 2 && sock < 1024 && *p == '\0') {
+ 			*sock_in = sock;
+ 			*sock_out = sock;
+-			return;
++			goto cleanup;
+ 		}
+ 	}
+ 
+-	/* Normal proxycommand */
+-
+-	/* So that spawn_command knows which shell to run */
+-	fill_passwd(cli_opts.own_user);
+-
+-	ex_cmdlen = strlen(cli_opts.proxycmd) + 6; /* "exec " + command + '\0' */
+-	ex_cmd = m_malloc(ex_cmdlen);
+-	snprintf(ex_cmd, ex_cmdlen, "exec %s", cli_opts.proxycmd);
++	if (cli_opts.proxycmd) {
++		/* Normal proxycommand */
++		size_t shell_cmdlen;
++		/* So that spawn_command knows which shell to run */
++		fill_passwd(cli_opts.own_user);
++
++		shell_cmdlen = strlen(cli_opts.proxycmd) + 6; /* "exec " + command + '\0' */
++		cmd_arg = m_malloc(shell_cmdlen);
++		snprintf(cmd_arg, shell_cmdlen, "exec %s", cli_opts.proxycmd);
++		exec_fn = shell_proxy_cmd;
++	} else {
++		/* No shell */
++		exec_fn = exec_proxy_cmd;
++	}
+ 
+-	ret = spawn_command(exec_proxy_cmd, ex_cmd,
+-			sock_out, sock_in, NULL, pid_out);
+-	m_free(ex_cmd);
++	ret = spawn_command(exec_fn, cmd_arg, sock_out, sock_in, NULL, pid_out);
+ 	if (ret == DROPBEAR_FAILURE) {
+ 		dropbear_exit("Failed running proxy command");
+ 		*sock_in = *sock_out = -1;
+ 	}
++
++cleanup:
++	m_free(cli_opts.proxycmd);
++	m_free(cmd_arg);
++	if (cli_opts.proxyexec) {
++		char **a = NULL;
++		for (a = cli_opts.proxyexec; *a; a++) {
++			m_free_direct(*a);
++		}
++		m_free(cli_opts.proxyexec);
++	}
+ }
+ 
+ static void kill_proxy_sighandler(int UNUSED(signo)) {
+diff --git a/cli-runopts.c b/cli-runopts.c
+index 9798f62..0f3dcd0 100644
+--- a/cli-runopts.c
++++ b/cli-runopts.c
+@@ -525,47 +525,69 @@ static void loadidentityfile(const char* filename, int warnfail) {
+ 
+ /* Fill out -i, -y, -W options that make sense for all
+  * the intermediate processes */
+-static char* multihop_passthrough_args(void) {
+-	char *args = NULL;
+-	unsigned int len, total;
++static char** multihop_args(const char* argv0, const char* prior_hops) {
++	/* null terminated array */
++	char **args = NULL;
++	size_t max_args = 14, pos = 0, len;
+ #if DROPBEAR_CLI_PUBKEY_AUTH
+ 	m_list_elem *iter;
+ #endif
+-	/* Sufficient space for non-string args */
+-	len = 100;
+ 
+-	/* String arguments have arbitrary length, so determine space required */
+ #if DROPBEAR_CLI_PUBKEY_AUTH
+ 	for (iter = cli_opts.privkeys->first; iter; iter = iter->next)
+ 	{
+-		sign_key * key = (sign_key*)iter->item;
+-		len += 4 + strlen(key->filename);
++		/* "-i file" for each */
++		max_args += 2;
+ 	}
+ #endif
+ 
+-	args = m_malloc(len);
+-	total = 0;
++	args = m_malloc(sizeof(char*) * max_args);
++	pos = 0;
+ 
+-	/* Create new argument string */
++	args[pos] = m_strdup(argv0);
++	pos++;
+ 
+ 	if (cli_opts.no_hostkey_check) {
+-		total += m_snprintf(args+total, len-total, "-y -y ");
++		args[pos] = m_strdup("-y");
++		pos++;
++		args[pos] = m_strdup("-y");
++		pos++;
+ 	} else if (cli_opts.always_accept_key) {
+-		total += m_snprintf(args+total, len-total, "-y ");
++		args[pos] = m_strdup("-y");
++		pos++;
+ 	}
+ 
+ 	if (opts.recv_window != DEFAULT_RECV_WINDOW) {
+-		total += m_snprintf(args+total, len-total, "-W %u ", opts.recv_window);
++		args[pos] = m_strdup("-W");
++		pos++;
++		args[pos] = m_malloc(11);
++		m_snprintf(args[pos], 11, "%u", opts.recv_window);
++		pos++;
+ 	}
+ 
+ #if DROPBEAR_CLI_PUBKEY_AUTH
+ 	for (iter = cli_opts.privkeys->first; iter; iter = iter->next)
+ 	{
+ 		sign_key * key = (sign_key*)iter->item;
+-		total += m_snprintf(args+total, len-total, "-i %s ", key->filename);
++		args[pos] = m_strdup("-i");
++		pos++;
++		args[pos] = m_strdup(key->filename);
++		pos++;
+ 	}
+ #endif /* DROPBEAR_CLI_PUBKEY_AUTH */
+ 
++	/* last hop */
++	args[pos] = m_strdup("-B");
++	pos++;
++	len = strlen(cli_opts.remotehost) + strlen(cli_opts.remoteport) + 2;
++	args[pos] = m_malloc(len);
++	snprintf(args[pos], len, "%s:%s", cli_opts.remotehost, cli_opts.remoteport);
++	pos++;
++
++	/* hostnames of prior hops */
++	args[pos] = m_strdup(prior_hops);
++	pos++;
++
+ 	return args;
+ }
+ 
+@@ -585,7 +607,7 @@ static void parse_multihop_hostname(const char* orighostarg, const char* argv0)
+ 	char *userhostarg = NULL;
+ 	char *hostbuf = NULL;
+ 	char *last_hop = NULL;
+-	char *remainder = NULL;
++	char *prior_hops = NULL;
+ 
+ 	/* both scp and rsync parse a user@host argument
+ 	 * and turn it into "-l user host". This breaks
+@@ -603,6 +625,8 @@ static void parse_multihop_hostname(const char* orighostarg, const char* argv0)
+ 	}
+ 	userhostarg = hostbuf;
+ 
++	/* Split off any last hostname and use that as remotehost/remoteport.
++	 * That is used for authorized_keys checking etc */
+ 	last_hop = strrchr(userhostarg, ',');
+ 	if (last_hop) {
+ 		if (last_hop == userhostarg) {
+@@ -610,36 +634,28 @@ static void parse_multihop_hostname(const char* orighostarg, const char* argv0)
+ 		}
+ 		*last_hop = '\0';
+ 		last_hop++;
+-		remainder = userhostarg;
++		prior_hops = userhostarg;
+ 		userhostarg = last_hop;
+ 	}
+ 
++	/* Update cli_opts.remotehost and cli_opts.remoteport */
+ 	parse_hostname(userhostarg);
+ 
+-	if (last_hop) {
+-		/* Set up the proxycmd */
+-		unsigned int cmd_len = 0;
+-		char *passthrough_args = multihop_passthrough_args();
++	/* Construct any multihop proxy command. Use proxyexec to
++	 * avoid worrying about shell escaping. */
++	if (prior_hops) {
++		cli_opts.proxyexec = multihop_args(argv0, prior_hops);
++		/* Any -J argument has been copied to proxyexec */
+ 		if (cli_opts.proxycmd) {
+ 			dropbear_exit("-J can't be used with multihop mode");
+ 		}
+-		if (cli_opts.remoteport == NULL) {
+-			cli_opts.remoteport = "22";
+-		}
+-		cmd_len = strlen(argv0) + strlen(remainder) 
+-			+ strlen(cli_opts.remotehost) + strlen(cli_opts.remoteport)
+-			+ strlen(passthrough_args)
+-			+ 30;
+-		cli_opts.proxycmd = m_malloc(cmd_len);
+-		m_snprintf(cli_opts.proxycmd, cmd_len, "%s -B %s:%s %s %s",
+-				argv0, cli_opts.remotehost, cli_opts.remoteport, 
+-				passthrough_args, remainder);
++
+ #ifndef DISABLE_ZLIB
+-		/* The stream will be incompressible since it's encrypted. */
++		/* This outer stream will be incompressible since it's encrypted. */
+ 		opts.compress_mode = DROPBEAR_COMPRESS_OFF;
+ #endif
+-		m_free(passthrough_args);
+ 	}
++
+ 	m_free(hostbuf);
+ }
+ #endif /* !DROPBEAR_CLI_MULTIHOP */
+diff --git a/dbutil.c b/dbutil.c
+index d4c3298..a51c1f9 100644
+--- a/dbutil.c
++++ b/dbutil.c
+@@ -347,7 +347,6 @@ int spawn_command(void(*exec_fn)(const void *user_data), const void *exec_data,
+ void run_shell_command(const char* cmd, unsigned int maxfd, char* usershell) {
+ 	char * argv[4];
+ 	char * baseshell = NULL;
+-	unsigned int i;
+ 
+ 	baseshell = basename(usershell);
+ 
+@@ -369,6 +368,12 @@ void run_shell_command(const char* cmd, unsigned int maxfd, char* usershell) {
+ 		argv[1] = NULL;
+ 	}
+ 
++	run_command(usershell, argv, maxfd);
++}
++
++void run_command(const char* argv0, char** args, unsigned int maxfd) {
++	unsigned int i;
++
+ 	/* Re-enable SIGPIPE for the executed process */
+ 	if (signal(SIGPIPE, SIG_DFL) == SIG_ERR) {
+ 		dropbear_exit("signal() error");
+@@ -380,7 +385,7 @@ void run_shell_command(const char* cmd, unsigned int maxfd, char* usershell) {
+ 		m_close(i);
+ 	}
+ 
+-	execv(usershell, argv);
++	execv(argv0, args);
+ }
+ 
+ #if DEBUG_TRACE
+diff --git a/dbutil.h b/dbutil.h
+index 71cffe8..5d86485 100644
+--- a/dbutil.h
++++ b/dbutil.h
+@@ -60,6 +60,7 @@ char * stripcontrol(const char * text);
+ int spawn_command(void(*exec_fn)(const void *user_data), const void *exec_data,
+ 		int *writefd, int *readfd, int *errfd, pid_t *pid);
+ void run_shell_command(const char* cmd, unsigned int maxfd, char* usershell);
++void run_command(const char* argv0, char** args, unsigned int maxfd);
+ #if ENABLE_CONNECT_UNIX
+ int connect_unix(const char* addr);
+ #endif
+diff --git a/runopts.h b/runopts.h
+index 01201d2..b49dc13 100644
+--- a/runopts.h
++++ b/runopts.h
+@@ -179,7 +179,12 @@ typedef struct cli_runopts {
+ 	unsigned int netcat_port;
+ #endif
+ #if DROPBEAR_CLI_PROXYCMD
++	/* A proxy command to run via the user's shell */
+ 	char *proxycmd;
++#endif
++#if DROPBEAR_CLI_MULTIHOP
++	/* Similar to proxycmd, but is arguments for execve(), not shell */
++	char **proxyexec;
+ #endif
+ 	char *bind_address;
+ 	char *bind_port;
-- 
2.43.0

[OE-core][kirkstone 02/10] gnutls: patch CVE-2025-32989

[Steve Sakoman]

From: Peter Marko <peter.marko@siemens.com>

Pick relevant commit from 3.8.10 release MR [1].

Binary test file was added as separate file as binary diffs are not
supported.

[1] https://gitlab.com/gnutls/gnutls/-/merge_requests/1979

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../04939b75417cc95b7372c6f208c4bda4579bdc34  | Bin 0 -> 1782 bytes
 .../gnutls/gnutls/CVE-2025-32989.patch        |  50 ++++++++++++++++++
 meta/recipes-support/gnutls/gnutls_3.7.4.bb   |   6 +++
 3 files changed, 56 insertions(+)
 create mode 100644 meta/recipes-support/gnutls/gnutls/04939b75417cc95b7372c6f208c4bda4579bdc34
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-32989.patch

diff --git a/meta/recipes-support/gnutls/gnutls/04939b75417cc95b7372c6f208c4bda4579bdc34 b/meta/recipes-support/gnutls/gnutls/04939b75417cc95b7372c6f208c4bda4579bdc34
new file mode 100644
index 0000000000000000000000000000000000000000..ffcfe23e99d4b353f07192729a86ffb5a249bbde
GIT binary patch
literal 1782
zcmZuxX;c$e6rPz(Mj*t1i7X-}tO`naVX?-wfC|xQltmHTVh9i+5R(WIl_e^&NWep}
zD54ZCAQh_~g}4Maq$t4!MNo08fC~uXmV&6A<Wx$}>HL^^_r34k?|$FhbAb|j2b9DI
zB?JUU5VJW;c%PqjT-%jX(0{fg$Ep*MF=N;CfOH)hhDk&SB(q4s7$bzB7!?T#V%Y*4
zePBYR1#J@Z<K#jC!!KSciI?)_qWCx#9oXuRNmPsB<6!AVnVhj$C{K)+#<1Lhn;t-*
zIu8T<V)-%|!;=vt6l|0V@sBh?C}sHhFx(jaUSNVHnKc!#Jf;D|6NZOu;Nby0JiXc8
z>@bj)F`_`f#ViUg04Fdq#X8hkU8iflZ;Tq=m;zi45=<Ss(vEbM{*J#Vb*QU4i!?4>
zSp_doZ|~Zl`D$-o=Z>SDxoXyEU}{igO5_B;+E&4`29^c^re=aTp<*I4P9Db;#EY4N
zIG}{>N4f_SA%YU7K={51qJ&}S_|}R9@ALjfQ_aJjD!ASaJq47MVA7>q1ABO8^fa&V
zeQGMfRGo1sU2>#aEw?mw*}!>YpKT-Z?_OFeCJw6Y-)iiKNYC3U8REMB$Zby^=7i2z
zbU=G?14n1q^uw*5DW@XcqW8C~UUjUtUal-HxXRvrV(j+&_5OEvI*=C-O%$0JD<S1p
z5O4Ms)#Hd4!WE0wU5dTWwltd7=;|ijov-6Alc{|2<4>Po>=vsKWql}}ey_rdTjt|P
zgR71cLntkI9ffwOse6rot}gGA2ut7B35r$(>OuyO#31<(95f5Q_U1hbld76$J*4z2
zetPzz_;t~9ZW*lDVgHsux`Gg32tK4FtN}_wxS@}1%~2W{qcm74A8Dn&<7}xY0w6G2
zzofwMHxwlx#1g>Q#|$(Kgo0%l7L{g-cQN1s2h3<P1`~;+5ZJ;pS}vE!rn|dGFlC#>
zf_3^I<SvlNfYUGt0oJDf3zJItV6vWqjyeK+z$lqeGCqBrJ|Uh@CL56u4+PR!L&MuT
zp%#GlJvjj$ULk<4&*gwx0gF`Hnzc9ic_B}>`_Z!2x}N-)^uf=n4=n!<hGBFe;NTbj
z5dz?J>VJ77^g@91FaQ}@*o<MNhQj1{+kL`Ja8FS9-X;V^P$k@jDxp8&r%(d)sM~gO
z5}8-V$WE(Di<TraRmE`2%8Z;@=5<ZgJ+)d0f&<fgsv95(B|!dQ9>NGDC?;f*iZ-D6
zwYoQ!iYuD1X%hE8KHM9hKX1HmnPx0v2erA1YPPg^%EN;>A==2JH55Dg<An6M%-f>%
zD#W#Z2<JU~#yIbkRVZ!eIcljkN@6n8yAU0)d7^%v*fctW+-?TB7<ga(%NtO`ZSNWQ
z+H%=<&P3N`KYr`p>l?+4ddeAyO<C}0IW`ODJ*>WKk#SMfs3a!_7-<p+H=P^CEUqej
z^4!TUDIZfdLWxlHr^3JJ5z5->yL!(|vgHnKSh^}I|L)w|CQ(Pv@pzx>zJ1g4)?g3<
z0&vCiAv;LBertJa8J950qS9wkd9=$#dgM4v(3dbKO0+~{!<&Z_pIhFOf{3~N%Jw(j
zWO8`qPTt_*L-W)`x2v=pB2gd%+6eV7)YNRevG(jUUlIMcX9pq=QIgjjm$q$#>NaO4
zReZUwGZ?ML4cF6xxd?-|g}iiSneM{ZlElIcQSg+TtxLU}4w^e+ooB^8x!7lf;qkKi
z?D6Kem$HkEm*=tuTiTr8iF=J^WO5XPMY`?-Q%4RVe1zje2!^a2K*3CApS9nM?QU&-
z@R{84+CfF(vCr&nJA}=Trxkx1;~Y`-`b)}^eP7vkA74779r_r4bp7f<r@#VN-uxR?
z``QM#Q2V0alO6=Lo{0ao=6(|Ml<|cN2c}H!sTXi6*s8{&HHl506kq1$WlaaI+1Aja
z=9r7gclJ+xOKA{Wy`=26(P>VVJ2qeYLZ6emDr;4J&OX-3U#ti2+}|9^ygF-6TG=bH
zb|$}L(|J`uP<Pi(c6QqZX{Bm?<80BR&{|zivB=KH<9Zya*KL0DmUC);wmEIbO<ng%
sRX@4icF)r*F}&W({g%z$6wZ*`OQvm|@J`UT#3Q7#!ShY-jG5+t1Dd6#hX4Qo

literal 0
HcmV?d00001

diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2025-32989.patch b/meta/recipes-support/gnutls/gnutls/CVE-2025-32989.patch
new file mode 100644
index 0000000000..c21fc6e969
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2025-32989.patch
@@ -0,0 +1,50 @@
+From 8e5ca951257202089246fa37e93a99d210ee5ca2 Mon Sep 17 00:00:00 2001
+From: Andrew Hamilton <adhamilt@gmail.com>
+Date: Mon, 7 Jul 2025 10:23:59 +0900
+Subject: [PATCH] x509: fix read buffer overrun in SCT timestamps
+
+Prevent reading beyond heap buffer in call to _gnutls_parse_ct_sct
+when processing x509 Signed Certificate Timestamps with certain
+malformed data. Spotted by oss-fuzz at:
+https://issues.oss-fuzz.com/issues/42530513
+
+Signed-off-by: Andrew Hamilton <adhamilt@gmail.com>
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+
+CVE: CVE-2025-32989
+Upstream-Status: Backport [https://gitlab.com/gnutls/gnutls/-/commit/8e5ca951257202089246fa37e93a99d210ee5ca2]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ NEWS                                             |   5 +++++
+ lib/x509/x509_ext.c                              |   2 +-
+ 2 files changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/NEWS b/NEWS
+index 85efb5680..025e05148 100644
+--- a/NEWS
++++ b/NEWS
+@@ -5,6 +5,11 @@ Copyright (C) 2000-2016 Free Software Foundation, Inc.
+ Copyright (C) 2013-2019 Nikos Mavrogiannopoulos
+ See the end for copying conditions.
+ 
++** libgnutls: Fix heap read buffer overrun in parsing X.509 SCTS timestamps
++   Spotted by oss-fuzz and reported by OpenAI Security Research Team,
++   and fix developed by Andrew Hamilton. [GNUTLS-SA-2025-07-07-1,
++   CVSS: medium] [CVE-2025-32989]
++
+ * Version 3.7.4 (released 2022-03-17)
+ 
+ ** libgnutls: Fixed double free during verification of pkcs7 signatures.
+diff --git a/lib/x509/x509_ext.c b/lib/x509/x509_ext.c
+index 064ca8357..05336a0c2 100644
+--- a/lib/x509/x509_ext.c
++++ b/lib/x509/x509_ext.c
+@@ -3855,7 +3855,7 @@ int gnutls_x509_ext_ct_import_scts(const gnutls_datum_t *ext, gnutls_x509_ct_sct
+ 	}
+ 
+ 	length = _gnutls_read_uint16(scts_content.data);
+-	if (length < 4) {
++	if (length < 4 || length > scts_content.size) {
+ 		gnutls_free(scts_content.data);
+ 		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+ 	}
diff --git a/meta/recipes-support/gnutls/gnutls_3.7.4.bb b/meta/recipes-support/gnutls/gnutls_3.7.4.bb
index 5cd85c5996..48ddb269de 100644
--- a/meta/recipes-support/gnutls/gnutls_3.7.4.bb
+++ b/meta/recipes-support/gnutls/gnutls_3.7.4.bb
@@ -29,6 +29,8 @@ SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar
            file://CVE-2024-28834.patch \
            file://CVE-2024-28835.patch \
            file://CVE-2024-12243.patch \
+           file://CVE-2025-32989.patch \
+           file://04939b75417cc95b7372c6f208c4bda4579bdc34 \
            "
 
 SRC_URI[sha256sum] = "e6adbebcfbc95867de01060d93c789938cf89cc1d1f6ef9ef661890f6217451f"
@@ -65,6 +67,10 @@ do_configure:prepend() {
 	for dir in . lib; do
 		rm -f ${dir}/aclocal.m4 ${dir}/m4/libtool.m4 ${dir}/m4/lt*.m4
 	done
+
+    # binary files cannot be delivered as diff
+    mkdir -p ${S}/fuzz/gnutls_x509_parser_fuzzer.repro/
+    cp ${WORKDIR}/04939b75417cc95b7372c6f208c4bda4579bdc34 ${S}/fuzz/gnutls_x509_parser_fuzzer.repro/
 }
 
 PACKAGES =+ "${PN}-openssl ${PN}-xx"
-- 
2.43.0

[OE-core][kirkstone 03/10] gnutls: patch read buffer overrun in the "pre_shared_key" extension

[Steve Sakoman]

From: Peter Marko <peter.marko@siemens.com>

Pick relevant commit from 3.8.10 release MR [1].
The ME contains referece to undiscoled issue, so any security relevant
patch should be picked.

Binary test file was added as separate file as binary diffs are not
supported.

[1] https://gitlab.com/gnutls/gnutls/-/merge_requests/1979

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...fer-overrun-in-the-pre_shared_key-ex.patch |  34 ++++++++++++++++++
 .../5477db1bb507a35e8833c758ce344f4b5b246d8e  | Bin 0 -> 111 bytes
 meta/recipes-support/gnutls/gnutls_3.7.4.bb   |   5 ++-
 3 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-support/gnutls/gnutls/0001-psk-fix-read-buffer-overrun-in-the-pre_shared_key-ex.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/5477db1bb507a35e8833c758ce344f4b5b246d8e

diff --git a/meta/recipes-support/gnutls/gnutls/0001-psk-fix-read-buffer-overrun-in-the-pre_shared_key-ex.patch b/meta/recipes-support/gnutls/gnutls/0001-psk-fix-read-buffer-overrun-in-the-pre_shared_key-ex.patch
new file mode 100644
index 0000000000..ce78fe1c95
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/0001-psk-fix-read-buffer-overrun-in-the-pre_shared_key-ex.patch
@@ -0,0 +1,34 @@
+From 208c6478d5c20b9d8a9f0a293e3808aa16ee091f Mon Sep 17 00:00:00 2001
+From: Andrew Hamilton <adhamilt@gmail.com>
+Date: Mon, 7 Jul 2025 10:31:55 +0900
+Subject: [PATCH] psk: fix read buffer overrun in the "pre_shared_key"
+ extension
+
+While processing the "pre_shared_key" extension in TLS 1.3, if there
+are certain malformed data in the extension headers, then the code may
+read uninitialized memory (2 bytes) beyond the received TLS extension
+buffer. Spotted by oss-fuzz at:
+https://issues.oss-fuzz.com/issues/42513990
+
+Signed-off-by: Andrew Hamilton <adhamilt@gmail.com>
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+
+Upstream-Status: Backport [https://gitlab.com/gnutls/gnutls/-/commit/208c6478d5c20b9d8a9f0a293e3808aa16ee091f]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ lib/ext/pre_shared_key.c                          |   2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/lib/ext/pre_shared_key.c b/lib/ext/pre_shared_key.c
+index 51c4891d5..2cb83e670 100644
+--- a/lib/ext/pre_shared_key.c
++++ b/lib/ext/pre_shared_key.c
+@@ -839,6 +839,8 @@ static int _gnutls_psk_recv_params(gnutls_session_t session,
+ 
+ 	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+ 		if (session->internals.hsk_flags & HSK_PSK_KE_MODES_SENT) {
++			DECR_LEN(len, 2);
++
+ 			uint16_t selected_identity = _gnutls_read_uint16(data);
+ 
+ 			for (i=0;i<sizeof(session->key.binders)/sizeof(session->key.binders[0]);i++) {
diff --git a/meta/recipes-support/gnutls/gnutls/5477db1bb507a35e8833c758ce344f4b5b246d8e b/meta/recipes-support/gnutls/gnutls/5477db1bb507a35e8833c758ce344f4b5b246d8e
new file mode 100644
index 0000000000000000000000000000000000000000..009d44c394fd08c5400fb63f837e468f1738522d
GIT binary patch
literal 111
zcmWe*R$$0tVqi#PW>$cL{|f(MOa+Di2(|!16v7f_VPMc>&}Lv_W>HXJK$nH+{f{t!
IL6d<203r_)`v3p{

literal 0
HcmV?d00001

diff --git a/meta/recipes-support/gnutls/gnutls_3.7.4.bb b/meta/recipes-support/gnutls/gnutls_3.7.4.bb
index 48ddb269de..4929e44db3 100644
--- a/meta/recipes-support/gnutls/gnutls_3.7.4.bb
+++ b/meta/recipes-support/gnutls/gnutls_3.7.4.bb
@@ -31,6 +31,8 @@ SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar
            file://CVE-2024-12243.patch \
            file://CVE-2025-32989.patch \
            file://04939b75417cc95b7372c6f208c4bda4579bdc34 \
+           file://0001-psk-fix-read-buffer-overrun-in-the-pre_shared_key-ex.patch \
+           file://5477db1bb507a35e8833c758ce344f4b5b246d8e \
            "
 
 SRC_URI[sha256sum] = "e6adbebcfbc95867de01060d93c789938cf89cc1d1f6ef9ef661890f6217451f"
@@ -69,8 +71,9 @@ do_configure:prepend() {
 	done
 
     # binary files cannot be delivered as diff
-    mkdir -p ${S}/fuzz/gnutls_x509_parser_fuzzer.repro/
+    mkdir -p ${S}/fuzz/gnutls_x509_parser_fuzzer.repro/ ${S}/fuzz/gnutls_psk_client_fuzzer.repro/
     cp ${WORKDIR}/04939b75417cc95b7372c6f208c4bda4579bdc34 ${S}/fuzz/gnutls_x509_parser_fuzzer.repro/
+    cp ${WORKDIR}/5477db1bb507a35e8833c758ce344f4b5b246d8e ${S}/fuzz/gnutls_psk_client_fuzzer.repro/
 }
 
 PACKAGES =+ "${PN}-openssl ${PN}-xx"
-- 
2.43.0

[OE-core][kirkstone 04/10] gnutls: patch reject zero-length version in certificate request

[Steve Sakoman]

From: Peter Marko <peter.marko@siemens.com>

Pick relevant commit from 3.8.10 release MR [1].
The MR contains referece to undiscoled issue, so any security relevant
patch should be picked.

Binary test file was added as separate file as binary diffs are not
supported.

[1] https://gitlab.com/gnutls/gnutls/-/merge_requests/1979

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...-length-version-in-certificate-reque.patch |  37 ++++++++++++++++++
 .../3e94dcdff862ef5d6db8b5cc8e59310b5f0cdfe2  | Bin 0 -> 830 bytes
 meta/recipes-support/gnutls/gnutls_3.7.4.bb   |   5 ++-
 3 files changed, 41 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-support/gnutls/gnutls/0001-x509-reject-zero-length-version-in-certificate-reque.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/3e94dcdff862ef5d6db8b5cc8e59310b5f0cdfe2

diff --git a/meta/recipes-support/gnutls/gnutls/0001-x509-reject-zero-length-version-in-certificate-reque.patch b/meta/recipes-support/gnutls/gnutls/0001-x509-reject-zero-length-version-in-certificate-reque.patch
new file mode 100644
index 0000000000..6351bf4559
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/0001-x509-reject-zero-length-version-in-certificate-reque.patch
@@ -0,0 +1,37 @@
+From 61c0505634a6faacf9fa0723843408aa0d3fb90a Mon Sep 17 00:00:00 2001
+From: Andrew Hamilton <adhamilt@gmail.com>
+Date: Mon, 7 Jul 2025 10:35:54 +0900
+Subject: [PATCH] x509: reject zero-length version in certificate request
+
+Ensure zero size asn1 values are considered invalid in
+gnutls_x509_crq_get_version, this ensures crq version is not used
+uninitialized. Spotted by oss-fuzz at:
+https://issues.oss-fuzz.com/issues/42536706
+
+Signed-off-by: Andrew Hamilton <adhamilt@gmail.com>
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+
+Upstream-Status: Backport [https://gitlab.com/gnutls/gnutls/-/commit/61c0505634a6faacf9fa0723843408aa0d3fb90a]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ lib/x509/crq.c                                    |   7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/lib/x509/crq.c b/lib/x509/crq.c
+index 19e13623c..9e9801d2b 100644
+--- a/lib/x509/crq.c
++++ b/lib/x509/crq.c
+@@ -635,6 +635,13 @@ int gnutls_x509_crq_get_version(gnutls_x509_crq_t crq)
+ 		return _gnutls_asn2err(result);
+ 	}
+ 
++	/* Note that asn1_read_value can return success with */
++	/* len set to zero (without setting the data) in some */
++	/* conditions. */
++	if (unlikely(len <= 0)) {
++		return gnutls_assert_val(GNUTLS_E_ASN1_VALUE_NOT_VALID);
++	}
++
+ 	return (int) version[0] + 1;
+ }
+ 
diff --git a/meta/recipes-support/gnutls/gnutls/3e94dcdff862ef5d6db8b5cc8e59310b5f0cdfe2 b/meta/recipes-support/gnutls/gnutls/3e94dcdff862ef5d6db8b5cc8e59310b5f0cdfe2
new file mode 100644
index 0000000000000000000000000000000000000000..23ff09c4be5ece2b2aae278f48b3a24543256e8e
GIT binary patch
literal 830
zcmXqLVzx49Vp`19$Y4-yC~6?g#;gDYJRkxF48;vZA;NqxAqZ_KWFP>M;Dk#U@*D6%
z#Mq#UxD7ZV0!#`DV57L;iWL;tp=^W3`9OULV-y&e8+(z|4Lox}6JxDG6JsTkBMqAv
zvxsmQ(BDLW7_gfE|Nj%AmUJaSq-!ClgBPy~G=HFR!CFzpKs@B6!4EYarV1l{G~%_N
LG)b5xr0D_xkf?K@

literal 0
HcmV?d00001

diff --git a/meta/recipes-support/gnutls/gnutls_3.7.4.bb b/meta/recipes-support/gnutls/gnutls_3.7.4.bb
index 4929e44db3..65e42c00c2 100644
--- a/meta/recipes-support/gnutls/gnutls_3.7.4.bb
+++ b/meta/recipes-support/gnutls/gnutls_3.7.4.bb
@@ -33,6 +33,8 @@ SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar
            file://04939b75417cc95b7372c6f208c4bda4579bdc34 \
            file://0001-psk-fix-read-buffer-overrun-in-the-pre_shared_key-ex.patch \
            file://5477db1bb507a35e8833c758ce344f4b5b246d8e \
+           file://0001-x509-reject-zero-length-version-in-certificate-reque.patch \
+           file://3e94dcdff862ef5d6db8b5cc8e59310b5f0cdfe2 \
            "
 
 SRC_URI[sha256sum] = "e6adbebcfbc95867de01060d93c789938cf89cc1d1f6ef9ef661890f6217451f"
@@ -71,9 +73,10 @@ do_configure:prepend() {
 	done
 
     # binary files cannot be delivered as diff
-    mkdir -p ${S}/fuzz/gnutls_x509_parser_fuzzer.repro/ ${S}/fuzz/gnutls_psk_client_fuzzer.repro/
+    mkdir -p ${S}/fuzz/gnutls_x509_parser_fuzzer.repro/ ${S}/fuzz/gnutls_psk_client_fuzzer.repro/ ${S}/fuzz/gnutls_x509_crq_parser_fuzzer.repro/
     cp ${WORKDIR}/04939b75417cc95b7372c6f208c4bda4579bdc34 ${S}/fuzz/gnutls_x509_parser_fuzzer.repro/
     cp ${WORKDIR}/5477db1bb507a35e8833c758ce344f4b5b246d8e ${S}/fuzz/gnutls_psk_client_fuzzer.repro/
+    cp ${WORKDIR}/3e94dcdff862ef5d6db8b5cc8e59310b5f0cdfe2 ${S}/fuzz/gnutls_x509_crq_parser_fuzzer.repro/
 }
 
 PACKAGES =+ "${PN}-openssl ${PN}-xx"
-- 
2.43.0

[OE-core][kirkstone 05/10] gnutls: patch CVE-2025-32988

[Steve Sakoman]

From: Peter Marko <peter.marko@siemens.com>

Pick relevant commit from 3.8.10 release MR [1].

[1] https://gitlab.com/gnutls/gnutls/-/merge_requests/1979

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../gnutls/gnutls/CVE-2025-32988.patch        | 58 +++++++++++++++++++
 meta/recipes-support/gnutls/gnutls_3.7.4.bb   |  1 +
 2 files changed, 59 insertions(+)
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-32988.patch

diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2025-32988.patch b/meta/recipes-support/gnutls/gnutls/CVE-2025-32988.patch
new file mode 100644
index 0000000000..4779787bc3
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2025-32988.patch
@@ -0,0 +1,58 @@
+From 608829769cbc247679ffe98841109fc73875e573 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <ueno@gnu.org>
+Date: Mon, 7 Jul 2025 10:44:12 +0900
+Subject: [PATCH] x509: avoid double free when exporting othernames in SAN
+
+Previously, the _gnutls_write_new_othername function, called by
+gnutls_x509_ext_export_subject_alt_names to export "otherName" in a
+certificate's SAN extension, freed the caller allocated ASN.1
+structure upon error, resulting in a potential double-free.
+
+Reported by OpenAI Security Research Team.
+
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+
+CVE: CVE-2025-32988
+Upstream-Status: Backport [https://gitlab.com/gnutls/gnutls/-/commit/608829769cbc247679ffe98841109fc73875e573]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ NEWS                  | 5 +++++
+ lib/x509/extensions.c | 2 --
+ 2 files changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/NEWS b/NEWS
+index 025e05148..ff289fa75 100644
+--- a/NEWS
++++ b/NEWS
+@@ -10,6 +10,11 @@ See the end for copying conditions.
+    and fix developed by Andrew Hamilton. [GNUTLS-SA-2025-07-07-1,
+    CVSS: medium] [CVE-2025-32989]
+ 
++** libgnutls: Fix double-free upon error when exporting otherName in SAN
++   Reported by OpenAI Security Research Team. [GNUTLS-SA-2025-07-07-2,
++   CVSS: low] [CVE-2025-32988]
++
++
+ * Version 3.7.4 (released 2022-03-17)
+ 
+ ** libgnutls: Fixed double free during verification of pkcs7 signatures.
+diff --git a/lib/x509/extensions.c b/lib/x509/extensions.c
+index 6c2da8fd1..e8be12eaf 100644
+--- a/lib/x509/extensions.c
++++ b/lib/x509/extensions.c
+@@ -805,7 +805,6 @@ _gnutls_write_new_othername(asn1_node ext, const char *ext_name,
+ 	result = asn1_write_value(ext, name2, oid, 1);
+ 	if (result != ASN1_SUCCESS) {
+ 		gnutls_assert();
+-		asn1_delete_structure(&ext);
+ 		return _gnutls_asn2err(result);
+ 	}
+ 
+@@ -814,7 +813,6 @@ _gnutls_write_new_othername(asn1_node ext, const char *ext_name,
+ 	result = asn1_write_value(ext, name2, data, data_size);
+ 	if (result != ASN1_SUCCESS) {
+ 		gnutls_assert();
+-		asn1_delete_structure(&ext);
+ 		return _gnutls_asn2err(result);
+ 	}
+ 
diff --git a/meta/recipes-support/gnutls/gnutls_3.7.4.bb b/meta/recipes-support/gnutls/gnutls_3.7.4.bb
index 65e42c00c2..33553e617e 100644
--- a/meta/recipes-support/gnutls/gnutls_3.7.4.bb
+++ b/meta/recipes-support/gnutls/gnutls_3.7.4.bb
@@ -35,6 +35,7 @@ SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar
            file://5477db1bb507a35e8833c758ce344f4b5b246d8e \
            file://0001-x509-reject-zero-length-version-in-certificate-reque.patch \
            file://3e94dcdff862ef5d6db8b5cc8e59310b5f0cdfe2 \
+           file://CVE-2025-32988.patch \
            "
 
 SRC_URI[sha256sum] = "e6adbebcfbc95867de01060d93c789938cf89cc1d1f6ef9ef661890f6217451f"
-- 
2.43.0

[OE-core][kirkstone 06/10] gnutls: patch CVE-2025-32990

[Steve Sakoman]

From: Peter Marko <peter.marko@siemens.com>

Pick relevant commit from 3.8.10 release MR [1].

[1] https://gitlab.com/gnutls/gnutls/-/merge_requests/1979

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../gnutls/gnutls/CVE-2025-32990.patch        | 2109 +++++++++++++++++
 meta/recipes-support/gnutls/gnutls_3.7.4.bb   |    1 +
 2 files changed, 2110 insertions(+)
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-32990.patch

diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2025-32990.patch b/meta/recipes-support/gnutls/gnutls/CVE-2025-32990.patch
new file mode 100644
index 0000000000..8cb67dbef4
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2025-32990.patch
@@ -0,0 +1,2109 @@
+From 408bed40c36a4cc98f0c94a818f682810f731f32 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <ueno@gnu.org>
+Date: Mon, 7 Jul 2025 10:57:10 +0900
+Subject: [PATCH] certtool: avoid 1-byte write buffer overrun when parsing
+ template
+
+Previously, when parsing a template file with a number of key value
+pairs, certtool could write a NUL byte after the heap buffer, causing
+a memory corruption. This fixes the issue by allocating the NUL byte.
+Reported by David Aitel.
+
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+
+CVE: CVE-2025-32990
+Upstream-Status: Backport [https://gitlab.com/gnutls/gnutls/-/commit/408bed40c36a4cc98f0c94a818f682810f731f32]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ NEWS                                          |    4 +
+ src/certtool-cfg.c                            |    4 +-
+ tests/cert-tests/Makefile.am                  |    3 +-
+ tests/cert-tests/template-test.sh             |   13 +
+ .../template-too-many-othernames.tmpl         | 2003 +++++++++++++++++
+ 5 files changed, 2024 insertions(+), 3 deletions(-)
+ create mode 100644 tests/cert-tests/templates/template-too-many-othernames.tmpl
+
+diff --git a/NEWS b/NEWS
+index ff289fa75..1334516c6 100644
+--- a/NEWS
++++ b/NEWS
+@@ -14,6 +14,10 @@ See the end for copying conditions.
+    Reported by OpenAI Security Research Team. [GNUTLS-SA-2025-07-07-2,
+    CVSS: low] [CVE-2025-32988]
+ 
++** certtool: Fix 1-byte write buffer overrun when parsing template
++   Reported by David Aitel. [GNUTLS-SA-2025-07-07-3,
++   CVSS: low] [CVE-2025-32990]
++
+ 
+ * Version 3.7.4 (released 2022-03-17)
+ 
+diff --git a/src/certtool-cfg.c b/src/certtool-cfg.c
+index 2d7a1dcaf..bce2390a8 100644
+--- a/src/certtool-cfg.c
++++ b/src/certtool-cfg.c
+@@ -250,7 +250,7 @@ void cfg_init(void)
+   { \
+     if (s_name == NULL) { \
+       i = 0; \
+-      s_name = malloc(sizeof(char*)*MAX_ENTRIES); \
++      s_name = calloc(MAX_ENTRIES + 1, sizeof(char *)); \
+       CHECK_MALLOC(s_name); \
+       do { \
+ 	if (val && strcmp(val->name, k_name)!=0) \
+@@ -272,7 +272,7 @@ void cfg_init(void)
+     char *p; \
+     if (s_name == NULL) { \
+       i = 0; \
+-      s_name = malloc(sizeof(char*)*MAX_ENTRIES); \
++      s_name = calloc(MAX_ENTRIES + 1, sizeof(char *)); \
+       CHECK_MALLOC(s_name); \
+       do { \
+ 	if (val && strcmp(val->name, k_name)!=0) \
+diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am
+index dac615fa5..7a68af199 100644
+--- a/tests/cert-tests/Makefile.am
++++ b/tests/cert-tests/Makefile.am
+@@ -102,7 +102,8 @@ EXTRA_DIST = data/ca-no-pathlen.pem data/no-ca-or-pathlen.pem data/aki-cert.pem
+ 	data/chain-512-leaf.pem data/chain-512-subca.pem data/chain-512-ca.pem \
+ 	templates/template-no-ca-honor.tmpl templates/template-no-ca-explicit.tmpl \
+ 	data/crq-cert-no-ca-explicit.pem data/crq-cert-no-ca-honor.pem data/commonName.cer \
+-	templates/simple-policy.tmpl data/simple-policy.pem
++	templates/simple-policy.tmpl data/simple-policy.pem \
++	templates/template-too-many-othernames.tmpl
+ 
+ dist_check_SCRIPTS = pathlen.sh aki.sh invalid-sig.sh email.sh \
+ 	pkcs7.sh pkcs7-broken-sigs.sh privkey-import.sh name-constraints.sh certtool-long-cn.sh crl.sh provable-privkey.sh \
+diff --git a/tests/cert-tests/template-test.sh b/tests/cert-tests/template-test.sh
+index 5d7410eb3..34e3027ae 100644
+--- a/tests/cert-tests/template-test.sh
++++ b/tests/cert-tests/template-test.sh
+@@ -318,6 +318,19 @@ if test "${rc}" != "0"; then
+ 	exit ${rc}
+ fi
+ 
++# Test generation with too many other names
++
++"${CERTTOOL}" --generate-request \
++	--load-privkey "${srcdir}/data/template-test.key" \
++	--template "${srcdir}/templates/template-too-many-othernames.tmpl" \
++	--outfile ${TMPFILE} 2>/dev/null
++rc=$?
++
++if test "${rc}" != "0"; then
++	echo "Test with too many othernames failed"
++	exit ${rc}
++fi
++
+ rm -f ${TMPFILE}
+ 
+ exit 0
+diff --git a/tests/cert-tests/templates/template-too-many-othernames.tmpl b/tests/cert-tests/templates/template-too-many-othernames.tmpl
+new file mode 100644
+index 000000000..5ef9a862b
+--- /dev/null
++++ b/tests/cert-tests/templates/template-too-many-othernames.tmpl
+@@ -0,0 +1,2003 @@
++organization = "OpenAI"
++cn = "example.com"
++
++other_name_utf8 = "1.2.3.4 testvalue0"
++other_name_utf8 = "1.2.3.4 testvalue1"
++other_name_utf8 = "1.2.3.4 testvalue2"
++other_name_utf8 = "1.2.3.4 testvalue3"
++other_name_utf8 = "1.2.3.4 testvalue4"
++other_name_utf8 = "1.2.3.4 testvalue5"
++other_name_utf8 = "1.2.3.4 testvalue6"
++other_name_utf8 = "1.2.3.4 testvalue7"
++other_name_utf8 = "1.2.3.4 testvalue8"
++other_name_utf8 = "1.2.3.4 testvalue9"
++other_name_utf8 = "1.2.3.4 testvalue10"
++other_name_utf8 = "1.2.3.4 testvalue11"
++other_name_utf8 = "1.2.3.4 testvalue12"
++other_name_utf8 = "1.2.3.4 testvalue13"
++other_name_utf8 = "1.2.3.4 testvalue14"
++other_name_utf8 = "1.2.3.4 testvalue15"
++other_name_utf8 = "1.2.3.4 testvalue16"
++other_name_utf8 = "1.2.3.4 testvalue17"
++other_name_utf8 = "1.2.3.4 testvalue18"
++other_name_utf8 = "1.2.3.4 testvalue19"
++other_name_utf8 = "1.2.3.4 testvalue20"
++other_name_utf8 = "1.2.3.4 testvalue21"
++other_name_utf8 = "1.2.3.4 testvalue22"
++other_name_utf8 = "1.2.3.4 testvalue23"
++other_name_utf8 = "1.2.3.4 testvalue24"
++other_name_utf8 = "1.2.3.4 testvalue25"
++other_name_utf8 = "1.2.3.4 testvalue26"
++other_name_utf8 = "1.2.3.4 testvalue27"
++other_name_utf8 = "1.2.3.4 testvalue28"
++other_name_utf8 = "1.2.3.4 testvalue29"
++other_name_utf8 = "1.2.3.4 testvalue30"
++other_name_utf8 = "1.2.3.4 testvalue31"
++other_name_utf8 = "1.2.3.4 testvalue32"
++other_name_utf8 = "1.2.3.4 testvalue33"
++other_name_utf8 = "1.2.3.4 testvalue34"
++other_name_utf8 = "1.2.3.4 testvalue35"
++other_name_utf8 = "1.2.3.4 testvalue36"
++other_name_utf8 = "1.2.3.4 testvalue37"
++other_name_utf8 = "1.2.3.4 testvalue38"
++other_name_utf8 = "1.2.3.4 testvalue39"
++other_name_utf8 = "1.2.3.4 testvalue40"
++other_name_utf8 = "1.2.3.4 testvalue41"
++other_name_utf8 = "1.2.3.4 testvalue42"
++other_name_utf8 = "1.2.3.4 testvalue43"
++other_name_utf8 = "1.2.3.4 testvalue44"
++other_name_utf8 = "1.2.3.4 testvalue45"
++other_name_utf8 = "1.2.3.4 testvalue46"
++other_name_utf8 = "1.2.3.4 testvalue47"
++other_name_utf8 = "1.2.3.4 testvalue48"
++other_name_utf8 = "1.2.3.4 testvalue49"
++other_name_utf8 = "1.2.3.4 testvalue50"
++other_name_utf8 = "1.2.3.4 testvalue51"
++other_name_utf8 = "1.2.3.4 testvalue52"
++other_name_utf8 = "1.2.3.4 testvalue53"
++other_name_utf8 = "1.2.3.4 testvalue54"
++other_name_utf8 = "1.2.3.4 testvalue55"
++other_name_utf8 = "1.2.3.4 testvalue56"
++other_name_utf8 = "1.2.3.4 testvalue57"
++other_name_utf8 = "1.2.3.4 testvalue58"
++other_name_utf8 = "1.2.3.4 testvalue59"
++other_name_utf8 = "1.2.3.4 testvalue60"
++other_name_utf8 = "1.2.3.4 testvalue61"
++other_name_utf8 = "1.2.3.4 testvalue62"
++other_name_utf8 = "1.2.3.4 testvalue63"
++other_name_utf8 = "1.2.3.4 testvalue64"
++other_name_utf8 = "1.2.3.4 testvalue65"
++other_name_utf8 = "1.2.3.4 testvalue66"
++other_name_utf8 = "1.2.3.4 testvalue67"
++other_name_utf8 = "1.2.3.4 testvalue68"
++other_name_utf8 = "1.2.3.4 testvalue69"
++other_name_utf8 = "1.2.3.4 testvalue70"
++other_name_utf8 = "1.2.3.4 testvalue71"
++other_name_utf8 = "1.2.3.4 testvalue72"
++other_name_utf8 = "1.2.3.4 testvalue73"
++other_name_utf8 = "1.2.3.4 testvalue74"
++other_name_utf8 = "1.2.3.4 testvalue75"
++other_name_utf8 = "1.2.3.4 testvalue76"
++other_name_utf8 = "1.2.3.4 testvalue77"
++other_name_utf8 = "1.2.3.4 testvalue78"
++other_name_utf8 = "1.2.3.4 testvalue79"
++other_name_utf8 = "1.2.3.4 testvalue80"
++other_name_utf8 = "1.2.3.4 testvalue81"
++other_name_utf8 = "1.2.3.4 testvalue82"
++other_name_utf8 = "1.2.3.4 testvalue83"
++other_name_utf8 = "1.2.3.4 testvalue84"
++other_name_utf8 = "1.2.3.4 testvalue85"
++other_name_utf8 = "1.2.3.4 testvalue86"
++other_name_utf8 = "1.2.3.4 testvalue87"
++other_name_utf8 = "1.2.3.4 testvalue88"
++other_name_utf8 = "1.2.3.4 testvalue89"
++other_name_utf8 = "1.2.3.4 testvalue90"
++other_name_utf8 = "1.2.3.4 testvalue91"
++other_name_utf8 = "1.2.3.4 testvalue92"
++other_name_utf8 = "1.2.3.4 testvalue93"
++other_name_utf8 = "1.2.3.4 testvalue94"
++other_name_utf8 = "1.2.3.4 testvalue95"
++other_name_utf8 = "1.2.3.4 testvalue96"
++other_name_utf8 = "1.2.3.4 testvalue97"
++other_name_utf8 = "1.2.3.4 testvalue98"
++other_name_utf8 = "1.2.3.4 testvalue99"
++other_name_utf8 = "1.2.3.4 testvalue100"
++other_name_utf8 = "1.2.3.4 testvalue101"
++other_name_utf8 = "1.2.3.4 testvalue102"
++other_name_utf8 = "1.2.3.4 testvalue103"
++other_name_utf8 = "1.2.3.4 testvalue104"
++other_name_utf8 = "1.2.3.4 testvalue105"
++other_name_utf8 = "1.2.3.4 testvalue106"
++other_name_utf8 = "1.2.3.4 testvalue107"
++other_name_utf8 = "1.2.3.4 testvalue108"
++other_name_utf8 = "1.2.3.4 testvalue109"
++other_name_utf8 = "1.2.3.4 testvalue110"
++other_name_utf8 = "1.2.3.4 testvalue111"
++other_name_utf8 = "1.2.3.4 testvalue112"
++other_name_utf8 = "1.2.3.4 testvalue113"
++other_name_utf8 = "1.2.3.4 testvalue114"
++other_name_utf8 = "1.2.3.4 testvalue115"
++other_name_utf8 = "1.2.3.4 testvalue116"
++other_name_utf8 = "1.2.3.4 testvalue117"
++other_name_utf8 = "1.2.3.4 testvalue118"
++other_name_utf8 = "1.2.3.4 testvalue119"
++other_name_utf8 = "1.2.3.4 testvalue120"
++other_name_utf8 = "1.2.3.4 testvalue121"
++other_name_utf8 = "1.2.3.4 testvalue122"
++other_name_utf8 = "1.2.3.4 testvalue123"
++other_name_utf8 = "1.2.3.4 testvalue124"
++other_name_utf8 = "1.2.3.4 testvalue125"
++other_name_utf8 = "1.2.3.4 testvalue126"
++other_name_utf8 = "1.2.3.4 testvalue127"
++other_name_utf8 = "1.2.3.4 testvalue128"
++other_name_utf8 = "1.2.3.4 testvalue129"
++other_name_utf8 = "1.2.3.4 testvalue130"
++other_name_utf8 = "1.2.3.4 testvalue131"
++other_name_utf8 = "1.2.3.4 testvalue132"
++other_name_utf8 = "1.2.3.4 testvalue133"
++other_name_utf8 = "1.2.3.4 testvalue134"
++other_name_utf8 = "1.2.3.4 testvalue135"
++other_name_utf8 = "1.2.3.4 testvalue136"
++other_name_utf8 = "1.2.3.4 testvalue137"
++other_name_utf8 = "1.2.3.4 testvalue138"
++other_name_utf8 = "1.2.3.4 testvalue139"
++other_name_utf8 = "1.2.3.4 testvalue140"
++other_name_utf8 = "1.2.3.4 testvalue141"
++other_name_utf8 = "1.2.3.4 testvalue142"
++other_name_utf8 = "1.2.3.4 testvalue143"
++other_name_utf8 = "1.2.3.4 testvalue144"
++other_name_utf8 = "1.2.3.4 testvalue145"
++other_name_utf8 = "1.2.3.4 testvalue146"
++other_name_utf8 = "1.2.3.4 testvalue147"
++other_name_utf8 = "1.2.3.4 testvalue148"
++other_name_utf8 = "1.2.3.4 testvalue149"
++other_name_utf8 = "1.2.3.4 testvalue150"
++other_name_utf8 = "1.2.3.4 testvalue151"
++other_name_utf8 = "1.2.3.4 testvalue152"
++other_name_utf8 = "1.2.3.4 testvalue153"
++other_name_utf8 = "1.2.3.4 testvalue154"
++other_name_utf8 = "1.2.3.4 testvalue155"
++other_name_utf8 = "1.2.3.4 testvalue156"
++other_name_utf8 = "1.2.3.4 testvalue157"
++other_name_utf8 = "1.2.3.4 testvalue158"
++other_name_utf8 = "1.2.3.4 testvalue159"
++other_name_utf8 = "1.2.3.4 testvalue160"
++other_name_utf8 = "1.2.3.4 testvalue161"
++other_name_utf8 = "1.2.3.4 testvalue162"
++other_name_utf8 = "1.2.3.4 testvalue163"
++other_name_utf8 = "1.2.3.4 testvalue164"
++other_name_utf8 = "1.2.3.4 testvalue165"
++other_name_utf8 = "1.2.3.4 testvalue166"
++other_name_utf8 = "1.2.3.4 testvalue167"
++other_name_utf8 = "1.2.3.4 testvalue168"
++other_name_utf8 = "1.2.3.4 testvalue169"
++other_name_utf8 = "1.2.3.4 testvalue170"
++other_name_utf8 = "1.2.3.4 testvalue171"
++other_name_utf8 = "1.2.3.4 testvalue172"
++other_name_utf8 = "1.2.3.4 testvalue173"
++other_name_utf8 = "1.2.3.4 testvalue174"
++other_name_utf8 = "1.2.3.4 testvalue175"
++other_name_utf8 = "1.2.3.4 testvalue176"
++other_name_utf8 = "1.2.3.4 testvalue177"
++other_name_utf8 = "1.2.3.4 testvalue178"
++other_name_utf8 = "1.2.3.4 testvalue179"
++other_name_utf8 = "1.2.3.4 testvalue180"
++other_name_utf8 = "1.2.3.4 testvalue181"
++other_name_utf8 = "1.2.3.4 testvalue182"
++other_name_utf8 = "1.2.3.4 testvalue183"
++other_name_utf8 = "1.2.3.4 testvalue184"
++other_name_utf8 = "1.2.3.4 testvalue185"
++other_name_utf8 = "1.2.3.4 testvalue186"
++other_name_utf8 = "1.2.3.4 testvalue187"
++other_name_utf8 = "1.2.3.4 testvalue188"
++other_name_utf8 = "1.2.3.4 testvalue189"
++other_name_utf8 = "1.2.3.4 testvalue190"
++other_name_utf8 = "1.2.3.4 testvalue191"
++other_name_utf8 = "1.2.3.4 testvalue192"
++other_name_utf8 = "1.2.3.4 testvalue193"
++other_name_utf8 = "1.2.3.4 testvalue194"
++other_name_utf8 = "1.2.3.4 testvalue195"
++other_name_utf8 = "1.2.3.4 testvalue196"
++other_name_utf8 = "1.2.3.4 testvalue197"
++other_name_utf8 = "1.2.3.4 testvalue198"
++other_name_utf8 = "1.2.3.4 testvalue199"
++other_name_utf8 = "1.2.3.4 testvalue200"
++other_name_utf8 = "1.2.3.4 testvalue201"
++other_name_utf8 = "1.2.3.4 testvalue202"
++other_name_utf8 = "1.2.3.4 testvalue203"
++other_name_utf8 = "1.2.3.4 testvalue204"
++other_name_utf8 = "1.2.3.4 testvalue205"
++other_name_utf8 = "1.2.3.4 testvalue206"
++other_name_utf8 = "1.2.3.4 testvalue207"
++other_name_utf8 = "1.2.3.4 testvalue208"
++other_name_utf8 = "1.2.3.4 testvalue209"
++other_name_utf8 = "1.2.3.4 testvalue210"
++other_name_utf8 = "1.2.3.4 testvalue211"
++other_name_utf8 = "1.2.3.4 testvalue212"
++other_name_utf8 = "1.2.3.4 testvalue213"
++other_name_utf8 = "1.2.3.4 testvalue214"
++other_name_utf8 = "1.2.3.4 testvalue215"
++other_name_utf8 = "1.2.3.4 testvalue216"
++other_name_utf8 = "1.2.3.4 testvalue217"
++other_name_utf8 = "1.2.3.4 testvalue218"
++other_name_utf8 = "1.2.3.4 testvalue219"
++other_name_utf8 = "1.2.3.4 testvalue220"
++other_name_utf8 = "1.2.3.4 testvalue221"
++other_name_utf8 = "1.2.3.4 testvalue222"
++other_name_utf8 = "1.2.3.4 testvalue223"
++other_name_utf8 = "1.2.3.4 testvalue224"
++other_name_utf8 = "1.2.3.4 testvalue225"
++other_name_utf8 = "1.2.3.4 testvalue226"
++other_name_utf8 = "1.2.3.4 testvalue227"
++other_name_utf8 = "1.2.3.4 testvalue228"
++other_name_utf8 = "1.2.3.4 testvalue229"
++other_name_utf8 = "1.2.3.4 testvalue230"
++other_name_utf8 = "1.2.3.4 testvalue231"
++other_name_utf8 = "1.2.3.4 testvalue232"
++other_name_utf8 = "1.2.3.4 testvalue233"
++other_name_utf8 = "1.2.3.4 testvalue234"
++other_name_utf8 = "1.2.3.4 testvalue235"
++other_name_utf8 = "1.2.3.4 testvalue236"
++other_name_utf8 = "1.2.3.4 testvalue237"
++other_name_utf8 = "1.2.3.4 testvalue238"
++other_name_utf8 = "1.2.3.4 testvalue239"
++other_name_utf8 = "1.2.3.4 testvalue240"
++other_name_utf8 = "1.2.3.4 testvalue241"
++other_name_utf8 = "1.2.3.4 testvalue242"
++other_name_utf8 = "1.2.3.4 testvalue243"
++other_name_utf8 = "1.2.3.4 testvalue244"
++other_name_utf8 = "1.2.3.4 testvalue245"
++other_name_utf8 = "1.2.3.4 testvalue246"
++other_name_utf8 = "1.2.3.4 testvalue247"
++other_name_utf8 = "1.2.3.4 testvalue248"
++other_name_utf8 = "1.2.3.4 testvalue249"
++other_name_utf8 = "1.2.3.4 testvalue250"
++other_name_utf8 = "1.2.3.4 testvalue251"
++other_name_utf8 = "1.2.3.4 testvalue252"
++other_name_utf8 = "1.2.3.4 testvalue253"
++other_name_utf8 = "1.2.3.4 testvalue254"
++other_name_utf8 = "1.2.3.4 testvalue255"
++other_name_utf8 = "1.2.3.4 testvalue256"
++other_name_utf8 = "1.2.3.4 testvalue257"
++other_name_utf8 = "1.2.3.4 testvalue258"
++other_name_utf8 = "1.2.3.4 testvalue259"
++other_name_utf8 = "1.2.3.4 testvalue260"
++other_name_utf8 = "1.2.3.4 testvalue261"
++other_name_utf8 = "1.2.3.4 testvalue262"
++other_name_utf8 = "1.2.3.4 testvalue263"
++other_name_utf8 = "1.2.3.4 testvalue264"
++other_name_utf8 = "1.2.3.4 testvalue265"
++other_name_utf8 = "1.2.3.4 testvalue266"
++other_name_utf8 = "1.2.3.4 testvalue267"
++other_name_utf8 = "1.2.3.4 testvalue268"
++other_name_utf8 = "1.2.3.4 testvalue269"
++other_name_utf8 = "1.2.3.4 testvalue270"
++other_name_utf8 = "1.2.3.4 testvalue271"
++other_name_utf8 = "1.2.3.4 testvalue272"
++other_name_utf8 = "1.2.3.4 testvalue273"
++other_name_utf8 = "1.2.3.4 testvalue274"
++other_name_utf8 = "1.2.3.4 testvalue275"
++other_name_utf8 = "1.2.3.4 testvalue276"
++other_name_utf8 = "1.2.3.4 testvalue277"
++other_name_utf8 = "1.2.3.4 testvalue278"
++other_name_utf8 = "1.2.3.4 testvalue279"
++other_name_utf8 = "1.2.3.4 testvalue280"
++other_name_utf8 = "1.2.3.4 testvalue281"
++other_name_utf8 = "1.2.3.4 testvalue282"
++other_name_utf8 = "1.2.3.4 testvalue283"
++other_name_utf8 = "1.2.3.4 testvalue284"
++other_name_utf8 = "1.2.3.4 testvalue285"
++other_name_utf8 = "1.2.3.4 testvalue286"
++other_name_utf8 = "1.2.3.4 testvalue287"
++other_name_utf8 = "1.2.3.4 testvalue288"
++other_name_utf8 = "1.2.3.4 testvalue289"
++other_name_utf8 = "1.2.3.4 testvalue290"
++other_name_utf8 = "1.2.3.4 testvalue291"
++other_name_utf8 = "1.2.3.4 testvalue292"
++other_name_utf8 = "1.2.3.4 testvalue293"
++other_name_utf8 = "1.2.3.4 testvalue294"
++other_name_utf8 = "1.2.3.4 testvalue295"
++other_name_utf8 = "1.2.3.4 testvalue296"
++other_name_utf8 = "1.2.3.4 testvalue297"
++other_name_utf8 = "1.2.3.4 testvalue298"
++other_name_utf8 = "1.2.3.4 testvalue299"
++other_name_utf8 = "1.2.3.4 testvalue300"
++other_name_utf8 = "1.2.3.4 testvalue301"
++other_name_utf8 = "1.2.3.4 testvalue302"
++other_name_utf8 = "1.2.3.4 testvalue303"
++other_name_utf8 = "1.2.3.4 testvalue304"
++other_name_utf8 = "1.2.3.4 testvalue305"
++other_name_utf8 = "1.2.3.4 testvalue306"
++other_name_utf8 = "1.2.3.4 testvalue307"
++other_name_utf8 = "1.2.3.4 testvalue308"
++other_name_utf8 = "1.2.3.4 testvalue309"
++other_name_utf8 = "1.2.3.4 testvalue310"
++other_name_utf8 = "1.2.3.4 testvalue311"
++other_name_utf8 = "1.2.3.4 testvalue312"
++other_name_utf8 = "1.2.3.4 testvalue313"
++other_name_utf8 = "1.2.3.4 testvalue314"
++other_name_utf8 = "1.2.3.4 testvalue315"
++other_name_utf8 = "1.2.3.4 testvalue316"
++other_name_utf8 = "1.2.3.4 testvalue317"
++other_name_utf8 = "1.2.3.4 testvalue318"
++other_name_utf8 = "1.2.3.4 testvalue319"
++other_name_utf8 = "1.2.3.4 testvalue320"
++other_name_utf8 = "1.2.3.4 testvalue321"
++other_name_utf8 = "1.2.3.4 testvalue322"
++other_name_utf8 = "1.2.3.4 testvalue323"
++other_name_utf8 = "1.2.3.4 testvalue324"
++other_name_utf8 = "1.2.3.4 testvalue325"
++other_name_utf8 = "1.2.3.4 testvalue326"
++other_name_utf8 = "1.2.3.4 testvalue327"
++other_name_utf8 = "1.2.3.4 testvalue328"
++other_name_utf8 = "1.2.3.4 testvalue329"
++other_name_utf8 = "1.2.3.4 testvalue330"
++other_name_utf8 = "1.2.3.4 testvalue331"
++other_name_utf8 = "1.2.3.4 testvalue332"
++other_name_utf8 = "1.2.3.4 testvalue333"
++other_name_utf8 = "1.2.3.4 testvalue334"
++other_name_utf8 = "1.2.3.4 testvalue335"
++other_name_utf8 = "1.2.3.4 testvalue336"
++other_name_utf8 = "1.2.3.4 testvalue337"
++other_name_utf8 = "1.2.3.4 testvalue338"
++other_name_utf8 = "1.2.3.4 testvalue339"
++other_name_utf8 = "1.2.3.4 testvalue340"
++other_name_utf8 = "1.2.3.4 testvalue341"
++other_name_utf8 = "1.2.3.4 testvalue342"
++other_name_utf8 = "1.2.3.4 testvalue343"
++other_name_utf8 = "1.2.3.4 testvalue344"
++other_name_utf8 = "1.2.3.4 testvalue345"
++other_name_utf8 = "1.2.3.4 testvalue346"
++other_name_utf8 = "1.2.3.4 testvalue347"
++other_name_utf8 = "1.2.3.4 testvalue348"
++other_name_utf8 = "1.2.3.4 testvalue349"
++other_name_utf8 = "1.2.3.4 testvalue350"
++other_name_utf8 = "1.2.3.4 testvalue351"
++other_name_utf8 = "1.2.3.4 testvalue352"
++other_name_utf8 = "1.2.3.4 testvalue353"
++other_name_utf8 = "1.2.3.4 testvalue354"
++other_name_utf8 = "1.2.3.4 testvalue355"
++other_name_utf8 = "1.2.3.4 testvalue356"
++other_name_utf8 = "1.2.3.4 testvalue357"
++other_name_utf8 = "1.2.3.4 testvalue358"
++other_name_utf8 = "1.2.3.4 testvalue359"
++other_name_utf8 = "1.2.3.4 testvalue360"
++other_name_utf8 = "1.2.3.4 testvalue361"
++other_name_utf8 = "1.2.3.4 testvalue362"
++other_name_utf8 = "1.2.3.4 testvalue363"
++other_name_utf8 = "1.2.3.4 testvalue364"
++other_name_utf8 = "1.2.3.4 testvalue365"
++other_name_utf8 = "1.2.3.4 testvalue366"
++other_name_utf8 = "1.2.3.4 testvalue367"
++other_name_utf8 = "1.2.3.4 testvalue368"
++other_name_utf8 = "1.2.3.4 testvalue369"
++other_name_utf8 = "1.2.3.4 testvalue370"
++other_name_utf8 = "1.2.3.4 testvalue371"
++other_name_utf8 = "1.2.3.4 testvalue372"
++other_name_utf8 = "1.2.3.4 testvalue373"
++other_name_utf8 = "1.2.3.4 testvalue374"
++other_name_utf8 = "1.2.3.4 testvalue375"
++other_name_utf8 = "1.2.3.4 testvalue376"
++other_name_utf8 = "1.2.3.4 testvalue377"
++other_name_utf8 = "1.2.3.4 testvalue378"
++other_name_utf8 = "1.2.3.4 testvalue379"
++other_name_utf8 = "1.2.3.4 testvalue380"
++other_name_utf8 = "1.2.3.4 testvalue381"
++other_name_utf8 = "1.2.3.4 testvalue382"
++other_name_utf8 = "1.2.3.4 testvalue383"
++other_name_utf8 = "1.2.3.4 testvalue384"
++other_name_utf8 = "1.2.3.4 testvalue385"
++other_name_utf8 = "1.2.3.4 testvalue386"
++other_name_utf8 = "1.2.3.4 testvalue387"
++other_name_utf8 = "1.2.3.4 testvalue388"
++other_name_utf8 = "1.2.3.4 testvalue389"
++other_name_utf8 = "1.2.3.4 testvalue390"
++other_name_utf8 = "1.2.3.4 testvalue391"
++other_name_utf8 = "1.2.3.4 testvalue392"
++other_name_utf8 = "1.2.3.4 testvalue393"
++other_name_utf8 = "1.2.3.4 testvalue394"
++other_name_utf8 = "1.2.3.4 testvalue395"
++other_name_utf8 = "1.2.3.4 testvalue396"
++other_name_utf8 = "1.2.3.4 testvalue397"
++other_name_utf8 = "1.2.3.4 testvalue398"
++other_name_utf8 = "1.2.3.4 testvalue399"
++other_name_utf8 = "1.2.3.4 testvalue400"
++other_name_utf8 = "1.2.3.4 testvalue401"
++other_name_utf8 = "1.2.3.4 testvalue402"
++other_name_utf8 = "1.2.3.4 testvalue403"
++other_name_utf8 = "1.2.3.4 testvalue404"
++other_name_utf8 = "1.2.3.4 testvalue405"
++other_name_utf8 = "1.2.3.4 testvalue406"
++other_name_utf8 = "1.2.3.4 testvalue407"
++other_name_utf8 = "1.2.3.4 testvalue408"
++other_name_utf8 = "1.2.3.4 testvalue409"
++other_name_utf8 = "1.2.3.4 testvalue410"
++other_name_utf8 = "1.2.3.4 testvalue411"
++other_name_utf8 = "1.2.3.4 testvalue412"
++other_name_utf8 = "1.2.3.4 testvalue413"
++other_name_utf8 = "1.2.3.4 testvalue414"
++other_name_utf8 = "1.2.3.4 testvalue415"
++other_name_utf8 = "1.2.3.4 testvalue416"
++other_name_utf8 = "1.2.3.4 testvalue417"
++other_name_utf8 = "1.2.3.4 testvalue418"
++other_name_utf8 = "1.2.3.4 testvalue419"
++other_name_utf8 = "1.2.3.4 testvalue420"
++other_name_utf8 = "1.2.3.4 testvalue421"
++other_name_utf8 = "1.2.3.4 testvalue422"
++other_name_utf8 = "1.2.3.4 testvalue423"
++other_name_utf8 = "1.2.3.4 testvalue424"
++other_name_utf8 = "1.2.3.4 testvalue425"
++other_name_utf8 = "1.2.3.4 testvalue426"
++other_name_utf8 = "1.2.3.4 testvalue427"
++other_name_utf8 = "1.2.3.4 testvalue428"
++other_name_utf8 = "1.2.3.4 testvalue429"
++other_name_utf8 = "1.2.3.4 testvalue430"
++other_name_utf8 = "1.2.3.4 testvalue431"
++other_name_utf8 = "1.2.3.4 testvalue432"
++other_name_utf8 = "1.2.3.4 testvalue433"
++other_name_utf8 = "1.2.3.4 testvalue434"
++other_name_utf8 = "1.2.3.4 testvalue435"
++other_name_utf8 = "1.2.3.4 testvalue436"
++other_name_utf8 = "1.2.3.4 testvalue437"
++other_name_utf8 = "1.2.3.4 testvalue438"
++other_name_utf8 = "1.2.3.4 testvalue439"
++other_name_utf8 = "1.2.3.4 testvalue440"
++other_name_utf8 = "1.2.3.4 testvalue441"
++other_name_utf8 = "1.2.3.4 testvalue442"
++other_name_utf8 = "1.2.3.4 testvalue443"
++other_name_utf8 = "1.2.3.4 testvalue444"
++other_name_utf8 = "1.2.3.4 testvalue445"
++other_name_utf8 = "1.2.3.4 testvalue446"
++other_name_utf8 = "1.2.3.4 testvalue447"
++other_name_utf8 = "1.2.3.4 testvalue448"
++other_name_utf8 = "1.2.3.4 testvalue449"
++other_name_utf8 = "1.2.3.4 testvalue450"
++other_name_utf8 = "1.2.3.4 testvalue451"
++other_name_utf8 = "1.2.3.4 testvalue452"
++other_name_utf8 = "1.2.3.4 testvalue453"
++other_name_utf8 = "1.2.3.4 testvalue454"
++other_name_utf8 = "1.2.3.4 testvalue455"
++other_name_utf8 = "1.2.3.4 testvalue456"
++other_name_utf8 = "1.2.3.4 testvalue457"
++other_name_utf8 = "1.2.3.4 testvalue458"
++other_name_utf8 = "1.2.3.4 testvalue459"
++other_name_utf8 = "1.2.3.4 testvalue460"
++other_name_utf8 = "1.2.3.4 testvalue461"
++other_name_utf8 = "1.2.3.4 testvalue462"
++other_name_utf8 = "1.2.3.4 testvalue463"
++other_name_utf8 = "1.2.3.4 testvalue464"
++other_name_utf8 = "1.2.3.4 testvalue465"
++other_name_utf8 = "1.2.3.4 testvalue466"
++other_name_utf8 = "1.2.3.4 testvalue467"
++other_name_utf8 = "1.2.3.4 testvalue468"
++other_name_utf8 = "1.2.3.4 testvalue469"
++other_name_utf8 = "1.2.3.4 testvalue470"
++other_name_utf8 = "1.2.3.4 testvalue471"
++other_name_utf8 = "1.2.3.4 testvalue472"
++other_name_utf8 = "1.2.3.4 testvalue473"
++other_name_utf8 = "1.2.3.4 testvalue474"
++other_name_utf8 = "1.2.3.4 testvalue475"
++other_name_utf8 = "1.2.3.4 testvalue476"
++other_name_utf8 = "1.2.3.4 testvalue477"
++other_name_utf8 = "1.2.3.4 testvalue478"
++other_name_utf8 = "1.2.3.4 testvalue479"
++other_name_utf8 = "1.2.3.4 testvalue480"
++other_name_utf8 = "1.2.3.4 testvalue481"
++other_name_utf8 = "1.2.3.4 testvalue482"
++other_name_utf8 = "1.2.3.4 testvalue483"
++other_name_utf8 = "1.2.3.4 testvalue484"
++other_name_utf8 = "1.2.3.4 testvalue485"
++other_name_utf8 = "1.2.3.4 testvalue486"
++other_name_utf8 = "1.2.3.4 testvalue487"
++other_name_utf8 = "1.2.3.4 testvalue488"
++other_name_utf8 = "1.2.3.4 testvalue489"
++other_name_utf8 = "1.2.3.4 testvalue490"
++other_name_utf8 = "1.2.3.4 testvalue491"
++other_name_utf8 = "1.2.3.4 testvalue492"
++other_name_utf8 = "1.2.3.4 testvalue493"
++other_name_utf8 = "1.2.3.4 testvalue494"
++other_name_utf8 = "1.2.3.4 testvalue495"
++other_name_utf8 = "1.2.3.4 testvalue496"
++other_name_utf8 = "1.2.3.4 testvalue497"
++other_name_utf8 = "1.2.3.4 testvalue498"
++other_name_utf8 = "1.2.3.4 testvalue499"
++other_name_utf8 = "1.2.3.4 testvalue500"
++other_name_utf8 = "1.2.3.4 testvalue501"
++other_name_utf8 = "1.2.3.4 testvalue502"
++other_name_utf8 = "1.2.3.4 testvalue503"
++other_name_utf8 = "1.2.3.4 testvalue504"
++other_name_utf8 = "1.2.3.4 testvalue505"
++other_name_utf8 = "1.2.3.4 testvalue506"
++other_name_utf8 = "1.2.3.4 testvalue507"
++other_name_utf8 = "1.2.3.4 testvalue508"
++other_name_utf8 = "1.2.3.4 testvalue509"
++other_name_utf8 = "1.2.3.4 testvalue510"
++other_name_utf8 = "1.2.3.4 testvalue511"
++other_name_utf8 = "1.2.3.4 testvalue512"
++other_name_utf8 = "1.2.3.4 testvalue513"
++other_name_utf8 = "1.2.3.4 testvalue514"
++other_name_utf8 = "1.2.3.4 testvalue515"
++other_name_utf8 = "1.2.3.4 testvalue516"
++other_name_utf8 = "1.2.3.4 testvalue517"
++other_name_utf8 = "1.2.3.4 testvalue518"
++other_name_utf8 = "1.2.3.4 testvalue519"
++other_name_utf8 = "1.2.3.4 testvalue520"
++other_name_utf8 = "1.2.3.4 testvalue521"
++other_name_utf8 = "1.2.3.4 testvalue522"
++other_name_utf8 = "1.2.3.4 testvalue523"
++other_name_utf8 = "1.2.3.4 testvalue524"
++other_name_utf8 = "1.2.3.4 testvalue525"
++other_name_utf8 = "1.2.3.4 testvalue526"
++other_name_utf8 = "1.2.3.4 testvalue527"
++other_name_utf8 = "1.2.3.4 testvalue528"
++other_name_utf8 = "1.2.3.4 testvalue529"
++other_name_utf8 = "1.2.3.4 testvalue530"
++other_name_utf8 = "1.2.3.4 testvalue531"
++other_name_utf8 = "1.2.3.4 testvalue532"
++other_name_utf8 = "1.2.3.4 testvalue533"
++other_name_utf8 = "1.2.3.4 testvalue534"
++other_name_utf8 = "1.2.3.4 testvalue535"
++other_name_utf8 = "1.2.3.4 testvalue536"
++other_name_utf8 = "1.2.3.4 testvalue537"
++other_name_utf8 = "1.2.3.4 testvalue538"
++other_name_utf8 = "1.2.3.4 testvalue539"
++other_name_utf8 = "1.2.3.4 testvalue540"
++other_name_utf8 = "1.2.3.4 testvalue541"
++other_name_utf8 = "1.2.3.4 testvalue542"
++other_name_utf8 = "1.2.3.4 testvalue543"
++other_name_utf8 = "1.2.3.4 testvalue544"
++other_name_utf8 = "1.2.3.4 testvalue545"
++other_name_utf8 = "1.2.3.4 testvalue546"
++other_name_utf8 = "1.2.3.4 testvalue547"
++other_name_utf8 = "1.2.3.4 testvalue548"
++other_name_utf8 = "1.2.3.4 testvalue549"
++other_name_utf8 = "1.2.3.4 testvalue550"
++other_name_utf8 = "1.2.3.4 testvalue551"
++other_name_utf8 = "1.2.3.4 testvalue552"
++other_name_utf8 = "1.2.3.4 testvalue553"
++other_name_utf8 = "1.2.3.4 testvalue554"
++other_name_utf8 = "1.2.3.4 testvalue555"
++other_name_utf8 = "1.2.3.4 testvalue556"
++other_name_utf8 = "1.2.3.4 testvalue557"
++other_name_utf8 = "1.2.3.4 testvalue558"
++other_name_utf8 = "1.2.3.4 testvalue559"
++other_name_utf8 = "1.2.3.4 testvalue560"
++other_name_utf8 = "1.2.3.4 testvalue561"
++other_name_utf8 = "1.2.3.4 testvalue562"
++other_name_utf8 = "1.2.3.4 testvalue563"
++other_name_utf8 = "1.2.3.4 testvalue564"
++other_name_utf8 = "1.2.3.4 testvalue565"
++other_name_utf8 = "1.2.3.4 testvalue566"
++other_name_utf8 = "1.2.3.4 testvalue567"
++other_name_utf8 = "1.2.3.4 testvalue568"
++other_name_utf8 = "1.2.3.4 testvalue569"
++other_name_utf8 = "1.2.3.4 testvalue570"
++other_name_utf8 = "1.2.3.4 testvalue571"
++other_name_utf8 = "1.2.3.4 testvalue572"
++other_name_utf8 = "1.2.3.4 testvalue573"
++other_name_utf8 = "1.2.3.4 testvalue574"
++other_name_utf8 = "1.2.3.4 testvalue575"
++other_name_utf8 = "1.2.3.4 testvalue576"
++other_name_utf8 = "1.2.3.4 testvalue577"
++other_name_utf8 = "1.2.3.4 testvalue578"
++other_name_utf8 = "1.2.3.4 testvalue579"
++other_name_utf8 = "1.2.3.4 testvalue580"
++other_name_utf8 = "1.2.3.4 testvalue581"
++other_name_utf8 = "1.2.3.4 testvalue582"
++other_name_utf8 = "1.2.3.4 testvalue583"
++other_name_utf8 = "1.2.3.4 testvalue584"
++other_name_utf8 = "1.2.3.4 testvalue585"
++other_name_utf8 = "1.2.3.4 testvalue586"
++other_name_utf8 = "1.2.3.4 testvalue587"
++other_name_utf8 = "1.2.3.4 testvalue588"
++other_name_utf8 = "1.2.3.4 testvalue589"
++other_name_utf8 = "1.2.3.4 testvalue590"
++other_name_utf8 = "1.2.3.4 testvalue591"
++other_name_utf8 = "1.2.3.4 testvalue592"
++other_name_utf8 = "1.2.3.4 testvalue593"
++other_name_utf8 = "1.2.3.4 testvalue594"
++other_name_utf8 = "1.2.3.4 testvalue595"
++other_name_utf8 = "1.2.3.4 testvalue596"
++other_name_utf8 = "1.2.3.4 testvalue597"
++other_name_utf8 = "1.2.3.4 testvalue598"
++other_name_utf8 = "1.2.3.4 testvalue599"
++other_name_utf8 = "1.2.3.4 testvalue600"
++other_name_utf8 = "1.2.3.4 testvalue601"
++other_name_utf8 = "1.2.3.4 testvalue602"
++other_name_utf8 = "1.2.3.4 testvalue603"
++other_name_utf8 = "1.2.3.4 testvalue604"
++other_name_utf8 = "1.2.3.4 testvalue605"
++other_name_utf8 = "1.2.3.4 testvalue606"
++other_name_utf8 = "1.2.3.4 testvalue607"
++other_name_utf8 = "1.2.3.4 testvalue608"
++other_name_utf8 = "1.2.3.4 testvalue609"
++other_name_utf8 = "1.2.3.4 testvalue610"
++other_name_utf8 = "1.2.3.4 testvalue611"
++other_name_utf8 = "1.2.3.4 testvalue612"
++other_name_utf8 = "1.2.3.4 testvalue613"
++other_name_utf8 = "1.2.3.4 testvalue614"
++other_name_utf8 = "1.2.3.4 testvalue615"
++other_name_utf8 = "1.2.3.4 testvalue616"
++other_name_utf8 = "1.2.3.4 testvalue617"
++other_name_utf8 = "1.2.3.4 testvalue618"
++other_name_utf8 = "1.2.3.4 testvalue619"
++other_name_utf8 = "1.2.3.4 testvalue620"
++other_name_utf8 = "1.2.3.4 testvalue621"
++other_name_utf8 = "1.2.3.4 testvalue622"
++other_name_utf8 = "1.2.3.4 testvalue623"
++other_name_utf8 = "1.2.3.4 testvalue624"
++other_name_utf8 = "1.2.3.4 testvalue625"
++other_name_utf8 = "1.2.3.4 testvalue626"
++other_name_utf8 = "1.2.3.4 testvalue627"
++other_name_utf8 = "1.2.3.4 testvalue628"
++other_name_utf8 = "1.2.3.4 testvalue629"
++other_name_utf8 = "1.2.3.4 testvalue630"
++other_name_utf8 = "1.2.3.4 testvalue631"
++other_name_utf8 = "1.2.3.4 testvalue632"
++other_name_utf8 = "1.2.3.4 testvalue633"
++other_name_utf8 = "1.2.3.4 testvalue634"
++other_name_utf8 = "1.2.3.4 testvalue635"
++other_name_utf8 = "1.2.3.4 testvalue636"
++other_name_utf8 = "1.2.3.4 testvalue637"
++other_name_utf8 = "1.2.3.4 testvalue638"
++other_name_utf8 = "1.2.3.4 testvalue639"
++other_name_utf8 = "1.2.3.4 testvalue640"
++other_name_utf8 = "1.2.3.4 testvalue641"
++other_name_utf8 = "1.2.3.4 testvalue642"
++other_name_utf8 = "1.2.3.4 testvalue643"
++other_name_utf8 = "1.2.3.4 testvalue644"
++other_name_utf8 = "1.2.3.4 testvalue645"
++other_name_utf8 = "1.2.3.4 testvalue646"
++other_name_utf8 = "1.2.3.4 testvalue647"
++other_name_utf8 = "1.2.3.4 testvalue648"
++other_name_utf8 = "1.2.3.4 testvalue649"
++other_name_utf8 = "1.2.3.4 testvalue650"
++other_name_utf8 = "1.2.3.4 testvalue651"
++other_name_utf8 = "1.2.3.4 testvalue652"
++other_name_utf8 = "1.2.3.4 testvalue653"
++other_name_utf8 = "1.2.3.4 testvalue654"
++other_name_utf8 = "1.2.3.4 testvalue655"
++other_name_utf8 = "1.2.3.4 testvalue656"
++other_name_utf8 = "1.2.3.4 testvalue657"
++other_name_utf8 = "1.2.3.4 testvalue658"
++other_name_utf8 = "1.2.3.4 testvalue659"
++other_name_utf8 = "1.2.3.4 testvalue660"
++other_name_utf8 = "1.2.3.4 testvalue661"
++other_name_utf8 = "1.2.3.4 testvalue662"
++other_name_utf8 = "1.2.3.4 testvalue663"
++other_name_utf8 = "1.2.3.4 testvalue664"
++other_name_utf8 = "1.2.3.4 testvalue665"
++other_name_utf8 = "1.2.3.4 testvalue666"
++other_name_utf8 = "1.2.3.4 testvalue667"
++other_name_utf8 = "1.2.3.4 testvalue668"
++other_name_utf8 = "1.2.3.4 testvalue669"
++other_name_utf8 = "1.2.3.4 testvalue670"
++other_name_utf8 = "1.2.3.4 testvalue671"
++other_name_utf8 = "1.2.3.4 testvalue672"
++other_name_utf8 = "1.2.3.4 testvalue673"
++other_name_utf8 = "1.2.3.4 testvalue674"
++other_name_utf8 = "1.2.3.4 testvalue675"
++other_name_utf8 = "1.2.3.4 testvalue676"
++other_name_utf8 = "1.2.3.4 testvalue677"
++other_name_utf8 = "1.2.3.4 testvalue678"
++other_name_utf8 = "1.2.3.4 testvalue679"
++other_name_utf8 = "1.2.3.4 testvalue680"
++other_name_utf8 = "1.2.3.4 testvalue681"
++other_name_utf8 = "1.2.3.4 testvalue682"
++other_name_utf8 = "1.2.3.4 testvalue683"
++other_name_utf8 = "1.2.3.4 testvalue684"
++other_name_utf8 = "1.2.3.4 testvalue685"
++other_name_utf8 = "1.2.3.4 testvalue686"
++other_name_utf8 = "1.2.3.4 testvalue687"
++other_name_utf8 = "1.2.3.4 testvalue688"
++other_name_utf8 = "1.2.3.4 testvalue689"
++other_name_utf8 = "1.2.3.4 testvalue690"
++other_name_utf8 = "1.2.3.4 testvalue691"
++other_name_utf8 = "1.2.3.4 testvalue692"
++other_name_utf8 = "1.2.3.4 testvalue693"
++other_name_utf8 = "1.2.3.4 testvalue694"
++other_name_utf8 = "1.2.3.4 testvalue695"
++other_name_utf8 = "1.2.3.4 testvalue696"
++other_name_utf8 = "1.2.3.4 testvalue697"
++other_name_utf8 = "1.2.3.4 testvalue698"
++other_name_utf8 = "1.2.3.4 testvalue699"
++other_name_utf8 = "1.2.3.4 testvalue700"
++other_name_utf8 = "1.2.3.4 testvalue701"
++other_name_utf8 = "1.2.3.4 testvalue702"
++other_name_utf8 = "1.2.3.4 testvalue703"
++other_name_utf8 = "1.2.3.4 testvalue704"
++other_name_utf8 = "1.2.3.4 testvalue705"
++other_name_utf8 = "1.2.3.4 testvalue706"
++other_name_utf8 = "1.2.3.4 testvalue707"
++other_name_utf8 = "1.2.3.4 testvalue708"
++other_name_utf8 = "1.2.3.4 testvalue709"
++other_name_utf8 = "1.2.3.4 testvalue710"
++other_name_utf8 = "1.2.3.4 testvalue711"
++other_name_utf8 = "1.2.3.4 testvalue712"
++other_name_utf8 = "1.2.3.4 testvalue713"
++other_name_utf8 = "1.2.3.4 testvalue714"
++other_name_utf8 = "1.2.3.4 testvalue715"
++other_name_utf8 = "1.2.3.4 testvalue716"
++other_name_utf8 = "1.2.3.4 testvalue717"
++other_name_utf8 = "1.2.3.4 testvalue718"
++other_name_utf8 = "1.2.3.4 testvalue719"
++other_name_utf8 = "1.2.3.4 testvalue720"
++other_name_utf8 = "1.2.3.4 testvalue721"
++other_name_utf8 = "1.2.3.4 testvalue722"
++other_name_utf8 = "1.2.3.4 testvalue723"
++other_name_utf8 = "1.2.3.4 testvalue724"
++other_name_utf8 = "1.2.3.4 testvalue725"
++other_name_utf8 = "1.2.3.4 testvalue726"
++other_name_utf8 = "1.2.3.4 testvalue727"
++other_name_utf8 = "1.2.3.4 testvalue728"
++other_name_utf8 = "1.2.3.4 testvalue729"
++other_name_utf8 = "1.2.3.4 testvalue730"
++other_name_utf8 = "1.2.3.4 testvalue731"
++other_name_utf8 = "1.2.3.4 testvalue732"
++other_name_utf8 = "1.2.3.4 testvalue733"
++other_name_utf8 = "1.2.3.4 testvalue734"
++other_name_utf8 = "1.2.3.4 testvalue735"
++other_name_utf8 = "1.2.3.4 testvalue736"
++other_name_utf8 = "1.2.3.4 testvalue737"
++other_name_utf8 = "1.2.3.4 testvalue738"
++other_name_utf8 = "1.2.3.4 testvalue739"
++other_name_utf8 = "1.2.3.4 testvalue740"
++other_name_utf8 = "1.2.3.4 testvalue741"
++other_name_utf8 = "1.2.3.4 testvalue742"
++other_name_utf8 = "1.2.3.4 testvalue743"
++other_name_utf8 = "1.2.3.4 testvalue744"
++other_name_utf8 = "1.2.3.4 testvalue745"
++other_name_utf8 = "1.2.3.4 testvalue746"
++other_name_utf8 = "1.2.3.4 testvalue747"
++other_name_utf8 = "1.2.3.4 testvalue748"
++other_name_utf8 = "1.2.3.4 testvalue749"
++other_name_utf8 = "1.2.3.4 testvalue750"
++other_name_utf8 = "1.2.3.4 testvalue751"
++other_name_utf8 = "1.2.3.4 testvalue752"
++other_name_utf8 = "1.2.3.4 testvalue753"
++other_name_utf8 = "1.2.3.4 testvalue754"
++other_name_utf8 = "1.2.3.4 testvalue755"
++other_name_utf8 = "1.2.3.4 testvalue756"
++other_name_utf8 = "1.2.3.4 testvalue757"
++other_name_utf8 = "1.2.3.4 testvalue758"
++other_name_utf8 = "1.2.3.4 testvalue759"
++other_name_utf8 = "1.2.3.4 testvalue760"
++other_name_utf8 = "1.2.3.4 testvalue761"
++other_name_utf8 = "1.2.3.4 testvalue762"
++other_name_utf8 = "1.2.3.4 testvalue763"
++other_name_utf8 = "1.2.3.4 testvalue764"
++other_name_utf8 = "1.2.3.4 testvalue765"
++other_name_utf8 = "1.2.3.4 testvalue766"
++other_name_utf8 = "1.2.3.4 testvalue767"
++other_name_utf8 = "1.2.3.4 testvalue768"
++other_name_utf8 = "1.2.3.4 testvalue769"
++other_name_utf8 = "1.2.3.4 testvalue770"
++other_name_utf8 = "1.2.3.4 testvalue771"
++other_name_utf8 = "1.2.3.4 testvalue772"
++other_name_utf8 = "1.2.3.4 testvalue773"
++other_name_utf8 = "1.2.3.4 testvalue774"
++other_name_utf8 = "1.2.3.4 testvalue775"
++other_name_utf8 = "1.2.3.4 testvalue776"
++other_name_utf8 = "1.2.3.4 testvalue777"
++other_name_utf8 = "1.2.3.4 testvalue778"
++other_name_utf8 = "1.2.3.4 testvalue779"
++other_name_utf8 = "1.2.3.4 testvalue780"
++other_name_utf8 = "1.2.3.4 testvalue781"
++other_name_utf8 = "1.2.3.4 testvalue782"
++other_name_utf8 = "1.2.3.4 testvalue783"
++other_name_utf8 = "1.2.3.4 testvalue784"
++other_name_utf8 = "1.2.3.4 testvalue785"
++other_name_utf8 = "1.2.3.4 testvalue786"
++other_name_utf8 = "1.2.3.4 testvalue787"
++other_name_utf8 = "1.2.3.4 testvalue788"
++other_name_utf8 = "1.2.3.4 testvalue789"
++other_name_utf8 = "1.2.3.4 testvalue790"
++other_name_utf8 = "1.2.3.4 testvalue791"
++other_name_utf8 = "1.2.3.4 testvalue792"
++other_name_utf8 = "1.2.3.4 testvalue793"
++other_name_utf8 = "1.2.3.4 testvalue794"
++other_name_utf8 = "1.2.3.4 testvalue795"
++other_name_utf8 = "1.2.3.4 testvalue796"
++other_name_utf8 = "1.2.3.4 testvalue797"
++other_name_utf8 = "1.2.3.4 testvalue798"
++other_name_utf8 = "1.2.3.4 testvalue799"
++other_name_utf8 = "1.2.3.4 testvalue800"
++other_name_utf8 = "1.2.3.4 testvalue801"
++other_name_utf8 = "1.2.3.4 testvalue802"
++other_name_utf8 = "1.2.3.4 testvalue803"
++other_name_utf8 = "1.2.3.4 testvalue804"
++other_name_utf8 = "1.2.3.4 testvalue805"
++other_name_utf8 = "1.2.3.4 testvalue806"
++other_name_utf8 = "1.2.3.4 testvalue807"
++other_name_utf8 = "1.2.3.4 testvalue808"
++other_name_utf8 = "1.2.3.4 testvalue809"
++other_name_utf8 = "1.2.3.4 testvalue810"
++other_name_utf8 = "1.2.3.4 testvalue811"
++other_name_utf8 = "1.2.3.4 testvalue812"
++other_name_utf8 = "1.2.3.4 testvalue813"
++other_name_utf8 = "1.2.3.4 testvalue814"
++other_name_utf8 = "1.2.3.4 testvalue815"
++other_name_utf8 = "1.2.3.4 testvalue816"
++other_name_utf8 = "1.2.3.4 testvalue817"
++other_name_utf8 = "1.2.3.4 testvalue818"
++other_name_utf8 = "1.2.3.4 testvalue819"
++other_name_utf8 = "1.2.3.4 testvalue820"
++other_name_utf8 = "1.2.3.4 testvalue821"
++other_name_utf8 = "1.2.3.4 testvalue822"
++other_name_utf8 = "1.2.3.4 testvalue823"
++other_name_utf8 = "1.2.3.4 testvalue824"
++other_name_utf8 = "1.2.3.4 testvalue825"
++other_name_utf8 = "1.2.3.4 testvalue826"
++other_name_utf8 = "1.2.3.4 testvalue827"
++other_name_utf8 = "1.2.3.4 testvalue828"
++other_name_utf8 = "1.2.3.4 testvalue829"
++other_name_utf8 = "1.2.3.4 testvalue830"
++other_name_utf8 = "1.2.3.4 testvalue831"
++other_name_utf8 = "1.2.3.4 testvalue832"
++other_name_utf8 = "1.2.3.4 testvalue833"
++other_name_utf8 = "1.2.3.4 testvalue834"
++other_name_utf8 = "1.2.3.4 testvalue835"
++other_name_utf8 = "1.2.3.4 testvalue836"
++other_name_utf8 = "1.2.3.4 testvalue837"
++other_name_utf8 = "1.2.3.4 testvalue838"
++other_name_utf8 = "1.2.3.4 testvalue839"
++other_name_utf8 = "1.2.3.4 testvalue840"
++other_name_utf8 = "1.2.3.4 testvalue841"
++other_name_utf8 = "1.2.3.4 testvalue842"
++other_name_utf8 = "1.2.3.4 testvalue843"
++other_name_utf8 = "1.2.3.4 testvalue844"
++other_name_utf8 = "1.2.3.4 testvalue845"
++other_name_utf8 = "1.2.3.4 testvalue846"
++other_name_utf8 = "1.2.3.4 testvalue847"
++other_name_utf8 = "1.2.3.4 testvalue848"
++other_name_utf8 = "1.2.3.4 testvalue849"
++other_name_utf8 = "1.2.3.4 testvalue850"
++other_name_utf8 = "1.2.3.4 testvalue851"
++other_name_utf8 = "1.2.3.4 testvalue852"
++other_name_utf8 = "1.2.3.4 testvalue853"
++other_name_utf8 = "1.2.3.4 testvalue854"
++other_name_utf8 = "1.2.3.4 testvalue855"
++other_name_utf8 = "1.2.3.4 testvalue856"
++other_name_utf8 = "1.2.3.4 testvalue857"
++other_name_utf8 = "1.2.3.4 testvalue858"
++other_name_utf8 = "1.2.3.4 testvalue859"
++other_name_utf8 = "1.2.3.4 testvalue860"
++other_name_utf8 = "1.2.3.4 testvalue861"
++other_name_utf8 = "1.2.3.4 testvalue862"
++other_name_utf8 = "1.2.3.4 testvalue863"
++other_name_utf8 = "1.2.3.4 testvalue864"
++other_name_utf8 = "1.2.3.4 testvalue865"
++other_name_utf8 = "1.2.3.4 testvalue866"
++other_name_utf8 = "1.2.3.4 testvalue867"
++other_name_utf8 = "1.2.3.4 testvalue868"
++other_name_utf8 = "1.2.3.4 testvalue869"
++other_name_utf8 = "1.2.3.4 testvalue870"
++other_name_utf8 = "1.2.3.4 testvalue871"
++other_name_utf8 = "1.2.3.4 testvalue872"
++other_name_utf8 = "1.2.3.4 testvalue873"
++other_name_utf8 = "1.2.3.4 testvalue874"
++other_name_utf8 = "1.2.3.4 testvalue875"
++other_name_utf8 = "1.2.3.4 testvalue876"
++other_name_utf8 = "1.2.3.4 testvalue877"
++other_name_utf8 = "1.2.3.4 testvalue878"
++other_name_utf8 = "1.2.3.4 testvalue879"
++other_name_utf8 = "1.2.3.4 testvalue880"
++other_name_utf8 = "1.2.3.4 testvalue881"
++other_name_utf8 = "1.2.3.4 testvalue882"
++other_name_utf8 = "1.2.3.4 testvalue883"
++other_name_utf8 = "1.2.3.4 testvalue884"
++other_name_utf8 = "1.2.3.4 testvalue885"
++other_name_utf8 = "1.2.3.4 testvalue886"
++other_name_utf8 = "1.2.3.4 testvalue887"
++other_name_utf8 = "1.2.3.4 testvalue888"
++other_name_utf8 = "1.2.3.4 testvalue889"
++other_name_utf8 = "1.2.3.4 testvalue890"
++other_name_utf8 = "1.2.3.4 testvalue891"
++other_name_utf8 = "1.2.3.4 testvalue892"
++other_name_utf8 = "1.2.3.4 testvalue893"
++other_name_utf8 = "1.2.3.4 testvalue894"
++other_name_utf8 = "1.2.3.4 testvalue895"
++other_name_utf8 = "1.2.3.4 testvalue896"
++other_name_utf8 = "1.2.3.4 testvalue897"
++other_name_utf8 = "1.2.3.4 testvalue898"
++other_name_utf8 = "1.2.3.4 testvalue899"
++other_name_utf8 = "1.2.3.4 testvalue900"
++other_name_utf8 = "1.2.3.4 testvalue901"
++other_name_utf8 = "1.2.3.4 testvalue902"
++other_name_utf8 = "1.2.3.4 testvalue903"
++other_name_utf8 = "1.2.3.4 testvalue904"
++other_name_utf8 = "1.2.3.4 testvalue905"
++other_name_utf8 = "1.2.3.4 testvalue906"
++other_name_utf8 = "1.2.3.4 testvalue907"
++other_name_utf8 = "1.2.3.4 testvalue908"
++other_name_utf8 = "1.2.3.4 testvalue909"
++other_name_utf8 = "1.2.3.4 testvalue910"
++other_name_utf8 = "1.2.3.4 testvalue911"
++other_name_utf8 = "1.2.3.4 testvalue912"
++other_name_utf8 = "1.2.3.4 testvalue913"
++other_name_utf8 = "1.2.3.4 testvalue914"
++other_name_utf8 = "1.2.3.4 testvalue915"
++other_name_utf8 = "1.2.3.4 testvalue916"
++other_name_utf8 = "1.2.3.4 testvalue917"
++other_name_utf8 = "1.2.3.4 testvalue918"
++other_name_utf8 = "1.2.3.4 testvalue919"
++other_name_utf8 = "1.2.3.4 testvalue920"
++other_name_utf8 = "1.2.3.4 testvalue921"
++other_name_utf8 = "1.2.3.4 testvalue922"
++other_name_utf8 = "1.2.3.4 testvalue923"
++other_name_utf8 = "1.2.3.4 testvalue924"
++other_name_utf8 = "1.2.3.4 testvalue925"
++other_name_utf8 = "1.2.3.4 testvalue926"
++other_name_utf8 = "1.2.3.4 testvalue927"
++other_name_utf8 = "1.2.3.4 testvalue928"
++other_name_utf8 = "1.2.3.4 testvalue929"
++other_name_utf8 = "1.2.3.4 testvalue930"
++other_name_utf8 = "1.2.3.4 testvalue931"
++other_name_utf8 = "1.2.3.4 testvalue932"
++other_name_utf8 = "1.2.3.4 testvalue933"
++other_name_utf8 = "1.2.3.4 testvalue934"
++other_name_utf8 = "1.2.3.4 testvalue935"
++other_name_utf8 = "1.2.3.4 testvalue936"
++other_name_utf8 = "1.2.3.4 testvalue937"
++other_name_utf8 = "1.2.3.4 testvalue938"
++other_name_utf8 = "1.2.3.4 testvalue939"
++other_name_utf8 = "1.2.3.4 testvalue940"
++other_name_utf8 = "1.2.3.4 testvalue941"
++other_name_utf8 = "1.2.3.4 testvalue942"
++other_name_utf8 = "1.2.3.4 testvalue943"
++other_name_utf8 = "1.2.3.4 testvalue944"
++other_name_utf8 = "1.2.3.4 testvalue945"
++other_name_utf8 = "1.2.3.4 testvalue946"
++other_name_utf8 = "1.2.3.4 testvalue947"
++other_name_utf8 = "1.2.3.4 testvalue948"
++other_name_utf8 = "1.2.3.4 testvalue949"
++other_name_utf8 = "1.2.3.4 testvalue950"
++other_name_utf8 = "1.2.3.4 testvalue951"
++other_name_utf8 = "1.2.3.4 testvalue952"
++other_name_utf8 = "1.2.3.4 testvalue953"
++other_name_utf8 = "1.2.3.4 testvalue954"
++other_name_utf8 = "1.2.3.4 testvalue955"
++other_name_utf8 = "1.2.3.4 testvalue956"
++other_name_utf8 = "1.2.3.4 testvalue957"
++other_name_utf8 = "1.2.3.4 testvalue958"
++other_name_utf8 = "1.2.3.4 testvalue959"
++other_name_utf8 = "1.2.3.4 testvalue960"
++other_name_utf8 = "1.2.3.4 testvalue961"
++other_name_utf8 = "1.2.3.4 testvalue962"
++other_name_utf8 = "1.2.3.4 testvalue963"
++other_name_utf8 = "1.2.3.4 testvalue964"
++other_name_utf8 = "1.2.3.4 testvalue965"
++other_name_utf8 = "1.2.3.4 testvalue966"
++other_name_utf8 = "1.2.3.4 testvalue967"
++other_name_utf8 = "1.2.3.4 testvalue968"
++other_name_utf8 = "1.2.3.4 testvalue969"
++other_name_utf8 = "1.2.3.4 testvalue970"
++other_name_utf8 = "1.2.3.4 testvalue971"
++other_name_utf8 = "1.2.3.4 testvalue972"
++other_name_utf8 = "1.2.3.4 testvalue973"
++other_name_utf8 = "1.2.3.4 testvalue974"
++other_name_utf8 = "1.2.3.4 testvalue975"
++other_name_utf8 = "1.2.3.4 testvalue976"
++other_name_utf8 = "1.2.3.4 testvalue977"
++other_name_utf8 = "1.2.3.4 testvalue978"
++other_name_utf8 = "1.2.3.4 testvalue979"
++other_name_utf8 = "1.2.3.4 testvalue980"
++other_name_utf8 = "1.2.3.4 testvalue981"
++other_name_utf8 = "1.2.3.4 testvalue982"
++other_name_utf8 = "1.2.3.4 testvalue983"
++other_name_utf8 = "1.2.3.4 testvalue984"
++other_name_utf8 = "1.2.3.4 testvalue985"
++other_name_utf8 = "1.2.3.4 testvalue986"
++other_name_utf8 = "1.2.3.4 testvalue987"
++other_name_utf8 = "1.2.3.4 testvalue988"
++other_name_utf8 = "1.2.3.4 testvalue989"
++other_name_utf8 = "1.2.3.4 testvalue990"
++other_name_utf8 = "1.2.3.4 testvalue991"
++other_name_utf8 = "1.2.3.4 testvalue992"
++other_name_utf8 = "1.2.3.4 testvalue993"
++other_name_utf8 = "1.2.3.4 testvalue994"
++other_name_utf8 = "1.2.3.4 testvalue995"
++other_name_utf8 = "1.2.3.4 testvalue996"
++other_name_utf8 = "1.2.3.4 testvalue997"
++other_name_utf8 = "1.2.3.4 testvalue998"
++other_name_utf8 = "1.2.3.4 testvalue999"
++other_name_utf8 = "1.2.3.4 testvalue1000"
++other_name_utf8 = "1.2.3.4 testvalue1001"
++other_name_utf8 = "1.2.3.4 testvalue1002"
++other_name_utf8 = "1.2.3.4 testvalue1003"
++other_name_utf8 = "1.2.3.4 testvalue1004"
++other_name_utf8 = "1.2.3.4 testvalue1005"
++other_name_utf8 = "1.2.3.4 testvalue1006"
++other_name_utf8 = "1.2.3.4 testvalue1007"
++other_name_utf8 = "1.2.3.4 testvalue1008"
++other_name_utf8 = "1.2.3.4 testvalue1009"
++other_name_utf8 = "1.2.3.4 testvalue1010"
++other_name_utf8 = "1.2.3.4 testvalue1011"
++other_name_utf8 = "1.2.3.4 testvalue1012"
++other_name_utf8 = "1.2.3.4 testvalue1013"
++other_name_utf8 = "1.2.3.4 testvalue1014"
++other_name_utf8 = "1.2.3.4 testvalue1015"
++other_name_utf8 = "1.2.3.4 testvalue1016"
++other_name_utf8 = "1.2.3.4 testvalue1017"
++other_name_utf8 = "1.2.3.4 testvalue1018"
++other_name_utf8 = "1.2.3.4 testvalue1019"
++other_name_utf8 = "1.2.3.4 testvalue1020"
++other_name_utf8 = "1.2.3.4 testvalue1021"
++other_name_utf8 = "1.2.3.4 testvalue1022"
++other_name_utf8 = "1.2.3.4 testvalue1023"
++other_name_utf8 = "1.2.3.4 testvalue1024"
++other_name_utf8 = "1.2.3.4 testvalue1025"
++other_name_utf8 = "1.2.3.4 testvalue1026"
++other_name_utf8 = "1.2.3.4 testvalue1027"
++other_name_utf8 = "1.2.3.4 testvalue1028"
++other_name_utf8 = "1.2.3.4 testvalue1029"
++other_name_utf8 = "1.2.3.4 testvalue1030"
++other_name_utf8 = "1.2.3.4 testvalue1031"
++other_name_utf8 = "1.2.3.4 testvalue1032"
++other_name_utf8 = "1.2.3.4 testvalue1033"
++other_name_utf8 = "1.2.3.4 testvalue1034"
++other_name_utf8 = "1.2.3.4 testvalue1035"
++other_name_utf8 = "1.2.3.4 testvalue1036"
++other_name_utf8 = "1.2.3.4 testvalue1037"
++other_name_utf8 = "1.2.3.4 testvalue1038"
++other_name_utf8 = "1.2.3.4 testvalue1039"
++other_name_utf8 = "1.2.3.4 testvalue1040"
++other_name_utf8 = "1.2.3.4 testvalue1041"
++other_name_utf8 = "1.2.3.4 testvalue1042"
++other_name_utf8 = "1.2.3.4 testvalue1043"
++other_name_utf8 = "1.2.3.4 testvalue1044"
++other_name_utf8 = "1.2.3.4 testvalue1045"
++other_name_utf8 = "1.2.3.4 testvalue1046"
++other_name_utf8 = "1.2.3.4 testvalue1047"
++other_name_utf8 = "1.2.3.4 testvalue1048"
++other_name_utf8 = "1.2.3.4 testvalue1049"
++other_name_utf8 = "1.2.3.4 testvalue1050"
++other_name_utf8 = "1.2.3.4 testvalue1051"
++other_name_utf8 = "1.2.3.4 testvalue1052"
++other_name_utf8 = "1.2.3.4 testvalue1053"
++other_name_utf8 = "1.2.3.4 testvalue1054"
++other_name_utf8 = "1.2.3.4 testvalue1055"
++other_name_utf8 = "1.2.3.4 testvalue1056"
++other_name_utf8 = "1.2.3.4 testvalue1057"
++other_name_utf8 = "1.2.3.4 testvalue1058"
++other_name_utf8 = "1.2.3.4 testvalue1059"
++other_name_utf8 = "1.2.3.4 testvalue1060"
++other_name_utf8 = "1.2.3.4 testvalue1061"
++other_name_utf8 = "1.2.3.4 testvalue1062"
++other_name_utf8 = "1.2.3.4 testvalue1063"
++other_name_utf8 = "1.2.3.4 testvalue1064"
++other_name_utf8 = "1.2.3.4 testvalue1065"
++other_name_utf8 = "1.2.3.4 testvalue1066"
++other_name_utf8 = "1.2.3.4 testvalue1067"
++other_name_utf8 = "1.2.3.4 testvalue1068"
++other_name_utf8 = "1.2.3.4 testvalue1069"
++other_name_utf8 = "1.2.3.4 testvalue1070"
++other_name_utf8 = "1.2.3.4 testvalue1071"
++other_name_utf8 = "1.2.3.4 testvalue1072"
++other_name_utf8 = "1.2.3.4 testvalue1073"
++other_name_utf8 = "1.2.3.4 testvalue1074"
++other_name_utf8 = "1.2.3.4 testvalue1075"
++other_name_utf8 = "1.2.3.4 testvalue1076"
++other_name_utf8 = "1.2.3.4 testvalue1077"
++other_name_utf8 = "1.2.3.4 testvalue1078"
++other_name_utf8 = "1.2.3.4 testvalue1079"
++other_name_utf8 = "1.2.3.4 testvalue1080"
++other_name_utf8 = "1.2.3.4 testvalue1081"
++other_name_utf8 = "1.2.3.4 testvalue1082"
++other_name_utf8 = "1.2.3.4 testvalue1083"
++other_name_utf8 = "1.2.3.4 testvalue1084"
++other_name_utf8 = "1.2.3.4 testvalue1085"
++other_name_utf8 = "1.2.3.4 testvalue1086"
++other_name_utf8 = "1.2.3.4 testvalue1087"
++other_name_utf8 = "1.2.3.4 testvalue1088"
++other_name_utf8 = "1.2.3.4 testvalue1089"
++other_name_utf8 = "1.2.3.4 testvalue1090"
++other_name_utf8 = "1.2.3.4 testvalue1091"
++other_name_utf8 = "1.2.3.4 testvalue1092"
++other_name_utf8 = "1.2.3.4 testvalue1093"
++other_name_utf8 = "1.2.3.4 testvalue1094"
++other_name_utf8 = "1.2.3.4 testvalue1095"
++other_name_utf8 = "1.2.3.4 testvalue1096"
++other_name_utf8 = "1.2.3.4 testvalue1097"
++other_name_utf8 = "1.2.3.4 testvalue1098"
++other_name_utf8 = "1.2.3.4 testvalue1099"
++other_name_utf8 = "1.2.3.4 testvalue1100"
++other_name_utf8 = "1.2.3.4 testvalue1101"
++other_name_utf8 = "1.2.3.4 testvalue1102"
++other_name_utf8 = "1.2.3.4 testvalue1103"
++other_name_utf8 = "1.2.3.4 testvalue1104"
++other_name_utf8 = "1.2.3.4 testvalue1105"
++other_name_utf8 = "1.2.3.4 testvalue1106"
++other_name_utf8 = "1.2.3.4 testvalue1107"
++other_name_utf8 = "1.2.3.4 testvalue1108"
++other_name_utf8 = "1.2.3.4 testvalue1109"
++other_name_utf8 = "1.2.3.4 testvalue1110"
++other_name_utf8 = "1.2.3.4 testvalue1111"
++other_name_utf8 = "1.2.3.4 testvalue1112"
++other_name_utf8 = "1.2.3.4 testvalue1113"
++other_name_utf8 = "1.2.3.4 testvalue1114"
++other_name_utf8 = "1.2.3.4 testvalue1115"
++other_name_utf8 = "1.2.3.4 testvalue1116"
++other_name_utf8 = "1.2.3.4 testvalue1117"
++other_name_utf8 = "1.2.3.4 testvalue1118"
++other_name_utf8 = "1.2.3.4 testvalue1119"
++other_name_utf8 = "1.2.3.4 testvalue1120"
++other_name_utf8 = "1.2.3.4 testvalue1121"
++other_name_utf8 = "1.2.3.4 testvalue1122"
++other_name_utf8 = "1.2.3.4 testvalue1123"
++other_name_utf8 = "1.2.3.4 testvalue1124"
++other_name_utf8 = "1.2.3.4 testvalue1125"
++other_name_utf8 = "1.2.3.4 testvalue1126"
++other_name_utf8 = "1.2.3.4 testvalue1127"
++other_name_utf8 = "1.2.3.4 testvalue1128"
++other_name_utf8 = "1.2.3.4 testvalue1129"
++other_name_utf8 = "1.2.3.4 testvalue1130"
++other_name_utf8 = "1.2.3.4 testvalue1131"
++other_name_utf8 = "1.2.3.4 testvalue1132"
++other_name_utf8 = "1.2.3.4 testvalue1133"
++other_name_utf8 = "1.2.3.4 testvalue1134"
++other_name_utf8 = "1.2.3.4 testvalue1135"
++other_name_utf8 = "1.2.3.4 testvalue1136"
++other_name_utf8 = "1.2.3.4 testvalue1137"
++other_name_utf8 = "1.2.3.4 testvalue1138"
++other_name_utf8 = "1.2.3.4 testvalue1139"
++other_name_utf8 = "1.2.3.4 testvalue1140"
++other_name_utf8 = "1.2.3.4 testvalue1141"
++other_name_utf8 = "1.2.3.4 testvalue1142"
++other_name_utf8 = "1.2.3.4 testvalue1143"
++other_name_utf8 = "1.2.3.4 testvalue1144"
++other_name_utf8 = "1.2.3.4 testvalue1145"
++other_name_utf8 = "1.2.3.4 testvalue1146"
++other_name_utf8 = "1.2.3.4 testvalue1147"
++other_name_utf8 = "1.2.3.4 testvalue1148"
++other_name_utf8 = "1.2.3.4 testvalue1149"
++other_name_utf8 = "1.2.3.4 testvalue1150"
++other_name_utf8 = "1.2.3.4 testvalue1151"
++other_name_utf8 = "1.2.3.4 testvalue1152"
++other_name_utf8 = "1.2.3.4 testvalue1153"
++other_name_utf8 = "1.2.3.4 testvalue1154"
++other_name_utf8 = "1.2.3.4 testvalue1155"
++other_name_utf8 = "1.2.3.4 testvalue1156"
++other_name_utf8 = "1.2.3.4 testvalue1157"
++other_name_utf8 = "1.2.3.4 testvalue1158"
++other_name_utf8 = "1.2.3.4 testvalue1159"
++other_name_utf8 = "1.2.3.4 testvalue1160"
++other_name_utf8 = "1.2.3.4 testvalue1161"
++other_name_utf8 = "1.2.3.4 testvalue1162"
++other_name_utf8 = "1.2.3.4 testvalue1163"
++other_name_utf8 = "1.2.3.4 testvalue1164"
++other_name_utf8 = "1.2.3.4 testvalue1165"
++other_name_utf8 = "1.2.3.4 testvalue1166"
++other_name_utf8 = "1.2.3.4 testvalue1167"
++other_name_utf8 = "1.2.3.4 testvalue1168"
++other_name_utf8 = "1.2.3.4 testvalue1169"
++other_name_utf8 = "1.2.3.4 testvalue1170"
++other_name_utf8 = "1.2.3.4 testvalue1171"
++other_name_utf8 = "1.2.3.4 testvalue1172"
++other_name_utf8 = "1.2.3.4 testvalue1173"
++other_name_utf8 = "1.2.3.4 testvalue1174"
++other_name_utf8 = "1.2.3.4 testvalue1175"
++other_name_utf8 = "1.2.3.4 testvalue1176"
++other_name_utf8 = "1.2.3.4 testvalue1177"
++other_name_utf8 = "1.2.3.4 testvalue1178"
++other_name_utf8 = "1.2.3.4 testvalue1179"
++other_name_utf8 = "1.2.3.4 testvalue1180"
++other_name_utf8 = "1.2.3.4 testvalue1181"
++other_name_utf8 = "1.2.3.4 testvalue1182"
++other_name_utf8 = "1.2.3.4 testvalue1183"
++other_name_utf8 = "1.2.3.4 testvalue1184"
++other_name_utf8 = "1.2.3.4 testvalue1185"
++other_name_utf8 = "1.2.3.4 testvalue1186"
++other_name_utf8 = "1.2.3.4 testvalue1187"
++other_name_utf8 = "1.2.3.4 testvalue1188"
++other_name_utf8 = "1.2.3.4 testvalue1189"
++other_name_utf8 = "1.2.3.4 testvalue1190"
++other_name_utf8 = "1.2.3.4 testvalue1191"
++other_name_utf8 = "1.2.3.4 testvalue1192"
++other_name_utf8 = "1.2.3.4 testvalue1193"
++other_name_utf8 = "1.2.3.4 testvalue1194"
++other_name_utf8 = "1.2.3.4 testvalue1195"
++other_name_utf8 = "1.2.3.4 testvalue1196"
++other_name_utf8 = "1.2.3.4 testvalue1197"
++other_name_utf8 = "1.2.3.4 testvalue1198"
++other_name_utf8 = "1.2.3.4 testvalue1199"
++other_name_utf8 = "1.2.3.4 testvalue1200"
++other_name_utf8 = "1.2.3.4 testvalue1201"
++other_name_utf8 = "1.2.3.4 testvalue1202"
++other_name_utf8 = "1.2.3.4 testvalue1203"
++other_name_utf8 = "1.2.3.4 testvalue1204"
++other_name_utf8 = "1.2.3.4 testvalue1205"
++other_name_utf8 = "1.2.3.4 testvalue1206"
++other_name_utf8 = "1.2.3.4 testvalue1207"
++other_name_utf8 = "1.2.3.4 testvalue1208"
++other_name_utf8 = "1.2.3.4 testvalue1209"
++other_name_utf8 = "1.2.3.4 testvalue1210"
++other_name_utf8 = "1.2.3.4 testvalue1211"
++other_name_utf8 = "1.2.3.4 testvalue1212"
++other_name_utf8 = "1.2.3.4 testvalue1213"
++other_name_utf8 = "1.2.3.4 testvalue1214"
++other_name_utf8 = "1.2.3.4 testvalue1215"
++other_name_utf8 = "1.2.3.4 testvalue1216"
++other_name_utf8 = "1.2.3.4 testvalue1217"
++other_name_utf8 = "1.2.3.4 testvalue1218"
++other_name_utf8 = "1.2.3.4 testvalue1219"
++other_name_utf8 = "1.2.3.4 testvalue1220"
++other_name_utf8 = "1.2.3.4 testvalue1221"
++other_name_utf8 = "1.2.3.4 testvalue1222"
++other_name_utf8 = "1.2.3.4 testvalue1223"
++other_name_utf8 = "1.2.3.4 testvalue1224"
++other_name_utf8 = "1.2.3.4 testvalue1225"
++other_name_utf8 = "1.2.3.4 testvalue1226"
++other_name_utf8 = "1.2.3.4 testvalue1227"
++other_name_utf8 = "1.2.3.4 testvalue1228"
++other_name_utf8 = "1.2.3.4 testvalue1229"
++other_name_utf8 = "1.2.3.4 testvalue1230"
++other_name_utf8 = "1.2.3.4 testvalue1231"
++other_name_utf8 = "1.2.3.4 testvalue1232"
++other_name_utf8 = "1.2.3.4 testvalue1233"
++other_name_utf8 = "1.2.3.4 testvalue1234"
++other_name_utf8 = "1.2.3.4 testvalue1235"
++other_name_utf8 = "1.2.3.4 testvalue1236"
++other_name_utf8 = "1.2.3.4 testvalue1237"
++other_name_utf8 = "1.2.3.4 testvalue1238"
++other_name_utf8 = "1.2.3.4 testvalue1239"
++other_name_utf8 = "1.2.3.4 testvalue1240"
++other_name_utf8 = "1.2.3.4 testvalue1241"
++other_name_utf8 = "1.2.3.4 testvalue1242"
++other_name_utf8 = "1.2.3.4 testvalue1243"
++other_name_utf8 = "1.2.3.4 testvalue1244"
++other_name_utf8 = "1.2.3.4 testvalue1245"
++other_name_utf8 = "1.2.3.4 testvalue1246"
++other_name_utf8 = "1.2.3.4 testvalue1247"
++other_name_utf8 = "1.2.3.4 testvalue1248"
++other_name_utf8 = "1.2.3.4 testvalue1249"
++other_name_utf8 = "1.2.3.4 testvalue1250"
++other_name_utf8 = "1.2.3.4 testvalue1251"
++other_name_utf8 = "1.2.3.4 testvalue1252"
++other_name_utf8 = "1.2.3.4 testvalue1253"
++other_name_utf8 = "1.2.3.4 testvalue1254"
++other_name_utf8 = "1.2.3.4 testvalue1255"
++other_name_utf8 = "1.2.3.4 testvalue1256"
++other_name_utf8 = "1.2.3.4 testvalue1257"
++other_name_utf8 = "1.2.3.4 testvalue1258"
++other_name_utf8 = "1.2.3.4 testvalue1259"
++other_name_utf8 = "1.2.3.4 testvalue1260"
++other_name_utf8 = "1.2.3.4 testvalue1261"
++other_name_utf8 = "1.2.3.4 testvalue1262"
++other_name_utf8 = "1.2.3.4 testvalue1263"
++other_name_utf8 = "1.2.3.4 testvalue1264"
++other_name_utf8 = "1.2.3.4 testvalue1265"
++other_name_utf8 = "1.2.3.4 testvalue1266"
++other_name_utf8 = "1.2.3.4 testvalue1267"
++other_name_utf8 = "1.2.3.4 testvalue1268"
++other_name_utf8 = "1.2.3.4 testvalue1269"
++other_name_utf8 = "1.2.3.4 testvalue1270"
++other_name_utf8 = "1.2.3.4 testvalue1271"
++other_name_utf8 = "1.2.3.4 testvalue1272"
++other_name_utf8 = "1.2.3.4 testvalue1273"
++other_name_utf8 = "1.2.3.4 testvalue1274"
++other_name_utf8 = "1.2.3.4 testvalue1275"
++other_name_utf8 = "1.2.3.4 testvalue1276"
++other_name_utf8 = "1.2.3.4 testvalue1277"
++other_name_utf8 = "1.2.3.4 testvalue1278"
++other_name_utf8 = "1.2.3.4 testvalue1279"
++other_name_utf8 = "1.2.3.4 testvalue1280"
++other_name_utf8 = "1.2.3.4 testvalue1281"
++other_name_utf8 = "1.2.3.4 testvalue1282"
++other_name_utf8 = "1.2.3.4 testvalue1283"
++other_name_utf8 = "1.2.3.4 testvalue1284"
++other_name_utf8 = "1.2.3.4 testvalue1285"
++other_name_utf8 = "1.2.3.4 testvalue1286"
++other_name_utf8 = "1.2.3.4 testvalue1287"
++other_name_utf8 = "1.2.3.4 testvalue1288"
++other_name_utf8 = "1.2.3.4 testvalue1289"
++other_name_utf8 = "1.2.3.4 testvalue1290"
++other_name_utf8 = "1.2.3.4 testvalue1291"
++other_name_utf8 = "1.2.3.4 testvalue1292"
++other_name_utf8 = "1.2.3.4 testvalue1293"
++other_name_utf8 = "1.2.3.4 testvalue1294"
++other_name_utf8 = "1.2.3.4 testvalue1295"
++other_name_utf8 = "1.2.3.4 testvalue1296"
++other_name_utf8 = "1.2.3.4 testvalue1297"
++other_name_utf8 = "1.2.3.4 testvalue1298"
++other_name_utf8 = "1.2.3.4 testvalue1299"
++other_name_utf8 = "1.2.3.4 testvalue1300"
++other_name_utf8 = "1.2.3.4 testvalue1301"
++other_name_utf8 = "1.2.3.4 testvalue1302"
++other_name_utf8 = "1.2.3.4 testvalue1303"
++other_name_utf8 = "1.2.3.4 testvalue1304"
++other_name_utf8 = "1.2.3.4 testvalue1305"
++other_name_utf8 = "1.2.3.4 testvalue1306"
++other_name_utf8 = "1.2.3.4 testvalue1307"
++other_name_utf8 = "1.2.3.4 testvalue1308"
++other_name_utf8 = "1.2.3.4 testvalue1309"
++other_name_utf8 = "1.2.3.4 testvalue1310"
++other_name_utf8 = "1.2.3.4 testvalue1311"
++other_name_utf8 = "1.2.3.4 testvalue1312"
++other_name_utf8 = "1.2.3.4 testvalue1313"
++other_name_utf8 = "1.2.3.4 testvalue1314"
++other_name_utf8 = "1.2.3.4 testvalue1315"
++other_name_utf8 = "1.2.3.4 testvalue1316"
++other_name_utf8 = "1.2.3.4 testvalue1317"
++other_name_utf8 = "1.2.3.4 testvalue1318"
++other_name_utf8 = "1.2.3.4 testvalue1319"
++other_name_utf8 = "1.2.3.4 testvalue1320"
++other_name_utf8 = "1.2.3.4 testvalue1321"
++other_name_utf8 = "1.2.3.4 testvalue1322"
++other_name_utf8 = "1.2.3.4 testvalue1323"
++other_name_utf8 = "1.2.3.4 testvalue1324"
++other_name_utf8 = "1.2.3.4 testvalue1325"
++other_name_utf8 = "1.2.3.4 testvalue1326"
++other_name_utf8 = "1.2.3.4 testvalue1327"
++other_name_utf8 = "1.2.3.4 testvalue1328"
++other_name_utf8 = "1.2.3.4 testvalue1329"
++other_name_utf8 = "1.2.3.4 testvalue1330"
++other_name_utf8 = "1.2.3.4 testvalue1331"
++other_name_utf8 = "1.2.3.4 testvalue1332"
++other_name_utf8 = "1.2.3.4 testvalue1333"
++other_name_utf8 = "1.2.3.4 testvalue1334"
++other_name_utf8 = "1.2.3.4 testvalue1335"
++other_name_utf8 = "1.2.3.4 testvalue1336"
++other_name_utf8 = "1.2.3.4 testvalue1337"
++other_name_utf8 = "1.2.3.4 testvalue1338"
++other_name_utf8 = "1.2.3.4 testvalue1339"
++other_name_utf8 = "1.2.3.4 testvalue1340"
++other_name_utf8 = "1.2.3.4 testvalue1341"
++other_name_utf8 = "1.2.3.4 testvalue1342"
++other_name_utf8 = "1.2.3.4 testvalue1343"
++other_name_utf8 = "1.2.3.4 testvalue1344"
++other_name_utf8 = "1.2.3.4 testvalue1345"
++other_name_utf8 = "1.2.3.4 testvalue1346"
++other_name_utf8 = "1.2.3.4 testvalue1347"
++other_name_utf8 = "1.2.3.4 testvalue1348"
++other_name_utf8 = "1.2.3.4 testvalue1349"
++other_name_utf8 = "1.2.3.4 testvalue1350"
++other_name_utf8 = "1.2.3.4 testvalue1351"
++other_name_utf8 = "1.2.3.4 testvalue1352"
++other_name_utf8 = "1.2.3.4 testvalue1353"
++other_name_utf8 = "1.2.3.4 testvalue1354"
++other_name_utf8 = "1.2.3.4 testvalue1355"
++other_name_utf8 = "1.2.3.4 testvalue1356"
++other_name_utf8 = "1.2.3.4 testvalue1357"
++other_name_utf8 = "1.2.3.4 testvalue1358"
++other_name_utf8 = "1.2.3.4 testvalue1359"
++other_name_utf8 = "1.2.3.4 testvalue1360"
++other_name_utf8 = "1.2.3.4 testvalue1361"
++other_name_utf8 = "1.2.3.4 testvalue1362"
++other_name_utf8 = "1.2.3.4 testvalue1363"
++other_name_utf8 = "1.2.3.4 testvalue1364"
++other_name_utf8 = "1.2.3.4 testvalue1365"
++other_name_utf8 = "1.2.3.4 testvalue1366"
++other_name_utf8 = "1.2.3.4 testvalue1367"
++other_name_utf8 = "1.2.3.4 testvalue1368"
++other_name_utf8 = "1.2.3.4 testvalue1369"
++other_name_utf8 = "1.2.3.4 testvalue1370"
++other_name_utf8 = "1.2.3.4 testvalue1371"
++other_name_utf8 = "1.2.3.4 testvalue1372"
++other_name_utf8 = "1.2.3.4 testvalue1373"
++other_name_utf8 = "1.2.3.4 testvalue1374"
++other_name_utf8 = "1.2.3.4 testvalue1375"
++other_name_utf8 = "1.2.3.4 testvalue1376"
++other_name_utf8 = "1.2.3.4 testvalue1377"
++other_name_utf8 = "1.2.3.4 testvalue1378"
++other_name_utf8 = "1.2.3.4 testvalue1379"
++other_name_utf8 = "1.2.3.4 testvalue1380"
++other_name_utf8 = "1.2.3.4 testvalue1381"
++other_name_utf8 = "1.2.3.4 testvalue1382"
++other_name_utf8 = "1.2.3.4 testvalue1383"
++other_name_utf8 = "1.2.3.4 testvalue1384"
++other_name_utf8 = "1.2.3.4 testvalue1385"
++other_name_utf8 = "1.2.3.4 testvalue1386"
++other_name_utf8 = "1.2.3.4 testvalue1387"
++other_name_utf8 = "1.2.3.4 testvalue1388"
++other_name_utf8 = "1.2.3.4 testvalue1389"
++other_name_utf8 = "1.2.3.4 testvalue1390"
++other_name_utf8 = "1.2.3.4 testvalue1391"
++other_name_utf8 = "1.2.3.4 testvalue1392"
++other_name_utf8 = "1.2.3.4 testvalue1393"
++other_name_utf8 = "1.2.3.4 testvalue1394"
++other_name_utf8 = "1.2.3.4 testvalue1395"
++other_name_utf8 = "1.2.3.4 testvalue1396"
++other_name_utf8 = "1.2.3.4 testvalue1397"
++other_name_utf8 = "1.2.3.4 testvalue1398"
++other_name_utf8 = "1.2.3.4 testvalue1399"
++other_name_utf8 = "1.2.3.4 testvalue1400"
++other_name_utf8 = "1.2.3.4 testvalue1401"
++other_name_utf8 = "1.2.3.4 testvalue1402"
++other_name_utf8 = "1.2.3.4 testvalue1403"
++other_name_utf8 = "1.2.3.4 testvalue1404"
++other_name_utf8 = "1.2.3.4 testvalue1405"
++other_name_utf8 = "1.2.3.4 testvalue1406"
++other_name_utf8 = "1.2.3.4 testvalue1407"
++other_name_utf8 = "1.2.3.4 testvalue1408"
++other_name_utf8 = "1.2.3.4 testvalue1409"
++other_name_utf8 = "1.2.3.4 testvalue1410"
++other_name_utf8 = "1.2.3.4 testvalue1411"
++other_name_utf8 = "1.2.3.4 testvalue1412"
++other_name_utf8 = "1.2.3.4 testvalue1413"
++other_name_utf8 = "1.2.3.4 testvalue1414"
++other_name_utf8 = "1.2.3.4 testvalue1415"
++other_name_utf8 = "1.2.3.4 testvalue1416"
++other_name_utf8 = "1.2.3.4 testvalue1417"
++other_name_utf8 = "1.2.3.4 testvalue1418"
++other_name_utf8 = "1.2.3.4 testvalue1419"
++other_name_utf8 = "1.2.3.4 testvalue1420"
++other_name_utf8 = "1.2.3.4 testvalue1421"
++other_name_utf8 = "1.2.3.4 testvalue1422"
++other_name_utf8 = "1.2.3.4 testvalue1423"
++other_name_utf8 = "1.2.3.4 testvalue1424"
++other_name_utf8 = "1.2.3.4 testvalue1425"
++other_name_utf8 = "1.2.3.4 testvalue1426"
++other_name_utf8 = "1.2.3.4 testvalue1427"
++other_name_utf8 = "1.2.3.4 testvalue1428"
++other_name_utf8 = "1.2.3.4 testvalue1429"
++other_name_utf8 = "1.2.3.4 testvalue1430"
++other_name_utf8 = "1.2.3.4 testvalue1431"
++other_name_utf8 = "1.2.3.4 testvalue1432"
++other_name_utf8 = "1.2.3.4 testvalue1433"
++other_name_utf8 = "1.2.3.4 testvalue1434"
++other_name_utf8 = "1.2.3.4 testvalue1435"
++other_name_utf8 = "1.2.3.4 testvalue1436"
++other_name_utf8 = "1.2.3.4 testvalue1437"
++other_name_utf8 = "1.2.3.4 testvalue1438"
++other_name_utf8 = "1.2.3.4 testvalue1439"
++other_name_utf8 = "1.2.3.4 testvalue1440"
++other_name_utf8 = "1.2.3.4 testvalue1441"
++other_name_utf8 = "1.2.3.4 testvalue1442"
++other_name_utf8 = "1.2.3.4 testvalue1443"
++other_name_utf8 = "1.2.3.4 testvalue1444"
++other_name_utf8 = "1.2.3.4 testvalue1445"
++other_name_utf8 = "1.2.3.4 testvalue1446"
++other_name_utf8 = "1.2.3.4 testvalue1447"
++other_name_utf8 = "1.2.3.4 testvalue1448"
++other_name_utf8 = "1.2.3.4 testvalue1449"
++other_name_utf8 = "1.2.3.4 testvalue1450"
++other_name_utf8 = "1.2.3.4 testvalue1451"
++other_name_utf8 = "1.2.3.4 testvalue1452"
++other_name_utf8 = "1.2.3.4 testvalue1453"
++other_name_utf8 = "1.2.3.4 testvalue1454"
++other_name_utf8 = "1.2.3.4 testvalue1455"
++other_name_utf8 = "1.2.3.4 testvalue1456"
++other_name_utf8 = "1.2.3.4 testvalue1457"
++other_name_utf8 = "1.2.3.4 testvalue1458"
++other_name_utf8 = "1.2.3.4 testvalue1459"
++other_name_utf8 = "1.2.3.4 testvalue1460"
++other_name_utf8 = "1.2.3.4 testvalue1461"
++other_name_utf8 = "1.2.3.4 testvalue1462"
++other_name_utf8 = "1.2.3.4 testvalue1463"
++other_name_utf8 = "1.2.3.4 testvalue1464"
++other_name_utf8 = "1.2.3.4 testvalue1465"
++other_name_utf8 = "1.2.3.4 testvalue1466"
++other_name_utf8 = "1.2.3.4 testvalue1467"
++other_name_utf8 = "1.2.3.4 testvalue1468"
++other_name_utf8 = "1.2.3.4 testvalue1469"
++other_name_utf8 = "1.2.3.4 testvalue1470"
++other_name_utf8 = "1.2.3.4 testvalue1471"
++other_name_utf8 = "1.2.3.4 testvalue1472"
++other_name_utf8 = "1.2.3.4 testvalue1473"
++other_name_utf8 = "1.2.3.4 testvalue1474"
++other_name_utf8 = "1.2.3.4 testvalue1475"
++other_name_utf8 = "1.2.3.4 testvalue1476"
++other_name_utf8 = "1.2.3.4 testvalue1477"
++other_name_utf8 = "1.2.3.4 testvalue1478"
++other_name_utf8 = "1.2.3.4 testvalue1479"
++other_name_utf8 = "1.2.3.4 testvalue1480"
++other_name_utf8 = "1.2.3.4 testvalue1481"
++other_name_utf8 = "1.2.3.4 testvalue1482"
++other_name_utf8 = "1.2.3.4 testvalue1483"
++other_name_utf8 = "1.2.3.4 testvalue1484"
++other_name_utf8 = "1.2.3.4 testvalue1485"
++other_name_utf8 = "1.2.3.4 testvalue1486"
++other_name_utf8 = "1.2.3.4 testvalue1487"
++other_name_utf8 = "1.2.3.4 testvalue1488"
++other_name_utf8 = "1.2.3.4 testvalue1489"
++other_name_utf8 = "1.2.3.4 testvalue1490"
++other_name_utf8 = "1.2.3.4 testvalue1491"
++other_name_utf8 = "1.2.3.4 testvalue1492"
++other_name_utf8 = "1.2.3.4 testvalue1493"
++other_name_utf8 = "1.2.3.4 testvalue1494"
++other_name_utf8 = "1.2.3.4 testvalue1495"
++other_name_utf8 = "1.2.3.4 testvalue1496"
++other_name_utf8 = "1.2.3.4 testvalue1497"
++other_name_utf8 = "1.2.3.4 testvalue1498"
++other_name_utf8 = "1.2.3.4 testvalue1499"
++other_name_utf8 = "1.2.3.4 testvalue1500"
++other_name_utf8 = "1.2.3.4 testvalue1501"
++other_name_utf8 = "1.2.3.4 testvalue1502"
++other_name_utf8 = "1.2.3.4 testvalue1503"
++other_name_utf8 = "1.2.3.4 testvalue1504"
++other_name_utf8 = "1.2.3.4 testvalue1505"
++other_name_utf8 = "1.2.3.4 testvalue1506"
++other_name_utf8 = "1.2.3.4 testvalue1507"
++other_name_utf8 = "1.2.3.4 testvalue1508"
++other_name_utf8 = "1.2.3.4 testvalue1509"
++other_name_utf8 = "1.2.3.4 testvalue1510"
++other_name_utf8 = "1.2.3.4 testvalue1511"
++other_name_utf8 = "1.2.3.4 testvalue1512"
++other_name_utf8 = "1.2.3.4 testvalue1513"
++other_name_utf8 = "1.2.3.4 testvalue1514"
++other_name_utf8 = "1.2.3.4 testvalue1515"
++other_name_utf8 = "1.2.3.4 testvalue1516"
++other_name_utf8 = "1.2.3.4 testvalue1517"
++other_name_utf8 = "1.2.3.4 testvalue1518"
++other_name_utf8 = "1.2.3.4 testvalue1519"
++other_name_utf8 = "1.2.3.4 testvalue1520"
++other_name_utf8 = "1.2.3.4 testvalue1521"
++other_name_utf8 = "1.2.3.4 testvalue1522"
++other_name_utf8 = "1.2.3.4 testvalue1523"
++other_name_utf8 = "1.2.3.4 testvalue1524"
++other_name_utf8 = "1.2.3.4 testvalue1525"
++other_name_utf8 = "1.2.3.4 testvalue1526"
++other_name_utf8 = "1.2.3.4 testvalue1527"
++other_name_utf8 = "1.2.3.4 testvalue1528"
++other_name_utf8 = "1.2.3.4 testvalue1529"
++other_name_utf8 = "1.2.3.4 testvalue1530"
++other_name_utf8 = "1.2.3.4 testvalue1531"
++other_name_utf8 = "1.2.3.4 testvalue1532"
++other_name_utf8 = "1.2.3.4 testvalue1533"
++other_name_utf8 = "1.2.3.4 testvalue1534"
++other_name_utf8 = "1.2.3.4 testvalue1535"
++other_name_utf8 = "1.2.3.4 testvalue1536"
++other_name_utf8 = "1.2.3.4 testvalue1537"
++other_name_utf8 = "1.2.3.4 testvalue1538"
++other_name_utf8 = "1.2.3.4 testvalue1539"
++other_name_utf8 = "1.2.3.4 testvalue1540"
++other_name_utf8 = "1.2.3.4 testvalue1541"
++other_name_utf8 = "1.2.3.4 testvalue1542"
++other_name_utf8 = "1.2.3.4 testvalue1543"
++other_name_utf8 = "1.2.3.4 testvalue1544"
++other_name_utf8 = "1.2.3.4 testvalue1545"
++other_name_utf8 = "1.2.3.4 testvalue1546"
++other_name_utf8 = "1.2.3.4 testvalue1547"
++other_name_utf8 = "1.2.3.4 testvalue1548"
++other_name_utf8 = "1.2.3.4 testvalue1549"
++other_name_utf8 = "1.2.3.4 testvalue1550"
++other_name_utf8 = "1.2.3.4 testvalue1551"
++other_name_utf8 = "1.2.3.4 testvalue1552"
++other_name_utf8 = "1.2.3.4 testvalue1553"
++other_name_utf8 = "1.2.3.4 testvalue1554"
++other_name_utf8 = "1.2.3.4 testvalue1555"
++other_name_utf8 = "1.2.3.4 testvalue1556"
++other_name_utf8 = "1.2.3.4 testvalue1557"
++other_name_utf8 = "1.2.3.4 testvalue1558"
++other_name_utf8 = "1.2.3.4 testvalue1559"
++other_name_utf8 = "1.2.3.4 testvalue1560"
++other_name_utf8 = "1.2.3.4 testvalue1561"
++other_name_utf8 = "1.2.3.4 testvalue1562"
++other_name_utf8 = "1.2.3.4 testvalue1563"
++other_name_utf8 = "1.2.3.4 testvalue1564"
++other_name_utf8 = "1.2.3.4 testvalue1565"
++other_name_utf8 = "1.2.3.4 testvalue1566"
++other_name_utf8 = "1.2.3.4 testvalue1567"
++other_name_utf8 = "1.2.3.4 testvalue1568"
++other_name_utf8 = "1.2.3.4 testvalue1569"
++other_name_utf8 = "1.2.3.4 testvalue1570"
++other_name_utf8 = "1.2.3.4 testvalue1571"
++other_name_utf8 = "1.2.3.4 testvalue1572"
++other_name_utf8 = "1.2.3.4 testvalue1573"
++other_name_utf8 = "1.2.3.4 testvalue1574"
++other_name_utf8 = "1.2.3.4 testvalue1575"
++other_name_utf8 = "1.2.3.4 testvalue1576"
++other_name_utf8 = "1.2.3.4 testvalue1577"
++other_name_utf8 = "1.2.3.4 testvalue1578"
++other_name_utf8 = "1.2.3.4 testvalue1579"
++other_name_utf8 = "1.2.3.4 testvalue1580"
++other_name_utf8 = "1.2.3.4 testvalue1581"
++other_name_utf8 = "1.2.3.4 testvalue1582"
++other_name_utf8 = "1.2.3.4 testvalue1583"
++other_name_utf8 = "1.2.3.4 testvalue1584"
++other_name_utf8 = "1.2.3.4 testvalue1585"
++other_name_utf8 = "1.2.3.4 testvalue1586"
++other_name_utf8 = "1.2.3.4 testvalue1587"
++other_name_utf8 = "1.2.3.4 testvalue1588"
++other_name_utf8 = "1.2.3.4 testvalue1589"
++other_name_utf8 = "1.2.3.4 testvalue1590"
++other_name_utf8 = "1.2.3.4 testvalue1591"
++other_name_utf8 = "1.2.3.4 testvalue1592"
++other_name_utf8 = "1.2.3.4 testvalue1593"
++other_name_utf8 = "1.2.3.4 testvalue1594"
++other_name_utf8 = "1.2.3.4 testvalue1595"
++other_name_utf8 = "1.2.3.4 testvalue1596"
++other_name_utf8 = "1.2.3.4 testvalue1597"
++other_name_utf8 = "1.2.3.4 testvalue1598"
++other_name_utf8 = "1.2.3.4 testvalue1599"
++other_name_utf8 = "1.2.3.4 testvalue1600"
++other_name_utf8 = "1.2.3.4 testvalue1601"
++other_name_utf8 = "1.2.3.4 testvalue1602"
++other_name_utf8 = "1.2.3.4 testvalue1603"
++other_name_utf8 = "1.2.3.4 testvalue1604"
++other_name_utf8 = "1.2.3.4 testvalue1605"
++other_name_utf8 = "1.2.3.4 testvalue1606"
++other_name_utf8 = "1.2.3.4 testvalue1607"
++other_name_utf8 = "1.2.3.4 testvalue1608"
++other_name_utf8 = "1.2.3.4 testvalue1609"
++other_name_utf8 = "1.2.3.4 testvalue1610"
++other_name_utf8 = "1.2.3.4 testvalue1611"
++other_name_utf8 = "1.2.3.4 testvalue1612"
++other_name_utf8 = "1.2.3.4 testvalue1613"
++other_name_utf8 = "1.2.3.4 testvalue1614"
++other_name_utf8 = "1.2.3.4 testvalue1615"
++other_name_utf8 = "1.2.3.4 testvalue1616"
++other_name_utf8 = "1.2.3.4 testvalue1617"
++other_name_utf8 = "1.2.3.4 testvalue1618"
++other_name_utf8 = "1.2.3.4 testvalue1619"
++other_name_utf8 = "1.2.3.4 testvalue1620"
++other_name_utf8 = "1.2.3.4 testvalue1621"
++other_name_utf8 = "1.2.3.4 testvalue1622"
++other_name_utf8 = "1.2.3.4 testvalue1623"
++other_name_utf8 = "1.2.3.4 testvalue1624"
++other_name_utf8 = "1.2.3.4 testvalue1625"
++other_name_utf8 = "1.2.3.4 testvalue1626"
++other_name_utf8 = "1.2.3.4 testvalue1627"
++other_name_utf8 = "1.2.3.4 testvalue1628"
++other_name_utf8 = "1.2.3.4 testvalue1629"
++other_name_utf8 = "1.2.3.4 testvalue1630"
++other_name_utf8 = "1.2.3.4 testvalue1631"
++other_name_utf8 = "1.2.3.4 testvalue1632"
++other_name_utf8 = "1.2.3.4 testvalue1633"
++other_name_utf8 = "1.2.3.4 testvalue1634"
++other_name_utf8 = "1.2.3.4 testvalue1635"
++other_name_utf8 = "1.2.3.4 testvalue1636"
++other_name_utf8 = "1.2.3.4 testvalue1637"
++other_name_utf8 = "1.2.3.4 testvalue1638"
++other_name_utf8 = "1.2.3.4 testvalue1639"
++other_name_utf8 = "1.2.3.4 testvalue1640"
++other_name_utf8 = "1.2.3.4 testvalue1641"
++other_name_utf8 = "1.2.3.4 testvalue1642"
++other_name_utf8 = "1.2.3.4 testvalue1643"
++other_name_utf8 = "1.2.3.4 testvalue1644"
++other_name_utf8 = "1.2.3.4 testvalue1645"
++other_name_utf8 = "1.2.3.4 testvalue1646"
++other_name_utf8 = "1.2.3.4 testvalue1647"
++other_name_utf8 = "1.2.3.4 testvalue1648"
++other_name_utf8 = "1.2.3.4 testvalue1649"
++other_name_utf8 = "1.2.3.4 testvalue1650"
++other_name_utf8 = "1.2.3.4 testvalue1651"
++other_name_utf8 = "1.2.3.4 testvalue1652"
++other_name_utf8 = "1.2.3.4 testvalue1653"
++other_name_utf8 = "1.2.3.4 testvalue1654"
++other_name_utf8 = "1.2.3.4 testvalue1655"
++other_name_utf8 = "1.2.3.4 testvalue1656"
++other_name_utf8 = "1.2.3.4 testvalue1657"
++other_name_utf8 = "1.2.3.4 testvalue1658"
++other_name_utf8 = "1.2.3.4 testvalue1659"
++other_name_utf8 = "1.2.3.4 testvalue1660"
++other_name_utf8 = "1.2.3.4 testvalue1661"
++other_name_utf8 = "1.2.3.4 testvalue1662"
++other_name_utf8 = "1.2.3.4 testvalue1663"
++other_name_utf8 = "1.2.3.4 testvalue1664"
++other_name_utf8 = "1.2.3.4 testvalue1665"
++other_name_utf8 = "1.2.3.4 testvalue1666"
++other_name_utf8 = "1.2.3.4 testvalue1667"
++other_name_utf8 = "1.2.3.4 testvalue1668"
++other_name_utf8 = "1.2.3.4 testvalue1669"
++other_name_utf8 = "1.2.3.4 testvalue1670"
++other_name_utf8 = "1.2.3.4 testvalue1671"
++other_name_utf8 = "1.2.3.4 testvalue1672"
++other_name_utf8 = "1.2.3.4 testvalue1673"
++other_name_utf8 = "1.2.3.4 testvalue1674"
++other_name_utf8 = "1.2.3.4 testvalue1675"
++other_name_utf8 = "1.2.3.4 testvalue1676"
++other_name_utf8 = "1.2.3.4 testvalue1677"
++other_name_utf8 = "1.2.3.4 testvalue1678"
++other_name_utf8 = "1.2.3.4 testvalue1679"
++other_name_utf8 = "1.2.3.4 testvalue1680"
++other_name_utf8 = "1.2.3.4 testvalue1681"
++other_name_utf8 = "1.2.3.4 testvalue1682"
++other_name_utf8 = "1.2.3.4 testvalue1683"
++other_name_utf8 = "1.2.3.4 testvalue1684"
++other_name_utf8 = "1.2.3.4 testvalue1685"
++other_name_utf8 = "1.2.3.4 testvalue1686"
++other_name_utf8 = "1.2.3.4 testvalue1687"
++other_name_utf8 = "1.2.3.4 testvalue1688"
++other_name_utf8 = "1.2.3.4 testvalue1689"
++other_name_utf8 = "1.2.3.4 testvalue1690"
++other_name_utf8 = "1.2.3.4 testvalue1691"
++other_name_utf8 = "1.2.3.4 testvalue1692"
++other_name_utf8 = "1.2.3.4 testvalue1693"
++other_name_utf8 = "1.2.3.4 testvalue1694"
++other_name_utf8 = "1.2.3.4 testvalue1695"
++other_name_utf8 = "1.2.3.4 testvalue1696"
++other_name_utf8 = "1.2.3.4 testvalue1697"
++other_name_utf8 = "1.2.3.4 testvalue1698"
++other_name_utf8 = "1.2.3.4 testvalue1699"
++other_name_utf8 = "1.2.3.4 testvalue1700"
++other_name_utf8 = "1.2.3.4 testvalue1701"
++other_name_utf8 = "1.2.3.4 testvalue1702"
++other_name_utf8 = "1.2.3.4 testvalue1703"
++other_name_utf8 = "1.2.3.4 testvalue1704"
++other_name_utf8 = "1.2.3.4 testvalue1705"
++other_name_utf8 = "1.2.3.4 testvalue1706"
++other_name_utf8 = "1.2.3.4 testvalue1707"
++other_name_utf8 = "1.2.3.4 testvalue1708"
++other_name_utf8 = "1.2.3.4 testvalue1709"
++other_name_utf8 = "1.2.3.4 testvalue1710"
++other_name_utf8 = "1.2.3.4 testvalue1711"
++other_name_utf8 = "1.2.3.4 testvalue1712"
++other_name_utf8 = "1.2.3.4 testvalue1713"
++other_name_utf8 = "1.2.3.4 testvalue1714"
++other_name_utf8 = "1.2.3.4 testvalue1715"
++other_name_utf8 = "1.2.3.4 testvalue1716"
++other_name_utf8 = "1.2.3.4 testvalue1717"
++other_name_utf8 = "1.2.3.4 testvalue1718"
++other_name_utf8 = "1.2.3.4 testvalue1719"
++other_name_utf8 = "1.2.3.4 testvalue1720"
++other_name_utf8 = "1.2.3.4 testvalue1721"
++other_name_utf8 = "1.2.3.4 testvalue1722"
++other_name_utf8 = "1.2.3.4 testvalue1723"
++other_name_utf8 = "1.2.3.4 testvalue1724"
++other_name_utf8 = "1.2.3.4 testvalue1725"
++other_name_utf8 = "1.2.3.4 testvalue1726"
++other_name_utf8 = "1.2.3.4 testvalue1727"
++other_name_utf8 = "1.2.3.4 testvalue1728"
++other_name_utf8 = "1.2.3.4 testvalue1729"
++other_name_utf8 = "1.2.3.4 testvalue1730"
++other_name_utf8 = "1.2.3.4 testvalue1731"
++other_name_utf8 = "1.2.3.4 testvalue1732"
++other_name_utf8 = "1.2.3.4 testvalue1733"
++other_name_utf8 = "1.2.3.4 testvalue1734"
++other_name_utf8 = "1.2.3.4 testvalue1735"
++other_name_utf8 = "1.2.3.4 testvalue1736"
++other_name_utf8 = "1.2.3.4 testvalue1737"
++other_name_utf8 = "1.2.3.4 testvalue1738"
++other_name_utf8 = "1.2.3.4 testvalue1739"
++other_name_utf8 = "1.2.3.4 testvalue1740"
++other_name_utf8 = "1.2.3.4 testvalue1741"
++other_name_utf8 = "1.2.3.4 testvalue1742"
++other_name_utf8 = "1.2.3.4 testvalue1743"
++other_name_utf8 = "1.2.3.4 testvalue1744"
++other_name_utf8 = "1.2.3.4 testvalue1745"
++other_name_utf8 = "1.2.3.4 testvalue1746"
++other_name_utf8 = "1.2.3.4 testvalue1747"
++other_name_utf8 = "1.2.3.4 testvalue1748"
++other_name_utf8 = "1.2.3.4 testvalue1749"
++other_name_utf8 = "1.2.3.4 testvalue1750"
++other_name_utf8 = "1.2.3.4 testvalue1751"
++other_name_utf8 = "1.2.3.4 testvalue1752"
++other_name_utf8 = "1.2.3.4 testvalue1753"
++other_name_utf8 = "1.2.3.4 testvalue1754"
++other_name_utf8 = "1.2.3.4 testvalue1755"
++other_name_utf8 = "1.2.3.4 testvalue1756"
++other_name_utf8 = "1.2.3.4 testvalue1757"
++other_name_utf8 = "1.2.3.4 testvalue1758"
++other_name_utf8 = "1.2.3.4 testvalue1759"
++other_name_utf8 = "1.2.3.4 testvalue1760"
++other_name_utf8 = "1.2.3.4 testvalue1761"
++other_name_utf8 = "1.2.3.4 testvalue1762"
++other_name_utf8 = "1.2.3.4 testvalue1763"
++other_name_utf8 = "1.2.3.4 testvalue1764"
++other_name_utf8 = "1.2.3.4 testvalue1765"
++other_name_utf8 = "1.2.3.4 testvalue1766"
++other_name_utf8 = "1.2.3.4 testvalue1767"
++other_name_utf8 = "1.2.3.4 testvalue1768"
++other_name_utf8 = "1.2.3.4 testvalue1769"
++other_name_utf8 = "1.2.3.4 testvalue1770"
++other_name_utf8 = "1.2.3.4 testvalue1771"
++other_name_utf8 = "1.2.3.4 testvalue1772"
++other_name_utf8 = "1.2.3.4 testvalue1773"
++other_name_utf8 = "1.2.3.4 testvalue1774"
++other_name_utf8 = "1.2.3.4 testvalue1775"
++other_name_utf8 = "1.2.3.4 testvalue1776"
++other_name_utf8 = "1.2.3.4 testvalue1777"
++other_name_utf8 = "1.2.3.4 testvalue1778"
++other_name_utf8 = "1.2.3.4 testvalue1779"
++other_name_utf8 = "1.2.3.4 testvalue1780"
++other_name_utf8 = "1.2.3.4 testvalue1781"
++other_name_utf8 = "1.2.3.4 testvalue1782"
++other_name_utf8 = "1.2.3.4 testvalue1783"
++other_name_utf8 = "1.2.3.4 testvalue1784"
++other_name_utf8 = "1.2.3.4 testvalue1785"
++other_name_utf8 = "1.2.3.4 testvalue1786"
++other_name_utf8 = "1.2.3.4 testvalue1787"
++other_name_utf8 = "1.2.3.4 testvalue1788"
++other_name_utf8 = "1.2.3.4 testvalue1789"
++other_name_utf8 = "1.2.3.4 testvalue1790"
++other_name_utf8 = "1.2.3.4 testvalue1791"
++other_name_utf8 = "1.2.3.4 testvalue1792"
++other_name_utf8 = "1.2.3.4 testvalue1793"
++other_name_utf8 = "1.2.3.4 testvalue1794"
++other_name_utf8 = "1.2.3.4 testvalue1795"
++other_name_utf8 = "1.2.3.4 testvalue1796"
++other_name_utf8 = "1.2.3.4 testvalue1797"
++other_name_utf8 = "1.2.3.4 testvalue1798"
++other_name_utf8 = "1.2.3.4 testvalue1799"
++other_name_utf8 = "1.2.3.4 testvalue1800"
++other_name_utf8 = "1.2.3.4 testvalue1801"
++other_name_utf8 = "1.2.3.4 testvalue1802"
++other_name_utf8 = "1.2.3.4 testvalue1803"
++other_name_utf8 = "1.2.3.4 testvalue1804"
++other_name_utf8 = "1.2.3.4 testvalue1805"
++other_name_utf8 = "1.2.3.4 testvalue1806"
++other_name_utf8 = "1.2.3.4 testvalue1807"
++other_name_utf8 = "1.2.3.4 testvalue1808"
++other_name_utf8 = "1.2.3.4 testvalue1809"
++other_name_utf8 = "1.2.3.4 testvalue1810"
++other_name_utf8 = "1.2.3.4 testvalue1811"
++other_name_utf8 = "1.2.3.4 testvalue1812"
++other_name_utf8 = "1.2.3.4 testvalue1813"
++other_name_utf8 = "1.2.3.4 testvalue1814"
++other_name_utf8 = "1.2.3.4 testvalue1815"
++other_name_utf8 = "1.2.3.4 testvalue1816"
++other_name_utf8 = "1.2.3.4 testvalue1817"
++other_name_utf8 = "1.2.3.4 testvalue1818"
++other_name_utf8 = "1.2.3.4 testvalue1819"
++other_name_utf8 = "1.2.3.4 testvalue1820"
++other_name_utf8 = "1.2.3.4 testvalue1821"
++other_name_utf8 = "1.2.3.4 testvalue1822"
++other_name_utf8 = "1.2.3.4 testvalue1823"
++other_name_utf8 = "1.2.3.4 testvalue1824"
++other_name_utf8 = "1.2.3.4 testvalue1825"
++other_name_utf8 = "1.2.3.4 testvalue1826"
++other_name_utf8 = "1.2.3.4 testvalue1827"
++other_name_utf8 = "1.2.3.4 testvalue1828"
++other_name_utf8 = "1.2.3.4 testvalue1829"
++other_name_utf8 = "1.2.3.4 testvalue1830"
++other_name_utf8 = "1.2.3.4 testvalue1831"
++other_name_utf8 = "1.2.3.4 testvalue1832"
++other_name_utf8 = "1.2.3.4 testvalue1833"
++other_name_utf8 = "1.2.3.4 testvalue1834"
++other_name_utf8 = "1.2.3.4 testvalue1835"
++other_name_utf8 = "1.2.3.4 testvalue1836"
++other_name_utf8 = "1.2.3.4 testvalue1837"
++other_name_utf8 = "1.2.3.4 testvalue1838"
++other_name_utf8 = "1.2.3.4 testvalue1839"
++other_name_utf8 = "1.2.3.4 testvalue1840"
++other_name_utf8 = "1.2.3.4 testvalue1841"
++other_name_utf8 = "1.2.3.4 testvalue1842"
++other_name_utf8 = "1.2.3.4 testvalue1843"
++other_name_utf8 = "1.2.3.4 testvalue1844"
++other_name_utf8 = "1.2.3.4 testvalue1845"
++other_name_utf8 = "1.2.3.4 testvalue1846"
++other_name_utf8 = "1.2.3.4 testvalue1847"
++other_name_utf8 = "1.2.3.4 testvalue1848"
++other_name_utf8 = "1.2.3.4 testvalue1849"
++other_name_utf8 = "1.2.3.4 testvalue1850"
++other_name_utf8 = "1.2.3.4 testvalue1851"
++other_name_utf8 = "1.2.3.4 testvalue1852"
++other_name_utf8 = "1.2.3.4 testvalue1853"
++other_name_utf8 = "1.2.3.4 testvalue1854"
++other_name_utf8 = "1.2.3.4 testvalue1855"
++other_name_utf8 = "1.2.3.4 testvalue1856"
++other_name_utf8 = "1.2.3.4 testvalue1857"
++other_name_utf8 = "1.2.3.4 testvalue1858"
++other_name_utf8 = "1.2.3.4 testvalue1859"
++other_name_utf8 = "1.2.3.4 testvalue1860"
++other_name_utf8 = "1.2.3.4 testvalue1861"
++other_name_utf8 = "1.2.3.4 testvalue1862"
++other_name_utf8 = "1.2.3.4 testvalue1863"
++other_name_utf8 = "1.2.3.4 testvalue1864"
++other_name_utf8 = "1.2.3.4 testvalue1865"
++other_name_utf8 = "1.2.3.4 testvalue1866"
++other_name_utf8 = "1.2.3.4 testvalue1867"
++other_name_utf8 = "1.2.3.4 testvalue1868"
++other_name_utf8 = "1.2.3.4 testvalue1869"
++other_name_utf8 = "1.2.3.4 testvalue1870"
++other_name_utf8 = "1.2.3.4 testvalue1871"
++other_name_utf8 = "1.2.3.4 testvalue1872"
++other_name_utf8 = "1.2.3.4 testvalue1873"
++other_name_utf8 = "1.2.3.4 testvalue1874"
++other_name_utf8 = "1.2.3.4 testvalue1875"
++other_name_utf8 = "1.2.3.4 testvalue1876"
++other_name_utf8 = "1.2.3.4 testvalue1877"
++other_name_utf8 = "1.2.3.4 testvalue1878"
++other_name_utf8 = "1.2.3.4 testvalue1879"
++other_name_utf8 = "1.2.3.4 testvalue1880"
++other_name_utf8 = "1.2.3.4 testvalue1881"
++other_name_utf8 = "1.2.3.4 testvalue1882"
++other_name_utf8 = "1.2.3.4 testvalue1883"
++other_name_utf8 = "1.2.3.4 testvalue1884"
++other_name_utf8 = "1.2.3.4 testvalue1885"
++other_name_utf8 = "1.2.3.4 testvalue1886"
++other_name_utf8 = "1.2.3.4 testvalue1887"
++other_name_utf8 = "1.2.3.4 testvalue1888"
++other_name_utf8 = "1.2.3.4 testvalue1889"
++other_name_utf8 = "1.2.3.4 testvalue1890"
++other_name_utf8 = "1.2.3.4 testvalue1891"
++other_name_utf8 = "1.2.3.4 testvalue1892"
++other_name_utf8 = "1.2.3.4 testvalue1893"
++other_name_utf8 = "1.2.3.4 testvalue1894"
++other_name_utf8 = "1.2.3.4 testvalue1895"
++other_name_utf8 = "1.2.3.4 testvalue1896"
++other_name_utf8 = "1.2.3.4 testvalue1897"
++other_name_utf8 = "1.2.3.4 testvalue1898"
++other_name_utf8 = "1.2.3.4 testvalue1899"
++other_name_utf8 = "1.2.3.4 testvalue1900"
++other_name_utf8 = "1.2.3.4 testvalue1901"
++other_name_utf8 = "1.2.3.4 testvalue1902"
++other_name_utf8 = "1.2.3.4 testvalue1903"
++other_name_utf8 = "1.2.3.4 testvalue1904"
++other_name_utf8 = "1.2.3.4 testvalue1905"
++other_name_utf8 = "1.2.3.4 testvalue1906"
++other_name_utf8 = "1.2.3.4 testvalue1907"
++other_name_utf8 = "1.2.3.4 testvalue1908"
++other_name_utf8 = "1.2.3.4 testvalue1909"
++other_name_utf8 = "1.2.3.4 testvalue1910"
++other_name_utf8 = "1.2.3.4 testvalue1911"
++other_name_utf8 = "1.2.3.4 testvalue1912"
++other_name_utf8 = "1.2.3.4 testvalue1913"
++other_name_utf8 = "1.2.3.4 testvalue1914"
++other_name_utf8 = "1.2.3.4 testvalue1915"
++other_name_utf8 = "1.2.3.4 testvalue1916"
++other_name_utf8 = "1.2.3.4 testvalue1917"
++other_name_utf8 = "1.2.3.4 testvalue1918"
++other_name_utf8 = "1.2.3.4 testvalue1919"
++other_name_utf8 = "1.2.3.4 testvalue1920"
++other_name_utf8 = "1.2.3.4 testvalue1921"
++other_name_utf8 = "1.2.3.4 testvalue1922"
++other_name_utf8 = "1.2.3.4 testvalue1923"
++other_name_utf8 = "1.2.3.4 testvalue1924"
++other_name_utf8 = "1.2.3.4 testvalue1925"
++other_name_utf8 = "1.2.3.4 testvalue1926"
++other_name_utf8 = "1.2.3.4 testvalue1927"
++other_name_utf8 = "1.2.3.4 testvalue1928"
++other_name_utf8 = "1.2.3.4 testvalue1929"
++other_name_utf8 = "1.2.3.4 testvalue1930"
++other_name_utf8 = "1.2.3.4 testvalue1931"
++other_name_utf8 = "1.2.3.4 testvalue1932"
++other_name_utf8 = "1.2.3.4 testvalue1933"
++other_name_utf8 = "1.2.3.4 testvalue1934"
++other_name_utf8 = "1.2.3.4 testvalue1935"
++other_name_utf8 = "1.2.3.4 testvalue1936"
++other_name_utf8 = "1.2.3.4 testvalue1937"
++other_name_utf8 = "1.2.3.4 testvalue1938"
++other_name_utf8 = "1.2.3.4 testvalue1939"
++other_name_utf8 = "1.2.3.4 testvalue1940"
++other_name_utf8 = "1.2.3.4 testvalue1941"
++other_name_utf8 = "1.2.3.4 testvalue1942"
++other_name_utf8 = "1.2.3.4 testvalue1943"
++other_name_utf8 = "1.2.3.4 testvalue1944"
++other_name_utf8 = "1.2.3.4 testvalue1945"
++other_name_utf8 = "1.2.3.4 testvalue1946"
++other_name_utf8 = "1.2.3.4 testvalue1947"
++other_name_utf8 = "1.2.3.4 testvalue1948"
++other_name_utf8 = "1.2.3.4 testvalue1949"
++other_name_utf8 = "1.2.3.4 testvalue1950"
++other_name_utf8 = "1.2.3.4 testvalue1951"
++other_name_utf8 = "1.2.3.4 testvalue1952"
++other_name_utf8 = "1.2.3.4 testvalue1953"
++other_name_utf8 = "1.2.3.4 testvalue1954"
++other_name_utf8 = "1.2.3.4 testvalue1955"
++other_name_utf8 = "1.2.3.4 testvalue1956"
++other_name_utf8 = "1.2.3.4 testvalue1957"
++other_name_utf8 = "1.2.3.4 testvalue1958"
++other_name_utf8 = "1.2.3.4 testvalue1959"
++other_name_utf8 = "1.2.3.4 testvalue1960"
++other_name_utf8 = "1.2.3.4 testvalue1961"
++other_name_utf8 = "1.2.3.4 testvalue1962"
++other_name_utf8 = "1.2.3.4 testvalue1963"
++other_name_utf8 = "1.2.3.4 testvalue1964"
++other_name_utf8 = "1.2.3.4 testvalue1965"
++other_name_utf8 = "1.2.3.4 testvalue1966"
++other_name_utf8 = "1.2.3.4 testvalue1967"
++other_name_utf8 = "1.2.3.4 testvalue1968"
++other_name_utf8 = "1.2.3.4 testvalue1969"
++other_name_utf8 = "1.2.3.4 testvalue1970"
++other_name_utf8 = "1.2.3.4 testvalue1971"
++other_name_utf8 = "1.2.3.4 testvalue1972"
++other_name_utf8 = "1.2.3.4 testvalue1973"
++other_name_utf8 = "1.2.3.4 testvalue1974"
++other_name_utf8 = "1.2.3.4 testvalue1975"
++other_name_utf8 = "1.2.3.4 testvalue1976"
++other_name_utf8 = "1.2.3.4 testvalue1977"
++other_name_utf8 = "1.2.3.4 testvalue1978"
++other_name_utf8 = "1.2.3.4 testvalue1979"
++other_name_utf8 = "1.2.3.4 testvalue1980"
++other_name_utf8 = "1.2.3.4 testvalue1981"
++other_name_utf8 = "1.2.3.4 testvalue1982"
++other_name_utf8 = "1.2.3.4 testvalue1983"
++other_name_utf8 = "1.2.3.4 testvalue1984"
++other_name_utf8 = "1.2.3.4 testvalue1985"
++other_name_utf8 = "1.2.3.4 testvalue1986"
++other_name_utf8 = "1.2.3.4 testvalue1987"
++other_name_utf8 = "1.2.3.4 testvalue1988"
++other_name_utf8 = "1.2.3.4 testvalue1989"
++other_name_utf8 = "1.2.3.4 testvalue1990"
++other_name_utf8 = "1.2.3.4 testvalue1991"
++other_name_utf8 = "1.2.3.4 testvalue1992"
++other_name_utf8 = "1.2.3.4 testvalue1993"
++other_name_utf8 = "1.2.3.4 testvalue1994"
++other_name_utf8 = "1.2.3.4 testvalue1995"
++other_name_utf8 = "1.2.3.4 testvalue1996"
++other_name_utf8 = "1.2.3.4 testvalue1997"
++other_name_utf8 = "1.2.3.4 testvalue1998"
++other_name_utf8 = "1.2.3.4 testvalue1999"
diff --git a/meta/recipes-support/gnutls/gnutls_3.7.4.bb b/meta/recipes-support/gnutls/gnutls_3.7.4.bb
index 33553e617e..30d4342d00 100644
--- a/meta/recipes-support/gnutls/gnutls_3.7.4.bb
+++ b/meta/recipes-support/gnutls/gnutls_3.7.4.bb
@@ -36,6 +36,7 @@ SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar
            file://0001-x509-reject-zero-length-version-in-certificate-reque.patch \
            file://3e94dcdff862ef5d6db8b5cc8e59310b5f0cdfe2 \
            file://CVE-2025-32988.patch \
+           file://CVE-2025-32990.patch \
            "
 
 SRC_URI[sha256sum] = "e6adbebcfbc95867de01060d93c789938cf89cc1d1f6ef9ef661890f6217451f"
-- 
2.43.0

[OE-core][kirkstone 07/10] gnutls: patch CVE-2025-6395

[Steve Sakoman]

From: Peter Marko <peter.marko@siemens.com>

Pick relevant commit from 3.8.10 release MR [1].

[1] https://gitlab.com/gnutls/gnutls/-/merge_requests/1979

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../gnutls/gnutls/CVE-2025-6395.patch         | 299 ++++++++++++++++++
 meta/recipes-support/gnutls/gnutls_3.7.4.bb   |   1 +
 2 files changed, 300 insertions(+)
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-6395.patch

diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2025-6395.patch b/meta/recipes-support/gnutls/gnutls/CVE-2025-6395.patch
new file mode 100644
index 0000000000..9bc98ef6e4
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2025-6395.patch
@@ -0,0 +1,299 @@
+From 23135619773e6ec087ff2abc65405bd4d5676bad Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <ueno@gnu.org>
+Date: Mon, 7 Jul 2025 11:15:45 +0900
+Subject: [PATCH] handshake: clear HSK_PSK_SELECTED is when resetting
+ binders
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+When a TLS 1.3 handshake involves HRR and resumption or PSK, and the
+second Client Hello omits PSK, the server would result in a NULL
+pointer dereference as the PSK binder information is cleared while the
+HSK_PSK_SELECTED flag is still set. This makes sure that
+HSK_PSK_SELECTED flag is always cleared when the PSK binders are
+reset. This also makes it clear the HSK_PSK_SELECTED flag is valid
+only during a handshake; after that, whether PSK is used can be
+checked with gnutls_auth_client_get_type.
+
+Reported by Stefan Bühler.
+
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+
+CVE: CVE-2025-6395
+Upstream-Status: Backport [https://gitlab.com/gnutls/gnutls/-/commit/23135619773e6ec087ff2abc65405bd4d5676bad]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ NEWS                                  |   4 +
+ lib/handshake.c                       |  25 +++-
+ lib/state.c                           |   4 +-
+ tests/Makefile.am                     |   2 +
+ tests/tls13/hello_retry_request_psk.c | 173 ++++++++++++++++++++++++++
+ 5 files changed, 204 insertions(+), 4 deletions(-)
+ create mode 100644 tests/tls13/hello_retry_request_psk.c
+
+diff --git a/NEWS b/NEWS
+index 1334516c6..d800e83b0 100644
+--- a/NEWS
++++ b/NEWS
+@@ -5,6 +5,10 @@ Copyright (C) 2000-2016 Free Software Foundation, Inc.
+ Copyright (C) 2013-2019 Nikos Mavrogiannopoulos
+ See the end for copying conditions.
+ 
++** libgnutls: Fix NULL pointer dereference when 2nd Client Hello omits PSK
++   Reported by Stefan Bühler. [GNUTLS-SA-2025-07-07-4, CVSS: medium]
++   [CVE-2025-6395]
++
+ ** libgnutls: Fix heap read buffer overrun in parsing X.509 SCTS timestamps
+    Spotted by oss-fuzz and reported by OpenAI Security Research Team,
+    and fix developed by Andrew Hamilton. [GNUTLS-SA-2025-07-07-1,
+diff --git a/lib/handshake.c b/lib/handshake.c
+index 722307be7..489d02194 100644
+--- a/lib/handshake.c
++++ b/lib/handshake.c
+@@ -590,9 +590,28 @@ static int set_auth_types(gnutls_session_t session)
+ 		/* Under TLS1.3 this returns a KX which matches the negotiated
+ 		 * groups from the key shares; if we are resuming then the KX seen
+ 		 * here doesn't match the original session. */
+-		if (!session->internals.resumed)
+-			kx = gnutls_kx_get(session);
+-		else
++		if (!session->internals.resumed) {
++			const gnutls_group_entry_st *group = get_group(session);
++
++			if (session->internals.hsk_flags & HSK_PSK_SELECTED) {
++				if (group) {
++					kx = group->pk == GNUTLS_PK_DH ?
++						     GNUTLS_KX_DHE_PSK :
++						     GNUTLS_KX_ECDHE_PSK;
++				} else {
++					kx = GNUTLS_KX_PSK;
++				}
++			} else if (group) {
++				/* Not necessarily be RSA, but just to
++				 * make _gnutls_map_kx_get_cred below
++				 * work.
++				 */
++				kx = group->pk == GNUTLS_PK_DH ?
++					     GNUTLS_KX_DHE_RSA :
++					     GNUTLS_KX_ECDHE_RSA;
++			} else
++				kx = GNUTLS_KX_UNKNOWN;
++		} else
+ 			kx = GNUTLS_KX_UNKNOWN;
+ 	} else {
+ 		/* TLS1.2 or earlier, kx is associated with ciphersuite */
+diff --git a/lib/state.c b/lib/state.c
+index ec514c0cd..10ec0eadb 100644
+--- a/lib/state.c
++++ b/lib/state.c
+@@ -206,7 +206,8 @@ gnutls_kx_algorithm_t gnutls_kx_get(gnutls_session_t session)
+ 		const gnutls_group_entry_st *group = get_group(session);
+ 
+ 		if (ver->tls13_sem) {
+-			if (session->internals.hsk_flags & HSK_PSK_SELECTED) {
++			if (gnutls_auth_client_get_type(session) ==
++			    GNUTLS_CRD_PSK) {
+ 				if (group) {
+ 					if (group->pk == GNUTLS_PK_DH)
+ 						return GNUTLS_KX_DHE_PSK;
+@@ -357,6 +358,7 @@ void reset_binders(gnutls_session_t session)
+ 	_gnutls_free_temp_key_datum(&session->key.binders[0].psk);
+ 	_gnutls_free_temp_key_datum(&session->key.binders[1].psk);
+ 	memset(session->key.binders, 0, sizeof(session->key.binders));
++	session->internals.hsk_flags &= ~HSK_PSK_SELECTED;
+ }
+ 
+ /* Check whether certificate credentials of type @cert_type are set
+diff --git a/tests/Makefile.am b/tests/Makefile.am
+index c2d226a00..e43faf10f 100644
+--- a/tests/Makefile.am
++++ b/tests/Makefile.am
+@@ -128,6 +128,8 @@ ctests += tls13/hello_retry_request
+ 
+ ctests += tls13/hello_retry_request_resume
+ 
++ctests += tls13/hello_retry_request_psk
++
+ ctests += tls13/psk-ext
+ 
+ ctests += tls13/key_update
+diff --git a/tests/tls13/hello_retry_request_psk.c b/tests/tls13/hello_retry_request_psk.c
+new file mode 100644
+index 000000000..a20cb0d96
+--- /dev/null
++++ b/tests/tls13/hello_retry_request_psk.c
+@@ -0,0 +1,173 @@
++/*
++ * Copyright (C) 2017-2025 Red Hat, Inc.
++ *
++ * Author: Nikos Mavrogiannopoulos, Daiki Ueno
++ *
++ * This file is part of GnuTLS.
++ *
++ * GnuTLS is free software; you can redistribute it and/or modify it
++ * under the terms of the GNU General Public License as published by
++ * the Free Software Foundation; either version 3 of the License, or
++ * (at your option) any later version.
++ *
++ * GnuTLS is distributed in the hope that it will be useful, but
++ * WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++ * General Public License for more details.
++ *
++ * You should have received a copy of the GNU Lesser General Public License
++ * along with this program.  If not, see <https://www.gnu.org/licenses/>
++ */
++
++#ifdef HAVE_CONFIG_H
++#include "config.h"
++#endif
++
++#include <stdio.h>
++#include <stdlib.h>
++#include <stdint.h>
++
++#include <string.h>
++#include <gnutls/gnutls.h>
++#include <assert.h>
++
++#include "cert-common.h"
++#include "utils.h"
++#include "tls13/ext-parse.h"
++#include "eagain-common.h"
++
++/* This program exercises the case where a TLS 1.3 handshake ends up
++ * with HRR, and the first CH includes PSK while the 2nd CH omits
++ * it */
++
++const char *testname = "hello entry request";
++
++const char *side = "";
++
++#define myfail(fmt, ...) fail("%s: " fmt, testname, ##__VA_ARGS__)
++
++static void tls_log_func(int level, const char *str)
++{
++	fprintf(stderr, "%s|<%d>| %s", side, level, str);
++}
++
++struct ctx_st {
++	unsigned hrr_seen;
++	unsigned hello_counter;
++};
++
++static int pskfunc(gnutls_session_t session, const char *username,
++		   gnutls_datum_t *key)
++{
++	if (debug)
++		printf("psk: username %s\n", username);
++	key->data = gnutls_malloc(4);
++	key->data[0] = 0xDE;
++	key->data[1] = 0xAD;
++	key->data[2] = 0xBE;
++	key->data[3] = 0xEF;
++	key->size = 4;
++	return 0;
++}
++
++static int hello_callback(gnutls_session_t session, unsigned int htype,
++			  unsigned post, unsigned int incoming,
++			  const gnutls_datum_t *msg)
++{
++	struct ctx_st *ctx = gnutls_session_get_ptr(session);
++	assert(ctx != NULL);
++
++	if (htype == GNUTLS_HANDSHAKE_HELLO_RETRY_REQUEST)
++		ctx->hrr_seen = 1;
++
++	if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO) {
++		if (post == GNUTLS_HOOK_POST)
++			ctx->hello_counter++;
++		else {
++			/* Unset the PSK credential to omit the extension */
++			gnutls_credentials_set(session, GNUTLS_CRD_PSK, NULL);
++		}
++	}
++
++	return 0;
++}
++
++void doit(void)
++{
++	int sret, cret;
++	gnutls_psk_server_credentials_t scred;
++	gnutls_psk_client_credentials_t ccred;
++	gnutls_certificate_credentials_t ccred2;
++	gnutls_session_t server, client;
++	/* Need to enable anonymous KX specifically. */
++	const gnutls_datum_t key = { (void *)"DEADBEEF", 8 };
++
++	struct ctx_st ctx;
++	memset(&ctx, 0, sizeof(ctx));
++
++	global_init();
++
++	gnutls_global_set_log_function(tls_log_func);
++	if (debug)
++		gnutls_global_set_log_level(9);
++
++	/* Init server */
++	assert(gnutls_psk_allocate_server_credentials(&scred) >= 0);
++	gnutls_psk_set_server_credentials_function(scred, pskfunc);
++
++	gnutls_init(&server, GNUTLS_SERVER);
++
++	assert(gnutls_priority_set_direct(
++		       server,
++		       "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:+DHE-PSK",
++		       NULL) >= 0);
++
++	gnutls_credentials_set(server, GNUTLS_CRD_PSK, scred);
++	gnutls_transport_set_push_function(server, server_push);
++	gnutls_transport_set_pull_function(server, server_pull);
++	gnutls_transport_set_ptr(server, server);
++
++	/* Init client */
++	assert(gnutls_psk_allocate_client_credentials(&ccred) >= 0);
++	gnutls_psk_set_client_credentials(ccred, "test", &key,
++					  GNUTLS_PSK_KEY_HEX);
++	assert(gnutls_certificate_allocate_credentials(&ccred2) >= 0);
++
++	assert(gnutls_init(&client, GNUTLS_CLIENT | GNUTLS_KEY_SHARE_TOP) >= 0);
++
++	gnutls_session_set_ptr(client, &ctx);
++
++	cret = gnutls_priority_set_direct(
++		client,
++		"NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-X25519:+DHE-PSK",
++		NULL);
++	if (cret < 0)
++		myfail("cannot set TLS 1.3 priorities\n");
++
++	gnutls_credentials_set(client, GNUTLS_CRD_PSK, ccred);
++	gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, ccred2);
++	gnutls_transport_set_push_function(client, client_push);
++	gnutls_transport_set_pull_function(client, client_pull);
++	gnutls_transport_set_ptr(client, client);
++
++	gnutls_handshake_set_hook_function(client, GNUTLS_HANDSHAKE_ANY,
++					   GNUTLS_HOOK_BOTH, hello_callback);
++
++	HANDSHAKE_EXPECT(client, server, GNUTLS_E_AGAIN,
++			 GNUTLS_E_INSUFFICIENT_CREDENTIALS);
++
++	assert(ctx.hrr_seen != 0);
++
++	gnutls_bye(client, GNUTLS_SHUT_WR);
++	gnutls_bye(server, GNUTLS_SHUT_WR);
++
++	gnutls_deinit(client);
++	gnutls_deinit(server);
++
++	gnutls_psk_free_server_credentials(scred);
++	gnutls_psk_free_client_credentials(ccred);
++	gnutls_certificate_free_credentials(ccred2);
++
++	gnutls_global_deinit();
++	reset_buffers();
++}
diff --git a/meta/recipes-support/gnutls/gnutls_3.7.4.bb b/meta/recipes-support/gnutls/gnutls_3.7.4.bb
index 30d4342d00..8c8e08855b 100644
--- a/meta/recipes-support/gnutls/gnutls_3.7.4.bb
+++ b/meta/recipes-support/gnutls/gnutls_3.7.4.bb
@@ -37,6 +37,7 @@ SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar
            file://3e94dcdff862ef5d6db8b5cc8e59310b5f0cdfe2 \
            file://CVE-2025-32988.patch \
            file://CVE-2025-32990.patch \
+           file://CVE-2025-6395.patch \
            "
 
 SRC_URI[sha256sum] = "e6adbebcfbc95867de01060d93c789938cf89cc1d1f6ef9ef661890f6217451f"
-- 
2.43.0

[OE-core][kirkstone 08/10] libxml2: patch CVE-2025-6170

[Steve Sakoman]

From: Peter Marko <peter.marko@siemens.com>

Pick commit referencing this CVE from 2.13 branch.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libxml/libxml2/CVE-2025-6170.patch        | 103 ++++++++++++++++++
 meta/recipes-core/libxml/libxml2_2.9.14.bb    |   1 +
 2 files changed, 104 insertions(+)
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-6170.patch

diff --git a/meta/recipes-core/libxml/libxml2/CVE-2025-6170.patch b/meta/recipes-core/libxml/libxml2/CVE-2025-6170.patch
new file mode 100644
index 0000000000..a63ae1cff7
--- /dev/null
+++ b/meta/recipes-core/libxml/libxml2/CVE-2025-6170.patch
@@ -0,0 +1,103 @@
+From 5e9ec5c107d3f5b5179c3dbc19df43df041cd55b Mon Sep 17 00:00:00 2001
+From: Michael Mann <mmann78@netscape.net>
+Date: Fri, 20 Jun 2025 23:05:00 -0400
+Subject: [PATCH] [CVE-2025-6170] Fix potential buffer overflows of interactive
+ shell
+
+Fixes #941
+
+CVE: CVE-2025-6170
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/5e9ec5c107d3f5b5179c3dbc19df43df041cd55b]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ debugXML.c                       | 15 ++++++++++-----
+ result/scripts/long_command      |  8 ++++++++
+ test/scripts/long_command.script |  6 ++++++
+ test/scripts/long_command.xml    |  1 +
+ 4 files changed, 25 insertions(+), 5 deletions(-)
+ create mode 100644 result/scripts/long_command
+ create mode 100644 test/scripts/long_command.script
+ create mode 100644 test/scripts/long_command.xml
+
+diff --git a/debugXML.c b/debugXML.c
+index ed56b0f8..452b9573 100644
+--- a/debugXML.c
++++ b/debugXML.c
+@@ -1050,6 +1050,10 @@ xmlCtxtDumpOneNode(xmlDebugCtxtPtr ctxt, xmlNodePtr node)
+     xmlCtxtGenericNodeCheck(ctxt, node);
+ }
+ 
++#define MAX_PROMPT_SIZE     500
++#define MAX_ARG_SIZE        400
++#define MAX_COMMAND_SIZE    100
++
+ /**
+  * xmlCtxtDumpNode:
+  * @output:  the FILE * for the output
+@@ -2802,10 +2806,10 @@ void
+ xmlShell(xmlDocPtr doc, char *filename, xmlShellReadlineFunc input,
+          FILE * output)
+ {
+-    char prompt[500] = "/ > ";
++    char prompt[MAX_PROMPT_SIZE] = "/ > ";
+     char *cmdline = NULL, *cur;
+-    char command[100];
+-    char arg[400];
++    char command[MAX_COMMAND_SIZE];
++    char arg[MAX_ARG_SIZE];
+     int i;
+     xmlShellCtxtPtr ctxt;
+     xmlXPathObjectPtr list;
+@@ -2863,7 +2867,8 @@ xmlShell(xmlDocPtr doc, char *filename, xmlShellReadlineFunc input,
+             cur++;
+         i = 0;
+         while ((*cur != ' ') && (*cur != '\t') &&
+-               (*cur != '\n') && (*cur != '\r')) {
++               (*cur != '\n') && (*cur != '\r') &&
++               (i < (MAX_COMMAND_SIZE - 1))) {
+             if (*cur == 0)
+                 break;
+             command[i++] = *cur++;
+@@ -2878,7 +2883,7 @@ xmlShell(xmlDocPtr doc, char *filename, xmlShellReadlineFunc input,
+         while ((*cur == ' ') || (*cur == '\t'))
+             cur++;
+         i = 0;
+-        while ((*cur != '\n') && (*cur != '\r') && (*cur != 0)) {
++        while ((*cur != '\n') && (*cur != '\r') && (*cur != 0) && (i < (MAX_ARG_SIZE-1))) {
+             if (*cur == 0)
+                 break;
+             arg[i++] = *cur++;
+diff --git a/result/scripts/long_command b/result/scripts/long_command
+new file mode 100644
+index 00000000..e6f00708
+--- /dev/null
++++ b/result/scripts/long_command
+@@ -0,0 +1,8 @@
++/ > b > b > Object is a Node Set :
++Set contains 1 nodes:
++1  ELEMENT a:c
++b > Unknown command This_is_a_really_long_command_string_designed_to_test_the_limits_of_the_memory_that_stores_the_comm
++b > b > Unknown command ess_currents_of_time_and_existence
++b > <?xml version="1.0"?>
++<a xmlns:a="bar"><b xmlns:a="foo">Navigating_the_labyrinthine_corridors_of_human_cognition_one_often_encounters_the_perplexing_paradox_that_the_more_we_delve_into_the_intricate_dance_of_neural_pathways_and_synaptic_firings_the_further_we_seem_to_stray_from_a_truly_holistic_understanding_of_consciousness_a_phenomenon_that_remains_as_elusive_as_a_moonbeam_caught_in_a_spiderweb_yet_undeniably_shapes_every_fleeting_thought_every_prof</b></a>
++b > 
+\ No newline at end of file
+diff --git a/test/scripts/long_command.script b/test/scripts/long_command.script
+new file mode 100644
+index 00000000..00f6df09
+--- /dev/null
++++ b/test/scripts/long_command.script
+@@ -0,0 +1,6 @@
++cd a/b
++set <a:c/>
++xpath //*[namespace-uri()="foo"]
++This_is_a_really_long_command_string_designed_to_test_the_limits_of_the_memory_that_stores_the_command_please_dont_crash foo
++set Navigating_the_labyrinthine_corridors_of_human_cognition_one_often_encounters_the_perplexing_paradox_that_the_more_we_delve_into_the_intricate_dance_of_neural_pathways_and_synaptic_firings_the_further_we_seem_to_stray_from_a_truly_holistic_understanding_of_consciousness_a_phenomenon_that_remains_as_elusive_as_a_moonbeam_caught_in_a_spiderweb_yet_undeniably_shapes_every_fleeting_thought_every_profound_emotion_and_every_grand_aspiration_that_propels_our_species_ever_onward_through_the_relentless_currents_of_time_and_existence
++save -
+diff --git a/test/scripts/long_command.xml b/test/scripts/long_command.xml
+new file mode 100644
+index 00000000..1ba44016
+--- /dev/null
++++ b/test/scripts/long_command.xml
+@@ -0,0 +1 @@
++<a xmlns:a="bar"><b xmlns:a="foo"/></a>
diff --git a/meta/recipes-core/libxml/libxml2_2.9.14.bb b/meta/recipes-core/libxml/libxml2_2.9.14.bb
index baac155270..f34b0c25ca 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.14.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9.14.bb
@@ -41,6 +41,7 @@ SRC_URI += "http://www.w3.org/XML/Test/xmlts20080827.tar;subdir=${BP};name=testt
            file://CVE-2025-32415.patch \
            file://CVE-2025-6021.patch \
            file://CVE-2025-49794-CVE-2025-49796.patch \
+           file://CVE-2025-6170.patch \
            "
 
 SRC_URI[archive.sha256sum] = "60d74a257d1ccec0475e749cba2f21559e48139efba6ff28224357c7c798dfee"
-- 
2.43.0

[OE-core][kirkstone 09/10] binutils: Fix CVE-2025-7545

[Steve Sakoman]

From: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>

objcopy: Don't extend the output section size
Since the output section contents are copied from the input, don't
extend the output section size beyond the input section size.

Backport a patch from upstream to fix CVE-2025-7545
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944]

Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../binutils/binutils-2.38.inc                |  1 +
 .../binutils/0043-CVE-2025-7545.patch         | 39 +++++++++++++++++++
 2 files changed, 40 insertions(+)
 create mode 100644 meta/recipes-devtools/binutils/binutils/0043-CVE-2025-7545.patch

diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc
index 4a460eb8d9..527334ccec 100644
--- a/meta/recipes-devtools/binutils/binutils-2.38.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.38.inc
@@ -79,5 +79,6 @@ SRC_URI = "\
      file://0041-CVE-2025-5244.patch \
      file://0042-CVE-2025-5245.patch \
      file://0043-CVE-2025-7546.patch \
+     file://0043-CVE-2025-7545.patch \
 "
 S  = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/0043-CVE-2025-7545.patch b/meta/recipes-devtools/binutils/binutils/0043-CVE-2025-7545.patch
new file mode 100644
index 0000000000..0019ac28de
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0043-CVE-2025-7545.patch
@@ -0,0 +1,39 @@
+From: "H.J. Lu" <hjl.tools@gmail.com>
+Date: Sat, 21 Jun 2025 06:36:56 +0800
+
+Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944]
+CVE: CVE-2025-7545
+
+Since the output section contents are copied from the input, don't
+extend the output section size beyond the input section size.
+
+	PR binutils/33049
+	* objcopy.c (copy_section): Don't extend the output section
+	size beyond the input section size.
+
+Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
+
+diff --git a/binutils/objcopy.c b/binutils/objcopy.c
+index d53aa5c6..874f163b 100644
+--- a/binutils/objcopy.c
++++ b/binutils/objcopy.c
+@@ -4444,6 +4444,7 @@ copy_section (bfd *ibfd, sec_ptr isection, void *obfdarg)
+ 	  char *to = (char *) memhunk;
+ 	  char *end = (char *) memhunk + size;
+ 	  int i;
++	  bfd_size_type memhunk_size = size;
+ 
+ 	  /* If the section address is not exactly divisible by the interleave,
+ 	     then we must bias the from address.  If the copy_byte is less than
+@@ -4463,6 +4464,11 @@ copy_section (bfd *ibfd, sec_ptr isection, void *obfdarg)
+ 	      }
+ 
+ 	  size = (size + interleave - 1 - copy_byte) / interleave * copy_width;
++
++	  /* Don't extend the output section size.  */
++	  if (size > memhunk_size)
++           size = memhunk_size;
++
+ 	  osection->lma /= interleave;
+ 	  if (copy_byte < extra)
+ 	    osection->lma++;
-- 
2.43.0

[OE-core][kirkstone 10/10] sqlite3: Fix CVE-2025-6965

[Steve Sakoman]

From: Vijay Anusuri <vanusuri@mvista.com>

Upstream-Status: Backport from https://github.com/sqlite/sqlite/commit/c52e9d97d485a3eb168e3f8f3674a7bc4b419703

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../sqlite/files/CVE-2025-6965.patch          | 115 ++++++++++++++++++
 meta/recipes-support/sqlite/sqlite3_3.38.5.bb |   1 +
 2 files changed, 116 insertions(+)
 create mode 100644 meta/recipes-support/sqlite/files/CVE-2025-6965.patch

diff --git a/meta/recipes-support/sqlite/files/CVE-2025-6965.patch b/meta/recipes-support/sqlite/files/CVE-2025-6965.patch
new file mode 100644
index 0000000000..e3e087ed32
--- /dev/null
+++ b/meta/recipes-support/sqlite/files/CVE-2025-6965.patch
@@ -0,0 +1,115 @@
+From c52e9d97d485a3eb168e3f8f3674a7bc4b419703 Mon Sep 17 00:00:00 2001
+From: drh <>
+Date: Fri, 27 Jun 2025 19:02:21 +0000
+Subject: [PATCH] Raise an error right away if the number of aggregate terms in
+ a query exceeds the maximum number of columns.
+
+FossilOrigin-Name: 5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8
+
+Upstream-Status: Backport [https://github.com/sqlite/sqlite/commit/c52e9d97d485a3eb168e3f8f3674a7bc4b419703]
+CVE: CVE-2025-6965
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ sqlite3.c | 31 +++++++++++++++++++++++++++----
+ 1 file changed, 27 insertions(+), 4 deletions(-)
+
+diff --git a/sqlite3.c b/sqlite3.c
+index 27bea6f..19d0438 100644
+--- a/sqlite3.c
++++ b/sqlite3.c
+@@ -14354,6 +14354,14 @@ typedef INT16_TYPE LogEst;
+ #define LARGEST_UINT64 (0xffffffff|(((u64)0xffffffff)<<32))
+ #define SMALLEST_INT64 (((i64)-1) - LARGEST_INT64)
+ 
++/*
++** Macro SMXV(n) return the maximum value that can be held in variable n,
++** assuming n is a signed integer type.  UMXV(n) is similar for unsigned
++** integer types.
++*/
++#define SMXV(n) ((((i64)1)<<(sizeof(n)*8-1))-1)
++#define UMXV(n) ((((i64)1)<<(sizeof(n)*8))-1)
++
+ /*
+ ** Round up a number to the next larger multiple of 8.  This is used
+ ** to force 8-byte alignment on 64-bit architectures.
+@@ -17939,7 +17947,7 @@ struct AggInfo {
+                           ** than the source table */
+   int sortingIdx;         /* Cursor number of the sorting index */
+   int sortingIdxPTab;     /* Cursor number of pseudo-table */
+-  int nSortingColumn;     /* Number of columns in the sorting index */
++  u32 nSortingColumn;     /* Number of columns in the sorting index */
+   int mnReg, mxReg;       /* Range of registers allocated for aCol and aFunc */
+   ExprList *pGroupBy;     /* The group by clause */
+   struct AggInfo_col {    /* For each column used in source tables */
+@@ -17947,8 +17955,8 @@ struct AggInfo {
+     Expr *pCExpr;            /* The original expression */
+     int iTable;              /* Cursor number of the source table */
+     int iMem;                /* Memory location that acts as accumulator */
+-    i16 iColumn;             /* Column number within the source table */
+-    i16 iSorterColumn;       /* Column number in the sorting index */
++    int iColumn;             /* Column number within the source table */
++    int iSorterColumn;       /* Column number in the sorting index */
+   } *aCol;
+   int nColumn;            /* Number of used entries in aCol[] */
+   int nAccumulator;       /* Number of columns that show through to the output.
+@@ -108641,6 +108649,9 @@ static int analyzeAggregate(Walker *pWalker, Expr *pExpr){
+             ** is not an entry there already.
+             */
+             int k;
++            int mxTerm = pParse->db->aLimit[SQLITE_LIMIT_COLUMN];
++
++	    assert( mxTerm <= SMXV(i16) );
+             pCol = pAggInfo->aCol;
+             for(k=0; k<pAggInfo->nColumn; k++, pCol++){
+               if( pCol->iTable==pExpr->iTable &&
+@@ -108648,6 +108659,10 @@ static int analyzeAggregate(Walker *pWalker, Expr *pExpr){
+                 break;
+               }
+             }
++	    if( k>mxTerm ){
++	      sqlite3ErrorMsg(pParse, "more than %d aggregate terms", mxTerm);
++	      k = mxTerm;
++	    }
+             if( (k>=pAggInfo->nColumn)
+              && (k = addAggInfoColumn(pParse->db, pAggInfo))>=0
+             ){
+@@ -108685,6 +108700,7 @@ static int analyzeAggregate(Walker *pWalker, Expr *pExpr){
+             ExprSetVVAProperty(pExpr, EP_NoReduce);
+             pExpr->pAggInfo = pAggInfo;
+             pExpr->op = TK_AGG_COLUMN;
++	    assert( k <= SMXV(pExpr->iAgg) );
+             pExpr->iAgg = (i16)k;
+             break;
+           } /* endif pExpr->iTable==pItem->iCursor */
+@@ -108700,13 +108716,19 @@ static int analyzeAggregate(Walker *pWalker, Expr *pExpr){
+         ** function that is already in the pAggInfo structure
+         */
+         struct AggInfo_func *pItem = pAggInfo->aFunc;
++	int mxTerm = pParse->db->aLimit[SQLITE_LIMIT_COLUMN];
++	assert( mxTerm <= SMXV(i16) );
+         for(i=0; i<pAggInfo->nFunc; i++, pItem++){
+           if( pItem->pFExpr==pExpr ) break;
+           if( sqlite3ExprCompare(0, pItem->pFExpr, pExpr, -1)==0 ){
+             break;
+           }
+         }
+-        if( i>=pAggInfo->nFunc ){
++        if( i>mxTerm ){
++	  sqlite3ErrorMsg(pParse, "more than %d aggregate terms", mxTerm);
++	  i = mxTerm;
++	  assert( i<pAggInfo->nFunc );
++	}else if( i>=pAggInfo->nFunc ){
+           /* pExpr is original.  Make a new entry in pAggInfo->aFunc[]
+           */
+           u8 enc = ENC(pParse->db);
+@@ -108731,6 +108753,7 @@ static int analyzeAggregate(Walker *pWalker, Expr *pExpr){
+         */
+         assert( !ExprHasProperty(pExpr, EP_TokenOnly|EP_Reduced) );
+         ExprSetVVAProperty(pExpr, EP_NoReduce);
++	assert( i <= SMXV(pExpr->iAgg) );
+         pExpr->iAgg = (i16)i;
+         pExpr->pAggInfo = pAggInfo;
+         return WRC_Prune;
+-- 
+2.25.1
+
diff --git a/meta/recipes-support/sqlite/sqlite3_3.38.5.bb b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb
index f47a9871e2..656e2d8bd8 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.38.5.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb
@@ -9,6 +9,7 @@ SRC_URI = "http://www.sqlite.org/2022/sqlite-autoconf-${SQLITE_PV}.tar.gz \
            file://CVE-2023-36191.patch \
            file://CVE-2023-7104.patch \
            file://CVE-2025-29088.patch \
+           file://CVE-2025-6965.patch \
            "
 SRC_URI[sha256sum] = "5af07de982ba658fd91a03170c945f99c971f6955bc79df3266544373e39869c"
 
-- 
2.43.0

[OE-core][kirkstone 00/10] Patch review

[Steve Sakoman]

Please review this set of hcanges for kirkstone and have comments back by
end of day Tuesday, December 30

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/2920

The following changes since commit 2ed3f8b938579dbbb804e04c45a968cc57761db7:

  build-appliance-image: Update to kirkstone head revision (2025-12-12 08:52:06 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Aleksandar Nikolic (1):
  scripts/install-buildtools: Update to 4.0.31

Changqing Li (1):
  libsoup: fix CVE-2025-12105

Deepesh Varatharajan (1):
  binutils: Fix CVE-2025-11494

Kai Kang (1):
  qemu: fix CVE-2025-12464

Libo Chen (1):
  go: Fix CVE-2023-39323

Liyin Zhang (1):
  rsync: fix CVE-2025-10158

Martin Jansa (1):
  cross.bbclass: Propagate dependencies to outhash

Mingli Yu (1):
  libxslt: Fix CVE-2025-11731

Yash Shinde (2):
  binutils: fix CVE-2025-11839
  binutils: fix CVE-2025-11840

 meta/classes/cross.bbclass                    | 36 ++++++++++
 .../binutils/binutils-2.38.inc                |  3 +
 .../binutils/0048-CVE-2025-11494.patch        | 43 ++++++++++++
 .../binutils/0049-CVE-2025-11839.patch        | 32 +++++++++
 .../binutils/0050-CVE-2025-11840.patch        | 37 ++++++++++
 meta/recipes-devtools/go/go-1.17.13.inc       |  1 +
 .../go/go-1.21/CVE-2023-39323.patch           | 55 +++++++++++++++
 meta/recipes-devtools/qemu/qemu.inc           |  1 +
 .../qemu/qemu/CVE-2025-12464.patch            | 70 +++++++++++++++++++
 .../rsync/files/CVE-2025-10158.patch          | 36 ++++++++++
 meta/recipes-devtools/rsync/rsync_3.2.7.bb    |  1 +
 .../libsoup/libsoup/CVE-2025-12105.patch      | 34 +++++++++
 meta/recipes-support/libsoup/libsoup_3.0.7.bb |  1 +
 .../libxslt/libxslt/CVE-2025-11731.patch      | 42 +++++++++++
 .../recipes-support/libxslt/libxslt_1.1.35.bb |  1 +
 scripts/install-buildtools                    |  4 +-
 16 files changed, 395 insertions(+), 2 deletions(-)
 create mode 100644 meta/recipes-devtools/binutils/binutils/0048-CVE-2025-11494.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0049-CVE-2025-11839.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0050-CVE-2025-11840.patch
 create mode 100644 meta/recipes-devtools/go/go-1.21/CVE-2023-39323.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2025-12464.patch
 create mode 100644 meta/recipes-devtools/rsync/files/CVE-2025-10158.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-12105.patch
 create mode 100644 meta/recipes-support/libxslt/libxslt/CVE-2025-11731.patch

-- 
2.43.0

[OE-core][kirkstone 00/10] Patch review

[Steve Sakoman]

Please review this set of changes for kirkstone and have comments back by
end of day Thursday, December 4

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2808

The following changes since commit ceef3cde9b761b7b5de6f7b6b1fb8e99663af9ca:

  flac: patch seeking bug (2025-11-24 07:34:36 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Archana Polampalli (4):
  go: fix CVE-2025-58187
  go: fix CVE-2025-58189
  go: fix CVE-2025-61723
  go: fix CVE-2025-61724

Gyorgy Sarvari (1):
  systemd-bootchart: update SRC_URI branch

Peter Marko (5):
  gnutls: patch CVE-2025-9820
  libpng: patch CVE-2025-64505
  libpng: patch CVE-2025-64506
  libpng: patch CVE-2025-64720
  libpng: patch CVE-2025-65018

 meta/recipes-devtools/go/go-1.17.13.inc       |   4 +
 .../go/go-1.18/CVE-2025-58187.patch           | 349 ++++++++++++++++++
 .../go/go-1.18/CVE-2025-58189.patch           |  51 +++
 .../go/go-1.18/CVE-2025-61723.patch           | 221 +++++++++++
 .../go/go-1.18/CVE-2025-61724.patch           |  74 ++++
 .../systemd-bootchart_234.bb                  |   2 +-
 .../libpng/files/CVE-2025-64505-01.patch      | 111 ++++++
 .../libpng/files/CVE-2025-64505-02.patch      | 163 ++++++++
 .../libpng/files/CVE-2025-64505-03.patch      |  52 +++
 .../libpng/files/CVE-2025-64506.patch         |  57 +++
 .../libpng/files/CVE-2025-64720.patch         | 103 ++++++
 .../libpng/files/CVE-2025-65018-01.patch      |  60 +++
 .../libpng/files/CVE-2025-65018-02.patch      | 163 ++++++++
 .../libpng/libpng_1.6.39.bb                   |   7 +
 .../gnutls/gnutls/CVE-2025-9820.patch         | 250 +++++++++++++
 meta/recipes-support/gnutls/gnutls_3.7.4.bb   |   1 +
 16 files changed, 1667 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2025-58187.patch
 create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2025-58189.patch
 create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2025-61723.patch
 create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2025-61724.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2025-64505-01.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2025-64505-02.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2025-64505-03.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2025-64506.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2025-64720.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2025-65018-01.patch
 create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2025-65018-02.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2025-9820.patch

-- 
2.43.0

[OE-core][kirkstone 00/10] Patch review

[Steve Sakoman]

Please review this set of changes for kirkstone and have comments back by
end of day Monday, November 17

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2720

The following changes since commit 1e1993b72f2b6109ce3d0ef950553b74b2b37b27:

  Don't use ftp.gnome.org (2025-11-03 09:18:14 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Alexander Kanavin (2):
  xf86-video-intel: correct SRC_URI as freedesktop anongit is down
  goarch.bbclass: do not leak TUNE_FEATURES into crosssdk task
    signatures

Gyorgy Sarvari (2):
  efibootmgr: update SRC_URI branch
  babeltrace2: fetch with https protocol

Peter Marko (1):
  curl: ignore CVE-2025-10966

Saquib Iltaf (1):
  rust-cross-canadian: Ignore CVE-2024-43402

Soumya Sambu (1):
  python3-urllib3: Upgrade 1.26.18 -> 1.26.20

Vijay Anusuri (3):
  xserver-xorg: Fix for CVE-2025-62229
  xserver-xorg: Fix for CVE-2025-62230
  xserver-xorg: Fix for CVE-2025-62231

 meta/classes/goarch.bbclass                   |  3 +
 meta/recipes-bsp/efibootmgr/efibootmgr_17.bb  |  2 +-
 ..._1.26.18.bb => python3-urllib3_1.26.20.bb} |  2 +-
 .../rust/rust-cross-canadian.inc              |  2 +
 .../xorg-driver/xf86-video-intel_git.bb       |  3 +-
 .../xserver-xorg/CVE-2025-62229.patch         | 89 ++++++++++++++++++
 .../xserver-xorg/CVE-2025-62230-1.patch       | 63 +++++++++++++
 .../xserver-xorg/CVE-2025-62230-2.patch       | 92 +++++++++++++++++++
 .../xserver-xorg/CVE-2025-62231.patch         | 53 +++++++++++
 .../xorg-xserver/xserver-xorg_21.1.8.bb       |  4 +
 .../recipes-kernel/lttng/babeltrace2_2.0.5.bb |  2 +-
 meta/recipes-support/curl/curl_7.82.0.bb      |  2 +
 12 files changed, 312 insertions(+), 5 deletions(-)
 rename meta/recipes-devtools/python/{python3-urllib3_1.26.18.bb => python3-urllib3_1.26.20.bb} (87%)
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2025-62229.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2025-62230-1.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2025-62230-2.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2025-62231.patch

-- 
2.43.0

[OE-core][kirkstone 00/10] Patch review

[Steve Sakoman]

Please review this set of changes for kirkstone and have comments back by
end of day Tuesday, July 29

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2092

The following changes since commit d9f424921179a52ffe053411c44f20e44e7deba1:

  tcf-agent: correct the SRC_URI (2025-07-15 06:42:30 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Aleksandar Nikolic (1):
  scripts/install-buildtools: Update to 4.0.28

Daniel Díaz (1):
  ffmpeg: Ignore two CVEs fixed in 5.0.3

Deepesh Varatharajan (1):
  glibc: stable 2.35 branch updates

Hitendra Prajapati (1):
  libpam: fix CVE-2025-6020

Martin Jansa (1):
  db: ignore implicit-int and implicit-function-declaration issues fatal
    with gcc-14

Peter Marko (2):
  orc: set CVE_PRODUCT
  ncurses: patch CVE-2025-6141

Rob Woolley (1):
  ruby: correct fix for CVE-2024-43398

Yash Shinde (1):
  binutils: Fix CVE-2025-7546

Yogita Urade (1):
  gnupg: fix CVE-2025-30258

 meta/recipes-core/glibc/glibc-version.inc     |    2 +-
 .../glibc/glibc/0025-CVE-2025-4802.patch      |    3 +-
 meta/recipes-core/glibc/glibc_2.35.bb         |    2 +-
 .../ncurses/files/CVE-2025-6141.patch         |   25 +
 .../ncurses/ncurses_6.3+20220423.bb           |    1 +
 .../binutils/binutils-2.38.inc                |    1 +
 .../binutils/0043-CVE-2025-7546.patch         |   44 +
 meta/recipes-devtools/orc/orc_0.4.40.bb       |    3 +
 .../ruby/ruby/CVE-2024-43398-0001.patch       |  212 +++
 .../ruby/ruby/CVE-2024-43398-0002.patch       |  130 ++
 ...-43398.patch => CVE-2024-43398-0003.patch} |   23 +-
 meta/recipes-devtools/ruby/ruby_3.1.3.bb      |    4 +-
 ...001-pam_inline-introduce-pam_asprint.patch |  102 ++
 .../0001-pam_namespace-include-stdint-h.patch |   42 +
 .../pam/libpam/CVE-2025-6020-01.patch         | 1588 +++++++++++++++++
 .../pam/libpam/CVE-2025-6020-02.patch         |  187 ++
 .../pam/libpam/CVE-2025-6020-03.patch         |   35 +
 meta/recipes-extended/pam/libpam_1.5.2.bb     |    5 +
 .../recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb |    6 +
 meta/recipes-support/db/db_5.3.28.bb          |    4 +
 .../gnupg/gnupg/CVE-2025-30258-0001.patch     |  141 ++
 .../gnupg/gnupg/CVE-2025-30258-0002.patch     |  131 ++
 .../gnupg/gnupg/CVE-2025-30258-0003.patch     |  624 +++++++
 .../gnupg/gnupg/CVE-2025-30258-0004.patch     |  193 ++
 .../gnupg/gnupg/CVE-2025-30258-0005.patch     |   36 +
 meta/recipes-support/gnupg/gnupg_2.3.7.bb     |    5 +
 scripts/install-buildtools                    |    4 +-
 27 files changed, 3534 insertions(+), 19 deletions(-)
 create mode 100644 meta/recipes-core/ncurses/files/CVE-2025-6141.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0043-CVE-2025-7546.patch
 create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-43398-0001.patch
 create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-43398-0002.patch
 rename meta/recipes-devtools/ruby/ruby/{CVE-2024-43398.patch => CVE-2024-43398-0003.patch} (87%)
 create mode 100644 meta/recipes-extended/pam/libpam/0001-pam_inline-introduce-pam_asprint.patch
 create mode 100644 meta/recipes-extended/pam/libpam/0001-pam_namespace-include-stdint-h.patch
 create mode 100644 meta/recipes-extended/pam/libpam/CVE-2025-6020-01.patch
 create mode 100644 meta/recipes-extended/pam/libpam/CVE-2025-6020-02.patch
 create mode 100644 meta/recipes-extended/pam/libpam/CVE-2025-6020-03.patch
 create mode 100644 meta/recipes-support/gnupg/gnupg/CVE-2025-30258-0001.patch
 create mode 100644 meta/recipes-support/gnupg/gnupg/CVE-2025-30258-0002.patch
 create mode 100644 meta/recipes-support/gnupg/gnupg/CVE-2025-30258-0003.patch
 create mode 100644 meta/recipes-support/gnupg/gnupg/CVE-2025-30258-0004.patch
 create mode 100644 meta/recipes-support/gnupg/gnupg/CVE-2025-30258-0005.patch

-- 
2.43.0

[OE-core][kirkstone 00/10] Patch review

[Steve Sakoman]

Please review this set of changes for kirkstone and have comments back by
end of day Tuesday, June 3

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1684

The following changes since commit a99a65632116955dc69809a14bf536b22582de72:

  gcc: AArch64 - Fix strict-align cpymem/setmem (2025-05-23 08:27:24 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Bruce Ashfield (5):
  linux-yocto/5.15: update to v5.15.180
  linux-yocto/5.15: update to v5.15.181
  linux-yocto/5.15: update to v5.15.182
  linux-yocto/5.15: update to v5.15.183
  linux-yocto/5.15: update to v5.15.184

Guocai He (1):
  sysstat: correct the SRC_URI

Harish Sadineni (2):
  binutils: Fix CVE-2025-1182
  binutils: fix CVE-2025-1180

Hitendra Prajapati (1):
  screen: Fix CVE-2025-46805

NeilBrown (1):
  nfs-utils: don't use signals to shut down nfs server.

 .../nfs-utils/nfs-utils/nfsserver             |  28 +--
 .../binutils/binutils-2.38.inc                |   1 +
 .../binutils/0040-CVE-2025-1180.patch         | 164 ++++++++++++++++++
 .../binutils/0040-CVE-2025-1182.patch         |  31 ++++
 .../screen/screen/CVE-2025-46805.patch        | 121 +++++++++++++
 meta/recipes-extended/screen/screen_4.9.0.bb  |   1 +
 meta/recipes-extended/sysstat/sysstat.inc     |   6 +-
 .../linux/linux-yocto-rt_5.15.bb              |   6 +-
 .../linux/linux-yocto-tiny_5.15.bb            |   6 +-
 meta/recipes-kernel/linux/linux-yocto_5.15.bb |  26 +--
 10 files changed, 344 insertions(+), 46 deletions(-)
 create mode 100644 meta/recipes-devtools/binutils/binutils/0040-CVE-2025-1180.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0040-CVE-2025-1182.patch
 create mode 100644 meta/recipes-extended/screen/screen/CVE-2025-46805.patch

-- 
2.43.0

[OE-core][kirkstone 00/10] Patch review

[Steve Sakoman]

Please review this set of changes for kirkstone and have comments back by
end of day Thursday, April 10

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1367

The following changes since commit 1efbe1004bc82e7c14c1e8bd4ce644f5015c3346:

  build-appliance-image: Update to kirkstone head revision (2025-04-04 08:43:24 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Haixiao Yan (1):
  glibc: Add single-threaded fast path to rand()

Peter Marko (2):
  ofono: patch CVE-2024-7537
  qemu: ignore CVE-2023-1386

Vijay Anusuri (6):
  ghostscript: Fix CVE-2025-27830
  ghostscript: Fix CVE-2025-27831
  ghostscript: Fix CVE-2025-27832
  ghostscript: Fix CVE-2025-27834
  ghostscript: Fix CVE-2025-27835
  ghostscript: Fix CVE-2025-27836

Yogita Urade (1):
  curl: ignore CVE-2025-0725

 .../ofono/ofono/CVE-2024-7537.patch           | 59 +++++++++++++
 meta/recipes-connectivity/ofono/ofono_1.34.bb |  1 +
 ...dd-single-threaded-fast-path-to-rand.patch | 47 +++++++++++
 meta/recipes-core/glibc/glibc_2.35.bb         |  1 +
 meta/recipes-devtools/qemu/qemu.inc           |  3 +
 .../ghostscript/CVE-2025-27830.patch          | 79 +++++++++++++++++
 .../ghostscript/CVE-2025-27831-pre1.patch     | 50 +++++++++++
 .../ghostscript/CVE-2025-27831.patch          | 84 +++++++++++++++++++
 .../ghostscript/CVE-2025-27832.patch          | 45 ++++++++++
 .../ghostscript/CVE-2025-27834.patch          | 57 +++++++++++++
 .../ghostscript/CVE-2025-27835.patch          | 34 ++++++++
 .../ghostscript/CVE-2025-27836-1.patch        | 64 ++++++++++++++
 .../ghostscript/CVE-2025-27836-2.patch        | 46 ++++++++++
 .../ghostscript/ghostscript_9.55.0.bb         |  8 ++
 meta/recipes-support/curl/curl_7.82.0.bb      |  2 +
 15 files changed, 580 insertions(+)
 create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2024-7537.patch
 create mode 100644 meta/recipes-core/glibc/glibc/0001-stdlib-Add-single-threaded-fast-path-to-rand.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-27830.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-27831-pre1.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-27831.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-27832.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-27834.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-27835.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-27836-1.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2025-27836-2.patch

-- 
2.43.0

[OE-core][kirkstone 00/10] Patch review

[Steve Sakoman]

Please review this set of changes for kirkstone and have comments back by
end of day Thursday, April 18

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6811

The following changes since commit 26a878cbfbb3bc7a6e892e105577ebf8138ce150:

  common-licenses: Backport missing license (2024-04-02 08:04:42 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Alex Stewart (1):
  perl: ignore CVE-2023-47100

Jonathan GUILLOT (1):
  cups: fix typo in CVE-2023-32360 backport patch

Khem Raj (1):
  tcl: Add a way to skip ptests

Peter Marko (2):
  openssl: patch CVE-2024-2511
  ncurses: patch CVE-2023-50495

Ross Burton (2):
  tcl: skip timing-dependent tests in run-ptest
  tcl: skip async and event tests in run-ptest

Sana Kazi (1):
  openssh: Add CVE-2023-51767 to CVE_CHECK_IGNORE

Steve Sakoman (1):
  Revert "expat: fix CVE-2023-52425"

Vijay Anusuri (1):
  xserver-xorg: Fix for CVE-2024-31080 and CVE-2024-31081

 .../openssh/openssh_8.9p1.bb                  |   5 +
 .../openssl/openssl/CVE-2024-2511.patch       | 122 ++++++++++
 .../openssl/openssl_3.0.13.bb                 |   1 +
 .../expat/expat/CVE-2023-52425-0001.patch     |  40 ----
 .../expat/expat/CVE-2023-52425-0002.patch     |  87 -------
 .../expat/expat/CVE-2023-52425-0003.patch     | 222 ------------------
 .../expat/expat/CVE-2023-52425-0004.patch     |  42 ----
 .../expat/expat/CVE-2023-52425-0005.patch     |  69 ------
 .../expat/expat/CVE-2023-52425-0006.patch     |  67 ------
 .../expat/expat/CVE-2023-52425-0007.patch     | 159 -------------
 .../expat/expat/CVE-2023-52425-0008.patch     |  95 --------
 .../expat/expat/CVE-2023-52425-0009.patch     |  52 ----
 .../expat/expat/CVE-2023-52425-0010.patch     | 111 ---------
 .../expat/expat/CVE-2023-52425-0011.patch     |  89 -------
 .../expat/expat/CVE-2023-52425-0012.patch     |  87 -------
 meta/recipes-core/expat/expat_2.5.0.bb        |  12 -
 .../ncurses/files/CVE-2023-50495.patch        |  81 +++++++
 .../ncurses/ncurses_6.3+20220423.bb           |   1 +
 meta/recipes-devtools/perl/perl_5.34.3.bb     |   3 +
 meta/recipes-devtools/tcltk/tcl/run-ptest     |   6 +-
 meta/recipes-devtools/tcltk/tcl_8.6.11.bb     |   5 +
 .../cups/cups/CVE-2023-32360.patch            |   2 +-
 .../xserver-xorg/CVE-2024-31080.patch         |  49 ++++
 .../xserver-xorg/CVE-2024-31081.patch         |  47 ++++
 .../xorg-xserver/xserver-xorg_21.1.8.bb       |   2 +
 25 files changed, 322 insertions(+), 1134 deletions(-)
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch
 delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0001.patch
 delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0002.patch
 delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0003.patch
 delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0004.patch
 delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0005.patch
 delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0006.patch
 delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0007.patch
 delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0008.patch
 delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0009.patch
 delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0010.patch
 delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0011.patch
 delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0012.patch
 create mode 100644 meta/recipes-core/ncurses/files/CVE-2023-50495.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31080.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31081.patch

-- 
2.34.1

[OE-core][kirkstone 00/10] Patch review

[Steve Sakoman]

Please review this set of changes for kirkstone and have comments back by
end of day Friday, October 20

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6064

with the exception of a known vim reproducibilty error in the vim-common
package where depending on worker we are seeing either:

"Content-Type:·text/plain;·charset=CP1251\n"

or

"Content-Type:·text/plain;·charset=cp1251\n"

The issue is still under investigation, but is unrelated to this patch set.


The following changes since commit 2572b32e729831762790ebfbf930a1140657faea:

  apt: add missing <cstdint> for uint16_t (2023-10-13 05:32:41 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Armin Kuster (1):
  binutils: CVE-2022-48063

Chaitanya Vadrevu (3):
  binutils: Fix CVE-2022-47695
  binutils: Mark CVE-2022-47673 as patched
  binutils: Mark CVE-2022-47696 as patched

Deepthi Hemraj (2):
  binutils: Fix CVE-2022-47008
  binutils: Fix CVE-2022-47011

Hitendra Prajapati (1):
  libtiff: Add fix for tiffcrop CVE-2023-1916

Quentin Schulz (1):
  uboot-extlinux-config.bbclass: fix missed override syntax migration

Siddharth Doshi (2):
  tiff: Security fix for CVE-2023-40745
  libxpm: upgrade to 3.5.17

 meta/classes/uboot-extlinux-config.bbclass    |  2 +-
 .../binutils/binutils-2.38.inc                |  4 +
 .../binutils/0022-CVE-2023-25584-3.patch      |  2 +
 .../binutils/0025-CVE-2023-25588.patch        |  2 +
 .../binutils/0027-CVE-2022-47008.patch        | 67 +++++++++++++
 .../binutils/0028-CVE-2022-47011.patch        | 35 +++++++
 .../binutils/0031-CVE-2022-47695.patch        | 58 +++++++++++
 .../binutils/binutils/CVE-2022-48063.patch    | 48 +++++++++
 .../{libxpm_3.5.16.bb => libxpm_3.5.17.bb}    |  2 +-
 .../libtiff/tiff/CVE-2023-1916.patch          | 99 +++++++++++++++++++
 .../libtiff/tiff/CVE-2023-40745.patch         | 34 +++++++
 meta/recipes-multimedia/libtiff/tiff_4.3.0.bb |  2 +
 12 files changed, 353 insertions(+), 2 deletions(-)
 create mode 100644 meta/recipes-devtools/binutils/binutils/0027-CVE-2022-47008.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0028-CVE-2022-47011.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0031-CVE-2022-47695.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2022-48063.patch
 rename meta/recipes-graphics/xorg-lib/{libxpm_3.5.16.bb => libxpm_3.5.17.bb} (88%)
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-1916.patch
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-40745.patch

-- 
2.34.1

[OE-core][kirkstone 00/10] Patch review

[Steve Sakoman]

Please review this set of patches for kirkstone and have comments back by
end of day Thursday, October 5

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5984

except for the meta-aws test, which breaks due to recent commits there.  Maintainer notified.

The following changes since commit 7e177848f97eb9958619c28b5e5dadee12f67507:

  kernel.bbclass: Add force flag to rm calls (2023-09-27 06:09:46 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Bruce Ashfield (5):
  linux-yocto/5.10: update to v5.10.189
  linux-yocto/5.10: update to v5.10.191
  linux-yocto/5.10: update to v5.10.192
  linux-yocto/5.10: update to v5.10.194
  linux-yocto/5.10: update to v5.10.197

Martin Jansa (2):
  ccache: fix build with gcc-13
  fontcache.bbclass: avoid native recipes depending on target fontconfig

Narpat Mali (1):
  python3-jinja2: fix for the ptest result format

Peter Marko (1):
  json-c: define CVE_VERSION

Shubham Kulkarni (1):
  go: Update fix for CVE-2023-24538 & CVE-2023-39318

 meta/classes/fontcache.bbclass                |   1 +
 ...x-FTBFS-with-not-yet-released-GCC-13.patch |  92 +++
 meta/recipes-devtools/ccache/ccache_4.6.bb    |   4 +-
 meta/recipes-devtools/go/go-1.17.13.inc       |   3 +-
 .../go/go-1.18/CVE-2023-24538_1.patch         | 597 ++++++++++++++++++
 ...023-24538.patch => CVE-2023-24538_2.patch} | 175 ++++-
 .../go/go-1.21/CVE-2023-39318.patch           |  44 +-
 meta/recipes-devtools/json-c/json-c_0.15.bb   |   3 +
 .../python/python3-jinja2/run-ptest           |   2 +-
 .../linux/linux-yocto-rt_5.10.bb              |   6 +-
 .../linux/linux-yocto-tiny_5.10.bb            |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.10.bb |  24 +-
 12 files changed, 921 insertions(+), 38 deletions(-)
 create mode 100644 meta/recipes-devtools/ccache/ccache/0001-build-Fix-FTBFS-with-not-yet-released-GCC-13.patch
 create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2023-24538_1.patch
 rename meta/recipes-devtools/go/go-1.18/{CVE-2023-24538.patch => CVE-2023-24538_2.patch} (53%)

-- 
2.34.1

[OE-core][kirkstone 00/10] Patch review

[Steve Sakoman]

Please review this set of changes for kirkstone and have comments back by
end of day Saturday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5680

The following changes since commit dc2e760591c5ed3c999222f235484829426c71a7:

  util-linux: add alternative links for ipcs,ipcrm (2023-07-31 08:12:27 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Archana Polampalli (3):
  qemu: fix CVE-2023-3301
  qemu: fix CVE-2023-3255
  qemu: fix CVE-2023-2861

Peter Marko (3):
  libpcre2: patch CVE-2022-41409
  libarchive: ignore CVE-2023-30571
  openssl: Upgrade 3.0.9 -> 3.0.10

Sakib Sajal (2):
  go: fix CVE-2023-24536
  go: fix CVE-2023-24531

Sundeep KOKKONDA (1):
  gcc : upgrade to v11.4

Yuta Hayama (1):
  cve-update-nvd2-native: always pass str for json.loads()

 meta/conf/distro/include/maintainers.inc      |   2 +-
 .../{openssl_3.0.9.bb => openssl_3.0.10.bb}   |   2 +-
 .../meta/cve-update-nvd2-native.bb            |   2 +-
 .../gcc/{gcc-11.3.inc => gcc-11.4.inc}        |   6 +-
 ...ian_11.3.bb => gcc-cross-canadian_11.4.bb} |   0
 .../{gcc-cross_11.3.bb => gcc-cross_11.4.bb}  |   0
 ...-crosssdk_11.3.bb => gcc-crosssdk_11.4.bb} |   0
 ...cc-runtime_11.3.bb => gcc-runtime_11.4.bb} |   0
 ...itizers_11.3.bb => gcc-sanitizers_11.4.bb} |   0
 ...{gcc-source_11.3.bb => gcc-source_11.4.bb} |   0
 ...rch64-Update-Neoverse-N2-core-defini.patch |  20 +-
 ...rm-add-armv9-a-architecture-to-march.patch |  54 +--
 ...AMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch | 102 ++---
 ...s-fix-v4bx-to-linker-to-support-EABI.patch |   6 +-
 .../gcc/{gcc_11.3.bb => gcc_11.4.bb}          |   0
 ...initial_11.3.bb => libgcc-initial_11.4.bb} |   0
 .../gcc/{libgcc_11.3.bb => libgcc_11.4.bb}    |   0
 ...ibgfortran_11.3.bb => libgfortran_11.4.bb} |   0
 meta/recipes-devtools/go/go-1.17.13.inc       |   7 +-
 .../go/go-1.19/CVE-2023-24536_1.patch         | 137 +++++++
 .../go/go-1.19/CVE-2023-24536_2.patch         | 187 ++++++++++
 .../go/go-1.19/CVE-2023-24536_3.patch         | 349 ++++++++++++++++++
 .../go/go-1.21/CVE-2023-24531_1.patch         | 252 +++++++++++++
 .../go/go-1.21/CVE-2023-24531_2.patch         |  47 +++
 meta/recipes-devtools/qemu/qemu.inc           |   3 +
 .../qemu/qemu/CVE-2023-2861.patch             | 172 +++++++++
 .../qemu/qemu/CVE-2023-3255.patch             |  64 ++++
 .../qemu/qemu/CVE-2023-3301.patch             |  60 +++
 .../libarchive/libarchive_3.6.2.bb            |   3 +
 .../libpcre/libpcre2/CVE-2022-41409.patch     |  75 ++++
 .../recipes-support/libpcre/libpcre2_10.40.bb |   1 +
 31 files changed, 1451 insertions(+), 100 deletions(-)
 rename meta/recipes-connectivity/openssl/{openssl_3.0.9.bb => openssl_3.0.10.bb} (99%)
 rename meta/recipes-devtools/gcc/{gcc-11.3.inc => gcc-11.4.inc} (97%)
 rename meta/recipes-devtools/gcc/{gcc-cross-canadian_11.3.bb => gcc-cross-canadian_11.4.bb} (100%)
 rename meta/recipes-devtools/gcc/{gcc-cross_11.3.bb => gcc-cross_11.4.bb} (100%)
 rename meta/recipes-devtools/gcc/{gcc-crosssdk_11.3.bb => gcc-crosssdk_11.4.bb} (100%)
 rename meta/recipes-devtools/gcc/{gcc-runtime_11.3.bb => gcc-runtime_11.4.bb} (100%)
 rename meta/recipes-devtools/gcc/{gcc-sanitizers_11.3.bb => gcc-sanitizers_11.4.bb} (100%)
 rename meta/recipes-devtools/gcc/{gcc-source_11.3.bb => gcc-source_11.4.bb} (100%)
 rename meta/recipes-devtools/gcc/{gcc_11.3.bb => gcc_11.4.bb} (100%)
 rename meta/recipes-devtools/gcc/{libgcc-initial_11.3.bb => libgcc-initial_11.4.bb} (100%)
 rename meta/recipes-devtools/gcc/{libgcc_11.3.bb => libgcc_11.4.bb} (100%)
 rename meta/recipes-devtools/gcc/{libgfortran_11.3.bb => libgfortran_11.4.bb} (100%)
 create mode 100644 meta/recipes-devtools/go/go-1.19/CVE-2023-24536_1.patch
 create mode 100644 meta/recipes-devtools/go/go-1.19/CVE-2023-24536_2.patch
 create mode 100644 meta/recipes-devtools/go/go-1.19/CVE-2023-24536_3.patch
 create mode 100644 meta/recipes-devtools/go/go-1.21/CVE-2023-24531_1.patch
 create mode 100644 meta/recipes-devtools/go/go-1.21/CVE-2023-24531_2.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-2861.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-3255.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-3301.patch
 create mode 100644 meta/recipes-support/libpcre/libpcre2/CVE-2022-41409.patch

-- 
2.34.1