| Message ID | 20250604113426.464818-1-changqing.li@windriver.com |
|---|---|
| Headers | show |
| Series | fix several CVE for libsoup/libsoup-2.4 | expand |
This series doesn't apply in full, it seems to fall apart at
"libsoup-2.4: fix CVE-2025-4969":
Applying: libsoup-2.4: fix CVE-2025-32052
Using index info to reconstruct a base tree...
M meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
.git/rebase-apply/patch:34: space before tab in indent.
guint index_pattern = 0;
.git/rebase-apply/patch:35: space before tab in indent.
gboolean skip_row = FALSE;
.git/rebase-apply/patch:36: trailing whitespace.
.git/rebase-apply/patch:39: space before tab in indent.
(index_pattern <= type_row->pattern_length)) {
.git/rebase-apply/patch:40: space before tab in indent.
/* Skip insignificant white space ("WS" in the spec) */
warning: squelched 3 whitespace errors
warning: 8 lines add whitespace errors.
Falling back to patching base and 3-way merge...
Auto-merging meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
Applying: libsoup: fix CVE-2025-32052
Applying: libsoup: fix CVE-2025-32051
Applying: libsoup-2.4: fix CVE-2025-32050
Applying: libsoup: fix CVE-2025-32050
Applying: libsoup-2.4: fix CVE-2025-46421
Applying: libsoup: fix CVE-2025-46421
Applying: libsoup-2.4: fix CVE-2025-4948
Applying: libsoup: fix CVE-2025-4948
Applying: libsoup-2.4: fix CVE-2025-4969
error: sha1 information is lacking or useless
(meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb).
error: could not build fake ancestor
Patch failed at 0010 libsoup-2.4: fix CVE-2025-4969
Perhaps send a V3 that will apply cleanly to the stable/scarthgap-nut
branch in poky-contrib
Thanks!
Steve
On Wed, Jun 4, 2025 at 4:34 AM Changqing Li via lists.openembedded.org
<changqing.li=windriver.com@lists.openembedded.org> wrote:
>
> From: Changqing Li <changqing.li@windriver.com>
>
> Changqing Li (14):
> libsoup-2.4: fix CVE-2025-32052
> libsoup: fix CVE-2025-32052
> libsoup: fix CVE-2025-32051
> libsoup-2.4: fix CVE-2025-32050
> libsoup: fix CVE-2025-32050
> libsoup-2.4: fix CVE-2025-46421
> libsoup: fix CVE-2025-46421
> libsoup-2.4: fix CVE-2025-4948
> libsoup: fix CVE-2025-4948
> libsoup-2.4: fix CVE-2025-4969
> libsoup: fix CVE-2025-4969
> libsoup-2.4: fix CVE-2025-4476
> libsoup-2.4: fix CVE-2025-2784
> libsoup: fix CVE-2025-2784
>
> .../libsoup/libsoup-2.4/CVE-2025-2784.patch | 56 +++++++
> .../libsoup/libsoup-2.4/CVE-2025-32050.patch | 29 ++++
> .../libsoup/libsoup-2.4/CVE-2025-32052.patch | 32 ++++
> .../libsoup/libsoup-2.4/CVE-2025-4476.patch | 38 +++++
> .../libsoup/libsoup-2.4/CVE-2025-46421.patch | 48 ++++++
> .../libsoup/libsoup-2.4/CVE-2025-4948.patch | 38 +++++
> .../libsoup/libsoup-2.4/CVE-2025-4969.patch | 37 +++++
> .../libsoup/libsoup-2.4_2.74.3.bb | 7 +
> .../libsoup/libsoup-3.4.4/CVE-2025-2784.patch | 137 +++++++++++++++++
> .../libsoup-3.4.4/CVE-2025-32050.patch | 29 ++++
> .../libsoup-3.4.4/CVE-2025-32051-1.patch | 29 ++++
> .../libsoup-3.4.4/CVE-2025-32051-2.patch | 57 +++++++
> .../libsoup-3.4.4/CVE-2025-32052.patch | 31 ++++
> .../libsoup-3.4.4/CVE-2025-46421.patch | 139 ++++++++++++++++++
> .../libsoup/libsoup-3.4.4/CVE-2025-4948.patch | 97 ++++++++++++
> .../libsoup/libsoup-3.4.4/CVE-2025-4969.patch | 78 ++++++++++
> meta/recipes-support/libsoup/libsoup_3.4.4.bb | 8 +
> 17 files changed, 890 insertions(+)
> create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-2784.patch
> create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32050.patch
> create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32052.patch
> create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch
> create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-46421.patch
> create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4948.patch
> create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4969.patch
> create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-2784.patch
> create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32050.patch
> create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-1.patch
> create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-2.patch
> create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32052.patch
> create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-46421.patch
> create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4948.patch
> create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4969.patch
>
> --
> 2.34.1
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#217926): https://lists.openembedded.org/g/openembedded-core/message/217926
> Mute This Topic: https://lists.openembedded.org/mt/113464301/3620601
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [steve@sakoman.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
On 6/6/25 00:15, Steve Sakoman wrote: > CAUTION: This email comes from a non Wind River email account! > Do not click links or open attachments unless you recognize the sender and know the content is safe. > > This series doesn't apply in full, it seems to fall apart at > "libsoup-2.4: fix CVE-2025-4969": > > Applying: libsoup-2.4: fix CVE-2025-32052 > Using index info to reconstruct a base tree... > M meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb > .git/rebase-apply/patch:34: space before tab in indent. > guint index_pattern = 0; > .git/rebase-apply/patch:35: space before tab in indent. > gboolean skip_row = FALSE; > .git/rebase-apply/patch:36: trailing whitespace. > > .git/rebase-apply/patch:39: space before tab in indent. > (index_pattern <= type_row->pattern_length)) { > .git/rebase-apply/patch:40: space before tab in indent. > /* Skip insignificant white space ("WS" in the spec) */ > warning: squelched 3 whitespace errors > warning: 8 lines add whitespace errors. > Falling back to patching base and 3-way merge... > Auto-merging meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb > Applying: libsoup: fix CVE-2025-32052 > Applying: libsoup: fix CVE-2025-32051 > Applying: libsoup-2.4: fix CVE-2025-32050 > Applying: libsoup: fix CVE-2025-32050 > Applying: libsoup-2.4: fix CVE-2025-46421 > Applying: libsoup: fix CVE-2025-46421 > Applying: libsoup-2.4: fix CVE-2025-4948 > Applying: libsoup: fix CVE-2025-4948 > Applying: libsoup-2.4: fix CVE-2025-4969 > error: sha1 information is lacking or useless > (meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb). > error: could not build fake ancestor > Patch failed at 0010 libsoup-2.4: fix CVE-2025-4969 > > Perhaps send a V3 that will apply cleanly to the stable/scarthgap-nut > branch in poky-contrib Hi, V3 send based on poky-contrib stable/scarthgap-nut. Regards Changqing > > Thanks! > > Steve > > On Wed, Jun 4, 2025 at 4:34 AM Changqing Li via lists.openembedded.org > <changqing.li=windriver.com@lists.openembedded.org> wrote: >> From: Changqing Li<changqing.li@windriver.com> >> >> Changqing Li (14): >> libsoup-2.4: fix CVE-2025-32052 >> libsoup: fix CVE-2025-32052 >> libsoup: fix CVE-2025-32051 >> libsoup-2.4: fix CVE-2025-32050 >> libsoup: fix CVE-2025-32050 >> libsoup-2.4: fix CVE-2025-46421 >> libsoup: fix CVE-2025-46421 >> libsoup-2.4: fix CVE-2025-4948 >> libsoup: fix CVE-2025-4948 >> libsoup-2.4: fix CVE-2025-4969 >> libsoup: fix CVE-2025-4969 >> libsoup-2.4: fix CVE-2025-4476 >> libsoup-2.4: fix CVE-2025-2784 >> libsoup: fix CVE-2025-2784 >> >> .../libsoup/libsoup-2.4/CVE-2025-2784.patch | 56 +++++++ >> .../libsoup/libsoup-2.4/CVE-2025-32050.patch | 29 ++++ >> .../libsoup/libsoup-2.4/CVE-2025-32052.patch | 32 ++++ >> .../libsoup/libsoup-2.4/CVE-2025-4476.patch | 38 +++++ >> .../libsoup/libsoup-2.4/CVE-2025-46421.patch | 48 ++++++ >> .../libsoup/libsoup-2.4/CVE-2025-4948.patch | 38 +++++ >> .../libsoup/libsoup-2.4/CVE-2025-4969.patch | 37 +++++ >> .../libsoup/libsoup-2.4_2.74.3.bb | 7 + >> .../libsoup/libsoup-3.4.4/CVE-2025-2784.patch | 137 +++++++++++++++++ >> .../libsoup-3.4.4/CVE-2025-32050.patch | 29 ++++ >> .../libsoup-3.4.4/CVE-2025-32051-1.patch | 29 ++++ >> .../libsoup-3.4.4/CVE-2025-32051-2.patch | 57 +++++++ >> .../libsoup-3.4.4/CVE-2025-32052.patch | 31 ++++ >> .../libsoup-3.4.4/CVE-2025-46421.patch | 139 ++++++++++++++++++ >> .../libsoup/libsoup-3.4.4/CVE-2025-4948.patch | 97 ++++++++++++ >> .../libsoup/libsoup-3.4.4/CVE-2025-4969.patch | 78 ++++++++++ >> meta/recipes-support/libsoup/libsoup_3.4.4.bb | 8 + >> 17 files changed, 890 insertions(+) >> create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-2784.patch >> create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32050.patch >> create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32052.patch >> create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch >> create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-46421.patch >> create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4948.patch >> create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4969.patch >> create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-2784.patch >> create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32050.patch >> create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-1.patch >> create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-2.patch >> create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32052.patch >> create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-46421.patch >> create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4948.patch >> create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4969.patch >> >> -- >> 2.34.1 >> >> >> -=-=-=-=-=-=-=-=-=-=-=- >> Links: You receive all messages sent to this group. >> View/Reply Online (#217926):https://lists.openembedded.org/g/openembedded-core/message/217926 >> Mute This Topic:https://lists.openembedded.org/mt/113464301/3620601 >> Group Owner:openembedded-core+owner@lists.openembedded.org >> Unsubscribe:https://lists.openembedded.org/g/openembedded-core/unsub [steve@sakoman.com] >> -=-=-=-=-=-=-=-=-=-=-=- >>
From: Changqing Li <changqing.li@windriver.com> Changqing Li (14): libsoup-2.4: fix CVE-2025-32052 libsoup: fix CVE-2025-32052 libsoup: fix CVE-2025-32051 libsoup-2.4: fix CVE-2025-32050 libsoup: fix CVE-2025-32050 libsoup-2.4: fix CVE-2025-46421 libsoup: fix CVE-2025-46421 libsoup-2.4: fix CVE-2025-4948 libsoup: fix CVE-2025-4948 libsoup-2.4: fix CVE-2025-4969 libsoup: fix CVE-2025-4969 libsoup-2.4: fix CVE-2025-4476 libsoup-2.4: fix CVE-2025-2784 libsoup: fix CVE-2025-2784 .../libsoup/libsoup-2.4/CVE-2025-2784.patch | 56 +++++++ .../libsoup/libsoup-2.4/CVE-2025-32050.patch | 29 ++++ .../libsoup/libsoup-2.4/CVE-2025-32052.patch | 32 ++++ .../libsoup/libsoup-2.4/CVE-2025-4476.patch | 38 +++++ .../libsoup/libsoup-2.4/CVE-2025-46421.patch | 48 ++++++ .../libsoup/libsoup-2.4/CVE-2025-4948.patch | 38 +++++ .../libsoup/libsoup-2.4/CVE-2025-4969.patch | 37 +++++ .../libsoup/libsoup-2.4_2.74.3.bb | 7 + .../libsoup/libsoup-3.4.4/CVE-2025-2784.patch | 137 +++++++++++++++++ .../libsoup-3.4.4/CVE-2025-32050.patch | 29 ++++ .../libsoup-3.4.4/CVE-2025-32051-1.patch | 29 ++++ .../libsoup-3.4.4/CVE-2025-32051-2.patch | 57 +++++++ .../libsoup-3.4.4/CVE-2025-32052.patch | 31 ++++ .../libsoup-3.4.4/CVE-2025-46421.patch | 139 ++++++++++++++++++ .../libsoup/libsoup-3.4.4/CVE-2025-4948.patch | 97 ++++++++++++ .../libsoup/libsoup-3.4.4/CVE-2025-4969.patch | 78 ++++++++++ meta/recipes-support/libsoup/libsoup_3.4.4.bb | 8 + 17 files changed, 890 insertions(+) create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-2784.patch create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32050.patch create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32052.patch create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-46421.patch create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4948.patch create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4969.patch create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-2784.patch create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32050.patch create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-1.patch create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-2.patch create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32052.patch create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-46421.patch create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4948.patch create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4969.patch