[walnascar,7/8] binutils: mark CVE-2025-1153 as fixed

Message ID	20250520202033.2352749-7-peter.marko@siemens.com
State	New
Headers	show Return-Path: <peter.marko@siemens.com> ip: 185.136.64.228, mailfrom: fm-256628-20250520202207f7f75bc2bd4627664a-nyp9c_@rts-flowmailer.siemens.com) From: Peter Marko <peter.marko@siemens.com> To: openembedded-core@lists.openembedded.org Cc: Peter Marko <peter.marko@siemens.com>, Richard Purdie <richard.purdie@linuxfoundation.org> Subject: [OE-core][walnascar][PATCH 7/8] binutils: mark CVE-2025-1153 as fixed Date: Tue, 20 May 2025 22:20:32 +0200 Message-Id: <20250520202033.2352749-7-peter.marko@siemens.com> In-Reply-To: <20250520202033.2352749-1-peter.marko@siemens.com> References: <20250520202033.2352749-1-peter.marko@siemens.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Feedback-ID: 519:519-256628:519-21489:flowmailer
Series	[walnascar,1/8] sqlite3: patch CVE-2025-3277 \| expand [walnascar,1/8] sqlite3: patch CVE-2025-3277 [walnascar,2/8] sqlite3: patch CVE-2025-29088 [walnascar,3/8] sqlite3: mark CVE-2025-29087 as patched [walnascar,4/8] ofono: patch CVE-2024-7537 [walnascar,5/8] libarchive: upgrade 3.7.8 -> 3.7.9 [walnascar,6/8] binutils: drop obsolete CVE_STATUS [walnascar,7/8] binutils: mark CVE-2025-1153 as fixed [walnascar,8/8] xz: patch CVE-2025-31115

Message ID

20250520202033.2352749-7-peter.marko@siemens.com

State

New

Headers

From: Peter Marko <peter.marko@siemens.com>
To: openembedded-core@lists.openembedded.org
Cc: Peter Marko <peter.marko@siemens.com>,
	Richard Purdie <richard.purdie@linuxfoundation.org>
Subject: [OE-core][walnascar][PATCH 7/8] binutils: mark CVE-2025-1153 as fixed
Date: Tue, 20 May 2025 22:20:32 +0200
Message-Id: <20250520202033.2352749-7-peter.marko@siemens.com>
In-Reply-To: <20250520202033.2352749-1-peter.marko@siemens.com>
References: <20250520202033.2352749-1-peter.marko@siemens.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Feedback-ID: 519:519-256628:519-21489:flowmailer

Series

[walnascar,1/8] sqlite3: patch CVE-2025-3277 | expand

Commit Message

Marko, Peter May 20, 2025, 8:20 p.m. UTC

From: Peter Marko <peter.marko@siemens.com>

We had this CVE patched but the patch was removed with last 2.44 branch
updates as it is now included.
Since there is no new version which could be set in NVD DB, this needs
to be explicitly handled.

(From OE-Core rev: 32f18145dee54f61203506daef339cd132908287)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-devtools/binutils/binutils-2.44.inc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-devtools/binutils/binutils-2.44.inc b/meta/recipes-devtools/binutils/binutils-2.44.inc
index 41071fada1..28100abbe9 100644
--- a/meta/recipes-devtools/binutils/binutils-2.44.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.44.inc
@@ -18,6 +18,8 @@  SRCBRANCH ?= "binutils-2_44-branch"
 
 UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P<pver>\d+_(\d_?)*)"
 
+CVE_STATUS[CVE-2025-1153] = "cpe-stable-backport: fix available in used git hash"
+
 SRCREV ?= "819d713b6340ed3657e00ad0bc8d5f2b73094a0f"
 BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${SRCBRANCH};protocol=https"
 SRC_URI = "\

[walnascar,7/8] binutils: mark CVE-2025-1153 as fixed

Commit Message

Patch