[walnascar] glibc: stable 2.35 branch updates

Message ID	20250730220952.14457-1-peter.marko@siemens.com
State	Under Review
Delegated to:	Steve Sakoman
Headers	show Return-Path: <peter.marko@siemens.com> ip: 185.136.65.227, mailfrom: fm-256628-20250730221038688709f84d9f860876-zfq5pn@rts-flowmailer.siemens.com) From: Peter Marko <peter.marko@siemens.com> To: openembedded-core@lists.openembedded.org Cc: Peter Marko <peter.marko@siemens.com> Subject: [OE-core][walnascar][PATCH] glibc: stable 2.35 branch updates Date: Thu, 31 Jul 2025 00:09:52 +0200 Message-Id: <20250730220952.14457-1-peter.marko@siemens.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Feedback-ID: 519:519-256628:519-21489:flowmailer
Series	[walnascar] glibc: stable 2.35 branch updates \| expand [walnascar] glibc: stable 2.35 branch updates

Message ID

20250730220952.14457-1-peter.marko@siemens.com

State

Under Review

Delegated to:

Steve Sakoman

Headers

From: Peter Marko <peter.marko@siemens.com>
To: openembedded-core@lists.openembedded.org
Cc: Peter Marko <peter.marko@siemens.com>
Subject: [OE-core][walnascar][PATCH] glibc: stable 2.35 branch updates
Date: Thu, 31 Jul 2025 00:09:52 +0200
Message-Id: <20250730220952.14457-1-peter.marko@siemens.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Feedback-ID: 519:519-256628:519-21489:flowmailer

Series

[walnascar] glibc: stable 2.35 branch updates | expand

Commit Message

Peter Marko July 30, 2025, 10:09 p.m. UTC

From: Peter Marko <peter.marko@siemens.com>

$ git log --oneline 6e489c17f827317bcf8544efefa65f13b5a079dc..e7c419a2957590fb657900fc92a89708f41abd9d
e7c419a295 (origin/release/2.41/master, release/2.41/master) iconv: iconv -o should not create executable files (bug 33164)
1e16d0096d posix: Fix double-free after allocation failure in regcomp (bug 33185)

Add CVE-2025-8058 to CVE ignore list as this is (bug 33185) commit.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/recipes-core/glibc/glibc-version.inc | 2 +-
 meta/recipes-core/glibc/glibc_2.41.bb     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
index a2cfd0f308..881a9cce2c 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@ 
 SRCBRANCH ?= "release/2.41/master"
 PV = "2.41+git"
-SRCREV_glibc ?= "6e489c17f827317bcf8544efefa65f13b5a079dc"
+SRCREV_glibc ?= "e7c419a2957590fb657900fc92a89708f41abd9d"
 SRCREV_localedef ?= "fab74f31b3811df543e24b6de47efdf45b538abc"
 
 GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https"
diff --git a/meta/recipes-core/glibc/glibc_2.41.bb b/meta/recipes-core/glibc/glibc_2.41.bb
index 7ddf7f9127..8a65e8ce9f 100644
--- a/meta/recipes-core/glibc/glibc_2.41.bb
+++ b/meta/recipes-core/glibc/glibc_2.41.bb
@@ -17,7 +17,7 @@  Allows for ASLR bypass so can bypass some hardening, not an exploit in itself, m
 easier access for another. 'ASLR bypass itself is not a vulnerability.'"
 
 CVE_STATUS_GROUPS += "CVE_STATUS_STABLE_BACKPORTS"
-CVE_STATUS_STABLE_BACKPORTS = "CVE-2025-4802 CVE-2025-5702 CVE-2025-5745"
+CVE_STATUS_STABLE_BACKPORTS = "CVE-2025-4802 CVE-2025-5702 CVE-2025-5745 CVE-2025-8058"
 CVE_STATUS_STABLE_BACKPORTS[status] = "cpe-stable-backport: fix available in used git hash"
 
 DEPENDS += "gperf-native bison-native"

[walnascar] glibc: stable 2.35 branch updates

Commit Message

Patch