| Message ID | 20251014135606.6328-1-phanirajkiran.a@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | Author: Mallapuram Phanirajkiran <phanirajkiran.a@gmail.com> Date: Tue Oct 14 02:19:57 2025 +0530 | expand |
On Tue, Oct 14, 2025 at 9:13 AM Mallapuram Phani raj kiran via lists.openembedded.org <phanirajkiran.a=gmail.com@lists.openembedded.org> wrote: > > [scarthgap] musl: backport fix for CVE-2025-26519 to LTS branches > > Fixes [YOCTO #15932] > > The musl libc code in LTS (Scarthgap) is missing > the fix addressing CVE-2025-26519. This patch backports the upstream > changes (or applies the required fix) so that LTS builds include it. > > Reference: > https://nvd.nist.gov/vuln/detail/CVE-2025-26519 > > (From OE-Core rev: 7af6b75221d5703ba5bf43c7cd9f1e7a2e0ed20b) > > Signed-off-by: Mallapuram Phani raj kiran <phanirajkiran.a@gmail.com> > Signed-off-by: Gunda Swetha <swetha12g@gmail.com> > > Reported-by: Cristian Morales Vega > --- > ...1-musl-backport-fix-for-CVE-2025-26519-to-LTS-branches.patch | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/meta/recipes-core/musl/musl/0001-musl-backport-fix-for-CVE-2025-26519-to-LTS-branches.patch b/meta/recipes-core/musl/musl/0001-musl-backport-fix-for-CVE-2025-26519-to-LTS-branches.patch > index 3f0b14a5d0..4acedb34ef 100644 > --- a/meta/recipes-core/musl/musl/0001-musl-backport-fix-for-CVE-2025-26519-to-LTS-branches.patch > +++ b/meta/recipes-core/musl/musl/0001-musl-backport-fix-for-CVE-2025-26519-to-LTS-branches.patch > @@ -1,7 +1,7 @@ > From 7ee0592397ea0e3d4b47018631642864864d443d Mon Sep 17 00:00:00 2001 > From: Mallapuram Phanirajkiran <phanirajkiran.a@gmail.com> > Date: Tue, 14 Oct 2025 01:40:45 +0530 > -Subject: [PATCH] musl: backport fix for CVE-2025-26519 to LTS branches > +Subject: [scarthgap] musl: backport fix for CVE-2025-26519 to LTS branches This is a component patch, there is no need to reflect the yocto release branch here. you can specify that for the patch you are sending for the meta layer > > Fixes [YOCTO #15932] > > -- > 2.34.1 > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#224840): https://lists.openembedded.org/g/openembedded-core/message/224840 > Mute This Topic: https://lists.openembedded.org/mt/115755456/1997914 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [raj.khem@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- >
diff --git a/meta/recipes-core/musl/musl/0001-musl-backport-fix-for-CVE-2025-26519-to-LTS-branches.patch b/meta/recipes-core/musl/musl/0001-musl-backport-fix-for-CVE-2025-26519-to-LTS-branches.patch index 3f0b14a5d0..4acedb34ef 100644 --- a/meta/recipes-core/musl/musl/0001-musl-backport-fix-for-CVE-2025-26519-to-LTS-branches.patch +++ b/meta/recipes-core/musl/musl/0001-musl-backport-fix-for-CVE-2025-26519-to-LTS-branches.patch @@ -1,7 +1,7 @@ From 7ee0592397ea0e3d4b47018631642864864d443d Mon Sep 17 00:00:00 2001 From: Mallapuram Phanirajkiran <phanirajkiran.a@gmail.com> Date: Tue, 14 Oct 2025 01:40:45 +0530 -Subject: [PATCH] musl: backport fix for CVE-2025-26519 to LTS branches +Subject: [scarthgap] musl: backport fix for CVE-2025-26519 to LTS branches Fixes [YOCTO #15932]
[scarthgap] musl: backport fix for CVE-2025-26519 to LTS branches Fixes [YOCTO #15932] The musl libc code in LTS (Scarthgap) is missing the fix addressing CVE-2025-26519. This patch backports the upstream changes (or applies the required fix) so that LTS builds include it. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-26519 (From OE-Core rev: 7af6b75221d5703ba5bf43c7cd9f1e7a2e0ed20b) Signed-off-by: Mallapuram Phani raj kiran <phanirajkiran.a@gmail.com> Signed-off-by: Gunda Swetha <swetha12g@gmail.com> Reported-by: Cristian Morales Vega --- ...1-musl-backport-fix-for-CVE-2025-26519-to-LTS-branches.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)