| Message ID | 20251217092224.3482254-1-daniel.turull@ericsson.com |
|---|---|
| State | Under Review |
| Delegated to: | Steve Sakoman |
| Headers | show
Return-Path: <daniel.turull@ericsson.com> X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 15B6ED65521 for <webhook@archiver.kernel.org>; Wed, 17 Dec 2025 09:22:45 +0000 (UTC) Received: from AM0PR83CU005.outbound.protection.outlook.com (AM0PR83CU005.outbound.protection.outlook.com [52.101.69.36]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.10417.1765963358490468238 for <openembedded-core@lists.openembedded.org>; Wed, 17 Dec 2025 01:22:38 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="dkim: body hash did not verify" header.i=@ericsson.com header.s=selector1 header.b=Nni6tWYJ; spf=pass (domain: ericsson.com, ip: 52.101.69.36, mailfrom: edaturu@ericsson.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=wh7KFSldbcyS6ePTxCiTJRkR2qLRIT7WRMCBlx17RTcMe/wVUaBI4hVB3/vR3jmG3T744ToVJ2ddsu4j0oSFxtUZw/qmLSHOnaV3Ch/LzMpyDUFs23mOsIW8VKPLYPkva9CQ/Xd/NW0f67TNxz2nC8oXbjwNL6afVvAGnVU7UBmRaPm75/wypH/7/5Haqw/FmBBQlXaSGWXHRBqJZ/mj8vJXBJ9qEI3cM9wvZB2WhlH+6XZH8qDYYFWGyT/JO9SxIUhKh5EqCbVA/b1fOm81cEv0/TTdqAuHq8lBSfMdU07rV0nJuS3qhkNiTwcX96DR4MhfA6KQ55VtDo6Y2dFrvg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=GPVNZGs1fdbsgE+cqhcPcftIBIOlxNKAx+iERJnY7xY=; b=mOp5zXgDGR4PY0lqrIIRk20wRK5l544YsXz7Xt/rJkhnswUSQPxtozrldgrKBTvVBSxuv02BawX+OJyx0iL2jYq68e8So3lwTj713zTD4OCJztfWrEoEgegQjDdSRDetpwZ/aLdRB+zbo0ieeZURbhE25MFHG1BxQJsUVxVPf1z6t9zBT048DA1BbVry/1lNkm3MUchbnuMTOMYbBcKFdFDnICBMtMXxOtph+9ektAO5PNtBmpYRlsQ55EisJL6flyuQRxb38Yb6PoiP3W4lNKitSKsbpTEdQH81kjfP1zd3cC6DvgGyPEiJutrqPhXLsAOBEQe7yqWvVKYu3Crzew== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 192.176.1.74) smtp.rcpttodomain=lists.openembedded.org smtp.mailfrom=ericsson.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=ericsson.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GPVNZGs1fdbsgE+cqhcPcftIBIOlxNKAx+iERJnY7xY=; b=Nni6tWYJ9c32VbYklGdeLqY82y7WVqykBj1vNlTRhSwTUGX75wanZ63y/PWochBT+Fjt43yHa2MGvT6CeNZEl7h0Ta7j8Iv4pcbQ4iF3IhQYV7LS87eCpf2Mi9NZ40Bvex8nZSSDh8dqrGEacxDzJ66NP+itpIr5wiZKiWvy1kxAg1mG4Y3nUkkwr8RTTDILX7Koliilo7n+3v3BqFBDWmmfpo6Q22CpvnbV1Pon5LPiRBvxjLZM2HgTKjmxf3EcaqmxVCyUG9Nv1x8X0BU+xnyMdnOvCZXDfkY8NKGwn1PuR5JLh3/iLBO2C5zGNzrnIoWFwux9TH9f+CZht7vAAg== Received: from AS4P190CA0025.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:5d0::12) by AM7PR07MB6407.eurprd07.prod.outlook.com (2603:10a6:20b:131::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9434.6; Wed, 17 Dec 2025 09:22:34 +0000 Received: from AMS0EPF000001A6.eurprd05.prod.outlook.com (2603:10a6:20b:5d0:cafe::7d) by AS4P190CA0025.outlook.office365.com (2603:10a6:20b:5d0::12) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.9434.6 via Frontend Transport; Wed, 17 Dec 2025 09:22:33 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 192.176.1.74) smtp.mailfrom=ericsson.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=ericsson.com; Received-SPF: Pass (protection.outlook.com: domain of ericsson.com designates 192.176.1.74 as permitted sender) receiver=protection.outlook.com; client-ip=192.176.1.74; helo=oa.msg.ericsson.com; pr=C Received: from oa.msg.ericsson.com (192.176.1.74) by AMS0EPF000001A6.mail.protection.outlook.com (10.167.16.233) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9434.6 via Frontend Transport; Wed, 17 Dec 2025 09:22:34 +0000 Received: from seroius18813.sero.gic.ericsson.se (153.88.142.248) by smtp-central.internal.ericsson.com (100.87.178.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.29; Wed, 17 Dec 2025 10:22:32 +0100 Received: from seroius08462.sero.gic.ericsson.se (seroius08462.sero.gic.ericsson.se [10.63.237.245]) by seroius18813.sero.gic.ericsson.se (Postfix) with ESMTP id 4AAC09569E; Wed, 17 Dec 2025 10:22:32 +0100 (CET) Received: by seroius08462.sero.gic.ericsson.se (Postfix, from userid 160155) id 2AEB7700DF64; Wed, 17 Dec 2025 10:22:32 +0100 (CET) From: <daniel.turull@ericsson.com> To: <openembedded-core@lists.openembedded.org> CC: Daniel Turull <daniel.turull@ericsson.com>, Saravanan <saravanan.kadambathursubramaniyam@windriver.com>, Steve Sakoman <steve@sakoman.com> Subject: [scarthgap][PATCH] cmake-native: fix CVE-2025-9301 Date: Wed, 17 Dec 2025 10:22:24 +0100 Message-ID: <20251217092224.3482254-1-daniel.turull@ericsson.com> X-Mailer: git-send-email 2.44.1 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AMS0EPF000001A6:EE_|AM7PR07MB6407:EE_ X-MS-Office365-Filtering-Correlation-Id: 9c70f8af-e7fe-445f-1676-08de3d4dcfc3 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|36860700013|376014|1800799024; X-Microsoft-Antispam-Message-Info: DrzrZE5v5rxtXcm7bqHKEWDdWZO6832IawJMgTJpC1vyPtV8UeZK5Nou9GD26In6Ldkw3D71SabTJRFiute9ZrP9CcbOLh/6ujIK3TGEn+PRMvy56PM5zMQ/i4sqg9qaPUUDFCEbqzBdllL0F8jBBA1N3QWXMXM/TZS4X4W1SssIHD0AgQMPY8lOpzTVPdeqrIDixi39hyVNTq++laI+TBt5gYlD6w2dZfhmvcMO5sDxWOEA6l08Byg1iMHLoPgLLysd5Aq1fb69QKTmuXDLRE9EWgrZZGGVK3ngbqnyfVo8K3yBAol+iE0WVoVZ1e4oDGCSRDivPOY5aHOSD94wiLsG6NSVsuUTGR7v19de5kzpvkcc//1ybN118dQMdQOqUXRsZELzjdUVGVKeR98YXgPMjT9bLc2wrkOqkJwi+zHcziW3TIGT2SSsyVbfAJGfNUiaPiCSWEgjWKRXB94y1WK7OHygHtUxXnut3p6G5IlbYUTiW52IV7UUYoYPPMbqoSufljF45igC7tuK7Xx/RVCLj6BsZK1DFW6ErGZ4H3dPBY9Rz0Cecv//fAipWqOTkuKYuE11RQQzvc0qWfvRC7uWHrzzgAfAEqW/EZdCytclmAeyqAmgP5lr1TGekkfhOpujs4rV2ZfscixiucLpa88nXZfPHtGzPAs86gDNeEJFdC/PMd53bxf/ZNRyRvUSfkdqGrJwDSdmKcwYWmh/OvxMZGnuQKG040dDM/xoMGl0bIIG6ZuX1U3CYR+b9yOT/Hmawm9te2JKdxtMVn7K4/cTkGyOzLQpAaqPwRFViGlpsVPIjkwTryiGjZhTCwfObY4z7K90mNV0xqYTJCUrpGzddE65fvboQS5H/6hfeMgCXOItzVNJn9zhAbCECiyDMSfaBT96KCIBrLuFysExKYH1blHWCI+67txwS+f6jO9SXh8baTfOYoDr38cR2gF8JHcexF1viWaeG41liSIOB3b0/gvf5klRibLfOMcvPwx0k2Fm/CpgoC4vC/U2yRxEgqekiiPdowPMHM2vbXMl9LMJqjiH2ZPcKkvklHgBr8ahUmAF9s3H3BsBThDFaGA6GRBq3RdkDU/3cRMWYcwrboQkr7JCuxsCyyfN0gtQVK3CNUl6wGEr4m6BrhCQ9jCo/u4oQNZUavzWHrvocLzBLmhv0gw+sHRTULDgNqUvZ64rdaCTworISLEOL2wsXD8owvF4GPmgYNEw+c8UoApfLnJSUUdYNsBc7J9mYonLxzr+G/WO7+g/5HbwEnZi9JUjlKpUQvXFuf+DWDXIJgbAbJ4in7hJrw10ALt1SkgEy4Fs0YtwR9Z36ObamqGH8K4hDauiF3gOGhCKrIEEalfrW/5b6fB3qhH+FkPgnT16fIh/7f+3/rcFDW8/NKQIJGlh1R5/oF9AhPUA0n+wCOWj5lKLvZLiHSLzU3pLYCpv1Z43QOGIWBzuDzWXZ89kO2jOU+MOkcMXwnKYxUjpyQhDwW+FwJAub6XaW3bb00d/2kaWwchDwvfu5KCEaESQAABUiUFdkQLckUrIOnCDDXHBLSjBOWSvUhRj16kw+M/KSfo= X-Forefront-Antispam-Report: CIP:192.176.1.74;CTRY:SE;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:oa.msg.ericsson.com;PTR:office365.se.ericsson.net;CAT:NONE;SFS:(13230040)(82310400026)(36860700013)(376014)(1800799024);DIR:OUT;SFP:1101; X-OriginatorOrg: ericsson.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Dec 2025 09:22:34.0020 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9c70f8af-e7fe-445f-1676-08de3d4dcfc3 X-MS-Exchange-CrossTenant-Id: 92e84ceb-fbfd-47ab-be52-080c6b87953f X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=92e84ceb-fbfd-47ab-be52-080c6b87953f;Ip=[192.176.1.74];Helo=[oa.msg.ericsson.com] X-MS-Exchange-CrossTenant-AuthSource: AMS0EPF000001A6.eurprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7PR07MB6407 List-Id: <openembedded-core.lists.openembedded.org> X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for <openembedded-core@lists.openembedded.org>; Wed, 17 Dec 2025 09:22:45 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/228010 |
| Series |
[scarthgap] cmake-native: fix CVE-2025-9301
|
expand
|
diff --git a/meta/recipes-devtools/cmake/cmake-native_3.28.3.bb b/meta/recipes-devtools/cmake/cmake-native_3.28.3.bb index 376da3254b..7b250752d8 100644 --- a/meta/recipes-devtools/cmake/cmake-native_3.28.3.bb +++ b/meta/recipes-devtools/cmake/cmake-native_3.28.3.bb @@ -7,6 +7,7 @@ SRC_URI += "file://OEToolchainConfig.cmake \ file://environment.d-cmake.sh \ file://0005-Disable-use-of-ext2fs-ext2_fs.h-by-cmake-s-internal-.patch \ file://0001-CMakeLists.txt-disable-USE_NGHTTP2.patch \ + file://CVE-2025-9301.patch \ " LICENSE:append = " & BSD-1-Clause & MIT & BSD-2-Clause & curl"