[1/2] binutils: mark CVE-2025-69652 as fixed

Message ID	20260416191033.921922-1-peter.marko@siemens.com
State	Accepted, archived
Commit	aee71e8677c44645da26203ebcd3f380e4d464dd
Headers	show Return-Path: <peter.marko@siemens.com> ip: 185.136.64.227, mailfrom: fm-256628-20260416191046557db9a40c00020707-yc4nrb@rts-flowmailer.siemens.com) From: Peter Marko <peter.marko@siemens.com> To: openembedded-core@lists.openembedded.org Cc: Peter Marko <peter.marko@siemens.com> Subject: [PATCH 1/2] binutils: mark CVE-2025-69652 as fixed Date: Thu, 16 Apr 2026 21:10:32 +0200 Message-ID: <20260416191033.921922-1-peter.marko@siemens.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Feedback-ID: 519:519-256628:519-21489:flowmailer
Series	[1/2] binutils: mark CVE-2025-69652 as fixed \| expand [1/2] binutils: mark CVE-2025-69652 as fixed [2/2] binutils: patch CVE-2026-4647

Message ID

20260416191033.921922-1-peter.marko@siemens.com

State

Accepted, archived

Commit

aee71e8677c44645da26203ebcd3f380e4d464dd

Headers

From: Peter Marko <peter.marko@siemens.com>
To: openembedded-core@lists.openembedded.org
Cc: Peter Marko <peter.marko@siemens.com>
Subject: [PATCH 1/2] binutils: mark CVE-2025-69652 as fixed
Date: Thu, 16 Apr 2026 21:10:32 +0200
Message-ID: <20260416191033.921922-1-peter.marko@siemens.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Feedback-ID: 519:519-256628:519-21489:flowmailer

Series

[1/2] binutils: mark CVE-2025-69652 as fixed | expand

Commit Message

Peter Marko April 16, 2026, 7:10 p.m. UTC

From: Peter Marko <peter.marko@siemens.com>

Fix commit [1] mentioned in the NVD report [2] is aleady included in
2.46 even when NVD says <= 2.46

$ git tag --contains 44b79abd0fa12e7947252eb4c6e5d16ed6033e01
binutils-2_46

[1] https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=44b79abd0fa12e7947252eb4c6e5d16ed6033e01
[2] https://nvd.nist.gov/vuln/detail/CVE-2025-69652

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/recipes-devtools/binutils/binutils-2.46.inc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-devtools/binutils/binutils-2.46.inc b/meta/recipes-devtools/binutils/binutils-2.46.inc
index d41a3a3f1a..6ae6cef352 100644
--- a/meta/recipes-devtools/binutils/binutils-2.46.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.46.inc
@@ -21,6 +21,7 @@  UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P<pver>\d+_(\d_?)*)"
 CVE_STATUS[CVE-2025-69650] = "disputed: observed behavior only in pre-release code, does not affect any tagged version"
 CVE_STATUS[CVE-2025-69651] = "disputed: observed behavior only in pre-release code, does not affect any tagged version"
 CVE_STATUS[CVE-2025-69649] = "fixed-version: Fixed from version 2.46"
+CVE_STATUS[CVE-2025-69652] = "fixed-version: Fixed from version 2.46"
 
 SRCREV ?= "49d4d3fafa4ec4ff5a3460d91d5b1ed5286487db"
 BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${SRCBRANCH};protocol=https"

[1/2] binutils: mark CVE-2025-69652 as fixed

Commit Message

Patch