[meta-oe,scarthgap,0/7] hdf5 CVE fixes

Message ID	20251028113247.1761834-1-ankur.tyagi85@gmail.com
Headers	show Return-Path: <ankur.tyagi85@gmail.com> ip: 209.85.210.169, mailfrom: ankur.tyagi85@gmail.com) From: Ankur Tyagi <ankur.tyagi85@gmail.com> To: openembedded-devel@lists.openembedded.org Cc: Ankur Tyagi <ankur.tyagi85@gmail.com> Subject: [oe][meta-oe][scarthgap][PATCH 0/7] hdf5 CVE fixes Date: Wed, 29 Oct 2025 00:32:40 +1300 Message-ID: <20251028113247.1761834-1-ankur.tyagi85@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	hdf5 CVE fixes \| expand [meta-oe,scarthgap,0/7] hdf5 CVE fixes [meta-oe,scarthgap,1/7] hdf5: patch CVE-2025-2913 [meta-oe,scarthgap,2/7] hdf5: patch CVE-2025-2914 [meta-oe,scarthgap,3/7] hdf5: patch CVE-2025-2915 [meta-oe,scarthgap,4/7] hdf5: patch CVE-2025-2923, CVE-2025-6816, CVE-2025-6856 [meta-oe,scarthgap,5/7] hdf5: patch CVE-2025-2924 [meta-oe,scarthgap,6/7] hdf5: patch CVE-2025-2925 [meta-oe,scarthgap,7/7] hdf5: patch CVE-2025-6269, CVE-2025-6270, CVE-2025-6516

Message ID

20251028113247.1761834-1-ankur.tyagi85@gmail.com

Headers

From: Ankur Tyagi <ankur.tyagi85@gmail.com>
To: openembedded-devel@lists.openembedded.org
Cc: Ankur Tyagi <ankur.tyagi85@gmail.com>
Subject: [oe][meta-oe][scarthgap][PATCH 0/7] hdf5 CVE fixes
Date: Wed, 29 Oct 2025 00:32:40 +1300
Message-ID: <20251028113247.1761834-1-ankur.tyagi85@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

hdf5 CVE fixes | expand

Message

Ankur Tyagi Oct. 28, 2025, 11:32 a.m. UTC

Consolidating all CVE fixes for hdf5 together.

Request to please drop patches submitted earlier:
https://lists.openembedded.org/g/openembedded-devel/message/120662
https://lists.openembedded.org/g/openembedded-devel/message/120663
https://lists.openembedded.org/g/openembedded-devel/message/120664
https://lists.openembedded.org/g/openembedded-devel/message/120665

Patch CVE-2025-6269-CVE-2025-6270-CVE-2025-6516_01.patch fixes vulnerability
OSV-2023-77 and is needed to cherry-pick actual CVE fix.

Ankur Tyagi (7):
  hdf5: patch CVE-2025-2913
  hdf5: patch CVE-2025-2914
  hdf5: patch CVE-2025-2915
  hdf5: patch CVE-2025-2923, CVE-2025-6816, CVE-2025-6856
  hdf5: patch CVE-2025-2924
  hdf5: patch CVE-2025-2925
  hdf5: patch CVE-2025-6269, CVE-2025-6270, CVE-2025-6516

 .../hdf5/files/CVE-2025-2913.patch            |  32 +++
 .../hdf5/files/CVE-2025-2914.patch            |  47 ++++
 .../hdf5/files/CVE-2025-2915.patch            |  50 ++++
 ...025-2923-CVE-2025-6816-CVE-2025-6856.patch |  65 +++++
 .../hdf5/files/CVE-2025-2924.patch            |  37 +++
 .../hdf5/files/CVE-2025-2925.patch            |  53 ++++
 ...-6269-CVE-2025-6270-CVE-2025-6516_01.patch |  65 +++++
 ...-6269-CVE-2025-6270-CVE-2025-6516_02.patch | 252 ++++++++++++++++++
 meta-oe/recipes-support/hdf5/hdf5_1.14.4-3.bb |   8 +
 9 files changed, 609 insertions(+)
 create mode 100644 meta-oe/recipes-support/hdf5/files/CVE-2025-2913.patch
 create mode 100644 meta-oe/recipes-support/hdf5/files/CVE-2025-2914.patch
 create mode 100644 meta-oe/recipes-support/hdf5/files/CVE-2025-2915.patch
 create mode 100644 meta-oe/recipes-support/hdf5/files/CVE-2025-2923-CVE-2025-6816-CVE-2025-6856.patch
 create mode 100644 meta-oe/recipes-support/hdf5/files/CVE-2025-2924.patch
 create mode 100644 meta-oe/recipes-support/hdf5/files/CVE-2025-2925.patch
 create mode 100644 meta-oe/recipes-support/hdf5/files/CVE-2025-6269-CVE-2025-6270-CVE-2025-6516_01.patch
 create mode 100644 meta-oe/recipes-support/hdf5/files/CVE-2025-6269-CVE-2025-6270-CVE-2025-6516_02.patch