deleted file mode 100644
@@ -1,38 +0,0 @@
-From 64ef740eb262f329e55eebadf2ce276b146d44e9 Mon Sep 17 00:00:00 2001
-From: Martin Jansa <martin.jansa@gmail.com>
-Date: Tue, 22 Apr 2025 19:06:24 +0200
-Subject: [PATCH] bitvect: fix build with gcc-15
-
-* fixes:
-libyasm/bitvect.h:86:32: error: cannot use keyword 'false' as enumeration constant
- 86 | typedef enum boolean { false = FALSE, true = TRUE } boolean;
- | ^~~~~
-../git/libyasm/bitvect.h:86:32: note: 'false' is a keyword with '-std=c23' onwards
-
-as suggested in:
-https://github.com/yasm/yasm/issues/283#issuecomment-2661108816
-
-Upstream-Status: Submitted [https://github.com/yasm/yasm/pull/287]
-
-Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
----
- libyasm/bitvect.h | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/libyasm/bitvect.h b/libyasm/bitvect.h
-index 3aee3a53..a13470ad 100644
---- a/libyasm/bitvect.h
-+++ b/libyasm/bitvect.h
-@@ -83,7 +83,11 @@ typedef Z_longword *Z_longwordptr;
- #ifdef MACOS_TRADITIONAL
- #define boolean Boolean
- #else
-- typedef enum boolean { false = FALSE, true = TRUE } boolean;
-+ #if __STDC_VERSION__ < 202311L
-+ typedef enum boolean { false = FALSE, true = TRUE } boolean;
-+ #else
-+ typedef bool boolean;
-+ #endif
- #endif
- #endif
-
deleted file mode 100644
@@ -1,37 +0,0 @@
-From eb164bb201c0f792fa8aa78270c47294065183a3 Mon Sep 17 00:00:00 2001
-From: Oleh Matiusha <omatiush@cisco.com>
-Date: Tue, 6 Feb 2024 09:33:11 +0000
-Subject: [PATCH 1/2] yasm: Set build date to SOURCE_DATE_EPOCH
-
-If SOURCE_DATE_EPOCH is set, use it to generate a reproducible
-string for BUILD_DATE.
-
-Signed-off-by: Oleh Matiusha <omatiush@cisco.com>
-
-Upstream-Status: Pending
----
- configure.ac | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/configure.ac b/configure.ac
-index 2823ecd..eeb51ce 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -103,6 +103,14 @@ AM_WITH_DMALLOC
- #
- AC_CHECK_HEADERS([strings.h libgen.h unistd.h direct.h sys/stat.h])
-
-+# Use reproducible build date and time
-+if test "$SOURCE_DATE_EPOCH"; then
-+ DATE_FMT="%d %b %Y %H:%M:%S"
-+ BUILD_DATE=$(LC_ALL=C date -u -d "@$SOURCE_DATE_EPOCH" "+$DATE_FMT")
-+ AC_DEFINE_UNQUOTED([BUILD_DATE], ["$BUILD_DATE"], [Use reproducidle build date])
-+fi
-+
-+
- #
- # Checks for typedefs, structures, and compiler characteristics.
- #
-2.33.0
-
deleted file mode 100644
@@ -1,42 +0,0 @@
-From 19fffab74a201dc41c3da7e74d86eafa8f68bbc6 Mon Sep 17 00:00:00 2001
-From: Oleh Matiusha <omatiush@cisco.com>
-Date: Tue, 6 Feb 2024 09:34:26 +0000
-Subject: [PATCH] yasm: Use BUILD_DATE for reproducibility
-
-Use reproducible build date instead of compilation time and date.
-
-Signed-off-by: Oleh Matiusha <omatiush@cisco.com>
-
-
-Upstream-Status: Pending
----
- tools/re2c/parser.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/tools/re2c/parser.c b/tools/re2c/parser.c
-index 02d5c66..1c90aee 100644
---- a/tools/re2c/parser.c
-+++ b/tools/re2c/parser.c
-@@ -5,6 +5,7 @@
- #include "tools/re2c/globals.h"
- #include "tools/re2c/parse.h"
- #include "tools/re2c/parser.h"
-+#include "config.h"
-
- int yylex(void);
- static RegExp *parse_expr(void);
-@@ -233,7 +234,11 @@ void parse(FILE *i, FILE *o){
- peektok = NONE;
-
- fputs("/* Generated by re2c 0.9.1-C on ", o);
-+#ifndef BUILD_DATE
- fprintf(o, "%-24s", ctime(&now));
-+#else
-+ fprintf(o, "%-24s", BUILD_DATE " ");
-+#endif
- fputs(" */\n", o); oline+=2;
-
- in = Scanner_new(i);
-2.33.0
-
deleted file mode 100644
@@ -1,35 +0,0 @@
-From 1126140b8f5ece18c58640725f0e4c08e5ec97b0 Mon Sep 17 00:00:00 2001
-From: Gyorgy Sarvari <skandigraun@gmail.com>
-Date: Sat, 15 Nov 2025 13:34:15 +0100
-Subject: [PATCH] A potential null pointer difference is that the return value
- of the hash may be null. This fixes CVE-2021-33456.
-
-From: lixuebing <lixuebing@cqsoftware.com.cn>
-Date: Mon, 25 Aug 2025 13:51:28 +0800
-Subject: Fix null-pointer-dereference in hash
-Bug: https://github.com/yasm/yasm/issues/175
-Origin: https://github.com/yasm/yasm/pull/290
-
-CVE: CVE-2021-33456
-Upstream-Status: Submitted [https://github.com/yasm/yasm/pull/290]
-
-Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
----
- modules/preprocs/nasm/nasm-pp.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/modules/preprocs/nasm/nasm-pp.c b/modules/preprocs/nasm/nasm-pp.c
-index f9f92dd1..473d98c1 100644
---- a/modules/preprocs/nasm/nasm-pp.c
-+++ b/modules/preprocs/nasm/nasm-pp.c
-@@ -1102,6 +1102,10 @@ hash(char *s)
- {
- unsigned int h = 0;
- unsigned int i = 0;
-+ /* Check if the input string is NULL to avoid null pointer dereference */
-+ if (s == NULL) {
-+ return 0;
-+ }
- /*
- * Powers of three, mod 31.
- */
deleted file mode 100644
@@ -1,34 +0,0 @@
-From 3c3f968d48d768c1e355199d4067d99cb72abc26 Mon Sep 17 00:00:00 2001
-From: Gyorgy Sarvari <skandigraun@gmail.com>
-Date: Sat, 15 Nov 2025 13:30:12 +0100
-Subject: [PATCH] Handle file descriptors with nonexisting env names better.
- Avoid writing past allocated memory.
-
-This fixes CVE-2021-33464.
-Author: Petter Reinholdtsen <pere@debian.org>
-Bug: https://github.com/yasm/yasm/issues/164
-Bug-Debian: https://bugs.debian.org/1016353
-Forwarded: https://github.com/yasm/yasm/issues/164
-Last-Update: 2025-04-30
-
-CVE: CVE-2021-33464
-Upstream-Status: Submitted [https://github.com/yasm/yasm/issues/164]
-
-Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
----
- modules/preprocs/nasm/nasm-pp.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/modules/preprocs/nasm/nasm-pp.c b/modules/preprocs/nasm/nasm-pp.c
-index 512f02c3..f9f92dd1 100644
---- a/modules/preprocs/nasm/nasm-pp.c
-+++ b/modules/preprocs/nasm/nasm-pp.c
-@@ -1815,7 +1815,7 @@ inc_fopen(char *file, char **newname)
- error(ERR_WARNING, "environment variable `%s' does not exist",
- p1+1);
- *p2 = '%';
-- p1 = p2+1;
-+ pb = p1 = p2+1;
- continue;
- }
- /* need to expand */
deleted file mode 100644
@@ -1,39 +0,0 @@
-From 81c1b7b0a28f052eaadddcb010944bf67e6ae257 Mon Sep 17 00:00:00 2001
-From: Gyorgy Sarvari <skandigraun@gmail.com>
-Date: Sat, 15 Nov 2025 13:24:21 +0100
-Subject: [PATCH] Make sure CPU feature parsing use large enough string buffer.
- Fixes CVE-2023-29579.
-
-Author: Petter Reinholdtsen <pere@debian.org>
-Bug: https://github.com/yasm/yasm/issues/214
-Bug-Debian: https://bugs.debian.org/1035951
-Forwarded: https://github.com/yasm/yasm/issues/214
-Last-Update: 2025-04-30
-
-This patch is taken from Debian:
-https://sources.debian.org/patches/yasm/1.3.0-8/1000-x86-dir-cpu-CVE-2023-29579.patch/
-
-CVE: CVE-2023-29579
-Upstream-Status: Submitted [https://github.com/yasm/yasm/issues/214]
-
-Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
----
- modules/arch/x86/x86arch.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/modules/arch/x86/x86arch.c b/modules/arch/x86/x86arch.c
-index bac11774..58327958 100644
---- a/modules/arch/x86/x86arch.c
-+++ b/modules/arch/x86/x86arch.c
-@@ -165,8 +165,9 @@ x86_dir_cpu(yasm_object *object, yasm_valparamhead *valparams,
- yasm_error_set(YASM_ERROR_SYNTAX,
- N_("invalid argument to [%s]"), "CPU");
- else {
-- char strcpu[16];
-- sprintf(strcpu, "%lu", yasm_intnum_get_uint(intcpu));
-+ char strcpu[21]; /* 21 = ceil(log10(LONG_MAX)+1) */
-+ assert(8*sizeof(unsigned long) <= 64);
-+ snprintf(strcpu, sizeof(strcpu), "%lu", yasm_intnum_get_uint(intcpu));
- yasm_x86__parse_cpu(arch_x86, strcpu, strlen(strcpu));
- }
- } else
deleted file mode 100644
@@ -1,40 +0,0 @@
-SUMMARY = "x86 (SSE) assembler supporting NASM and GAS-syntaxes"
-LICENSE = "MIT"
-HOMEPAGE = "http://www.tortall.net/projects/yasm/"
-
-LIC_FILES_CHKSUM = "file://COPYING;md5=a12d8903508fb6bfd49d8d82c6170dd9"
-
-DEPENDS += "flex-native bison-native"
-PACKAGECONFIG[docs] = ",,xmlto-native,"
-
-PV = "1.3.0+git"
-# v1.3.0-87
-SRCREV = "121ab150b3577b666c79a79f4a511798d7ad2432"
-SRC_URI = "git://github.com/yasm/yasm.git;branch=master;protocol=https \
- file://0001-yasm-Set-build-date-to-SOURCE_DATE_EPOCH.patch \
- file://0002-yasm-Use-BUILD_DATE-for-reproducibility.patch \
- file://0001-bitvect-fix-build-with-gcc-15.patch \
- file://CVE-2023-29579.patch \
- file://CVE-2021-33464.patch \
- file://CVE-2021-33456.patch \
- "
-
-
-inherit autotools gettext python3native
-
-CACHED_CONFIGUREVARS = "CCLD_FOR_BUILD='${CC_FOR_BUILD}'"
-
-BBCLASSEXTEND = "native"
-
-PARALLEL_MAKE = ""
-
-do_configure:prepend() {
- # Don't include $CC (which includes path to sysroot) in generated header.
- sed -i -e "s/^echo \"\/\* generated \$ac_cv_stdint_message \*\/\" >>\$ac_stdint$"// ${S}/m4/ax_create_stdint_h.m4
-}
-
-CVE_STATUS_GROUPS += "CVE_STATUS_HASH_UPDATE"
-CVE_STATUS_HASH_UPDATE = "CVE-2021-33454 CVE-2023-31975 CVE-2023-37732"
-CVE_STATUS_HASH_UPDATE[status] = "fixed-version: patched in current git hash"
-
-CVE_PRODUCT += "tortall:yasm yasm_project:yasm"
Yasm was introduced as a rewrite of nasm, however its commits have dried up over the years, while its unmitigated CVEs keep piling up. Also, nasm is a healthier project with regular contributions still. There are no known recipes depending on yasm. Let's remove it. Cc: Ross Burton <ross.burton@arm.com> Cc: Yogesh Tyagi <yogesh.tyagi@intel.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> --- v2: added Yogesh Tyagi on Cc, as the maintainer of meta-intel .../0001-bitvect-fix-build-with-gcc-15.patch | 38 ----------------- ...-Set-build-date-to-SOURCE_DATE_EPOCH.patch | 37 ---------------- ...m-Use-BUILD_DATE-for-reproducibility.patch | 42 ------------------- .../yasm/yasm/CVE-2021-33456.patch | 35 ---------------- .../yasm/yasm/CVE-2021-33464.patch | 34 --------------- .../yasm/yasm/CVE-2023-29579.patch | 39 ----------------- meta-oe/recipes-devtools/yasm/yasm_git.bb | 40 ------------------ 7 files changed, 265 deletions(-) delete mode 100644 meta-oe/recipes-devtools/yasm/yasm/0001-bitvect-fix-build-with-gcc-15.patch delete mode 100644 meta-oe/recipes-devtools/yasm/yasm/0001-yasm-Set-build-date-to-SOURCE_DATE_EPOCH.patch delete mode 100644 meta-oe/recipes-devtools/yasm/yasm/0002-yasm-Use-BUILD_DATE-for-reproducibility.patch delete mode 100644 meta-oe/recipes-devtools/yasm/yasm/CVE-2021-33456.patch delete mode 100644 meta-oe/recipes-devtools/yasm/yasm/CVE-2021-33464.patch delete mode 100644 meta-oe/recipes-devtools/yasm/yasm/CVE-2023-29579.patch delete mode 100644 meta-oe/recipes-devtools/yasm/yasm_git.bb