From patchwork Tue Jun 10 19:33:56 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 64750
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id A3880C677C4
	for <webhook@archiver.kernel.org>; Tue, 10 Jun 2025 19:34:29 +0000 (UTC)
Received: from mail-pg1-f180.google.com (mail-pg1-f180.google.com
 [209.85.215.180])
 by mx.groups.io with SMTP id smtpd.web10.96404.1749584067372398820
 for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:27 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=OkaPUBrp;
 spf=softfail (domain: sakoman.com, ip: 209.85.215.180,
 mailfrom: steve@sakoman.com)
Received: by mail-pg1-f180.google.com with SMTP id
 41be03b00d2f7-b2c4476d381so194486a12.0
        for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1749584066;
 x=1750188866; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=6mYBC/Uk6DlYBTpt3YTyEg4Bgp6I1qLpEy4190Yp77M=;
        b=OkaPUBrp9VWxA8DDcZY/8IoJOc8wZ1n8dWjMwsKQb64arPexVVZA+mp60WGFsEbsjq
         S7A7hdHZhLSBAti+LvwENb2AVcyR8tnVeAUFQreiQVwE479FeJziFhAE2ziIngOYNiq5
         bBywX2+RWhP9+9/JpIA48weMoME2tohMBIxIDZb348XQhFPp3VqGZhxIZi8OyBSaXeWe
         kKFYf9RtVPpogIH2BSxzJrokykPqJBa/UClA2BOyNOsNv4owuOYbmHALrNchof9HchXV
         G0pK7arzeX/xRrQ7/gPUOascixhpFYto4/RJSu/CDNFt+edH/KdlXKzcDMTXz5HAGlFE
         xBYQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1749584066; x=1750188866;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=6mYBC/Uk6DlYBTpt3YTyEg4Bgp6I1qLpEy4190Yp77M=;
        b=FpsrC98wMwDshh0XkLdcAO/DAn8Yk7qgh4Tzs/1YTrvsFCvrk7w6ZBB9y0aJ2O9Y7X
         VVnTqhDHfzvLXJ03pdrk8e2wvmXeCSRUDlkLRVFqUrgmZlxvYU7UrXdppbD61GWc0GST
         +FfTq7qfMBlNZfSFWcGJo8QJN8tmumKiOTbTZBno+b6hstOhIyzgsRZ4ICo+iYV+rLBE
         wRiEY2Zu/onkTXiZUXDAFRFo89ZMEjjbNBIsmxIPJDhUBEGbqjHwclR8PS0Bfa43mJRt
         NGfZromt4SnxSYSnEpvfhRFBlM+b3A/igLTKOK0GuJgp455rh2kJL9I8qGDnHlZ69tzb
         iOAw==
X-Gm-Message-State: AOJu0Yx47QHYeMBl9Vor+kVuDUk3d96ByWEiHildXT1dca0dEYiW86TQ
	kWskmbilchFdKXHero9dup2FIJqvrXzpZYjkEHuY/oioi48ofneDSt7g6BQXLym+lJ5V2sLASaJ
	ZIVgU
X-Gm-Gg: ASbGnctN0lLQMhCBNzmL0HOQpO23DqUSMSuiCvhw51iObUQsM6KY/cUAtkbcMzILuO9
	vVsBSjo2JwaFY/h9HukTwjnlOr/psePVz4OgGZLCBXsxwSO65RbYFwXiRUBrv7+PgjLTA8Gc00j
	XxXtRGnNaJjk0wYpQ0DQRkAl0/c2G+PceRHfz7SGY0RTHf5dpSsSD7wIqWQqXo0h25HVRyLpBCE
	XiVv9vg+IdNe681K9wWdO9vYHxuONrOeVCOWQLGn1NZdKYnWh7tkBVJYkZVxD0SACVfRmAR/WYo
	kuhsbMAhMQLHo6pmBgRweS8/dSaRz2cOChnqwXY0ZTucPYXy63buig==
X-Google-Smtp-Source: 
 AGHT+IFstF2hrAxSpKwccqb4oOo5Ay9QxtzOPkcmdCE8a4FWTqMMnjhVw3h8yKi8ggpICkuaU4MwNQ==
X-Received: by 2002:a17:90b:5103:b0:30e:e9f1:8447 with SMTP id
 98e67ed59e1d1-313af812af2mr765827a91.4.1749584066322;
        Tue, 10 Jun 2025 12:34:26 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:7bc4:2c75:fa51:ff16])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-313b10c7a88sm73897a91.33.2025.06.10.12.34.25
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 10 Jun 2025 12:34:26 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 01/16] libsoup-2.4: fix CVE-2025-32052
Date: Tue, 10 Jun 2025 12:33:56 -0700
Message-ID: 
 <f3890f25cc036fd184578d7b85e6410ee97dc3ad.1749583904.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1749583904.git.steve@sakoman.com>
References: <cover.1749583904.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 10 Jun 2025 19:34:29 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/218406

From: Changqing Li <changqing.li@windriver.com>

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/425

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup-2.4/CVE-2025-32052.patch  | 32 +++++++++++++++++++
 .../libsoup/libsoup-2.4_2.74.3.bb             |  1 +
 2 files changed, 33 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32052.patch

diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32052.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32052.patch
new file mode 100644
index 0000000000..34bc8113a4
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32052.patch
@@ -0,0 +1,32 @@
+From f4a67a9a3033586edaee715d40d5992e02d32893 Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Sat, 16 Nov 2024 12:07:30 -0600
+Subject: [PATCH] Fix heap buffer overflow in soup_content_sniffer_sniff
+
+Co-Author: Ar Jun <pkillarjun@protonmail.com>
+
+CVE: CVE-2025-32052
+Upstream-Status: Backport
+[https://gitlab.gnome.org/GNOME/libsoup/-/commit/f182429e5b1fc034050510da20c93256c4fa9652#500da7cfde649872c49169be34b03a1c42a53ddb]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-content-sniffer.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-content-sniffer.c b/libsoup/soup-content-sniffer.c
+index 9554636..eac9e7b 100644
+--- a/libsoup/soup-content-sniffer.c
++++ b/libsoup/soup-content-sniffer.c
+@@ -504,7 +504,7 @@ sniff_unknown (SoupContentSniffer *sniffer, SoupBuffer *buffer,
+ 			guint index_pattern = 0;
+ 			gboolean skip_row = FALSE;
+ 
+-			while ((index_stream < resource_length) &&
++			while ((index_stream < resource_length - 1) &&
+ 			       (index_pattern <= type_row->pattern_length)) {
+ 				/* Skip insignificant white space ("WS" in the spec) */
+ 				if (type_row->pattern[index_pattern] == ' ') {
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
index 9a2778bf92..96bb53a033 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
@@ -34,6 +34,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-4969.patch \
            file://CVE-2025-32907.patch \
            file://CVE-2025-32053.patch \
+           file://CVE-2025-32052.patch \
 "
 SRC_URI[sha256sum] = "e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13"
 

From patchwork Tue Jun 10 19:33:57 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 64752
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 7E57BC61DB2
	for <webhook@archiver.kernel.org>; Tue, 10 Jun 2025 19:34:39 +0000 (UTC)
Received: from mail-pg1-f172.google.com (mail-pg1-f172.google.com
 [209.85.215.172])
 by mx.groups.io with SMTP id smtpd.web11.95765.1749584069926158612
 for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:29 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=HWfKeTBh;
 spf=softfail (domain: sakoman.com, ip: 209.85.215.172,
 mailfrom: steve@sakoman.com)
Received: by mail-pg1-f172.google.com with SMTP id
 41be03b00d2f7-b2fa3957661so2292611a12.2
        for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1749584069;
 x=1750188869; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=Ci55BRtrDMNbdTxKFWabgR1PoIodfHb3ua29TjA1yIc=;
        b=HWfKeTBhGwUBdLk4d5hJqKKdlnM3IPjEq287zzsRBaM/xgyc1bjUvDrtamb9nmn0eA
         kDLGF5y5zeJGfXGEwkVQ1BDQ+mqq3vYx65j1y0BFQoFbY7YXgIOOxuP1+lUdGpAib2xt
         +mwLse15E+eGmrd3O0IZUzOQzckQsPM2b5TDA0GHYUPc/Hn8F1aC1VqB0+KpeWp/bH9g
         IxxgRL1JlaUsyVMC1+1sKb4Ph2joNSSkNPKyBzJvX26gv92zE8D2l6wgTHKo6LHiSZdl
         7jewGHvi9d3LG07IOY0GayO/XHxXGXCkPsufbMR8z6xvsWYF7crV1ot557M4oM2VKVel
         3W4w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1749584069; x=1750188869;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=Ci55BRtrDMNbdTxKFWabgR1PoIodfHb3ua29TjA1yIc=;
        b=T+SfPrm2L2FQzYdIdOOqZiMYvTDt4VDVlYlfySaiAuNmmdOYNnP0jKRiY7UHUtMDOm
         v2dV0X/zdUdxWWXyh/obXK4LwIp9Hi6P51P6chy+xD/G8h/68dv8Al3cwrZcOdD0wZKa
         AGZykO/SXUXJMpGzCXVXb9kFfQ1hTeL5sKEfCfz+9vJLQARSKSr48x7x6oR1k/mQZyzZ
         yF3s5iT8lHP+qjzNc7c1NGdAJYskxmN6b+5EhP9oesRL7MwtBYlJEZGzx2FYvklOu8RZ
         Pi4HNHq+TPWrf+6KrAJfkappga49Wq7EYtZPd1w+RYBxiCPuyvoIU8KxVkGahlluFc9o
         9pOw==
X-Gm-Message-State: AOJu0YyMSY1FjTyHjOLpK8Rnmf6Qb0/m6e4llVWVf4RGnijWjn3URm63
	AWZkorME8WbQ+wAIR+OxAFYLCLNQ/GWsEzKIcY37uRavm3Wzl6R1c6KldJ78H1Mx84gi2s8WKTO
	XX4SI
X-Gm-Gg: ASbGncuxjuRAuOmbFP/Vp6cDLAozV6EBDxxjavv9BblqU14FNvM4R75hT29LPC6MvIB
	h6X1+epc7BiallrRE9KPJ2Zd2bqDZxIQdLrsf8VqXOWMfFP70/+fndIhs+gv0c8aUQ89f9YAWeq
	zfzz/NbONajtNqFgy/H2DdVVRcsxUZz1AV6kZBC20evAtLqin/yNRfgtyhi5ycoEo2RsAsDaV0n
	xarWkw2/X3woYg/y6GJaAxBTXK0aaABvipC0xLA2oM8xuvYam5FvfrCXvKTEwMcBa+OR5ghAQrM
	XBhCE/xChN/AsFj0DJju3MlfLd8g9mkpJq9d/nQNY4z4/nHOs3ea1g==
X-Google-Smtp-Source: 
 AGHT+IGDwJkcwPc+k3ayVDlVAm3BfubPaMXadnWjsANHChuXTekhu0w42WeRAJh/k/N1dXwCwYYEGg==
X-Received: by 2002:a17:90b:3901:b0:311:ea13:2e6e with SMTP id
 98e67ed59e1d1-313af1ddd5dmr965420a91.28.1749584069128;
        Tue, 10 Jun 2025 12:34:29 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:7bc4:2c75:fa51:ff16])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-313b10c7a88sm73897a91.33.2025.06.10.12.34.28
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 10 Jun 2025 12:34:28 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 02/16] libsoup: fix CVE-2025-32052
Date: Tue, 10 Jun 2025 12:33:57 -0700
Message-ID: 
 <9a8a5072969a326e296d840296cb475fb3c0e2ff.1749583904.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1749583904.git.steve@sakoman.com>
References: <cover.1749583904.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 10 Jun 2025 19:34:39 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/218407

From: Changqing Li <changqing.li@windriver.com>

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/425

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup-3.4.4/CVE-2025-32052.patch        | 31 +++++++++++++++++++
 meta/recipes-support/libsoup/libsoup_3.4.4.bb |  1 +
 2 files changed, 32 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32052.patch

diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32052.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32052.patch
new file mode 100644
index 0000000000..78b712070b
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32052.patch
@@ -0,0 +1,31 @@
+From 779bcb279b1dc4eb8bcb22c5e727b1174630c3fc Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Sat, 16 Nov 2024 12:07:30 -0600
+Subject: [PATCH] Fix heap buffer overflow in soup_content_sniffer_sniff
+
+Co-Author: Ar Jun <pkillarjun@protonmail.com>
+
+CVE: CVE-2025-32052
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/f182429e5b1fc034050510da20c93256c4fa9652]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/content-sniffer/soup-content-sniffer.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libsoup/content-sniffer/soup-content-sniffer.c b/libsoup/content-sniffer/soup-content-sniffer.c
+index 23d5aaa..aeee2e2 100644
+--- a/libsoup/content-sniffer/soup-content-sniffer.c
++++ b/libsoup/content-sniffer/soup-content-sniffer.c
+@@ -529,7 +529,7 @@ sniff_unknown (SoupContentSniffer *sniffer, GBytes *buffer,
+ 			guint index_pattern = 0;
+ 			gboolean skip_row = FALSE;
+ 
+-			while ((index_stream < resource_length) &&
++			while ((index_stream < resource_length - 1) &&
+ 			       (index_pattern <= type_row->pattern_length)) {
+ 				/* Skip insignificant white space ("WS" in the spec) */
+ 				if (type_row->pattern[index_pattern] == ' ') {
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
index ff0ae0afad..e7dccb6380 100644
--- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
@@ -37,6 +37,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32907-1.patch \
            file://CVE-2025-32907-2.patch \
            file://CVE-2025-32053.patch \
+           file://CVE-2025-32052.patch \
 "
 SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa"
 

From patchwork Tue Jun 10 19:33:58 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 64757
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id C11E2C71136
	for <webhook@archiver.kernel.org>; Tue, 10 Jun 2025 19:34:39 +0000 (UTC)
Received: from mail-pl1-f180.google.com (mail-pl1-f180.google.com
 [209.85.214.180])
 by mx.groups.io with SMTP id smtpd.web11.95766.1749584071643644569
 for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:31 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=xDKGCp5k;
 spf=softfail (domain: sakoman.com, ip: 209.85.214.180,
 mailfrom: steve@sakoman.com)
Received: by mail-pl1-f180.google.com with SMTP id
 d9443c01a7336-2349f096605so70084385ad.3
        for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1749584071;
 x=1750188871; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=vrL4QCsw9nvYF7sM5SkuxYxV3KLu+JdAR5iRxLzkmmI=;
        b=xDKGCp5kUFvx1QzW3Ol6zL4CdSehCXRMQV4blna5+uHpqo/LQ/x2BLMuCmkEb1UPI9
         d6yj1/O2/dE/9PtyyGpe15jhuK7jeMcHTsygKmoxTxsw78wMcliCZ/YOumG2f+y9fIVZ
         hj7UEPgVwrVXNgTSpRjdV0msglqlB334zxsrtgGS+nGuM1rQYrBsXQeI0sC3TGgss1/o
         JUhwWTVjrR8lqQqUnr4qmn9BH9myayiJ4EbaSlC205OfBBStTPCDA9Pmt3INUJNnKa1A
         OjFVzuapHrWczqykNxLe3g+3SYPiRKQwAmt/AmHBwf6QDRB/N5OrZW305PjQTqCM3f9b
         e4iw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1749584071; x=1750188871;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=vrL4QCsw9nvYF7sM5SkuxYxV3KLu+JdAR5iRxLzkmmI=;
        b=l2yNlB53HaFKkmwLTgZpmMZ6k//BtFyavIWxgqOURHPfIsE6E7Yzq9F4sfLeWDte6V
         o/TJUduQXVG9TsTGy9oOjFMxZq7RHMXdVdPuqUOzNZx0vaLBh+nvjU7hBaSVc43LHRsv
         xRY/vHX12RsshGK0c7kbcxH56y8Y7GKMIdF06gYbbwJ/BsB+RdsJVrVHpFKGnDBwq/zs
         nuUECYA5fSe/pnXXOjFV+WugE4syqg4UfecieBkjfeRQsPm5d5AqVMXNE31/4D31W+Fp
         F4XKhS3XQQVEFH9bmV2B5EPxRVaaFpT7Gxtt4egDQI/AYNcLKee0opVlzdISO/f2fds7
         Ux+A==
X-Gm-Message-State: AOJu0YyhwsXB4s84049RXtRs9d9OVJ4y7DGnCCkWVYN0col25uAm3q3g
	ushiY4C/qnLzhiWQFr3yn36mrCUYAVrcN9K5aDBuBxgDnwvZY2/Ssw6B9YZG87Xrtt4jOhLGBY5
	ZIxnN
X-Gm-Gg: ASbGncswCUqUc77po0J+wvSRyC2Qg+8BtLNEWiE4Nr/7x89CpaokhD2wFFBrnH/2pqq
	cQWJxwk1mHzVDVM/Y1V7hVuD1iB246/sJmTPaamqGPy/FNBt7ZPrDyjJTNAXjv6RrYim2wosOC6
	D2RgqlhrQF4Ao4R8dNkydrccI3bndR1oiiUftfGb3ukPG3VcEjlCH69gnheN0Ht+dlmO2QBbTN6
	hPmeP6v3CxsDU2x6FMxyx0u6TwTma5GsCEtFjgXNNgwBQchJiqYg3f45sg2PQPAUDC7I77OlfUA
	bMtT5uAFVE4zwU5+mCtn/ait/WJOsooZl8soqXJmbi9dyHi/qu+4yg==
X-Google-Smtp-Source: 
 AGHT+IEAGcn5iPjVFN4dhLvX/c/Rn5Mce3XZ5scwBrcahsEA+yXia4OYG6Blt14Samye1PPZLV1FEg==
X-Received: by 2002:a17:903:32c1:b0:235:a9b:21e7 with SMTP id
 d9443c01a7336-23641b2654bmr6979925ad.48.1749584070871;
        Tue, 10 Jun 2025 12:34:30 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:7bc4:2c75:fa51:ff16])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-313b10c7a88sm73897a91.33.2025.06.10.12.34.30
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 10 Jun 2025 12:34:30 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 03/16] libsoup: fix CVE-2025-32051
Date: Tue, 10 Jun 2025 12:33:58 -0700
Message-ID: 
 <dd92cad39759b7ad105d8bcd42672847a273bccc.1749583904.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1749583904.git.steve@sakoman.com>
References: <cover.1749583904.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 10 Jun 2025 19:34:39 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/218408

From: Changqing Li <changqing.li@windriver.com>

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/401

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup-3.4.4/CVE-2025-32051-1.patch      | 29 ++++++++++
 .../libsoup-3.4.4/CVE-2025-32051-2.patch      | 57 +++++++++++++++++++
 meta/recipes-support/libsoup/libsoup_3.4.4.bb |  2 +
 3 files changed, 88 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-2.patch

diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-1.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-1.patch
new file mode 100644
index 0000000000..efeda48b11
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-1.patch
@@ -0,0 +1,29 @@
+From dc5db30989f385303c79ec3188c52e33f6f5886e Mon Sep 17 00:00:00 2001
+From: Ar Jun <pkillarjun@protonmail.com>
+Date: Sat, 16 Nov 2024 11:50:09 -0600
+Subject: [PATCH 1/2] Fix possible NULL deref in soup_uri_decode_data_uri
+
+CVE: CVE-2025-32051
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/0713ba4a719da938dc8facc89fca99cd0aa3069f]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-uri-utils.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libsoup/soup-uri-utils.c b/libsoup/soup-uri-utils.c
+index be2b79b..0251279 100644
+--- a/libsoup/soup-uri-utils.c
++++ b/libsoup/soup-uri-utils.c
+@@ -303,6 +303,8 @@ soup_uri_decode_data_uri (const char *uri,
+ 
+         uri_string = g_uri_to_string (soup_uri);
+         g_uri_unref (soup_uri);
++        if (!uri_string)
++                return NULL;
+ 
+         start = uri_string + 5;
+         comma = strchr (start, ',');
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-2.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-2.patch
new file mode 100644
index 0000000000..24c184bb86
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32051-2.patch
@@ -0,0 +1,57 @@
+From 7d1557a60145927806c88d321e8322a9d9f49bb2 Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Fri, 22 Nov 2024 13:39:51 -0600
+Subject: [PATCH 2/2] soup_uri_decode_data_uri(): Handle URIs with a path
+ starting with //
+
+CVE: CVE-2025-32051
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/79cfd65c9bd8024cd45dd725c284766329873709]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-uri-utils.c | 8 ++++++++
+ tests/uri-parsing-test.c | 2 ++
+ 2 files changed, 10 insertions(+)
+
+diff --git a/libsoup/soup-uri-utils.c b/libsoup/soup-uri-utils.c
+index 0251279..1ff11cd 100644
+--- a/libsoup/soup-uri-utils.c
++++ b/libsoup/soup-uri-utils.c
+@@ -286,6 +286,7 @@ soup_uri_decode_data_uri (const char *uri,
+         gboolean base64 = FALSE;
+         char *uri_string;
+         GBytes *bytes;
++        const char *path;
+ 
+         g_return_val_if_fail (uri != NULL, NULL);
+ 
+@@ -301,6 +302,13 @@ soup_uri_decode_data_uri (const char *uri,
+         if (content_type)
+                 *content_type = NULL;
+ 
++        /* g_uri_to_string() is picky about paths that start with `//` and will assert. */
++        path = g_uri_get_path (soup_uri);
++        if (path[0] == '/' && path[1] == '/') {
++                g_uri_unref (soup_uri);
++                return NULL;
++        }
++
+         uri_string = g_uri_to_string (soup_uri);
+         g_uri_unref (soup_uri);
+         if (!uri_string)
+diff --git a/tests/uri-parsing-test.c b/tests/uri-parsing-test.c
+index 1f16273..418391e 100644
+--- a/tests/uri-parsing-test.c
++++ b/tests/uri-parsing-test.c
+@@ -141,6 +141,8 @@ static struct {
+         { "data:text/plain;base64,aGVsbG8=", "hello", "text/plain" },
+         { "data:text/plain;base64,invalid=", "", "text/plain" },
+         { "data:,", "", CONTENT_TYPE_DEFAULT },
++        { "data:.///", NULL, NULL },
++        { "data:/.//", NULL, NULL },
+ };
+ 
+ static void
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
index e7dccb6380..9af7de192f 100644
--- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
@@ -38,6 +38,8 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32907-2.patch \
            file://CVE-2025-32053.patch \
            file://CVE-2025-32052.patch \
+           file://CVE-2025-32051-1.patch \
+           file://CVE-2025-32051-2.patch \
 "
 SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa"
 

From patchwork Tue Jun 10 19:33:59 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 64753
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 7B53BC677C4
	for <webhook@archiver.kernel.org>; Tue, 10 Jun 2025 19:34:39 +0000 (UTC)
Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com
 [209.85.214.172])
 by mx.groups.io with SMTP id smtpd.web10.96405.1749584073075803212
 for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:33 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=a+R9A049;
 spf=softfail (domain: sakoman.com, ip: 209.85.214.172,
 mailfrom: steve@sakoman.com)
Received: by mail-pl1-f172.google.com with SMTP id
 d9443c01a7336-234c5b57557so55104645ad.3
        for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1749584072;
 x=1750188872; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=yACBrJUSnmmne8HnIO14GFqinCch1pZ81EeZIYcM9uQ=;
        b=a+R9A0494ApHO9qh/LEh2R7sAhzTMqy/chWpJwY8iDlxZb5qSGTEGWaEjK26J8JDAT
         mFwgKtK3w+2mPh6DPcKiaeFn6+IoQrm3QCbk521hQXxNUkA5DpTHIwyCI8ZFoPjhuF5T
         rGNIn2JlY59zzTBHzosgK50lIEVKlWZc/7+dOfMeTEyN3ruLRQu0SHX3jKuoO1i6bVzR
         TrbRz5P1nH7By0qtk7di77ZECXwa56joo7rKlIZHy+ocwNDPGyeG9we9EZ+GYZUGVwvW
         SjS67YxHD4iCH1b7SwRjXqJ8KRrn/dQXRSAUuLiRTW0vH9XcMRC7FSv2HgtPa8Aq807L
         MVNQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1749584072; x=1750188872;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=yACBrJUSnmmne8HnIO14GFqinCch1pZ81EeZIYcM9uQ=;
        b=Xy4G4EQ84Ygl0LC4be4pEvEw62U2DN4AaS3LJvpVU1kCfJDkl+AOVjNJPH2W37Rf5/
         0MhYYlxuMiGbAtynXEJh2uPO/ugEJeNlYPQugcNHMGJiSdga1/uUvDr6Gimg8AuVwHPF
         +JoznCh4cMK2QmzaBzTm2QN5cvm6y90k8ZY+21s77YS99mzNzn+vvu0csfCuupbYd3/I
         5sRbKHjVudoI8+QCNyz4DLBjWhW7eyB9aNBzPoJadASTKcd+CxZeaQSvuOicYtQHLH3a
         Q7sIr5hKu37itzs5ebt0FI4adaNffu/HJmVDxEBQPOVeb1NT+qaOTia3e1S0E6TVbde9
         9Kmg==
X-Gm-Message-State: AOJu0YxMjNdd7nEIMj/lc1r4GveTlFz9haMhKPutPVSl+g6YhZ0qgBlx
	SuBXs3/DRwVVys7VUKlGGhfT2EuuQwgqZoQWcFjC85Bb+xmc9F1DH4uK28x1emQNIB35CRUNsqK
	DiiSE
X-Gm-Gg: ASbGncvyupQvDgjiUqMTAUhxRHCa3qpzfc9JCsjgTF24bgekRDIkJYalNi+PNJ5Nojf
	XUj4NxrtEc1orIeFrE2sglbhubKtPDrbVgIEs0knRLGD/aAEERnm3N1oXlKWrXTt7YiBmBZgzO9
	eV1KgQP+2jtQoQ3Yqp+YR+F83Y9IDbAsrrfZbMXRpapueB0Mz6gqsVvvzvNSL1Tg+SjSGxAnZEJ
	0cLJw51tFv9dRYgSwhn8I3J6JGntpcJHHBV5c5gdkbbMPMbu3LTXBC67XTToy+bHWCDTa6aRh98
	ZwwtPthZJylleoO5ErrGupwElo2z4BxzKd4KOUKgZQGew/mVW+g8rA==
X-Google-Smtp-Source: 
 AGHT+IEp02+aooUF9VpHdteytHKlyDH9D7u7IsNah3bjfGjOoKqvd2BfU3zgsISSdkI1XNA2LwF3uw==
X-Received: by 2002:a17:903:1acb:b0:235:27b6:a897 with SMTP id
 d9443c01a7336-23642683e40mr565795ad.34.1749584072267;
        Tue, 10 Jun 2025 12:34:32 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:7bc4:2c75:fa51:ff16])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-313b10c7a88sm73897a91.33.2025.06.10.12.34.31
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 10 Jun 2025 12:34:32 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 04/16] libsoup-2.4: fix CVE-2025-32050
Date: Tue, 10 Jun 2025 12:33:59 -0700
Message-ID: 
 <d16627901125854f5346711e96d635c704438705.1749583904.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1749583904.git.steve@sakoman.com>
References: <cover.1749583904.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 10 Jun 2025 19:34:39 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/218409

From: Changqing Li <changqing.li@windriver.com>

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/424

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup-2.4/CVE-2025-32050.patch  | 29 +++++++++++++++++++
 .../libsoup/libsoup-2.4_2.74.3.bb             |  1 +
 2 files changed, 30 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32050.patch

diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32050.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32050.patch
new file mode 100644
index 0000000000..c032846ef0
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32050.patch
@@ -0,0 +1,29 @@
+From 5709dfffb6fdc5b66ce001bf82a755ad8ad1d992 Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Mon, 28 Oct 2024 12:29:48 -0500
+Subject: [PATCH] Fix using int instead of size_t for strcspn return
+
+CVE: CVE-2025-32050
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/9bb0a55de55c6940ced811a64fbca82fe93a9323]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-headers.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-headers.c b/libsoup/soup-headers.c
+index 9707ca0..67905b2 100644
+--- a/libsoup/soup-headers.c
++++ b/libsoup/soup-headers.c
+@@ -902,7 +902,7 @@ append_param_quoted (GString    *string,
+ 		     const char *name,
+ 		     const char *value)
+ {
+-	int len;
++	gsize len;
+ 
+ 	g_string_append (string, name);
+ 	g_string_append (string, "=\"");
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
index 96bb53a033..a4a8a03152 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
@@ -35,6 +35,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32907.patch \
            file://CVE-2025-32053.patch \
            file://CVE-2025-32052.patch \
+           file://CVE-2025-32050.patch \
 "
 SRC_URI[sha256sum] = "e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13"
 

From patchwork Tue Jun 10 19:34:00 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 64755
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 8EA49C71130
	for <webhook@archiver.kernel.org>; Tue, 10 Jun 2025 19:34:39 +0000 (UTC)
Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com
 [209.85.214.169])
 by mx.groups.io with SMTP id smtpd.web10.96406.1749584074447592785
 for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:34 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=2LmzNv7/;
 spf=softfail (domain: sakoman.com, ip: 209.85.214.169,
 mailfrom: steve@sakoman.com)
Received: by mail-pl1-f169.google.com with SMTP id
 d9443c01a7336-2363616a1a6so12837385ad.3
        for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1749584074;
 x=1750188874; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=539nrUonCwx3alMydrSQT4WUFGl8iOKDIxAK+LmYMRE=;
        b=2LmzNv7/lyp6fvwuupyTlD7z6ipiW5Nbu6VB1mtdmHWzW/aStrIz/ylUYMh9TmGYR+
         +/ey265QhB+hiJLBIOqej/Et2C5bvnixLxqKEDXUVNNEcZp1NpcHiLmRTIXwUxNzNZOP
         vC2YJTLzhD4YGFHax4haePlKmcIrcAovm9qJUTh69luZKPOmNxdVM4wLwMszGQkTOnaX
         a4qs71X4x/ZxYt9y0fZji26xzDaGiz/zdDsQpug3+Q0QcUmNa7GXJ6tXZBGpsSniRtHX
         55JCUOrFVKiaZcpwaCtvvrEM+w08k3wc6msAJed3xR0hw19HtrWS9AOE9pL0CVbsMMs7
         eDhg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1749584074; x=1750188874;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=539nrUonCwx3alMydrSQT4WUFGl8iOKDIxAK+LmYMRE=;
        b=H4nybT2SmBwcqN4SJ2rcoKWgH6T8eWH68K+wsd+GvVHRNmsYQ2iYSNZZ402EYpmSj1
         FkcfyUT0ZZdFeFw9eBV6g/+87Jr36jJlwGcPfTsWsYnWTXZIxaLKCfxqaGiIpi/gnDw/
         wm9MbFjmS0QKVx8AuG36AmiwQ1SQEkYkl8z08ajcgKHhqDV001YpkTYmIV7vQvj0gxjU
         qaZhfyqjVGo6LSOq0H2kkEq14pROjmtX0m7/ltdz05u9ggAtnUpdeg4OBNDg75spmN/2
         9uRXc1N9RkACxh38wt3i/Seg/TjoviBNSVJoNp0fCJjbf21Qj7Z1/3bliws27VmLHnYY
         sDew==
X-Gm-Message-State: AOJu0Yy4jWS+u+zAGfn/eWq5xZGr1dwUerHB9XdmwnwL2NhhDNgsV81w
	AB6kYJTmBwMeZReg+LZab8nYRQ38gCAMpDUjic3dbdA7uHi+fsaSjfNmi8ZPvVnUbtqhzeL6Ytp
	+Y0/a
X-Gm-Gg: ASbGncthHx80qWr5tSsR19AXXx0uAD7XNONvXkk+QOkCGjmzte0y6zUMNrmbeH2abX+
	Fo/rzwCe//8WUnVV6xBjbGwya+7V1WV7Olk2PTeHDa6G+m4D6p1aLeGoyPmSkSu7wRACfMguZao
	rb6qNipGJXUjfgfVEQ1vzDXNSrwI9Gtkx2SkTi0Nzn2JQnEhPuCvJ4bh6mZhySf8ycA231wLq4w
	KX85ttUh/XW7O6RaAsGd7nuX8Kjgp4a4kpRwdUGKUkl6pKnOZrnwECeHWyhqL/T+d2Y2LUnNn44
	pLomWv+akeyPvRvxmUn1eYJpFP1kNT+5lJ7f6ko9maDCuBF5l7QbCA==
X-Google-Smtp-Source: 
 AGHT+IFIlYi1veXohJINgf1XjZ1xRWYgI2ANr0Zz/S5kbOx6pdj7Kg0Uw3ePtsjiV9RD+emn/GJWIA==
X-Received: by 2002:a17:902:f78b:b0:234:b131:15a with SMTP id
 d9443c01a7336-23641a8aad8mr7464155ad.4.1749584073742;
        Tue, 10 Jun 2025 12:34:33 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:7bc4:2c75:fa51:ff16])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-313b10c7a88sm73897a91.33.2025.06.10.12.34.33
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 10 Jun 2025 12:34:33 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 05/16] libsoup: fix CVE-2025-32050
Date: Tue, 10 Jun 2025 12:34:00 -0700
Message-ID: 
 <563a34faae35e4587fe2740c26c4bc149555a5de.1749583904.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1749583904.git.steve@sakoman.com>
References: <cover.1749583904.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 10 Jun 2025 19:34:39 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/218410

From: Changqing Li <changqing.li@windriver.com>

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/424

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup-3.4.4/CVE-2025-32050.patch        | 29 +++++++++++++++++++
 meta/recipes-support/libsoup/libsoup_3.4.4.bb |  1 +
 2 files changed, 30 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32050.patch

diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32050.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32050.patch
new file mode 100644
index 0000000000..e5a4d747a1
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32050.patch
@@ -0,0 +1,29 @@
+From 30c86c9a284cf6f366ac87df0bca3e18a5de8671 Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Mon, 28 Oct 2024 12:29:48 -0500
+Subject: [PATCH] Fix using int instead of size_t for strcspn return
+
+CVE: CVE-2025-32050
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/9bb0a55de55c6940ced811a64fbca82fe93a9323]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-headers.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-headers.c b/libsoup/soup-headers.c
+index 5fb32c2..52ef2ec 100644
+--- a/libsoup/soup-headers.c
++++ b/libsoup/soup-headers.c
+@@ -906,7 +906,7 @@ append_param_quoted (GString    *string,
+ 		     const char *name,
+ 		     const char *value)
+ {
+-	int len;
++	gsize len;
+ 
+ 	g_string_append (string, name);
+ 	g_string_append (string, "=\"");
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
index 9af7de192f..23d44d1572 100644
--- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
@@ -40,6 +40,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32052.patch \
            file://CVE-2025-32051-1.patch \
            file://CVE-2025-32051-2.patch \
+           file://CVE-2025-32050.patch \
 "
 SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa"
 

From patchwork Tue Jun 10 19:34:01 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 64754
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 9503BC71134
	for <webhook@archiver.kernel.org>; Tue, 10 Jun 2025 19:34:39 +0000 (UTC)
Received: from mail-pg1-f172.google.com (mail-pg1-f172.google.com
 [209.85.215.172])
 by mx.groups.io with SMTP id smtpd.web10.96408.1749584076031076360
 for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:36 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=gR5ISuZY;
 spf=softfail (domain: sakoman.com, ip: 209.85.215.172,
 mailfrom: steve@sakoman.com)
Received: by mail-pg1-f172.google.com with SMTP id
 41be03b00d2f7-b2c40a7ca6eso5587273a12.1
        for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1749584075;
 x=1750188875; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=JDsKIW/cAncb0JwZrMr7hhol3tL/V41WLjp0/lcONL0=;
        b=gR5ISuZYQBzXPFMar4O+tYQnxGuHG1wToK/JJtYJDKDf4K8/VwNERf87IhFiuQN4Rn
         4tJuTDIUJ7jRFKiTNzCZa+4MDW21b+GLkLGxdI9Q2SwNmlJ4YESdAGRf1+kGRhd8smsx
         yBzf0LiDEuMoIkyNuBClG3WZnHFXBfGSjkJIrplnDA6UOPU2mouqHXezZAgJXWpD+TGS
         BWvY+Lnwd0+AGKdum9fgnTtNpR/SOlhrRSR6xQ5hsADSqKSUqZ3RSgUn1V/HP4FiUgKR
         gzazUkO56AOUkdbyaIPk82eYOqy57Jr9DQHTmvc7CYTIc9INeJ1bNlETNswLVQF5tX9R
         3X/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1749584075; x=1750188875;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=JDsKIW/cAncb0JwZrMr7hhol3tL/V41WLjp0/lcONL0=;
        b=UsDzgplKv52+GKBfl08YfyfrSnYRcKfBDScXJIfkLvNO2mYSn6QCcpjZ4qT881IAw3
         69wsQmURKwynttx3nIP+BVLx2Ogj8vCDYRlTwFGnctiwYq1HC1pIpJb9xjkzi0tdX2yh
         a6i3cqVn4aMUwGONwcss9tNH9acgV8+nNvVOHW0mFBHXBCUwyz67i55cyKuDJcgBSQDl
         XyemgNC6Pw1xhYXNcLg8WkMNFecO8HpAR3vyBhsgz6/MHU7w9mns/NBIyXN2BeKedlzf
         WdJnU3ICREhuIE6YsJHY7QtL+Mf7f4jiA2ifh17oygsAa2pu12kSFjKiVaiqA/fmgcvT
         /9Rw==
X-Gm-Message-State: AOJu0YxfSuMeoVgE/XbCbOCdFOPI1A5iSfxC2PWZ8oFO9igUtia1ygXm
	VGy4oxYPm2eFb+a7qM22U9HOL2plHN1h8GlQCUIAq/v39ss6oEW1jIKj7qfKbVPQFKZov+grIYN
	hvNEn
X-Gm-Gg: ASbGnctxnUohmxeYh/VVWOkpaHhQp/UrWEQjd+tFJF2cBk7QDVeddboxRs+T0Etd59u
	FudTp3iVWbppm2O5gd7DEdqyPbhOPRxbCjpjVcz2A21wmZNqD38yxn2xHsG+nCHn6/wyCaM51+d
	KRgCBiKMe0QtlhNYvwjJ8gOVedXHKVFpR7ZWMbtNw/OzzJ9KN8pLiMoosB3S9TQgypuX07ZbPW+
	dD9sFB5XuHf28G7Oi+imja+DK4UmE92waEJORSDvsoLZsyXyNyu9mvWHrSS1HMVD/VGyoJt7gDB
	qIKSUZ6zxIDF8N9qOwVbi2dwI0C25JU8MyQG2ZUmDS6O4EI+F8cJJA==
X-Google-Smtp-Source: 
 AGHT+IEfXCzN5WlSG4/0f9eCEhqzXOp/OrSDlS1/YuU6dupkv9upT9sixoiX69hrJvoV/kRlxheTog==
X-Received: by 2002:a17:90b:1f8f:b0:311:9c1f:8516 with SMTP id
 98e67ed59e1d1-313af13d310mr969678a91.15.1749584075173;
        Tue, 10 Jun 2025 12:34:35 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:7bc4:2c75:fa51:ff16])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-313b10c7a88sm73897a91.33.2025.06.10.12.34.34
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 10 Jun 2025 12:34:34 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 06/16] libsoup-2.4: fix CVE-2025-46421
Date: Tue, 10 Jun 2025 12:34:01 -0700
Message-ID: 
 <9e32f4fd761b591ea2f5ce26381135e9a8db94ce.1749583904.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1749583904.git.steve@sakoman.com>
References: <cover.1749583904.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 10 Jun 2025 19:34:39 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/218411

From: Changqing Li <changqing.li@windriver.com>

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/439

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup-2.4/CVE-2025-46421.patch  | 47 +++++++++++++++++++
 .../libsoup/libsoup-2.4_2.74.3.bb             |  1 +
 2 files changed, 48 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-46421.patch

diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-46421.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-46421.patch
new file mode 100644
index 0000000000..26067c4bb8
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-46421.patch
@@ -0,0 +1,47 @@
+From 5eb225f02bb35de56cfeedd87bde716bf1cb750b Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Wed, 5 Feb 2025 16:18:10 -0600
+Subject: [PATCH] session: Strip authentication credentails on
+ cross-origin redirect
+
+This should match the behavior of Firefox and Safari but not of Chromium.
+
+CVE: CVE-2025-46421
+Upstream-Status: Backport
+[https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/436/diffs?commit_id=3e5c26415811f19e7737238bb23305ffaf96f66b]
+
+Test code not added since it included some headers not in version 2.74.3
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-session.c |  8 +++++++-
+ 1 files changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-session.c b/libsoup/soup-session.c
+index 83421ef..8d6ac61 100644
+--- a/libsoup/soup-session.c
++++ b/libsoup/soup-session.c
+@@ -1189,12 +1189,18 @@ soup_session_redirect_message (SoupSession *session, SoupMessage *msg)
+ 						   SOUP_ENCODING_NONE);
+ 	}
+ 
++	/* Strip all credentials on cross-origin redirect. */
++	if (!soup_uri_host_equal (soup_message_get_uri (msg), new_uri)) {
++		soup_message_headers_remove (msg->request_headers, "Authorization");
++		soup_message_set_auth (msg, NULL);
++	}
++
+ 	soup_message_set_uri (msg, new_uri);
+ 	soup_uri_free (new_uri);
+ 
+ 	soup_session_requeue_message (session, msg);
+ 	return TRUE;
+-}
++}
+ 
+ static void
+ redirect_handler (SoupMessage *msg, gpointer user_data)
+ 
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
index a4a8a03152..4a00dafe47 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
@@ -36,6 +36,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32053.patch \
            file://CVE-2025-32052.patch \
            file://CVE-2025-32050.patch \
+           file://CVE-2025-46421.patch \
 "
 SRC_URI[sha256sum] = "e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13"
 

From patchwork Tue Jun 10 19:34:02 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 64756
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id A2930C71133
	for <webhook@archiver.kernel.org>; Tue, 10 Jun 2025 19:34:39 +0000 (UTC)
Received: from mail-pg1-f181.google.com (mail-pg1-f181.google.com
 [209.85.215.181])
 by mx.groups.io with SMTP id smtpd.web10.96410.1749584077955917735
 for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:38 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=GbVfsWhL;
 spf=softfail (domain: sakoman.com, ip: 209.85.215.181,
 mailfrom: steve@sakoman.com)
Received: by mail-pg1-f181.google.com with SMTP id
 41be03b00d2f7-b26df8f44e6so5889723a12.2
        for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1749584077;
 x=1750188877; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=YpNbkV5mdJT74wnbQdwkPYzbabp/UQZTecy9p01vjRI=;
        b=GbVfsWhL9aTrCrty15UbXraJA60qv0THlCuNgMwgfl+5j7qo1YhK3Lc7s9ar4pq6q0
         rOBvncbPH7iNv2KJ8rExo9UbPrzioctY6cKPvIlTOLGvXy3ViU1mH9YmbqfrYMta47ru
         sXScCdavd0uqacfByK2b3lpwEkg8vf74qedD2EQEhSb1yvC9lBkv6NasTN+HyJ5qpc5A
         bDoutjKQxGp22X+BPVWVjmRSoEG4EpdTKAWnG4ygI2pGHclGU5Q6VXxFi7ezIlbsi+wb
         07aGYzUrAwH/dQC/igKfZDLs2+dZCKJMoboAdpk8rbbzYvM1AKBBYqJD96ewHhFMsuBS
         Sa2g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1749584077; x=1750188877;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=YpNbkV5mdJT74wnbQdwkPYzbabp/UQZTecy9p01vjRI=;
        b=gKir0uFCBSZ4CxsgP6J2PK3EmCOSZHp50PdebP6OFnju2rF07bxHS8jQ/h3MMpmQf8
         18H4l6/n3h+88nXit7YlDGV+G5tUfEB46xv/xgSFig5kq6DDvpMJVPyf7XIdM+MlNRox
         NBYqwC5E01wqDo9D2eHLtKFtfSBaLgTT+52JxokKx4cHeMRsCqYRzgCp7oiYEXVMeVHD
         O5WjKCQCLHI9fSWaSR4B3p2Wz7d/lt3D+lAuMIql2SbR1w0S4unRDP/mKZ773u3NzJxQ
         eUeKyvj2SlDX1T9DM1hNqspySJgu4s+1dDAdcu/MUjeUHzKIcbKZWHmUl5bZoLCEIWES
         I6hA==
X-Gm-Message-State: AOJu0YwJAsx6MGBDQcEaphc6xiC4RV8FK8W6IaerutsY+2xAFx5N4opR
	7zqGPggF3HuzNqJWq45/ql57z8ZiREMhsDPM3s9RJYjmreKlQiG06UCpiLnflwqzyzqMNqv2/Uq
	iZeZs
X-Gm-Gg: ASbGncsBxK0P1xaxBvXkXksCtaiIfandDjMHdL1xb3CGAQElwTUrTXUOhh59JC1/ycm
	G27Z95zJXwu0G1W6H4GeFaSrwxXedmUrHH3hZ5uQPGxBU84VM2w9TaE6RBOXIMF6+hDynKQ2AsP
	9D+wpUOf2Z/my5rjBIodevc8pdiho8kq0/5WT7PErsbxsFKC0xPAEaGF9OpXiTN0y6usmY5JqJ9
	CnEiX18LRVo4jdVSVjOqesX3rC+on2zgw/4LAEe8GkrzgU6iQlrwqzBCPdRh0oKZY3Ss9q95zDA
	GuyWs0gPp/dxIGHx8yEZgSYULMZiqd9s5eMlmalVJdL4qTxrwnzx5A==
X-Google-Smtp-Source: 
 AGHT+IERorebaBgkkkZm9mh7npVMkuayJLb6PhNkBIW9Pvw/c36WQJCL1tQoZA7+XtxHgD1hJLp5sA==
X-Received: by 2002:a17:90b:548d:b0:312:db8:dbd1 with SMTP id
 98e67ed59e1d1-313af148f14mr960047a91.5.1749584077046;
        Tue, 10 Jun 2025 12:34:37 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:7bc4:2c75:fa51:ff16])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-313b10c7a88sm73897a91.33.2025.06.10.12.34.36
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 10 Jun 2025 12:34:36 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 07/16] libsoup: fix CVE-2025-46421
Date: Tue, 10 Jun 2025 12:34:02 -0700
Message-ID: 
 <f1450eea34202a9cc46294e3d8244c829556c369.1749583904.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1749583904.git.steve@sakoman.com>
References: <cover.1749583904.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 10 Jun 2025 19:34:39 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/218412

From: Changqing Li <changqing.li@windriver.com>

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/439

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup-3.4.4/CVE-2025-46421.patch        | 139 ++++++++++++++++++
 meta/recipes-support/libsoup/libsoup_3.4.4.bb |   1 +
 2 files changed, 140 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-46421.patch

diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-46421.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-46421.patch
new file mode 100644
index 0000000000..72683d8fce
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-46421.patch
@@ -0,0 +1,139 @@
+From 85c5227eef7370832044eb918e8a99c0bcbab86f Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Wed, 5 Feb 2025 16:18:10 -0600
+Subject: [PATCH] session: Strip authentication credentails on cross-origin
+ redirect
+
+This should match the behavior of Firefox and Safari but not of Chromium.
+
+CVE: CVE-2025-46421
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/436/diffs?commit_id=3e5c26415811f19e7737238bb23305ffaf96f66b]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-session.c |  6 ++++
+ tests/auth-test.c      | 77 ++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 83 insertions(+)
+
+diff --git a/libsoup/soup-session.c b/libsoup/soup-session.c
+index 631bec0..9f00b05 100644
+--- a/libsoup/soup-session.c
++++ b/libsoup/soup-session.c
+@@ -1230,6 +1230,12 @@ soup_session_redirect_message (SoupSession *session,
+ 						   SOUP_ENCODING_NONE);
+ 	}
+ 
++        /* Strip all credentials on cross-origin redirect. */
++        if (!soup_uri_host_equal (soup_message_get_uri (msg), new_uri)) {
++                soup_message_headers_remove_common (soup_message_get_request_headers (msg), SOUP_HEADER_AUTHORIZATION);
++                soup_message_set_auth (msg, NULL);
++        }
++
+         soup_message_set_request_host_from_uri (msg, new_uri);
+ 	soup_message_set_uri (msg, new_uri);
+ 	g_uri_unref (new_uri);
+diff --git a/tests/auth-test.c b/tests/auth-test.c
+index 484097f..7c3b551 100644
+--- a/tests/auth-test.c
++++ b/tests/auth-test.c
+@@ -1,6 +1,7 @@
+ /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+ 
+ #include "test-utils.h"
++#include "soup-uri-utils-private.h"
+ 
+ static const char *base_uri;
+ static GMainLoop *loop;
+@@ -1916,6 +1917,81 @@ do_missing_params_test (gconstpointer auth_header)
+ 	soup_test_server_quit_unref (server);
+ }
+ 
++static void
++redirect_server_callback (SoupServer        *server,
++                          SoupServerMessage *msg,
++                          const char        *path,
++                          GHashTable        *query,
++                          gpointer           user_data)
++{
++    static gboolean redirected = FALSE;
++
++    if (!redirected) {
++        char *redirect_uri = g_uri_to_string (user_data);
++        soup_server_message_set_redirect (msg, SOUP_STATUS_MOVED_PERMANENTLY, redirect_uri);
++        g_free (redirect_uri);
++        redirected = TRUE;
++        return;
++    }
++
++    g_assert_not_reached ();
++}
++
++static gboolean
++auth_for_redirect_callback (SoupMessage *msg, SoupAuth *auth, gboolean retrying, gpointer user_data)
++{
++    GUri *known_server_uri = user_data;
++
++    if (!soup_uri_host_equal (known_server_uri, soup_message_get_uri (msg)))
++        return FALSE;
++
++    soup_auth_authenticate (auth, "user", "good-basic");
++
++    return TRUE;
++}
++
++static void
++do_strip_on_crossorigin_redirect (void)
++{
++    SoupSession *session;
++    SoupMessage *msg;
++    SoupServer *server1, *server2;
++    SoupAuthDomain *auth_domain;
++    GUri *uri;
++    gint status;
++
++    server1 = soup_test_server_new (SOUP_TEST_SERVER_IN_THREAD);
++    server2 = soup_test_server_new (SOUP_TEST_SERVER_IN_THREAD);
++
++    /* Both servers have the same credentials. */
++    auth_domain = soup_auth_domain_basic_new ("realm", "auth-test", "auth-callback", server_basic_auth_callback, NULL);
++    soup_auth_domain_add_path (auth_domain, "/");
++    soup_server_add_auth_domain (server1, auth_domain);
++    soup_server_add_auth_domain (server2, auth_domain);
++    g_object_unref (auth_domain);
++
++    /* Server 1 asks for auth, then redirects to Server 2. */
++    soup_server_add_handler (server1, NULL,
++                    redirect_server_callback,
++                   soup_test_server_get_uri (server2, "http", NULL), (GDestroyNotify)g_uri_unref);
++    /* Server 2 requires auth. */
++    soup_server_add_handler (server2, NULL, server_callback, NULL, NULL);
++
++    session = soup_test_session_new (NULL);
++    uri = soup_test_server_get_uri (server1, "http", NULL);
++    msg = soup_message_new_from_uri ("GET", uri);
++    /* The client only sends credentials for the host it knows. */
++    g_signal_connect (msg, "authenticate", G_CALLBACK (auth_for_redirect_callback), uri);
++
++    status = soup_test_session_send_message (session, msg);
++
++    g_assert_cmpint (status, ==, SOUP_STATUS_UNAUTHORIZED);
++
++    g_uri_unref (uri);
++    soup_test_server_quit_unref (server1);
++    soup_test_server_quit_unref (server2);
++}
++
+ int
+ main (int argc, char **argv)
+ {
+@@ -1949,6 +2025,7 @@ main (int argc, char **argv)
+ 	g_test_add_func ("/auth/auth-uri", do_auth_uri_test);
+         g_test_add_func ("/auth/cancel-request-on-authenticate", do_cancel_request_on_authenticate);
+         g_test_add_func ("/auth/multiple-algorithms", do_multiple_digest_algorithms);
++        g_test_add_func ("/auth/strip-on-crossorigin-redirect", do_strip_on_crossorigin_redirect);
+         g_test_add_data_func ("/auth/missing-params/realm", "Digest qop=\"auth\"", do_missing_params_test);
+         g_test_add_data_func ("/auth/missing-params/nonce", "Digest realm=\"auth-test\", qop=\"auth,auth-int\", opaque=\"5ccc069c403ebaf9f0171e9517f40e41\"", do_missing_params_test);
+         g_test_add_data_func ("/auth/missing-params/nonce-md5-sess", "Digest realm=\"auth-test\", qop=\"auth,auth-int\", opaque=\"5ccc069c403ebaf9f0171e9517f40e41\" algorithm=\"MD5-sess\"", do_missing_params_test);
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
index 23d44d1572..473a980b1a 100644
--- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
@@ -41,6 +41,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32051-1.patch \
            file://CVE-2025-32051-2.patch \
            file://CVE-2025-32050.patch \
+           file://CVE-2025-46421.patch \
 "
 SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa"
 

From patchwork Tue Jun 10 19:34:03 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 64758
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id B2D23C71135
	for <webhook@archiver.kernel.org>; Tue, 10 Jun 2025 19:34:39 +0000 (UTC)
Received: from mail-pj1-f44.google.com (mail-pj1-f44.google.com
 [209.85.216.44])
 by mx.groups.io with SMTP id smtpd.web11.95770.1749584079238304082
 for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:39 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=v6ERyNRm;
 spf=softfail (domain: sakoman.com, ip: 209.85.216.44,
 mailfrom: steve@sakoman.com)
Received: by mail-pj1-f44.google.com with SMTP id
 98e67ed59e1d1-31329098ae8so170840a91.1
        for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1749584078;
 x=1750188878; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=wUMXU8bKC6jc5d/v6/sTjrHlWpiSMBY5stw13AqwoaQ=;
        b=v6ERyNRmInRJ0nhrfhpdFrLgRZ0vfvhm3HiE/urzKeCHM5o0ytYdCm3Ixqz3yjvmM2
         CeUMBT3cr7apSJArzHNo4nk/1GSAL2zR9nKM6X/maGwBUp6Ql4yzVcCzuiPZFjviQ4bT
         EKd+VObv8GK/ruChWwP6wu3sh/sDdI4umEhIcdIR74fvXcOU/QKWm/jY4aBDuebyps/6
         q+0pbC/ATUH99F1HwSDsanakO8TDjKY/Wo9ovXGdvc/70dWDErcbrsMKbk2fDn3dfnd0
         KUYAa9Exfft1dVgZSXw6n9ZiXNb/U7k02REtGDojHPD2/2nlZN410uESPDmtjEdxvNEZ
         BNAA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1749584078; x=1750188878;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=wUMXU8bKC6jc5d/v6/sTjrHlWpiSMBY5stw13AqwoaQ=;
        b=gJXbow4fY+OekNpBkY52oIhfCHZXctYOHfk8NhIxqxMz7Qtd+jI6Coop1aKx7N5o2J
         4gJp6Tf90JkTQv3qsBAjOY69HfO+RGS3rm3F16ELtUGAwZh69vmpt5nCXW/EKPTVD4E3
         VuWmto8GUlteQm9bVTP0BUPpQMXtAYh7FX1IcYrctx6glUJJxgyXwz8QddFkdzmWgqeY
         oKl5A2FWzLyfEMtX1KHHeOh2SJjWmsgVuwaQLpzDiqtQg6jexDOWLITZ7BstYliqjwx9
         UoZ7fKwZ5OrMxigr05EQiAQwVxkYoB3AsBGHrw84mAgvHdFlb7WRyqVchCpvDYpJYc0T
         qKNw==
X-Gm-Message-State: AOJu0YzZ28cNqEcdrpVzFcN48yNUTKjrOadBKgCcx4IisRbhSNYmqUCm
	b50qwJbhpDi4OISQgakNI5CRwKNCQb+/HFsjPV7zqqTR8L6luRkHaaVzb6SzYH8QUVsjrXR0D4i
	29M66
X-Gm-Gg: ASbGncuSsZwEgfLK5QcbNyCfPXoCBPO7pTgk+TW/r01URfx1cGjaQsQO7zeHZolWNm1
	DJJS+pj5zmeJfX5BbkzlGBmUmfBjcmnFV9VI4nSu8KmYCCC9OOo5Vmyj2H2U4TXKa47lATLUL4P
	EpGlALdZhpCBZhnnrEatyHPNIiZ0sTOhAez3Bg/6roQcBMtXTxyllWedYhHUvpl7z+e5BRhIxN6
	46QmliGMNvRRhE/tqhkYnyROpzNBDsIVR9Ua4/D2QAvap5d8AvUi8UAzYoT0AUjSY2k7d88ej2P
	kiNgZ9UtV1yhQZ5akT91iK2R90lv1pWqDQJg7WROvYmEVe0bd0ytrJO+OlvKUrAm
X-Google-Smtp-Source: 
 AGHT+IHYf0Txq+68JiLH6IB0JZkaV2nXcYpKXBPe5iquhUC3oInyOtgq6DBJVgHhowisUI1yIQFsXA==
X-Received: by 2002:a17:90b:5403:b0:2fa:1e56:5d82 with SMTP id
 98e67ed59e1d1-313af98de56mr708507a91.17.1749584078424;
        Tue, 10 Jun 2025 12:34:38 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:7bc4:2c75:fa51:ff16])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-313b10c7a88sm73897a91.33.2025.06.10.12.34.37
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 10 Jun 2025 12:34:38 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 08/16] libsoup-2.4: fix CVE-2025-4948
Date: Tue, 10 Jun 2025 12:34:03 -0700
Message-ID: 
 <b4fb5cd0d3385989842ad5a84d34cf451679c59a.1749583904.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1749583904.git.steve@sakoman.com>
References: <cover.1749583904.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 10 Jun 2025 19:34:39 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/218413

From: Changqing Li <changqing.li@windriver.com>

Refer:
http://gitlab.gnome.org/GNOME/libsoup/-/issues/449

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup-2.4/CVE-2025-4948.patch   | 38 +++++++++++++++++++
 .../libsoup/libsoup-2.4_2.74.3.bb             |  1 +
 2 files changed, 39 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4948.patch

diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4948.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4948.patch
new file mode 100644
index 0000000000..b15b8c763d
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4948.patch
@@ -0,0 +1,38 @@
+From dfdc9b3cc73e6fe88cc12792ba00e14642572339 Mon Sep 17 00:00:00 2001
+From: Milan Crha <mcrha@redhat.com>
+Date: Thu, 15 May 2025 17:49:11 +0200
+Subject: [PATCH] soup-multipart: Verify boundary limits for multipart body
+
+It could happen that the boundary started at a place which resulted into
+a negative number, which in an unsigned integer is a very large value.
+Check the body size is not a negative value before setting it.
+
+Closes https://gitlab.gnome.org/GNOME/libsoup/-/issues/449
+
+Part-of: <https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/463>
+
+CVE: CVE-2025-4948
+Upstream-Status: Backport
+[https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/463/diffs?commit_id=f2f28afe0b3b2b3009ab67d6874457ec6bac70c0]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-multipart.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-multipart.c b/libsoup/soup-multipart.c
+index dd93973..ce2fc10 100644
+--- a/libsoup/soup-multipart.c
++++ b/libsoup/soup-multipart.c
+@@ -214,7 +214,7 @@ soup_multipart_new_from_message (SoupMessageHeaders *headers,
+ 		 */
+ 		part_body = soup_buffer_new_subbuffer (flattened,
+ 						       split - flattened->data,
+-						       end - 2 - split);
++						       end - 2 >= split ? end - 2 - split : 0);
+ 		g_ptr_array_add (multipart->bodies, part_body);
+ 
+ 		start = end;
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
index 4a00dafe47..5c834e394a 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
@@ -37,6 +37,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32052.patch \
            file://CVE-2025-32050.patch \
            file://CVE-2025-46421.patch \
+           file://CVE-2025-4948.patch \
 "
 SRC_URI[sha256sum] = "e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13"
 

From patchwork Tue Jun 10 19:34:04 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 64759
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id B727FC677C4
	for <webhook@archiver.kernel.org>; Tue, 10 Jun 2025 19:34:49 +0000 (UTC)
Received: from mail-pj1-f45.google.com (mail-pj1-f45.google.com
 [209.85.216.45])
 by mx.groups.io with SMTP id smtpd.web10.96411.1749584080780082671
 for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:40 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=zXnxsQHG;
 spf=softfail (domain: sakoman.com, ip: 209.85.216.45,
 mailfrom: steve@sakoman.com)
Received: by mail-pj1-f45.google.com with SMTP id
 98e67ed59e1d1-3127cc662e2so178142a91.0
        for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1749584080;
 x=1750188880; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=sCX4aQ7Fp8wmuY9OL4SHc5gYNxpV34FwxydZ7vPYrng=;
        b=zXnxsQHGwZ9fZohDIxMklZ86SU8m+qFY569NrZOOsxZNUlbky956WSTIprMyfJUuJ1
         PJ/3m9t21jdu/G0PPJd2zCkyqCXqYH281Ii7b8XHdeiJDU5XUyfxoPD4/IpPUyDL3WTy
         tGOYgII1K2Oq4FjAStencH26MbYm4m1ISY1zZZ8y8NNvgAkCtdG9pWL0X8xVf1goqmrj
         HNRfz4RBGuNs5ffPR0/hLG2t/vItA6PHEH61pJqP/uBqbdyC6uzbX6c0Q4DSa6wH3duH
         vv+yww/39bGyWDHzAfttbGkWT3Sdzp2K/7G8lI0uDr000AVkuIkx2Czed03Yf0LkwvQl
         HqZw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1749584080; x=1750188880;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=sCX4aQ7Fp8wmuY9OL4SHc5gYNxpV34FwxydZ7vPYrng=;
        b=LECltGzIoqqbXguEVrFyFDSFo9Vqn/aJLVXwq7PVKVkuegt6RDxyueimY5h1WkrscK
         s6Yqh9Q7HcdAK9HI6SS8t4jNnabcHAG/zlrSv9yqmEsBiys6diYKos5htc4IHoX7nuPy
         Aosk90C+w4w8FQg3MxFZO0XhpR8/ENTr/lAbiFBL6NSSLVcRbvZVCuPFxkucceteTIcZ
         agfBXw6VnXZBehDJkbRSrJKsT6eDRBUxR50nVCA4n9+GlG4vX5im2B4jGhTt2YOIApzJ
         Yq9oAl8xlNCtGGlparETXWPy7ZytG1vrpg30F2LL3BhYL4kSxM5tonoIiumR0HBoOxmI
         AnTQ==
X-Gm-Message-State: AOJu0YwpyhNMjWjxfNcdOjyhbzNEDkjKSBulelbvb0lV5cR913hGB0DT
	68sqvN9bNOkQX/BzjG6Ufu8FawsamYuqrRv3ISARit8Zo4g4ksD64ePCf9qHqtZA/53B7VWNvK7
	b8hhz
X-Gm-Gg: ASbGncsVpkKtFvDrrc9CyDTLheas5S9uEWhnBLXtGfEULxvbu6Jauh//cqSmCrevUUO
	eDWoSvRAR/otNVutFz4Zg+wSwjMjyozmaxoVLO8dWtxKeAI8xW9Lzmr/xEWwYhi9I9hqMjXqLqN
	WS9dEehupWT6SKlJ9fvb/yOWnJcG+az7aOrwa9eysj99oaEJjuT+mAeT3eySisDzOdJlK6FRvJA
	NTJ/PQHxFqtYJpwtIDPfMuV2kdTYexHFBcLg3lwnPXiDNYbti6uNGN21ytcylAhuAVC1u6/w/8T
	uPF2P+V70JL6US9Nl7edNpLXoUcCWGSK2texlg2YsAnzl8DIMjMp/g==
X-Google-Smtp-Source: 
 AGHT+IH1cuXaMaEgvS9P2fzXBQNMzqYHHZAybETf3y8UgkcBXD0ljYxBCxuF/dDadmDVqSPLqgXYKA==
X-Received: by 2002:a17:90b:2702:b0:311:a5ab:3d47 with SMTP id
 98e67ed59e1d1-313af7e0b2amr828762a91.1.1749584079881;
        Tue, 10 Jun 2025 12:34:39 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:7bc4:2c75:fa51:ff16])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-313b10c7a88sm73897a91.33.2025.06.10.12.34.39
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 10 Jun 2025 12:34:39 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 09/16] libsoup: fix CVE-2025-4948
Date: Tue, 10 Jun 2025 12:34:04 -0700
Message-ID: 
 <737d50288a37f51f17cf3fef0422e27dbd115cce.1749583904.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1749583904.git.steve@sakoman.com>
References: <cover.1749583904.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 10 Jun 2025 19:34:49 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/218414

From: Changqing Li <changqing.li@windriver.com>

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/449

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup-3.4.4/CVE-2025-4948.patch | 97 +++++++++++++++++++
 meta/recipes-support/libsoup/libsoup_3.4.4.bb |  1 +
 2 files changed, 98 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4948.patch

diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4948.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4948.patch
new file mode 100644
index 0000000000..07c85f5381
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4948.patch
@@ -0,0 +1,97 @@
+From a23ce8f8e60e79990e26376c8b0d40841aed4b81 Mon Sep 17 00:00:00 2001
+From: Milan Crha <mcrha@redhat.com>
+Date: Thu, 15 May 2025 17:49:11 +0200
+Subject: [PATCH] soup-multipart: Verify boundary limits for multipart body
+
+It could happen that the boundary started at a place which resulted into
+a negative number, which in an unsigned integer is a very large value.
+Check the body size is not a negative value before setting it.
+
+Closes https://gitlab.gnome.org/GNOME/libsoup/-/issues/449
+
+Part-of: <https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/463>
+
+CVE: CVE-2025-4948
+Upstream-Status: Backport
+[https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/463/diffs?commit_id=f2f28afe0b3b2b3009ab67d6874457ec6bac70c0]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-multipart.c |  2 +-
+ tests/multipart-test.c   | 40 ++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 41 insertions(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-multipart.c b/libsoup/soup-multipart.c
+index e1c442e..27257e4 100644
+--- a/libsoup/soup-multipart.c
++++ b/libsoup/soup-multipart.c
+@@ -204,7 +204,7 @@ soup_multipart_new_from_message (SoupMessageHeaders *headers,
+ 		 */
+ 		part_body = g_bytes_new_from_bytes (body, // FIXME
+ 						    split - body_data,
+-						    end - 2 - split);
++						    end - 2 >= split ? end - 2 - split : 0);
+ 		g_ptr_array_add (multipart->bodies, part_body);
+ 
+ 		start = end;
+diff --git a/tests/multipart-test.c b/tests/multipart-test.c
+index 84852e2..2ae888c 100644
+--- a/tests/multipart-test.c
++++ b/tests/multipart-test.c
+@@ -548,6 +548,45 @@ test_multipart_bounds_bad_2 (void)
+ 	g_bytes_unref (bytes);
+ }
+ 
++static void
++test_multipart_too_large (void)
++{
++	const char *raw_body =
++		"-------------------\r\n"
++		"-\n"
++		"Cont\"\r\n"
++		"Content-Tynt----e:n\x8erQK\r\n"
++		"Content-Disposition:   name=  form-; name=\"file\"; filename=\"ype:i/  -d; ----\xae\r\n"
++		"Content-Typimag\x01/png--\\\n"
++		"\r\n"
++		"---:\n\r\n"
++		"\r\n"
++		"-------------------------------------\r\n"
++		"---------\r\n"
++		"----------------------";
++	GBytes *body;
++	GHashTable *params;
++	SoupMessageHeaders *headers;
++	SoupMultipart *multipart;
++
++	params = g_hash_table_new (g_str_hash, g_str_equal);
++	g_hash_table_insert (params, (gpointer) "boundary", (gpointer) "-----------------");
++	headers = soup_message_headers_new (SOUP_MESSAGE_HEADERS_MULTIPART);
++	soup_message_headers_set_content_type (headers, "multipart/form-data", params);
++	g_hash_table_unref (params);
++
++	body = g_bytes_new_static (raw_body, strlen (raw_body));
++	multipart = soup_multipart_new_from_message (headers, body);
++	soup_message_headers_unref (headers);
++	g_bytes_unref (body);
++
++	g_assert_nonnull (multipart);
++	g_assert_cmpint (soup_multipart_get_length (multipart), ==, 1);
++	g_assert_true (soup_multipart_get_part (multipart, 0, &headers, &body));
++	g_assert_cmpint (g_bytes_get_size (body), ==, 0);
++	soup_multipart_free (multipart);
++}
++
+ int
+ main (int argc, char **argv)
+ {
+@@ -578,6 +617,7 @@ main (int argc, char **argv)
+ 	g_test_add_func ("/multipart/bounds-good", test_multipart_bounds_good);
+ 	g_test_add_func ("/multipart/bounds-bad", test_multipart_bounds_bad);
+ 	g_test_add_func ("/multipart/bounds-bad-2", test_multipart_bounds_bad_2);
++	g_test_add_func ("/multipart/too-large", test_multipart_too_large);
+ 
+ 	ret = g_test_run ();
+ 
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
index 473a980b1a..9b8bf5b9a2 100644
--- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
@@ -42,6 +42,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32051-2.patch \
            file://CVE-2025-32050.patch \
            file://CVE-2025-46421.patch \
+           file://CVE-2025-4948.patch \
 "
 SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa"
 

From patchwork Tue Jun 10 19:34:05 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 64764
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id E0683C71134
	for <webhook@archiver.kernel.org>; Tue, 10 Jun 2025 19:34:49 +0000 (UTC)
Received: from mail-pj1-f47.google.com (mail-pj1-f47.google.com
 [209.85.216.47])
 by mx.groups.io with SMTP id smtpd.web11.95772.1749584082390689655
 for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:42 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=L2gvlJte;
 spf=softfail (domain: sakoman.com, ip: 209.85.216.47,
 mailfrom: steve@sakoman.com)
Received: by mail-pj1-f47.google.com with SMTP id
 98e67ed59e1d1-3137c2021a0so2280601a91.3
        for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1749584082;
 x=1750188882; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=J5w34AhyU4N7B5fQbIaTEECbiMWoR/B+9csMsYQAMKA=;
        b=L2gvlJteXSCr7zMaKX3VvmvnG4hNQYQbU4dUNXVT0orUYQU5u58nV4tXdO7/6KZcoG
         gsUcuPKNN1Sl07uQuhkYD+BvXIMIP1cZOLfxDhpC6lw4YuRfGcjfJiGkUuAG35McxIzy
         c54ZdWCrdeTrc9KNmXCx3T8Q1dwGcd3+f+1fB1oeL4FyTivGbd21cgkPx2oD+i9p/EgF
         qeREtfsNBDdr9Stbg48qaHBnYFgBWlsUFhOeP/p7HnrE56rfPpyaBi7oZNvkAb4AtgeS
         0lC7wwl4ezSDV7UeESKW7D69NQeNRwbgXSflLwDKfaUG5stNxebPfGp+DOpmn1Zhw4TA
         jzeg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1749584082; x=1750188882;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=J5w34AhyU4N7B5fQbIaTEECbiMWoR/B+9csMsYQAMKA=;
        b=Gn2vwxgjNrL0idpJmByHYmZpZzOVJETWzI/8VGKlgZaDU3fsELFJuGKCGQSIW/Jxh9
         xsJDYE0cIhRxj+7f6X9L+77oWQC7GVWT8T848O9bqJHWbdYxV87Kz7P+OhiFp82NuJbB
         z74PD7rXrngQDbo1Mg2hUehIg/qNW9o3UwzLq8EyrvWjRg69Lt4TjtJIaHha0vAFTr0+
         wzjU9L2ZrmpfI5Elhw6blSP3CLAoF8M3bjc1WrmX4LYldakJFv8LyyYPCQzi5MKYFz9T
         QywRyy2i/v5GVnq8VB3I6McBuMmryiDQUPYz7Ajdf33kLj82EeDyJn9lzMe+zP8Xun8h
         5uZg==
X-Gm-Message-State: AOJu0Yy8G7SOgUQfkqXxUzaNiHMDvIgSjt1EtbhlZTOIAjl0cfI7UGRR
	0ilmtvUyXfJPhm3cAWhj37PyhE+TKFaV34nubl3H1aPZi+rS7Awe0ouoEhl5UnPj4e3LQ8Trd5a
	RMueg
X-Gm-Gg: ASbGncsLldt49QzsuxBjMx2CwL5t2Eu5pn6s6PjXuhiU9EBCVw3hd1/qijqw6zv+g3t
	FFoYtLNKPeqipOKkMP3CAHLILIVz9ByF2hOMU2yv242uPZAzGf1kCTbI6FjLmKykdkH6OfiKb8C
	bDRr0juVk4LCNEqY7rw79ZTxKWeHqgW0v4vjCT07ohbxrDGh4ShaXnU7Em/Ocz2bCGq832fTlpv
	Foo1K1PeSupxrN4RRvx7vYSky4k1tkLIvewrk1R5NYxmysN3ZjscyUBxVS8SFxcJo52Id9f6BG1
	hBNRfXCmuFLOCuyRZPWHLOebfjoXaKsO5Umtbe5PxVrTw3UIF77VZg==
X-Google-Smtp-Source: 
 AGHT+IEy1MBwlnU7lTs6CHUMXouTlc+8SHTVUVOWTJP99SJzF7fgT547YjVti3WRIaPmHwxWtmUCWg==
X-Received: by 2002:a17:90b:2f10:b0:312:db8:dbd2 with SMTP id
 98e67ed59e1d1-313af1a8e41mr975519a91.19.1749584081459;
        Tue, 10 Jun 2025 12:34:41 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:7bc4:2c75:fa51:ff16])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-313b10c7a88sm73897a91.33.2025.06.10.12.34.40
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 10 Jun 2025 12:34:41 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 10/16] libsoup-2.4: fix CVE-2025-4476
Date: Tue, 10 Jun 2025 12:34:05 -0700
Message-ID: 
 <ebb87904c97f4b27a023b2347622519c702d4d2d.1749583904.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1749583904.git.steve@sakoman.com>
References: <cover.1749583904.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 10 Jun 2025 19:34:49 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/218415

From: Changqing Li <changqing.li@windriver.com>

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/440

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup-2.4/CVE-2025-4476.patch   | 38 +++++++++++++++++++
 .../libsoup/libsoup-2.4_2.74.3.bb             |  1 +
 2 files changed, 39 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch

diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch
new file mode 100644
index 0000000000..874f62e7ad
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch
@@ -0,0 +1,38 @@
+From 52a0f9234d384b9dab368835b22e5a5a01542168 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Fri, 16 May 2025 14:16:10 +0800
+Subject: [PATCH] auth-digest: fix crash in
+ soup_auth_digest_get_protection_space()
+
+We need to validate the Domain parameter in the WWW-Authenticate header.
+
+Unfortunately this crash only occurs when listening on default ports 80
+and 443, so there's no good way to test for this. The test would require
+running as root.
+
+Fixes #440
+
+CVE: CVE-2025-4476
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/e64c221f9c7d09b48b610c5626b3b8c400f0907c?merge_request_iid=457]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-auth-digest.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-auth-digest.c b/libsoup/soup-auth-digest.c
+index f1621ec..a2dc560 100644
+--- a/libsoup/soup-auth-digest.c
++++ b/libsoup/soup-auth-digest.c
+@@ -229,7 +229,7 @@ soup_auth_digest_get_protection_space (SoupAuth *auth, SoupURI *source_uri)
+ 			uri = soup_uri_new (d);
+ 			if (uri && uri->scheme == source_uri->scheme &&
+ 			    uri->port == source_uri->port &&
+-			    !strcmp (uri->host, source_uri->host))
++			    !g_strcmp0 (uri->host, source_uri->host))
+ 				dir = g_strdup (uri->path);
+ 			else
+ 				dir = NULL;
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
index 5c834e394a..8f0b706276 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
@@ -38,6 +38,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32050.patch \
            file://CVE-2025-46421.patch \
            file://CVE-2025-4948.patch \
+           file://CVE-2025-4476.patch \
 "
 SRC_URI[sha256sum] = "e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13"
 

From patchwork Tue Jun 10 19:34:06 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 64760
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id B90DDC71130
	for <webhook@archiver.kernel.org>; Tue, 10 Jun 2025 19:34:49 +0000 (UTC)
Received: from mail-pj1-f52.google.com (mail-pj1-f52.google.com
 [209.85.216.52])
 by mx.groups.io with SMTP id smtpd.web11.95774.1749584083908840615
 for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:43 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=XbTLLH7Q;
 spf=softfail (domain: sakoman.com, ip: 209.85.216.52,
 mailfrom: steve@sakoman.com)
Received: by mail-pj1-f52.google.com with SMTP id
 98e67ed59e1d1-31329098ae8so170887a91.1
        for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1749584083;
 x=1750188883; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=cMIKSHOSEUMhG/R/J6bRm7XZ3P1gqOpIV0xpRf+DZ6E=;
        b=XbTLLH7QxjfVuKX4N6DdN2AZjuOq5Z4jD5lk+O/Epg/mApGXZuib/WxwHLNWEVluNc
         w6TirYLR4CZ2/tr2PjMfY2geN6If7F77m+rMWXweeXrT7o1XtFgynZbj0XvwFHcjeAnk
         9lcGOVvJms7C/dOKQgslw/SNbaHBQTbtJRGqyAQJlMDqCpZfuh5EH6RMk9HED0P8OdML
         Rp3qAVOXipYSdvwKkdZnP/pkZsmSwxvmojP0riaakyqBsj6rnysNLZSlcSQ4aHejHXZJ
         y81Qq962aT9rvcA82zhHxIEywOTQTMRv6gEmHiu0mjZEMEDlQH5ZKS9+Hd/Gy1ri3BMV
         Na6g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1749584083; x=1750188883;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=cMIKSHOSEUMhG/R/J6bRm7XZ3P1gqOpIV0xpRf+DZ6E=;
        b=m9CaX8G/ab6ydcox8fpTSr+3mu4TTNFKNIi5DSbhU9qIFRIQgCWQLj4PVjwDAeHXbI
         IyD/GyhonP3+3tSlncwNxnPQbCsIsywfcrHWs8p5U4pUjGZizpihp32b+rsOi+zRl8bu
         fLSJjdjOqAa0Ij6h2Z5Mtt5+MGrtaB2f7Yo5XuB0w2J1eJNup+wi3KUesoHJ+TH3M4hw
         okjhP9NRnkoNZHSuq5UPKC+uJzpt9raDIW1GLqz1OZXDX1isDr4mAUF3FEtr1EZwVXQn
         mv+1UPnXMKJI57D19Qcq71vyZQzB6thY/dG16OQiRyMJuFPFYVKaB1EYIoYf9o3WNOBQ
         jXBg==
X-Gm-Message-State: AOJu0Yz5Q8z1PmFrkmVuS8Fxfg8qBDsk9W0Dz616NkgFC7QnfaJw/DgG
	ZtbtKVOHCOUEYL1GxDPXO/5ILMEMHY2YHAo93+LZixwek6V9JZ9I7rDmAX9WECezRPkJ0BNzZCK
	VmuN+
X-Gm-Gg: ASbGncvuJ0+0v9Xuo8w/aafgD3vdxiblM6gwuPklDR2GOoWhzl1OJkNg9Gpp8VHjUGE
	K58cjDiuVIs30R5bQHuBGezvXqRJaTA8zaITuljD3lmn4KtyzVNu107CPj42qbU073+qZTGAu6j
	/tqHPPR1oZHGM7DXOAfvOADp7v71851FkX13sxKp0irGsVTEb715EkJVJzKkvJfmlovnPC78GGW
	djF7PMFkwxlsMnWpjzj5r7Z3YW0ATVyrHoqXXLy2idMno/nG2Ub8SJ+I4+B2vXGMQmGve6PydH3
	eBLlDpbW9lkoC85k01wSkHqSi1MgoU+hxHGncIWHyZX5FP+gJrZhvg==
X-Google-Smtp-Source: 
 AGHT+IFdGVgMCsTxbISRXRTywq2z0ipi6TYTyKGyQffey2F2FOZSnmKIa8C9Gc6/yl86Sevwy66vxg==
X-Received: by 2002:a17:90b:4a8b:b0:311:482a:f956 with SMTP id
 98e67ed59e1d1-313af83e755mr817211a91.5.1749584082945;
        Tue, 10 Jun 2025 12:34:42 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:7bc4:2c75:fa51:ff16])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-313b10c7a88sm73897a91.33.2025.06.10.12.34.42
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 10 Jun 2025 12:34:42 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 11/16] libsoup-2.4: fix CVE-2025-2784
Date: Tue, 10 Jun 2025 12:34:06 -0700
Message-ID: 
 <9c014c1b96f4ebeb0f6f504b6c7c0d8063b6a6b7.1749583904.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1749583904.git.steve@sakoman.com>
References: <cover.1749583904.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 10 Jun 2025 19:34:49 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/218416

From: Changqing Li <changqing.li@windriver.com>

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/422

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup-2.4/CVE-2025-2784.patch   | 56 +++++++++++++++++++
 .../libsoup/libsoup-2.4_2.74.3.bb             |  1 +
 2 files changed, 57 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-2784.patch

diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-2784.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-2784.patch
new file mode 100644
index 0000000000..106f907168
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-2784.patch
@@ -0,0 +1,56 @@
+From 2eacbd762332795e00692ddab2515c6da23198d3 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Mon, 12 May 2025 14:06:41 +0800
+Subject: [PATCH] sniffer: Add better coverage of skip_insignificant_space()
+
+CVE: CVE-2025-2784
+Upstream-Status: Backport
+[https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/435/diffs?commit_id=242a10fbb12dbdc12d254bd8fc8669a0ac055304;
+ https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/442/diffs?commit_id=c415ad0b6771992e66c70edf373566c6e247089d]
+
+Test code is not added since it uses some functions not defined in
+version 2.74. These tests are not used now, so just ignore them.
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-content-sniffer.c |  9 +++----
+ 1 files changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/libsoup/soup-content-sniffer.c b/libsoup/soup-content-sniffer.c
+index 5f2896e..9554636 100644
+--- a/libsoup/soup-content-sniffer.c
++++ b/libsoup/soup-content-sniffer.c
+@@ -612,8 +612,10 @@ sniff_text_or_binary (SoupContentSniffer *sniffer, SoupBuffer *buffer)
+ }
+ 
+ static gboolean
+-skip_insignificant_space (const char *resource, int *pos, int resource_length)
++skip_insignificant_space (const char *resource, gsize *pos, gsize resource_length)
+ {
++	if (*pos >= resource_length)
++		return TRUE;
+ 	while ((resource[*pos] == '\x09') ||
+ 	       (resource[*pos] == '\x20') ||
+ 	       (resource[*pos] == '\x0A') ||
+@@ -632,7 +634,7 @@ sniff_feed_or_html (SoupContentSniffer *sniffer, SoupBuffer *buffer)
+ {
+ 	const char *resource = (const char *)buffer->data;
+ 	int resource_length = MIN (512, buffer->length);
+-	int pos = 0;
++	gsize pos = 0;
+ 
+ 	if (resource_length < 3)
+ 		goto text_html;
+@@ -642,9 +644,6 @@ sniff_feed_or_html (SoupContentSniffer *sniffer, SoupBuffer *buffer)
+ 		pos = 3;
+ 
+  look_for_tag:
+-	if (pos > resource_length)
+-		goto text_html;
+-
+ 	if (skip_insignificant_space (resource, &pos, resource_length))
+ 		goto text_html;
+
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
index 8f0b706276..0da309ebd8 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
@@ -39,6 +39,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-46421.patch \
            file://CVE-2025-4948.patch \
            file://CVE-2025-4476.patch \
+           file://CVE-2025-2784.patch \
 "
 SRC_URI[sha256sum] = "e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13"
 

From patchwork Tue Jun 10 19:34:07 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 64762
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id C136EC61DB2
	for <webhook@archiver.kernel.org>; Tue, 10 Jun 2025 19:34:49 +0000 (UTC)
Received: from mail-pg1-f182.google.com (mail-pg1-f182.google.com
 [209.85.215.182])
 by mx.groups.io with SMTP id smtpd.web10.96412.1749584085448840794
 for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:45 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=gxw/4QV5;
 spf=softfail (domain: sakoman.com, ip: 209.85.215.182,
 mailfrom: steve@sakoman.com)
Received: by mail-pg1-f182.google.com with SMTP id
 41be03b00d2f7-b1fb650bdf7so3247492a12.1
        for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1749584085;
 x=1750188885; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=SPCvp7wTfPX73nnMQYlqG3H52Dc1Yysym3rnAJL29PA=;
        b=gxw/4QV5LeLU/pNMK+jzodM8+Ifs8a0HBLx25wMAiUPUYRA7Bgb5P+ymMpkfo9VFvt
         /sEAEYai/XapTHq7u/gS55jYB4gO6zqlgpQPF/4Dp+kNQaRCQ1nv6abN5hlnnUk2N8in
         CIFsH6IVqzchbfsiabdMfbkwXLmr/a2Fj6qxZIpvpzCDzERlzpOkCPuEXnD+uA7BkKw6
         FLOGhpg2y1aJPFZtdB73l+aX+HixnXw5r3JiUApThbRhEChxFQwm1KuJDC8Ot8oaxJ8d
         dKqevGDdOuVbdEa+smuydI6y0jd63fzishwJnGHCTlH0E9BlLhrJtcWUi9CtSY/PXlu6
         zbPQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1749584085; x=1750188885;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=SPCvp7wTfPX73nnMQYlqG3H52Dc1Yysym3rnAJL29PA=;
        b=YAD1RgxLHqTgpxF2PuI8cNtrO3Hj1Rgq7i5BuAdvSbj0xJMRAp0x717RqlnAJ3YZ8O
         kdJ12D/OoRW7E89gpl06rDwES5DCE+F4rC4ljwivNN7/Ziq0Be9vOnDQHkHYXJ1cLkD5
         jyPpJZL+K4jl88656IxCzOaLjl8Rd8JjDPoiCJz5gNisYEQL8AkyD+InQIX53AxLqDXN
         dSx4ouw05Ftx6z0Xu7xEo5c66E7evNUsXnSvo653thetdDJXfRNkSBoO1Ui4A6jRsakH
         wGzx2KOFnnqFs5YXV+p7cKAHZre61UfiftaPTaYwf7lYswxoB3UD2YMKypSer5Ge4yFS
         KoOA==
X-Gm-Message-State: AOJu0Yyv8fZs3lKlRGH6np1PAIIm2dnhnqv5B8vRsrqHE2MqXFqbNRkE
	jmxdHWz+F1TAXkT364UyXbvJ04+6y/Jozc4Oa9LMP0SSl38LhPiZ8ousPDDmjnQ4188LMAR8gPM
	Mx2sa
X-Gm-Gg: ASbGncvRGmoXrVJxC8faSQSfV3hFFVD1gKFPAYgRO44ZgGbL4j6cLvdJcbvX3J5hA3m
	ABvAvz5tvdO3tx9qn/k0cCRnkpyS/dAXunTp8Q4PA3G2L8BK01yVLpgZn5n8m38mhZyLBMT5Wb+
	MsF7Q5SypCQaji4qILt8CMesSzVobuT5c7oHPKAY19VT1HTxublDRCBHnI2eX1bu9H1DumH8Tga
	FN1EGOcYbDwp2bzTcrSZ3p5TAiVKejf6QY27a88KdlxXeUw10u9Yb/u6xPM+0jCE6JYgteG3+iN
	Wmy4lReZ54rB/grknKHJ3bQJ+dhUgZawvpbczfxFZR0h/xFLPvgSgQ==
X-Google-Smtp-Source: 
 AGHT+IHFZFyTbxMXbLL5ODApw5nK/QjKvjBu5FVCLzE6HK6LeqrVxXa7iTZWqyVOLbLA/Pb5OnNfJg==
X-Received: by 2002:a17:90b:582e:b0:312:e8ed:758 with SMTP id
 98e67ed59e1d1-313af10bc7dmr1051494a91.13.1749584084718;
        Tue, 10 Jun 2025 12:34:44 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:7bc4:2c75:fa51:ff16])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-313b10c7a88sm73897a91.33.2025.06.10.12.34.43
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 10 Jun 2025 12:34:44 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 12/16] libsoup: fix CVE-2025-2784
Date: Tue, 10 Jun 2025 12:34:07 -0700
Message-ID: 
 <504d92b01ac9a227e8e57b677f016fdfeccd5666.1749583904.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1749583904.git.steve@sakoman.com>
References: <cover.1749583904.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 10 Jun 2025 19:34:49 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/218417

From: Changqing Li <changqing.li@windriver.com>

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/422

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup-3.4.4/CVE-2025-2784.patch | 137 ++++++++++++++++++
 meta/recipes-support/libsoup/libsoup_3.4.4.bb |   1 +
 2 files changed, 138 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-2784.patch

diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-2784.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-2784.patch
new file mode 100644
index 0000000000..b2e1c12d48
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-2784.patch
@@ -0,0 +1,137 @@
+From dd10ae267e33bcc35646610d7cc1841da77d05e7 Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Wed, 5 Feb 2025 14:39:42 -0600
+Subject: [PATCH] Fix CVE-2025-2784
+
+CVE: CVE-2025-2784
+Upstream-Status: Backport
+[https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/435/diffs?commit_id=242a10fbb12dbdc12d254bd8fc8669a0ac055304
+https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/442/diffs?commit_id=c415ad0b6771992e66c70edf373566c6e247089d]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ .../content-sniffer/soup-content-sniffer.c    | 10 ++--
+ tests/meson.build                             |  4 +-
+ tests/sniffing-test.c                         | 48 +++++++++++++++++++
+ 3 files changed, 56 insertions(+), 6 deletions(-)
+
+diff --git a/libsoup/content-sniffer/soup-content-sniffer.c b/libsoup/content-sniffer/soup-content-sniffer.c
+index aeee2e2..a5e18d5 100644
+--- a/libsoup/content-sniffer/soup-content-sniffer.c
++++ b/libsoup/content-sniffer/soup-content-sniffer.c
+@@ -638,8 +638,11 @@ sniff_text_or_binary (SoupContentSniffer *sniffer, GBytes *buffer)
+ }
+ 
+ static gboolean
+-skip_insignificant_space (const char *resource, int *pos, int resource_length)
++skip_insignificant_space (const char *resource, gsize *pos, gsize resource_length)
+ {
++        if (*pos >= resource_length)
++	        return TRUE;
++
+ 	while ((resource[*pos] == '\x09') ||
+ 	       (resource[*pos] == '\x20') ||
+ 	       (resource[*pos] == '\x0A') ||
+@@ -659,7 +662,7 @@ sniff_feed_or_html (SoupContentSniffer *sniffer, GBytes *buffer)
+ 	gsize resource_length;
+ 	const char *resource = g_bytes_get_data (buffer, &resource_length);
+ 	resource_length = MIN (512, resource_length);
+-	int pos = 0;
++	gsize pos = 0;
+ 
+ 	if (resource_length < 3)
+ 		goto text_html;
+@@ -669,9 +672,6 @@ sniff_feed_or_html (SoupContentSniffer *sniffer, GBytes *buffer)
+ 		pos = 3;
+ 
+  look_for_tag:
+-	if (pos > resource_length)
+-		goto text_html;
+-
+ 	if (skip_insignificant_space (resource, &pos, resource_length))
+ 		goto text_html;
+ 
+diff --git a/tests/meson.build b/tests/meson.build
+index 7ef7ac5..95b13b8 100644
+--- a/tests/meson.build
++++ b/tests/meson.build
+@@ -95,7 +95,9 @@ tests = [
+   {'name': 'server-auth'},
+   {'name': 'server-mem-limit'},
+   {'name': 'server'},
+-  {'name': 'sniffing'},
++  {'name': 'sniffing',
++    'depends': [test_resources],
++  },
+   {'name': 'ssl',
+    'dependencies': [gnutls_dep],
+    'depends': mock_pkcs11_module,
+diff --git a/tests/sniffing-test.c b/tests/sniffing-test.c
+index 6116719..7857732 100644
+--- a/tests/sniffing-test.c
++++ b/tests/sniffing-test.c
+@@ -342,6 +342,52 @@ test_disabled (gconstpointer data)
+ 	g_uri_unref (uri);
+ }
+ 
++static const gsize MARKUP_LENGTH = strlen ("<!--") + strlen ("-->");
++
++static void
++do_skip_whitespace_test (void)
++{
++        SoupContentSniffer *sniffer = soup_content_sniffer_new ();
++        SoupMessage *msg = soup_message_new (SOUP_METHOD_GET, "http://example.org");
++        const char *test_cases[] = {
++                "",
++                "<rdf:RDF",
++                "<rdf:RDFxmlns:rdf=\"http://www.w3.org/1999/02/22-rdf-syntax-ns#\"",
++                "<rdf:RDFxmlns=\"http://purl.org/rss/1.0/\"",
++        };
++
++        soup_message_headers_set_content_type (soup_message_get_response_headers (msg), "text/html", NULL);
++
++        for (guint i = 0; i < G_N_ELEMENTS (test_cases); i++) {
++                const char *trailing_data = test_cases[i];
++                gsize leading_zeros = 512 - MARKUP_LENGTH - strlen (trailing_data);
++                gsize testsize = MARKUP_LENGTH + leading_zeros + strlen (trailing_data);
++                guint8 *data = g_malloc0 (testsize);
++                guint8 *p = data;
++                char *content_type;
++                GBytes *buffer;
++
++                // Format of <!--[0x00 * $leading_zeros]-->$trailing_data
++                memcpy (p, "<!--", strlen ("<!--"));
++                p += strlen ("<!--");
++                p += leading_zeros;
++                memcpy (p, "-->", strlen ("-->"));
++                p += strlen ("-->");
++                if (strlen (trailing_data))
++                        memcpy (p, trailing_data, strlen (trailing_data));
++                // Purposefully not NUL terminated.                
++
++                buffer = g_bytes_new_take (g_steal_pointer (&data), testsize);
++                content_type = soup_content_sniffer_sniff (sniffer, msg, buffer, NULL);
++
++                g_free (content_type);
++                g_bytes_unref (buffer);
++        }
++
++        g_object_unref (msg);
++        g_object_unref (sniffer);
++}
++
+ int
+ main (int argc, char **argv)
+ {
+@@ -517,6 +563,8 @@ main (int argc, char **argv)
+ 			      "/text_or_binary/home.gif",
+ 			      test_disabled);
+ 
++	g_test_add_func ("/sniffing/whitespace", do_skip_whitespace_test);
++
+ 	ret = g_test_run ();
+ 
+ 	g_uri_unref (base_uri);
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
index 9b8bf5b9a2..37319f007f 100644
--- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb
@@ -43,6 +43,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32050.patch \
            file://CVE-2025-46421.patch \
            file://CVE-2025-4948.patch \
+           file://CVE-2025-2784.patch \
 "
 SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa"
 

From patchwork Tue Jun 10 19:34:08 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 64761
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id C7F3FC71133
	for <webhook@archiver.kernel.org>; Tue, 10 Jun 2025 19:34:49 +0000 (UTC)
Received: from mail-pg1-f179.google.com (mail-pg1-f179.google.com
 [209.85.215.179])
 by mx.groups.io with SMTP id smtpd.web10.96415.1749584086949367954
 for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:47 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=IubEWOsb;
 spf=softfail (domain: sakoman.com, ip: 209.85.215.179,
 mailfrom: steve@sakoman.com)
Received: by mail-pg1-f179.google.com with SMTP id
 41be03b00d2f7-b1396171fb1so3069201a12.2
        for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1749584086;
 x=1750188886; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=LsFW0c2kwLdW2dncq0cqyQNjfmqiZewBLI9Cgn1Qg54=;
        b=IubEWOsbCDfy/JLYOnCM+mLMSyLwZkV3MhE7DjpzQ32y1ZJ/YMaKf6ATrZ+UGMXap3
         isrjPanqfM7ndJOo4NNkR72US/U1xrFfGcXa/QCWIf4dfrnusneGCpgb5itw21RsEfqW
         yY1NvB80bvmkksp9vl9RyC3jMZTxRXfrx+PDYBJl8319gi0/BTyhRMtOXDTfG21+qNYu
         eH8bYKTY9Z+2WcvDBvm9MfWfOH46G4L8anBtHIFMOEPAXY4oHl0yhZCd1jGE4DGl100F
         AniD1x+keT70iCyTmXqEn5IULc/MF0TOn7h986o0a/QPqhF8extM6BjT+qVhcOnFCrv3
         8/qA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1749584086; x=1750188886;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=LsFW0c2kwLdW2dncq0cqyQNjfmqiZewBLI9Cgn1Qg54=;
        b=vS4edBCz4HtK3E97+fACOrZL4WzvFPs/G6in/8Jf0YaiW3sOc+/e9+wGw5o/NHel1/
         s/Ooz2Obm0xTPaDnooyRngpvFonwB1FMkkbRIR2cQQdTsOj0vl99721BOkmoJr05bVkF
         yH6eesMrRPJ2GkdMmb69E/M6DtRlWLUq8r4oC3J8vuoy/fLschCMrf9BRPRcascdpf24
         6L4HL1ypBYXCKpw25z/MhVGNTQvfXfROuP3TPkSwf3IA+HJTcoRR8lG4M6xMsAyCXTTw
         rbtsymd/PHL0foJMfixwmsTVPYkEm0RvL4pQWf8heqjOi+EdM4+paQXtju8gIS4rQoEf
         hpBg==
X-Gm-Message-State: AOJu0Yy5LiKcZnEfpS6RsE/Nw/Ua0sR7fg1q7jfWFS2GmLhfWOo/hzIY
	su5Z/zIXcQa2oG/RJM8QGtW/MWrkh+z4zthk7M7v+oz/FzI1U4ijSyIhl05boAQgS3fHg3Snojk
	DIQPw
X-Gm-Gg: ASbGncsyj6PMucW9f0AJlutUYAlUGTBg+1SC7Hemz/ulPR4jpypR9uEepEDK5HPBuve
	/hEjleayjLMGHUUqwDAeKGQc3bUarUshWW3Vx6lnjMXqMT4EtoNmoWAOg62LYa2qVxmVw4yypUz
	n7xoK3oS71ppufo1myfK3U/iNVqHjR22PE2wDJOPCR4yK+pjkZ1fgmxAvWA23RGgvxI5As2OdpB
	7U7mEcd0PnP1ZF85nwNTskccSRNBevYfTb1snlXUQUm9X3pVFSOLqc57aNh4/uSeGWu/GuXp+EM
	xRkOBxlDOlshRtGBij6+VD9yBNGPbNeLmSUusl/OdN+TWQHSV21P8CqW2qKnt/Gm
X-Google-Smtp-Source: 
 AGHT+IGeSVjsVA7QqS9BKDCw6tXxmr33rnTJcuGeu9p6XH1UYI0wkMoVntbljLIzlf6eXbqSFwMCkQ==
X-Received: by 2002:a17:90b:55d0:b0:312:26d9:d5b4 with SMTP id
 98e67ed59e1d1-313af196987mr1093147a91.17.1749584086202;
        Tue, 10 Jun 2025 12:34:46 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:7bc4:2c75:fa51:ff16])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-313b10c7a88sm73897a91.33.2025.06.10.12.34.45
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 10 Jun 2025 12:34:45 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 13/16] kea: upgrade 2.4.1 -> 2.4.2
Date: Tue, 10 Jun 2025 12:34:08 -0700
Message-ID: 
 <2f3d2a2848472bdf87fbce00967bc780fc859e05.1749583904.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1749583904.git.steve@sakoman.com>
References: <cover.1749583904.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 10 Jun 2025 19:34:49 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/218418

From: Vijay Anusuri <vanusuri@mvista.com>

Changelog
https://downloads.isc.org/isc/kea/2.4.2/Kea-2.4.2-ReleaseNotes.txt

License-Update: Update copyright year

Includes security fixes for CVE-2025-32801, CVE-2025-32802 and CVE-2025-32803

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-connectivity/kea/{kea_2.4.1.bb => kea_2.4.2.bb} | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-connectivity/kea/{kea_2.4.1.bb => kea_2.4.2.bb} (94%)

diff --git a/meta/recipes-connectivity/kea/kea_2.4.1.bb b/meta/recipes-connectivity/kea/kea_2.4.2.bb
similarity index 94%
rename from meta/recipes-connectivity/kea/kea_2.4.1.bb
rename to meta/recipes-connectivity/kea/kea_2.4.2.bb
index fcdb4889d9..6bb7cb9164 100644
--- a/meta/recipes-connectivity/kea/kea_2.4.1.bb
+++ b/meta/recipes-connectivity/kea/kea_2.4.2.bb
@@ -3,7 +3,7 @@ DESCRIPTION = "Kea is the next generation of DHCP software developed by ISC. It
 HOMEPAGE = "http://kea.isc.org"
 SECTION = "connectivity"
 LICENSE = "MPL-2.0"
-LIC_FILES_CHKSUM = "file://COPYING;md5=ea061fa0188838072c4248c1318ec131"
+LIC_FILES_CHKSUM = "file://COPYING;md5=ee16e7280a6cf2a1487717faf33190dc"
 
 DEPENDS = "boost log4cplus openssl"
 
@@ -18,7 +18,7 @@ SRC_URI = "http://ftp.isc.org/isc/kea/${PV}/${BP}.tar.gz \
            file://fix_pid_keactrl.patch \
            file://0001-src-lib-log-logger_unittest_support.cc-do-not-write-.patch \
            "
-SRC_URI[sha256sum] = "815c61f5c271caa4a1db31dd656eb50a7f6ea973da3690f7c8581408e180131a"
+SRC_URI[sha256sum] = "6e82fb319d3b871c0d39bbd504f2cda0c66fa1262865872985fb4fb91b4eaafc"
 
 inherit autotools systemd update-rc.d upstream-version-is-even
 

From patchwork Tue Jun 10 19:34:09 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 64763
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id CE92FC71135
	for <webhook@archiver.kernel.org>; Tue, 10 Jun 2025 19:34:49 +0000 (UTC)
Received: from mail-pj1-f47.google.com (mail-pj1-f47.google.com
 [209.85.216.47])
 by mx.groups.io with SMTP id smtpd.web10.96416.1749584088618005939
 for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:48 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=UfWFgA2s;
 spf=softfail (domain: sakoman.com, ip: 209.85.216.47,
 mailfrom: steve@sakoman.com)
Received: by mail-pj1-f47.google.com with SMTP id
 98e67ed59e1d1-3109f106867so7037133a91.1
        for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1749584088;
 x=1750188888; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=9cZfwonTDHQksT57a7WQmY1EDHhBK4Spi4wa87QkOz0=;
        b=UfWFgA2st9KM/kz88/iBbiTP2utAasBRJs+y/0BKZyzFY6pqVZLJgRPlhG+4lNmKJd
         d0UYPJGprH0GIz65I+EO4vZZEUDBZz0h0LAs38b+KjFdaUKfRN1f4pAew55DjOH0apmH
         i1sw8XZAX2d6Qwaf7PloZ7eDvCsVhRams1yE/W3ikdhspNqcP7tps8JV4UdWbHOC9WmM
         6q3Wa2joJQS6I3MhqAGXqEDj6XRaq0+9yHDmpb6GRohYYLYbQChw+hnYo0mC+Hco/JBR
         4BOppEf/sl0YJCcgY5E2FPZgao5YKZl9rozCXaOlyVGRlPnzIbWAhWrNkBAxkJYZviQE
         Bp/Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1749584088; x=1750188888;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=9cZfwonTDHQksT57a7WQmY1EDHhBK4Spi4wa87QkOz0=;
        b=jn6OOG7eXBaVjMlJFf1fCPBsnh6e3px7P+WxBDULW3wdFhcDlQePo5CFZFsOfJz790
         tVafGhnAfJn9lCMtOaWSsOiEg4z8hb3/72jSXk6FCL1Md4pYL5Pru3fCx4RT0Em7wJFS
         +ZWcz8d/YJ2GRBxtFSTFmXI57SWZn5ZwrgA5a8TM3+AXKyhr2+HTuoG9M5A4ldQbMrM6
         rNJwPwEEeI6jl9mSr2D6g9+lbKiHjO6KEzAjGbbNtPVmTvqa2zXJwCF1Z4gzUj28yJkQ
         NjOqez5j+SEgKhE0/GmYpBXLH8CnVdZVkfJ0G4jpbiiC0OrPQhu34YMAbZNUexWBU2xw
         CGAA==
X-Gm-Message-State: AOJu0YyLM52Wc78xA6EwJb3uxemJbh2WK8xTggv4FgvXe73mnXFhhbax
	PbGxPtmKSrseuRO4rGx7uwaO3qNN9OGjJ/PWhIWQZmyxIs4Cp1I6gTxAZ5DDtcEqIV+ORB/LWqz
	Vjgqj
X-Gm-Gg: ASbGncvE6858b+8qeSBeP5x+Dk6SNzZXrZUdwZuiI1dVOTDyoYhmS5UmH9eSUbWALdX
	2YM2CIwLYN2+dmDqUYTGioK03ZEK3JBgrnJgR5BwQ9fBqjUYmzNDPZO2ug/DnOkJX5fbzupl1Jw
	nZm/txPYyPd17RkJXL6IUeK5evo7Ul1GmnbsUcr7Ga6wOooGBPVPojy2OZlMR45GFvlYnREZRy8
	9H8nMq7RjD7bArER2TiV2xwd0IDNmI6I2Y7QQbORppaMYldHjRBoPSL0WHiNbM2OSDoFY8neTe6
	v+kBEX1ar9c+2QYjVSAA0FoECIURYlEe/y/0iyR6nCamjjM8jHn7zA==
X-Google-Smtp-Source: 
 AGHT+IEVVBtLO6Dz8fwolHIPg2QHF2KsgDWMSFha7nqBjlw0fejqoIcGOJ+KZfPEB/zP/muI3XT7TA==
X-Received: by 2002:a17:90b:38d2:b0:311:b5ac:6f63 with SMTP id
 98e67ed59e1d1-313af1b311bmr882764a91.21.1749584087775;
        Tue, 10 Jun 2025 12:34:47 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:7bc4:2c75:fa51:ff16])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-313b10c7a88sm73897a91.33.2025.06.10.12.34.47
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 10 Jun 2025 12:34:47 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 14/16] python3: upgrade 3.12.9 -> 3.12.11
Date: Tue, 10 Jun 2025 12:34:09 -0700
Message-ID: 
 <6cca08b2857efd5481e837ecd6bb295cb8a99ee1.1749583904.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1749583904.git.steve@sakoman.com>
References: <cover.1749583904.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 10 Jun 2025 19:34:49 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/218419

From: Peter Marko <peter.marko@siemens.com>

Drop upstreamed patch and refresh remaining patches.

* https://www.python.org/downloads/release/python-31210/

  Python 3.12.10 is the latest maintenance release of Python 3.12, and
  the last full maintenance release. Subsequent releases of 3.12 will be
  security-fixes only.

* https://www.python.org/downloads/release/python-31211/

  Security content in this release
  * gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330]
    [CVE 2025-4435] [CVE 2025-4517] Fixes multiple issues that allowed
    tarfile extraction filters (filter="data" and filter="tar") to be
    bypassed using crafted symlinks and hard links.
  * gh-133767: Fix use-after-free in the “unicode-escape” decoder with a
    non-“strict” error handler.
  * gh-128840: Short-circuit the processing of long IPv6 addresses early
    in ipaddress to prevent excessive memory consumption and a minor
    denial-of-service.

gh-133767 got meawhile CVE-2025-4516 assigned.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...shebang-overflow-on-python-config.py.patch |  2 +-
 ...-use-prefix-value-from-build-configu.patch |  2 +-
 ...sts-due-to-load-variability-on-YP-AB.patch |  6 +--
 ...001-ctypes-correct-gcc-check-in-test.patch | 53 -------------------
 ...e-treat-overflow-in-UID-GID-as-failu.patch |  2 +-
 ..._fileno-test-due-to-load-variability.patch |  2 +-
 ...orlines-skip-due-to-load-variability.patch |  2 +-
 .../python/python3/makerace.patch             |  2 +-
 .../{python3_3.12.9.bb => python3_3.12.11.bb} |  3 +-
 9 files changed, 10 insertions(+), 64 deletions(-)
 delete mode 100644 meta/recipes-devtools/python/python3/0001-ctypes-correct-gcc-check-in-test.patch
 rename meta/recipes-devtools/python/{python3_3.12.9.bb => python3_3.12.11.bb} (99%)

diff --git a/meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch b/meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch
index 6e4930b9ec..a8f98d873e 100644
--- a/meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch
+++ b/meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch
@@ -19,7 +19,7 @@ diff --git a/Makefile.pre.in b/Makefile.pre.in
 index 2d235d2..1ac2263 100644
 --- a/Makefile.pre.in
 +++ b/Makefile.pre.in
-@@ -2355,6 +2355,8 @@ python-config: $(srcdir)/Misc/python-config.in Misc/python-config.sh
+@@ -2356,6 +2356,8 @@ python-config: $(srcdir)/Misc/python-config.in Misc/python-config.sh
  	@ # Substitution happens here, as the completely-expanded BINDIR
  	@ # is not available in configure
  	sed -e "s,@EXENAME@,$(EXENAME)," < $(srcdir)/Misc/python-config.in >python-config.py
diff --git a/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch b/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch
index 1b9f3565d3..c42a56bcb3 100644
--- a/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch
+++ b/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch
@@ -17,7 +17,7 @@ diff --git a/Lib/sysconfig.py b/Lib/sysconfig.py
 index 6258b68..d59ec6e 100644
 --- a/Lib/sysconfig.py
 +++ b/Lib/sysconfig.py
-@@ -668,6 +668,11 @@ def _init_config_vars():
+@@ -675,6 +675,11 @@ def _init_config_vars():
          _CONFIG_VARS['VPATH'] = sys._vpath
      if os.name == 'posix':
          _init_posix(_CONFIG_VARS)
diff --git a/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch b/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch
index ec3bb9cbbd..051ec2c635 100644
--- a/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch
+++ b/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch
@@ -26,7 +26,7 @@ diff --git a/Lib/test/_test_multiprocessing.py b/Lib/test/_test_multiprocessing.
 index 3b4415b..1f94dec 100644
 --- a/Lib/test/_test_multiprocessing.py
 +++ b/Lib/test/_test_multiprocessing.py
-@@ -688,6 +688,7 @@ class _TestProcess(BaseTestCase):
+@@ -692,6 +692,7 @@ class _TestProcess(BaseTestCase):
          close_queue(q)
  
      @support.requires_resource('walltime')
@@ -34,7 +34,7 @@ index 3b4415b..1f94dec 100644
      def test_many_processes(self):
          if self.TYPE == 'threads':
              self.skipTest('test not appropriate for {}'.format(self.TYPE))
-@@ -2211,6 +2212,7 @@ class _TestBarrier(BaseTestCase):
+@@ -2223,6 +2224,7 @@ class _TestBarrier(BaseTestCase):
          except threading.BrokenBarrierError:
              results.append(True)
  
@@ -42,7 +42,7 @@ index 3b4415b..1f94dec 100644
      def test_timeout(self):
          """
          Test wait(timeout)
-@@ -5208,6 +5210,7 @@ class TestWait(unittest.TestCase):
+@@ -5220,6 +5222,7 @@ class TestWait(unittest.TestCase):
          time.sleep(period)
  
      @support.requires_resource('walltime')
diff --git a/meta/recipes-devtools/python/python3/0001-ctypes-correct-gcc-check-in-test.patch b/meta/recipes-devtools/python/python3/0001-ctypes-correct-gcc-check-in-test.patch
deleted file mode 100644
index 3dd762e519..0000000000
--- a/meta/recipes-devtools/python/python3/0001-ctypes-correct-gcc-check-in-test.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-From 2e2a0c8593a38f2020cc2baeeaa7972eb86773f9 Mon Sep 17 00:00:00 2001
-From: Peter Marko <peter.marko@siemens.com>
-Date: Sat, 8 Feb 2025 23:57:17 +0100
-Subject: [PATCH] ctypes: correct gcc check in test
-
-In case gcc is not available, it will throw exception and test fails.
-So chatch the exception to skip the test correctly.
-
-======================================================================
-ERROR: test_null_dlsym (test.test_ctypes.test_dlerror.TestNullDlsym.test_null_dlsym)
-----------------------------------------------------------------------
-Traceback (most recent call last):
-  File "/usr/lib/python3.12/test/test_ctypes/test_dlerror.py", line 61, in test_null_dlsym
-    retcode = subprocess.call(["gcc", "--version"],
-              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-  File "/usr/lib/python3.12/subprocess.py", line 391, in call
-    with Popen(*popenargs, **kwargs) as p:
-         ^^^^^^^^^^^^^^^^^^^^^^^^^^^
-  File "/usr/lib/python3.12/subprocess.py", line 1028, in __init__
-    self._execute_child(args, executable, preexec_fn, close_fds,
-  File "/usr/lib/python3.12/subprocess.py", line 1963, in _execute_child
-    raise child_exception_type(errno_num, err_msg, err_filename)
-FileNotFoundError: [Errno 2] No such file or directory: 'gcc'
-
-Upstream-Status: Submitted [https://github.com/python/cpython/pull/129872]
-Signed-off-by: Peter Marko <peter.marko@siemens.com>
----
- Lib/test/test_ctypes/test_dlerror.py | 11 +++++++----
- 1 file changed, 7 insertions(+), 4 deletions(-)
-
-diff --git a/Lib/test/test_ctypes/test_dlerror.py b/Lib/test/test_ctypes/test_dlerror.py
-index 6bf492399cb..56eb7622b4d 100644
---- a/Lib/test/test_ctypes/test_dlerror.py
-+++ b/Lib/test/test_ctypes/test_dlerror.py
-@@ -58,11 +58,14 @@ def test_null_dlsym(self):
-         import subprocess
-         import tempfile
- 
--        retcode = subprocess.call(["gcc", "--version"],
--                                  stdout=subprocess.DEVNULL,
--                                  stderr=subprocess.DEVNULL)
--        if retcode != 0:
-+        try:
-+            retcode = subprocess.call(["gcc", "--version"],
-+                                      stdout=subprocess.DEVNULL,
-+                                      stderr=subprocess.DEVNULL)
-+        except:
-             self.skipTest("gcc is missing")
-+        if retcode != 0:
-+            self.skipTest("gcc is not working")
- 
-         pipe_r, pipe_w = os.pipe()
-         self.addCleanup(os.close, pipe_r)
diff --git a/meta/recipes-devtools/python/python3/0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch b/meta/recipes-devtools/python/python3/0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch
index 5c74443e62..1cffdd6e05 100644
--- a/meta/recipes-devtools/python/python3/0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch
+++ b/meta/recipes-devtools/python/python3/0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch
@@ -16,7 +16,7 @@ diff --git a/Lib/tarfile.py b/Lib/tarfile.py
 index 0a0f31e..4dfb67d 100755
 --- a/Lib/tarfile.py
 +++ b/Lib/tarfile.py
-@@ -2590,7 +2590,8 @@ class TarFile(object):
+@@ -2685,7 +2685,8 @@ class TarFile(object):
                      os.lchown(targetpath, u, g)
                  else:
                      os.chown(targetpath, u, g)
diff --git a/meta/recipes-devtools/python/python3/0001-skip-no_stdout_fileno-test-due-to-load-variability.patch b/meta/recipes-devtools/python/python3/0001-skip-no_stdout_fileno-test-due-to-load-variability.patch
index e105f36eca..4920cb9ad9 100644
--- a/meta/recipes-devtools/python/python3/0001-skip-no_stdout_fileno-test-due-to-load-variability.patch
+++ b/meta/recipes-devtools/python/python3/0001-skip-no_stdout_fileno-test-due-to-load-variability.patch
@@ -19,7 +19,7 @@ diff --git a/Lib/test/test_builtin.py b/Lib/test/test_builtin.py
 index c71c568..e41ab5e 100644
 --- a/Lib/test/test_builtin.py
 +++ b/Lib/test/test_builtin.py
-@@ -2352,6 +2352,7 @@ class PtyTests(unittest.TestCase):
+@@ -2375,6 +2375,7 @@ class PtyTests(unittest.TestCase):
          # Check stdin/stdout error handler is used when invoking PyOS_Readline()
          self.check_input_tty("prompté", b"quux\xe9", "ascii")
  
diff --git a/meta/recipes-devtools/python/python3/0001-test_storlines-skip-due-to-load-variability.patch b/meta/recipes-devtools/python/python3/0001-test_storlines-skip-due-to-load-variability.patch
index 22aabbb2ed..88cd93a51f 100644
--- a/meta/recipes-devtools/python/python3/0001-test_storlines-skip-due-to-load-variability.patch
+++ b/meta/recipes-devtools/python/python3/0001-test_storlines-skip-due-to-load-variability.patch
@@ -19,7 +19,7 @@ diff --git a/Lib/test/test_ftplib.py b/Lib/test/test_ftplib.py
 index 4c4a449..b8c79a4 100644
 --- a/Lib/test/test_ftplib.py
 +++ b/Lib/test/test_ftplib.py
-@@ -626,6 +626,7 @@ class TestFTPClass(TestCase):
+@@ -629,6 +629,7 @@ class TestFTPClass(TestCase):
              self.client.storbinary('stor', f, rest=r)
              self.assertEqual(self.server.handler_instance.rest, str(r))
  
diff --git a/meta/recipes-devtools/python/python3/makerace.patch b/meta/recipes-devtools/python/python3/makerace.patch
index 862b648685..fbe12a5fca 100644
--- a/meta/recipes-devtools/python/python3/makerace.patch
+++ b/meta/recipes-devtools/python/python3/makerace.patch
@@ -20,7 +20,7 @@ diff --git a/Makefile.pre.in b/Makefile.pre.in
 index dce36a5..2d235d2 100644
 --- a/Makefile.pre.in
 +++ b/Makefile.pre.in
-@@ -2266,7 +2266,7 @@ COMPILEALL_OPTS=-j0
+@@ -2267,7 +2267,7 @@ COMPILEALL_OPTS=-j0
  TEST_MODULES=@TEST_MODULES@
  
  .PHONY: libinstall
diff --git a/meta/recipes-devtools/python/python3_3.12.9.bb b/meta/recipes-devtools/python/python3_3.12.11.bb
similarity index 99%
rename from meta/recipes-devtools/python/python3_3.12.9.bb
rename to meta/recipes-devtools/python/python3_3.12.11.bb
index 8e03ff5f2b..706dabb5cd 100644
--- a/meta/recipes-devtools/python/python3_3.12.9.bb
+++ b/meta/recipes-devtools/python/python3_3.12.11.bb
@@ -34,14 +34,13 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
 	   file://0001-test_deadlock-skip-problematic-test.patch \
 	   file://0001-test_active_children-skip-problematic-test.patch \
            file://0001-test_readline-skip-limited-history-test.patch \
-           file://0001-ctypes-correct-gcc-check-in-test.patch \
            "
 
 SRC_URI:append:class-native = " \
            file://0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch \
            "
 
-SRC_URI[sha256sum] = "7220835d9f90b37c006e9842a8dff4580aaca4318674f947302b8d28f3f81112"
+SRC_URI[sha256sum] = "c30bb24b7f1e9a19b11b55a546434f74e739bb4c271a3e3a80ff4380d49f7adb"
 
 # exclude pre-releases for both python 2.x and 3.x
 UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"

From patchwork Tue Jun 10 19:34:10 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 64766
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id CE349C677C4
	for <webhook@archiver.kernel.org>; Tue, 10 Jun 2025 19:34:59 +0000 (UTC)
Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com
 [209.85.214.179])
 by mx.groups.io with SMTP id smtpd.web11.95779.1749584090113411495
 for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:50 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=eIzZ3Tpn;
 spf=softfail (domain: sakoman.com, ip: 209.85.214.179,
 mailfrom: steve@sakoman.com)
Received: by mail-pl1-f179.google.com with SMTP id
 d9443c01a7336-235ea292956so57116415ad.1
        for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1749584089;
 x=1750188889; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=HhvtAw+r2hbaK97LNjlw7KltrM0DeCF1PK/5NvzoibI=;
        b=eIzZ3TpnMILJXgH4MbGIDPdfxvMWVudyZLogIXNESS1EoNSLYGCDV1PPuGM5KavnR6
         lY0nTpji4NBMDiKF2o8NBEIYUyH+wvZGnOEmDMQYkui7nsaRcyHdqN1DOkfiqqJnp16l
         hCjSDPj2AGbWbZ5xcN+z9AphI+GC3V94W6Ozu7R9N91g9cB6LWWldD25IscHq8D0Amvk
         yft9hct4rH6G9o5o3NYB1JlmROwRSkgqMuBDiSL5X0RIqlGc0+JP2nxVvqIQCF18Qtr+
         lE8yqmh41kBSpoAVcXbXrn839ity9T0NoDazJD3SOuyl0DB+gcm4OuiXSSP7Z1J9cD0T
         9llg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1749584089; x=1750188889;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=HhvtAw+r2hbaK97LNjlw7KltrM0DeCF1PK/5NvzoibI=;
        b=pXXtb4sjcXBD4FkvSqXC71lTbCFoBo0q65PUDNXQwRhHB/iUFO+d3o5GmV0a9ENq5D
         HESFI2s/b5nHXV0+eTpcGdeZ/Asfv+VRH49gEGGI8G6YMYvAQspGk0U9saNqvK/v+dzo
         cvckcqH+YxiEy2RwnQZR3xEuC64vebZ9l0MBjAUTfdeFiJu1yBWQxW9hMGlFGqeFuRrQ
         VRaIP81xxpYX5HyakHD0XnjRjM8dPNmlkwMy4lPvJSYvhPPtyrEPrBAL9DCOVQ3rQYVq
         9GA1uPrfhctpMVbFZcPBmdaytOwXZlIG43ZryFluLfikdKLsldUkCyRrZheGsstvGD9a
         glvg==
X-Gm-Message-State: AOJu0Yzn27LfM0pt24PvxoJ2uqodGYs39lGE84oJ5ec7PGoLxa3YE9x2
	GMRfSx2DZP+Wn6gWKV58azSiNwfQzDKgRSkGHnPgrqc3Qx4ZyHwZvEJOMGp18HQhkcKkPuxs3Kg
	Fk6EE
X-Gm-Gg: ASbGncvIGhs707yxHu15ocwXTXUl9GbA/rqBjMllZ+gSnyGsETVGKmUQcTV7PHxZK0j
	cIM7SLd59Qd3vHSPbseYSTeJnZstISgbdoA8yYNl8VmfGN01jDqaPw+H2pZJ0hF60/hLNt/167e
	zc30feJTnou7PHixfsevYp9tEQ/llQDzzPj0hWttZoQ/uhFgR5QI8isVVn6KIhbljx3bsw1cmss
	GNpiXymGq81WbKEyW4dlq8ceBdh7ZJJsG+l6ehp4fq/SQxdOvM7I5emYRYqER+ZI9qpepV4pdMV
	V+0F2k5a6ibfcUjQuph/0dvOi3/eQPHjvwTldSWo1tgS6Dw9jUFI8mBWzTbiAXND
X-Google-Smtp-Source: 
 AGHT+IEkzbb1KSjOHeUAWmAX+3Q/6wRPyAAK+ZwupSwCt4MqDvG7GknuoA5CmWiA0Vs3wraAB4i7Xg==
X-Received: by 2002:a17:902:dac7:b0:235:6e7:8df2 with SMTP id
 d9443c01a7336-23641b1564amr6369805ad.41.1749584089198;
        Tue, 10 Jun 2025 12:34:49 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:7bc4:2c75:fa51:ff16])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-313b10c7a88sm73897a91.33.2025.06.10.12.34.48
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 10 Jun 2025 12:34:48 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 15/16] gtk+: add missing libdrm dependency
Date: Tue, 10 Jun 2025 12:34:10 -0700
Message-ID: 
 <46c7f1a8d6b39256479abd8a7bb7be1ccf221267.1749583904.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1749583904.git.steve@sakoman.com>
References: <cover.1749583904.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 10 Jun 2025 19:34:59 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/218420

From: Andrew Fernandes <andrew@fernandes.org>

Fixes [YOCTO #15513]

When built without the wayland feature, gtk4 does not
build due to a missing explicit dependency on libdrm.

Signed-off-by: Andrew Fernandes <andrew@fernandes.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b32290d9bbcfccc9b85fa5acbeaee5d32d9a9091)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-gnome/gtk+/gtk4_4.14.1.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-gnome/gtk+/gtk4_4.14.1.bb b/meta/recipes-gnome/gtk+/gtk4_4.14.1.bb
index 497be6805a..aae69271ac 100644
--- a/meta/recipes-gnome/gtk+/gtk4_4.14.1.bb
+++ b/meta/recipes-gnome/gtk+/gtk4_4.14.1.bb
@@ -16,6 +16,7 @@ DEPENDS = " \
     graphene \
     harfbuzz \
     jpeg \
+    libdrm \
     libepoxy \
     libpng \
     librsvg \

From patchwork Tue Jun 10 19:34:11 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 64765
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id D4FEAC71133
	for <webhook@archiver.kernel.org>; Tue, 10 Jun 2025 19:34:59 +0000 (UTC)
Received: from mail-pg1-f169.google.com (mail-pg1-f169.google.com
 [209.85.215.169])
 by mx.groups.io with SMTP id smtpd.web11.95780.1749584091313234050
 for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:51 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=Lr409Cd9;
 spf=softfail (domain: sakoman.com, ip: 209.85.215.169,
 mailfrom: steve@sakoman.com)
Received: by mail-pg1-f169.google.com with SMTP id
 41be03b00d2f7-b2c384b2945so4556856a12.0
        for <openembedded-core@lists.openembedded.org>;
 Tue, 10 Jun 2025 12:34:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1749584090;
 x=1750188890; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=TBRhrwWV6VwJV9YOZU3EjeVK+JXXf/Mb8Sh7ugxWDvk=;
        b=Lr409Cd9afOS8or+rcoMw6sDakwI92yw/wLlmJyy4H90oesLyVT32FWGTh8VE+NT3V
         XqFER+OiOFcqyVwZMtHDLjqpy50h48+7EWmDZGfrs43D0fKiF9TLPFmLKkO6/3O4V14a
         aikFvomqglP0jqXs6wz+xt5+jIFpAKpJzM2CAcKu8qM3YL3+u/oxXZgXnV8HZ8lAFwnm
         zqZW6G/CsdLDXnu0+FSMK6qgF0u8+kqqzOIOR0xWpHWuKf1z/DDzhl3a6ltXFApMv3H7
         zlGsI48Ut4u22Trud0A3lVJj/mT0b/IC1YKCDaObKNiFyTUchh3eXBx8yUCIDg86GL3x
         6ttw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1749584090; x=1750188890;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=TBRhrwWV6VwJV9YOZU3EjeVK+JXXf/Mb8Sh7ugxWDvk=;
        b=JXTXz5+HdwwCeue9LFGXnbHf6FXzxXuYHtV7XUo2oQd71aNztmN5nFAjSy3eExfrb8
         fMjxTqOpiD3PuKq3xmc/N5MqQ2sH7nuHDFd4m2MBUhenVXUgCzpxPc/dUsnsmWwRVLbP
         w3lFdkNEJDW1Y/AUzp2kF6zWm3VM1LlFakTc4ekBmKzFZuRc3ETk/n9UUa+41+VfWrvE
         huXCsXo4VryjcDI6oSJNi0XTOxuAS6PaW0NE7Irv6xgZkhaavuJHJD+0oBvQZaZ9wd+A
         hTq6F8S8ZYg2xsvWa2DOmFMEU0xhKGBjf7931e1CxRBwjXE67in9LDYtSN01eSNH5pTF
         h+/w==
X-Gm-Message-State: AOJu0Yx7V1fwTsVdsvodL/wJtPk/T67L/O1Nul+aqo54fAzLpKlD4CA9
	EhYwElxop4IyB3AAxz8Uw2LhbAqw/9K7W0r6Oe5GaRVdQW955ZLN0WgqksjWb1QFcEXG2dHkdw+
	nzwFT
X-Gm-Gg: ASbGncujy+WvR8e2lXb8Wjhouus/IBTf6Lfmy2W3spA4suZupbG4vYu+8nDWPo+AKwx
	IcHmCvU2vd1XqkgrKcydKw07JuIC7mWfgLg01xGAwNnE5pD0rc1rMCoT2MQVY7aQKNr0rP9ETBD
	oupOc5inAZSmrL12b6oI6DTa1KYB8HgaCqDQZV7YNv1mS/MS/YNr+kOM2h5bTjEWhCsxiw6wQ9C
	CaeMukYebLUbVS4VF68948UJl8rmPEntupzRTV9/Gd7z9oSo2oLwFPdCSXXNRRIXVWPBvkbwGCP
	uCilbwWNjKRHdriQuJ5Ej1B15CcJQpaHVzjbOYkt5VcSgF05Ky2AU0gB16YQYMqg
X-Google-Smtp-Source: 
 AGHT+IFqxBIxUcxuXnO/+TB8YR4UEbajR7TVqrCTmvddrwXj8BgJtWpnP2kW/VO1zmNxSWnQkOvcTg==
X-Received: by 2002:a17:90b:384d:b0:311:f30b:c21 with SMTP id
 98e67ed59e1d1-313af243a50mr789247a91.26.1749584090589;
        Tue, 10 Jun 2025 12:34:50 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:7bc4:2c75:fa51:ff16])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-313b10c7a88sm73897a91.33.2025.06.10.12.34.50
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 10 Jun 2025 12:34:50 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 16/16] testimage: get real os-release file
Date: Tue, 10 Jun 2025 12:34:11 -0700
Message-ID: 
 <f7ee6db8ca5dc72b7a468531e31403b60e6a0020.1749583904.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1749583904.git.steve@sakoman.com>
References: <cover.1749583904.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 10 Jun 2025 19:34:59 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/218421

From: Peter Marko <peter.marko@siemens.com>

/etc/os-release is a symlink to /usr/lib.
Symlink is retrieved as a dead link which points to nowhere if also the
original file is not accompanying it.
Fetch the real file in addition to this link.

Alternative could be to use "tar -h" (supported also by busybox tar),
however that could lose some important information if links are relevant
for failure analysis.

(From OE-Core rev: ed43f9ccb3c08845259e24440912631afd780d12)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes-recipe/testimage.bbclass | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/meta/classes-recipe/testimage.bbclass b/meta/classes-recipe/testimage.bbclass
index 954c213912..33b1c13f9d 100644
--- a/meta/classes-recipe/testimage.bbclass
+++ b/meta/classes-recipe/testimage.bbclass
@@ -25,7 +25,9 @@ TESTIMAGE_AUTO ??= "0"
 TESTIMAGE_FAILED_QA_ARTIFACTS = "\
     ${localstatedir}/log \
     ${sysconfdir}/version \
-    ${sysconfdir}/os-release"
+    ${sysconfdir}/os-release \
+    ${nonarch_libdir}/os-release \
+"
 
 # If some ptests are run and fail, retrieve corresponding directories
 TESTIMAGE_FAILED_QA_ARTIFACTS += "${@bb.utils.contains('DISTRO_FEATURES', 'ptest', '${libdir}/${MCNAME}/ptest', '', d)}"