From patchwork Sun Jun 22 14:59:56 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 65441
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 2948EC7115A
	for <webhook@archiver.kernel.org>; Sun, 22 Jun 2025 15:02:22 +0000 (UTC)
Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com
 [209.85.210.173])
 by mx.groups.io with SMTP id smtpd.web11.27805.1750604538043906090
 for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:18 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=tKlYfTfi;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.173,
 mailfrom: steve@sakoman.com)
Received: by mail-pf1-f173.google.com with SMTP id
 d2e1a72fcca58-74801bc6dc5so2575298b3a.1
        for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1750604537;
 x=1751209337; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=oYW9m5R0yi0DyW5JScPErGdOsTYmw5tqQKjJjnRhIRU=;
        b=tKlYfTfioEwl9l2dLws7kyof+CD3bndQvmu2X8KMpKMo568e/BHfcilU+OeGZFmPE2
         /O6iEbED+y1YkK3yZDZDOx6u8rmeU8Dqxt6L+GdMO9kjEZSiRZx3gsPTvMJ2Z23fGRyR
         hUewfW4FPaavfpOdTtiqoQHH0AdS8bVo0jYcCVVsTbSHqQOHB0yt3boqZS59m8+NDA4u
         8YLWKeqAqfJsAQlLQaCL8dNgg4drvxoJWf/Inar6x+fuCChSG3Dlqlfl0Rj6n2X2NYpM
         tgWMm6YS9H0T0ApU4q1JBr8gRNuUjJmsSKPrjcfSdPHFHIBRMUjKKexrVc3GH8BUTe7O
         HyHQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1750604537; x=1751209337;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=oYW9m5R0yi0DyW5JScPErGdOsTYmw5tqQKjJjnRhIRU=;
        b=PqGSlNm1mGcyNxOJ+Yca46Ngyi7rEK4huDg+SHu79dDAI5nj1dJE1WtYIoUVbCGOu1
         xMSRZa4infCyiOlq2DHTRK4hqdrw8WShYqFWl4hxIeQ5g10dnff5E9SgJbguKxpAfH17
         y4TH4dMEvMSK7mDnp9x2Ld2BYawF4p5OCu3xUtzHsmBsrWC/Wl6FGUmiYVRIsvBKY4pZ
         VUeT3XDgS6cgkPv4JEXaw8mZ93pLTUEm/xiWE91lPDViQdh5BBAeqsROWa0Jlssdeeuz
         l5/SMMFLRB62yG/6dQMyq1B6iHcgr6FmMG7lwkSkcGRN9IkOZoBe1oiPxbxChMcLggf+
         3KwA==
X-Gm-Message-State: AOJu0YwrW7xCkfZu5UcDGbF6SKIXBoU8d5OQ5mUWJ/LywaOdAQd382Fq
	nX2DW5fRlTm8TTPgdfWcsLo5d/upM0sooY3JnW/Z9LR74XCPpsOq/KZ5HkeKzhGzkQXeYVwmOGF
	ly+Qt9yM=
X-Gm-Gg: ASbGncvpUqDUEYfR0Ub3WZf0l9eVF0iinmxUC1Zt4vgx+WYz88TMoFWlLaQpNqPTPLj
	FG3wwuiSWF4zzh+o0x5eceWQGH4tKVpxdxZ4wEvSvLBVmRVAVYX7kEpUe1KINEVyxvRDdpB/Xsd
	4WCDiQ4tuvp1UHiU9J6TbKr5n2lBcrQ2IQ/hfcjC0zpJndzLUBjhIAw67EhwVHqIdkGEi3fMYcm
	qYCXwZ99xqaGHxfSe8RKGV0n4RT4cJR4fo6hMYCShJd5g2YBrbJY12TaPI93COynZz264wj8JUU
	psYv9L7/OYKhZNrU60s35sGT/J/zzq2vikqFy4PFbrnyRdw9/tudbw==
X-Google-Smtp-Source: 
 AGHT+IEUOfCxRBnmLrSJ3BxPt3GL5yxFC0ZLLf1csdNqZqKwFwr5BYpo7j2CirxZR4WJJlDK0SFQZw==
X-Received: by 2002:a05:6a00:8783:b0:746:1c67:f6cb with SMTP id
 d2e1a72fcca58-7490f4bebdbmr10718503b3a.5.1750604537205;
        Sun, 22 Jun 2025 08:02:17 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:4a75:9ad8:d661:8bd8])
        by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-7490a46eb71sm6222521b3a.22.2025.06.22.08.02.16
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 22 Jun 2025 08:02:16 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 01/14] libsoup: patch CVE-2025-4476
Date: Sun, 22 Jun 2025 07:59:56 -0700
Message-ID: 
 <4cd294674ed05e1b72e722b46ac1e2b5f3603460.1750604257.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1750604257.git.steve@sakoman.com>
References: <cover.1750604257.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Sun, 22 Jun 2025 15:02:22 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/219180

From: Ashish Sharma <asharma@mvista.com>

Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/e64c221f9c7d09b48b610c5626b3b8c400f0907c]

Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup/CVE-2025-4476.patch       | 38 +++++++++++++++++++
 meta/recipes-support/libsoup/libsoup_3.0.7.bb |  1 +
 2 files changed, 39 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-4476.patch

diff --git a/meta/recipes-support/libsoup/libsoup/CVE-2025-4476.patch b/meta/recipes-support/libsoup/libsoup/CVE-2025-4476.patch
new file mode 100644
index 0000000000..cd5619d620
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup/CVE-2025-4476.patch
@@ -0,0 +1,38 @@
+From e64c221f9c7d09b48b610c5626b3b8c400f0907c Mon Sep 17 00:00:00 2001
+From: Michael Catanzaro <mcatanzaro@redhat.com>
+Date: Thu, 8 May 2025 09:27:01 -0500
+Subject: [PATCH] auth-digest: fix crash in
+ soup_auth_digest_get_protection_space()
+
+We need to validate the Domain parameter in the WWW-Authenticate header.
+
+Unfortunately this crash only occurs when listening on default ports 80
+and 443, so there's no good way to test for this. The test would require
+running as root.
+
+Fixes #440
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/e64c221f9c7d09b48b610c5626b3b8c400f0907c]
+CVE: CVE-2025-4476
+Signed-off-by: Ashish Sharma <asharma@mvista.com>
+
+
+ libsoup/auth/soup-auth-digest.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libsoup/auth/soup-auth-digest.c b/libsoup/auth/soup-auth-digest.c
+index d8bb2910..292f2045 100644
+--- a/libsoup/auth/soup-auth-digest.c
++++ b/libsoup/auth/soup-auth-digest.c
+@@ -220,7 +220,7 @@ soup_auth_digest_get_protection_space (SoupAuth *auth, GUri *source_uri)
+ 			if (uri &&
+                             g_strcmp0 (g_uri_get_scheme (uri), g_uri_get_scheme (source_uri)) == 0 &&
+ 			    g_uri_get_port (uri) == g_uri_get_port (source_uri) &&
+-			    !strcmp (g_uri_get_host (uri), g_uri_get_host (source_uri)))
++			    !g_strcmp0 (g_uri_get_host (uri), g_uri_get_host (source_uri)))
+ 				dir = g_strdup (g_uri_get_path (uri));
+ 			else
+ 				dir = NULL;
+-- 
+GitLab
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.0.7.bb b/meta/recipes-support/libsoup/libsoup_3.0.7.bb
index 67aa180612..83ed88e785 100644
--- a/meta/recipes-support/libsoup/libsoup_3.0.7.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.0.7.bb
@@ -36,6 +36,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32052.patch \
            file://CVE-2025-32053.patch \
            file://CVE-2025-46420.patch \
+           file://CVE-2025-4476.patch \
           "
 SRC_URI[sha256sum] = "ebdf90cf3599c11acbb6818a9d9e3fc9d2c68e56eb829b93962972683e1bf7c8"
 

From patchwork Sun Jun 22 14:59:57 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 65440
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 27634C7115D
	for <webhook@archiver.kernel.org>; Sun, 22 Jun 2025 15:02:22 +0000 (UTC)
Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com
 [209.85.210.177])
 by mx.groups.io with SMTP id smtpd.web10.27629.1750604539495393854
 for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:19 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=x0j8QfKO;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.177,
 mailfrom: steve@sakoman.com)
Received: by mail-pf1-f177.google.com with SMTP id
 d2e1a72fcca58-74801bc6dc5so2575305b3a.1
        for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1750604539;
 x=1751209339; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=DsAa3/0zmBRENWUydgBVcMrL7HKCIeNqDEmHgOkTn0E=;
        b=x0j8QfKOztueamlkukO9RuXtcyIKP2UcQNq2WDQ3A01ueUshstWby8R/GeDyP6EljI
         LyCTp+bG4OV73md4XnNRyqkdU/LD07+bMwqIU7g4s1qhpcUztVBAANHfAAl5uQws/zom
         0xTsDtc2O9l5bFMgE9L1TxngW6yv9OEXBGXnbYi1DCPt6YUH1pOhwVvcIt3p9gAkS9uW
         GaCUfaJ+Cff3hf9o2vMHpXZNPv3abQ7i72c6EbQ0szQuW4Q1Bw4+iPsV5s08MYTmPnot
         KtRoDZabZ904skgoM5AcSxakWaXJ2fCqTFJXo5xQPvwHdA+sj8RsffWAchtM86hkhrBa
         pzmQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1750604539; x=1751209339;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=DsAa3/0zmBRENWUydgBVcMrL7HKCIeNqDEmHgOkTn0E=;
        b=MjOHbYdDjVN/0VVoWPmyLTLm16IlMLbjAciRP2bQD9KzCiMnSJI7KnZM71lO5Ac5po
         jLqyhmXtcTOgQdD8wZJrTMuc6hbHRF2y8bei4e5XO4AUkFybJqy+nFUuE/smGBp5eYoP
         4f9Oe1WQg/P/bDDpyx0yrWwXzdI20Pzt62HvFh+at1VNfSGvVXgenfx+DiolaFTCQ2ei
         Vp3kjUemyJbaIn+kDo0tY5WHU62d11gr5xDKHp6iaQUZSbclsUzJ7p1AiX74LGM1xU9L
         P8Y/FzZlIzGhib5yV1aHvP+7mD//NDYXYbCCjmLdQcBSIgbwkzu/9UWV5OUHAMxaM7My
         UI6Q==
X-Gm-Message-State: AOJu0YzEtk8MFHhWBQYGM1egVJpC+NdCr5zNI/C9/wglTmKU1h+MH/jF
	ymiYO5Z5JgCwEccsfHQSTD3Cnqs8UyEc2mhNlmRYHVio57hHLd+DQdqJ5roSQ/iZMWuSVEUk95K
	0989oYWM=
X-Gm-Gg: ASbGnctvZDcZbgv79lhrNbrec5VzrARkbos1ncY7+SM2X6SiUnb/UbovN30al1rKovZ
	7oxW8qECFxxgx4VqHxjAZl8NHGKSNE7QKaoZ9U+oRzGeFZLzrCYPGAIDo6eZXpoBgLMc0bAkhr3
	NnDRYUFRrUMkOBQDCynYfdH//uZWGCimLgg2fNQ5qakXHM5I3PkptXJmIrirPtbIm5Vo29BRNHp
	XCXSNV2lvc9CLPlTaAnn9sNRVkuQM4uDP9atY/5ozFEBOVyCfB5EF6X+DFTOymgSpxC5k2KCVsZ
	GnnbvJ8QZfjtm79PZUJ5ohTZRmE+qfwr+GtGItbLzaEZ9qXpXYZVYQ==
X-Google-Smtp-Source: 
 AGHT+IFvc30qk2p9udB5mf4En/3tOA4MopePbqUDRXtzDiB5lcbDs7HznVU7IpXZdiwB+jGHt7LGKg==
X-Received: by 2002:a05:6a00:8605:b0:748:e2d8:100d with SMTP id
 d2e1a72fcca58-7490f572ad3mr8652173b3a.8.1750604538675;
        Sun, 22 Jun 2025 08:02:18 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:4a75:9ad8:d661:8bd8])
        by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-7490a46eb71sm6222521b3a.22.2025.06.22.08.02.18
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 22 Jun 2025 08:02:18 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 02/14] libsoup: Fix CVE-2025-4969
Date: Sun, 22 Jun 2025 07:59:57 -0700
Message-ID: 
 <ea267b82e1fdc5cc7bf055d3eec1190e19ae79de.1750604257.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1750604257.git.steve@sakoman.com>
References: <cover.1750604257.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Sun, 22 Jun 2025 15:02:22 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/219181

From: Hitendra Prajapati <hprajapati@mvista.com>

Upstream-Status: Backport from https://gitlab.gnome.org/GNOME/libsoup/-/commit/07b94e27afafebf31ef3cd868866a1e383750086

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup/CVE-2025-4969.patch       | 76 +++++++++++++++++++
 meta/recipes-support/libsoup/libsoup_3.0.7.bb |  1 +
 2 files changed, 77 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-4969.patch

diff --git a/meta/recipes-support/libsoup/libsoup/CVE-2025-4969.patch b/meta/recipes-support/libsoup/libsoup/CVE-2025-4969.patch
new file mode 100644
index 0000000000..70c5fd5593
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup/CVE-2025-4969.patch
@@ -0,0 +1,76 @@
+From 07b94e27afafebf31ef3cd868866a1e383750086 Mon Sep 17 00:00:00 2001
+From: Milan Crha <mcrha@redhat.com>
+Date: Mon, 19 May 2025 17:48:27 +0200
+Subject: [PATCH] soup-multipart: Verify array bounds before accessing its
+ members
+
+The boundary could be at a place which, calculated, pointed
+before the beginning of the array. Check the bounds, to avoid
+read out of the array bounds.
+
+Closes https://gitlab.gnome.org/GNOME/libsoup/-/issues/447
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/07b94e27afafebf31ef3cd868866a1e383750086]
+CVE: CVE-2025-4969
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ libsoup/soup-multipart.c |  2 +-
+ tests/multipart-test.c   | 22 ++++++++++++++++++++++
+ 2 files changed, 23 insertions(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-multipart.c b/libsoup/soup-multipart.c
+index 102ce37..e1c442e 100644
+--- a/libsoup/soup-multipart.c
++++ b/libsoup/soup-multipart.c
+@@ -104,7 +104,7 @@ find_boundary (const char *start, const char *end,
+ 			continue;
+ 
+ 		/* Check that it's at start of line */
+-		if (!(b == start || (b[-1] == '\n' && b[-2] == '\r')))
++		if (!(b == start || (b - start >= 2 && b[-1] == '\n' && b[-2] == '\r')))
+ 			continue;
+ 
+ 		/* Check for "--" or "\r\n" after boundary */
+diff --git a/tests/multipart-test.c b/tests/multipart-test.c
+index ab5f41c..84852e2 100644
+--- a/tests/multipart-test.c
++++ b/tests/multipart-test.c
+@@ -527,6 +527,27 @@ test_multipart_bounds_bad (void)
+ 	g_bytes_unref (bytes);
+ }
+ 
++static void
++test_multipart_bounds_bad_2 (void)
++{
++	SoupMultipart *multipart;
++	SoupMessageHeaders *headers;
++	GBytes *bytes;
++	const char *raw_data = "\n--123\r\nline\r\n--123--\r";
++
++	headers = soup_message_headers_new (SOUP_MESSAGE_HEADERS_MULTIPART);
++	soup_message_headers_append (headers, "Content-Type", "multipart/mixed; boundary=\"123\"");
++
++	bytes = g_bytes_new (raw_data, strlen (raw_data));
++
++	multipart = soup_multipart_new_from_message (headers, bytes);
++	g_assert_nonnull (multipart);
++
++	soup_multipart_free (multipart);
++	soup_message_headers_unref (headers);
++	g_bytes_unref (bytes);
++}
++
+ int
+ main (int argc, char **argv)
+ {
+@@ -556,6 +577,7 @@ main (int argc, char **argv)
+ 	g_test_add_data_func ("/multipart/async-small-reads", GINT_TO_POINTER (ASYNC_MULTIPART_SMALL_READS), test_multipart);
+ 	g_test_add_func ("/multipart/bounds-good", test_multipart_bounds_good);
+ 	g_test_add_func ("/multipart/bounds-bad", test_multipart_bounds_bad);
++	g_test_add_func ("/multipart/bounds-bad-2", test_multipart_bounds_bad_2);
+ 
+ 	ret = g_test_run ();
+ 
+-- 
+2.49.0
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.0.7.bb b/meta/recipes-support/libsoup/libsoup_3.0.7.bb
index 83ed88e785..d0cd1f436a 100644
--- a/meta/recipes-support/libsoup/libsoup_3.0.7.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.0.7.bb
@@ -37,6 +37,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32053.patch \
            file://CVE-2025-46420.patch \
            file://CVE-2025-4476.patch \
+           file://CVE-2025-4969.patch \
           "
 SRC_URI[sha256sum] = "ebdf90cf3599c11acbb6818a9d9e3fc9d2c68e56eb829b93962972683e1bf7c8"
 

From patchwork Sun Jun 22 14:59:58 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 65444
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 070BDC7115D
	for <webhook@archiver.kernel.org>; Sun, 22 Jun 2025 15:02:32 +0000 (UTC)
Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com
 [209.85.210.180])
 by mx.groups.io with SMTP id smtpd.web10.27632.1750604544948674306
 for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:25 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=oAC8OMk3;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.180,
 mailfrom: steve@sakoman.com)
Received: by mail-pf1-f180.google.com with SMTP id
 d2e1a72fcca58-7399a2dc13fso3773449b3a.2
        for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1750604544;
 x=1751209344; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=bhxQ4/xszM9bBSdN1AtVmV3/EAgJxWu/PVDYdh5S6Qk=;
        b=oAC8OMk3YNm0eMeebC4XGyUzQwduAiV2oppNHGTDHUOB1Vf8JOcL82/yZXDDmp2dTw
         X4I89YTda60CoyA6PFlzWLG3zbVGka7sfof7TQkhr2mvRCj0CwuEcNKpMXC9e9ACkalC
         MOP/lgTbSxtQQFPRqR2QCJnQOLwaZqst4+li/9O3B82vhnFPhflNG0w89sVy6MoqPPA7
         On+B9HzJlzve8QezGPDki4UYT6xLtsadGQzwgflAL5XNl7/L1vDTqmsq+BqWyn3RJahB
         sIqN46SkaTZIJm0CKL/8cgbPlZnkGO7Kjjej2+TdPkjxOTCgaJpxO2jf5VEs37OuqyOz
         Py8g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1750604544; x=1751209344;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=bhxQ4/xszM9bBSdN1AtVmV3/EAgJxWu/PVDYdh5S6Qk=;
        b=Lpxh3l2jgB+f71gNK8+547rFDPQBLN0nX0Ocy5caqvlu/1jg291nVJxaz2Mya2fuWj
         vOxp36eYEPDmF/tsTReVsXtR1f1EJLb6Wx9sfocPougGptvyoBcJIUCkxOvYW2Ua2oYu
         VWkbxN3nWqinTy96RJB1PmyVC/EWFBPGN+hFwJkWurakpbslU2spHHxAzRelI6PDKfMa
         uYtTEYxKZJBnmBs4POGZb8HTUU/9wxDiktt68kyAw/cNdhfvEaIG0LLkYnGzOCRjdLu/
         uvSMNY/pjpHpeTdsAn4O/eNn6cspIX8MeZl1VaYMmnNf6XjOTH+uzD+UpsLL6DvoEygo
         I/sA==
X-Gm-Message-State: AOJu0YyzRMcSt26T671bdTDUyJIUt/n6Q6bKriC+dN9hm1mLSt2mnFXE
	vP1lC1FRqKRll70ydSjTmhwvlNquk0KnxFJ0hfc3lv5cJJdtqX1aqM/sx37/1A+2x6mtexzUZrz
	zxtS2yCI=
X-Gm-Gg: ASbGncuc4TmDhcWKPrs6+pnchU5OfQC1qebUQC+g4DBNVgqwW9mt0QvBZUi2MrFTCJJ
	GDAsNO/QY/ZDN67TtqtTbZxTc1WKooEixNe3uYA4USCRem8Jdqx1XYZ2aTLDfMiPIO8KUKvXQN1
	Gf2V4BfFZP/DSTqBntx3Ehxk/5ikoLy8NJEWIYnV2QMj8He0/HRHjj6uDozCnniHqjFEBV5dGtQ
	I2lE7hS+PsHtqph1rkKlkeryFdivaDd8OCPBAqrUlbS/L+VcKBjvq2O0r343udLzMkx3ZQpVTTW
	HPu60Erz93y4Lm5YZDiLUKnhLwNtzpw36GsUcQSx7c2uy1JmmANBGg==
X-Google-Smtp-Source: 
 AGHT+IGukdH3yoUqipdv8xSFQcK45JSLV8qd6sbg+qTKCv3xGhLeKv+zQ5OOMI3YB3tspPKNpsWHHw==
X-Received: by 2002:a05:6a00:198e:b0:748:2ff7:5e22 with SMTP id
 d2e1a72fcca58-7490d6bc974mr10716778b3a.10.1750604543915;
        Sun, 22 Jun 2025 08:02:23 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:4a75:9ad8:d661:8bd8])
        by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-7490a46eb71sm6222521b3a.22.2025.06.22.08.02.23
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 22 Jun 2025 08:02:23 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 03/14] libsoup: fix CVE-2025-32907
Date: Sun, 22 Jun 2025 07:59:58 -0700
Message-ID: 
 <e31c9f12193d040480eca6a4be6a9ec6675b19f8.1750604257.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1750604257.git.steve@sakoman.com>
References: <cover.1750604257.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Sun, 22 Jun 2025 15:02:32 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/219182

From: Changqing Li <changqing.li@windriver.com>

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/429

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup/CVE-2025-32907-1.patch    | 200 ++++++++++++++++++
 .../libsoup/libsoup/CVE-2025-32907-2.patch    |  68 ++++++
 meta/recipes-support/libsoup/libsoup_3.0.7.bb |   2 +
 3 files changed, 270 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32907-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32907-2.patch

diff --git a/meta/recipes-support/libsoup/libsoup/CVE-2025-32907-1.patch b/meta/recipes-support/libsoup/libsoup/CVE-2025-32907-1.patch
new file mode 100644
index 0000000000..41b7d276a4
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup/CVE-2025-32907-1.patch
@@ -0,0 +1,200 @@
+From 7507b0713c2f02af1cd561ebb99477e0a099419d Mon Sep 17 00:00:00 2001
+From: Milan Crha <mcrha@redhat.com>
+Date: Tue, 15 Apr 2025 12:17:39 +0200
+Subject: [PATCH 1/2] soup-message-headers: Correct merge of ranges
+
+It had been skipping every second range, which generated an array
+of a lot of insane ranges, causing large memory usage by the server.
+
+Closes #428
+
+Part-of: <https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/452>
+
+CVE: CVE-2025-32907
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/452/commits]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-message-headers.c |   1 +
+ tests/meson.build              |   1 +
+ tests/server-mem-limit-test.c  | 144 +++++++++++++++++++++++++++++++++
+ 3 files changed, 146 insertions(+)
+ create mode 100644 tests/server-mem-limit-test.c
+
+diff --git a/libsoup/soup-message-headers.c b/libsoup/soup-message-headers.c
+index ee7a3cb..f101d4b 100644
+--- a/libsoup/soup-message-headers.c
++++ b/libsoup/soup-message-headers.c
+@@ -1244,6 +1244,7 @@ soup_message_headers_get_ranges_internal (SoupMessageHeaders  *hdrs,
+ 			if (cur->start <= prev->end) {
+ 				prev->end = MAX (prev->end, cur->end);
+ 				g_array_remove_index (array, i);
++				i--;
+ 			}
+ 		}
+ 	}
+diff --git a/tests/meson.build b/tests/meson.build
+index ee118a0..8e7b51d 100644
+--- a/tests/meson.build
++++ b/tests/meson.build
+@@ -102,6 +102,7 @@ tests = [
+   {'name': 'samesite'},
+   {'name': 'session'},
+   {'name': 'server-auth'},
++  {'name': 'server-mem-limit'},
+   {'name': 'server'},
+   {'name': 'sniffing',
+     'depends': [test_resources],
+diff --git a/tests/server-mem-limit-test.c b/tests/server-mem-limit-test.c
+new file mode 100644
+index 0000000..98f1c40
+--- /dev/null
++++ b/tests/server-mem-limit-test.c
+@@ -0,0 +1,144 @@
++/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
++/*
++ * Copyright (C) 2025 Red Hat <www.redhat.com>
++ */
++
++#include "test-utils.h"
++
++#include <sys/resource.h>
++
++/*
++ This test limits memory usage to trigger too large buffer allocation crash.
++ As restoring the limits back to what it was does not always work, it's split
++ out of the server-test.c test with copied minimal server code.
++ */
++
++typedef struct {
++	SoupServer *server;
++	GUri *base_uri, *ssl_base_uri;
++	GSList *handlers;
++} ServerData;
++
++static void
++server_setup_nohandler (ServerData *sd, gconstpointer test_data)
++{
++	sd->server = soup_test_server_new (SOUP_TEST_SERVER_IN_THREAD);
++	sd->base_uri = soup_test_server_get_uri (sd->server, "http", NULL);
++	if (tls_available)
++		sd->ssl_base_uri = soup_test_server_get_uri (sd->server, "https", NULL);
++}
++
++static void
++server_add_handler (ServerData         *sd,
++		    const char         *path,
++		    SoupServerCallback  callback,
++		    gpointer            user_data,
++		    GDestroyNotify      destroy)
++{
++	soup_server_add_handler (sd->server, path, callback, user_data, destroy);
++	sd->handlers = g_slist_prepend (sd->handlers, g_strdup (path));
++}
++
++static void
++server_setup (ServerData *sd, gconstpointer test_data)
++{
++	server_setup_nohandler (sd, test_data);
++}
++
++static void
++server_teardown (ServerData *sd, gconstpointer test_data)
++{
++	GSList *iter;
++
++	for (iter = sd->handlers; iter; iter = iter->next)
++		soup_server_remove_handler (sd->server, iter->data);
++	g_slist_free_full (sd->handlers, g_free);
++
++	g_clear_pointer (&sd->server, soup_test_server_quit_unref);
++	g_clear_pointer (&sd->base_uri, g_uri_unref);
++	g_clear_pointer (&sd->ssl_base_uri, g_uri_unref);
++}
++
++static void
++server_file_callback (SoupServer        *server,
++		      SoupServerMessage *msg,
++		      const char        *path,
++		      GHashTable        *query,
++		      gpointer           data)
++{
++	void *mem;
++
++	g_assert_cmpstr (path, ==, "/file");
++	g_assert_cmpstr (soup_server_message_get_method (msg), ==, SOUP_METHOD_GET);
++
++	mem = g_malloc0 (sizeof (char) * 1024 * 1024);
++	/* fedora-scan CI claims a warning about possibly leaked `mem` variable, thus use
++	   the copy and free it explicitly, to workaround the false positive; the g_steal_pointer()
++	   did not help for the malloc-ed memory */
++	soup_server_message_set_response (msg, "application/octet-stream", SOUP_MEMORY_COPY, mem, sizeof (char) * 1024 *1024);
++	soup_server_message_set_status (msg, SOUP_STATUS_OK, NULL);
++	g_free (mem);
++}
++
++static void
++do_ranges_overlaps_test (ServerData *sd, gconstpointer test_data)
++{
++	SoupSession *session;
++	SoupMessage *msg;
++	GString *range;
++	GUri *uri;
++	const char *chunk = ",0,0,0,0,0,0,0,0,0,0,0";
++
++	g_test_bug ("428");
++
++	#ifdef G_OS_WIN32
++	g_test_skip ("Cannot run under windows");
++	return;
++	#endif
++
++	range = g_string_sized_new (99 * 1024);
++	g_string_append (range, "bytes=1024");
++	while (range->len < 99 * 1024)
++		g_string_append (range, chunk);
++
++	session = soup_test_session_new (NULL);
++	server_add_handler (sd, "/file", server_file_callback, NULL, NULL);
++
++	uri = g_uri_parse_relative (sd->base_uri, "/file", SOUP_HTTP_URI_FLAGS, NULL);
++
++	msg = soup_message_new_from_uri ("GET", uri);
++	soup_message_headers_append (soup_message_get_request_headers (msg), "Range", range->str);
++
++	soup_test_session_send_message (session, msg);
++
++	soup_test_assert_message_status (msg, SOUP_STATUS_PARTIAL_CONTENT);
++
++	g_object_unref (msg);
++
++	g_string_free (range, TRUE);
++	g_uri_unref (uri);
++
++	soup_test_session_abort_unref (session);
++}
++
++int
++main (int argc, char **argv)
++{
++	int ret;
++
++	test_init (argc, argv, NULL);
++
++	#ifndef G_OS_WIN32
++	struct rlimit new_rlimit = { 1024 * 1024 * 64, 1024 * 1024 * 64 };
++	/* limit memory usage, to trigger too large memory allocation abort */
++	g_assert_cmpint (setrlimit (RLIMIT_DATA, &new_rlimit), ==, 0);
++	#endif
++
++	g_test_add ("/server-mem/range-overlaps", ServerData, NULL,
++		    server_setup, do_ranges_overlaps_test, server_teardown);
++
++	ret = g_test_run ();
++
++	test_cleanup ();
++	return ret;
++}
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup/CVE-2025-32907-2.patch b/meta/recipes-support/libsoup/libsoup/CVE-2025-32907-2.patch
new file mode 100644
index 0000000000..9c838a55af
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup/CVE-2025-32907-2.patch
@@ -0,0 +1,68 @@
+From f31dfc357ffdd8d18d3593a06cd4acb888eaba70 Mon Sep 17 00:00:00 2001
+From: Milan Crha <mcrha@redhat.com>
+Date: Tue, 13 May 2025 14:20:46 +0200
+Subject: [PATCH 2/2] server-mem-limit-test: Limit memory usage only when not
+ built witha sanitizer
+
+A build with -Db_sanitize=address crashes with failed mmap(), which is done
+inside libasan. The test requires 20.0TB of virtual memory when running with
+the sanitizer, which is beyond unsigned integer limits and may not trigger
+the bug anyway.
+
+Part-of: <https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/452>
+
+CVE: CVE-2025-32907
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/452/commits]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ meson.build                   |  4 ++++
+ tests/server-mem-limit-test.c | 13 +++++++++----
+ 2 files changed, 13 insertions(+), 4 deletions(-)
+
+diff --git a/meson.build b/meson.build
+index d4110da..74323ea 100644
+--- a/meson.build
++++ b/meson.build
+@@ -357,6 +357,10 @@ configinc = include_directories('.')
+ 
+ prefix = get_option('prefix')
+ 
++if get_option('b_sanitize') != 'none'
++  cdata.set_quoted('B_SANITIZE_OPTION', get_option('b_sanitize'))
++endif
++
+ cdata.set_quoted('PACKAGE_VERSION', soup_version)
+ cdata.set_quoted('LOCALEDIR', join_paths(prefix, get_option('localedir')))
+ cdata.set_quoted('GETTEXT_PACKAGE', libsoup_api_name)
+diff --git a/tests/server-mem-limit-test.c b/tests/server-mem-limit-test.c
+index 98f1c40..65dc875 100644
+--- a/tests/server-mem-limit-test.c
++++ b/tests/server-mem-limit-test.c
+@@ -126,14 +126,19 @@ main (int argc, char **argv)
+ {
+ 	int ret;
+ 
+-	test_init (argc, argv, NULL);
+-
+-	#ifndef G_OS_WIN32
+-	struct rlimit new_rlimit = { 1024 * 1024 * 64, 1024 * 1024 * 64 };
++	/* a build with an address sanitizer may crash on mmap() with the limit,
++	   thus skip the limit set in such case, even it may not necessarily
++	   trigger the bug if it regresses */
++	#if !defined(G_OS_WIN32) && !defined(B_SANITIZE_OPTION)
++	struct rlimit new_rlimit = { 1024UL * 1024UL * 1024UL * 2UL, 1024UL * 1024UL * 1024UL * 2UL };
+ 	/* limit memory usage, to trigger too large memory allocation abort */
+ 	g_assert_cmpint (setrlimit (RLIMIT_DATA, &new_rlimit), ==, 0);
++	#else
++	g_message ("server-mem-limit-test: Running without memory limit");
+ 	#endif
+ 
++	test_init (argc, argv, NULL);
++
+ 	g_test_add ("/server-mem/range-overlaps", ServerData, NULL,
+ 		    server_setup, do_ranges_overlaps_test, server_teardown);
+ 
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.0.7.bb b/meta/recipes-support/libsoup/libsoup_3.0.7.bb
index d0cd1f436a..90733a73e8 100644
--- a/meta/recipes-support/libsoup/libsoup_3.0.7.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.0.7.bb
@@ -38,6 +38,8 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-46420.patch \
            file://CVE-2025-4476.patch \
            file://CVE-2025-4969.patch \
+           file://CVE-2025-32907-1.patch \
+           file://CVE-2025-32907-2.patch \
           "
 SRC_URI[sha256sum] = "ebdf90cf3599c11acbb6818a9d9e3fc9d2c68e56eb829b93962972683e1bf7c8"
 

From patchwork Sun Jun 22 14:59:59 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 65445
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 1909FC7EE2A
	for <webhook@archiver.kernel.org>; Sun, 22 Jun 2025 15:02:32 +0000 (UTC)
Received: from mail-pf1-f179.google.com (mail-pf1-f179.google.com
 [209.85.210.179])
 by mx.groups.io with SMTP id smtpd.web11.27809.1750604549241584457
 for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:29 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=DCpFQbtm;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.179,
 mailfrom: steve@sakoman.com)
Received: by mail-pf1-f179.google.com with SMTP id
 d2e1a72fcca58-739b3fe7ce8so2275784b3a.0
        for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1750604548;
 x=1751209348; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=8WDdYMUqxVIDE9lywS6Hz5JbnaYE8FpslTLShypvcHM=;
        b=DCpFQbtmgnboyw1jtTq4BMJRvnUVQ4f0OxMRUw2/FAj4VE3nre80Ggbjy1ustgLZ6M
         bXmKUm4FaZ/6LHjDZJLhemz1yQnTTqCSNXDKpN1cZMvPqvnU+50mdhF0ptXec+1PbAEy
         GEyFB44vHrkby8ef+rBEKkhMrvV0JahfChO9U4Q5MBfxE3DZ3KW3G+cW1Bh0fMZdtIfC
         6zdZ7VOKsWTAbY7ZC2aQFfr6qsSAe8DtO7xGdiIQgUHja7FRFe6FT+u8d2QLEUeJhyyL
         xregH7coMgrn+USt8ho1rG2tcIADqiJ1KW0vsVXDwq/hlfD77oTf+hLBVJ7RXs15mp1D
         DIqg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1750604548; x=1751209348;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=8WDdYMUqxVIDE9lywS6Hz5JbnaYE8FpslTLShypvcHM=;
        b=fbA7GddaGWGMS4CPFBGE1ZCDlG/dpQLE6PtnhgjQ7INNXvnuvXVT48b8uxnRDNUEH4
         dICdCXB+nsRhaMNTh6qCj10dQy5fxKj1FJxvwkXq4YU0Mcqgv3qZ64lqgptwtiq79OW9
         MZ5X0HoT1EedN6nISSxUIG+ErOfqJF8T3zOQBLavqHvCmL/cNSN5NdqtsQKzTLp6INDX
         CNG/7CjPoCtgMk2y0wm7fVmwNYRHQKVWHvFfrN2XZgyOuy8J+T4P+XvLRtJU3mfTZI5c
         kYxvsuJ4QRtX6CQVKglV43IuCu9d6ieSi31SDJ9sVnQMCZ1y97z8e6AXwYdNoEbZi3/n
         2MaQ==
X-Gm-Message-State: AOJu0Yy5dzY2qQvJqmGMjYCLpt1MzbZVo6Khge0JSmIOpYdcEGqw6J7U
	BdGJ+DVwXXMfjCZrykuZMlchh53WqxB4tNWu13OuS05sNrqpIgz83yXE+LBqRsENT7pUOvbOt+f
	mp/e4duM=
X-Gm-Gg: ASbGncv2cSL37MlcamFdP1pPv1YldIYrGT1JgxeeGKCGyE63zcaYjoAK1BXRF7YfXXQ
	0mNvT0tQ/023k9KfteRq4jjuF3lordhKiPlYGZ31Vo0dvu0tGRMzHZfBao3762Qx01ZfluX3fbV
	qzupxZ1FbXShBg8Or9Pjg3tfPo9X4jGZ8DF4uqG742OOf+oy+JHTzN9tUZXB3DF9I1BS0j3HOzE
	WdiNk3vvALAtAgBLZLn7sm3PaGfaFJ+TpZUHfzeZqaanNmEOmRTdmAT8RIOu1PXKWmUsELMBeWG
	7X/3DjC28pRM2BUrS88SxGLLY/vbE8JGinJENWwlK8h3d9L/M0UMIg==
X-Google-Smtp-Source: 
 AGHT+IGwBPzNMBqk00+3OHUrx7GpTas8V/R3llg7cCz/hgj+IsGLIVKjB/fi4zXs1erStOzX4sS6tg==
X-Received: by 2002:a05:6a00:a1f:b0:748:2e1a:84e3 with SMTP id
 d2e1a72fcca58-7490d9aae0emr16047153b3a.8.1750604548385;
        Sun, 22 Jun 2025 08:02:28 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:4a75:9ad8:d661:8bd8])
        by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-7490a46eb71sm6222521b3a.22.2025.06.22.08.02.27
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 22 Jun 2025 08:02:28 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 04/14] libsoup: fix CVE-2025-32051
Date: Sun, 22 Jun 2025 07:59:59 -0700
Message-ID: 
 <4af9a40f53a6a9607999f0f4b28d2ce1eaf325a2.1750604257.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1750604257.git.steve@sakoman.com>
References: <cover.1750604257.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Sun, 22 Jun 2025 15:02:32 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/219183

From: Changqing Li <changqing.li@windriver.com>

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/401

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup/CVE-2025-32051-1.patch    | 29 ++++++++++
 .../libsoup/libsoup/CVE-2025-32051-2.patch    | 57 +++++++++++++++++++
 meta/recipes-support/libsoup/libsoup_3.0.7.bb |  2 +
 3 files changed, 88 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32051-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-32051-2.patch

diff --git a/meta/recipes-support/libsoup/libsoup/CVE-2025-32051-1.patch b/meta/recipes-support/libsoup/libsoup/CVE-2025-32051-1.patch
new file mode 100644
index 0000000000..efeda48b11
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup/CVE-2025-32051-1.patch
@@ -0,0 +1,29 @@
+From dc5db30989f385303c79ec3188c52e33f6f5886e Mon Sep 17 00:00:00 2001
+From: Ar Jun <pkillarjun@protonmail.com>
+Date: Sat, 16 Nov 2024 11:50:09 -0600
+Subject: [PATCH 1/2] Fix possible NULL deref in soup_uri_decode_data_uri
+
+CVE: CVE-2025-32051
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/0713ba4a719da938dc8facc89fca99cd0aa3069f]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-uri-utils.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libsoup/soup-uri-utils.c b/libsoup/soup-uri-utils.c
+index be2b79b..0251279 100644
+--- a/libsoup/soup-uri-utils.c
++++ b/libsoup/soup-uri-utils.c
+@@ -303,6 +303,8 @@ soup_uri_decode_data_uri (const char *uri,
+ 
+         uri_string = g_uri_to_string (soup_uri);
+         g_uri_unref (soup_uri);
++        if (!uri_string)
++                return NULL;
+ 
+         start = uri_string + 5;
+         comma = strchr (start, ',');
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup/CVE-2025-32051-2.patch b/meta/recipes-support/libsoup/libsoup/CVE-2025-32051-2.patch
new file mode 100644
index 0000000000..24c184bb86
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup/CVE-2025-32051-2.patch
@@ -0,0 +1,57 @@
+From 7d1557a60145927806c88d321e8322a9d9f49bb2 Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Fri, 22 Nov 2024 13:39:51 -0600
+Subject: [PATCH 2/2] soup_uri_decode_data_uri(): Handle URIs with a path
+ starting with //
+
+CVE: CVE-2025-32051
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/79cfd65c9bd8024cd45dd725c284766329873709]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-uri-utils.c | 8 ++++++++
+ tests/uri-parsing-test.c | 2 ++
+ 2 files changed, 10 insertions(+)
+
+diff --git a/libsoup/soup-uri-utils.c b/libsoup/soup-uri-utils.c
+index 0251279..1ff11cd 100644
+--- a/libsoup/soup-uri-utils.c
++++ b/libsoup/soup-uri-utils.c
+@@ -286,6 +286,7 @@ soup_uri_decode_data_uri (const char *uri,
+         gboolean base64 = FALSE;
+         char *uri_string;
+         GBytes *bytes;
++        const char *path;
+ 
+         g_return_val_if_fail (uri != NULL, NULL);
+ 
+@@ -301,6 +302,13 @@ soup_uri_decode_data_uri (const char *uri,
+         if (content_type)
+                 *content_type = NULL;
+ 
++        /* g_uri_to_string() is picky about paths that start with `//` and will assert. */
++        path = g_uri_get_path (soup_uri);
++        if (path[0] == '/' && path[1] == '/') {
++                g_uri_unref (soup_uri);
++                return NULL;
++        }
++
+         uri_string = g_uri_to_string (soup_uri);
+         g_uri_unref (soup_uri);
+         if (!uri_string)
+diff --git a/tests/uri-parsing-test.c b/tests/uri-parsing-test.c
+index 1f16273..418391e 100644
+--- a/tests/uri-parsing-test.c
++++ b/tests/uri-parsing-test.c
+@@ -141,6 +141,8 @@ static struct {
+         { "data:text/plain;base64,aGVsbG8=", "hello", "text/plain" },
+         { "data:text/plain;base64,invalid=", "", "text/plain" },
+         { "data:,", "", CONTENT_TYPE_DEFAULT },
++        { "data:.///", NULL, NULL },
++        { "data:/.//", NULL, NULL },
+ };
+ 
+ static void
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.0.7.bb b/meta/recipes-support/libsoup/libsoup_3.0.7.bb
index 90733a73e8..be29ff0e5d 100644
--- a/meta/recipes-support/libsoup/libsoup_3.0.7.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.0.7.bb
@@ -40,6 +40,8 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-4969.patch \
            file://CVE-2025-32907-1.patch \
            file://CVE-2025-32907-2.patch \
+           file://CVE-2025-32051-1.patch \
+           file://CVE-2025-32051-2.patch \
           "
 SRC_URI[sha256sum] = "ebdf90cf3599c11acbb6818a9d9e3fc9d2c68e56eb829b93962972683e1bf7c8"
 

From patchwork Sun Jun 22 15:00:00 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 65443
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 0D833C7115A
	for <webhook@archiver.kernel.org>; Sun, 22 Jun 2025 15:02:32 +0000 (UTC)
Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com
 [209.85.210.176])
 by mx.groups.io with SMTP id smtpd.web11.27811.1750604551238475773
 for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:31 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=kxelXlnt;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.176,
 mailfrom: steve@sakoman.com)
Received: by mail-pf1-f176.google.com with SMTP id
 d2e1a72fcca58-747ef5996edso2491805b3a.0
        for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1750604550;
 x=1751209350; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=eR1Nm13rICRDac20kubTrKj0gusCPe6VrULwNpIqSXY=;
        b=kxelXlntpzogMzrcOZnl46ix8ApUoJ2ykeHHGbqhrpayHoxcscAy0oU4erG9vwSXLO
         Yai/GeifCI60/fEaT2Xaw4SQjQOO1XIGP+Ge7TBrH1tMDEb9lgiZ81pz2EyzxnDWCppA
         +5JRJiKXeUCNpnMjB2XHNlt0LhCt/T0khjQGs2QtrBsSwMygw8DYD8uKyZjp7gpmIUFS
         w7ZGJ3Hhyo4kAI4zhrXLgy3qWO3SkWX6YWvjRs6KNEOSpq4JybcKLe2dVSndVgGwRB33
         wr9gcRuuoJeE21xxDztpA5fKg7/tOY0IMcSG3vdaYsEqzi4lIJvrksWb79uHpUZsVnAz
         PySg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1750604550; x=1751209350;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=eR1Nm13rICRDac20kubTrKj0gusCPe6VrULwNpIqSXY=;
        b=dD+dh89XY0gzLqP/Lsmpb2LVJRUHi8QXx2XQHCF6YnqaNJ+hCJ9puTcO8MZMAvQJzf
         gtIxgW22g6CKEQAJIxwG9kXN284XYhY+dz2V/b4aqPjwiPYSMJ/E6FQHm5BVU8JksmUL
         ATqBFSMhbLyDqzSrUVvi8tY2Ryuyt4ThRRXgCOO9ejW2MsGe/D/GBGoYnbmdo24aQ6tg
         XJTqGF5Bm8eU95EkbSJtoL4f7IKrTHz6mUJJ+gjitXoVFzEKyqX4+WV1KyPshmCmDe/n
         KSR2hCvRcba/DSgpjwtTzcuWBvaE2+sbsyzvO/4LKRF8Od10p5yM6+kNdOzkxpUfMShO
         RCkg==
X-Gm-Message-State: AOJu0Yydnc7QTsWcYP/c1nDJMT37YUtz0KFeOKYZiduBZXGXsTTO0CMA
	eaXXr8nEDMP7J2Ebc7jNtudQp1G9bbKcko338sfo5H2htYwV/j8JANKaKxiyJvxQCfiPwU5ieQd
	jpKLd2iw=
X-Gm-Gg: ASbGncvItYZaQk41TVWEf3hwY+qjlDOtBcpYi9laG8zzrEpqF9xm0XG3XDlBT4aem6x
	ovPV9GzCygDUmmRfIxnfk38Pwwb77w+iCNFC17Z6TGvBq/QTWGF/ZfkJfbYnP+nzm79bTCX4CtC
	X+aNaBCUrpIWRKNrHXLjU5lVtD8a4mYtNPM52PRywu1QaNDNr+Re+iRgmg65J1y2fLItYlPFg8o
	L9JwK6mNUkM5TJwQrB0tX9UbqN6fKo8F78Y2JAMIxnLiqULjEg1gTn/zqQTuU555ITYQoCMtzWO
	8BtLv+UggnXpQMvgJb/E6n9uI7Hbh/++HxSJugUtEPsVQhId3k+EDA==
X-Google-Smtp-Source: 
 AGHT+IHBaVt1w8bfxZ3OTbOaERG4Aeb/2xWAy1W1gDdcECOb7MqYpgzJwxoijYmsRQQPyBFONB/Gqg==
X-Received: by 2002:a05:6a21:6d9c:b0:1f5:8153:93fb with SMTP id
 adf61e73a8af0-22026e8cef8mr13689083637.10.1750604550318;
        Sun, 22 Jun 2025 08:02:30 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:4a75:9ad8:d661:8bd8])
        by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-7490a46eb71sm6222521b3a.22.2025.06.22.08.02.29
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 22 Jun 2025 08:02:30 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 05/14] libsoup: fix CVE-2025-46421
Date: Sun, 22 Jun 2025 08:00:00 -0700
Message-ID: 
 <388453296c32759623ed35a8142c6af2df7f30b0.1750604257.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1750604257.git.steve@sakoman.com>
References: <cover.1750604257.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Sun, 22 Jun 2025 15:02:32 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/219184

From: Changqing Li <changqing.li@windriver.com>

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/439

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup/CVE-2025-46421.patch      | 139 ++++++++++++++++++
 meta/recipes-support/libsoup/libsoup_3.0.7.bb |   1 +
 2 files changed, 140 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-46421.patch

diff --git a/meta/recipes-support/libsoup/libsoup/CVE-2025-46421.patch b/meta/recipes-support/libsoup/libsoup/CVE-2025-46421.patch
new file mode 100644
index 0000000000..72683d8fce
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup/CVE-2025-46421.patch
@@ -0,0 +1,139 @@
+From 85c5227eef7370832044eb918e8a99c0bcbab86f Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Wed, 5 Feb 2025 16:18:10 -0600
+Subject: [PATCH] session: Strip authentication credentails on cross-origin
+ redirect
+
+This should match the behavior of Firefox and Safari but not of Chromium.
+
+CVE: CVE-2025-46421
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/436/diffs?commit_id=3e5c26415811f19e7737238bb23305ffaf96f66b]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-session.c |  6 ++++
+ tests/auth-test.c      | 77 ++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 83 insertions(+)
+
+diff --git a/libsoup/soup-session.c b/libsoup/soup-session.c
+index 631bec0..9f00b05 100644
+--- a/libsoup/soup-session.c
++++ b/libsoup/soup-session.c
+@@ -1230,6 +1230,12 @@ soup_session_redirect_message (SoupSession *session,
+ 						   SOUP_ENCODING_NONE);
+ 	}
+ 
++        /* Strip all credentials on cross-origin redirect. */
++        if (!soup_uri_host_equal (soup_message_get_uri (msg), new_uri)) {
++                soup_message_headers_remove_common (soup_message_get_request_headers (msg), SOUP_HEADER_AUTHORIZATION);
++                soup_message_set_auth (msg, NULL);
++        }
++
+         soup_message_set_request_host_from_uri (msg, new_uri);
+ 	soup_message_set_uri (msg, new_uri);
+ 	g_uri_unref (new_uri);
+diff --git a/tests/auth-test.c b/tests/auth-test.c
+index 484097f..7c3b551 100644
+--- a/tests/auth-test.c
++++ b/tests/auth-test.c
+@@ -1,6 +1,7 @@
+ /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+ 
+ #include "test-utils.h"
++#include "soup-uri-utils-private.h"
+ 
+ static const char *base_uri;
+ static GMainLoop *loop;
+@@ -1916,6 +1917,81 @@ do_missing_params_test (gconstpointer auth_header)
+ 	soup_test_server_quit_unref (server);
+ }
+ 
++static void
++redirect_server_callback (SoupServer        *server,
++                          SoupServerMessage *msg,
++                          const char        *path,
++                          GHashTable        *query,
++                          gpointer           user_data)
++{
++    static gboolean redirected = FALSE;
++
++    if (!redirected) {
++        char *redirect_uri = g_uri_to_string (user_data);
++        soup_server_message_set_redirect (msg, SOUP_STATUS_MOVED_PERMANENTLY, redirect_uri);
++        g_free (redirect_uri);
++        redirected = TRUE;
++        return;
++    }
++
++    g_assert_not_reached ();
++}
++
++static gboolean
++auth_for_redirect_callback (SoupMessage *msg, SoupAuth *auth, gboolean retrying, gpointer user_data)
++{
++    GUri *known_server_uri = user_data;
++
++    if (!soup_uri_host_equal (known_server_uri, soup_message_get_uri (msg)))
++        return FALSE;
++
++    soup_auth_authenticate (auth, "user", "good-basic");
++
++    return TRUE;
++}
++
++static void
++do_strip_on_crossorigin_redirect (void)
++{
++    SoupSession *session;
++    SoupMessage *msg;
++    SoupServer *server1, *server2;
++    SoupAuthDomain *auth_domain;
++    GUri *uri;
++    gint status;
++
++    server1 = soup_test_server_new (SOUP_TEST_SERVER_IN_THREAD);
++    server2 = soup_test_server_new (SOUP_TEST_SERVER_IN_THREAD);
++
++    /* Both servers have the same credentials. */
++    auth_domain = soup_auth_domain_basic_new ("realm", "auth-test", "auth-callback", server_basic_auth_callback, NULL);
++    soup_auth_domain_add_path (auth_domain, "/");
++    soup_server_add_auth_domain (server1, auth_domain);
++    soup_server_add_auth_domain (server2, auth_domain);
++    g_object_unref (auth_domain);
++
++    /* Server 1 asks for auth, then redirects to Server 2. */
++    soup_server_add_handler (server1, NULL,
++                    redirect_server_callback,
++                   soup_test_server_get_uri (server2, "http", NULL), (GDestroyNotify)g_uri_unref);
++    /* Server 2 requires auth. */
++    soup_server_add_handler (server2, NULL, server_callback, NULL, NULL);
++
++    session = soup_test_session_new (NULL);
++    uri = soup_test_server_get_uri (server1, "http", NULL);
++    msg = soup_message_new_from_uri ("GET", uri);
++    /* The client only sends credentials for the host it knows. */
++    g_signal_connect (msg, "authenticate", G_CALLBACK (auth_for_redirect_callback), uri);
++
++    status = soup_test_session_send_message (session, msg);
++
++    g_assert_cmpint (status, ==, SOUP_STATUS_UNAUTHORIZED);
++
++    g_uri_unref (uri);
++    soup_test_server_quit_unref (server1);
++    soup_test_server_quit_unref (server2);
++}
++
+ int
+ main (int argc, char **argv)
+ {
+@@ -1949,6 +2025,7 @@ main (int argc, char **argv)
+ 	g_test_add_func ("/auth/auth-uri", do_auth_uri_test);
+         g_test_add_func ("/auth/cancel-request-on-authenticate", do_cancel_request_on_authenticate);
+         g_test_add_func ("/auth/multiple-algorithms", do_multiple_digest_algorithms);
++        g_test_add_func ("/auth/strip-on-crossorigin-redirect", do_strip_on_crossorigin_redirect);
+         g_test_add_data_func ("/auth/missing-params/realm", "Digest qop=\"auth\"", do_missing_params_test);
+         g_test_add_data_func ("/auth/missing-params/nonce", "Digest realm=\"auth-test\", qop=\"auth,auth-int\", opaque=\"5ccc069c403ebaf9f0171e9517f40e41\"", do_missing_params_test);
+         g_test_add_data_func ("/auth/missing-params/nonce-md5-sess", "Digest realm=\"auth-test\", qop=\"auth,auth-int\", opaque=\"5ccc069c403ebaf9f0171e9517f40e41\" algorithm=\"MD5-sess\"", do_missing_params_test);
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.0.7.bb b/meta/recipes-support/libsoup/libsoup_3.0.7.bb
index be29ff0e5d..49aa28964c 100644
--- a/meta/recipes-support/libsoup/libsoup_3.0.7.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.0.7.bb
@@ -42,6 +42,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32907-2.patch \
            file://CVE-2025-32051-1.patch \
            file://CVE-2025-32051-2.patch \
+           file://CVE-2025-46421.patch \
           "
 SRC_URI[sha256sum] = "ebdf90cf3599c11acbb6818a9d9e3fc9d2c68e56eb829b93962972683e1bf7c8"
 

From patchwork Sun Jun 22 15:00:01 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 65452
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 29AB1C7115A
	for <webhook@archiver.kernel.org>; Sun, 22 Jun 2025 15:02:52 +0000 (UTC)
Received: from mail-qt1-f170.google.com (mail-qt1-f170.google.com
 [209.85.160.170])
 by mx.groups.io with SMTP id smtpd.web10.27635.1750604564702867280
 for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:44 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=ceOewjhm;
 spf=softfail (domain: sakoman.com, ip: 209.85.160.170,
 mailfrom: steve@sakoman.com)
Received: by mail-qt1-f170.google.com with SMTP id
 d75a77b69052e-4a3db0666f2so83130241cf.1
        for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1750604563;
 x=1751209363; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=PZWnmOkB/Nio2RcZ+583GWntoa6cHXA68JbZ/3ON3RM=;
        b=ceOewjhm78aj3GILFUIYP7dTDDQGB/4V07R0lMis3fzjtLqBdBFl/WtVahSi++8CFa
         nxbDrQEcSNpsx5Jas3AZz1mIyOPr2W+eYBMyQ21IRw86YX5I4FM/j26IrOxyMBZHygIb
         0KLpAWDnJCzdI91kaJnFSghTNOb7+thuYrQsGDZupbynb0OA+MAP5uUZD4haugqeykxl
         vaoDjNbWYdkJd5ugMyrvQK9hXQhnQ2eqQ+CtuRFVFEiG2C3zHvrFfq352u71DsNVQNPU
         FLYXHiQ7SYn682Gdta671CGqtWz2orLJAZ0CRxfoIz8EvM8Mz18SyIyjVlA4Mp3NPdc5
         tARw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1750604563; x=1751209363;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=PZWnmOkB/Nio2RcZ+583GWntoa6cHXA68JbZ/3ON3RM=;
        b=pMulo7IMf5E9tSlvuFxw6E8rJPucemGNIP2liFmyM4p7CoVc0LM0QJKF6emW6w2bVH
         0pwLbc4oRFCo7BauLupYwpylWeyuWVzf4jva41fOnP/qtQfAm+7vpLUs4TDwSuAnzbFD
         yjnASXcKfL+GfAAeWhuPEiD+KU+pPY7CZ3znlVxf0N+O1QyRuuV3zbJNCS9r0wjhBUbc
         n3vyWxbxYNiptGOqZtInBfkhnGU/pZLSZteTOxZ51ZNj++SGivoiXehP39dtrYk2k/Dh
         9rRC8X92r8XAe20UE5KceNYeWMavwOQoluGQIjg2U1u7TVrSrfBAwqWS9UR5Q0Wn7RN1
         3N+w==
X-Gm-Message-State: AOJu0YyLlY28TbKMdZrWzpOGjz3iE/Wci1h87JQSrkZIdFNqJGtXZEFz
	fg+DRLK+9TVNR/rAFRPwdTrx33J7wsHZrMaElSqI+iyjLnsD4fBiDVxc1DVxsrOsdzAGy+uwfcD
	vnRi348o=
X-Gm-Gg: ASbGnctbwyxGYt4/FEBpWjh6uJeSsFZoB6vePowFJ5cWWsSdovPxh15AUDGxiIEW3RY
	/J3mhEfkKFai4kH+1ZTnUkzWpRJGS8BhV0Ohj2RuWo2ESqaX9Ya0KH6O0HORo9/IJ8XCUWjWe3A
	Tb4jlBfUZQiAHmjOqQ1XkTmZ0k2rDEqAEvEDyhTCw+5nQ9r1XNNML8MFjfw3CRlwkH4BX0joRsq
	UWNUNpIOk2e4iIusT/OgZJ+6W50JnRfohHmRVvtWsqhtNRM8kvkdyefj/t2dLWxAzoW002PuTA5
	j0sl7SuJSA0Oa2EDtOgdjY+/XZYBTpmIi+0MVX54lZ7vbYWvc+nhTm7BEviin0z+
X-Google-Smtp-Source: 
 AGHT+IEsRGsxuLMJVywY4crebw77Xy0822NjXFvDFn4l1ODDIFQ2VcL+wfgb2s2CggJsdeBvBb12MA==
X-Received: by 2002:a05:6a00:4f8c:b0:732:2484:e0ce with SMTP id
 d2e1a72fcca58-7490da9cd1amr14504689b3a.17.1750604551953;
        Sun, 22 Jun 2025 08:02:31 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:4a75:9ad8:d661:8bd8])
        by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-7490a46eb71sm6222521b3a.22.2025.06.22.08.02.31
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 22 Jun 2025 08:02:31 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 06/14] libsoup: fix CVE-2025-4948
Date: Sun, 22 Jun 2025 08:00:01 -0700
Message-ID: 
 <95383d7d95631a4c3b385a073ce1deff744bf725.1750604257.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1750604257.git.steve@sakoman.com>
References: <cover.1750604257.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Sun, 22 Jun 2025 15:02:52 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/219192

From: Changqing Li <changqing.li@windriver.com>

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/449

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup/CVE-2025-4948.patch       | 97 +++++++++++++++++++
 meta/recipes-support/libsoup/libsoup_3.0.7.bb |  1 +
 2 files changed, 98 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-4948.patch

diff --git a/meta/recipes-support/libsoup/libsoup/CVE-2025-4948.patch b/meta/recipes-support/libsoup/libsoup/CVE-2025-4948.patch
new file mode 100644
index 0000000000..07c85f5381
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup/CVE-2025-4948.patch
@@ -0,0 +1,97 @@
+From a23ce8f8e60e79990e26376c8b0d40841aed4b81 Mon Sep 17 00:00:00 2001
+From: Milan Crha <mcrha@redhat.com>
+Date: Thu, 15 May 2025 17:49:11 +0200
+Subject: [PATCH] soup-multipart: Verify boundary limits for multipart body
+
+It could happen that the boundary started at a place which resulted into
+a negative number, which in an unsigned integer is a very large value.
+Check the body size is not a negative value before setting it.
+
+Closes https://gitlab.gnome.org/GNOME/libsoup/-/issues/449
+
+Part-of: <https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/463>
+
+CVE: CVE-2025-4948
+Upstream-Status: Backport
+[https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/463/diffs?commit_id=f2f28afe0b3b2b3009ab67d6874457ec6bac70c0]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-multipart.c |  2 +-
+ tests/multipart-test.c   | 40 ++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 41 insertions(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-multipart.c b/libsoup/soup-multipart.c
+index e1c442e..27257e4 100644
+--- a/libsoup/soup-multipart.c
++++ b/libsoup/soup-multipart.c
+@@ -204,7 +204,7 @@ soup_multipart_new_from_message (SoupMessageHeaders *headers,
+ 		 */
+ 		part_body = g_bytes_new_from_bytes (body, // FIXME
+ 						    split - body_data,
+-						    end - 2 - split);
++						    end - 2 >= split ? end - 2 - split : 0);
+ 		g_ptr_array_add (multipart->bodies, part_body);
+ 
+ 		start = end;
+diff --git a/tests/multipart-test.c b/tests/multipart-test.c
+index 84852e2..2ae888c 100644
+--- a/tests/multipart-test.c
++++ b/tests/multipart-test.c
+@@ -548,6 +548,45 @@ test_multipart_bounds_bad_2 (void)
+ 	g_bytes_unref (bytes);
+ }
+ 
++static void
++test_multipart_too_large (void)
++{
++	const char *raw_body =
++		"-------------------\r\n"
++		"-\n"
++		"Cont\"\r\n"
++		"Content-Tynt----e:n\x8erQK\r\n"
++		"Content-Disposition:   name=  form-; name=\"file\"; filename=\"ype:i/  -d; ----\xae\r\n"
++		"Content-Typimag\x01/png--\\\n"
++		"\r\n"
++		"---:\n\r\n"
++		"\r\n"
++		"-------------------------------------\r\n"
++		"---------\r\n"
++		"----------------------";
++	GBytes *body;
++	GHashTable *params;
++	SoupMessageHeaders *headers;
++	SoupMultipart *multipart;
++
++	params = g_hash_table_new (g_str_hash, g_str_equal);
++	g_hash_table_insert (params, (gpointer) "boundary", (gpointer) "-----------------");
++	headers = soup_message_headers_new (SOUP_MESSAGE_HEADERS_MULTIPART);
++	soup_message_headers_set_content_type (headers, "multipart/form-data", params);
++	g_hash_table_unref (params);
++
++	body = g_bytes_new_static (raw_body, strlen (raw_body));
++	multipart = soup_multipart_new_from_message (headers, body);
++	soup_message_headers_unref (headers);
++	g_bytes_unref (body);
++
++	g_assert_nonnull (multipart);
++	g_assert_cmpint (soup_multipart_get_length (multipart), ==, 1);
++	g_assert_true (soup_multipart_get_part (multipart, 0, &headers, &body));
++	g_assert_cmpint (g_bytes_get_size (body), ==, 0);
++	soup_multipart_free (multipart);
++}
++
+ int
+ main (int argc, char **argv)
+ {
+@@ -578,6 +617,7 @@ main (int argc, char **argv)
+ 	g_test_add_func ("/multipart/bounds-good", test_multipart_bounds_good);
+ 	g_test_add_func ("/multipart/bounds-bad", test_multipart_bounds_bad);
+ 	g_test_add_func ("/multipart/bounds-bad-2", test_multipart_bounds_bad_2);
++	g_test_add_func ("/multipart/too-large", test_multipart_too_large);
+ 
+ 	ret = g_test_run ();
+ 
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.0.7.bb b/meta/recipes-support/libsoup/libsoup_3.0.7.bb
index 49aa28964c..3ddcb3e568 100644
--- a/meta/recipes-support/libsoup/libsoup_3.0.7.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.0.7.bb
@@ -43,6 +43,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32051-1.patch \
            file://CVE-2025-32051-2.patch \
            file://CVE-2025-46421.patch \
+           file://CVE-2025-4948.patch \
           "
 SRC_URI[sha256sum] = "ebdf90cf3599c11acbb6818a9d9e3fc9d2c68e56eb829b93962972683e1bf7c8"
 

From patchwork Sun Jun 22 15:00:02 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 65447
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 04EE3C7115D
	for <webhook@archiver.kernel.org>; Sun, 22 Jun 2025 15:02:42 +0000 (UTC)
Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com
 [209.85.210.175])
 by mx.groups.io with SMTP id smtpd.web11.27813.1750604554452473035
 for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:34 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=BCi36lCr;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.175,
 mailfrom: steve@sakoman.com)
Received: by mail-pf1-f175.google.com with SMTP id
 d2e1a72fcca58-748f5a4a423so1981562b3a.1
        for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1750604554;
 x=1751209354; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=1RIeD9kFPZnPGWHcL1Mdr+6oNklS999fC3dcQVIWsDU=;
        b=BCi36lCrGliz7dDRM7GnnldccIHrZPqYkndT//cgT3dym1kBPGqoJDjM5IBZyxXE9i
         2YONrIMh9x4JJh5ZyCpBRwGzOH1Xfn+FK8z4MgIB7GM51dzpIKgvy1S9JlFzQRX9Q08H
         lrQ+HofvY1Y5gwlGT3hHStP/wAuzO2qP01RSM/X4VqQ0kVtzff6XfGZuqRD1L5YB+ufT
         5Tp1CGjJafVeyKPyJ6TMc6cnERO2HrMfixyD30puLVqQSIcyn1zuud58VXuVZuj3gVWN
         O/YtJRoBmQI4z1i3/+A98wNgUK0CSzKTAeOU+rYLW4sWiNqGV+YkqcxQ6QsPH4oyB0Io
         GeMg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1750604554; x=1751209354;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=1RIeD9kFPZnPGWHcL1Mdr+6oNklS999fC3dcQVIWsDU=;
        b=osRA2FWnZVhUQSO87Z8fTd2HDpypWMH/w3oJzzWP8Z1/phFUG4PnCVEjSfEyJ7wACp
         am++/rDA8ASntKiVhyKFsVhvspias08Mh+R3XSaxkH3m6ind8ypMVI+6xlbSfcg2XhgZ
         7Jtc8/zhtjZYNZNu3+d0VmuCJ9ar+UWJfOdpY8TsjKySm/BHrHF/cdmkuMzqA1toQMO8
         n+DlIK3cDOhVMKggpAGPIR2BQ7yDAU868ZXtryss+N33n4o128Y8Dq/Vo4P24jeLhWcy
         a8bsKA9czeudtkrkTrhW+9YkenAnvpJsO2m9AbTL1Dz08SMfrVv0OcasA8BmA+UnzoA1
         I+Cg==
X-Gm-Message-State: AOJu0YzByVXDhgipP9Sq1YftqqMvcXaOXbVMId55dNkTFYvy9/xCOUKp
	hw1UR8u4xAVlTNWJLArTQcytzGHYIt7K9h8egkCZhlNbzIrXWbqRhfMZ6W6hAoja7n6rwv2/6s3
	biZ1Oljs=
X-Gm-Gg: ASbGncsVrf1kpbdtc/jZ+y+4kUDXGENWHmOAbhqJpsx2lNoMl7qVbcmJ4cJv0Bb75vZ
	h2Qz5LgIrngxXU3bXzmpCKleq4uDrgJnZs8ZQV7Ycw1luYlwbELQ53ZtbSB7j1cOb+VT2rhK79u
	TUykwpo6WC9AXFmW7+OilF4moRfy4FF6cxI5e8Nhc+iABqAloDBFmU07ARU2uVlCRvASW78Ovkc
	82QSIw9msqdu4yNH1heSqdZblHMyRlXgb008pMxGkgw6m6Y/8RdDGoWPeraRrBrb0Mu0Wi/77I6
	4Eyq1Hdjd4omFMELwwKIiCJeThXg4Q5qPPWVKoDMgonJ/2fKlm7ppQ==
X-Google-Smtp-Source: 
 AGHT+IGt9cShZxvVgE3FHQaVSL4SCMWPCz8ebkzAmiieQ/yXOh4cb5gLIdaoc3B5jIGPNxXSYsrIOg==
X-Received: by 2002:a05:6a00:a1f:b0:73e:10ea:b1e9 with SMTP id
 d2e1a72fcca58-7490d6153b4mr12802477b3a.6.1750604553532;
        Sun, 22 Jun 2025 08:02:33 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:4a75:9ad8:d661:8bd8])
        by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-7490a46eb71sm6222521b3a.22.2025.06.22.08.02.32
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 22 Jun 2025 08:02:33 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 07/14] libsoup-2.4: Fix CVE-2025-4969
Date: Sun, 22 Jun 2025 08:00:02 -0700
Message-ID: 
 <5a6af5bcbe45184e7ac0535549c25cbe64113ba7.1750604257.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1750604257.git.steve@sakoman.com>
References: <cover.1750604257.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Sun, 22 Jun 2025 15:02:42 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/219185

From: Hitendra Prajapati <hprajapati@mvista.com>

Upstream-Status: Backport from https://gitlab.gnome.org/GNOME/libsoup/-/commit/07b94e27afafebf31ef3cd868866a1e383750086

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup-2.4/CVE-2025-4969.patch   | 76 +++++++++++++++++++
 .../libsoup/libsoup-2.4_2.74.2.bb             |  1 +
 2 files changed, 77 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4969.patch

diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4969.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4969.patch
new file mode 100644
index 0000000000..d45b2a2cb0
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4969.patch
@@ -0,0 +1,76 @@
+From 07b94e27afafebf31ef3cd868866a1e383750086 Mon Sep 17 00:00:00 2001
+From: Milan Crha <mcrha@redhat.com>
+Date: Mon, 19 May 2025 17:48:27 +0200
+Subject: [PATCH] soup-multipart: Verify array bounds before accessing its
+ members
+
+The boundary could be at a place which, calculated, pointed
+before the beginning of the array. Check the bounds, to avoid
+read out of the array bounds.
+
+Closes https://gitlab.gnome.org/GNOME/libsoup/-/issues/447
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/07b94e27afafebf31ef3cd868866a1e383750086]
+CVE: CVE-2025-4969
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ libsoup/soup-multipart.c |  2 +-
+ tests/multipart-test.c   | 22 ++++++++++++++++++++++
+ 2 files changed, 23 insertions(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-multipart.c b/libsoup/soup-multipart.c
+index dd93973..b3611db 100644
+--- a/libsoup/soup-multipart.c
++++ b/libsoup/soup-multipart.c
+@@ -108,7 +108,7 @@ find_boundary (const char *start, const char *end,
+ 			continue;
+ 
+ 		/* Check that it's at start of line */
+-		if (!(b == start || (b[-1] == '\n' && b[-2] == '\r')))
++		if (!(b == start || (b - start >= 2 && b[-1] == '\n' && b[-2] == '\r')))
+ 			continue;
+ 
+ 		/* Check for "--" or "\r\n" after boundary */
+diff --git a/tests/multipart-test.c b/tests/multipart-test.c
+index 834b181..980eb68 100644
+--- a/tests/multipart-test.c
++++ b/tests/multipart-test.c
+@@ -562,6 +562,27 @@ test_multipart_bounds_bad (void)
+ 	g_bytes_unref (bytes);
+ }
+ 
++static void
++test_multipart_bounds_bad_2 (void)
++{
++	SoupMultipart *multipart;
++	SoupMessageHeaders *headers;
++	GBytes *bytes;
++	const char *raw_data = "\n--123\r\nline\r\n--123--\r";
++
++	headers = soup_message_headers_new (SOUP_MESSAGE_HEADERS_MULTIPART);
++	soup_message_headers_append (headers, "Content-Type", "multipart/mixed; boundary=\"123\"");
++
++	bytes = g_bytes_new (raw_data, strlen (raw_data));
++
++	multipart = soup_multipart_new_from_message (headers, bytes);
++	g_assert_nonnull (multipart);
++
++	soup_multipart_free (multipart);
++	soup_message_headers_free (headers);
++	g_bytes_unref (bytes);
++}
++
+ int
+ main (int argc, char **argv)
+ {
+@@ -593,6 +614,7 @@ main (int argc, char **argv)
+ 	g_test_add_data_func ("/multipart/async-small-reads", GINT_TO_POINTER (ASYNC_MULTIPART_SMALL_READS), test_multipart);
+ 	g_test_add_func ("/multipart/bounds-good", test_multipart_bounds_good);
+ 	g_test_add_func ("/multipart/bounds-bad", test_multipart_bounds_bad);
++	g_test_add_func ("/multipart/bounds-bad-2", test_multipart_bounds_bad_2);
+ 
+ 	ret = g_test_run ();
+ 
+-- 
+2.49.0
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb
index 61ebebeacd..11552df80a 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb
@@ -37,6 +37,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32050.patch \
            file://CVE-2025-32052.patch \
            file://CVE-2025-32053.patch \
+           file://CVE-2025-4969.patch \
           "
 SRC_URI[sha256sum] = "f0a427656e5fe19e1df71c107e88dfa1b2e673c25c547b7823b6018b40d01159"
 

From patchwork Sun Jun 22 15:00:03 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 65450
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 13038C7115A
	for <webhook@archiver.kernel.org>; Sun, 22 Jun 2025 15:02:42 +0000 (UTC)
Received: from mail-pf1-f181.google.com (mail-pf1-f181.google.com
 [209.85.210.181])
 by mx.groups.io with SMTP id smtpd.web11.27814.1750604555720903326
 for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:35 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=xF887AXg;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.181,
 mailfrom: steve@sakoman.com)
Received: by mail-pf1-f181.google.com with SMTP id
 d2e1a72fcca58-748e63d4b05so1903966b3a.2
        for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1750604555;
 x=1751209355; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=tbWgZqHfS+F/5HoVasyb5ToWyi+szyBjs95mLy1EFkg=;
        b=xF887AXgcV6HpblwJ9qosG3lHMGRH7n9vNg+keOpWNwunIIPKbquaO+5QQE82txC/3
         QtWTl4bXhY6nrJ9dSKjG5zSDhFqpY5kDU4kLy2r0Sp/3Q0RkSQdP18iRGIDV7fiOacgM
         z5dgb8c2yuR3h2jlkG6SAFx0rJvsAtzmZFUhFWlBzJAfQrbNq8HHOAmoT5p1VbkG/oGu
         ktXVqquatEI6g5v4eFa9ncK5SzlcOwDvXsI/yZHMonAROPFL/ATWD50dK7vyKsryyHOx
         /v3jyxEd3y5gQZlpGEygBvXPwXsj7iHBFUBQNJ8k/HtZ69bi6wPPUqnwyz7gCQLImHLt
         kimg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1750604555; x=1751209355;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=tbWgZqHfS+F/5HoVasyb5ToWyi+szyBjs95mLy1EFkg=;
        b=eKhTctg2DHc5j8EJ3IxrmzXPmyTbkgZd2giJIS13b6ZUj1WgB9trsLxWNhCV8Kax2O
         tpzDc4PF4sojSH8ijYVH2D3C0x0Z4ZcJJzKoahoLgo8YU7ZUn5YqlqNLWbKyKvR3tdc6
         DzAMZm8eAqXRerS8ExpbpTE/R2Ness05+SBqLrCYY1/lQTaChDbyUW/fO6ua+4i76Xak
         CpwImUnQcpcXlCACfQvYyKy7+a8qWy7hBvCCKFDTPiZsCwfqogBdv5JfSW+jdTP5tO4f
         meqhSOKY0FIUUK6qCG6yJCNCD8Zy07A/8dB0zrlno3G0XXAwQXK+ihunhO6I6OtUg5c/
         ztLg==
X-Gm-Message-State: AOJu0YzHfxU1mIzU2+azI6iFiF+qnYZL9tbLhG8u7VDvcksoFzaaRzR4
	5bf5GPRkIlMGJZEU5Pu1wt9Biq+9pe1wLmLITsK1XmU1WzJuL6rl6fkejkxtvg+jYF8WT8YPVIj
	4jWMhYXU=
X-Gm-Gg: ASbGnctwJuxwLXXyBrU3Ra74Xih3c1Hzc3v1ZBpc1lFM60lRkgwh8hICBJOtu6/w75d
	1MvtR3ftIQJnLmzHOo+IxTT69Qo6o6L77YbcrxGr2dt+cjgaIqcISmcHiWGX9AmWcV5j10yw0Ve
	6KYrJF5AsXqz+tfOBmPw07zuxJIP9vEN8SfiMkNlLPx+p8YbVWiUI3MhZ2e7z0zztQqDp/a0Vzx
	sHl+vVb5XAxZHVf6US9w0tnw4QaZjMZ0ceHH/eV9CZYj6+B2nULrMZoBKg2qiPv7v9EzyAH616J
	c31h+KGOkz00tZvlhpmK4rJqKhWki4orD4kvZfFEp87+Fxz9ysMAlp0A52U/FNyS
X-Google-Smtp-Source: 
 AGHT+IFQKSSz/6x3wu4R+5i8843Jw69jUrWr0wbGZ6TI3RIIcAfcvS/KlZ479ZCCdIJrox5SqRHmgw==
X-Received: by 2002:a05:6a00:13a4:b0:749:4cd:108e with SMTP id
 d2e1a72fcca58-7490d6618ebmr10745824b3a.10.1750604554875;
        Sun, 22 Jun 2025 08:02:34 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:4a75:9ad8:d661:8bd8])
        by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-7490a46eb71sm6222521b3a.22.2025.06.22.08.02.34
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 22 Jun 2025 08:02:34 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 08/14] libsoup-2.4: fix CVE-2025-32907
Date: Sun, 22 Jun 2025 08:00:03 -0700
Message-ID: 
 <e6d9dd16d9b70cc8d3a9ca8b2fc542d547b456b9.1750604257.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1750604257.git.steve@sakoman.com>
References: <cover.1750604257.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Sun, 22 Jun 2025 15:02:42 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/219186

From: Changqing Li <changqing.li@windriver.com>

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/428

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup-2.4/CVE-2025-32907.patch  | 39 +++++++++++++++++++
 .../libsoup/libsoup-2.4_2.74.2.bb             |  1 +
 2 files changed, 40 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32907.patch

diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32907.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32907.patch
new file mode 100644
index 0000000000..41dd3ff3f4
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32907.patch
@@ -0,0 +1,39 @@
+From 8158b4084dcba2a233dfcb7359c53ab2840148f7 Mon Sep 17 00:00:00 2001
+From: Milan Crha <mcrha@redhat.com>
+Date: Tue, 15 Apr 2025 12:17:39 +0200
+Subject: [PATCH 1/2] soup-message-headers: Correct merge of ranges
+
+It had been skipping every second range, which generated an array
+of a lot of insane ranges, causing large memory usage by the server.
+
+Closes #428
+
+Part-of: <https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/452>
+
+CVE: CVE-2025-32907
+Upstream-Status: Backport
+[https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/452/diffs?commit_id=9bb92f7a685e31e10e9e8221d0342280432ce836]
+
+Test part not applied since test codes use some functions not in this
+version
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-message-headers.c |   1 +
+ 1 files changed, 1 insertions(+)
+
+diff --git a/libsoup/soup-message-headers.c b/libsoup/soup-message-headers.c
+index 78b2455..00b9763 100644
+--- a/libsoup/soup-message-headers.c
++++ b/libsoup/soup-message-headers.c
+@@ -1024,6 +1024,7 @@ soup_message_headers_get_ranges_internal (SoupMessageHeaders  *hdrs,
+ 			if (cur->start <= prev->end) {
+ 				prev->end = MAX (prev->end, cur->end);
+ 				g_array_remove_index (array, i);
++				i--;
+ 			}
+ 		}
+ 	}
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb
index 11552df80a..38307fa3d5 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb
@@ -38,6 +38,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32052.patch \
            file://CVE-2025-32053.patch \
            file://CVE-2025-4969.patch \
+           file://CVE-2025-32907.patch \
           "
 SRC_URI[sha256sum] = "f0a427656e5fe19e1df71c107e88dfa1b2e673c25c547b7823b6018b40d01159"
 

From patchwork Sun Jun 22 15:00:04 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 65448
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 1C956C7EE31
	for <webhook@archiver.kernel.org>; Sun, 22 Jun 2025 15:02:42 +0000 (UTC)
Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com
 [209.85.210.173])
 by mx.groups.io with SMTP id smtpd.web11.27815.1750604557172937513
 for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:37 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=AHjAUfp+;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.173,
 mailfrom: steve@sakoman.com)
Received: by mail-pf1-f173.google.com with SMTP id
 d2e1a72fcca58-747fba9f962so2480468b3a.0
        for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1750604556;
 x=1751209356; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=tA9ks3hAHFM/aXMpNKCnV9CMuGIv2hBF2OZ6HjdW7dI=;
        b=AHjAUfp+MwhJQQxAXHCHOS76Eu9iTBRy7MDAM1uYHCi2K1/+QdeDaSrRUi+OWcqo+S
         9ItGdjmvWL1yy8Y48dj7qh44U5EpvDtWTXA+F8TEL4M60JoWCOY0wTWqgmGuo4gMWTBQ
         1PoiuZ7uevAqXLNrIq9J8oeLgh7px/PAfHXojBwqhJIgT/2+e0gNTnG1ln2Qc1BUP4VV
         QSn7rhiHSk2SWNfPpFQxzYHf71ea7ET9ZK+aL1nnYJfABOWzoTsjLtcNb2UcKJL2PPCp
         azCghWsdBnp291XHgtgiejZwRhnjjdlpBBX8iM9N71IfhEYDOPOMqRBJPs9GQhpeIoY0
         g5BA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1750604556; x=1751209356;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=tA9ks3hAHFM/aXMpNKCnV9CMuGIv2hBF2OZ6HjdW7dI=;
        b=CCD10V5MuvUfdlFnZZOi8BQwBO2l7q0lkbvBmk+BT158vCvaByVqu5KCQYxmNg2nrn
         gbHNd8eFWEeFz7j4jnEONU/J4forKHRbCl+69RCK1mRuDwHkTUc/XBGSCrdc0k9hxsfy
         ENPsK9e129WMauOSEoLBTl6rqoXq5mFc01p6sP9T7urfS8mv6vW0w0NWMNCPmKA4nCZu
         0z/o6Lz/AY2D77qY3z/YEi9SeaK9ST3P7pAeONtuK/iyMS1tE1Wpv6sShA+ksJgyoTRk
         ixzL7izwg0dtMWP0GlnrtmGKqxWEpIuG+ULIPI58OF2rtBdK+5Jv1+QjDrBYHdhhy+d/
         9RuA==
X-Gm-Message-State: AOJu0YxIC7PWWfviMicqkPnV7nD3Jj5acR9NY8g5uCmoSnWhA0zXhP+8
	ni6Q7spPz3Dpkz0t48sQGi77DoNqzUX1/P6SbVwJdIGrhy2Lc3ZtjBJwiWaWT2W3gYIsYxKEDrp
	UHmGSjvY=
X-Gm-Gg: ASbGncshtFVk7o8Ind+epVCGmmBW1gGhaED447AwZnfuiu3SOqR1IkZxAt2BR0dQFOu
	55P+jmdS0VV+xULCJUeIb6JZXdgerjnq1HxGpXAWO58dIGtle0VxL519GstwhTcSTm1Flq6l7JH
	9uEBfmDeazL5E+EuJB0W/guMq+caDcdXhjRwJeFAXluK0QbaQfo8Nc7lrI5uYbcZAiOOaWlYkZA
	4ZohunCZ8uVDY4sIcSfIvYSmmkpTrzlZoAhh/qTnhEfCAkWJbFcqmNSpkJPIw3kmcfNZ0ekX0dR
	iWZiQYZ5aclz6bq6Ta2yaPZygfplnt6kDvrsF4KWbMA1E8yizIYjWpS5vhjDkLJa
X-Google-Smtp-Source: 
 AGHT+IHNmxKA2yGNjPmZYdcOp0nRUgWheFVU4qHhwBxPgWiBwTFdgM/NnbQpkoWOhwYOEL539m16gQ==
X-Received: by 2002:a05:6a00:2e03:b0:748:a0b9:f873 with SMTP id
 d2e1a72fcca58-7490f548544mr11978380b3a.9.1750604556288;
        Sun, 22 Jun 2025 08:02:36 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:4a75:9ad8:d661:8bd8])
        by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-7490a46eb71sm6222521b3a.22.2025.06.22.08.02.35
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 22 Jun 2025 08:02:36 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 09/14] libsoup-2.4: fix CVE-2025-46421
Date: Sun, 22 Jun 2025 08:00:04 -0700
Message-ID: 
 <33bf900bcb563c5769b75e69059751f969a8771f.1750604257.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1750604257.git.steve@sakoman.com>
References: <cover.1750604257.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Sun, 22 Jun 2025 15:02:42 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/219187

From: Changqing Li <changqing.li@windriver.com>

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/439

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup-2.4/CVE-2025-46421.patch  | 47 +++++++++++++++++++
 .../libsoup/libsoup-2.4_2.74.2.bb             |  1 +
 2 files changed, 48 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-46421.patch

diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-46421.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-46421.patch
new file mode 100644
index 0000000000..26067c4bb8
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-46421.patch
@@ -0,0 +1,47 @@
+From 5eb225f02bb35de56cfeedd87bde716bf1cb750b Mon Sep 17 00:00:00 2001
+From: Patrick Griffis <pgriffis@igalia.com>
+Date: Wed, 5 Feb 2025 16:18:10 -0600
+Subject: [PATCH] session: Strip authentication credentails on
+ cross-origin redirect
+
+This should match the behavior of Firefox and Safari but not of Chromium.
+
+CVE: CVE-2025-46421
+Upstream-Status: Backport
+[https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/436/diffs?commit_id=3e5c26415811f19e7737238bb23305ffaf96f66b]
+
+Test code not added since it included some headers not in version 2.74.3
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-session.c |  8 +++++++-
+ 1 files changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-session.c b/libsoup/soup-session.c
+index 83421ef..8d6ac61 100644
+--- a/libsoup/soup-session.c
++++ b/libsoup/soup-session.c
+@@ -1189,12 +1189,18 @@ soup_session_redirect_message (SoupSession *session, SoupMessage *msg)
+ 						   SOUP_ENCODING_NONE);
+ 	}
+ 
++	/* Strip all credentials on cross-origin redirect. */
++	if (!soup_uri_host_equal (soup_message_get_uri (msg), new_uri)) {
++		soup_message_headers_remove (msg->request_headers, "Authorization");
++		soup_message_set_auth (msg, NULL);
++	}
++
+ 	soup_message_set_uri (msg, new_uri);
+ 	soup_uri_free (new_uri);
+ 
+ 	soup_session_requeue_message (session, msg);
+ 	return TRUE;
+-}
++}
+ 
+ static void
+ redirect_handler (SoupMessage *msg, gpointer user_data)
+ 
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb
index 38307fa3d5..347fe1aa21 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb
@@ -39,6 +39,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32053.patch \
            file://CVE-2025-4969.patch \
            file://CVE-2025-32907.patch \
+           file://CVE-2025-46421.patch \
           "
 SRC_URI[sha256sum] = "f0a427656e5fe19e1df71c107e88dfa1b2e673c25c547b7823b6018b40d01159"
 

From patchwork Sun Jun 22 15:00:05 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 65449
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 1C904C7EE2E
	for <webhook@archiver.kernel.org>; Sun, 22 Jun 2025 15:02:42 +0000 (UTC)
Received: from mail-pf1-f179.google.com (mail-pf1-f179.google.com
 [209.85.210.179])
 by mx.groups.io with SMTP id smtpd.web11.27816.1750604558839552977
 for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:38 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=bw2w1eFN;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.179,
 mailfrom: steve@sakoman.com)
Received: by mail-pf1-f179.google.com with SMTP id
 d2e1a72fcca58-747c2cc3419so2252756b3a.2
        for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1750604558;
 x=1751209358; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=vldijVURK8bjd5smqrrrfGC7EqyKyZtxSEq+H83TDLI=;
        b=bw2w1eFN3+HNYCIcOgWPssqIO/YHygEF2W66Hv3FaKZg6EMrtJjYZtKqrtO7Pap7zt
         WPXhryzOtLujF5E8wOPsFmQlbaIM9nhrbDM3PyUqLubKku/7szKNS/x+NqkBnQ5n9Qva
         VTPEPydwkHTA98kDaPMZa5MgFQFmlGOypz8GUPybD0BR71DIXt9lmWZsvbzuO0KJtbiU
         1yo9KXcbki73Q9bzIP3p2MmMM9sbg0UzDC6sEOLPcwUmAbW3d2cNlWu9O8GEZbfD3+ox
         IQBr/FUtn7dKPxBEITip/vlTcY8KhMf5DDwra53KC4nqhM/l6Rcg0SGMW8qh+etmIzB8
         m2dA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1750604558; x=1751209358;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=vldijVURK8bjd5smqrrrfGC7EqyKyZtxSEq+H83TDLI=;
        b=pGl5MXwwpMBNI5/ga03PjI6njiOT0PcsvTuEa9g1KpY+irwqJK+K07pBmeMQX43517
         2OVXgjlhnewCLyz+k4tvTFWncsFFcJqftSB4c/9CFI030BQWnkTfHV+eXjrMmNpBJg/e
         VOjEaEZYLkj7SxtiPw6P2UhXvfw99UIxiqv0VguCaa9AxdTuG9N5QRj2ncjoLrcS193m
         ZNgens6AhFtgDSbvSqimOr5qCEWZb95wu4WndDQIN0Ig+v5RHFARFcnSQIrB2JEImOqY
         ja6kfdN+Yw3R2wAAsX+pSWdxXibj3KAxKjhoLlLE7fR/i3Hue43psc0TJ1X2U9/N1zKK
         0B/w==
X-Gm-Message-State: AOJu0YyfJqB53Kg4SSgf+KkDR/S8K8rnaOjH7eg57dGs3DjqmFoMNW6e
	qeLA0yowueflFnXKp7yc7Xe9PuaHJydYWApfU3YBPwD8rhrSu4oHtPdZ7lWHrq4rD9HyfNw1M9S
	42cIbhSQ=
X-Gm-Gg: ASbGncsQFX1jqqiRQwzvjPYSyizxkW2mG3Gn4s+4sRw2nZ4m9IDEmbvHe91lrAuc+wd
	6t0wdmHrRqpQS+6S4BBNbhngiVu/xQAxxt+CFLOD9t7v/5dmGW+zsT9l/CRieIb+yXtqGfMrKnz
	2gmCXYlIKZwCs6nBs7C+w7DI2MyCRfM2cjXRK8U77i3l/CUdKvZcmsRsnEcLKbioTj6F5+PgzzM
	jxGO4d7kyEOwkwPcyCfZj5iezPSjFYsSQ9nt58GTdHpQLnyTH+p6L9VmnJKrUeM5UuIm+bDEdRV
	eAd1TYWJQVSnzcLrPb0erp/YOpj9WhPKVU765QtTO0rCNIxZYpIqGA==
X-Google-Smtp-Source: 
 AGHT+IFtHKpNEXvzAvlb1xNxonFYu3Ld8AwM8lkvezQjojP+1zef2rrYTW58mp3WA5obOnzVhcmMsw==
X-Received: by 2002:a05:6a00:2450:b0:736:50d1:fc84 with SMTP id
 d2e1a72fcca58-7490dabc137mr13245666b3a.21.1750604557940;
        Sun, 22 Jun 2025 08:02:37 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:4a75:9ad8:d661:8bd8])
        by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-7490a46eb71sm6222521b3a.22.2025.06.22.08.02.37
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 22 Jun 2025 08:02:37 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 10/14] libsoup-2.4: fix CVE-2025-4948
Date: Sun, 22 Jun 2025 08:00:05 -0700
Message-ID: 
 <d5af0295d26f8967dfe49a53ffa6f275e249d087.1750604257.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1750604257.git.steve@sakoman.com>
References: <cover.1750604257.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Sun, 22 Jun 2025 15:02:42 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/219188

From: Changqing Li <changqing.li@windriver.com>

Refer:
http://gitlab.gnome.org/GNOME/libsoup/-/issues/449

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup-2.4/CVE-2025-4948.patch   | 38 +++++++++++++++++++
 .../libsoup/libsoup-2.4_2.74.2.bb             |  1 +
 2 files changed, 39 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4948.patch

diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4948.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4948.patch
new file mode 100644
index 0000000000..b15b8c763d
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4948.patch
@@ -0,0 +1,38 @@
+From dfdc9b3cc73e6fe88cc12792ba00e14642572339 Mon Sep 17 00:00:00 2001
+From: Milan Crha <mcrha@redhat.com>
+Date: Thu, 15 May 2025 17:49:11 +0200
+Subject: [PATCH] soup-multipart: Verify boundary limits for multipart body
+
+It could happen that the boundary started at a place which resulted into
+a negative number, which in an unsigned integer is a very large value.
+Check the body size is not a negative value before setting it.
+
+Closes https://gitlab.gnome.org/GNOME/libsoup/-/issues/449
+
+Part-of: <https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/463>
+
+CVE: CVE-2025-4948
+Upstream-Status: Backport
+[https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/463/diffs?commit_id=f2f28afe0b3b2b3009ab67d6874457ec6bac70c0]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-multipart.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-multipart.c b/libsoup/soup-multipart.c
+index dd93973..ce2fc10 100644
+--- a/libsoup/soup-multipart.c
++++ b/libsoup/soup-multipart.c
+@@ -214,7 +214,7 @@ soup_multipart_new_from_message (SoupMessageHeaders *headers,
+ 		 */
+ 		part_body = soup_buffer_new_subbuffer (flattened,
+ 						       split - flattened->data,
+-						       end - 2 - split);
++						       end - 2 >= split ? end - 2 - split : 0);
+ 		g_ptr_array_add (multipart->bodies, part_body);
+ 
+ 		start = end;
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb
index 347fe1aa21..aa2903030d 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb
@@ -40,6 +40,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-4969.patch \
            file://CVE-2025-32907.patch \
            file://CVE-2025-46421.patch \
+           file://CVE-2025-4948.patch \
           "
 SRC_URI[sha256sum] = "f0a427656e5fe19e1df71c107e88dfa1b2e673c25c547b7823b6018b40d01159"
 

From patchwork Sun Jun 22 15:00:06 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 65446
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 04F20C7EE2A
	for <webhook@archiver.kernel.org>; Sun, 22 Jun 2025 15:02:42 +0000 (UTC)
Received: from mail-pf1-f181.google.com (mail-pf1-f181.google.com
 [209.85.210.181])
 by mx.groups.io with SMTP id smtpd.web11.27817.1750604561024475578
 for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:41 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=yN63nYXB;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.181,
 mailfrom: steve@sakoman.com)
Received: by mail-pf1-f181.google.com with SMTP id
 d2e1a72fcca58-747fba9f962so2480489b3a.0
        for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1750604560;
 x=1751209360; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=GUZK7UUS37DQD/SgGwUC3x5M9ESZCkWsaXby+sCLE54=;
        b=yN63nYXB7VMVduQfFUYFVBRocx1/HKRZr1oaRkaaDVO31EBrC34tY3EzPLw8nWuuLt
         tSEh1wns1kyFcDPAiAtUTsHwX5o6H7dpA3Wcnzt7kKOkPhzXqTfwBM7tMy3xkrRpIljB
         j42daL9NWfY5amlxdZ20Ny6h0+ezk27711sTHQmSRBILXV3pmKL9DfPH3pYxYBZcKgL9
         QyI0mFHcdB51WHz/5QN3QbZxb0X2GRWv9DnINvKjkgmMrLi9CKnVgjLM8nUtDy08rblX
         R2mKG9CHTLUjQwHi1NZGu+ZFZZHjQ4aHnI+rTmmnfl8a+ZQB2zWgmpNRwifUEgF1E/wf
         5XLQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1750604560; x=1751209360;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=GUZK7UUS37DQD/SgGwUC3x5M9ESZCkWsaXby+sCLE54=;
        b=AMDFs8GBoaZOSKFUgGLOgZd4JuOyq17qpM/lOziPaQgWnqLwveOy63gBVDne2q8Wj2
         vhxzkNvxGCxhvRHBR1wn/7lHdc26Pfo+7AZTUtRwymCsmuLvJOqbfnNC7MZbQOBmlRZW
         ei7kXPKy7l5h3Wh8Xb3B2j1Mb5dsRbSS0pKsvevaxbOLoPoSoKB+N1cfU3QAs96E04pr
         gphsncaBAPCgqtqpEDa+Qm7YBZfEeG42Bm4uFb5sS7a+hk2PorffWXzj+nneBR1f98/X
         qHwn1rQ6r2aCXkvs9ctvJbMeU1xRSpBkxzcYTKOO8jKwUmGNvJjgkwpXzLIRSdsQ1iah
         f1Hw==
X-Gm-Message-State: AOJu0Yx/h3sODQ1TsCD1880QN+FoqZ5ownYnRtBDBSCeBBGx+xN2rI6y
	9EQrjBOMM9tiE/8DyduMMk4PMN9nw6ZC0Pd4QXyfHWFsIUcmOwTYTDlT/PJ+bfsdWNRv/kAsWGE
	sO/nfsr4=
X-Gm-Gg: ASbGncvwm/ZwFAiF/8r+TE8WdeUX3VZNAkmwTX/b1Nv2u+aBaRuJK/IyknoRd9GCpZZ
	DgPnsWDsnfxVxjTns1U2Phle4AEnggCceBHUPNLyo10WKtIDRQnsQ/RVMZq/uXHQwubzkIuuOgs
	c00qF3+kFrn6VJItbxSvHBDy/SeAFIfm8MlmiThUXE/nrBXrompoCIsLplShZW2KHs/VnZcQdwJ
	ltOjtZfHzkLX7ezqhhKUfjuVd1VGibnGrf1vrQXeQMQWpq9z0qTTCHiGKOmKPodxnmveTNiCmUS
	GyDZ/0vzsIwVjwpRAyKINtHnQeiXB8h0IovkOyLMNJA80DfCHQ2gr0TzkphZPzm7
X-Google-Smtp-Source: 
 AGHT+IF3FWwYseTQtw+hrPcO6vPy0Fd0G3Js2qFZxBHxI1T38LPHuOiCQpUXW2A4oV+FDKvTiXBntg==
X-Received: by 2002:a05:6a00:9496:b0:746:195b:bf1c with SMTP id
 d2e1a72fcca58-7490f5a435emr11746883b3a.10.1750604560174;
        Sun, 22 Jun 2025 08:02:40 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:4a75:9ad8:d661:8bd8])
        by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-7490a46eb71sm6222521b3a.22.2025.06.22.08.02.39
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 22 Jun 2025 08:02:39 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 11/14] libsoup-2.4: fix CVE-2025-4476
Date: Sun, 22 Jun 2025 08:00:06 -0700
Message-ID: 
 <2be01469687f30f33b768164f66916b081cc8c62.1750604257.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1750604257.git.steve@sakoman.com>
References: <cover.1750604257.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Sun, 22 Jun 2025 15:02:42 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/219189

From: Changqing Li <changqing.li@windriver.com>

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/440

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/libsoup-2.4/CVE-2025-4476.patch   | 38 +++++++++++++++++++
 .../libsoup/libsoup-2.4_2.74.2.bb             |  1 +
 2 files changed, 39 insertions(+)
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch

diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch
new file mode 100644
index 0000000000..874f62e7ad
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch
@@ -0,0 +1,38 @@
+From 52a0f9234d384b9dab368835b22e5a5a01542168 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Fri, 16 May 2025 14:16:10 +0800
+Subject: [PATCH] auth-digest: fix crash in
+ soup_auth_digest_get_protection_space()
+
+We need to validate the Domain parameter in the WWW-Authenticate header.
+
+Unfortunately this crash only occurs when listening on default ports 80
+and 443, so there's no good way to test for this. The test would require
+running as root.
+
+Fixes #440
+
+CVE: CVE-2025-4476
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/e64c221f9c7d09b48b610c5626b3b8c400f0907c?merge_request_iid=457]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-auth-digest.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libsoup/soup-auth-digest.c b/libsoup/soup-auth-digest.c
+index f1621ec..a2dc560 100644
+--- a/libsoup/soup-auth-digest.c
++++ b/libsoup/soup-auth-digest.c
+@@ -229,7 +229,7 @@ soup_auth_digest_get_protection_space (SoupAuth *auth, SoupURI *source_uri)
+ 			uri = soup_uri_new (d);
+ 			if (uri && uri->scheme == source_uri->scheme &&
+ 			    uri->port == source_uri->port &&
+-			    !strcmp (uri->host, source_uri->host))
++			    !g_strcmp0 (uri->host, source_uri->host))
+ 				dir = g_strdup (uri->path);
+ 			else
+ 				dir = NULL;
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb
index aa2903030d..686e3b6720 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb
@@ -41,6 +41,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
            file://CVE-2025-32907.patch \
            file://CVE-2025-46421.patch \
            file://CVE-2025-4948.patch \
+           file://CVE-2025-4476.patch \
           "
 SRC_URI[sha256sum] = "f0a427656e5fe19e1df71c107e88dfa1b2e673c25c547b7823b6018b40d01159"
 

From patchwork Sun Jun 22 15:00:07 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 65454
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 220A0C7115D
	for <webhook@archiver.kernel.org>; Sun, 22 Jun 2025 15:02:52 +0000 (UTC)
Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com
 [209.85.210.169])
 by mx.groups.io with SMTP id smtpd.web11.27818.1750604562429023415
 for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:42 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=F6DS/0rx;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.169,
 mailfrom: steve@sakoman.com)
Received: by mail-pf1-f169.google.com with SMTP id
 d2e1a72fcca58-747fc77bb2aso2531960b3a.3
        for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1750604561;
 x=1751209361; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=8014B0WRf4ADef2GVkDK4FzOj4ttxhTLdNiAysIKrM8=;
        b=F6DS/0rxMMPLKwgG1DRY9nv1Pkh/gAVxwzVLYRNtSj8jaNJ3TKvp9NT5e+rl/e2y8I
         fJW7qyPBStHIT5E6Zatg4jCx5Ifs4an7R173RChPo5isqC1BR9nPDZVZ5u832sMBLCO3
         ilMd+I7n/up4VaBJ7Ss7QL5j83nmJyUFgegdhR6WnA2/Eg75FD6g8Bfq+oIX3U+tX+JP
         y2hDVrXXg++7hgsWw5XUWF9suy9GUeefsS1zRnDrizVcU9jDQzQeg8ZdgOqiWgCQ1WtZ
         LF4RK8b+4fGd249P8rQFgwlJehVY5nTXdC8dUE2h4ZPMszjnlFGj+hRKUTQoI9macjsD
         NB+g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1750604561; x=1751209361;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=8014B0WRf4ADef2GVkDK4FzOj4ttxhTLdNiAysIKrM8=;
        b=vfDssT+1IcqTzwRHqsahfT5k1oEnATZ22Qncs5ReK4cscNHGhMxX/tPZ/1HfoCCJ2/
         IcwAe2hzvqauK4eQxd8BwwkEOuzj+WOae7Zp8PdZg0n/CD72EUrnkSFvZzAUvrXENFkn
         y1sgM+dvkzIxZJHEtGpvD9IFAuC/ByvMCm32bM/kWVzWv8zozX/qZa097QjM5AUrRv1D
         TGjdQw7HNTW2PDrob7cK9t34qNgLTTf3xKp1BP9iEZqQzWqrsOtjEhTszJmxGKngR0g6
         TyGO+c4aBulpftxN/lCBoc4TBUG69vdXNFMk9oflE6amBQEtj3wmNPofqiMjokpUUaYj
         0Y6g==
X-Gm-Message-State: AOJu0YxlkucV57ExG8G6xkCBqXF8cwnkHFjnUbiGousB+hXgF8LvrgJx
	SH+dE9irl0SnJ7ZH73ugSEWwFsy6JZWpTO5QOO8VFpQvQzmZEkh0DMjTpZ9VK6hUtnwDA6+I6jH
	JKolThyw=
X-Gm-Gg: ASbGncswyLoUshl5RTtp0OkGg+YRTfHvarRUqTDChdc3rDqvzIgfe7onBWFQg39Wn9d
	4SejD/GEFoWb0qP+A26n17Kr1a6RoPNOsLT8hPkAq74IQcRE/TaYOq3gbzkEWpONu+eQA263jUD
	k+dfqzLhUbrnoY0RMQ3M/DfzKI7s7sxLUBWLAWaKyiqOV0QQ5BoZTI1JmvAwwtwnUUWwmA2UW/0
	hUbBpxrkrbBUd4qBFkpLdhwSTJZ9+wMl9VUUmaBdNMPm2+AXXEVb6YGTKNyi5YkMH1aRv+3yylE
	bVwsLBDdwhgyhJgtRGce898aFYvo68/mQ5I9N99Ro1TJvlDEV0TAlQ==
X-Google-Smtp-Source: 
 AGHT+IEwpde34iuoG68wA/62B7R2nGGL8Spbs3wscHOhyuxlT27VVy4QvKh9jQHy4bWSgQXSiqtOMA==
X-Received: by 2002:a05:6a00:140f:b0:742:a111:ee6f with SMTP id
 d2e1a72fcca58-7490d6dc413mr10025744b3a.10.1750604561538;
        Sun, 22 Jun 2025 08:02:41 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:4a75:9ad8:d661:8bd8])
        by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-7490a46eb71sm6222521b3a.22.2025.06.22.08.02.41
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 22 Jun 2025 08:02:41 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 12/14] go: ignore CVE-2024-3566
Date: Sun, 22 Jun 2025 08:00:07 -0700
Message-ID: 
 <571fd82e29fe809c63a5743e534ed7816d787963.1750604257.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1750604257.git.steve@sakoman.com>
References: <cover.1750604257.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Sun, 22 Jun 2025 15:02:52 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/219190

From: Peter Marko <peter.marko@siemens.com>

NVD ([1]) tracks this as:
cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*
Running on/with
  cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Yocto cve-check ignores the "Running on/with", so it needs to be ignored
explicitly.

[1] https://nvd.nist.gov/vuln/detail/CVE-2024-3566

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/go/go-binary-native_1.17.13.bb | 3 +++
 meta/recipes-devtools/go/go-common.inc               | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/meta/recipes-devtools/go/go-binary-native_1.17.13.bb b/meta/recipes-devtools/go/go-binary-native_1.17.13.bb
index 4ee0148417..0f356b0e79 100644
--- a/meta/recipes-devtools/go/go-binary-native_1.17.13.bb
+++ b/meta/recipes-devtools/go/go-binary-native_1.17.13.bb
@@ -14,6 +14,9 @@ SRC_URI[go_linux_arm64.sha256sum] = "914daad3f011cc2014dea799bb7490442677e4ad6de
 UPSTREAM_CHECK_URI = "https://golang.org/dl/"
 UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux"
 
+# not-applicable-platform: Issue only applies on Windows
+CVE_CHECK_IGNORE += "CVE-2024-3566"
+
 S = "${WORKDIR}/go"
 
 inherit goarch native
diff --git a/meta/recipes-devtools/go/go-common.inc b/meta/recipes-devtools/go/go-common.inc
index 83f8db7b39..e2ffba27bd 100644
--- a/meta/recipes-devtools/go/go-common.inc
+++ b/meta/recipes-devtools/go/go-common.inc
@@ -19,6 +19,9 @@ S = "${WORKDIR}/go"
 B = "${S}"
 UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.src\.tar"
 
+# not-applicable-platform: Issue only applies on Windows
+CVE_CHECK_IGNORE += "CVE-2024-3566"
+
 INHIBIT_PACKAGE_DEBUG_SPLIT = "1"
 SSTATE_SCAN_CMD = "true"
 

From patchwork Sun Jun 22 15:00:08 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 65451
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 2210AC7EE2A
	for <webhook@archiver.kernel.org>; Sun, 22 Jun 2025 15:02:52 +0000 (UTC)
Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com
 [209.85.210.173])
 by mx.groups.io with SMTP id smtpd.web11.27819.1750604564727522104
 for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:44 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=tRmnnuaI;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.173,
 mailfrom: steve@sakoman.com)
Received: by mail-pf1-f173.google.com with SMTP id
 d2e1a72fcca58-748d982e92cso2077260b3a.1
        for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1750604563;
 x=1751209363; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=Qw6/DijYkNDT7wAHqSw+COjU5j2bjo7hrBlHAaLJPts=;
        b=tRmnnuaIAjkMvOtXnW7MYVp8vz9Ie59SeyEUSlOOWv/2TN75+mJE5C3xKfl0EL/ZJQ
         Vg+GaRK7YFyljJBYN3XWkHJHS63k0rqtYDzR4ueolJVFpJJxGtedjWuDFUIhNkDhhCfo
         7nW4vY6GOwkWlHCBSiSh3UizJE2pvgP5Oavz7ykeSSq/zON1LGzvQzqagQqo3INfbq/a
         a04X4EZkk46iZj0/kHrqvFaIAV2Ghup1LUNVt5XuZCLTX9nfU4FA3qomP/WugLsnmJ61
         u3Ld952S9B4Waqn1L5+6YBsFOSjAit4r41E9I0gEdY/dUWamPJKh5FWDEsMD5UT/cfk5
         8vqg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1750604563; x=1751209363;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=Qw6/DijYkNDT7wAHqSw+COjU5j2bjo7hrBlHAaLJPts=;
        b=ZvemYrRtQbD8KZ32zRrCfna76Sg4igakUrsmok/+WqVaRhUKQe4S0Tmtq8VN47o3cd
         Blibqs4b8OZQ0oBEjQrEtOwWfA7Q7Bt1lL4hSjHu1aCxru7Pf1Bnl5iWMLzOAGV+Fbio
         pvcZkJ5zAccqYv2wUJijiO6LORbaGxseBORJv87a8AQxL2T5ng8wch6dgULklSJxw0bx
         /z2pvIzigcBgijPt96h14m0XcNMXm7XbYAvHgeMZOaGZh7coC6OXSLNFtzOPn9WnGyPi
         k/8a9TgP92hR89cpq4aJs6zvic7mVddt44d2eG5YuDEA0CSWvVOpglBYhcc+I+MYQpWj
         wGmA==
X-Gm-Message-State: AOJu0YwB4Z7H9UQm8FkhlHOP2SqOCqX/b3v+RmvIBAQY+KQg9VX0fl82
	JmKgp76JRAEHw7FLQ0HsGTD5iSVtgb+WmVnV02MF8xdLG+8pWwJQnVam1wq9pfFFZpjp3smOAsm
	48/8HvYk=
X-Gm-Gg: ASbGncuBJaXfOugMC5RsIo3P3riep6tyZVaYPH/RYu7cH5OOG5/ZDH2RhDwm6rYOX5D
	q75JoUjZM0fWcpvy2wtyQ6+mnLxEDZNYCs+qZvv7Yc0Y6niEAJI2xHrvjFVCjzuHDKDEwR/RSBt
	kr5m9LVff9njyptroPEnXXb2n90isU7zQClPVAz3U2ihZro5AAkAnOvPquiiAmxXgrXrxE8N3cQ
	yNumAMjvu2zcCBNfEHfC81PKwL0GyJIY7jfBs/U9ZZOBIrrKUKQHsTzeCciwn2KREbqa3WDrVPh
	5sJzNayutpEJ2FuHV+kE0RAVk3IpQFAtKOETYLOFInuf686jUGy0tA==
X-Google-Smtp-Source: 
 AGHT+IGPQzjmguEmEThn6ogUDnmrMcocnYWahi2Ob3MS0MEDxCexzeGToIyRhwcdUyxt+EnEPl7YOw==
X-Received: by 2002:a05:6a00:1952:b0:742:3fb4:f992 with SMTP id
 d2e1a72fcca58-7490d9e4688mr11401198b3a.10.1750604562995;
        Sun, 22 Jun 2025 08:02:42 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:4a75:9ad8:d661:8bd8])
        by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-7490a46eb71sm6222521b3a.22.2025.06.22.08.02.42
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 22 Jun 2025 08:02:42 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 13/14] systemtap: add sysroot Python paths to
 configure flags
Date: Sun, 22 Jun 2025 08:00:08 -0700
Message-ID: 
 <85a5d7b1d2c8600f30e38e034f828e5897d9a093.1750604257.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1750604257.git.steve@sakoman.com>
References: <cover.1750604257.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Sun, 22 Jun 2025 15:02:52 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/219191

From: Soumya Sambu <soumya.sambu@windriver.com>

Explicitly set Python-related flags to use sysroot-staged headers and tools.

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-kernel/systemtap/systemtap_git.bb | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/meta/recipes-kernel/systemtap/systemtap_git.bb b/meta/recipes-kernel/systemtap/systemtap_git.bb
index c84fc27001..40ccf1d523 100644
--- a/meta/recipes-kernel/systemtap/systemtap_git.bb
+++ b/meta/recipes-kernel/systemtap/systemtap_git.bb
@@ -35,6 +35,13 @@ PACKAGECONFIG[python3-probes] = "--with-python3-probes,--without-python3-probes,
 inherit autotools gettext pkgconfig systemd
 inherit ${@bb.utils.contains('PACKAGECONFIG', 'python3-probes', 'setuptools3-base', '', d)}
 
+EXTRA_OECONF += " \
+    PYTHON_CPPFLAGS=-I${STAGING_INCDIR}/python${PYTHON_BASEVERSION} \
+    PYTHON3_CONFIG=${STAGING_BINDIR_NATIVE}/python3-config \
+"
+
+CPPFLAGS:append = " -I${STAGING_INCDIR}/python${PYTHON_BASEVERSION}"
+
 # exporter comes with python3-probes
 PACKAGES =+ "${PN}-exporter"
 FILES:${PN}-exporter = "${sysconfdir}/stap-exporter/* \

From patchwork Sun Jun 22 15:00:09 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 65453
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 2D1CEC7EE2E
	for <webhook@archiver.kernel.org>; Sun, 22 Jun 2025 15:02:52 +0000 (UTC)
Received: from mail-pf1-f178.google.com (mail-pf1-f178.google.com
 [209.85.210.178])
 by mx.groups.io with SMTP id smtpd.web10.27636.1750604565907703632
 for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:45 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=VEGfmZNt;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.178,
 mailfrom: steve@sakoman.com)
Received: by mail-pf1-f178.google.com with SMTP id
 d2e1a72fcca58-747ef5996edso2491911b3a.0
        for <openembedded-core@lists.openembedded.org>;
 Sun, 22 Jun 2025 08:02:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1750604565;
 x=1751209365; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=9e+jR2aBt/wpoawReuYUr0L/yMMRrqUxhs6PBk90U5Q=;
        b=VEGfmZNtUFfEltWpD4AVISolJBtqfs4N/5flEMHru+v3M1E6ROvXSeejyflR/GVjga
         JLR70Hcc49HdVBcoTFkIosvOah+S4Ufvu/49OZksfCQvmVKR5dV5nx2JmXFmeGmGMslk
         sq3C7CyS+f3Pa3UgqhTAO/hm7e4uqp42HXITSODSBMNZVXOCjCzliuEMYtzxjt2/rxdq
         0CmuYgTYoTcajB4KID80fwt0Iheg+GY7kDMflsUaJCzAP5mj/XPWZO/g4i11D8R2Xb/4
         /DAycUHdqTmfluO/cw3q8B1HzIhttt6poSjf31tsNIsd0jK+RIqpUTVBw0ne0BwPpbg+
         XcQg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1750604565; x=1751209365;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=9e+jR2aBt/wpoawReuYUr0L/yMMRrqUxhs6PBk90U5Q=;
        b=dSwE8XZuDTgUsmSs6fOd/wnhcvwDWSQr8myLJ3warC84wRkAV5ah+m9mP3X3oUrR8D
         Si974XkMcgJGi0KqIHLyX756Cj5yE5AdkoXOgKHAdUpH/7YyBSYl3LeVnIoW6u05M8A2
         6IilSiuw7EYr2KrpLyOE/rcxPHbV/ur6+/6RwFiXkypnCHA5Bs4Ft9rPLHDQuZ4lPQVU
         IrjpfCNUry7+pwy5Jlu5+J/Qk1nFreIqyzYLs+IQUSmnMJNaC0G/1LYSQK3M3QIeqq+V
         OuZrUqC+Y8Fx0nwYDu1mxNYHe4E4vxVlsMgnexoPl36gjtThMgkY0OsygrpvZbi9r4AL
         bYzw==
X-Gm-Message-State: AOJu0YxENeB4uN/B06135wEN+Kz8mY9mxONUMBJuiMQqwHn3S4dKnCs8
	sG3SMyXu3+wSyGm/CtLWvOtIA0zBrUKHM/r/GH2ZU02PrryBENH+yrfj3Y1ZDEBkGsgqdNNpfex
	01mhCV0w=
X-Gm-Gg: ASbGncue4EIpIS80fkem1SODn/Fgh0hCm0jLvch0JiuXZ6j5VL10bRA9jUi+kwx/idX
	C24JVGetE6APWL7g+zc+ZT2Re2zbhV2Ix1GmDopwj0M4uXQe6MTy55ZW8gQN9L1vRYPyDBT94Ry
	MwP9/KIee1OyKKVTxYS2FLWAH6D+fqwZWzTF7Ig8zQzkDsd4mm9qOHaNaLHqwntb+8x45lgHgRe
	2UyR1ImOMtx90tA1vP0KUox6xLDMjoCIEGvfn5sjB7Af1/+7Ty9IdzKRlNhTiO+iTtjpx/C4My+
	vkjpoED3r111Zh8yiOV8fNGXlkGfDkjKkvaA8nbL1SUHxrnF3ueEAg==
X-Google-Smtp-Source: 
 AGHT+IFOWfFarHSxzS4/IG5Gi7i+SsOqXHWKh0Wf3TIuomaT7hymChvxB5O/eGyefs3i6M/b4A/Eiw==
X-Received: by 2002:a05:6a00:1804:b0:73c:b86:b47f with SMTP id
 d2e1a72fcca58-7490d6636a8mr14816570b3a.4.1750604564847;
        Sun, 22 Jun 2025 08:02:44 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:4a75:9ad8:d661:8bd8])
        by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-7490a46eb71sm6222521b3a.22.2025.06.22.08.02.43
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 22 Jun 2025 08:02:44 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 14/14] cmake: Correctly handle cost data of tests
 with arbitrary chars in name
Date: Sun, 22 Jun 2025 08:00:09 -0700
Message-ID: 
 <f6a160f7ea57af6dfeca003e6c05aa42419fb755.1750604257.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1750604257.git.steve@sakoman.com>
References: <cover.1750604257.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Sun, 22 Jun 2025 15:02:52 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/219193

From: Moritz Haase <Moritz.Haase@bmw.de>

ctest automatically optimizes the order of (parallel) test execution based on
historic test case runtime via the COST property (see [0]), which can have a
significant impact on overall test run times. Sadly this feature is broken in
CMake < 4.0.0 for test cases that have spaces in their name (see [1]).

This commit is a backport of f24178f3 (which itself backports the upstream fix).
the patch was adapted slightly to apply cleanly to the older CMake version in
kirkstone. As repeated test runs are expected to mainly take place inside the
SDK, the patch is only applied to 'nativesdk' builds.

[0]: https://cmake.org/cmake/help/latest/prop_test/COST.html
[1]: https://gitlab.kitware.com/cmake/cmake/-/issues/26594

Reported-By: John Drouhard <john@drouhard.dev>
Signed-off-by: Moritz Haase <Moritz.Haase@bmw.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../cmake/cmake-native_3.22.3.bb              |   2 +-
 ...trary-characters-in-test-names-of-CT.patch | 205 ++++++++++++++++++
 meta/recipes-devtools/cmake/cmake_3.22.3.bb   |   1 +
 3 files changed, 207 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-devtools/cmake/cmake/0001-ctest-Allow-arbitrary-characters-in-test-names-of-CT.patch

diff --git a/meta/recipes-devtools/cmake/cmake-native_3.22.3.bb b/meta/recipes-devtools/cmake/cmake-native_3.22.3.bb
index 45ea78ae00..447554aa2e 100644
--- a/meta/recipes-devtools/cmake/cmake-native_3.22.3.bb
+++ b/meta/recipes-devtools/cmake/cmake-native_3.22.3.bb
@@ -49,7 +49,7 @@ do_compile() {
 do_install() {
 	oe_runmake 'DESTDIR=${D}' install
 
-	# The following codes are here because eSDK needs to provide compatibilty
+	# The following codes are here because eSDK needs to provide compatibility
 	# for SDK. That is, eSDK could also be used like traditional SDK.
 	mkdir -p ${D}${datadir}/cmake
 	install -m 644 ${WORKDIR}/OEToolchainConfig.cmake ${D}${datadir}/cmake/
diff --git a/meta/recipes-devtools/cmake/cmake/0001-ctest-Allow-arbitrary-characters-in-test-names-of-CT.patch b/meta/recipes-devtools/cmake/cmake/0001-ctest-Allow-arbitrary-characters-in-test-names-of-CT.patch
new file mode 100644
index 0000000000..10fc4f545e
--- /dev/null
+++ b/meta/recipes-devtools/cmake/cmake/0001-ctest-Allow-arbitrary-characters-in-test-names-of-CT.patch
@@ -0,0 +1,205 @@
+From 4f992e105bf4a85062bb439ca63daefc8a992f94 Mon Sep 17 00:00:00 2001
+From: John Drouhard <john@drouhard.dev>
+Date: Thu, 9 Jan 2025 20:34:42 -0600
+Subject: [PATCH] ctest: Allow arbitrary characters in test names of
+ CTestCostData.txt
+
+This changes the way lines in CTestCostData.txt are parsed to allow for
+spaces in the test name.
+
+It does so by looking for space characters from the end; and once two
+have been found, assumes everything from the beginning up to that
+second-to-last-space is the test name.
+
+Additionally, parsing the file should be much more efficient since there
+is no string or vector heap allocation per line. The std::string used by
+the parse function to convert the int and float should be within most
+standard libraries' small string optimization.
+
+Fixes: #26594
+
+Upstream-Status: Backport [4.0.0, 040da7d83216ace59710407e8ce35d5fd38e1340]
+Signed-off-by: Moritz Haase <Moritz.Haase@bmw.de>
+---
+ Source/CTest/cmCTestMultiProcessHandler.cxx | 80 +++++++++++++++------
+ Source/CTest/cmCTestMultiProcessHandler.h   |  3 +-
+ Tests/CTestTestScheduler/CMakeLists.txt     |  4 +-
+ 3 files changed, 64 insertions(+), 23 deletions(-)
+
+diff --git a/Source/CTest/cmCTestMultiProcessHandler.cxx b/Source/CTest/cmCTestMultiProcessHandler.cxx
+index d90c4a64651e4d53cc219abe76cb10a342e8aa35..311d2368bcc99abfb4b61c77032b26a440bc5bde 100644
+--- a/Source/CTest/cmCTestMultiProcessHandler.cxx
++++ b/Source/CTest/cmCTestMultiProcessHandler.cxx
+@@ -19,6 +19,7 @@
+ #include <vector>
+ 
+ #include <cm/memory>
++#include <cm/string_view>
+ #include <cmext/algorithm>
+ 
+ #include <cm3p/json/value.h>
+@@ -41,6 +42,51 @@
+ #include "cmUVSignalHackRAII.h" // IWYU pragma: keep
+ #include "cmWorkingDirectory.h"
+ 
++namespace {
++
++struct CostEntry
++{
++  cm::string_view name;
++  int prevRuns;
++  float cost;
++};
++
++cm::optional<CostEntry> splitCostLine(cm::string_view line)
++{
++  std::string part;
++  cm::string_view::size_type pos1 = line.size();
++  cm::string_view::size_type pos2 = line.find_last_of(' ', pos1);
++  auto findNext = [line, &part, &pos1, &pos2]() -> bool {
++    if (pos2 != cm::string_view::npos) {
++      cm::string_view sub = line.substr(pos2 + 1, pos1 - pos2 - 1);
++      part.assign(sub.begin(), sub.end());
++      pos1 = pos2;
++      if (pos1 > 0) {
++        pos2 = line.find_last_of(' ', pos1 - 1);
++      }
++      return true;
++    }
++    return false;
++  };
++
++  // parse the cost
++  if (!findNext()) {
++    return cm::nullopt;
++  }
++  float cost = static_cast<float>(atof(part.c_str()));
++
++  // parse the previous runs
++  if (!findNext()) {
++    return cm::nullopt;
++  }
++  int prev = atoi(part.c_str());
++
++  // from start to the last found space is the name
++  return CostEntry{ line.substr(0, pos1), prev, cost };
++}
++
++}
++
+ namespace cmsys {
+ class RegularExpression;
+ }
+@@ -691,24 +737,21 @@ void cmCTestMultiProcessHandler::UpdateCostData()
+       if (line == "---") {
+         break;
+       }
+-      std::vector<std::string> parts = cmSystemTools::SplitString(line, ' ');
+       // Format: <name> <previous_runs> <avg_cost>
+-      if (parts.size() < 3) {
++      cm::optional<CostEntry> entry = splitCostLine(line);
++      if (!entry) {
+         break;
+       }
+ 
+-      std::string name = parts[0];
+-      int prev = atoi(parts[1].c_str());
+-      float cost = static_cast<float>(atof(parts[2].c_str()));
+-
+-      int index = this->SearchByName(name);
++      int index = this->SearchByName(entry->name);
+       if (index == -1) {
+         // This test is not in memory. We just rewrite the entry
+-        fout << name << " " << prev << " " << cost << "\n";
++        fout << entry->name << " " << entry->prevRuns << " " << entry->cost
++             << "\n";
+       } else {
+         // Update with our new average cost
+-        fout << name << " " << this->Properties[index]->PreviousRuns << " "
+-             << this->Properties[index]->Cost << "\n";
++        fout << entry->name << " " << this->Properties[index]->PreviousRuns
++             << " " << this->Properties[index]->Cost << "\n";
+         temp.erase(index);
+       }
+     }
+@@ -744,28 +787,25 @@ void cmCTestMultiProcessHandler::ReadCostData()
+         break;
+       }
+ 
+-      std::vector<std::string> parts = cmSystemTools::SplitString(line, ' ');
++      // Format: <name> <previous_runs> <avg_cost>
++      cm::optional<CostEntry> entry = splitCostLine(line);
+ 
+       // Probably an older version of the file, will be fixed next run
+-      if (parts.size() < 3) {
++      if (!entry) {
+         fin.close();
+         return;
+       }
+ 
+-      std::string name = parts[0];
+-      int prev = atoi(parts[1].c_str());
+-      float cost = static_cast<float>(atof(parts[2].c_str()));
+-
+-      int index = this->SearchByName(name);
++      int index = this->SearchByName(entry->name);
+       if (index == -1) {
+         continue;
+       }
+ 
+-      this->Properties[index]->PreviousRuns = prev;
++      this->Properties[index]->PreviousRuns = entry->prevRuns;
+       // When not running in parallel mode, don't use cost data
+       if (this->ParallelLevel > 1 && this->Properties[index] &&
+           this->Properties[index]->Cost == 0) {
+-        this->Properties[index]->Cost = cost;
++        this->Properties[index]->Cost = entry->cost;
+       }
+     }
+     // Next part of the file is the failed tests
+@@ -778,7 +818,7 @@ void cmCTestMultiProcessHandler::ReadCostData()
+   }
+ }
+ 
+-int cmCTestMultiProcessHandler::SearchByName(std::string const& name)
++int cmCTestMultiProcessHandler::SearchByName(cm::string_view name)
+ {
+   int index = -1;
+ 
+diff --git a/Source/CTest/cmCTestMultiProcessHandler.h b/Source/CTest/cmCTestMultiProcessHandler.h
+index 5de42f9e3209f4b7f0e856afc458e8b4a35d87b7..11e995d9e06ba9fdb0e086dc3e5e4175f8158cd0 100644
+--- a/Source/CTest/cmCTestMultiProcessHandler.h
++++ b/Source/CTest/cmCTestMultiProcessHandler.h
+@@ -10,6 +10,7 @@
+ #include <string>
+ #include <vector>
+ 
++#include <cm/string_view>
+ #include <cm3p/uv.h>
+ #include <stddef.h>
+ 
+@@ -111,7 +112,7 @@ protected:
+   void UpdateCostData();
+   void ReadCostData();
+   // Return index of a test based on its name
+-  int SearchByName(std::string const& name);
++  int SearchByName(cm::string_view name);
+ 
+   void CreateTestCostList();
+ 
+diff --git a/Tests/CTestTestScheduler/CMakeLists.txt b/Tests/CTestTestScheduler/CMakeLists.txt
+index a3f0f27cdcb901bb309bb6cb6cd9307ce1ba20a2..daf6ce2b23d8c048334ae1047759130b246dccef 100644
+--- a/Tests/CTestTestScheduler/CMakeLists.txt
++++ b/Tests/CTestTestScheduler/CMakeLists.txt
+@@ -1,9 +1,9 @@
+-cmake_minimum_required (VERSION 2.8.12)
++cmake_minimum_required(VERSION 3.19)
+ project (CTestTestScheduler)
+ include (CTest)
+ 
+ add_executable (Sleep sleep.c)
+ 
+ foreach (time RANGE 1 4)
+-  add_test (TestSleep${time} Sleep ${time})
++  add_test ("TestSleep ${time}" Sleep ${time})
+ endforeach ()
diff --git a/meta/recipes-devtools/cmake/cmake_3.22.3.bb b/meta/recipes-devtools/cmake/cmake_3.22.3.bb
index 752c37ba7d..04a0f0e793 100644
--- a/meta/recipes-devtools/cmake/cmake_3.22.3.bb
+++ b/meta/recipes-devtools/cmake/cmake_3.22.3.bb
@@ -10,6 +10,7 @@ SRC_URI:append:class-nativesdk = " \
     file://cmake-setup.py \
     file://environment.d-cmake.sh \
     file://0001-CMakeDetermineSystem-use-oe-environment-vars-to-load.patch \
+    file://0001-ctest-Allow-arbitrary-characters-in-test-names-of-CT.patch \
 "
 
 LICENSE:append = " & BSD-1-Clause & MIT"