From patchwork Tue Jul 15 20:36:02 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 66907
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 4E02CC83F34
	for <webhook@archiver.kernel.org>; Tue, 15 Jul 2025 20:36:40 +0000 (UTC)
Received: from mail-pl1-f177.google.com (mail-pl1-f177.google.com
 [209.85.214.177])
 by mx.groups.io with SMTP id smtpd.web10.5489.1752611786346301956
 for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:26 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=FNVaKKRW;
 spf=softfail (domain: sakoman.com, ip: 209.85.214.177,
 mailfrom: steve@sakoman.com)
Received: by mail-pl1-f177.google.com with SMTP id
 d9443c01a7336-23dc5bcf49eso72634245ad.2
        for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1752611785;
 x=1753216585; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=tDeYio8MvAyXkPMkOXDROXhSV8W6yRqoVpUbpGH+xMA=;
        b=FNVaKKRWC5ZXBQe9fKfjhlTjIUFWLXAXMBSggg6YJdQegL13fRa6oyqR1k4Vf7/J/m
         19hahMx8JrE/1BuhTsKlNV/kFCW0GAHniQ1VuTENUXET5l5BVYXh4xCYLbtPZX3hUKhQ
         4vF5KwW79frEYb20u3DrOJFEWAJaQt2gZEsdnOvUkvxv0E8ZVJCr4P9eNJyq9RTqn7rZ
         YIpGQmzGtkKpDt/EeKaw8ADpyo8ZOR4WI37P0oo/HIbw8pzsV2FhzOD3e4N31uPXFEG+
         z4HY4veJ9eVPeHg0mpqQfG8xhCCx51gOkeVuWJdpZo+opIBhXpZA4i8gO0ZWa1947Gvi
         nL0w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752611785; x=1753216585;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=tDeYio8MvAyXkPMkOXDROXhSV8W6yRqoVpUbpGH+xMA=;
        b=wjhYl3E24vIhgcaReow7ClnR+CglYgOkb8c/vEBtxgRFUuJVhwdqH+oxLTxPb+SJpw
         UWtdjSyWSO9dxwpvxrGayrZTFxRqLtE6l3/a0jp1kJTvGMR0yYQPr++7i6cJoO9aGL1k
         dwAO33DQLgenIZQk3s6JzEiJjUcbWLR+3F0+gGdYkRR9BPNtIqqoN6Uu9HrMnv23im4O
         6xLT8yIoqKwK4fV3X7/oBeEsaxNtgPYlIy3jUReIbQEXQiljJbKVL8FPtVUdW5Ri3mHY
         3laHlUUnZUoDhhcm8sLRfpvknE1k6D5pqeq2UmryX5s/UhtgNDn2kTEdCz2pM2wEIZyD
         y+8g==
X-Gm-Message-State: AOJu0YxNNoniDUY5vmtGodCFyTftQpb3uRzPWyR6uU4KX8bhOcgdaZny
	Y6Raut/mQgUZzEO4P2O3Thx25S7i6WjNgfea6z9Sx/zvY9WEjir07POZsEa47RbbP2/GBNNt1WC
	Dm1SW
X-Gm-Gg: ASbGnct12fH50VycD3B5ckZNN+5UYu5kHHKazq6Fqc8V4W2Rb1u+Xjj2+gliX7OH/JU
	o0u7JYjH2bc1JE9CDY1djas7Qv3RcJO7kJbhXVmakPx9a7R0+kfkiSrei2leMSUP9owBfrZ7xJX
	K1KMA/PCSasabTUilOZzAT9y006+A6EKN1SMitnslBqzBuvCaptr2rS+yfHwX40mDvvghMLeq9J
	gNnVOoSw6pcY/DHLIMdLrro18L86i6shjY8vAId7jy2rHFxx7qxChV5qCmbdtyPI10MtX1EIsMR
	/yc8VNsEUkv8OgEAONUY4kGS0dUwPMb5Q/bZ9+bN01EygRBe7z2CBAv/hA57JbKvzViFa8q/tX1
	s980evUTVUBFuCw==
X-Google-Smtp-Source: 
 AGHT+IGIqepX65IKevSxdigBIM0uwDFBPt3aST0I2O9CyxA1tvKg7kK+6p23W/He5ZyZDP5mtgttgQ==
X-Received: by 2002:a17:903:3c6c:b0:236:8db5:7e50 with SMTP id
 d9443c01a7336-23e24ec0c69mr4885955ad.9.1752611785407;
        Tue, 15 Jul 2025 13:36:25 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:5c42:3781:50b6:b9d7])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-23de43637f2sm115585595ad.241.2025.07.15.13.36.24
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 15 Jul 2025 13:36:25 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 01/16] Revert "coreutils: fix CVE-2025-5278"
Date: Tue, 15 Jul 2025 13:36:02 -0700
Message-ID: 
 <19502d089cbbdbbed9f53b85e01d86117388d6bf.1752611671.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1752611671.git.steve@sakoman.com>
References: <cover.1752611671.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 15 Jul 2025 20:36:40 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/220410

Failing ptest with valgrind on target

This reverts commit 4e55668ef07d99d8c1141c2f4270f43f5b280159.
---
 .../coreutils/coreutils/CVE-2025-5278.patch   | 113 ------------------
 meta/recipes-core/coreutils/coreutils_9.0.bb  |   1 -
 2 files changed, 114 deletions(-)
 delete mode 100644 meta/recipes-core/coreutils/coreutils/CVE-2025-5278.patch

diff --git a/meta/recipes-core/coreutils/coreutils/CVE-2025-5278.patch b/meta/recipes-core/coreutils/coreutils/CVE-2025-5278.patch
deleted file mode 100644
index 34434a65fa..0000000000
--- a/meta/recipes-core/coreutils/coreutils/CVE-2025-5278.patch
+++ /dev/null
@@ -1,113 +0,0 @@
-From 84a061ea3d1fad42188493c4e5d8396aff4a0f67 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?P=C3=A1draig=20Brady?= <P@draigBrady.com>
-Date: Tue, 20 May 2025 16:03:44 +0100
-Subject: [PATCH] sort: fix buffer under-read (CWE-127)
-
-* src/sort.c (begfield): Check pointer adjustment
-to avoid Out-of-range pointer offset (CWE-823).
-(limfield): Likewise.
-* tests/sort/sort-field-limit.sh: Add a new test,
-which triggers with ASAN or Valgrind.
-* tests/local.mk: Reference the new test.
-* NEWS: Mention bug fix introduced in v7.2 (2009).
-Fixes https://bugs.gnu.org/78507
-
-CVE: CVE-2025-5278
-
-Upstream-Status: Backport [https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633]
-[Adjusted for 9.0 version]
-
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
----
- src/sort.c                     | 12 ++++++++++--
- tests/local.mk                 |  1 +
- tests/misc/sort-field-limit.sh | 35 ++++++++++++++++++++++++++++++++++
- 3 files changed, 46 insertions(+), 2 deletions(-)
- create mode 100755 tests/misc/sort-field-limit.sh
-
-diff --git a/src/sort.c b/src/sort.c
-index 5f4c817de..07b96d34b 100644
---- a/src/sort.c
-+++ b/src/sort.c
-@@ -1642,7 +1642,11 @@ begfield (struct line const *line, struct keyfield const *key)
-       ++ptr;
- 
-   /* Advance PTR by SCHAR (if possible), but no further than LIM.  */
--  ptr = MIN (lim, ptr + schar);
-+  size_t remaining_bytes = lim - ptr;
-+  if (schar < remaining_bytes)
-+    ptr += schar;
-+  else
-+    ptr = lim;
- 
-   return ptr;
- }
-@@ -1743,7 +1747,11 @@ limfield (struct line const *line, struct keyfield const *key)
-           ++ptr;
- 
-       /* Advance PTR by ECHAR (if possible), but no further than LIM.  */
--      ptr = MIN (lim, ptr + echar);
-+      size_t remaining_bytes = lim - ptr;
-+      if (echar < remaining_bytes)
-+        ptr += echar;
-+      else
-+        ptr = lim;
-     }
- 
-   return ptr;
-diff --git a/tests/local.mk b/tests/local.mk
-index 228d0e368..ced85c44c 100644
---- a/tests/local.mk
-+++ b/tests/local.mk
-@@ -373,6 +373,7 @@ all_tests =					\
-   tests/misc/sort-debug-keys.sh			\
-   tests/misc/sort-debug-warn.sh			\
-   tests/misc/sort-discrim.sh			\
-+  tests/misc/sort-field-limit.sh		\
-   tests/misc/sort-files0-from.pl		\
-   tests/misc/sort-float.sh			\
-   tests/misc/sort-h-thousands-sep.sh		\
-diff --git a/tests/misc/sort-field-limit.sh b/tests/misc/sort-field-limit.sh
-new file mode 100755
-index 000000000..52d8e1d17
---- /dev/null
-+++ b/tests/misc/sort-field-limit.sh
-@@ -0,0 +1,35 @@
-+#!/bin/sh
-+# From 7.2-9.7, this would trigger an out of bounds mem read
-+
-+# Copyright (C) 2025 Free Software Foundation, Inc.
-+
-+# This program is free software: you can redistribute it and/or modify
-+# it under the terms of the GNU General Public License as published by
-+# the Free Software Foundation, either version 3 of the License, or
-+# (at your option) any later version.
-+
-+# This program is distributed in the hope that it will be useful,
-+# but WITHOUT ANY WARRANTY; without even the implied warranty of
-+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-+# GNU General Public License for more details.
-+
-+# You should have received a copy of the GNU General Public License
-+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
-+
-+. "${srcdir=.}/tests/init.sh"; path_prepend_ ./src
-+print_ver_ sort
-+getlimits_
-+
-+# This issue triggers with valgrind or ASAN
-+valgrind --error-exitcode=1 sort --version 2>/dev/null &&
-+  VALGRIND='valgrind --error-exitcode=1'
-+
-+{ printf '%s\n' aa bb; } > in || framework_failure_
-+
-+_POSIX2_VERSION=200809 $VALGRIND sort +0.${SIZE_MAX}R in > out || fail=1
-+compare in out || fail=1
-+
-+_POSIX2_VERSION=200809 $VALGRIND sort +1 -1.${SIZE_MAX}R in > out || fail=1
-+compare in out || fail=1
-+
-+Exit $fail
--- 
-2.34.1
-
diff --git a/meta/recipes-core/coreutils/coreutils_9.0.bb b/meta/recipes-core/coreutils/coreutils_9.0.bb
index 7c975708f4..1cce9192ec 100644
--- a/meta/recipes-core/coreutils/coreutils_9.0.bb
+++ b/meta/recipes-core/coreutils/coreutils_9.0.bb
@@ -19,7 +19,6 @@ SRC_URI = "${GNU_MIRROR}/coreutils/${BP}.tar.xz \
            file://0001-uname-report-processor-and-hardware-correctly.patch \
            file://0001-local.mk-fix-cross-compiling-problem.patch \
            file://e8b56ebd536e82b15542a00c888109471936bfda.patch \
-           file://CVE-2025-5278.patch \
            file://run-ptest \
            file://0001-split-do-not-shrink-hold-buffer.patch \
            "

From patchwork Tue Jul 15 20:36:03 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 66902
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 33F30C83F2D
	for <webhook@archiver.kernel.org>; Tue, 15 Jul 2025 20:36:30 +0000 (UTC)
Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com
 [209.85.214.179])
 by mx.groups.io with SMTP id smtpd.web11.5339.1752611787882715313
 for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:27 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=egiOYn7p;
 spf=softfail (domain: sakoman.com, ip: 209.85.214.179,
 mailfrom: steve@sakoman.com)
Received: by mail-pl1-f179.google.com with SMTP id
 d9443c01a7336-2349f096605so75037325ad.3
        for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1752611787;
 x=1753216587; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=jE1lOu62qCDDMy9zGmUnVRWYmP2FbWv3cNBVk7R5ZWY=;
        b=egiOYn7pcfWgJrfAUd+MJPz2X+LNtAAbcdU/T8K4wqjpYTE2oix9ws7W4r22wUnerI
         MUCHl6+k0wOr3+Yvwp6aDEGv01j7yQHmJHyyOtGKnbNOczh0tOXK6O4605XoSQCvAOs9
         Z+wFDj12+y30V+BYl57l8p+qDT9uQBhupqUDZluLCCat4fSkEFk9D2CYeQKUb8d3QZMB
         t0Fh8wfZtXj3u/SlCxdzeySM6iX24PoYrptskvRS5DisHMRvLry16LB8ASAvA4OSnttl
         nbWzMt87LvPe8ey0qKf0Auxq5YRz0ia+tCm9ZUyBBq/AF4QHBETrcktKEJNu0ESIlJR4
         K8lQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752611787; x=1753216587;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=jE1lOu62qCDDMy9zGmUnVRWYmP2FbWv3cNBVk7R5ZWY=;
        b=Y6P4v7sUDdr47Kh9Re3Co07TekZymEFYCOgxbZwv2pgGM+ykSyQh/+Pjq2dNC5IxPS
         /hUSiRPEMf6oD70Tc3KyWIDvlR6IDm2z73GVLQs89L5Ba1iYtsHEuxyNj2CMY49xeVQ1
         Vtu9uXz2pHf0wFsabEIo3L3PyQ07mSryY656BGeULU9A2zbXVfijpp1y9wXXAEddZKRw
         gb/sd6dGG6AV3SswKjs9/yzyW6TySXDItHNRtj52Z8QdvPrGnJscREMyfVUS8svAmIDe
         Qpz5GOKTkSQtYH5t0pE123UDusVE2kMbtvdNQxwr4nE10MxSWkapYxBgM6lcBtjO2PJ+
         dpEQ==
X-Gm-Message-State: AOJu0Yy10iNjPIG2fBA5nUmRJoZHhzN8eu3mxhmZAPRUigpK0qegZ/9b
	f2iExwm1ZUD/zxOcz1p7wHYWf6ZJJ8UmC+IwgLyMzHweDczIngpPyZlxH3rZAcEvsYTIexFcDVj
	7oNB3
X-Gm-Gg: ASbGncuxvNp3uFk9cmH4tMhjLfM4d8IqTjKjACFnpCoJx7bYHHRp2hRzZMPtPI+pYX0
	ITCemhpREKYWyFjifn9IvaCL7sWe9JGQs3/Vkdye71n61yxzSHjrKw3C3yWM2jFmNQQy8zqa4VW
	NJDCyQXf+GVbHPthvW6lu3bXZoyYImqwLM8ZsXFDhQ2uFSD55tYg+pMQhHb+cmPsicBe3VIsi4Q
	NinKS9XSU2unB9C+5h/ySOczQihX58V1M6j0xYwBUB0ocN/DorZIqCQEPeT1I8k/fIs567JovP0
	p71J53ln+iPauaVVeHe33nKjjjz3d+CJiKsG8VKIZipR8M3gChUK2206F/nDpKNbSGTjtZ1AnEI
	lMyDVyuPLIK9rcg==
X-Google-Smtp-Source: 
 AGHT+IFpsqoFUSHoW0w8JkSMVsoGXQHZgrbKj66fdw6kQj0d++X0YeUhb6zQCctLvLieaO1P6j3LoQ==
X-Received: by 2002:a17:903:1b6c:b0:234:8ec1:4aea with SMTP id
 d9443c01a7336-23e2579eed1mr1550525ad.52.1752611787042;
        Tue, 15 Jul 2025 13:36:27 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:5c42:3781:50b6:b9d7])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-23de43637f2sm115585595ad.241.2025.07.15.13.36.26
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 15 Jul 2025 13:36:26 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 02/16] coreutils: fix CVE-2025-5278
Date: Tue, 15 Jul 2025 13:36:03 -0700
Message-ID: 
 <bb7dbb195b55d9aaa0180906843f5af2dcf7509f.1752611671.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1752611671.git.steve@sakoman.com>
References: <cover.1752611671.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 15 Jul 2025 20:36:30 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/220411

From: Chen Qi <Qi.Chen@windriver.com>

Backport patch to fix CVE-2025-5278.
The patch is adjusted to fit 9.0 version. And the test case is
also adjusted to avoid using valgrind. valgrind in kirkstone is
reporting errors for coreutils' sort utility with/without this patch.
To avoid ptest failure, we disable valgrind explicitly.

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../coreutils/coreutils/CVE-2025-5278.patch   | 113 ++++++++++++++++++
 meta/recipes-core/coreutils/coreutils_9.0.bb  |   1 +
 2 files changed, 114 insertions(+)
 create mode 100644 meta/recipes-core/coreutils/coreutils/CVE-2025-5278.patch

diff --git a/meta/recipes-core/coreutils/coreutils/CVE-2025-5278.patch b/meta/recipes-core/coreutils/coreutils/CVE-2025-5278.patch
new file mode 100644
index 0000000000..2f262ea0b5
--- /dev/null
+++ b/meta/recipes-core/coreutils/coreutils/CVE-2025-5278.patch
@@ -0,0 +1,113 @@
+From ed9ae6a4a02d322378739a895ae2090ca2bf6cdc Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?P=C3=A1draig=20Brady?= <P@draigBrady.com>
+Date: Tue, 20 May 2025 16:03:44 +0100
+Subject: [PATCH] sort: fix buffer under-read (CWE-127)
+
+* src/sort.c (begfield): Check pointer adjustment
+to avoid Out-of-range pointer offset (CWE-823).
+(limfield): Likewise.
+* tests/sort/sort-field-limit.sh: Add a new test,
+which triggers with ASAN or Valgrind.
+* tests/local.mk: Reference the new test.
+* NEWS: Mention bug fix introduced in v7.2 (2009).
+Fixes https://bugs.gnu.org/78507
+
+CVE: CVE-2025-5278
+
+Upstream-Status: Backport [https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633]
+[Adjusted for 9.0 version and adjusted test case to not use valgrind.]
+
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ src/sort.c                     | 12 ++++++++++--
+ tests/local.mk                 |  1 +
+ tests/misc/sort-field-limit.sh | 35 ++++++++++++++++++++++++++++++++++
+ 3 files changed, 46 insertions(+), 2 deletions(-)
+ create mode 100755 tests/misc/sort-field-limit.sh
+
+diff --git a/src/sort.c b/src/sort.c
+index 5f4c817de..07b96d34b 100644
+--- a/src/sort.c
++++ b/src/sort.c
+@@ -1642,7 +1642,11 @@ begfield (struct line const *line, struct keyfield const *key)
+       ++ptr;
+ 
+   /* Advance PTR by SCHAR (if possible), but no further than LIM.  */
+-  ptr = MIN (lim, ptr + schar);
++  size_t remaining_bytes = lim - ptr;
++  if (schar < remaining_bytes)
++    ptr += schar;
++  else
++    ptr = lim;
+ 
+   return ptr;
+ }
+@@ -1743,7 +1747,11 @@ limfield (struct line const *line, struct keyfield const *key)
+           ++ptr;
+ 
+       /* Advance PTR by ECHAR (if possible), but no further than LIM.  */
+-      ptr = MIN (lim, ptr + echar);
++      size_t remaining_bytes = lim - ptr;
++      if (echar < remaining_bytes)
++        ptr += echar;
++      else
++        ptr = lim;
+     }
+ 
+   return ptr;
+diff --git a/tests/local.mk b/tests/local.mk
+index 228d0e368..ced85c44c 100644
+--- a/tests/local.mk
++++ b/tests/local.mk
+@@ -373,6 +373,7 @@ all_tests =					\
+   tests/misc/sort-debug-keys.sh			\
+   tests/misc/sort-debug-warn.sh			\
+   tests/misc/sort-discrim.sh			\
++  tests/misc/sort-field-limit.sh		\
+   tests/misc/sort-files0-from.pl		\
+   tests/misc/sort-float.sh			\
+   tests/misc/sort-h-thousands-sep.sh		\
+diff --git a/tests/misc/sort-field-limit.sh b/tests/misc/sort-field-limit.sh
+new file mode 100755
+index 000000000..dc5b4c964
+--- /dev/null
++++ b/tests/misc/sort-field-limit.sh
+@@ -0,0 +1,35 @@
++#!/bin/sh
++# From 7.2-9.7, this would trigger an out of bounds mem read
++
++# Copyright (C) 2025 Free Software Foundation, Inc.
++
++# This program is free software: you can redistribute it and/or modify
++# it under the terms of the GNU General Public License as published by
++# the Free Software Foundation, either version 3 of the License, or
++# (at your option) any later version.
++
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU General Public License for more details.
++
++# You should have received a copy of the GNU General Public License
++# along with this program.  If not, see <https://www.gnu.org/licenses/>.
++
++. "${srcdir=.}/tests/init.sh"; path_prepend_ ./src
++print_ver_ sort
++getlimits_
++
++# This issue triggers with valgrind or ASAN
++valgrind --error-exitcode=1 sort --version 2>/dev/null &&
++  VALGRIND='valgrind --error-exitcode=1'
++
++{ printf '%s\n' aa bb; } > in || framework_failure_
++
++_POSIX2_VERSION=200809 sort +0.${SIZE_MAX}R in > out || fail=1
++compare in out || fail=1
++
++_POSIX2_VERSION=200809 sort +1 -1.${SIZE_MAX}R in > out || fail=1
++compare in out || fail=1
++
++Exit $fail
+-- 
+2.34.1
+
diff --git a/meta/recipes-core/coreutils/coreutils_9.0.bb b/meta/recipes-core/coreutils/coreutils_9.0.bb
index 1cce9192ec..7c975708f4 100644
--- a/meta/recipes-core/coreutils/coreutils_9.0.bb
+++ b/meta/recipes-core/coreutils/coreutils_9.0.bb
@@ -19,6 +19,7 @@ SRC_URI = "${GNU_MIRROR}/coreutils/${BP}.tar.xz \
            file://0001-uname-report-processor-and-hardware-correctly.patch \
            file://0001-local.mk-fix-cross-compiling-problem.patch \
            file://e8b56ebd536e82b15542a00c888109471936bfda.patch \
+           file://CVE-2025-5278.patch \
            file://run-ptest \
            file://0001-split-do-not-shrink-hold-buffer.patch \
            "

From patchwork Tue Jul 15 20:36:04 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 66905
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 4E204C83F36
	for <webhook@archiver.kernel.org>; Tue, 15 Jul 2025 20:36:40 +0000 (UTC)
Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com
 [209.85.214.172])
 by mx.groups.io with SMTP id smtpd.web10.5491.1752611789334688970
 for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:29 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=RAuySb9m;
 spf=softfail (domain: sakoman.com, ip: 209.85.214.172,
 mailfrom: steve@sakoman.com)
Received: by mail-pl1-f172.google.com with SMTP id
 d9443c01a7336-236377f00a1so56047875ad.3
        for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1752611788;
 x=1753216588; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=+aQ8Zzj121j91KpDyQAhFD2Tpjyr/R7yL+9KssQa+gA=;
        b=RAuySb9m0AzxnwjJuWnN8fIo52vkbQ6FXDq/MPs0uFLEhnodvlGYGHutWFW2ektg5p
         jyv3m6uDSntP1B/tNVS1f23P/1kny4aCwjMyhuiEXR5ijX9v33mOYi+9GnjHsLoEEmFJ
         IKyj6GxWnFvoXpWHUCPguvUY5Arunb4a+sJ0fKb9tzmAsKX633gQG6HntVQYWdrMSCwK
         42+zf0BwcG0cnP81q/2uUuA5d2uCP6kRX85fYZ602gmF0OxnrkvJULk9QNullqcB5LLl
         b8sR1vgiUrNLmRmtPxXBPYT7NjuniqGBIm4DxVUq3ftJfVDxFjc5nBMs4iERzr2Rrv7j
         eqPQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752611788; x=1753216588;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=+aQ8Zzj121j91KpDyQAhFD2Tpjyr/R7yL+9KssQa+gA=;
        b=UUVU76EAekpBoXfjE2ic0osGTwqUU5Zkrw2SUNPuOWZQAekx7JwQHW8gB4a2CLXeAk
         BaPDiiYRcu5RWJ42sdHqiqrvsKWLgDRMIKrrfntWGxhmfT4EY/7gCoC3i60d2YKdSNDs
         sLCrmIOrKIZRvpI5OY8zUN3p/WOrMrVvpF2IodaePwZVFDHBWpdwvoLxwquCXwbhD2n4
         TTQgsC6ZfXFMawERp+zyD59hK5JJE8YJgouxTme4Z+xiCHC5u925nJOC4+n9nGpF2Q3W
         XnuuK0qtpsRK6nq4Fz7WSHHHyqbAFEfRxDjSWyEd6hl87n6WEP+U/yjqS02UolUYPdm9
         QibA==
X-Gm-Message-State: AOJu0Ywfk4V4sCuvtF/Oba6CVIFurZbtQMe2bvti9YfHzHWXpA43WT3k
	S00v/ejTQpqxxTBBrUYyc59s3oto1y6xRogKi7mmtkylQf40Y5bgIydEziyjDyhUkA5kCzLMA7i
	58yt6
X-Gm-Gg: ASbGncva55aJHXgBsJtuQXVtXfxPdJIy4g+ppWJzxg4bCd/inQU3E6B9qbu20ELVgwL
	A3YRHwPLyOU1hikofmO5MiKbbBqVofDydjZiiH0/+0ZpC9qJ4d80aihJmGpa1hEP5FHBa/Hr1XV
	lh870n6AAdTNRgZ+Dhbg4TGIbZpqx4zq6KXp4xSKIem/uuMB71W0cvOTb/odWwGjQbLyVX9FTQy
	z7OdjzTu/QVlebkTelDw+CJtH7/C3XMD7W1DNGB4L/iPwhRu80UIEUFYIE9P5I6xJFYDdkHcfnc
	WfvUAHyZLMctUNKtJzB1UtUQR5NTQeUB/3TMT41NYYRZE5Fu2XYWVLOf07TGkvgjXUB6Mv237zr
	S7Yg6fE33Ec+llg==
X-Google-Smtp-Source: 
 AGHT+IEdQnBfJxlj9SFNWZM2Y8/0/MYzR4BEqodVnHq9YZKi/+tVKxIc8e/4W7dpfGo0sODoXLnYaA==
X-Received: by 2002:a17:903:2b0f:b0:234:f580:9f5 with SMTP id
 d9443c01a7336-23e24ec73cfmr4557245ad.9.1752611788462;
        Tue, 15 Jul 2025 13:36:28 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:5c42:3781:50b6:b9d7])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-23de43637f2sm115585595ad.241.2025.07.15.13.36.27
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 15 Jul 2025 13:36:28 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 03/16] libxml2: fix CVE-2025-49794 &
 CVE-2025-49796
Date: Tue, 15 Jul 2025 13:36:04 -0700
Message-ID: 
 <691b74a5d019752428adc81b114fb4458ece1ebe.1752611671.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1752611671.git.steve@sakoman.com>
References: <cover.1752611671.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 15 Jul 2025 20:36:40 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/220412

From: Hitendra Prajapati <hprajapati@mvista.com>

Upstream-Status: Backport from https://gitlab.gnome.org/GNOME/libxml2/-/commit/71e1e8af5ee46dad1b57bb96cfbf1c3ad21fbd7b

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../CVE-2025-49794-CVE-2025-49796.patch       | 181 ++++++++++++++++++
 meta/recipes-core/libxml/libxml2_2.9.14.bb    |   1 +
 2 files changed, 182 insertions(+)
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2025-49794-CVE-2025-49796.patch

diff --git a/meta/recipes-core/libxml/libxml2/CVE-2025-49794-CVE-2025-49796.patch b/meta/recipes-core/libxml/libxml2/CVE-2025-49794-CVE-2025-49796.patch
new file mode 100644
index 0000000000..3ec8b4173f
--- /dev/null
+++ b/meta/recipes-core/libxml/libxml2/CVE-2025-49794-CVE-2025-49796.patch
@@ -0,0 +1,181 @@
+From 71e1e8af5ee46dad1b57bb96cfbf1c3ad21fbd7b Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Fri, 4 Jul 2025 14:28:26 +0200
+Subject: [PATCH] schematron: Fix memory safety issues in
+ xmlSchematronReportOutput
+
+Fix use-after-free (CVE-2025-49794) and type confusion (CVE-2025-49796)
+in xmlSchematronReportOutput.
+
+Fixes #931.
+Fixes #933.
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/71e1e8af5ee46dad1b57bb96cfbf1c3ad21fbd7b]
+CVE: CVE-2025-49794 CVE-2025-49796
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ result/schematron/cve-2025-49794_0.err |  2 ++
+ result/schematron/cve-2025-49796_0.err |  2 ++
+ schematron.c                           | 37 +++++++++++++++-----------
+ test/schematron/cve-2025-49794.sct     | 10 +++++++
+ test/schematron/cve-2025-49794_0.xml   |  6 +++++
+ test/schematron/cve-2025-49796.sct     |  9 +++++++
+ test/schematron/cve-2025-49796_0.xml   |  3 +++
+ 7 files changed, 53 insertions(+), 16 deletions(-)
+ create mode 100644 result/schematron/cve-2025-49794_0.err
+ create mode 100644 result/schematron/cve-2025-49796_0.err
+ create mode 100644 test/schematron/cve-2025-49794.sct
+ create mode 100644 test/schematron/cve-2025-49794_0.xml
+ create mode 100644 test/schematron/cve-2025-49796.sct
+ create mode 100644 test/schematron/cve-2025-49796_0.xml
+
+diff --git a/result/schematron/cve-2025-49794_0.err b/result/schematron/cve-2025-49794_0.err
+new file mode 100644
+index 0000000..5775231
+--- /dev/null
++++ b/result/schematron/cve-2025-49794_0.err
+@@ -0,0 +1,2 @@
++./test/schematron/cve-2025-49794_0.xml:2: element boo0: schematron error : /librar0/boo0 line 2:  
++./test/schematron/cve-2025-49794_0.xml fails to validate
+diff --git a/result/schematron/cve-2025-49796_0.err b/result/schematron/cve-2025-49796_0.err
+new file mode 100644
+index 0000000..bf875ee
+--- /dev/null
++++ b/result/schematron/cve-2025-49796_0.err
+@@ -0,0 +1,2 @@
++./test/schematron/cve-2025-49796_0.xml:2: element boo0: schematron error : /librar0/boo0 line 2:  
++./test/schematron/cve-2025-49796_0.xml fails to validate
+diff --git a/schematron.c b/schematron.c
+index ddbb069..5ebca64 100644
+--- a/schematron.c
++++ b/schematron.c
+@@ -1239,27 +1239,16 @@ exit:
+  *									*
+  ************************************************************************/
+ 
+-static xmlNodePtr
++static xmlXPathObjectPtr
+ xmlSchematronGetNode(xmlSchematronValidCtxtPtr ctxt,
+                      xmlNodePtr cur, const xmlChar *xpath) {
+-    xmlNodePtr node = NULL;
+-    xmlXPathObjectPtr ret;
+ 
+     if ((ctxt == NULL) || (cur == NULL) || (xpath == NULL))
+         return(NULL);
+ 
+     ctxt->xctxt->doc = cur->doc;
+     ctxt->xctxt->node = cur;
+-    ret = xmlXPathEval(xpath, ctxt->xctxt);
+-    if (ret == NULL)
+-        return(NULL);
+-
+-    if ((ret->type == XPATH_NODESET) &&
+-        (ret->nodesetval != NULL) && (ret->nodesetval->nodeNr > 0))
+-	node = ret->nodesetval->nodeTab[0];
+-
+-    xmlXPathFreeObject(ret);
+-    return(node);
++    return(xmlXPathEval(xpath, ctxt->xctxt));
+ }
+ 
+ /**
+@@ -1304,18 +1293,26 @@ xmlSchematronFormatReport(xmlSchematronValidCtxtPtr ctxt,
+ 	    (child->type == XML_CDATA_SECTION_NODE))
+ 	    ret = xmlStrcat(ret, child->content);
+ 	else if (IS_SCHEMATRON(child, "name")) {
++            xmlXPathObject *obj = NULL;
+ 	    xmlChar *path;
+ 
+ 	    path = xmlGetNoNsProp(child, BAD_CAST "path");
+ 
+             node = cur;
+ 	    if (path != NULL) {
+-	        node = xmlSchematronGetNode(ctxt, cur, path);
+-		if (node == NULL)
+-		    node = cur;
++                obj = xmlSchematronGetNode(ctxt, cur, path);
++                if ((obj != NULL) &&
++                    (obj->type == XPATH_NODESET) &&
++                    (obj->nodesetval != NULL) &&
++                    (obj->nodesetval->nodeNr > 0))
++                    node = obj->nodesetval->nodeTab[0];
+ 		xmlFree(path);
+ 	    }
+ 
++	     switch (node->type) {
++                case XML_ELEMENT_NODE:
++                case XML_ATTRIBUTE_NODE:
++
+ 	    if ((node->ns == NULL) || (node->ns->prefix == NULL))
+ 	        ret = xmlStrcat(ret, node->name);
+ 	    else {
+@@ -1323,6 +1320,14 @@ xmlSchematronFormatReport(xmlSchematronValidCtxtPtr ctxt,
+ 	        ret = xmlStrcat(ret, BAD_CAST ":");
+ 	        ret = xmlStrcat(ret, node->name);
+ 	    }
++	    break;
++
++		/* TODO: handle other node types */
++		default:
++	    break;
++            }
++
++            xmlXPathFreeObject(obj);
+ 	} else {
+ 	    child = child->next;
+ 	    continue;
+diff --git a/test/schematron/cve-2025-49794.sct b/test/schematron/cve-2025-49794.sct
+new file mode 100644
+index 0000000..7fc9ee3
+--- /dev/null
++++ b/test/schematron/cve-2025-49794.sct
+@@ -0,0 +1,10 @@
++<sch:schema xmlns:sch="http://purl.oclc.org/dsdl/schematron">
++    <sch:pattern id="">
++        <sch:rule context="boo0">
++            <sch:report test="not(0)">
++                <sch:name path="&#9;e|namespace::*|e"/>
++            </sch:report>
++            <sch:report test="0"></sch:report>
++        </sch:rule>
++    </sch:pattern>
++</sch:schema>
+diff --git a/test/schematron/cve-2025-49794_0.xml b/test/schematron/cve-2025-49794_0.xml
+new file mode 100644
+index 0000000..debc64b
+--- /dev/null
++++ b/test/schematron/cve-2025-49794_0.xml
+@@ -0,0 +1,6 @@
++<librar0>
++    <boo0 t="">
++        <author></author>
++    </boo0>
++    <ins></ins>
++</librar0>
+diff --git a/test/schematron/cve-2025-49796.sct b/test/schematron/cve-2025-49796.sct
+new file mode 100644
+index 0000000..e9702d7
+--- /dev/null
++++ b/test/schematron/cve-2025-49796.sct
+@@ -0,0 +1,9 @@
++<sch:schema xmlns:sch="http://purl.oclc.org/dsdl/schematron">
++    <sch:pattern id="">
++        <sch:rule context="boo0">
++            <sch:report test="not(0)">
++                <sch:name path="/"/>
++            </sch:report>
++        </sch:rule>
++    </sch:pattern>
++</sch:schema>
+diff --git a/test/schematron/cve-2025-49796_0.xml b/test/schematron/cve-2025-49796_0.xml
+new file mode 100644
+index 0000000..be33c4e
+--- /dev/null
++++ b/test/schematron/cve-2025-49796_0.xml
+@@ -0,0 +1,3 @@
++<librar0>
++    <boo0/>
++</librar0>
+-- 
+2.49.0
+
diff --git a/meta/recipes-core/libxml/libxml2_2.9.14.bb b/meta/recipes-core/libxml/libxml2_2.9.14.bb
index 45424e59ff..baac155270 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.14.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9.14.bb
@@ -40,6 +40,7 @@ SRC_URI += "http://www.w3.org/XML/Test/xmlts20080827.tar;subdir=${BP};name=testt
            file://CVE-2025-32414.patch \
            file://CVE-2025-32415.patch \
            file://CVE-2025-6021.patch \
+           file://CVE-2025-49794-CVE-2025-49796.patch \
            "
 
 SRC_URI[archive.sha256sum] = "60d74a257d1ccec0475e749cba2f21559e48139efba6ff28224357c7c798dfee"

From patchwork Tue Jul 15 20:36:05 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 66908
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 56932C83F35
	for <webhook@archiver.kernel.org>; Tue, 15 Jul 2025 20:36:40 +0000 (UTC)
Received: from mail-pg1-f181.google.com (mail-pg1-f181.google.com
 [209.85.215.181])
 by mx.groups.io with SMTP id smtpd.web10.5492.1752611790607976793
 for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:30 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=IQO9R6zk;
 spf=softfail (domain: sakoman.com, ip: 209.85.215.181,
 mailfrom: steve@sakoman.com)
Received: by mail-pg1-f181.google.com with SMTP id
 41be03b00d2f7-b3226307787so4772900a12.1
        for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1752611790;
 x=1753216590; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=LFLzPJ8EtDyma4sXBu7x6Lc4LbWvkugj/cBI2KdhL1w=;
        b=IQO9R6zk41LgIykxvERA5GFfbpSm4IteVscTXeaIZY3ZqjHf+gizTT1A0/15RUc5o/
         IxuKqVsU/uMcFD1wbLg5ruAO5XU0+Ku5/0Af1dhyGkfP/oX+PfxLeUCzxLzw7BYtoSVR
         OrHWv0i9ylw788+xB890N39+2HBAOTH/YGvWB8btT0Ad8PgMU8nWMzKUOgv0gSAQ2Rxw
         UdwGzRpQ07VXY20vtxPTGL+GkWEA6ukfG/Uv4Bi+Be5bypfSMe5xDn8AMKpmLaHmrUwi
         NA9JnAl6uCTTFv2iAn+4xlATrVxbUm7HFEufiypPTbeqzvLJjZCl+vv+rDzvJ3OxXrAD
         3sBg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752611790; x=1753216590;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=LFLzPJ8EtDyma4sXBu7x6Lc4LbWvkugj/cBI2KdhL1w=;
        b=xC8opfqAaNRz4hcMynWbl9IW3xhCk4bTofaEH3IejqpIZ33BqD17qb431JN3yuDKpI
         i1AAIbCM5AHUGAfPJk1Lh1nZVL726iJim5kBs0k6585EmMfNcfNdXQAQrjEqXhYZKpBC
         GVVcoNb/Bpq1lhP2Nk1m6diFuAKYN54OHr3VXQGeYLhPHHSPsUo5F2mx3bDxUv/vtwov
         hazKJHNQiL2+KUGO6zBn4+twT4LGZDdIhBgryvyOl53OGzGqDckI7hI6Z1FjYyTTv4/P
         bgiB6maYhIDBZQevq2nZuMUC5/A2R8dD6ARJdWgqIAeLcnhZxsyLxnZ8Kmfupd4zzDYT
         WGVw==
X-Gm-Message-State: AOJu0Yy4YM3WsMUQeSzYvK3bapf/qObkelwGustKz8rM/7ay49epSnYf
	9eFutNXd7NLwpWT/FfrS6JJf8DzPAWwFcQSi3OFoEl8kU3Zpf4QA8dp0qcRwlcwCfgd536FV/NG
	yokxe
X-Gm-Gg: ASbGncsWwptheArEoU2xp12Jn6JXIn2vK3OmAtQojIL4pE0Ae93wk7OYOga0FlzxuIK
	cXUmXOs19W+Gzv7xe1WWoVeEUgTWmwf6WpGTKQ+1qnxBmArOXZ7b9scChca32CTsSHFXlM5cdQD
	SXJgPskrb8QA7k1PzGYil5fIn863uTdPH2AtVmCJW6/CQ14jbrAf6R9p1B5gKqhE5vkvzAWioSr
	OkqvfsBDhGVrqn/9j8X1Cy5Cd1dAoYlhsFEP2ZvBqPJSk7Y3SWLeZewdarkwmJ+/T5srU4KLVs2
	vRIBmFC1rsYvn2/ueICSQLoNE0cahIQt6YyQDVCKQu4bbmrwQnuG3s5Hyai9smBAB10LmEc2p+7
	EL2FJWU5jQZWbAg==
X-Google-Smtp-Source: 
 AGHT+IHZHCgiZEtiTO45zREqtHQj3hAr9RKUNGTB6+Z2H3QUAFzpHmTpxIqvfI2I3AWAe2+6gVWN/g==
X-Received: by 2002:a17:90b:2683:b0:31c:913e:b121 with SMTP id
 98e67ed59e1d1-31c9f4c477emr12745a91.19.1752611789821;
        Tue, 15 Jul 2025 13:36:29 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:5c42:3781:50b6:b9d7])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-23de43637f2sm115585595ad.241.2025.07.15.13.36.29
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 15 Jul 2025 13:36:29 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 04/16] python3: update CVE product
Date: Tue, 15 Jul 2025 13:36:05 -0700
Message-ID: 
 <06f615e6939a22bc8f12b30d8dea582ab3ccebe6.1752611671.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1752611671.git.steve@sakoman.com>
References: <cover.1752611671.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 15 Jul 2025 20:36:40 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/220413

From: Peter Marko <peter.marko@siemens.com>

There are two "new" CVEs reported for python3, their CPEs are:
* CVE-2020-1171: cpe:2.3:a:microsoft:python:*:*:*:*:*:visual_studio_code:*:* (< 2020.5.0)
* CVE-2020-1192: cpe:2.3:a:microsoft:python:*:*:*:*:*:visual_studio_code:*:* (< 2020.5.0)
These are for "Visual Studio Code Python extension".

Solve this by addding CVE vendor to python CVE product to avoid
confusion with Microsoft as vendor.

Examining CVE DB for historical python entries shows:
sqlite> select vendor, product, count(*) from products where product = 'python' or product = 'cpython'
   ...> or product like 'python%3' group by vendor, product;
microsoft|python|2
python|python|1054
python_software_foundation|python|2

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/python/python3_3.10.18.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-devtools/python/python3_3.10.18.bb b/meta/recipes-devtools/python/python3_3.10.18.bb
index 0b57a0ebee..875b52cde9 100644
--- a/meta/recipes-devtools/python/python3_3.10.18.bb
+++ b/meta/recipes-devtools/python/python3_3.10.18.bb
@@ -51,7 +51,7 @@ SRC_URI[sha256sum] = "ae665bc678abd9ab6a6e1573d2481625a53719bc517e9a634ed2b9fefa
 UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"
 UPSTREAM_CHECK_URI = "https://www.python.org/downloads/source/"
 
-CVE_PRODUCT = "python"
+CVE_PRODUCT = "python:python python_software_foundation:python"
 
 # Upstream consider this expected behaviour
 CVE_CHECK_IGNORE += "CVE-2007-4559"

From patchwork Tue Jul 15 20:36:06 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 66904
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 30A5AC83F2D
	for <webhook@archiver.kernel.org>; Tue, 15 Jul 2025 20:36:40 +0000 (UTC)
Received: from mail-pl1-f174.google.com (mail-pl1-f174.google.com
 [209.85.214.174])
 by mx.groups.io with SMTP id smtpd.web11.5340.1752611791941985720
 for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:31 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=nLRlXqBr;
 spf=softfail (domain: sakoman.com, ip: 209.85.214.174,
 mailfrom: steve@sakoman.com)
Received: by mail-pl1-f174.google.com with SMTP id
 d9443c01a7336-23508d30142so62545405ad.0
        for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1752611791;
 x=1753216591; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=nR6b15jfYo5E0aOMA/e+d7CfC6WB4fzDB0fFYHCK+n4=;
        b=nLRlXqBr1lXoBandq03jcRbYGnlqHhp2v7vzxSwGlwxpuK7mTAiQGlQpV0lPr0j/Mx
         31lANBACXZZXc9ysnI8lUdcXkeb+MJGbjNGiPCepfCD5oiehnEn2Q6MCflGAtxJrkuLG
         uJ6aqJz1nMTWvTTupA9OaPe1gtzEs8IMYNEDWH8y6HSLuGCE4hbzA00QjpT8vU9t2KR2
         OLtf4e7bGF2BpNJH0i7Q4DrNEaI1OIZRjzRdYgcEELD5Ix4PFcJYbbOpjQiFIOSTjaFx
         HhiD5aL+5d2vFhlZZVWWpwDFU0SoUiE38IDU9W4BnBQy94szAMvtK3EZxPn29iFUHyN6
         vWXA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752611791; x=1753216591;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=nR6b15jfYo5E0aOMA/e+d7CfC6WB4fzDB0fFYHCK+n4=;
        b=RmK1+HA5hPJu60hHp5XMiRNtEsbDUshtsDbshDqbS+ZpoDfJg3uBDmC5pwASinZNKB
         RiuqOdEAt87uYFb8veGa+FnlTmlnSIKPKGZ/xOawQQhpbJ5ooRjHlF87fAoLYXP+OHcy
         UvlA66Hbr3s/cC4V+RPj4FZdnrKbkaRFxTCzV8wnVC/MfpEVcHQO+kxWH3Vy/OPY2O5g
         aBg8blZlMUPa4n0bTLxt13XECBAMc2NalzlnONDlHKJMC4R8WBVP2lwXgXBv3vr9rRXL
         xpF1dh37h6YiskPHvbmHbvUIflg2+RyIJVuE9kHBNx476Q4l2N7jhJaWemDiqWB7VO+C
         s6eA==
X-Gm-Message-State: AOJu0YxODBQULpk1uc1yX85OLm/Qt02u2+YEnMTylu5/H75Cu26yTL5O
	EOEosZ7AFKq/PWv/6WFsc1qeTMfrffLTZiIwSp+wl/KhTPVgWTxL41gQV0I3H3h/05YoxjXSCAC
	HnqaE
X-Gm-Gg: ASbGncsW3kA+8ffQL/7zHHwKQfAEvGgLqCcL15Nevs9m3jFWZafy+17O1XVOHUCvjQF
	rEoVUuCUzy0wmbwC/udITj9zmcWXCV1w1uvigPKIeq1quEar/d5iRdYiw0yG4JMYdepTSnPxdmm
	3ZrCYtUWXqznoEFaXC44gPLEC1ZJQxTcIOM2ad51nOpkDksCy3xiIwpOzzIMurQxmuvlLDEFcvb
	MABhWbosFdGpz5oeWV89JnMxVARK6344RFrcfPZZJf8GQDdzjKFLeMc+HgUf8REAu9LVGwdzc1E
	rX82OYgfeITzbtdYMouB+7x1SBNFdISP49Rk/SIeJw9hC/n6AePh/JSXS79ss9g7+HQ1jbAx+U0
	mg943RsaC9rhPiA==
X-Google-Smtp-Source: 
 AGHT+IEJL718QTV6LnUKxOouZdCHGWju8YtH2oweHfGqg1arlKtlWxJx3LNn6Rma/GrbBObyCe8Ytg==
X-Received: by 2002:a17:903:2412:b0:237:7802:da30 with SMTP id
 d9443c01a7336-23e25729befmr2091555ad.31.1752611791154;
        Tue, 15 Jul 2025 13:36:31 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:5c42:3781:50b6:b9d7])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-23de43637f2sm115585595ad.241.2025.07.15.13.36.30
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 15 Jul 2025 13:36:30 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 05/16] openssl: upgrade 3.0.16 -> 3.0.17
Date: Tue, 15 Jul 2025 13:36:06 -0700
Message-ID: 
 <678f4f98f145c887a220b846babc9648ea6ff974.1752611671.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1752611671.git.steve@sakoman.com>
References: <cover.1752611671.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 15 Jul 2025 20:36:40 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/220414

From: Peter Marko <peter.marko@siemens.com>

Release information:
https://github.com/openssl/openssl/blob/openssl-3.0/NEWS.md#major-changes-between-openssl-3016-and-openssl-3017-1-jul-2025

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../openssl/{openssl_3.0.16.bb => openssl_3.0.17.bb}            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-connectivity/openssl/{openssl_3.0.16.bb => openssl_3.0.17.bb} (99%)

diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.16.bb b/meta/recipes-connectivity/openssl/openssl_3.0.17.bb
similarity index 99%
rename from meta/recipes-connectivity/openssl/openssl_3.0.16.bb
rename to meta/recipes-connectivity/openssl/openssl_3.0.17.bb
index a9fffd18ba..5bc8801b98 100644
--- a/meta/recipes-connectivity/openssl/openssl_3.0.16.bb
+++ b/meta/recipes-connectivity/openssl/openssl_3.0.17.bb
@@ -18,7 +18,7 @@ SRC_URI:append:class-nativesdk = " \
            file://environment.d-openssl.sh \
            "
 
-SRC_URI[sha256sum] = "57e03c50feab5d31b152af2b764f10379aecd8ee92f16c985983ce4a99f7ef86"
+SRC_URI[sha256sum] = "dfdd77e4ea1b57ff3a6dbde6b0bdc3f31db5ac99e7fdd4eaf9e1fbb6ec2db8ce"
 
 inherit lib_package multilib_header multilib_script ptest perlnative
 MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"

From patchwork Tue Jul 15 20:36:07 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 66903
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 30A1CC83F27
	for <webhook@archiver.kernel.org>; Tue, 15 Jul 2025 20:36:40 +0000 (UTC)
Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com
 [209.85.214.169])
 by mx.groups.io with SMTP id smtpd.web11.5341.1752611793449593772
 for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:33 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=OwC11eax;
 spf=softfail (domain: sakoman.com, ip: 209.85.214.169,
 mailfrom: steve@sakoman.com)
Received: by mail-pl1-f169.google.com with SMTP id
 d9443c01a7336-23694cec0feso54658405ad.2
        for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1752611793;
 x=1753216593; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=FTFRGb4nwUyl5kmK8ZR5Nx+DlOmw9bAX66JfLNl7FBE=;
        b=OwC11eaxfjt3Pn8N52IvEcNfAio16Y4t8AUhjDtlplNBoJupJ9ppg9tbeqy0PNdNaO
         wUhFBxaqfcK0zHoBzHrSooJBY0Kqw61wKF3M9rYzNsjLqGV0cq42uHkvFzOe2lGtDyZJ
         lk1ELJOXhKhw7bGXuKKbYVM+JZKj95mffWuFBWodflwV2F5LyYE1v77p0bYUF+2FX9Iu
         PANmLYa+GwqkKxIauqpYas9VZrQzSgZvXKsovsTqprfKISAK3Ot5YMllLOAjqWHUF2b2
         vL1z6iUeTbAaq+Lkdk5mSnyf14HAldW04C2IgoNSwlImk3Qxpkb7btfyHEJ8Y2V98W+C
         bEbw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752611793; x=1753216593;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=FTFRGb4nwUyl5kmK8ZR5Nx+DlOmw9bAX66JfLNl7FBE=;
        b=lCRe+aiJSDuU2Eq1A8qFySG863h0hiq3vopVI3FCUqrDh08jj7A5sCKF5eBwkecu7V
         83glvUGVzVSCua3Ij5LBAB4nNKqEVKFYnwMfCeceHKmf1SmhyyQc6kzU8phaCYC3NVXD
         UHoVcJAjUa5yUCs/5KzK5k99r9NlFTBaAPyMm+0kj2qqYPjaObtwF4INGXVdQSmH4Y+T
         X1BxmQwzNufCNb5ghUgZvGV7rEataRZKQ12x9Vlkr2T+oWXhPxIuhAdEd6AqRDSXzMZ9
         0/L3Kuoi0AJRIQQIX2+cnO1j1Fq7laN+PkTk6RamEf0TsrbnYtl2QNZGBZ3qE7k7fHgm
         fklA==
X-Gm-Message-State: AOJu0YwSOx4w+6In8xGnQuGyApEbJ+embqlDPfByWq2ix0TPlLATt7kB
	NeYZpuLj/yTZE5WOzEwzI14s2ZvFbR0HKZa1Yw5nFGdZkkuj4ADs3EK3z49Sq8XO1OfM+mObaOO
	BheIo
X-Gm-Gg: ASbGncuYdyVeORkEpZ5BfUWa+gLjgaYITklGm8qDED8lIfxo4ZuD6AeFSVUJhHAjxP8
	ZeVIG6y2f05gOkFnPX1tO3zwW/9n38Ba9zQShf7iSh8I/33jDWmqQPlSY/oE7NtgEgGyDzhzE8p
	8IQX2e6EMNg2z0X453ob+dPi/RjC/86xjQ7FjHGFsTZpyza8KsXTbwCXbGVoVhgsZB+cZG06rAZ
	mfdW7O3tL7VJFPfYc/0iDFv8oMxTtd9psf1orgM5icuLEa1Y5iqq0j3E607fIqXENm1BIB9UmHQ
	izlEI4m8VsFCUVgRQDDOkxnee+WYdfjA/0cmFT5kBIPe19xZrJpYgvVdam5u5lL9bNjAPaV1dtL
	Beb+cJtg1k8Rlcg==
X-Google-Smtp-Source: 
 AGHT+IFFlU+prRp6zK4JJKoRAQ1NCDhAxVtBhyA03ydt/OUPMF98ngIICSblah8rVqGSzB8Nkl85VQ==
X-Received: by 2002:a17:902:ef0b:b0:236:6f5f:caaf with SMTP id
 d9443c01a7336-23e24edc85emr5854595ad.15.1752611792530;
        Tue, 15 Jul 2025 13:36:32 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:5c42:3781:50b6:b9d7])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-23de43637f2sm115585595ad.241.2025.07.15.13.36.32
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 15 Jul 2025 13:36:32 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 06/16] openssl: fix CVE-2024-41996
Date: Tue, 15 Jul 2025 13:36:07 -0700
Message-ID: 
 <635fc639a13a6b28cac5c67cff23b7f4477bc41c.1752611671.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1752611671.git.steve@sakoman.com>
References: <cover.1752611671.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 15 Jul 2025 20:36:40 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/220415

From: Archana Polampalli <archana.polampalli@windriver.com>

Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol,
when an approved safe prime is used, allows remote attackers (from the client side) to
trigger unnecessarily expensive server-side DHE modular-exponentiation calculations.
The client may cause asymmetric resource consumption. The basic attack scenario is that
the client must claim that it can only communicate with DHE, and the server must be
configured to allow DHE and validate the order of the public key.

Reference:
https://github.com/openssl/openssl/pull/25088

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../openssl/openssl/CVE-2024-41996.patch      | 48 +++++++++++++++++++
 .../openssl/openssl_3.0.17.bb                 |  1 +
 2 files changed, 49 insertions(+)
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-41996.patch

diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-41996.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-41996.patch
new file mode 100644
index 0000000000..49ec9c0130
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-41996.patch
@@ -0,0 +1,48 @@
+From e70e34d857d4003199bcb5d3b52ca8102ccc1b98 Mon Sep 17 00:00:00 2001
+From: Tomas Mraz <tomas@openssl.org>
+Date: Mon, 5 Aug 2024 17:54:14 +0200
+Subject: [PATCH] dh_kmgmt.c: Avoid expensive public key validation for known
+ safe-prime groups
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The partial validation is fully sufficient to check the key validity.
+
+Thanks to Szilárd Pfeiffer for reporting the issue.
+
+Reviewed-by: Neil Horman <nhorman@openssl.org>
+Reviewed-by: Matt Caswell <matt@openssl.org>
+Reviewed-by: Paul Dale <ppzgs1@gmail.com>
+(Merged from https://github.com/openssl/openssl/pull/25088)
+
+CVE: CVE-2024-41996
+
+Upstream-Status: Backport [https://github.com/openssl/openssl/commit/e70e34d857d4003199bcb5d3b52ca8102ccc1b98]
+
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ providers/implementations/keymgmt/dh_kmgmt.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c
+index 795a3f2..3e7a811 100644
+--- a/providers/implementations/keymgmt/dh_kmgmt.c
++++ b/providers/implementations/keymgmt/dh_kmgmt.c
+@@ -387,9 +387,11 @@ static int dh_validate_public(const DH *dh, int checktype)
+     if (pub_key == NULL)
+         return 0;
+
+-    /* The partial test is only valid for named group's with q = (p - 1) / 2 */
+-    if (checktype == OSSL_KEYMGMT_VALIDATE_QUICK_CHECK
+-        && ossl_dh_is_named_safe_prime_group(dh))
++    /*
++     * The partial test is only valid for named group's with q = (p - 1) / 2
++     * but for that case it is also fully sufficient to check the key validity.
++     */
++    if (ossl_dh_is_named_safe_prime_group(dh))
+         return ossl_dh_check_pub_key_partial(dh, pub_key, &res);
+
+     return DH_check_pub_key_ex(dh, pub_key);
+--
+2.40.0
diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.17.bb b/meta/recipes-connectivity/openssl/openssl_3.0.17.bb
index 5bc8801b98..ee0ab2e498 100644
--- a/meta/recipes-connectivity/openssl/openssl_3.0.17.bb
+++ b/meta/recipes-connectivity/openssl/openssl_3.0.17.bb
@@ -12,6 +12,7 @@ SRC_URI = "https://github.com/openssl/openssl/releases/download/openssl-${PV}/op
            file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \
            file://afalg.patch \
            file://0001-Configure-do-not-tweak-mips-cflags.patch \
+           file://CVE-2024-41996.patch \
            "
 
 SRC_URI:append:class-nativesdk = " \

From patchwork Tue Jul 15 20:36:08 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 66909
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 5BC28C83F37
	for <webhook@archiver.kernel.org>; Tue, 15 Jul 2025 20:36:40 +0000 (UTC)
Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com
 [209.85.214.170])
 by mx.groups.io with SMTP id smtpd.web11.5342.1752611794929661651
 for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:34 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=FTnwoTA7;
 spf=softfail (domain: sakoman.com, ip: 209.85.214.170,
 mailfrom: steve@sakoman.com)
Received: by mail-pl1-f170.google.com with SMTP id
 d9443c01a7336-23c703c471dso2747615ad.0
        for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1752611794;
 x=1753216594; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=Bh1tgzRWXezm0SwXsPZ+Z1XHmejd3kFUwFx2AZI+Ovo=;
        b=FTnwoTA7NWJZ8qnJd3P/Mv5JrAn7LW5hLNH+dsGMjXguXurZB9cw9JtPO3czfjX8tn
         6jRVRyxCZ7Kgw98C8DcTDUGYqSqDCL0pPB0Asg/yxe5gQHjJIYcSWfRproyLYCkHiTLF
         0AM1zx8P7LuSSA469FtPm8IxpjP0IdTA3/S+hmaHO/+QoLHMzJYn7UKcRYmK4hK6Ghu0
         we+pcAruSFqwwaaKr61YAbC02KaOU/n/JAiDsLM52qVsM/uTa7+vj72kS9Yhxkd9XmY8
         bypfoBkndihtkEZzjb/j7NGslIkfY6WQ5pzJ7B/9ltMg/14mu787z1XiikWkzOHPgaNb
         SSmQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752611794; x=1753216594;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=Bh1tgzRWXezm0SwXsPZ+Z1XHmejd3kFUwFx2AZI+Ovo=;
        b=RtT+CxPZiz1LeibLaqSkxd4A9bxY+dfX55NilPqchgoMx2qjE84T9Xb0wcnvzyt/8b
         A1w5llYI4RUBi5E4ugZLDMIcm/gvsl0d16YvshvepCK/JJU1sRiPw9bCARFuOCFqoFP2
         iQLycXIwvUdSGf2CFx2ptLqWHXVcQqJf/rQpje11nru/xYRuRy5Uy7DT/zAcQb/nEKHb
         eGG9w+hKTPps7s+x4656iIjcZKO4Tn2NZJKSUmqB0r+ZkyGDz+GzfuI8OQSdiVouCjTk
         syU4ai1u6ftymARS8T0w1jQ1izBkwpQnPUmRr6gRP5P5aNuGmf3CREahmfp2zJIBi2r/
         ePHg==
X-Gm-Message-State: AOJu0YzewavZzXxxUyx0xSB7qXErFJf9cLevE7YhJTsWEoB3JKxKTdPe
	kF5ItGdOFawl/FJ7hfo/hUFbyOeU/9dX2r6Rz/IEPnKvuReJEMy8VM2ZwlgZaFS2bgSjJFK7Hwj
	Oo6Oh
X-Gm-Gg: ASbGncuTFOcV/IUv4y7MWPSSRMvW6KI19hhD7O3A735Qdu4XWu8uIVlykNqvYfdOJNZ
	u/0Mbnd5lkawrnD8idL+hZVtQSXV9uoHOEJ2ZzMs8TdsGvXX+roBlLEfRMSptXi2OBX7k7R5HJ1
	qhKG6RUSLDlEs8u/yK4ZUsq9HSohLguyFl5P5TEiOZJevlPx6K0qnxheDbm60T/MJfruUAkCfrE
	zINZBHr58QR9JVml3dpYpomF8LJZhoYIsHUZrktYECLzY+M0hdmlfY5FZwAtjtvasYufnMKbNfx
	FsixMLqv8S9ARGpC9rMc+EyDkoPhffYvSiN/Lq7TaBqcnyuqNZeVQaILS6hsKzkJon5oDFwEkQ3
	puSh9NO2zaA6mTw==
X-Google-Smtp-Source: 
 AGHT+IHeBHKQZpaD916hz17bUZEhgB1d2sKyyLvp8XEB/JAlq4YW1xLECYcLBreTklf7KU57SS2iRA==
X-Received: by 2002:a17:903:120e:b0:221:751f:cfbe with SMTP id
 d9443c01a7336-23e24b33eaamr9418495ad.19.1752611794084;
        Tue, 15 Jul 2025 13:36:34 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:5c42:3781:50b6:b9d7])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-23de43637f2sm115585595ad.241.2025.07.15.13.36.33
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 15 Jul 2025 13:36:33 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 07/16] ofono: fix CVE-2023-4232
Date: Tue, 15 Jul 2025 13:36:08 -0700
Message-ID: 
 <02005c81a55930d9f57d44674cdc5eb6171c8c76.1752611671.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1752611671.git.steve@sakoman.com>
References: <cover.1752611671.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 15 Jul 2025 20:36:40 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/220416

From: Archana Polampalli <archana.polampalli@windriver.com>

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug
is triggered within the decode_status_report() function during the SMS decoding.
It is assumed that the attack scenario is accessible from a compromised modem,
a malicious base station, or just SMS. There is a bound check for this memcpy
length in decode_submit(), but it was forgotten in decode_status_report().

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../ofono/ofono/CVE-2023-4232.patch           | 30 +++++++++++++++++++
 meta/recipes-connectivity/ofono/ofono_1.34.bb |  1 +
 2 files changed, 31 insertions(+)
 create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2023-4232.patch

diff --git a/meta/recipes-connectivity/ofono/ofono/CVE-2023-4232.patch b/meta/recipes-connectivity/ofono/ofono/CVE-2023-4232.patch
new file mode 100644
index 0000000000..da714f6a87
--- /dev/null
+++ b/meta/recipes-connectivity/ofono/ofono/CVE-2023-4232.patch
@@ -0,0 +1,30 @@
+From 2ff2da7ac374a790f8b2a0216bcb4e3126498225 Mon Sep 17 00:00:00 2001
+From: "Sicelo A. Mhlongo" <absicsz@gmail.com>
+Date: Wed, 4 Dec 2024 10:18:52 +0200
+Subject: [PATCH] smsutil: check status report fits in buffer
+
+Fixes CVE-2023-4232
+
+CVE: CVE-2023-4232
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=2ff2da7ac374a790f8b2a0216bcb4e3126498225]
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ src/smsutil.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/smsutil.c b/src/smsutil.c
+index ac89f16c..a706e26f 100644
+--- a/src/smsutil.c
++++ b/src/smsutil.c
+@@ -1088,6 +1088,9 @@ static gboolean decode_status_report(const unsigned char *pdu, int len,
+		if ((len - offset) < expected)
+			return FALSE;
+
++		if (expected > (int)sizeof(out->status_report.ud))
++			return FALSE;
++
+		memcpy(out->status_report.ud, pdu + offset, expected);
+	}
+
+--
+2.30.2
diff --git a/meta/recipes-connectivity/ofono/ofono_1.34.bb b/meta/recipes-connectivity/ofono/ofono_1.34.bb
index 9f11af9236..8a298bfade 100644
--- a/meta/recipes-connectivity/ofono/ofono_1.34.bb
+++ b/meta/recipes-connectivity/ofono/ofono_1.34.bb
@@ -26,6 +26,7 @@ SRC_URI = "\
     file://CVE-2024-7547.patch \
     file://CVE-2024-7540_CVE-2024-7541_CVE-2024-7542.patch \
     file://CVE-2024-7537.patch \
+    file://CVE-2023-4232.patch \
 "
 SRC_URI[sha256sum] = "c0b96d3013447ec2bcb74579bef90e4e59c68dbfa4b9c6fbce5d12401a43aac7"
 

From patchwork Tue Jul 15 20:36:09 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 66911
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 677BFC83F38
	for <webhook@archiver.kernel.org>; Tue, 15 Jul 2025 20:36:40 +0000 (UTC)
Received: from mail-pl1-f177.google.com (mail-pl1-f177.google.com
 [209.85.214.177])
 by mx.groups.io with SMTP id smtpd.web11.5345.1752611796427289478
 for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:36 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=k/AfMRHO;
 spf=softfail (domain: sakoman.com, ip: 209.85.214.177,
 mailfrom: steve@sakoman.com)
Received: by mail-pl1-f177.google.com with SMTP id
 d9443c01a7336-235ea292956so55745445ad.1
        for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1752611796;
 x=1753216596; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=EkFbEyhgn7PbVY69p+vJ887vvayx1PPJHLrow7clPT4=;
        b=k/AfMRHOKxoDQfBiYejn7i144Ub/culU0xms/xfRYKtiVdbwXTO21VB0BR7619JFUu
         VK1K3PBeeiWknxUVHlnALesDRszcuSTftBVgvWFgQAmw6qmQv2FdJ6Gb9gbI/iIUeWRF
         udtwywTXYxqR/hMRowX8UO/kYtUUsArM6kY7Uwdh6X9w51bo3KAi16MXJucTvm511FOe
         XNOZyhmlPpuzNvaRU/HNmvL/Id/ibd+oYkuC3rbeMtr2uBucYLw7ronEKbhwwTwFysbV
         DmIsm/dBn/nkcxGKAudEZNG/xQPuX1tWvedSZMoaEOiCd+K9fcKB5AI0FHqkpCUwreN+
         1W/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752611796; x=1753216596;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=EkFbEyhgn7PbVY69p+vJ887vvayx1PPJHLrow7clPT4=;
        b=xJRzz4Gh1uSI3SOgXsnlmTmEGIwQsxjQGNIpgmtBne3Nyn4lw7OlxLu6JMnHqVIibN
         ULclWCaVFrmOqCOu7dpyKnZt/CZfjh7UQ0NUK7uYEl4P7T/lstmid8scjrOyvWT8ICv2
         LeZhZD93kAFQ6jtwDL85sohzCyrwk30begtb+JRPmksfrpHNKDVYueFbEdtEcyFQaS0i
         cz/n6+tx3xvr/eS/Cl4JNwhF3no4OAKWoqYLuR3lVhmqICZmWLwvQIAuOwcDL7y9TOVX
         YsQoa1J6Cp4FTS/Z4VlXFHUoYr+eMCuiFvdU0P3U4WbPsFvKx59DADbBEaywocSCGtvl
         IUqg==
X-Gm-Message-State: AOJu0YyiMOoCUA6WgclVGzF5rgcu11YbdLKiPC0e6i9+hPIjDU44ANxt
	wGdHtArJwvEa5Ocva8MuAtytaRtDG774mZCZgUKSaaXXtQJ4vhhjfkMHox+XOnLbV6v5g2N/xfM
	p4KGD
X-Gm-Gg: ASbGncvl/6vfIe4xCs6B9w3KlA/EVwpJaEeYofApH1qpi2Ux+t5hSS/sg0bLOL3tpX/
	RiYTWcmVyjU+FJYtrGKyno7MpKD++On5VuvsuJH8a3TnmzzbujcO4yvfBrV+KsLIi9LIeLZ096+
	LLNiB0+0W43w+qt+UsOIFj82MP51yi9wo/CutSleaEguKQUwz7/r1KC1k1Yzgs+xnE0ZAIwRi4m
	jI4fgKe18+tRk3ArHA0SSvh8JJnqX4H9jFTQPbjmZKOgJgLG/IJR3wKYjiCNS+N0KuitNZ368Ap
	HVre+VzTcdQmDRmj8xVittGF3ZM1eypL1JqaFr/qyKUq1jYcDEOJuggNBucMMDnTEsQFyYiaaxB
	Lb5kdIq1kPh3RfQ==
X-Google-Smtp-Source: 
 AGHT+IHZ+dcU/1Zr3azkiotA1FPEwW9hiXqQHJadzIrJ64eibqUxGWkugCIrdpEbR4Qjj4CtTt8nDQ==
X-Received: by 2002:a17:902:f60a:b0:234:aa98:7d41 with SMTP id
 d9443c01a7336-23e257608famr1532835ad.42.1752611795553;
        Tue, 15 Jul 2025 13:36:35 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:5c42:3781:50b6:b9d7])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-23de43637f2sm115585595ad.241.2025.07.15.13.36.34
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 15 Jul 2025 13:36:35 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 08/16] ofono: fix CVE-2023-4235
Date: Tue, 15 Jul 2025 13:36:09 -0700
Message-ID: 
 <3a3519324ec390044ff9f97c0f32027782699124.1752611671.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1752611671.git.steve@sakoman.com>
References: <cover.1752611671.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 15 Jul 2025 20:36:40 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/220417

From: Archana Polampalli <archana.polampalli@windriver.com>

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug
is triggered within the decode_deliver_report() function during the SMS decoding.
It is assumed that the attack scenario is accessible from a compromised modem,
a malicious base station, or just SMS. There is a bound check for this memcpy
length in decode_submit(), but it was forgotten in decode_deliver_report().

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../ofono/ofono/CVE-2023-4235.patch           | 37 +++++++++++++++++++
 meta/recipes-connectivity/ofono/ofono_1.34.bb |  1 +
 2 files changed, 38 insertions(+)
 create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2023-4235.patch

diff --git a/meta/recipes-connectivity/ofono/ofono/CVE-2023-4235.patch b/meta/recipes-connectivity/ofono/ofono/CVE-2023-4235.patch
new file mode 100644
index 0000000000..ce03bbd274
--- /dev/null
+++ b/meta/recipes-connectivity/ofono/ofono/CVE-2023-4235.patch
@@ -0,0 +1,37 @@
+From 02aa0f9bad3d9e47a152fc045d0f51874d901d7e Mon Sep 17 00:00:00 2001
+From: "Sicelo A. Mhlongo" <absicsz@gmail.com>
+Date: Wed, 4 Dec 2024 10:18:51 +0200
+Subject: [PATCH] smsutil: check deliver reports fit in buffer
+
+Fixes CVE-2023-4235
+
+CVE: CVE-2023-4235
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=02aa0f9bad3d9e47a152fc045d0f51874d901d7e]
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ src/smsutil.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/smsutil.c b/src/smsutil.c
+index 484bfd0b..ac89f16c 100644
+--- a/src/smsutil.c
++++ b/src/smsutil.c
+@@ -1240,10 +1240,16 @@ static gboolean decode_deliver_report(const unsigned char *pdu, int len,
+			return FALSE;
+
+		if (out->type == SMS_TYPE_DELIVER_REPORT_ERROR) {
++			if (expected > (int) sizeof(out->deliver_err_report.ud))
++				return FALSE;
++
+			out->deliver_err_report.udl = udl;
+			memcpy(out->deliver_err_report.ud,
+					pdu + offset, expected);
+		} else {
++			if (expected > (int) sizeof(out->deliver_ack_report.ud))
++				return FALSE;
++
+			out->deliver_ack_report.udl = udl;
+			memcpy(out->deliver_ack_report.ud,
+					pdu + offset, expected);
+--
+2.30.2
diff --git a/meta/recipes-connectivity/ofono/ofono_1.34.bb b/meta/recipes-connectivity/ofono/ofono_1.34.bb
index 8a298bfade..a3edf4ab5d 100644
--- a/meta/recipes-connectivity/ofono/ofono_1.34.bb
+++ b/meta/recipes-connectivity/ofono/ofono_1.34.bb
@@ -27,6 +27,7 @@ SRC_URI = "\
     file://CVE-2024-7540_CVE-2024-7541_CVE-2024-7542.patch \
     file://CVE-2024-7537.patch \
     file://CVE-2023-4232.patch \
+    file://CVE-2023-4235.patch \
 "
 SRC_URI[sha256sum] = "c0b96d3013447ec2bcb74579bef90e4e59c68dbfa4b9c6fbce5d12401a43aac7"
 

From patchwork Tue Jul 15 20:36:10 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 66910
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 6904EC83F3A
	for <webhook@archiver.kernel.org>; Tue, 15 Jul 2025 20:36:40 +0000 (UTC)
Received: from mail-pl1-f180.google.com (mail-pl1-f180.google.com
 [209.85.214.180])
 by mx.groups.io with SMTP id smtpd.web11.5346.1752611797864167209
 for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:37 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=qP7YfBME;
 spf=softfail (domain: sakoman.com, ip: 209.85.214.180,
 mailfrom: steve@sakoman.com)
Received: by mail-pl1-f180.google.com with SMTP id
 d9443c01a7336-235e1d710d8so74671485ad.1
        for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1752611797;
 x=1753216597; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=9J+VXXu0ftmgTRlfpE8L6bPXqXomwv9lBlOcDAGfYzo=;
        b=qP7YfBMEF7g1W/GI6JvxhPsCjYfHkBTgl/YGsnQAzkiIoJbh1kfIdf1+OjNXv57DkC
         SemjueMCgpQaqlcRhLtX7FTUFrnyPw+/FZAJ5VQHtS+DvOSh6wGwJsyNy5bgQCb0GVDh
         6YTsng1s2HoEue2Zovopxe0BIUmexTvMuV+S/FaW2tAg0WH2J7fMMhvwzICm0kenPK4T
         +tVue3f0x2LX4xoCfYzq6ib3ev9PHs5q50EV6Nk91u/P1FOS9vNLBek7RJp2jlM9WLBZ
         Qj8yTCqTD4PR96YU7BiChXfNE5H3gtmINEpTpGSRckL6wIDcwC9zb4clXZfIjrzgBi7U
         iwxQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752611797; x=1753216597;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=9J+VXXu0ftmgTRlfpE8L6bPXqXomwv9lBlOcDAGfYzo=;
        b=n29FZjJvcH7d9LNiafQvIJdocpMlix7sxbeR3j6dVH2YcHT7Uur2YvBUu74s95GfRN
         OQuUsI3YnmMDA9GZZRL0K4C/OYwvh98f73/ZIZNhskPdUQ704N0h0KXjI3V92B7Mm11s
         GA7AKSUGpky6k5ZZ0ok78Y+UKgv3VrFybloW9tGM1/J0ebvmO/gy62A83F12Vi2vPgJG
         NchCurHL5CEQTLqMHXQFWFv3pBvwBT2dzFVaknO5UbM3kyn9wzqvDSBHs14eN1IfhWx6
         kme9GqcZoi7bq1l1FKKYWmuYSRs+hDO+dJQ//bSm2FJI5dihCewXUIOUGgBVoDa4h0Fo
         xLgw==
X-Gm-Message-State: AOJu0Yxa3GVldTHivyYv05qtwxCg5DX1YlNcDWxfZ1vKdJZ1/9v9hn9d
	usVlxjhPHRg9VdlitsGUAPYKaKY1Q6u4kax49ePt8rphvpiyQbny8UJS+whNk5Sy4QSB3Fq1toI
	WzS9F
X-Gm-Gg: ASbGncswIhkBsfVHmiGlo5SgfeV1dvXfNPvSB+qOZMekFUesFRshWOW8lRABR74QeZJ
	JdEW0+R8kZ+rlTrWQGznoLOZeNz2cZ8W8bWad1LyMJcH4OKX8NV6n8lwisorbkA/4WVzoqoFO/y
	P85t7YnSZnJOJebvZLkCkSyWHGKFRAuuuy9IremWhvrnVK/4gGj5RMKJYjvxcXwD7bKxf4Rfo4D
	KOpah5oJTsfDj8vBot/PqAsz1DzKdMbwbNMFg6yWz7c4kxPw+mxLwjUjSHLlKBweXNnVsc9mnnN
	hvUviTff4Ib9Evv1uAG/k/ea8goyz0Uf5LxUrrfgE65hk5TVerAKAp062JClrQBFs1sn0Kicn0A
	7mRJZ5uR22GKkMg==
X-Google-Smtp-Source: 
 AGHT+IHT1/65InWI3MpEKEpHvs4pksNdUr6Z5FIBDrkhSqV5+uZ8AzUmF4Nh7bTvVaZRtHipqW5ssA==
X-Received: by 2002:a17:902:f786:b0:236:6f43:7051 with SMTP id
 d9443c01a7336-23e24eeb3damr5283115ad.23.1752611797008;
        Tue, 15 Jul 2025 13:36:37 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:5c42:3781:50b6:b9d7])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-23de43637f2sm115585595ad.241.2025.07.15.13.36.36
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 15 Jul 2025 13:36:36 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 09/16] ghostscript: ignore CVE-2025-46646
Date: Tue, 15 Jul 2025 13:36:10 -0700
Message-ID: 
 <a3e02ed74db2c234b7c3718b4d6b5332468de226.1752611671.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1752611671.git.steve@sakoman.com>
References: <cover.1752611671.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 15 Jul 2025 20:36:40 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/220418

From: Peter Marko <peter.marko@siemens.com>

The code patched by [1] which fixes this CVE is not available in 9.55.0.
Also Debian says in [2] that even 10.0.0 is not yet affected.

[1] https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f14ea81e6c3d2f51593f23cdf13c4679a18f1a3f
[2] https://security-tracker.debian.org/tracker/CVE-2025-46646

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb b/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
index 3b50ac1409..4d696159e0 100644
--- a/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
+++ b/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
@@ -28,6 +28,8 @@ CVE_CHECK_IGNORE += "CVE-2023-38560 CVE-2024-46954"
 CVE_CHECK_IGNORE += "CVE-2024-29507 CVE-2025-27833"
 # Only impacts codepaths relevant for Windows builds
 CVE_CHECK_IGNORE += "CVE-2025-27837"
+# Vulnerable code was introduced later, so 9.55.0 is not affected yet
+CVE_CHECK_IGNORE += "CVE-2025-46646"
 
 def gs_verdir(v):
     return "".join(v.split("."))

From patchwork Tue Jul 15 20:36:11 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 66906
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 3D102C83F17
	for <webhook@archiver.kernel.org>; Tue, 15 Jul 2025 20:36:40 +0000 (UTC)
Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com
 [209.85.214.179])
 by mx.groups.io with SMTP id smtpd.web11.5350.1752611799860761301
 for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:39 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=0bmnlQIn;
 spf=softfail (domain: sakoman.com, ip: 209.85.214.179,
 mailfrom: steve@sakoman.com)
Received: by mail-pl1-f179.google.com with SMTP id
 d9443c01a7336-2353a2bc210so59690575ad.2
        for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1752611799;
 x=1753216599; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=QuTCIPuwEjoOy/O8RU9MCwN6D60LMo/PXpBACgjBMkY=;
        b=0bmnlQIndUz8uPP3xU9hue4nJ/fT6C+K5xSI/p/as+s9X0DzgVkuZzAd6xzbJd7riz
         XqiMzoqvdPLQ+q45lzG+Q8bjxdD/q5V5GLnJ1AF7TvrRcMq0WICwywX7o4gRZISDBzdr
         KoGpXC97Ixdzopusdx2V4EhAnp9u2fLmxsq+Z/mCXz5sQ6SCbrRzRHo/WhVXCLj+nSps
         hfFjgBElZTx6NC6LfFZftByNthvuFcXSx7BpO/iRyu7MvLvdmVp4fGMCzCRKL5raFA8Q
         oTnWmK8w7chNZbhrdC3HLJWsMoe77vYAYUu9bUDE9Md5dhFKObLY007ddx+6eUx5DdCp
         1VaA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752611799; x=1753216599;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=QuTCIPuwEjoOy/O8RU9MCwN6D60LMo/PXpBACgjBMkY=;
        b=rH/OGzbkULMFJdU4eSJiixAPw8kQ1sufZaPe5djWyNLMvmqgI4WePDp1G+gzdoMWRe
         MpzITx9F05mIrTotw+FuVDqEYd3yE81SCLfQTZzu84O6W3JTFJWeB5BNm7lz5RCD5cSa
         Jrc1CZ/1ytTrJ2j8HufwwyizsSagPyU5b/+aWIpC7B27QkZeJEHaOEYQUBgGzf4qQSnQ
         6IcGh3gqF1qUcvsRfp7ktdzLvmBwhGvGPfg8UddH0nwQ+7FfDIH6J1uDN6qG8rELxk7F
         aIOXEbrlMyFS/TrNUD5h8T62RboslNU/QrH3o8ejR8tZbD6XmzlVcj8JlgzB9Nn3Dfz+
         nDbA==
X-Gm-Message-State: AOJu0YyW0/CJCosa05xeJg2zWOBFLuqomwT4Ect/25Mtoazd6vFDQVTi
	9HzuJxlYMHGyFVhbyEgYwx2cB6Ig3y+kV8Xq5l+x0ZLO0To+XMAn2xbprl1lnHSrszVgf1NucYd
	Sp9cO
X-Gm-Gg: ASbGncug1rWVHFeYZ05V06+fwQGv54tu9YUOCDxNyhINOF13E/Zd1UMpc16L/BgLYKc
	6yFvZ4A6IY95L+DUr7V/0PhQSOJ2oTwTZpfcykAntaNTsaMYZX6BSfWlPLjZuUYzhJulOoWNiOu
	bV4yHwpHbvf24qCMTYZPA+drC2R6WGiRx0A9sfdNnzgKng441SP7zK1rNR6EegA1lTMFVt9Tm/A
	iOusZCFCrQf5BK8PllWOhIA51IZSQgBnhZ+34Q0q1aDQcEMgbM2+AvTEXZhNk5t003RGPdBsNUW
	tzJyEHSdZI0g+v8MKzue5g8MnBuzVrZEblNdi1vCYDluJjqlOcQlNAi+M4pSPX2IXqJPdCfOqEL
	xS+mSqBpXsrMY+g==
X-Google-Smtp-Source: 
 AGHT+IHt/a5MzzvMJyQxunbU/Re2sQCU07iV+GBzwOH9kBbp3rhetJSqs04I8G0Ly/o8gLD112U4Yg==
X-Received: by 2002:a17:903:2446:b0:234:aa9a:9e0f with SMTP id
 d9443c01a7336-23e256d1bb6mr1795165ad.23.1752611798940;
        Tue, 15 Jul 2025 13:36:38 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:5c42:3781:50b6:b9d7])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-23de43637f2sm115585595ad.241.2025.07.15.13.36.38
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 15 Jul 2025 13:36:38 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 10/16] iputils: patch CVE-2025-48964
Date: Tue, 15 Jul 2025 13:36:11 -0700
Message-ID: 
 <49ccf7b56a0598f84dcac2532c462aa2c285f66c.1752611671.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1752611671.git.steve@sakoman.com>
References: <cover.1752611671.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 15 Jul 2025 20:36:40 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/220419

From: Peter Marko <peter.marko@siemens.com>

Pick commit referencing this CVE.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../iputils/iputils/CVE-2025-48964.patch      | 99 +++++++++++++++++++
 .../iputils/iputils_20211215.bb               |  1 +
 2 files changed, 100 insertions(+)
 create mode 100644 meta/recipes-extended/iputils/iputils/CVE-2025-48964.patch

diff --git a/meta/recipes-extended/iputils/iputils/CVE-2025-48964.patch b/meta/recipes-extended/iputils/iputils/CVE-2025-48964.patch
new file mode 100644
index 0000000000..e6fc67bce0
--- /dev/null
+++ b/meta/recipes-extended/iputils/iputils/CVE-2025-48964.patch
@@ -0,0 +1,99 @@
+From afa36390394a6e0cceba03b52b59b6d41710608c Mon Sep 17 00:00:00 2001
+From: Cyril Hrubis <metan@ucw.cz>
+Date: Fri, 16 May 2025 17:57:10 +0200
+Subject: [PATCH] ping: Fix moving average rtt calculation
+
+The rts->rtt counts an exponential weight moving average in a fixed
+point, that means that even if we limit the triptime to fit into a 32bit
+number the average will overflow because because fixed point needs eight
+more bits.
+
+We also have to limit the triptime to 32bit number because otherwise the
+moving average may stil overflow if we manage to produce a large enough
+triptime.
+
+Fixes: CVE-2025-48964
+Fixes: https://bugzilla.suse.com/show_bug.cgi?id=1243772
+Closes: https://github.com/iputils/iputils-ghsa-25fr-jw29-74f9/pull/1
+Reported-by: Mohamed Maatallah <hotelsmaatallahrecemail@gmail.com>
+Reviewed-by: Petr Vorel <pvorel@suse.cz>
+Tested-by: Petr Vorel <pvorel@suse.cz>
+Reviewed-by: Michal Kubecek <mkubecek@suse.cz>
+Reviewed-by: Mohamed Maatallah <hotelsmaatallahrecemail@gmail.com>
+Signed-off-by: Cyril Hrubis <metan@ucw.cz>
+
+CVE: CVE-2025-48964
+Upstream-Status: Backport [https://github.com/iputils/iputils/commit/afa36390394a6e0cceba03b52b59b6d41710608c]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ iputils_common.h   | 2 +-
+ ping/ping.h        | 2 +-
+ ping/ping_common.c | 8 ++++----
+ 3 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/iputils_common.h b/iputils_common.h
+index 829a749..1296905 100644
+--- a/iputils_common.h
++++ b/iputils_common.h
+@@ -11,7 +11,7 @@
+ 					 __typeof__(&arr[0]))])) * 0)
+ 
+ /* 1000001 = 1000000 tv_sec + 1 tv_usec */
+-#define TV_SEC_MAX_VAL (LONG_MAX/1000001)
++#define TV_SEC_MAX_VAL (INT32_MAX/1000001)
+ 
+ #ifdef __GNUC__
+ # define iputils_attribute_format(t, n, m) __attribute__((__format__ (t, n, m)))
+diff --git a/ping/ping.h b/ping/ping.h
+index 4dce538..bc1fab2 100644
+--- a/ping/ping.h
++++ b/ping/ping.h
+@@ -180,7 +180,7 @@ struct ping_rts {
+ 	long tmax;			/* maximum round trip time */
+ 	double tsum;			/* sum of all times, for doing average */
+ 	double tsum2;
+-	int rtt;
++	uint64_t rtt;                   /* Exponential weight moving average calculated in fixed point */
+ 	int rtt_addend;
+ 	uint16_t acked;
+ 	int pipesize;
+diff --git a/ping/ping_common.c b/ping/ping_common.c
+index 2a3e556..fad5228 100644
+--- a/ping/ping_common.c
++++ b/ping/ping_common.c
+@@ -273,7 +273,7 @@ int __schedule_exit(int next)
+ 
+ static inline void update_interval(struct ping_rts *rts)
+ {
+-	int est = rts->rtt ? rts->rtt / 8 : rts->interval * 1000;
++	int est = rts->rtt ? (int)(rts->rtt / 8) : rts->interval * 1000;
+ 
+ 	rts->interval = (est + rts->rtt_addend + 500) / 1000;
+ 	if (rts->uid && rts->interval < MINUSERINTERVAL)
+@@ -768,7 +768,7 @@ restamp:
+ 			if (triptime > rts->tmax)
+ 				rts->tmax = triptime;
+ 			if (!rts->rtt)
+-				rts->rtt = triptime * 8;
++				rts->rtt = ((uint64_t)triptime) * 8;
+ 			else
+ 				rts->rtt += triptime - rts->rtt / 8;
+ 			if (rts->opt_adaptive)
+@@ -935,7 +935,7 @@ int finish(struct ping_rts *rts)
+ 		int ipg = (1000000 * (long long)tv.tv_sec + tv.tv_nsec / 1000) / (rts->ntransmitted - 1);
+ 
+ 		printf(_("%sipg/ewma %d.%03d/%d.%03d ms"),
+-		       comma, ipg / 1000, ipg % 1000, rts->rtt / 8000, (rts->rtt / 8) % 1000);
++		       comma, ipg / 1000, ipg % 1000, (int)(rts->rtt / 8000), (int)((rts->rtt / 8) % 1000));
+ 	}
+ 	putchar('\n');
+ 	return (!rts->nreceived || (rts->deadline && rts->nreceived < rts->npackets));
+@@ -960,7 +960,7 @@ void status(struct ping_rts *rts)
+ 		fprintf(stderr, _(", min/avg/ewma/max = %ld.%03ld/%lu.%03ld/%d.%03d/%ld.%03ld ms"),
+ 			(long)rts->tmin / 1000, (long)rts->tmin % 1000,
+ 			tavg / 1000, tavg % 1000,
+-			rts->rtt / 8000, (rts->rtt / 8) % 1000, (long)rts->tmax / 1000, (long)rts->tmax % 1000);
++			(int)(rts->rtt / 8000), (int)((rts->rtt / 8) % 1000), (long)rts->tmax / 1000, (long)rts->tmax % 1000);
+ 	}
+ 	fprintf(stderr, "\n");
+ }
diff --git a/meta/recipes-extended/iputils/iputils_20211215.bb b/meta/recipes-extended/iputils/iputils_20211215.bb
index 03dc97dcc8..97fff6fe3a 100644
--- a/meta/recipes-extended/iputils/iputils_20211215.bb
+++ b/meta/recipes-extended/iputils/iputils_20211215.bb
@@ -13,6 +13,7 @@ DEPENDS = "gnutls"
 SRC_URI = "git://github.com/iputils/iputils;branch=master;protocol=https \
            file://0001-rarpd-rdisc-Drop-PrivateUsers.patch \
            file://CVE-2025-47268.patch \
+           file://CVE-2025-48964.patch \
            "
 SRCREV = "1d1e7c43210d8af316a41cb2c53d612a4c16f34d"
 

From patchwork Tue Jul 15 20:36:12 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 66912
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 627B9C83F2D
	for <webhook@archiver.kernel.org>; Tue, 15 Jul 2025 20:36:50 +0000 (UTC)
Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com
 [209.85.214.170])
 by mx.groups.io with SMTP id smtpd.web10.5500.1752611801284996552
 for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:41 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=ZeSihVjQ;
 spf=softfail (domain: sakoman.com, ip: 209.85.214.170,
 mailfrom: steve@sakoman.com)
Received: by mail-pl1-f170.google.com with SMTP id
 d9443c01a7336-234fcadde3eso73266195ad.0
        for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1752611800;
 x=1753216600; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=i8qaytqthQITPkUR/BdVbU4+lJsWGCnwZRiBaXAH958=;
        b=ZeSihVjQjiUDeoZdZx5Q4q8BcQRbCIziVG4hT78Rvfj9W8LQYTLrofVKjukf3UXCyU
         mn2OHXAEcTltsyl23z32KKTIb2OmUejMIZGW79Do4SRgVTcmKcoCFVJlcLrZLoDraqO8
         RC5N9j+zeg4xloF5r9f10XE/F9JQUalzSMj/XT/M/zPwdN/O0fT4xjltttdmuYkkYMB8
         8TrF9x9d7tgYelU814jk7OU3M+ZbxUKOoyby+FGbyvLZicQZT6mfNRq79JIQS6Myo3Tu
         0g9RMuxRBAxR/a7WUvU9S+kK41eUYCXXKob46Tw6ElXmrbIthNeHEO14yRp6664OemuB
         EG+g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752611800; x=1753216600;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=i8qaytqthQITPkUR/BdVbU4+lJsWGCnwZRiBaXAH958=;
        b=O1TbnzcrE0BkOMLAyOGOAp+qk10/n0bqUEdnhd05frqSomCmB+e0n5fOipVTpHHq4h
         2DPOQmlkxOyvZjBac/qfx0XH/IfFyQiJpMvd3ez7H+2VcYR6AxxXxUqWxXoNxOzL3Twf
         bbGNTkJKnyiocD0ukbUM3Y7L8q0C6n32IuEmxKyW+UwrBPXPQOPBcLxp+sjzzgeu7n4l
         +GLzfhOFozuPkmHbCEdAIiz+aG84j3wgrxOyMWi2pAlKhpUaC//i70IrrxiAbd24Twc5
         1dmQacWeESvzp1hxUZAbHx+iCs40ytWIC0Q+hw6geSYVLac8+eAmQRKkCXiC0rLixStd
         ef7Q==
X-Gm-Message-State: AOJu0YzcDoiQ2WT/CK4HeVFzKCxbfbPvCqxqumhip2qAx3EuajiWpiad
	EBiuLZv2Trenec9KgI6zPb1ENoYkj8TLH1igoNfX375my9MyQFlSHZvPswwDlN5QDqZnowYRyQk
	a9MaH
X-Gm-Gg: ASbGncvtfLD1L6AoqNPAxLOkQQb+dcynrFDN5rH5ohk3d/USrHSn1IftAlQlvd4WTGn
	qdEFBKqdD87FyqHskXYEkYbHCGinrYHBIiOI1meePcYzg4Fxc0nrThTtPX3e/s3cPpnQSnqkzr+
	lRyNNrzD44W9SI6nbzolE60TezLktdc4n8IQBWQgVsqjsghF/fWkF2KE8DPSffzMD45Gimi/TqR
	eL5Y68Z9kAZkmIFMlKhd8keepY4K5V2x6qCpNHvOqU0YT3CtmDw/umwox7l6z2wPpRSOkeUByZg
	hwxkUQvW08ChoAmhhRfOLz0klQ8ixhdU5Yry1p9mewpUS8AkSWaiXmMq9XjzITwhtyKrBOnHyVA
	fMvC3+eXIqtb8RA==
X-Google-Smtp-Source: 
 AGHT+IGMcy+FoPVKegMM+VH3gnfSHwKShR82TphcjJ7QlAVJpP5AR+3qgPe7pmVBFGtZJb0O03RH8g==
X-Received: by 2002:a17:902:ec8f:b0:23c:8f12:3f90 with SMTP id
 d9443c01a7336-23e25765f62mr1474635ad.41.1752611800540;
        Tue, 15 Jul 2025 13:36:40 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:5c42:3781:50b6:b9d7])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-23de43637f2sm115585595ad.241.2025.07.15.13.36.39
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 15 Jul 2025 13:36:40 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 11/16] gdk-pixbuf: fix CVE-2025-7345
Date: Tue, 15 Jul 2025 13:36:12 -0700
Message-ID: 
 <1803f965e4990be3fbdcd52544f0080e9c83800d.1752611671.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1752611671.git.steve@sakoman.com>
References: <cover.1752611671.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 15 Jul 2025 20:36:50 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/220420

From: Archana Polampalli <archana.polampalli@windriver.com>

A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function
(io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing
maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding,
allowing out-of-bounds reads from heap memory, potentially causing application crashes or
arbitrary code execution.

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../gdk-pixbuf/gdk-pixbuf/CVE-2025-7345.patch | 55 +++++++++++++++++++
 .../gdk-pixbuf/gdk-pixbuf_2.42.10.bb          |  1 +
 2 files changed, 56 insertions(+)
 create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2025-7345.patch

diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2025-7345.patch b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2025-7345.patch
new file mode 100644
index 0000000000..a8f23d3501
--- /dev/null
+++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2025-7345.patch
@@ -0,0 +1,55 @@
+From 4af78023ce7d3b5e3cec422a59bb4f48fa4f5886 Mon Sep 17 00:00:00 2001
+From: Matthias Clasen <mclasen@redhat.com>
+Date: Fri, 11 Jul 2025 11:02:05 -0400
+Subject: [PATCH] jpeg: Be more careful with chunked icc data
+
+We we inadvertendly trusting the sequence numbers not to lie.
+If they do we would report a larger data size than we actually
+allocated, leading to out of bounds memory access in base64
+encoding later on.
+
+This has been assigned CVE-2025-7345.
+
+Fixes: #249
+
+CVE: CVE-2025-7345
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/4af78023ce7d3b5e3cec422a59bb4f48fa4f5886]
+
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ gdk-pixbuf/io-jpeg.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/gdk-pixbuf/io-jpeg.c b/gdk-pixbuf/io-jpeg.c
+index 3841fc0..9ee1d21 100644
+--- a/gdk-pixbuf/io-jpeg.c
++++ b/gdk-pixbuf/io-jpeg.c
+@@ -356,6 +356,7 @@ jpeg_parse_exif_app2_segment (JpegExifContext *context, jpeg_saved_marker_ptr ma
+		context->icc_profile = g_new (gchar, chunk_size);
+		/* copy the segment data to the profile space */
+		memcpy (context->icc_profile, marker->data + 14, chunk_size);
++                ret = TRUE;
+		goto out;
+	}
+
+@@ -377,12 +378,15 @@ jpeg_parse_exif_app2_segment (JpegExifContext *context, jpeg_saved_marker_ptr ma
+	/* copy the segment data to the profile space */
+	memcpy (context->icc_profile + offset, marker->data + 14, chunk_size);
+
+-	/* it's now this big plus the new data we've just copied */
+-	context->icc_profile_size += chunk_size;
++        context->icc_profile_size = MAX (context->icc_profile_size, offset + chunk_size);
+
+	/* success */
+	ret = TRUE;
+ out:
++        if (!ret) {
++                g_free (context->icc_profile);
++                context->icc_profile = NULL;
++        }
+	return ret;
+ }
+
+--
+2.40.0
diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.10.bb b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.10.bb
index cca89a9059..471d72d8dd 100644
--- a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.10.bb
+++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.10.bb
@@ -20,6 +20,7 @@ SRC_URI = "${GNOME_MIRROR}/${BPN}/${MAJ_VER}/${BPN}-${PV}.tar.xz \
            file://run-ptest \
            file://fatal-loader.patch \
            file://0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch \
+           file://CVE-2025-7345.patch \
            "
 
 SRC_URI[sha256sum] = "ee9b6c75d13ba096907a2e3c6b27b61bcd17f5c7ebeab5a5b439d2f2e39fe44b"

From patchwork Tue Jul 15 20:36:13 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 66913
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 6277BC83F17
	for <webhook@archiver.kernel.org>; Tue, 15 Jul 2025 20:36:50 +0000 (UTC)
Received: from mail-pj1-f49.google.com (mail-pj1-f49.google.com
 [209.85.216.49])
 by mx.groups.io with SMTP id smtpd.web10.5505.1752611802744750346
 for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:42 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=Ms+clG+5;
 spf=softfail (domain: sakoman.com, ip: 209.85.216.49,
 mailfrom: steve@sakoman.com)
Received: by mail-pj1-f49.google.com with SMTP id
 98e67ed59e1d1-3190fbe8536so5366376a91.3
        for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1752611802;
 x=1753216602; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=lRW6CUPj5Noml63HpXhcy+lzOYVu4jVgKyPdxMNR0Bk=;
        b=Ms+clG+53SWLiLOaKX5gEZV+XB18DQ6UPwENTjH95u/hT5vIVvdOMVCc1X4YBw+73s
         oGgNTa/VnIxGUeDtv640vRvYoBYdgLumNdTAX7j8ppWhyIaECsof5JXRpNKptV9t/7Gf
         fvrxAAUID0Al89smj0AMJZsnczfgdDz+vk0XH3JH1ygU9+oFoD0riQ97qnoh0goZS8II
         meP3r+uXR775cn9U289yHrP0JDWuYAvh1oHutJRKTwcoumBLpHne8tWeKA2pIPO5EATh
         Tt2K6zBXTBBAWklXZ/IUaUvZS+kg7dhOOpXZ1seLHdW2FHLrBImkEV8we3NUTBMu5P03
         T6/Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752611802; x=1753216602;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=lRW6CUPj5Noml63HpXhcy+lzOYVu4jVgKyPdxMNR0Bk=;
        b=NOWmtZNcXAnPC9pMeuugIZglKLej5QcxZl2WjMqqKuMm+zCHXfk05kh8PJbxXwFmah
         3juLy4JpsHzLbXK2UKm2QFqtz+u95foIHU0fqC7cYbHQZOdEKJS0mh4nUD3tP9N23IDv
         mT4Po6sMz1AQ0fU1p11a044IxlX/dkUII2iL+BDfuw7DnhDQxluwuNFyM14PW1b/KgPx
         KrRnWCVDFofHbTKLFfFtaL4mjJSSmTtdkP3l5HgEwCsoH6BHfRxh+KVuf7vI8paYQbGq
         g2dOMdVf1Y2iZdMRbPwGheyGH6Kg8o6O2CjAAM2n7jmfXeiv2YGuScCohyuz3IrVUroy
         Gf5A==
X-Gm-Message-State: AOJu0YzXthcxVL87g5hKgLVDkLheJf/E1VFeYwJvGGM/mjZCeTw+LRre
	J0RvlL2i22/tUmn9WDFGxqDu6ETENmP9s4iL5m2HXWfzwP4d86S9zkBB8HZHBpKJESMZqwG6tyQ
	vfttH
X-Gm-Gg: ASbGncsUBHDZ34QKi+NQ7R9tCoeZzK565Rde2P0hTF5hMFMfXGfANesGiBcNi1HGeX2
	eZvYJnhDnTSeklvGJwFjdLhodSvFYgrMFd/+y/bPs/I8FFKJY87Hu0biJpqtazzZcMzY1Swghyh
	m6Iue9ULhDEhBSzwLIT9k83KXWNTInSCNNWdCVDIOFC2hYjSlrW7kjHIJ18XMOPe+n0pLelngha
	YKuCGeiI9v7nrp3t4p+mRF5DxjTjoTD7dYvDxMV+Hj3a5JOlrj7X9o/OAX2vIY2U/5NkcCKKie+
	589h3hOp2dyE/zf3A9YdcVmlqYrPx2xJpvsBxMUhyjR8THBmeJ/hM+62zy2vgWdOvoT9YbQQmDZ
	C8JYXKREwc///kw==
X-Google-Smtp-Source: 
 AGHT+IFpKv5vCk2gCCors/eV2yJVV7rJLsnb6pgkU6Ao6+nK8vUH0+rdq0mx8x7SjDfMnjpwGZM3Zw==
X-Received: by 2002:a17:90b:2f0c:b0:312:26d9:d5b4 with SMTP id
 98e67ed59e1d1-31c9f4c3816mr18843a91.17.1752611801834;
        Tue, 15 Jul 2025 13:36:41 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:5c42:3781:50b6:b9d7])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-23de43637f2sm115585595ad.241.2025.07.15.13.36.41
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 15 Jul 2025 13:36:41 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 12/16] sudo: upgrade from 1.9.15p2 to 1.9.15p5
Date: Tue, 15 Jul 2025 13:36:13 -0700
Message-ID: 
 <9a604a05d4a8158742a2346fc7ebc3c99e58eeb7.1752611671.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1752611671.git.steve@sakoman.com>
References: <cover.1752611671.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 15 Jul 2025 20:36:50 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/220421

From: Chen Qi <Qi.Chen@windriver.com>

(From OE-Core rev: 4b2eccc0ee3f2906f9b04de194b9df6e24c2cdf4)

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 468633036c4b049b137d80740c4380ae1959e645)

Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../sudo/{sudo_1.9.15p2.bb => sudo_1.9.15p5.bb}                 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-extended/sudo/{sudo_1.9.15p2.bb => sudo_1.9.15p5.bb} (96%)

diff --git a/meta/recipes-extended/sudo/sudo_1.9.15p2.bb b/meta/recipes-extended/sudo/sudo_1.9.15p5.bb
similarity index 96%
rename from meta/recipes-extended/sudo/sudo_1.9.15p2.bb
rename to meta/recipes-extended/sudo/sudo_1.9.15p5.bb
index 431dfba3c2..8e542015ad 100644
--- a/meta/recipes-extended/sudo/sudo_1.9.15p2.bb
+++ b/meta/recipes-extended/sudo/sudo_1.9.15p5.bb
@@ -7,7 +7,7 @@ SRC_URI = "https://www.sudo.ws/dist/sudo-${PV}.tar.gz \
 
 PAM_SRC_URI = "file://sudo.pam"
 
-SRC_URI[sha256sum] = "199c0cdbfa7efcfffa9c88684a8e2fb206a62b70a316507e4a91c89c873bbcc8"
+SRC_URI[sha256sum] = "558d10b9a1991fb3b9fa7fa7b07ec4405b7aefb5b3cb0b0871dbc81e3a88e558"
 
 DEPENDS += " virtual/crypt ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
 RDEPENDS:${PN} += " ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-limits pam-plugin-keyinit', '', d)}"

From patchwork Tue Jul 15 20:36:14 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 66916
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 6AC4DC83F27
	for <webhook@archiver.kernel.org>; Tue, 15 Jul 2025 20:36:50 +0000 (UTC)
Received: from mail-pl1-f171.google.com (mail-pl1-f171.google.com
 [209.85.214.171])
 by mx.groups.io with SMTP id smtpd.web11.5361.1752611804247167907
 for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:44 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=r2L9bFnN;
 spf=softfail (domain: sakoman.com, ip: 209.85.214.171,
 mailfrom: steve@sakoman.com)
Received: by mail-pl1-f171.google.com with SMTP id
 d9443c01a7336-23c8a5053c2so57550465ad.1
        for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1752611803;
 x=1753216603; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=M2Js458Al6AFjtlW02Px0UzdGTKBEgh7oON2QqYZUN8=;
        b=r2L9bFnNToRxz7hGa1KMp7jEULl7RiSWHnSG6g+aJgVfLVLLBhdTRoRaFEiV5YxH/G
         sxo2TLnKUIGS/m6kWaeUFe0zB+/3S3ewmTrh06e3cKBC3bz+BuT4GLHKkBdBr43XMy0E
         abcFYQ+icaaNoCPS4++74NGWIEtZ7Nc6n2A6dI0Hvb61MYd4WvX1qbxIF8Fx6KCbTEzX
         nzVUF64U+lAYO/K9JQWJ14fig6KJyrwJkdRLJ4u1E2RTRT9KrIRtU2z7K4Fw2Z/gERq1
         l3CSpc3MDChphvarCqDqQSC0qIPt1t3dDB3J4PZSo/JBFv20Ed5nhv91Nvl6qIngpV/r
         lhug==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752611803; x=1753216603;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=M2Js458Al6AFjtlW02Px0UzdGTKBEgh7oON2QqYZUN8=;
        b=kvrvJh6w5uZINi+EtNpYcl97LqWDhpMKfnlQbYCAT/zs3Kq35efSVCfi6id67bUYas
         czLCXEF6xYYVbuIZgc8ep+pBuSRC4BsFxhsv0OxEcpZfl9+DltPROow+kCigmitKhCoo
         MgWGQRy8Fuj12GLZ5FoumD2cZmcUjtPKMQZO751MYzZfOt1GGCx4PXxJDmFyejqFnt9/
         mfTRfIlDRbdM2f6pQeJcSxIfLdC/bIHBsFhGYS6rHF4Rh3riOr91oezrLczjEwzKwUZx
         qdx1mSRx8KRWEVcbgOFGWWIlciRpD/pS7+o5GgGkKps189o7iHpMjfqhDUT3Zl8umy+r
         TbCA==
X-Gm-Message-State: AOJu0YxALpXeUCWBXvuZWyymedgBbt0EryO7B5VgvjMj8oEKvp8die4R
	dJWgm9ksouKUBK+9uzNlJEXT8PFcnpk15bnr+rMhXk443tfpK0wTST2n1miTfewRsiG41t/G9fI
	wr0dC
X-Gm-Gg: ASbGncsULPfpqMx7NQCMoBegXGpH+Ms2/hDtS/hfQQ5Nu09P6s81uDsRpmS1vBighu6
	+T50cajsJ+QdIlCzguLbC87hZQyN4QaTLJTOfxMmfL1Wre/SNkwqzNFX+b1gevT7vWa7sLDLhQR
	R1xvbRI7W0fP4eQ2nlXhxdUW4j+TcM0SOCXxTg+hGO/r+2NE37EtxrzvZK8lefbCV+5mf7igLyM
	mL/uTTJzfwjOKzKaA5y4Kb5dQXwNH6C/Go+I8ifQ6VuHtkzdV/1xcNBdMjKlaPnlpi+XhgAtWJh
	qL73U4wYJCJKk7CC+mV0SyjNNkZ0ZujLxP/j68YpFIdpn4GH9VSWA6ZNg6z25N9DuKuZdCz95bD
	Yau67qRSmUr9jQcGt4fpfkBZC
X-Google-Smtp-Source: 
 AGHT+IFABucnSVYyff8NJchbsIHiRxc7dekht4qx9ijc3ihC2y/t8kAprmIj7HWMhGdfevWo7BMEbg==
X-Received: by 2002:a17:902:d484:b0:233:d1e6:4d12 with SMTP id
 d9443c01a7336-23e24f492a2mr4401875ad.13.1752611803336;
        Tue, 15 Jul 2025 13:36:43 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:5c42:3781:50b6:b9d7])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-23de43637f2sm115585595ad.241.2025.07.15.13.36.42
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 15 Jul 2025 13:36:43 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 13/16] sudo: upgrade 1.9.15p5 -> 1.9.17p1
Date: Tue, 15 Jul 2025 13:36:14 -0700
Message-ID: 
 <f8343726bca7f884213436cda3f51684c22ad3f1.1752611671.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1752611671.git.steve@sakoman.com>
References: <cover.1752611671.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 15 Jul 2025 20:36:50 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/220422

From: Praveen Kumar <praveen.kumar@windriver.com>

Changelog:
===========
* Fixed CVE-2025-32462.  Sudo's -h (--host) option could be specified
   when running a command or editing a file.  This could enable a
   local privilege escalation attack if the sudoers file allows the
   user to run commands on a different host.

* Fixed CVE-2025-32463.  An attacker can leverage sudo's -R
  (--chroot) option to run arbitrary commands as root, even if
  they are not listed in the sudoers file.  The chroot support has
  been deprecated an will be removed entirely in a future release.

License-Update: Copyright updated to 2025

0001-sudo.conf.in-fix-conflict-with-multilib.patch refreshed for 1.9.17

Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...o.conf.in-fix-conflict-with-multilib.patch |  7 ++-
 meta/recipes-extended/sudo/sudo.inc           |  2 +-
 .../{sudo_1.9.15p5.bb => sudo_1.9.17p1.bb}    | 54 ++++++++++++++++++-
 3 files changed, 57 insertions(+), 6 deletions(-)
 rename meta/recipes-extended/sudo/{sudo_1.9.15p5.bb => sudo_1.9.17p1.bb} (52%)

diff --git a/meta/recipes-extended/sudo/files/0001-sudo.conf.in-fix-conflict-with-multilib.patch b/meta/recipes-extended/sudo/files/0001-sudo.conf.in-fix-conflict-with-multilib.patch
index 041c717e00..1989c5abd7 100644
--- a/meta/recipes-extended/sudo/files/0001-sudo.conf.in-fix-conflict-with-multilib.patch
+++ b/meta/recipes-extended/sudo/files/0001-sudo.conf.in-fix-conflict-with-multilib.patch
@@ -1,4 +1,4 @@
-From 6e835350b7413210c410d3578cfab804186b7a4f Mon Sep 17 00:00:00 2001
+From 8c69192754ba73dd6e3273728a21aa73988f4bfb Mon Sep 17 00:00:00 2001
 From: Kai Kang <kai.kang@windriver.com>
 Date: Tue, 17 Nov 2020 11:13:40 +0800
 Subject: [PATCH] sudo.conf.in: fix conflict with multilib
@@ -15,13 +15,12 @@ Update the comments in sudo.conf.in to avoid the conflict.
 Signed-off-by: Kai Kang <kai.kang@windriver.com>
 
 Upstream-Status: Inappropriate [OE configuration specific]
-
 ---
  examples/sudo.conf.in | 8 ++++----
  1 file changed, 4 insertions(+), 4 deletions(-)
 
 diff --git a/examples/sudo.conf.in b/examples/sudo.conf.in
-index 2187457..0908d24 100644
+index bdd676c..094341c 100644
 --- a/examples/sudo.conf.in
 +++ b/examples/sudo.conf.in
 @@ -4,7 +4,7 @@
@@ -53,7 +52,7 @@ index 2187457..0908d24 100644
  # Sudo plugin directory:
 @@ -74,7 +74,7 @@
  # The default directory to use when searching for plugins that are
- # specified without a fully qualified path name.
+ # specified without a fully-qualified path name.
  #
 -#Path plugin_dir @plugindir@
 +#Path plugin_dir $plugindir
diff --git a/meta/recipes-extended/sudo/sudo.inc b/meta/recipes-extended/sudo/sudo.inc
index d3b6bf1ad8..a8323f8b6d 100644
--- a/meta/recipes-extended/sudo/sudo.inc
+++ b/meta/recipes-extended/sudo/sudo.inc
@@ -4,7 +4,7 @@ HOMEPAGE = "http://www.sudo.ws"
 BUGTRACKER = "http://www.sudo.ws/bugs/"
 SECTION = "admin"
 LICENSE = "ISC & BSD-3-Clause & BSD-2-Clause & Zlib"
-LIC_FILES_CHKSUM = "file://LICENSE.md;md5=5100e20d35f9015f9eef6bdb27ba194f \
+LIC_FILES_CHKSUM = "file://LICENSE.md;md5=2841c822e587db145364ca95e9be2ffa \
                     file://plugins/sudoers/redblack.c;beginline=1;endline=46;md5=03e35317699ba00b496251e0dfe9f109 \
                     file://lib/util/reallocarray.c;beginline=3;endline=15;md5=397dd45c7683e90b9f8bf24638cf03bf \
                     file://lib/util/fnmatch.c;beginline=3;endline=27;md5=004d7d2866ba1f5b41174906849d2e0f \
diff --git a/meta/recipes-extended/sudo/sudo_1.9.15p5.bb b/meta/recipes-extended/sudo/sudo_1.9.17p1.bb
similarity index 52%
rename from meta/recipes-extended/sudo/sudo_1.9.15p5.bb
rename to meta/recipes-extended/sudo/sudo_1.9.17p1.bb
index 8e542015ad..c5d57da9f0 100644
--- a/meta/recipes-extended/sudo/sudo_1.9.15p5.bb
+++ b/meta/recipes-extended/sudo/sudo_1.9.17p1.bb
@@ -1,3 +1,55 @@
+# FIXME: the LIC_FILES_CHKSUM values have been updated by 'devtool upgrade'.
+# The following is the difference between the old and the new license text.
+# Please update the LICENSE value if needed, and summarize the changes in
+# the commit message via 'License-Update:' tag.
+# (example: 'License-Update: copyright years updated.')
+#
+# The changes:
+#
+# --- LICENSE.md
+# +++ LICENSE.md
+# @@ -1,6 +1,6 @@
+#  Sudo is distributed under the following license:
+#
+# -    Copyright (c) 1994-1996, 1998-2023
+# +    Copyright (c) 1994-1996, 1998-2025
+#          Todd C. Miller <Todd.Miller@sudo.ws>
+#
+#      Permission to use, copy, modify, and distribute this software for any
+# @@ -247,9 +247,9 @@
+#
+#  The file arc4random.c bears the following license:
+#
+# -    Copyright (c) 1996, David Mazieres <dm@uun.org>
+# -    Copyright (c) 2008, Damien Miller <djm@openbsd.org>
+# -    Copyright (c) 2013, Markus Friedl <markus@openbsd.org>
+# +    Copyright (c) 1996, David Mazieres <dm@uun.org>
+# +    Copyright (c) 2008, Damien Miller <djm@openbsd.org>
+# +    Copyright (c) 2013, Markus Friedl <markus@openbsd.org>
+#      Copyright (c) 2014, Theo de Raadt <deraadt@openbsd.org>
+#
+#      Permission to use, copy, modify, and distribute this software for any
+# @@ -282,7 +282,7 @@
+#
+#  The file getentropy.c bears the following license:
+#
+# -    Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org>
+# +    Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org>
+#      Copyright (c) 2014 Bob Beck <beck@obtuse.com>
+#
+#      Permission to use, copy, modify, and distribute this software for any
+# @@ -299,7 +299,7 @@
+#
+#  The embedded copy of zlib bears the following license:
+#
+# -    Copyright (C) 1995-2022 Jean-loup Gailly and Mark Adler
+# +    Copyright (C) 1995-2024 Jean-loup Gailly and Mark Adler
+#
+#      This software is provided 'as-is', without any express or implied
+#      warranty.  In no event will the authors be held liable for any damages
+#
+#
+
 require sudo.inc
 
 SRC_URI = "https://www.sudo.ws/dist/sudo-${PV}.tar.gz \
@@ -7,7 +59,7 @@ SRC_URI = "https://www.sudo.ws/dist/sudo-${PV}.tar.gz \
 
 PAM_SRC_URI = "file://sudo.pam"
 
-SRC_URI[sha256sum] = "558d10b9a1991fb3b9fa7fa7b07ec4405b7aefb5b3cb0b0871dbc81e3a88e558"
+SRC_URI[sha256sum] = "ff607ea717072197738a78f778692cd6df9a7e3e404565f51de063ca27455d32"
 
 DEPENDS += " virtual/crypt ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
 RDEPENDS:${PN} += " ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-limits pam-plugin-keyinit', '', d)}"

From patchwork Tue Jul 15 20:36:15 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 66915
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 70DE7C83F34
	for <webhook@archiver.kernel.org>; Tue, 15 Jul 2025 20:36:50 +0000 (UTC)
Received: from mail-pj1-f50.google.com (mail-pj1-f50.google.com
 [209.85.216.50])
 by mx.groups.io with SMTP id smtpd.web11.5368.1752611806281233762
 for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:46 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=2BzoG4XY;
 spf=softfail (domain: sakoman.com, ip: 209.85.216.50,
 mailfrom: steve@sakoman.com)
Received: by mail-pj1-f50.google.com with SMTP id
 98e67ed59e1d1-315cd33fa79so4441239a91.3
        for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1752611805;
 x=1753216605; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=GdyOVRr1lkLrJqioRRwoTkDADGNE+Y9uf2Py8+BPH1Y=;
        b=2BzoG4XYDGAxubzVRzwYjkl8drcedEwm8zUqIqbGHAyL+pQtpt/ZOBGj3W8QZ8mUgH
         iJgf/cjbTF04+2a2maF8MAGjNxTnAPZ7l91RRcKBksftcM/X5McnQdhTH1rU7IDltDDC
         HKLK05Gx+Abh67H5Fe9XooU/F91Be71kfqCEuUB3jLiegYDYFgTYj+deqoOfpQ3X5bnD
         Y8VrXjSPZ3UpqBjtYPAEnvqZJvklXTxLb8m/i/U41iQ/3pWqCXrm9TiOQxXEcxB1Afym
         ycjGM+IsQe/cks3RCQhJZfjw9iOr8/dw6EXiOGEMuvZrhv3lUPkem82/uBmVIns+l3ZF
         MvVA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752611805; x=1753216605;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=GdyOVRr1lkLrJqioRRwoTkDADGNE+Y9uf2Py8+BPH1Y=;
        b=qlI6NwSARiEYatd1PBuVOc+N8adbiCIdioAAK3O+b9v/i3f/Tfs6BufYp0ydMMEI5Y
         392o3LVn+SpIOjbdF6amQTSo0PmiztvkdP38UnlpLXpRekPxSKU2WYm1SFo0kCZouQdS
         3rDIH4rV9SDnTtC7ZmOPgwAr2iS0ZeZ56yY/SXT80z/6gf+q9Z1Bzzi9enTv6aLENI4v
         0M7yPbtln1lD0ZDJiGUaTfXiazAWjhY0MLyMDI+GqzPLrpmXMqoZoo24/pAD6k9v9zH6
         fEUsXpPaBcOgkbRszi4VRUzSYp4zobtbv304Z6FrD+5Mc0Mm6fSvG/QHN1dA/DUi+ijP
         PlpA==
X-Gm-Message-State: AOJu0YzZmI8z+5eVfIXo2Fm03QHcQRIfrKUHkdhPeou5WhARZVvIk/4j
	/PlPTpXJ0otS6/22uTo4VLE1qUBKlQg+OPo37n/T9x+vBi+NOpQ9z357W9b+WAgYei09BVzVJme
	bhOA6
X-Gm-Gg: ASbGnctrG47zvkNedSfr5zBTS29hgxL6Aj/3/Q9KJ6HEzjo3ka/gueIMF11XxgLz3/o
	jj8FJQGbnP2FpbRdGnO8gr3yVWeuszvV9tLN/hUFDMSjVYngJxKtFzh2JfhDGGcKEBABr4rAYI2
	IfSbAKaONdrgFBV/SpNaavl4HyxnfcIbrgK4v4vliV2zMYz9AK6bNLPOIS7ma+N3/1VEU0Jvq/P
	ebD/qFdnB+83V230etPx5yLnIMSKayi/GVc60u1IbsGc+Usz6o6l7Dac4lofGhSN59bDdqRsQCc
	+HaT1LRtZSvj+OVSvMUywi/1+7XWzpO6T5yawcHoDWZEk8KMet2LmLmm2t9xNoL9CkV57mFKqDO
	u5kzl/hHte3KHyQ==
X-Google-Smtp-Source: 
 AGHT+IEcT9G+IlPfHsAx7xUsh3Asjqpqe2H0rDi/MxGObsBKYGnNLu3bPaDXm2jskeEHkRn4aNpfKA==
X-Received: by 2002:a17:90b:5289:b0:315:af43:12ee with SMTP id
 98e67ed59e1d1-31c9e761501mr804002a91.16.1752611805530;
        Tue, 15 Jul 2025 13:36:45 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:5c42:3781:50b6:b9d7])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-23de43637f2sm115585595ad.241.2025.07.15.13.36.45
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 15 Jul 2025 13:36:45 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 14/16] bintuils: stable 2.38 branch update
Date: Tue, 15 Jul 2025 13:36:15 -0700
Message-ID: 
 <7ac807166dfb6723f4e0b53c21f434e21d25563e.1752611671.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1752611671.git.steve@sakoman.com>
References: <cover.1752611671.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 15 Jul 2025 20:36:50 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/220423

From: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>

Below commit on binutils-2.38 stable branch are updated.

9bee8d65d32 x86: Check MODRM for call and jmp in binutils older than 2.45

                                 Before  After  Diff
No. of expected passes            280     280    0
No. of unexpected failures        2       2      0
No. of untested testcases         1       1      0
No. of unsupported tests          7       7      0

Testing was done and there were no regressions found

Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/binutils/binutils-2.38.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc
index f1c29015bc..e25f52e171 100644
--- a/meta/recipes-devtools/binutils/binutils-2.38.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.38.inc
@@ -18,7 +18,7 @@ SRCBRANCH ?= "binutils-2_38-branch"
 
 UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P<pver>\d+_(\d_?)*)"
 
-SRCREV ?= "4d71e17a9fd8d319359ded891eb3034a2325d4c0"
+SRCREV ?= "9bee8d65d32ac1480997c13ce76ae7991180f1ed"
 BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${SRCBRANCH};protocol=git"
 SRC_URI = "\
      ${BINUTILS_GIT_URI} \

From patchwork Tue Jul 15 20:36:16 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 66914
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 741C8C83F36
	for <webhook@archiver.kernel.org>; Tue, 15 Jul 2025 20:36:50 +0000 (UTC)
Received: from mail-pl1-f174.google.com (mail-pl1-f174.google.com
 [209.85.214.174])
 by mx.groups.io with SMTP id smtpd.web11.5374.1752611808659414160
 for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:48 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=SQg0OCCs;
 spf=softfail (domain: sakoman.com, ip: 209.85.214.174,
 mailfrom: steve@sakoman.com)
Received: by mail-pl1-f174.google.com with SMTP id
 d9443c01a7336-237e6963f63so35408475ad.2
        for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1752611808;
 x=1753216608; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=1VYIaLCHL0FzAP6FE+xqdTupWxxjy0sIAPopVMZmY6w=;
        b=SQg0OCCsA05BI8dF0jrVXr2TLMiTwAfO/aRfQ2zCNxGojRqR0+1mXFWGaLHfXX4lnm
         VupMsUenU9hMXu6POHoa94Eb0G2vtDr91Ac7eIVAf/3oe6eMrk0RHkwSLkhtJZlFi9sX
         hxDaIzS8FHH50fjoNgtatDh0Wauj6H4QC/OxhJJYFAZ+qxxlPq+LxJFloP7k/l0OSaJr
         Z0EfC29HRZS0tag2fehZafLcHBSFnEoukvycRKZivZQv8n6tSg/EMuLWZVl1mz6JMYNq
         R9ihKEwg8CMHQbmy2zSX2gOL3+wXaoY+aXt7k07f9d1kWS+AgbFckXSXcrnBBEqYyq44
         xh+Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752611808; x=1753216608;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=1VYIaLCHL0FzAP6FE+xqdTupWxxjy0sIAPopVMZmY6w=;
        b=Y9jIQ3FP9Cc1u4iynIOUAe3+sbS72l/skExtqCpXghIs3AuNX6KYmofoBkTUMkKR2Y
         pwPL1Q6hiUw/IMdFPM2dLsmwCrpaZs4I+NL/4gy00Yk4quIlza6spfg9t/YZse3oDogc
         KXfHp9yZ7oHXQsEvr8/MXSh0mafKrS6/2/IXfvZxeX8bHmjPP9iWwIfawEZrez6rDZE4
         JL0NIHlS3GF2BXMgx5oNzlAZrF8e2X2F7j9IB4DNJxigna1W66MVMRnKGGAsiIzfcgOx
         125aRPfm4OX/ChNNxSGIsPX6Y3XUwNb6J+Z/DyJd5SQ5Px3gHt6jsSMxYk3YNWazm+K/
         O1pA==
X-Gm-Message-State: AOJu0Yw2GDK1ByNoJVcp/DuIVvj8Mp3iDyOhAS+CxumaVlTOqGCmIxHI
	2HyxEHwMsiR6Q20MrO+CqQwmRM7ZFbq06cwguB9GSNLRmFsh76q+/cE3FZBcJgIWs9XXtWyjDms
	/J0sy
X-Gm-Gg: ASbGnctPB1vOHrbTa3KzEwiPm3Tf+CWs59b78LDksb9LMEk+Yx8R3lr5zKZ4koQUQeR
	a3bnVM9IhwiLOAykjMQzxfoh4G/OY4mlRCPW0kTT2zHEZ67J9AgZAoS++evF6PKiQAj0CbcmSvk
	IZKdHR/hINsiPXmdNCT3rDcWG1hUR3+G2bfHBHMD+3dMXu6pBvcYK58IHRXUtefltljLmX7ovTq
	UBkEZfYiBnBOvgA5XJ5YvXzeYKICctCWYeras6TG//sMBrVZO9APH634cx5YDxesRcT+zb2/RcG
	89t5rfibd8MdNWDsiaddBz/Noh7j+nrK96VspygsYV5XXUAmD0xeHNdB/Qx2R6AYaHclAkuE2Jj
	1hhigJ769gXpkmA==
X-Google-Smtp-Source: 
 AGHT+IEs7bIwpn1prdFf2IT92Ic1vi4G0dzZqjgRV/4TqoUh2nS4uONoNMjwAO0r4yOiaOLDnGyAYQ==
X-Received: by 2002:a17:903:2344:b0:235:eb71:a386 with SMTP id
 d9443c01a7336-23e25787f4bmr1537085ad.50.1752611807784;
        Tue, 15 Jul 2025 13:36:47 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:5c42:3781:50b6:b9d7])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-23de43637f2sm115585595ad.241.2025.07.15.13.36.46
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 15 Jul 2025 13:36:47 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 15/16] oeqa/core/decorator: add decorators to
 skip based on HOST_ARCH
Date: Tue, 15 Jul 2025 13:36:16 -0700
Message-ID: 
 <a8381f4b7d7c294d9ad8a9d3f0b1f7c409753716.1752611671.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1752611671.git.steve@sakoman.com>
References: <cover.1752611671.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 15 Jul 2025 20:36:50 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/220424

From: Ross Burton <ross.burton@arm.com>

There are already decorators to skip on the value of MACHINE, but for
flexibility it's better to skip based on the target architecture. This
means, for example, the ISO image tests could skip if the architecture
isn't x86.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 0c21ff0a92906b6b4820eb8beddf8762fe70653d)
Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oeqa/core/decorator/data.py | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/meta/lib/oeqa/core/decorator/data.py b/meta/lib/oeqa/core/decorator/data.py
index 3ce10e5499..de881e097a 100644
--- a/meta/lib/oeqa/core/decorator/data.py
+++ b/meta/lib/oeqa/core/decorator/data.py
@@ -194,3 +194,27 @@ class skipIfQemu(OETestDecorator):
         self.logger.debug("Checking if qemu MACHINE")
         if self.case.td.get('MACHINE', '').startswith('qemu'):
              self.case.skipTest('Test only runs on real hardware')
+
+@registerDecorator
+class skipIfArch(OETestDecorator):
+    """
+    Skip test if HOST_ARCH is present in the tuple specified.
+    """
+
+    attrs = ('archs',)
+    def setUpDecorator(self):
+        arch = self.case.td['HOST_ARCH']
+        if arch in self.archs:
+             self.case.skipTest('Test skipped on %s' % arch)
+
+@registerDecorator
+class skipIfNotArch(OETestDecorator):
+    """
+    Skip test if HOST_ARCH is not present in the tuple specified.
+    """
+
+    attrs = ('archs',)
+    def setUpDecorator(self):
+        arch = self.case.td['HOST_ARCH']
+        if arch not in self.archs:
+             self.case.skipTest('Test skipped on %s' % arch)

From patchwork Tue Jul 15 20:36:17 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 66917
X-Patchwork-Delegate: steve@sakoman.com
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 7696DC83F27
	for <webhook@archiver.kernel.org>; Tue, 15 Jul 2025 20:37:00 +0000 (UTC)
Received: from mail-pl1-f177.google.com (mail-pl1-f177.google.com
 [209.85.214.177])
 by mx.groups.io with SMTP id smtpd.web11.5379.1752611810855194191
 for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:50 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=O+m7q7b4;
 spf=softfail (domain: sakoman.com, ip: 209.85.214.177,
 mailfrom: steve@sakoman.com)
Received: by mail-pl1-f177.google.com with SMTP id
 d9443c01a7336-236377f00a1so56050055ad.3
        for <openembedded-core@lists.openembedded.org>;
 Tue, 15 Jul 2025 13:36:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1752611810;
 x=1753216610; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=FfDmxFi3kzgAIS8fRscEMLBzkl/dwPsC5mtrKJzH904=;
        b=O+m7q7b4ExF2i/ScyDu/MXBqny3vQ/V0mRLI7NEM2qDkpqprJ9L7SgOIAwZRAtSdPf
         nUmk1Z1ojz3Cf/Q4X/WlipE58rgKhPh7po1r9oOXQbRzq6ZfvZvqObWRLs8ueXd41g9A
         uOlEZVP8v4ZIPwrdROWqbWBP8ybkjL/LDWxGp2OVc+1FQlODq+noGzc2Zotn0WzWINhc
         kRIbSQmh9JalEXNhQrg71qOf+OW6n3Q+sCP/WnEzozuwKAJ7haAFWSI5hegmRuQNiZfE
         SWLsutOiWG/7mDV5CRp6gn0JaQ81gSFfyywdbdbYdDp5YpKb1FTlLZ3T3pUuv4/CYN+P
         53OA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752611810; x=1753216610;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=FfDmxFi3kzgAIS8fRscEMLBzkl/dwPsC5mtrKJzH904=;
        b=PpShzlbxDKatzGIxBkZn3AKhzrs//LQrBSSfMawqGrtA6Wg/iN3OeVJ2IzQHnDAvHk
         CoyvIdPhkGUdP64iOx0Mn9aoeVNK2ztJqf19U0mqgYIZEr26zghEzB5jAoHz+BqcGQk1
         wRtJxnDVP2WI1sfTeVowpTZcyvzHMcDrP0KRK+CeS5d/sG8SUI+6dKk8aejcVsv6bO5w
         e/S7gJ9Om12kfQl27TOHFMSiQDWAMScA+4hQGFX7qYWCR/SPVF0m64OG0Ms3a02kKjAN
         n8vdwEBO3OjCGBP5OQOb4nD28RDtk8NQ+ASgTTGrE82Q3HPF+k3SEZbPvacY1svovuzu
         F+MQ==
X-Gm-Message-State: AOJu0YzOv+JAs05ZDZwd3FkKK5PvXNQ/az7OXl+m35M6V86bIGDxOiYa
	L0R6a1zpCzhRlCcWHL/c6QmvwoSTQ3gKNz2qP7QKLMX6j1cOSAOORjzaHmC5GwH0OTgX4SYXnvo
	vTPRu
X-Gm-Gg: ASbGncsOS+mJuHg7C9vzwMSI1VYDdPXYsyyPXU6XVw505SjnUpHDoXIaQ2vn7w548k+
	Er7wFLKwO2ra+HTTUPRvaE1894jkcrEa9L989+3kHA3EgP1QEem6OEiw98wjUYPzqAL2UzGAKJT
	T3ulbjjQElFe/xf3sDWw3mV5Jwe8W7hsuyjRzJQPGZ5bkGazshOd5fZ/N9qJziBywn5e/EpkwHk
	wHHL06KvcxlXpF65/iWXK1bvwcwQNfNKVV5Y2whp3vhkRnOhPY+gFW4bLM9h1x9i6CQZrw2LQ8b
	iXFmoTy4KH+5M7ZkFhS5ZTE0qidBxx7uJblp9dMceP2qcorZtXnOS5SvSS4/XlXEm42Iz7/ojSv
	a/CHpW4lSBGc0Dg==
X-Google-Smtp-Source: 
 AGHT+IFD+i0nko6zU1fpLuovrYpnjQpu6yqkhnHkirFDjhL3yVEiw12VUpeqEg83g3957jWstXw0ig==
X-Received: by 2002:a17:902:cec8:b0:234:f19a:eead with SMTP id
 d9443c01a7336-23e24f59b42mr5103135ad.43.1752611810100;
        Tue, 15 Jul 2025 13:36:50 -0700 (PDT)
Received: from hexa.. ([2602:feb4:3b:2100:5c42:3781:50b6:b9d7])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-23de43637f2sm115585595ad.241.2025.07.15.13.36.49
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 15 Jul 2025 13:36:49 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 16/16] tcf-agent: correct the SRC_URI
Date: Tue, 15 Jul 2025 13:36:17 -0700
Message-ID: 
 <d9f424921179a52ffe053411c44f20e44e7deba1.1752611671.git.steve@sakoman.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <cover.1752611671.git.steve@sakoman.com>
References: <cover.1752611671.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 15 Jul 2025 20:37:00 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/220425

From: Guocai He <guocai.he.cn@windriver.com>

The SRC_URI is changed to git://gitlab.eclipse.org/eclipse/tcf/tcf.agent.git

Signed-off-by: Guocai He <guocai.he.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/tcf-agent/tcf-agent_git.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb b/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb
index 0d627f4e23..8165d35758 100644
--- a/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb
+++ b/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb
@@ -10,7 +10,7 @@ SRCREV = "2735e3d6b7eccb05ab232825c618c837d27a5010"
 PV = "1.7.0+git${SRCPV}"
 
 UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+)+))"
-SRC_URI = "git://git.eclipse.org/r/tcf/org.eclipse.tcf.agent.git;protocol=https;branch=master \
+SRC_URI = "git://gitlab.eclipse.org/eclipse/tcf/tcf.agent.git;protocol=https;branch=master  \
            file://ldflags.patch \
            file://tcf-agent.init \
            file://tcf-agent.service \