From patchwork Thu Aug 21 15:39:42 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 68953 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9D7E2CA0EFC for ; Thu, 21 Aug 2025 15:40:07 +0000 (UTC) Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com [209.85.214.170]) by mx.groups.io with SMTP id smtpd.web10.696.1755790804775131433 for ; Thu, 21 Aug 2025 08:40:04 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=l8bGEd1d; spf=softfail (domain: sakoman.com, ip: 209.85.214.170, mailfrom: steve@sakoman.com) Received: by mail-pl1-f170.google.com with SMTP id d9443c01a7336-245fb4c8738so14098015ad.0 for ; Thu, 21 Aug 2025 08:40:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1755790804; x=1756395604; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=dBwCFQIYfRRKUiLTWCmC+g4UDOOxVDoVEpQ8P01YFCk=; b=l8bGEd1dRqT+CXL2iL0JFu7eXYYA9FasYKepwawTw7xqhqnOXswyLvDWhAbeTCbrcB uEKVDrbmgKdGIq//n7ma33RaY0a59CODirAqd0sfEduMdJUM5wVqxkqV/H0uYgwPGob9 Qce445IhUbl0LwnO4vgZsLvS03vtyFcC5tGTODJ/lzfs+ncJgCR0gz/NY8wPfYPO+F2A ULuPyDFlO9VSuKhLx3FbLA7d7pYCj0OX/GDDx3HheV8krfcw+ma01xOXtJC/l8IB1h/r NHJfDpmsGxp9sDOjPALtsr8neW5D7GjZ9lyuIajptB2/RMN0LXSr0WtD8PC9Cw75lHQV zPAg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755790804; x=1756395604; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=dBwCFQIYfRRKUiLTWCmC+g4UDOOxVDoVEpQ8P01YFCk=; b=Tpn4bGbT8+HABrLLAs4BowMyzcj4Ebkg/kzdctd8TsilkLxn96tZIFahcv8mlzfGZQ q3ZGOBMnAGlfn2C32LGm+X0HOCkbXSk0I64dtcR9nn8KX6k2CE5Mehu004ytrt0Tidg+ CgGD5Ka/DWQ5p8vx1ifoYK3MBjAvJLWa6LsndK0mK/EFdERNMaMROBsckQGORZXy1HyJ JLE6hc+TKRGaF9+SNm53h6tIUUAHXqBYjCPb2yNcv1aTDYBjbXgLVbPB9cxnzuCpOVUV Bbq0q+CN7pZEzEqFtsBOOZwmFFzkwWJcLdk8tVRD1PHcS1ncl7tjDE12XbrKwwWgI9Vr In0g== X-Gm-Message-State: AOJu0Yxef5B9vw9giGrzDdgCgH4hy832vF6RdekiWtsTzd8jruQGckGV vm+x0mlE2k9HRdMG81efGsgcWotijBwC7Z+E6LywUojGkX4fxmCgVUhFjEOH82TLV1PTUTk7bJU tZdAU X-Gm-Gg: ASbGncsRn/NlulMv2nGx6Sy3hYIEm+86U8i+u36uacFpK9GsnABp4vyx8zVNP7zfQ6U ia+YHrapHtafjl2JnTTHEAqux+3XJ17r655yRg8TAmHJY2mmX6WfH4Y7EZM72GJVGgdwaBzuUXF +Xh3+6AwamsB3179Fyy7PEVfk0Mob00deIp1R4zrn4uz6ByeoGUXJiX/sYQ/0eJeT4sUtDb5R01 6JbUEyOZBvkGYURN00luEnSA6TxDQ1LGF3UZCEFCUwmmlKAIvsw5vOI20fEaKuoQWhkvlQPOD+z M3IvJ1QR+UFvXjsjdeRX5a0pAWP6CmXO2MQq+REUKnL0nx9SiLryqV44UHDRrDRXBDNeY29W9nI WNvAco8xgWahPJw== X-Google-Smtp-Source: AGHT+IFBsAtYjqKgMJW7ZH2o2zS38eoO/O1UVqwIvMkoMuWZUdi0vlxMA1QDKCbZic8IE0WOHQq+VQ== X-Received: by 2002:a17:903:4b07:b0:243:fd16:181f with SMTP id d9443c01a7336-245fed7e48fmr43190565ad.36.1755790803803; Thu, 21 Aug 2025 08:40:03 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:bc1c:6959:5ad5:d4f9]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-245ed51b3dfsm58901845ad.142.2025.08.21.08.40.03 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Aug 2025 08:40:03 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 01/15] elfutils: Fix CVE-2025-1352 Date: Thu, 21 Aug 2025 08:39:42 -0700 Message-ID: <9f104c2005975c1dce6e67b23e34ab5a2e8f85ab.1755790385.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 21 Aug 2025 15:40:07 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/222250 From: Soumya Sambu A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability affects the function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf. The manipulation of the argument w leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 2636426a091bd6c6f7f02e49ab20d4cdc6bfc753. It is recommended to apply a patch to fix this issue. References: https://nvd.nist.gov/vuln/detail/CVE-2025-1352 https://ubuntu.com/security/CVE-2025-1352 Upstream patch: https://sourceware.org/git/?p=elfutils.git;a=2636426a091bd6c6f7f02e49ab20d4cdc6bfc753 Signed-off-by: Soumya Sambu Signed-off-by: Steve Sakoman --- .../elfutils/elfutils_0.192.bb | 1 + .../elfutils/files/CVE-2025-1352.patch | 154 ++++++++++++++++++ 2 files changed, 155 insertions(+) create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2025-1352.patch diff --git a/meta/recipes-devtools/elfutils/elfutils_0.192.bb b/meta/recipes-devtools/elfutils/elfutils_0.192.bb index 7bf9865555..829d9bf94f 100644 --- a/meta/recipes-devtools/elfutils/elfutils_0.192.bb +++ b/meta/recipes-devtools/elfutils/elfutils_0.192.bb @@ -22,6 +22,7 @@ SRC_URI = "https://sourceware.org/elfutils/ftp/${PV}/${BP}.tar.bz2 \ file://0001-tests-Makefile.am-compile-test_nlist-with-standard-C.patch \ file://0001-config-eu.am-do-not-force-Werror.patch \ file://0001-libelf-Add-libeu-objects-to-libelf.a-static-archive.patch \ + file://CVE-2025-1352.patch \ " SRC_URI:append:libc-musl = " \ file://0003-musl-utils.patch \ diff --git a/meta/recipes-devtools/elfutils/files/CVE-2025-1352.patch b/meta/recipes-devtools/elfutils/files/CVE-2025-1352.patch new file mode 100644 index 0000000000..b5e8dff980 --- /dev/null +++ b/meta/recipes-devtools/elfutils/files/CVE-2025-1352.patch @@ -0,0 +1,154 @@ +From 2636426a091bd6c6f7f02e49ab20d4cdc6bfc753 Mon Sep 17 00:00:00 2001 +From: Mark Wielaard +Date: Sat, 8 Feb 2025 20:00:12 +0100 +Subject: [PATCH] libdw: Simplify __libdw_getabbrev and fix dwarf_offabbrev + issue + +__libdw_getabbrev could crash on reading a bad abbrev by trying to +deallocate memory it didn't allocate itself. This could happen because +dwarf_offabbrev would supply its own memory when calling +__libdw_getabbrev. No other caller did this. + +Simplify the __libdw_getabbrev common code by not taking external +memory to put the abbrev result in (this would also not work correctly +if the abbrev was already cached). And make dwarf_offabbrev explicitly +copy the result (if there was no error or end of abbrev). + + * libdw/dwarf_getabbrev.c (__libdw_getabbrev): Don't take + Dwarf_Abbrev result argument. Always just allocate abb when + abbrev not found in cache. + (dwarf_getabbrev): Don't pass NULL as last argument to + __libdw_getabbrev. + * libdw/dwarf_tag.c (__libdw_findabbrev): Likewise. + * libdw/dwarf_offabbrev.c (dwarf_offabbrev): Likewise. And copy + abbrev into abbrevp on success. + * libdw/libdw.h (dwarf_offabbrev): Document return values. + * libdw/libdwP.h (__libdw_getabbrev): Don't take Dwarf_Abbrev + result argument. + +https://sourceware.org/bugzilla/show_bug.cgi?id=32650 + +CVE: CVE-2025-1352 + +Upstream-Status: Backport [https://sourceware.org/git/?p=elfutils.git;a=2636426a091bd6c6f7f02e49ab20d4cdc6bfc753] + +Signed-off-by: Mark Wielaard +Signed-off-by: Soumya Sambu +--- + libdw/dwarf_getabbrev.c | 12 ++++-------- + libdw/dwarf_offabbrev.c | 10 +++++++--- + libdw/dwarf_tag.c | 3 +-- + libdw/libdw.h | 4 +++- + libdw/libdwP.h | 3 +-- + 5 files changed, 16 insertions(+), 16 deletions(-) + +diff --git a/libdw/dwarf_getabbrev.c b/libdw/dwarf_getabbrev.c +index 5b02333..d9a6c02 100644 +--- a/libdw/dwarf_getabbrev.c ++++ b/libdw/dwarf_getabbrev.c +@@ -1,5 +1,6 @@ + /* Get abbreviation at given offset. + Copyright (C) 2003, 2004, 2005, 2006, 2014, 2017 Red Hat, Inc. ++ Copyright (C) 2025 Mark J. Wielaard + This file is part of elfutils. + Written by Ulrich Drepper , 2003. + +@@ -38,7 +39,7 @@ + Dwarf_Abbrev * + internal_function + __libdw_getabbrev (Dwarf *dbg, struct Dwarf_CU *cu, Dwarf_Off offset, +- size_t *lengthp, Dwarf_Abbrev *result) ++ size_t *lengthp) + { + /* Don't fail if there is not .debug_abbrev section. */ + if (dbg->sectiondata[IDX_debug_abbrev] == NULL) +@@ -85,12 +86,7 @@ __libdw_getabbrev (Dwarf *dbg, struct Dwarf_CU *cu, Dwarf_Off offset, + Dwarf_Abbrev *abb = NULL; + if (cu == NULL + || (abb = Dwarf_Abbrev_Hash_find (&cu->abbrev_hash, code)) == NULL) +- { +- if (result == NULL) +- abb = libdw_typed_alloc (dbg, Dwarf_Abbrev); +- else +- abb = result; +- } ++ abb = libdw_typed_alloc (dbg, Dwarf_Abbrev); + else + { + foundit = true; +@@ -183,5 +179,5 @@ dwarf_getabbrev (Dwarf_Die *die, Dwarf_Off offset, size_t *lengthp) + return NULL; + } + +- return __libdw_getabbrev (dbg, cu, abbrev_offset + offset, lengthp, NULL); ++ return __libdw_getabbrev (dbg, cu, abbrev_offset + offset, lengthp); + } +diff --git a/libdw/dwarf_offabbrev.c b/libdw/dwarf_offabbrev.c +index 27cdad6..41df69b 100644 +--- a/libdw/dwarf_offabbrev.c ++++ b/libdw/dwarf_offabbrev.c +@@ -41,11 +41,15 @@ dwarf_offabbrev (Dwarf *dbg, Dwarf_Off offset, size_t *lengthp, + if (dbg == NULL) + return -1; + +- Dwarf_Abbrev *abbrev = __libdw_getabbrev (dbg, NULL, offset, lengthp, +- abbrevp); ++ Dwarf_Abbrev *abbrev = __libdw_getabbrev (dbg, NULL, offset, lengthp); + + if (abbrev == NULL) + return -1; + +- return abbrev == DWARF_END_ABBREV ? 1 : 0; ++ if (abbrev == DWARF_END_ABBREV) ++ return 1; ++ ++ *abbrevp = *abbrev; ++ ++ return 0; + } +diff --git a/libdw/dwarf_tag.c b/libdw/dwarf_tag.c +index d784970..218382a 100644 +--- a/libdw/dwarf_tag.c ++++ b/libdw/dwarf_tag.c +@@ -53,8 +53,7 @@ __libdw_findabbrev (struct Dwarf_CU *cu, unsigned int code) + + /* Find the next entry. It gets automatically added to the + hash table. */ +- abb = __libdw_getabbrev (cu->dbg, cu, cu->last_abbrev_offset, &length, +- NULL); ++ abb = __libdw_getabbrev (cu->dbg, cu, cu->last_abbrev_offset, &length); + if (abb == NULL || abb == DWARF_END_ABBREV) + { + /* Make sure we do not try to search for it again. */ +diff --git a/libdw/libdw.h b/libdw/libdw.h +index d53dc78..ec4713a 100644 +--- a/libdw/libdw.h ++++ b/libdw/libdw.h +@@ -587,7 +587,9 @@ extern int dwarf_srclang (Dwarf_Die *die); + extern Dwarf_Abbrev *dwarf_getabbrev (Dwarf_Die *die, Dwarf_Off offset, + size_t *lengthp); + +-/* Get abbreviation at given offset in .debug_abbrev section. */ ++/* Get abbreviation at given offset in .debug_abbrev section. On ++ success return zero and fills in ABBREVP. When there is no (more) ++ abbrev at offset returns one. On error returns a negative value. */ + extern int dwarf_offabbrev (Dwarf *dbg, Dwarf_Off offset, size_t *lengthp, + Dwarf_Abbrev *abbrevp) + __nonnull_attribute__ (4); +diff --git a/libdw/libdwP.h b/libdw/libdwP.h +index d6bab60..0cff5c2 100644 +--- a/libdw/libdwP.h ++++ b/libdw/libdwP.h +@@ -795,8 +795,7 @@ extern Dwarf_Abbrev *__libdw_findabbrev (struct Dwarf_CU *cu, + + /* Get abbreviation at given offset. */ + extern Dwarf_Abbrev *__libdw_getabbrev (Dwarf *dbg, struct Dwarf_CU *cu, +- Dwarf_Off offset, size_t *lengthp, +- Dwarf_Abbrev *result) ++ Dwarf_Off offset, size_t *lengthp) + __nonnull_attribute__ (1) internal_function; + + /* Get abbreviation of given DIE, and optionally set *READP to the DIE memory +-- +2.43.2 + From patchwork Thu Aug 21 15:39:43 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 68954 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 97E34CA0EEB for ; Thu, 21 Aug 2025 15:40:07 +0000 (UTC) Received: from mail-pg1-f174.google.com (mail-pg1-f174.google.com [209.85.215.174]) by mx.groups.io with SMTP id smtpd.web11.713.1755790806680727506 for ; Thu, 21 Aug 2025 08:40:06 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=JmWtdVN3; spf=softfail (domain: sakoman.com, ip: 209.85.215.174, mailfrom: steve@sakoman.com) Received: by mail-pg1-f174.google.com with SMTP id 41be03b00d2f7-b472fd93ad1so813657a12.0 for ; Thu, 21 Aug 2025 08:40:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1755790806; x=1756395606; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=shsIpKcmewMoqGJgOrMRSXF89ur9LEnXG7BBVrT/INI=; b=JmWtdVN3Nrp6du9josCj+pwLI7KcSgNuaGxSnGUlNb5SldcHNHhDKnaWA7AV229w6/ HbdI37GJUyCDDs0hvGwrV6XRSyvhjv/AooRx3BoYlTqkeeVaRq+Jw6DZQThBgYyxnhyB ssiCb4NB/tWhNX0VZ41S8IjHjd0eNepFgr2beX0oQfnsVkrUk/gP5LpuNA+2Hm3XTQ26 /leYw6Lh+La+43aByCGPDaC2cMuFilVcYYaTHeWucFQCZQpcQC4i7D7y0oq+JaR/mJay KRdvswzyNH4hgQOp+Mt7AJh2EtP2xS6oixkhfcN3QUR+joFNwXCkeLRodS9Y/gTyjyzk WOCQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755790806; x=1756395606; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=shsIpKcmewMoqGJgOrMRSXF89ur9LEnXG7BBVrT/INI=; b=MglOi5HWhJbd5f0pGjc/pq8lAgMe4gzLx+BdifNz5NqGDaNWuSM+0OKJ3ZkrONUeU3 zkzu+I0hfRxkaM38+FoYJzaoTN9f50+FYtBiZWsXYMKmTcJ3Eicg7eM9tvxIxoZMppDe B0XFRFEOzw62Ufj7IR8VMQnwzKDINS5GDB96pI9zFfeSMoRGPaNxUgelodoYJEDZIyuP 4z10XGfX9b9vkbsR2jUz4livRK7fRvO/8QszQAZa8Ikroa55iWhRfgtYqp1iL114nGZY DqIjuHKw7Mz10cJdARzjEDvKqkTNXg25Q/JecJU2e0/bKAGrQqi2zCGQSy7D4VtYmY4F +lLg== X-Gm-Message-State: AOJu0YwnOcJ+KkK4O8xspFF92kOM11uK5F6qtHht7bTMEy+fiPts26wZ WZG7/ifTMMSyyS+iA2WY2/4xgRgv0zAoTGdxo1Rmp14jPLYhudSJSCBDxcQ9l/FN5GtHozqN9H0 mAopt X-Gm-Gg: ASbGncsSw2td3bmVJ9hgB+EqjDJ+i7UImB3TR5lgVxgzyEBRPFXfxVSEqYh2IXklcpg Yq70TTiBzW9PWHNfqerP1sor+ISBBQM3wBlQLbcw74M/ND90U0umNKbziWQnz3PbWkvRRn9Tzhn Nh2gBJCqqpMI5j19iiPw3Ns1kue8LPUFf+kOdPjOMgLQQedSq0EY8eDcWiJcV1N4bsAy2PeBgsc BnLsDjmAXoTCiDjrcOYgVASYdTmdLrf1MKdBI+ZmORJ2skwPWeFbKUWG2rr+hPpCvsIM9ikRZm8 zNvwU/OoCcksYovGpSVq4O3LX9nP+KhOmO1qBcCTkEmg6lDSf55+/6cYlUli/NO2VPP+CWDCYzD x8j0jVvQEWEhHAA== X-Google-Smtp-Source: AGHT+IHKNb+A7v6AszSs9PLMbcRH53wF1diDfGZwoTFkRvwmgwKIfdujgqILw3P8fziPwbF+fw0bfQ== X-Received: by 2002:a17:903:240b:b0:234:aa9a:9e0f with SMTP id d9443c01a7336-245fec13c70mr46107875ad.23.1755790805733; Thu, 21 Aug 2025 08:40:05 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:bc1c:6959:5ad5:d4f9]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-245ed51b3dfsm58901845ad.142.2025.08.21.08.40.04 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Aug 2025 08:40:05 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 02/15] elfutils: Fix CVE-2025-1365 Date: Thu, 21 Aug 2025 08:39:43 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 21 Aug 2025 15:40:07 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/222251 From: Soumya Sambu A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects the function process_symtab of the file readelf.c of the component eu-readelf. The manipulation of the argument D/a leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 5e5c0394d82c53e97750fe7b18023e6f84157b81. It is recommended to apply a patch to fix this issue. References: https://nvd.nist.gov/vuln/detail/CVE-2025-1365 https://ubuntu.com/security/CVE-2025-1365 Upstream patch: https://sourceware.org/git/?p=elfutils.git;a=commit;h=5e5c0394d82c53e97750fe7b18023e6f84157b81 Signed-off-by: Soumya Sambu Signed-off-by: Steve Sakoman --- .../elfutils/elfutils_0.192.bb | 1 + .../elfutils/files/CVE-2025-1365.patch | 152 ++++++++++++++++++ 2 files changed, 153 insertions(+) create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2025-1365.patch diff --git a/meta/recipes-devtools/elfutils/elfutils_0.192.bb b/meta/recipes-devtools/elfutils/elfutils_0.192.bb index 829d9bf94f..ff40ba64ec 100644 --- a/meta/recipes-devtools/elfutils/elfutils_0.192.bb +++ b/meta/recipes-devtools/elfutils/elfutils_0.192.bb @@ -23,6 +23,7 @@ SRC_URI = "https://sourceware.org/elfutils/ftp/${PV}/${BP}.tar.bz2 \ file://0001-config-eu.am-do-not-force-Werror.patch \ file://0001-libelf-Add-libeu-objects-to-libelf.a-static-archive.patch \ file://CVE-2025-1352.patch \ + file://CVE-2025-1365.patch \ " SRC_URI:append:libc-musl = " \ file://0003-musl-utils.patch \ diff --git a/meta/recipes-devtools/elfutils/files/CVE-2025-1365.patch b/meta/recipes-devtools/elfutils/files/CVE-2025-1365.patch new file mode 100644 index 0000000000..b779685efd --- /dev/null +++ b/meta/recipes-devtools/elfutils/files/CVE-2025-1365.patch @@ -0,0 +1,152 @@ +From 5e5c0394d82c53e97750fe7b18023e6f84157b81 Mon Sep 17 00:00:00 2001 +From: Mark Wielaard +Date: Sat, 8 Feb 2025 21:44:56 +0100 +Subject: [PATCH] libelf, readelf: Use validate_str also to check dynamic + symstr data + +When dynsym/str was read through eu-readelf --dynamic by readelf +process_symtab the string data was not validated, possibly printing +unallocated memory past the end of the symstr data. Fix this by +turning the elf_strptr validate_str function into a generic +lib/system.h helper function and use it in readelf to validate the +strings before use. + + * libelf/elf_strptr.c (validate_str): Remove to... + * lib/system.h (validate_str): ... here. Make inline, simplify + check and document. + * src/readelf.c (process_symtab): Use validate_str on symstr_data. + +https://sourceware.org/bugzilla/show_bug.cgi?id=32654 + +CVE: CVE-2025-1365 + +Upstream-Status: Backport [https://sourceware.org/git/?p=elfutils.git;a=commit;h=5e5c0394d82c53e97750fe7b18023e6f84157b81] + +Signed-off-by: Mark Wielaard +Signed-off-by: Soumya Sambu +--- + lib/system.h | 27 +++++++++++++++++++++++++++ + libelf/elf_strptr.c | 18 ------------------ + src/readelf.c | 18 +++++++++++++++--- + 3 files changed, 42 insertions(+), 21 deletions(-) + +diff --git a/lib/system.h b/lib/system.h +index 0db12d9..0698e5f 100644 +--- a/lib/system.h ++++ b/lib/system.h +@@ -34,6 +34,7 @@ + #include + + #include ++#include + #include + #include + #include +@@ -117,6 +118,32 @@ startswith (const char *str, const char *prefix) + return strncmp (str, prefix, strlen (prefix)) == 0; + } + ++/* Return TRUE if STR[FROM] is a valid string with a zero terminator ++ at or before STR[TO - 1]. Note FROM is an index into the STR ++ array, while TO is the maximum size of the STR array. This ++ function returns FALSE when TO is zero or FROM >= TO. */ ++static inline bool ++validate_str (const char *str, size_t from, size_t to) ++{ ++#if HAVE_DECL_MEMRCHR ++ // Check end first, which is likely a zero terminator, ++ // to prevent function call ++ return (to > 0 ++ && (str[to - 1] == '\0' ++ || (to > from ++ && memrchr (&str[from], '\0', to - from - 1) != NULL))); ++#else ++ do { ++ if (to <= from) ++ return false; ++ ++ to--; ++ } while (str[to]); ++ ++ return true; ++#endif ++} ++ + /* A special gettext function we use if the strings are too short. */ + #define sgettext(Str) \ + ({ const char *__res = strrchr (_(Str), '|'); \ +diff --git a/libelf/elf_strptr.c b/libelf/elf_strptr.c +index 79a24d2..c5a94f8 100644 +--- a/libelf/elf_strptr.c ++++ b/libelf/elf_strptr.c +@@ -53,24 +53,6 @@ get_zdata (Elf_Scn *strscn) + return zdata; + } + +-static bool validate_str (const char *str, size_t from, size_t to) +-{ +-#if HAVE_DECL_MEMRCHR +- // Check end first, which is likely a zero terminator, to prevent function call +- return ((to > 0 && str[to - 1] == '\0') +- || (to - from > 0 && memrchr (&str[from], '\0', to - from - 1) != NULL)); +-#else +- do { +- if (to <= from) +- return false; +- +- to--; +- } while (str[to]); +- +- return true; +-#endif +-} +- + char * + elf_strptr (Elf *elf, size_t idx, size_t offset) + { +diff --git a/src/readelf.c b/src/readelf.c +index 3e97b64..105cddf 100644 +--- a/src/readelf.c ++++ b/src/readelf.c +@@ -2639,6 +2639,7 @@ process_symtab (Ebl *ebl, unsigned int nsyms, Elf64_Word idx, + char typebuf[64]; + char bindbuf[64]; + char scnbuf[64]; ++ const char *sym_name; + Elf32_Word xndx; + GElf_Sym sym_mem; + GElf_Sym *sym +@@ -2650,6 +2651,19 @@ process_symtab (Ebl *ebl, unsigned int nsyms, Elf64_Word idx, + /* Determine the real section index. */ + if (likely (sym->st_shndx != SHN_XINDEX)) + xndx = sym->st_shndx; ++ if (use_dynamic_segment == true) ++ { ++ if (validate_str (symstr_data->d_buf, sym->st_name, ++ symstr_data->d_size)) ++ sym_name = (char *)symstr_data->d_buf + sym->st_name; ++ else ++ sym_name = NULL; ++ } ++ else ++ sym_name = elf_strptr (ebl->elf, idx, sym->st_name); ++ ++ if (sym_name == NULL) ++ sym_name = "???"; + + printf (_ ("\ + %5u: %0*" PRIx64 " %6" PRId64 " %-7s %-6s %-9s %6s %s"), +@@ -2662,9 +2676,7 @@ process_symtab (Ebl *ebl, unsigned int nsyms, Elf64_Word idx, + get_visibility_type (GELF_ST_VISIBILITY (sym->st_other)), + ebl_section_name (ebl, sym->st_shndx, xndx, scnbuf, + sizeof (scnbuf), NULL, shnum), +- use_dynamic_segment == true +- ? (char *)symstr_data->d_buf + sym->st_name +- : elf_strptr (ebl->elf, idx, sym->st_name)); ++ sym_name); + + if (versym_data != NULL) + { +-- +2.43.2 + From patchwork Thu Aug 21 15:39:44 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 68956 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 81CB5CA0EEB for ; Thu, 21 Aug 2025 15:40:17 +0000 (UTC) Received: from mail-pl1-f180.google.com (mail-pl1-f180.google.com [209.85.214.180]) by mx.groups.io with SMTP id smtpd.web10.700.1755790808038719549 for ; Thu, 21 Aug 2025 08:40:08 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=Z4cyMK20; spf=softfail (domain: sakoman.com, ip: 209.85.214.180, mailfrom: steve@sakoman.com) Received: by mail-pl1-f180.google.com with SMTP id d9443c01a7336-245f19a324bso10536705ad.0 for ; Thu, 21 Aug 2025 08:40:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1755790807; x=1756395607; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=bpLoQERGQlcUcqptf5MZaWgAJRlYAzHSizP+Dn8o3B4=; b=Z4cyMK20YQFBAXuzmFdZBY1Sy8vlAZl7LPqlfy1C8HAElXDiIkXfpcZLu2h9Edp9B8 go+JDBqSl/9tUxcCBI+xOydh/3RGowCgUUeOrD58xJHxNz/oFRmuW1I78d2kqf/bkkOD d4RDc6QrHQl+5qD3DacqoMmg5m0Cd09AMan60vraDOxKwJVAdcc1U/j1t6Zly+OaA79v bS9XDoSSa8cZWb0EBaLEmcs5+6wM7xafzYSKi2L3e6/86bKmt5sAeeZXbFq7PdTlTjn1 IlNa5iQ932kPdigfAjS44hwiqPMJ2QI/m4OykHGp1vowjpqYfsyMwGg9XoE90KTVPThE 0cJw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755790807; x=1756395607; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bpLoQERGQlcUcqptf5MZaWgAJRlYAzHSizP+Dn8o3B4=; b=llB0Ylq3U9sMaLZD6PhwUudZwRltEZyLonjpIEo2Mq1O4JxwoUMgH2xD7hv/WVqeWY Sqz0K4PdWHauwTb3zlgOgdmNl7Z2fYJimbgfMCzNanZVe7p9m+a4unccf/DBzP+NFcGt g3zyexPniOi2EdsTjbUGOE1aFeQt+fw7UVZACa7OI+AtdcSazZQePMxcKQHunvV4i4CM pa8Grf3hcN8kAYsApv+3s7r7zoXyvdVoP6kOrtsjyVAHkjXPBIwLDF1mWAjbcUq5qPgb 1i6uXu3AGHO0ajCcDXhrot1wvw1VhPOlJYfMHEhPoRuqFUeLUz2f0XwPoflgLB9A60JM bl1A== X-Gm-Message-State: AOJu0YyjR0Hx0Q36ZDQ/jPBLMhdOMp2lmGbsSNZRM/VHqERnKM0NQr/C BnY8Ec2a7XCVqSo71EoqI8/1K60ybgwx72WJw0hWmkJ4cRXcFqk/85Q/PpBAPDZ1YAl8echcrvi rCbv9 X-Gm-Gg: ASbGncv0NRiELCU4tIlwX3cfCMQwRntFhGP5zte88+M9cwAIZ0kkpGHWvCVXiCqbVPb sQvp62E8norrCzEZKtK5UmCyWQJF0rISRz3iiM6NfVGbipn33YXpwb8giyazsFiN9d07XmsJT6y RC4N3ttNK1gvSnjhY7HIkSLB7lUwjM7rQB6zlVA24z0NAOrGg3bYhtzQ3Fio147t7SwrELXw4Ti mSeCqHxzZbOah7Uoo7rY/bJJ04UQ66jvoM4fNNlt9Zq3dLdVrM5TK3FxNZRnjrMpdtwpSy780vN BLY9uDuhKsgca21lQIenBH1S7gAG7Fxa51f57PmrZqXTjpTYo8FVMmny1RdF/uNrZKT3KiC4f82 SOzmdFOkp78/b7g== X-Google-Smtp-Source: AGHT+IGvrOxBHQ0V0C0Kc9BLiu7FygWOM80aLhYu/A0ODHyT7tsbM2sjtpNdwntePuT3GvmmxPEYxw== X-Received: by 2002:a17:902:dac8:b0:242:9d61:2b60 with SMTP id d9443c01a7336-245febea52bmr49454205ad.6.1755790807214; Thu, 21 Aug 2025 08:40:07 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:bc1c:6959:5ad5:d4f9]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-245ed51b3dfsm58901845ad.142.2025.08.21.08.40.06 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Aug 2025 08:40:06 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 03/15] elfutils: Fix CVE-2025-1371 Date: Thu, 21 Aug 2025 08:39:44 -0700 Message-ID: <36a322934f6f7dc8d0890c531d68c0f7de69be13.1755790385.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 21 Aug 2025 15:40:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/222252 From: Soumya Sambu A vulnerability has been found in GNU elfutils 0.192 and classified as problematic. This vulnerability affects the function handle_dynamic_symtab of the file readelf.c of the component eu-read. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is identified as b38e562a4c907e08171c76b8b2def8464d5a104a. It is recommended to apply a patch to fix this issue. References: https://nvd.nist.gov/vuln/detail/CVE-2025-1371 https://ubuntu.com/security/CVE-2025-1371 Upstream patch: https://sourceware.org/git/?p=elfutils.git;a=commit;h=b38e562a4c907e08171c76b8b2def8464d5a104a Signed-off-by: Soumya Sambu Signed-off-by: Steve Sakoman --- .../elfutils/elfutils_0.192.bb | 1 + .../elfutils/files/CVE-2025-1371.patch | 41 +++++++++++++++++++ 2 files changed, 42 insertions(+) create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2025-1371.patch diff --git a/meta/recipes-devtools/elfutils/elfutils_0.192.bb b/meta/recipes-devtools/elfutils/elfutils_0.192.bb index ff40ba64ec..2f34bfeebb 100644 --- a/meta/recipes-devtools/elfutils/elfutils_0.192.bb +++ b/meta/recipes-devtools/elfutils/elfutils_0.192.bb @@ -24,6 +24,7 @@ SRC_URI = "https://sourceware.org/elfutils/ftp/${PV}/${BP}.tar.bz2 \ file://0001-libelf-Add-libeu-objects-to-libelf.a-static-archive.patch \ file://CVE-2025-1352.patch \ file://CVE-2025-1365.patch \ + file://CVE-2025-1371.patch \ " SRC_URI:append:libc-musl = " \ file://0003-musl-utils.patch \ diff --git a/meta/recipes-devtools/elfutils/files/CVE-2025-1371.patch b/meta/recipes-devtools/elfutils/files/CVE-2025-1371.patch new file mode 100644 index 0000000000..9ecb045f82 --- /dev/null +++ b/meta/recipes-devtools/elfutils/files/CVE-2025-1371.patch @@ -0,0 +1,41 @@ +From b38e562a4c907e08171c76b8b2def8464d5a104a Mon Sep 17 00:00:00 2001 +From: Mark Wielaard +Date: Sun, 9 Feb 2025 00:07:13 +0100 +Subject: [PATCH] readelf: Handle NULL phdr in handle_dynamic_symtab + +A corrupt ELF file can have broken program headers, in which case +gelf_getphdr returns NULL. This could crash handle_dynamic_symtab +while searching for the PT_DYNAMIC phdr. Fix this by checking whether +gelf_phdr returns NULL. + + * src/readelf.c (handle_dynamic_symtab): Check whether + gelf_getphdr returns NULL. + +https://sourceware.org/bugzilla/show_bug.cgi?id=32655 + +CVE: CVE-2025-1371 + +Upstream-Status: Backport [https://sourceware.org/git/?p=elfutils.git;a=commit;h=b38e562a4c907e08171c76b8b2def8464d5a104a] + +Signed-off-by: Mark Wielaard +Signed-off-by: Soumya Sambu +--- + src/readelf.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/readelf.c b/src/readelf.c +index 105cddf..a526fa8 100644 +--- a/src/readelf.c ++++ b/src/readelf.c +@@ -2912,7 +2912,7 @@ handle_dynamic_symtab (Ebl *ebl) + for (size_t i = 0; i < phnum; ++i) + { + phdr = gelf_getphdr (ebl->elf, i, &phdr_mem); +- if (phdr->p_type == PT_DYNAMIC) ++ if (phdr == NULL || phdr->p_type == PT_DYNAMIC) + break; + } + if (phdr == NULL) +-- +2.43.2 + From patchwork Thu Aug 21 15:39:45 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 68957 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8846ACA0EFC for ; Thu, 21 Aug 2025 15:40:17 +0000 (UTC) Received: from mail-pl1-f177.google.com (mail-pl1-f177.google.com [209.85.214.177]) by mx.groups.io with SMTP id smtpd.web10.703.1755790809548078804 for ; Thu, 21 Aug 2025 08:40:09 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=LfBWs63n; spf=softfail (domain: sakoman.com, ip: 209.85.214.177, mailfrom: steve@sakoman.com) Received: by mail-pl1-f177.google.com with SMTP id d9443c01a7336-245f19aab6aso8132835ad.0 for ; Thu, 21 Aug 2025 08:40:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1755790809; x=1756395609; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=NCX6pGKbp51gBD06xhigw6l5OvKROkBX9FJGn66FOdQ=; b=LfBWs63nqQy1rblyIgrwgBQTpQqKvUQAej9JPDfKGrhWreWVsjld906DeJb6lwxR2Z W6fdGCS6Cqxp+rIXkjVhiM+WEy4/XfrGBrV2SBZJyRyQu5Edp9mXwTZPTWn8BSX0KFeI hOxarKrVX13jGNnX2LDaAs/9DRq4rSx/Gp2psKncBarNQS9PIPBPV89OlIT2Bo+YU7SC GKrah/qZ4a7UBkFfHAtr5eGGkG6dcn4LeHAQ1pcTbb6Q8ldnHYpDv7gjtE4LnDkH6BH9 Qiy4D7Kes7n4E11KGr/9xDtpJKwUl+SB6QYXuAv4yZ7klKODa7MNo3U5TBGT8LTSlFjJ i4uA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755790809; x=1756395609; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=NCX6pGKbp51gBD06xhigw6l5OvKROkBX9FJGn66FOdQ=; b=pj7LXckOxpEEbHviwe4NrJjyC/ujeYnlcm9Z2es7pZjEYXJp5/WTp9/1YFfuFJ/jK/ lTojmdICCa0Xg2Y9ptlIjYmmbf5lenY5pVGGfChhBaB1wW23gm3XhCN4hU+AW8hdkZ5O A6DWMRtRrZQgflny7fMRAybkJS2ItE/ic7ZmgKRKPXy2wHW8TwiPhplalfTWIuXMnbF3 LDBC+1Vo90ghXrMldIYXXqsT5aEv0G8jOS6Ia28gkUT8Pxj40aTM2VXbpKX/UrUFTHoV 8PuCn14o+muCOMCaMvVN1Vh+kVMCl8q62raeVqs+Fo2Ho6nSZa99c2eFYaeH3ByvoX+L pLQg== X-Gm-Message-State: AOJu0Yw0rf185BsNWYYMpWX0VVFCnp0t3Y6tekVg8jYJVgbPAxvoMH3B nti/MeTB58tbL6lVm04u9Lf8L/e8rPQWzElwuPecwkgSpUErDtXa0MwuF3afdpA6/fFFhnA6rNB AHxCq X-Gm-Gg: ASbGnctoeQXXKkrRYd8gjk1LpYtqsXv4WLDxmq6sKnM2Vu9jLOIn2/0TnwscEWYx8HR EXSljxVzAHrZdunQ5kQ39CFV/nq2HxHJ1MsDZVoua66+xzKe2ZzedlzceAUhJLxZhHpJr7DXyXH VkbxWjAScMJxFWEMeJdm7c2CwByFkgUNNF/5tDkLEHBq2lFDk7YpTEGaLVRAPquAnmv0ZL08TdT a1Q1fPBb43gu1xuRBMW0PPE2zjIpwX4CtCajkmxUUSERx3PFYlHy+DIgcYa7GnrV25FB8Dxnv4L S9UNrJ0SNrFq4pj8xwZyqF2PJwtK93kucrs21hjfCBBeHNaniy8tUU9lTP3GMzncLzyIX6hUxPy XmrnKCyqpub9OBg== X-Google-Smtp-Source: AGHT+IGBgI/QbS9ATCEezMDwMJRiO7gvlU5ExNDwF2x6ECr6S0FwBafCrdN5JaDTFGqJMFWPLtf/ZQ== X-Received: by 2002:a17:902:db03:b0:240:3e72:efb3 with SMTP id d9443c01a7336-245fede07b4mr47755845ad.43.1755790808759; Thu, 21 Aug 2025 08:40:08 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:bc1c:6959:5ad5:d4f9]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-245ed51b3dfsm58901845ad.142.2025.08.21.08.40.08 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Aug 2025 08:40:08 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 04/15] elfutils: Fix CVE-2025-1372 Date: Thu, 21 Aug 2025 08:39:45 -0700 Message-ID: <76c57e74071f8f2f312d5c62e1f7a1ac74db54be.1755790385.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 21 Aug 2025 15:40:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/222253 From: Soumya Sambu A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf. The manipulation of the argument z/x leads to buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 73db9d2021cab9e23fd734b0a76a612d52a6f1db. It is recommended to apply a patch to fix this issue. References: https://nvd.nist.gov/vuln/detail/CVE-2025-1372 https://ubuntu.com/security/CVE-2025-1372 Upstream patch: https://sourceware.org/git/?p=elfutils.git;a=commit;h=73db9d2021cab9e23fd734b0a76a612d52a6f1db Signed-off-by: Soumya Sambu Signed-off-by: Steve Sakoman --- .../elfutils/elfutils_0.192.bb | 1 + .../elfutils/files/CVE-2025-1372.patch | 51 +++++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2025-1372.patch diff --git a/meta/recipes-devtools/elfutils/elfutils_0.192.bb b/meta/recipes-devtools/elfutils/elfutils_0.192.bb index 2f34bfeebb..4dcc774bb9 100644 --- a/meta/recipes-devtools/elfutils/elfutils_0.192.bb +++ b/meta/recipes-devtools/elfutils/elfutils_0.192.bb @@ -25,6 +25,7 @@ SRC_URI = "https://sourceware.org/elfutils/ftp/${PV}/${BP}.tar.bz2 \ file://CVE-2025-1352.patch \ file://CVE-2025-1365.patch \ file://CVE-2025-1371.patch \ + file://CVE-2025-1372.patch \ " SRC_URI:append:libc-musl = " \ file://0003-musl-utils.patch \ diff --git a/meta/recipes-devtools/elfutils/files/CVE-2025-1372.patch b/meta/recipes-devtools/elfutils/files/CVE-2025-1372.patch new file mode 100644 index 0000000000..c202d8359c --- /dev/null +++ b/meta/recipes-devtools/elfutils/files/CVE-2025-1372.patch @@ -0,0 +1,51 @@ +From 73db9d2021cab9e23fd734b0a76a612d52a6f1db Mon Sep 17 00:00:00 2001 +From: Mark Wielaard +Date: Sun, 9 Feb 2025 00:07:39 +0100 +Subject: [PATCH] readelf: Skip trying to uncompress sections without a name + +When combining eu-readelf -z with -x or -p to dump the data or strings +in an (corrupted ELF) unnamed numbered section eu-readelf could crash +trying to check whether the section name starts with .zdebug. Fix this +by skipping sections without a name. + + * src/readelf.c (dump_data_section): Don't try to gnu decompress a + section without a name. + (print_string_section): Likewise. + +https://sourceware.org/bugzilla/show_bug.cgi?id=32656 + +CVE: CVE-2025-1372 + +Upstream-Status: Backport [https://sourceware.org/git/?p=elfutils.git;a=commit;h=73db9d2021cab9e23fd734b0a76a612d52a6f1db] + +Signed-off-by: Mark Wielaard +Signed-off-by: Soumya Sambu +--- + src/readelf.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/readelf.c b/src/readelf.c +index a526fa8..89ee80a 100644 +--- a/src/readelf.c ++++ b/src/readelf.c +@@ -13321,7 +13321,7 @@ dump_data_section (Elf_Scn *scn, const GElf_Shdr *shdr, const char *name) + _("Couldn't uncompress section"), + elf_ndxscn (scn)); + } +- else if (startswith (name, ".zdebug")) ++ else if (name && startswith (name, ".zdebug")) + { + if (elf_compress_gnu (scn, 0, 0) < 0) + printf ("WARNING: %s [%zd]\n", +@@ -13372,7 +13372,7 @@ print_string_section (Elf_Scn *scn, const GElf_Shdr *shdr, const char *name) + _("Couldn't uncompress section"), + elf_ndxscn (scn)); + } +- else if (startswith (name, ".zdebug")) ++ else if (name && startswith (name, ".zdebug")) + { + if (elf_compress_gnu (scn, 0, 0) < 0) + printf ("WARNING: %s [%zd]\n", +-- +2.43.2 + From patchwork Thu Aug 21 15:39:46 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 68958 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 90CF7CA0FE2 for ; Thu, 21 Aug 2025 15:40:17 +0000 (UTC) Received: from mail-pg1-f170.google.com (mail-pg1-f170.google.com [209.85.215.170]) by mx.groups.io with SMTP id smtpd.web10.704.1755790811647906811 for ; Thu, 21 Aug 2025 08:40:11 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=EmDhA2uQ; spf=softfail (domain: sakoman.com, ip: 209.85.215.170, mailfrom: steve@sakoman.com) Received: by mail-pg1-f170.google.com with SMTP id 41be03b00d2f7-b4761f281a7so773152a12.1 for ; Thu, 21 Aug 2025 08:40:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1755790811; x=1756395611; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=nR4h0xtdj+RAZGGvKIh2Q2AxbSK8nv9NR3eq9e1Acfc=; b=EmDhA2uQPBYhrAAF/sujJuWtaG3rEIQu0hTkmuGHViydMT4vNkq3lIT6Gav+yJfHAU aDYOmel/lzYs1yGhLTRyqmr5aCAlhAG9fybIA50jKr//C3TKKiO0jtSd7jIS/5qxk3Ra sQg2jYqcUqZzZ/kbL6T5vtCAqLBp0ywI77sRGRbtp/KCORmVXH9OdmrCKctT2Cq7Jozt kynMYnNAnsj2WNy+KLib0FhlFPsHXbPzjjYcoBTfxGeHnfWlW9nR8n60VAhf2xeUSQyi jz0WTO2BDhvViGVWqVoqDHkOxMN1Z5sGHNGxYkXVlWd38FtlnSwhDk8xSo7H4QFeHPDC 3Dhw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755790811; x=1756395611; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=nR4h0xtdj+RAZGGvKIh2Q2AxbSK8nv9NR3eq9e1Acfc=; b=T6MZmmmMEkN+J3HaMvlpGKYnUVMc4p1kgm4QcZI2MeP5fbMy84+TYWDNZVdHm0Chlc kyuINplNwYnoIfoSuxSAHmsbhNHVVFmBB63GT925jvW1HypnWLuoyesrR8Anh5nDUNo8 koqnqvBwGcm8OaP+09CL2L0smfzJ/aZc64+1wlL6NoLJItEe/pS/fjxpHx9FWvNqmV3S BHNtPqyOuk216AQL7PxeaCtjB1sNrsqVDs4wLe6uhkJh76Zczzmdexkn9X4BkKlWD7Ac KuD5dkJRmLbCLxNK/FLBPZKnMaWkqkCY6zshB7vftn3ASUGccNIenOxeA6SRHopegUAH QApg== X-Gm-Message-State: AOJu0YygNTxrt9vWX03jVsMusjqRrkpuDj1gbZ4Slptq1yR3j0w/UYVC xTNBchNB9nVhY9oDf+eCNjk2ywWAWwdCZr5rlxnzQU/NvYVbeL5JpkWB/7TaHzAy/ift8cy4fIB MV/uD X-Gm-Gg: ASbGncuMwzkjeZlW8P7gizNX8ihpNoaNrhaVs/+azBEPmzRGle2Y4FhuIMSlgAfwOUZ kLRKUiOztoaOwZyO5Bp2gz0WHa5wIRLjGaZogc6GqP7eAhNw13MT7+dljvl2DaLluQXH7cZpaY2 HdY5eb4sou9Xw3zkHFxf5z79Y7gpaobDevify3ehjEj5tqWM9TnT8k6bQ2o7xmnMi5CunyP4hot qj2FO7b2MTjOYD3kPbyBd1zJEqGMky5Q9+xqXGouXa4wy/C3NtQj30TJY8Pajs0WCuJowCnp6iF jOSit/POgCD4eVHBAnca+AA+ozvPyQ9I68M6gA6PHlJJP1nLfimtXnlnVzsWtRSbBAJuhh2B90P LjJmFHu8h3bVD3Q== X-Google-Smtp-Source: AGHT+IEEJ+icHe9oSr9XAvPHIctqwboqNadbYimm/5pX8hbFjOxgJkMQ3YY8DIbjWpZ6MWnpP0sLPQ== X-Received: by 2002:a17:902:d4cd:b0:240:86b2:aeb6 with SMTP id d9443c01a7336-245fed9b4bbmr43164725ad.26.1755790810159; Thu, 21 Aug 2025 08:40:10 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:bc1c:6959:5ad5:d4f9]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-245ed51b3dfsm58901845ad.142.2025.08.21.08.40.09 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Aug 2025 08:40:09 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 05/15] elfutils: Fix CVE-2025-1376 Date: Thu, 21 Aug 2025 08:39:46 -0700 Message-ID: <603881e34e3bbb7435f0ae91553036eef7f1cb06.1755790385.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 21 Aug 2025 15:40:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/222254 From: Soumya Sambu A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is b16f441cca0a4841050e3215a9f120a6d8aea918. It is recommended to apply a patch to fix this issue. References: https://nvd.nist.gov/vuln/detail/CVE-2025-1376 https://ubuntu.com/security/CVE-2025-1376 Upstream patch: https://sourceware.org/git/?p=elfutils.git;a=commit;h=b16f441cca0a4841050e3215a9f120a6d8aea918 Signed-off-by: Soumya Sambu Signed-off-by: Steve Sakoman --- .../elfutils/elfutils_0.192.bb | 1 + .../elfutils/files/CVE-2025-1376.patch | 57 +++++++++++++++++++ 2 files changed, 58 insertions(+) create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2025-1376.patch diff --git a/meta/recipes-devtools/elfutils/elfutils_0.192.bb b/meta/recipes-devtools/elfutils/elfutils_0.192.bb index 4dcc774bb9..f8cf083ec6 100644 --- a/meta/recipes-devtools/elfutils/elfutils_0.192.bb +++ b/meta/recipes-devtools/elfutils/elfutils_0.192.bb @@ -26,6 +26,7 @@ SRC_URI = "https://sourceware.org/elfutils/ftp/${PV}/${BP}.tar.bz2 \ file://CVE-2025-1365.patch \ file://CVE-2025-1371.patch \ file://CVE-2025-1372.patch \ + file://CVE-2025-1376.patch \ " SRC_URI:append:libc-musl = " \ file://0003-musl-utils.patch \ diff --git a/meta/recipes-devtools/elfutils/files/CVE-2025-1376.patch b/meta/recipes-devtools/elfutils/files/CVE-2025-1376.patch new file mode 100644 index 0000000000..ebffb2bd72 --- /dev/null +++ b/meta/recipes-devtools/elfutils/files/CVE-2025-1376.patch @@ -0,0 +1,57 @@ +From b16f441cca0a4841050e3215a9f120a6d8aea918 Mon Sep 17 00:00:00 2001 +From: Mark Wielaard +Date: Thu, 13 Feb 2025 00:02:32 +0100 +Subject: [PATCH] libelf: Handle elf_strptr on section without any data + +In the unlikely situation that elf_strptr was called on a section with +sh_size already set, but that doesn't have any data yet we could crash +trying to verify the string to return. + +This could happen for example when a new section was created with +elf_newscn, but no data having been added yet. + + * libelf/elf_strptr.c (elf_strptr): Check strscn->rawdata_base + is not NULL. + +https://sourceware.org/bugzilla/show_bug.cgi?id=32672 + +CVE: CVE-2025-1376 + +Upstream-Status: Backport [https://sourceware.org/git/?p=elfutils.git;a=commit;h=b16f441cca0a4841050e3215a9f120a6d8aea918] + +Signed-off-by: Mark Wielaard +Signed-off-by: Soumya Sambu +--- + libelf/elf_strptr.c | 10 +++++++--- + 1 file changed, 7 insertions(+), 3 deletions(-) + +diff --git a/libelf/elf_strptr.c b/libelf/elf_strptr.c +index c5a94f8..7be7f5e 100644 +--- a/libelf/elf_strptr.c ++++ b/libelf/elf_strptr.c +@@ -1,5 +1,6 @@ + /* Return string pointer from string section. + Copyright (C) 1998-2002, 2004, 2008, 2009, 2015 Red Hat, Inc. ++ Copyright (C) 2025 Mark J. Wielaard + This file is part of elfutils. + Contributed by Ulrich Drepper , 1998. + +@@ -183,9 +184,12 @@ elf_strptr (Elf *elf, size_t idx, size_t offset) + // initialized yet (when data_read is zero). So we cannot just + // look at the rawdata.d.d_size. + +- /* Make sure the string is NUL terminated. Start from the end, +- which very likely is a NUL char. */ +- if (likely (validate_str (strscn->rawdata_base, offset, sh_size))) ++ /* First check there actually is any data. This could be a new ++ section which hasn't had any data set yet. Then make sure ++ the string is at a valid offset and NUL terminated. */ ++ if (unlikely (strscn->rawdata_base == NULL)) ++ __libelf_seterrno (ELF_E_INVALID_SECTION); ++ else if (likely (validate_str (strscn->rawdata_base, offset, sh_size))) + result = &strscn->rawdata_base[offset]; + else + __libelf_seterrno (ELF_E_INVALID_INDEX); +-- +2.43.2 + From patchwork Thu Aug 21 15:39:47 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 68959 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9491FCA0FE7 for ; Thu, 21 Aug 2025 15:40:17 +0000 (UTC) Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) by mx.groups.io with SMTP id smtpd.web10.705.1755790813565917937 for ; Thu, 21 Aug 2025 08:40:13 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=XKmR3dc1; spf=softfail (domain: sakoman.com, ip: 209.85.214.176, mailfrom: steve@sakoman.com) Received: by mail-pl1-f176.google.com with SMTP id d9443c01a7336-245f2a8fa81so15660455ad.0 for ; Thu, 21 Aug 2025 08:40:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1755790813; x=1756395613; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=jUpiTtBf0EWgnaDxV432jr4uzMFKpB+TTlnLHoTFNFE=; b=XKmR3dc1NJ+UbhZmewpTT75lGYgGha+AQ+00/4kK2bN6qUP3ZVPrv2wR5xc5emb/lx KUv4ot/FuDOg2Z8ouU7YT0TBFkoFk3Y23MTEmSnEeQ9xQdAdl58X4wrmKc69DYCPHSjy aEdWBuaDTPznME9nzr/iM+z3ig/nT7peSyBtFytGAiWdBaAO0m2JNV0Gsgt0WBIZl7k+ uK4IXQBYefiUoHJLZrk1wcoH8vHfeDzwe962R5giM1onfIAS1hua7cHsZ9SG+OUrywM1 rjK36MAK2Qj/CZMvJlE02D5PELD0udq6GecPZuMt+UnxHbeyhCvZPSWG/L4SibIBnNqF 5R6Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755790813; x=1756395613; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jUpiTtBf0EWgnaDxV432jr4uzMFKpB+TTlnLHoTFNFE=; b=DIJSREOtF6AZsBObqEahm9dwW+bnMzFM45CgcNUtb4G8vLCHVqe32nkTsxSDoTFHA2 PUd9VmE/aQclxF65qI0GNy2+4Fs58AD0vKXIrczhF1zA5PdWZBC6WCf3RCLuGpB596gO R0gdVFN2Rbj1N+YnU6AwZCokId8oh08+Ot1WkEnoRSUfqVQWdRBvD0hLqQR9hooGhwVp 1p3v2FsmJBtkVZ7o65u1yCZi8J+ZTVdXCxhI62zBpJT953Y6iAYOHLW2YveJ1D3EYCXv 84gsVt/S+ogdkgvI3MQmt3zN4Tkzqg8+lWR7f+Bg5VGnC+ynxs6K/JgSZ3+nKQYSClTC svPg== X-Gm-Message-State: AOJu0YyI9p+nagRROy/4Rse06Vfn73XCJIjoDIeuzBn0lvRprvBwXMm1 ruJVtI1kG1pzYOz/WUcJEf+NtskT763QaAo0ySKdAwjT9kpX3Hu5DyrXUpq2AZRS6WHKOAN/C/U XFSAY X-Gm-Gg: ASbGncswCbM41YlTF9GalwoYrTRllvpJw/6y1xZQ31eekPLpbxVQXaTJ2C3H5O3kyd2 Sy3DwQofv8O3n4uN5ChoO7Tu2151Ip7ARI2C58lGamXSL58/EzBeWThrB6rhAsYRlEz2ceR4kmc nYGLLGtiyqDzegFW+JWikJtvTI4BC496JiJ7xm3ey/OPJ7kTifHgcf9p9f3vveaoGUMuFPZXvyR pW+XgjeF6Zt01QhjOR9cs/aK0doBjikchPLFOyLKugsGyLzpGOV3TphQDCKqzB1TEwLbatWx3Ci YlJ8U58LrR90n0NYliPPKAnjlgc7rEHatvbNV2QTRpl431ijH+EJQXre4sdpHhXqX9UXYfH6Mla +MFVbT1clyehqPA== X-Google-Smtp-Source: AGHT+IEGDgiKbxZpE6rTXXz+4juu8krh/UeT+scy+8mnGZK6ZOWp/1I+nk/JA6osqTfL1VPYVsNpfw== X-Received: by 2002:a17:902:d4cb:b0:237:e3bc:7691 with SMTP id d9443c01a7336-2460622198amr32929355ad.13.1755790812585; Thu, 21 Aug 2025 08:40:12 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:bc1c:6959:5ad5:d4f9]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-245ed51b3dfsm58901845ad.142.2025.08.21.08.40.11 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Aug 2025 08:40:12 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 06/15] elfutils: Fix CVE-2025-1377 Date: Thu, 21 Aug 2025 08:39:47 -0700 Message-ID: <36436f0996d3a84fe6a59434dec1a92704110602.1755790385.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 21 Aug 2025 15:40:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/222255 From: Soumya Sambu A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelf_getsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is fbf1df9ca286de3323ae541973b08449f8d03aba. It is recommended to apply a patch to fix this issue. References: https://nvd.nist.gov/vuln/detail/CVE-2025-1377 https://ubuntu.com/security/CVE-2025-1377 Upstream patch: https://sourceware.org/git/?p=elfutils.git;a=fbf1df9ca286de3323ae541973b08449f8d03aba Signed-off-by: Soumya Sambu Signed-off-by: Steve Sakoman --- .../elfutils/elfutils_0.192.bb | 1 + .../elfutils/files/CVE-2025-1377.patch | 68 +++++++++++++++++++ 2 files changed, 69 insertions(+) create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2025-1377.patch diff --git a/meta/recipes-devtools/elfutils/elfutils_0.192.bb b/meta/recipes-devtools/elfutils/elfutils_0.192.bb index f8cf083ec6..fb4109441b 100644 --- a/meta/recipes-devtools/elfutils/elfutils_0.192.bb +++ b/meta/recipes-devtools/elfutils/elfutils_0.192.bb @@ -27,6 +27,7 @@ SRC_URI = "https://sourceware.org/elfutils/ftp/${PV}/${BP}.tar.bz2 \ file://CVE-2025-1371.patch \ file://CVE-2025-1372.patch \ file://CVE-2025-1376.patch \ + file://CVE-2025-1377.patch \ " SRC_URI:append:libc-musl = " \ file://0003-musl-utils.patch \ diff --git a/meta/recipes-devtools/elfutils/files/CVE-2025-1377.patch b/meta/recipes-devtools/elfutils/files/CVE-2025-1377.patch new file mode 100644 index 0000000000..003215017f --- /dev/null +++ b/meta/recipes-devtools/elfutils/files/CVE-2025-1377.patch @@ -0,0 +1,68 @@ +From fbf1df9ca286de3323ae541973b08449f8d03aba Mon Sep 17 00:00:00 2001 +From: Mark Wielaard +Date: Thu, 13 Feb 2025 14:59:34 +0100 +Subject: [PATCH] strip: Verify symbol table is a real symbol table + +We didn't check the symbol table referenced from the relocation table +was a real symbol table. This could cause a crash if that section +happened to be an SHT_NOBITS section without any data. Fix this by +adding an explicit check. + + * src/strip.c (INTERNAL_ERROR_MSG): New macro that takes a + message string to display. + (INTERNAL_ERROR): Use INTERNAL_ERROR_MSG with elf_errmsg (-1). + (remove_debug_relocations): Check the sh_link referenced + section is real and isn't a SHT_NOBITS section. + +https://sourceware.org/bugzilla/show_bug.cgi?id=32673 + +CVE: CVE-2025-1377 + +Upstream-Status: Backport [https://sourceware.org/git/?p=elfutils.git;a=fbf1df9ca286de3323ae541973b08449f8d03aba] + +Signed-off-by: Mark Wielaard +Signed-off-by: Soumya Sambu +--- + src/strip.c | 14 +++++++++++--- + 1 file changed, 11 insertions(+), 3 deletions(-) + +diff --git a/src/strip.c b/src/strip.c +index 403e0f6..2b5d057 100644 +--- a/src/strip.c ++++ b/src/strip.c +@@ -126,13 +126,14 @@ static char *tmp_debug_fname = NULL; + /* Close debug file descriptor, if opened. And remove temporary debug file. */ + static void cleanup_debug (void); + +-#define INTERNAL_ERROR(fname) \ ++#define INTERNAL_ERROR_MSG(fname, msg) \ + do { \ + cleanup_debug (); \ + error_exit (0, _("%s: INTERNAL ERROR %d (%s): %s"), \ +- fname, __LINE__, PACKAGE_VERSION, elf_errmsg (-1)); \ ++ fname, __LINE__, PACKAGE_VERSION, msg); \ + } while (0) + ++#define INTERNAL_ERROR(fname) INTERNAL_ERROR_MSG(fname, elf_errmsg (-1)) + + /* Name of the output file. */ + static const char *output_fname; +@@ -631,7 +632,14 @@ remove_debug_relocations (Ebl *ebl, Elf *elf, GElf_Ehdr *ehdr, + resolve relocation symbol indexes. */ + Elf64_Word symt = shdr->sh_link; + Elf_Data *symdata, *xndxdata; +- Elf_Scn * symscn = elf_getscn (elf, symt); ++ Elf_Scn *symscn = elf_getscn (elf, symt); ++ GElf_Shdr symshdr_mem; ++ GElf_Shdr *symshdr = gelf_getshdr (symscn, &symshdr_mem); ++ if (symshdr == NULL) ++ INTERNAL_ERROR (fname); ++ if (symshdr->sh_type == SHT_NOBITS) ++ INTERNAL_ERROR_MSG (fname, "NOBITS section"); ++ + symdata = elf_getdata (symscn, NULL); + xndxdata = get_xndxdata (elf, symscn); + if (symdata == NULL) +-- +2.43.2 + From patchwork Thu Aug 21 15:39:48 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 68960 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 81CE5CA0FE1 for ; Thu, 21 Aug 2025 15:40:17 +0000 (UTC) Received: from mail-pg1-f179.google.com (mail-pg1-f179.google.com [209.85.215.179]) by mx.groups.io with SMTP id smtpd.web10.706.1755790815123177119 for ; Thu, 21 Aug 2025 08:40:15 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=jLxkMVYG; spf=softfail (domain: sakoman.com, ip: 209.85.215.179, mailfrom: steve@sakoman.com) Received: by mail-pg1-f179.google.com with SMTP id 41be03b00d2f7-b476c67c5easo808855a12.0 for ; Thu, 21 Aug 2025 08:40:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1755790814; x=1756395614; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ntEW3I7zDRK6EH668tU81tBkECIzEIvm3FEbx8k9vKs=; b=jLxkMVYGvMxI+Nvop7aTwqHmaTZeLOBynF9GyKvT6fpRaMwbcw6Z1pA3FN5Iwif3s6 G5B+aQ5kIJd4mT0KIGhDdNHop3XYhuvjzoSvCqPuN5fKwgQBYPXAtsCeNLrYz1js+Pdz xr/Gekb0SWXQeWoHfwneX1p/yxZWx734FkbZQ92Oxm3gvn9C+fJmW6f2YhBHHVwsfI+a JtYDPXv1FuqqnyYrT5zQaG3KA8BBh8f7ZShaMXUDhBI+fvtQ9XPrRlop9nnvaOzLiMgP LHfYZrC+cbbvLrbpYH+g5xEIa5DTsGh6N3/PK12qAPow05m4i+7LIGCqww/RcIYRoqU8 gm6g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755790814; x=1756395614; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ntEW3I7zDRK6EH668tU81tBkECIzEIvm3FEbx8k9vKs=; b=IHUkgSsv7yRdMlHABuWwAVyqs8q5NRkEyUUquzVHMpGh0WzbAQkuOmpuxg4gLfnZZN kEk2R99OFo09x/rqHc81JWy1vkp2kAj7XX2iipEDG4wuDT74iekV+63OSKRtx1xbGJDX EO6/hxjaE3+0gAd7pYwBzOYNI+ZaBSEMmvsp8y9DNIu+Ip0J4DKOGehp7k0MVhm7hIy2 SAgrRjX6kKfBYbTqUbye33rcnLMB7sK1HDUWMaX46DZRJGxYcB1U4QmrrKml9D4gglim BI3z+cpGQ8JywpmCf4UF5C5hepMxfC+AfujNyYL4bI3SkhL1A3cYUNbFuQHhVxzjiNgN vDqw== X-Gm-Message-State: AOJu0YwoFOelunLw/FAon6J4/Hn4iEuPwEe5FYIkvC4QFX5midI3R5UK gMmxq/iV+pEnn5X1nCxJkv+31Ujg1svq/PxNxAzmhG/btcu4ld4bfXtgCgsriL7mUXKXHXFtrWx iVE2m X-Gm-Gg: ASbGncvU4yw0t4WlNdzbenrepybaktBDZjP/wlx09hgCdYQXqSxuoNHEmi9KyhSbfwj O0wGbEb5qVvJlK4cIvpJsHqRAUB4bl7TfEAp1BCHC3z62+6pYE04dedj3Fg26ifxno3MvoPmqiT pZlKlI2HL20o1P8678JS0vx1iAgv4ECMfPZHnWsivg+a3ddrIYokG8nSfDNIFYh4eNI6/fv+WaK 1LHf1oTYpW6G63nKubd3diWW2oZJO1l2oMy6sqqudo0469TMZkmZ2WUz/ilX+b+68+Q3fImEZaD OcM6Ce4DcNLOmNDooUtUI1h417olGUfVH/im5g/qVthj4+wiG7AUG7kjN0FkKR/vUSuQtlxOBr8 X+P+x+eHRSnR4kQ== X-Google-Smtp-Source: AGHT+IGG6a2iVBDK5XZhXK293E0qAYgiFhYLsrs4mjtI/lW52a8TyoBqR2ICypKm7mLhXAVuen3R+w== X-Received: by 2002:a17:903:2390:b0:242:c66f:9f62 with SMTP id d9443c01a7336-246065e8ea3mr30026445ad.26.1755790814189; Thu, 21 Aug 2025 08:40:14 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:bc1c:6959:5ad5:d4f9]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-245ed51b3dfsm58901845ad.142.2025.08.21.08.40.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Aug 2025 08:40:13 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 07/15] glib-2.0: update 2.84.0 -> 2.84.1 Date: Thu, 21 Aug 2025 08:39:48 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 21 Aug 2025 15:40:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/222256 From: Markus Volk - remove backport patch Overview of changes in GLib 2.84.1, 2025-04-03 ============================================== * Fix test failure when building against gobject-introspection ≥1.83.4 (#3634, work by Philip Withnall) * Bugs fixed: - #3630 2.84.0 build failure on Linux: ../gio/gnetworkmonitornetlink.c:47:10: fatal error: netlink/netlink_route.h: No such file or directory (Philip Withnall) - #3634 test failure with gobject-introspection 1.83.4: warning: element doc:format from state 3 is unknown, ignoring (Philip Withnall) - #3636 gio/trash does not handle special characters well - #3642 `g_cancellable_connect()` documentation incorrect (Marco Trevisan (Treviño)) - #3643 g_cancellable_connect(): is it safe to unref cancellable from callback? (Marco Trevisan (Treviño)) - #3649 Crash with some registry key values in GWin32AppInfo (Philip Withnall) - !4484 Memory sanitizer fixes - !4489 gobject: Be consistent in using atomic logic to handle the GParamSpecPool - !4541 gsettings: Port docs to gi-docgen format, add missing annotations and make various improvements - !4544 tests: Don't install runner scripts without installed_tests - !4545 Update French translation - !4547 Update Catalan translation - !4548 Update Turkish translation - !4551 Updated Danish translation - !4552 Update Persian translation - !4553 docs: Document GSignalFlags members added after 2.0 - !4554 Update Indonesian translation - !4555 tests: Add a test for g_object_freeze_notify() being called too often - !4557 gfileinfo: Slightly expand docs for g_file_info_get_attribute_as_string() - !4558 gi: Dynamically set doc-format - !4561 tests: Various fixes to create temporary files in /tmp rather than the build directory - !4562 gdbusnameowning: Convert docs to gi-docgen linking syntax - !4563 giounix-private: Fix macro for checking for epoll_create1() - !4565 Fix LGPL in header - !4567 gutils: make documentation of g_set_prgname() clearer - !4568 docs: Add some detail - !4569 Update Romanian translation - !4570 gspawn-win32: Fix potential integer overflows in argv handling - !4571 gvarianttype: Improve docs on type validation * Translation updates: - Catalan (Jordi Mas) - Danish (Ask Hjorth Larsen) - French (Vincent Chatelain) - Indonesian (Andika Triwidada) - Persian (Danial Behzadi) - Romanian (Antonio Marin) - Turkish (Sabri Ünal) (From OE-Core rev: 676b9acbe94f055a351da3bdcfbe457411e1877c) Signed-off-by: Markus Volk Signed-off-by: Richard Purdie This upgrade fixes CVE-2025-4056 Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- ...664e6f1a29e0d5f301979f6d168b08435a61.patch | 75 ------------------- ...l_2.84.0.bb => glib-2.0-initial_2.84.1.bb} | 0 ...{glib-2.0_2.84.0.bb => glib-2.0_2.84.1.bb} | 0 meta/recipes-core/glib-2.0/glib.inc | 3 +- 4 files changed, 1 insertion(+), 77 deletions(-) delete mode 100644 meta/recipes-core/glib-2.0/files/aee0664e6f1a29e0d5f301979f6d168b08435a61.patch rename meta/recipes-core/glib-2.0/{glib-2.0-initial_2.84.0.bb => glib-2.0-initial_2.84.1.bb} (100%) rename meta/recipes-core/glib-2.0/{glib-2.0_2.84.0.bb => glib-2.0_2.84.1.bb} (100%) diff --git a/meta/recipes-core/glib-2.0/files/aee0664e6f1a29e0d5f301979f6d168b08435a61.patch b/meta/recipes-core/glib-2.0/files/aee0664e6f1a29e0d5f301979f6d168b08435a61.patch deleted file mode 100644 index 28bce02dc3..0000000000 --- a/meta/recipes-core/glib-2.0/files/aee0664e6f1a29e0d5f301979f6d168b08435a61.patch +++ /dev/null @@ -1,75 +0,0 @@ -From aee0664e6f1a29e0d5f301979f6d168b08435a61 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Mon, 10 Mar 2025 15:21:15 +0000 -Subject: [PATCH] girparser: Ignore new doc:format element in GIR files -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -As of gobject-introspection 1.83.2, a new `` -element is supported (as a child of ``) in GIR files. - -For the moment, this information isn’t needed in libgirepository — but -the GIR parser does have to know about the element in order to not throw -an error claiming it’s invalid. - -This is a slightly tweaked version of the code added to -gobject-introspection.git in commit -9544cd6c962fab2c3203898779948309833e2439 by Corentin Noël -, reformatted slightly to fit in with -GLib’s style guidelines. - -This is backwards compatible and does not require a new -gobject-introspection version. - -Signed-off-by: Philip Withnall - -Fixes: #3634 - -Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/aee0664e6f1a29e0d5f301979f6d168b08435a61.patch] - -Signed-off-by: Markus Volk ---- - girepository/girparser.c | 12 +++++++++++- - 1 file changed, 11 insertions(+), 1 deletion(-) - -diff --git a/girepository/girparser.c b/girepository/girparser.c -index 63143718d9..be88d871a4 100644 ---- a/girepository/girparser.c -+++ b/girepository/girparser.c -@@ -107,7 +107,8 @@ typedef enum - STATE_ALIAS, - STATE_TYPE, - STATE_ATTRIBUTE, -- STATE_PASSTHROUGH -+ STATE_PASSTHROUGH, -+ STATE_DOC_FORMAT, /* 35 */ - } ParseState; - - typedef struct _ParseContext ParseContext; -@@ -3159,6 +3160,11 @@ start_element_handler (GMarkupParseContext *context, - state_switch (ctx, STATE_PASSTHROUGH); - goto out; - } -+ else if (strcmp ("doc:format", element_name) == 0) -+ { -+ state_switch (ctx, STATE_DOC_FORMAT); -+ goto out; -+ } - break; - - case 'e': -@@ -3843,6 +3849,10 @@ end_element_handler (GMarkupParseContext *context, - state_switch (ctx, ctx->prev_state); - } - break; -+ case STATE_DOC_FORMAT: -+ if (require_end_element (context, ctx, "doc:format", element_name, error)) -+ state_switch (ctx, STATE_REPOSITORY); -+ break; - - case STATE_PASSTHROUGH: - ctx->unknown_depth -= 1; --- -GitLab - diff --git a/meta/recipes-core/glib-2.0/glib-2.0-initial_2.84.0.bb b/meta/recipes-core/glib-2.0/glib-2.0-initial_2.84.1.bb similarity index 100% rename from meta/recipes-core/glib-2.0/glib-2.0-initial_2.84.0.bb rename to meta/recipes-core/glib-2.0/glib-2.0-initial_2.84.1.bb diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.84.0.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.84.1.bb similarity index 100% rename from meta/recipes-core/glib-2.0/glib-2.0_2.84.0.bb rename to meta/recipes-core/glib-2.0/glib-2.0_2.84.1.bb diff --git a/meta/recipes-core/glib-2.0/glib.inc b/meta/recipes-core/glib-2.0/glib.inc index 61e1a3ef17..4368e51df8 100644 --- a/meta/recipes-core/glib-2.0/glib.inc +++ b/meta/recipes-core/glib-2.0/glib.inc @@ -229,13 +229,12 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \ file://0001-gio-tests-resources.c-comment-out-a-build-host-only-.patch \ file://0010-Do-not-hardcode-python-path-into-various-tools.patch \ file://skip-timeout.patch \ - file://aee0664e6f1a29e0d5f301979f6d168b08435a61.patch \ " SRC_URI:append:class-native = " file://relocate-modules.patch \ file://0001-meson.build-do-not-enable-pidfd-features-on-native-g.patch \ " -SRC_URI[sha256sum] = "f8823600cb85425e2815cfad82ea20fdaa538482ab74e7293d58b3f64a5aff6a" +SRC_URI[sha256sum] = "2b4bc2ec49611a5fc35f86aca855f2ed0196e69e53092bab6bb73396bf30789a" # Find any meson cross files in FILESPATH that are relevant for the current # build (using siteinfo) and add them to EXTRA_OEMESON. From patchwork Thu Aug 21 15:39:49 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 68962 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9AC2BCA0FE4 for ; Thu, 21 Aug 2025 15:40:27 +0000 (UTC) Received: from mail-pl1-f177.google.com (mail-pl1-f177.google.com [209.85.214.177]) by mx.groups.io with SMTP id smtpd.web10.707.1755790817882586538 for ; Thu, 21 Aug 2025 08:40:17 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=CoszVsz2; spf=softfail (domain: sakoman.com, ip: 209.85.214.177, mailfrom: steve@sakoman.com) Received: by mail-pl1-f177.google.com with SMTP id d9443c01a7336-246151aefaaso5181575ad.1 for ; Thu, 21 Aug 2025 08:40:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1755790817; x=1756395617; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Ams4DOQu9Ln0Rs0orrwyk0xhVl9TdnfrLemi7D/gLcQ=; b=CoszVsz22Hs38WMynkYs8TTRDY8YrJrb2tPd14LERX4/gqi7tHC4p2al7aiGiSTyeI qXufiujxRTIFYccfR9o1EQSpTKnGntIFz6lGg3GFBv4CgWx97QK59ej7W1ie5zeZLIvj nRdU3gexXYlUMoQugkW09SU4AfDYNk5aIbsC15C4RVjRUnDSXh4u/+RLOCWb6hw3EJ2V gz3wAv1XQvTBjOL+DajnzI0Yd3fZ1K/ye4OBzeYoWi546v69SFMXDhkNQ4ARE2uBhNBV BX+AWXmmm8IHKGDltkmGM0oKFtfG7r2uHsglqp0HW+Vx83i4k9gSm0uPcUScbhEWlkii LMCA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755790817; x=1756395617; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Ams4DOQu9Ln0Rs0orrwyk0xhVl9TdnfrLemi7D/gLcQ=; b=WtkVYbQa5r2jXNFJOMmeenDbI27ftqTMBay5iwkrQuM2Iy46ftY3qv/gs0PfdCMae9 DJ3QT+rFuHWS4HYe2CSB6/pl7lRTS8nCbbrJQkmFEPCAV7PsN2PKxKinK9S6G97DXuDC munyRX+GqiRrBBR4MFvmy4tCHjw8r7pBbq/1BSfm5mkFqIm8HTgu7KZyNvwhTnHrpDy1 lQ3WQtDFF629r4oDizXD1wC7Tl+4idbT6F1oPnLuozJY5GluKOOffY4j+n0l+6eByIEy i5k0E9fVNeweBZ1BMRRJQQAMN40JhU2GokIj8/WD+jOTS1dgeY0Xt1fy6NwAE4IHqQg6 BzLA== X-Gm-Message-State: AOJu0YxUiVN9JKr0iKmx034y+UzA8zdAuDAZyifu5BUKh+CudvOrzkA1 3196drlc3QUCFP0hgL2QQqeqIrGKiZqBgAPIT8FbFhgtWGUIdmk/lHwsZgA+9pSwIx7ylrIwjDT V7cA8 X-Gm-Gg: ASbGnct9JzIvnk+cBpaMEDU+wb+U7VTpddAcLliG+TCN9it7MER7piUl1t9OqWsw8hn 9X91RPlQlkeQUvIgQzyEx8D5X/xWyyzZvZMZOR3O1jS9coWpuz4JSNbO5gVHtwwDZw1MNnvoyiX dcIg/e86YTw9JmZAGl0Vvq44RStWfiRd4qa9bKoXiusiIkL0puxKfsWBwvsSfTxeE+1yRAwlK0T JCoujftXEFs9L+b48rHSob2Bd+EXOC4KHj7QDb5+ToOu7rSwR8D+LEQNDc6cLGLYdNpxJcJuC0x OKpE0b1ZzPSAz/2XMSCL0f5PwBhdsEOnLvglZPKLa1fRZBRJh/FrZGMG7HGMsQbF6ZbRL4H92Kb j7Akqf86mCCaDew== X-Google-Smtp-Source: AGHT+IFYj5Sf5hMahhwV/6Y7fATCDWTQeshY6IashlUV9ARim5rzdtxhJP73MeTx5NIgBb3DZ2dQmA== X-Received: by 2002:a17:903:166e:b0:23f:b00a:d4c with SMTP id d9443c01a7336-2460616a7f6mr37603455ad.2.1755790816905; Thu, 21 Aug 2025 08:40:16 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:bc1c:6959:5ad5:d4f9]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-245ed51b3dfsm58901845ad.142.2025.08.21.08.40.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Aug 2025 08:40:16 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 08/15] glib-2.0: update 2.84.1 -> 2.84.2 Date: Thu, 21 Aug 2025 08:39:49 -0700 Message-ID: <45419176357954027607c7f92fd5ad11b5e87a42.1755790385.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 21 Aug 2025 15:40:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/222257 From: Praveen Kumar Overview of changes in GLib 2.84.2, 2025-05-20 ============================================== * Bugs fixed: - !4576 Backport !4575 “gclosure: fix ATOMIC_CHANGE_FIELD to read vint atomically” to glib-2-84 - !4595 Backport !4582 “Windows: fix wrong typelib path” to glib-2-84 - !4614 Backport "gstring: carefully handle gssize parameters" - !4616 Backport !4613 “Update macOS job for new CI runner” to glib-2-84 - !4623 Backport !4617 “gdate: Call tzset before localtime_r” to glib-2-84 - !4639 Backport -Wsign-conversion fixes for g_get_locale_variants() from !4590 to glib-2-84 - !4640 Backport !4620 “glocalfile: Disable faccessat()-based query_exists on Android” to glib-2-84 (From OE-Core rev: 3deb6b59f3fa91d4fa755f49dad4ac62c3a518fb) Signed-off-by: Praveen Kumar Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../{glib-2.0-initial_2.84.1.bb => glib-2.0-initial_2.84.2.bb} | 0 .../glib-2.0/{glib-2.0_2.84.1.bb => glib-2.0_2.84.2.bb} | 0 meta/recipes-core/glib-2.0/glib.inc | 2 +- 3 files changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-core/glib-2.0/{glib-2.0-initial_2.84.1.bb => glib-2.0-initial_2.84.2.bb} (100%) rename meta/recipes-core/glib-2.0/{glib-2.0_2.84.1.bb => glib-2.0_2.84.2.bb} (100%) diff --git a/meta/recipes-core/glib-2.0/glib-2.0-initial_2.84.1.bb b/meta/recipes-core/glib-2.0/glib-2.0-initial_2.84.2.bb similarity index 100% rename from meta/recipes-core/glib-2.0/glib-2.0-initial_2.84.1.bb rename to meta/recipes-core/glib-2.0/glib-2.0-initial_2.84.2.bb diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.84.1.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.84.2.bb similarity index 100% rename from meta/recipes-core/glib-2.0/glib-2.0_2.84.1.bb rename to meta/recipes-core/glib-2.0/glib-2.0_2.84.2.bb diff --git a/meta/recipes-core/glib-2.0/glib.inc b/meta/recipes-core/glib-2.0/glib.inc index 4368e51df8..819f3ff50a 100644 --- a/meta/recipes-core/glib-2.0/glib.inc +++ b/meta/recipes-core/glib-2.0/glib.inc @@ -234,7 +234,7 @@ SRC_URI:append:class-native = " file://relocate-modules.patch \ file://0001-meson.build-do-not-enable-pidfd-features-on-native-g.patch \ " -SRC_URI[sha256sum] = "2b4bc2ec49611a5fc35f86aca855f2ed0196e69e53092bab6bb73396bf30789a" +SRC_URI[sha256sum] = "88e960dd937057407d61fcb3b45a860704b25923c37ae2478b85f2ecb5a4021f" # Find any meson cross files in FILESPATH that are relevant for the current # build (using siteinfo) and add them to EXTRA_OEMESON. From patchwork Thu Aug 21 15:39:50 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 68965 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id AE7E2CA0FE7 for ; Thu, 21 Aug 2025 15:40:27 +0000 (UTC) Received: from mail-pg1-f173.google.com (mail-pg1-f173.google.com [209.85.215.173]) by mx.groups.io with SMTP id smtpd.web11.721.1755790819569098880 for ; Thu, 21 Aug 2025 08:40:19 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=P8j+rbt+; spf=softfail (domain: sakoman.com, ip: 209.85.215.173, mailfrom: steve@sakoman.com) Received: by mail-pg1-f173.google.com with SMTP id 41be03b00d2f7-b474d0f1d5eso791184a12.2 for ; Thu, 21 Aug 2025 08:40:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1755790819; x=1756395619; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=xSIVWc8ig0idkIf27VPU3O4BQPjtI4rjP0mzsKkjS1w=; b=P8j+rbt+5Kr390UozS6dRvXgaXGExutt6Kj4mAV7vDefXrXR+nK7uHPZDA8hIxknby tCQq+dzt41LT7s/VjR0d6EL4rtBkSdQn2d/FljqE3HJMBgo2gC3IhK08Mg5XThVUTQv4 FAMzVfzD3jZyelxw+dry/7rYTdPlGpLKWRoq0xCMiIQAN9ooJ0yrwLAKETxlCnxtnhqg erQCozo+kaeeRtaF+AyMrK/yUJRQal+yCY6D/+veJl8WnRS6AVlYUyUwBoWbc3T643q3 eSDgvYcff9GYqNdu6KPs+zaO3QgxVUaqqaaYv9h+gYvHnflE0JstT11mJd88s0JgZw4g OQMw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755790819; x=1756395619; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=xSIVWc8ig0idkIf27VPU3O4BQPjtI4rjP0mzsKkjS1w=; b=kPd90i1BQrhnmfK7dPbN0pXo+NIFk4AVhJfI6esyWWZoZzKvr4i608JV6UHdxR9n7G jfF1Pc+RrROVR+8RGd2LUjgYeZWbIM3U1T7rGlfqMd80HaGfSoFD5xuu3P9EB3rXEeRY k/b28XuVPl3deEZN7Wmh3CWLMhkPpv3JQQm2jizhwGftqrn0AoNQ9Rf8bk3FZdN6omAj GSdZEpC3h/1BG2222cT+gbKk1ANit2QPMK8uVaCx4SgV7joycSDv4MEZle7S7axb9RhD /XcSzP56lkJfCyDjY961y97Ja1DxJcOyuo4Yikld5oR5DEVv/O+9toNu1KwqHsEfdJlE QJPA== X-Gm-Message-State: AOJu0YxxvZC9/XFzOjUMPGmfuLYaY7u1qsmwunily9mIoOi9ZD6jLsyG Gmkwr8roN1aUfknjthG+37npWozemB/eljRwzp3+1ZFCChqhd8wm873K4cUZWaxLVrBPYMXLmtt UuvRs X-Gm-Gg: ASbGncsAw+duQHGINzH9T3W0OVF/EiCrAk2iL70ru+3RdN3Hj7R4r3/utYuiRwGWnXx D5d1wHkHCyZKM/uZTzDLR+3UAuldp4zqwoz6U7rY29gAVWWJHhkCGseVpa0k2/vFyJGIMfC6VLi Q6BoL2d53pHY9U2cXwhtDVLHEdWeapEaG64Vz/d7vfUwuphtuYDcF0lkszLxFPqqoP3YV/thitP KvICJQmlsl2GVvVBMaOreowgDOgmQo/IaiscAatwBkkpG3lyhRK2IYsdKt9riujg1weyb42y6Fw GvCtcyqRu3R++nh+oJPlPYd3tWd7BAcgg5KPazrEgxnXyBOvimS1jy4hFBF276KmhUDQ8wCiqJJ 63TubRR8pEMtaRA== X-Google-Smtp-Source: AGHT+IGyAQ2sAGfBS6asz/A2i35YDG5D3ExTgpNsQW1lXZeYd5XfR6N3Y8wyNzzeh/prJki8HfaKMA== X-Received: by 2002:a17:902:db07:b0:234:9656:7db9 with SMTP id d9443c01a7336-245fedcc650mr38574605ad.32.1755790818717; Thu, 21 Aug 2025 08:40:18 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:bc1c:6959:5ad5:d4f9]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-245ed51b3dfsm58901845ad.142.2025.08.21.08.40.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Aug 2025 08:40:18 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 09/15] glib-2.0: update 2.84.2 -> 2.84.4 Date: Thu, 21 Aug 2025 08:39:50 -0700 Message-ID: <8d5df566ef2c3d342ca0eb2421b4a583b02969da.1755790385.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 21 Aug 2025 15:40:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/222258 From: Peter Marko Overview of changes in GLib 2.84.4, 2025-08-08 ============================================== * Bugs fixed: - #3716 (CVE-2025-7039) (#YWH-PGM9867-104) Buffer Under-read on GLib through glib/gfileutils.c via get_tmp_file() (Michael Catanzaro) - #3721 GFile leak in g_local_file_set_display_name during error handling (Philip Withnall, Michael Catanzaro) - !4668 Backport !4667 “Incorrect output parameter handling in closure helper of g_settings_bind_with_mapping_closures” to glib-2-84 - !4675 Backport !4674 “gfileutils: fix computation of temporary file name” to glib-2-84 - !4679 Backport !4677 and !4678 “Fix GFile leak in g_local_file_set_display_name()” to glib-2-84 - !4697 Backport !4696 “gthreadpool: Catch pool_spawner creation failure” to glib-2-84 - !4705 Backport !4702 “gio/filenamecompleter: Fix leaks” to glib-2-84 - !4711 Backport !4708 “gfilenamecompleter: Fix g_object_unref() of undefined value” to glib-2-84 Overview of changes in GLib 2.84.3, 2025-06-13 ============================================== * Bugs fixed: - !4656 Backport !4655 “gstring: Fix overflow check when expanding the string” to glib-2-84 !4656 solves first half of CVE-2025-6052 Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../files/0001-meson-Run-atomics-test-on-clang-as-well.patch | 2 +- ...1-meson.build-do-not-enable-pidfd-features-on-native-g.patch | 2 +- .../{glib-2.0-initial_2.84.2.bb => glib-2.0-initial_2.84.4.bb} | 0 .../glib-2.0/{glib-2.0_2.84.2.bb => glib-2.0_2.84.4.bb} | 0 meta/recipes-core/glib-2.0/glib.inc | 2 +- 5 files changed, 3 insertions(+), 3 deletions(-) rename meta/recipes-core/glib-2.0/{glib-2.0-initial_2.84.2.bb => glib-2.0-initial_2.84.4.bb} (100%) rename meta/recipes-core/glib-2.0/{glib-2.0_2.84.2.bb => glib-2.0_2.84.4.bb} (100%) diff --git a/meta/recipes-core/glib-2.0/files/0001-meson-Run-atomics-test-on-clang-as-well.patch b/meta/recipes-core/glib-2.0/files/0001-meson-Run-atomics-test-on-clang-as-well.patch index e5878a1428..5ad2a0375b 100644 --- a/meta/recipes-core/glib-2.0/files/0001-meson-Run-atomics-test-on-clang-as-well.patch +++ b/meta/recipes-core/glib-2.0/files/0001-meson-Run-atomics-test-on-clang-as-well.patch @@ -17,7 +17,7 @@ diff --git a/meson.build b/meson.build index a8bcadc..041b68e 100644 --- a/meson.build +++ b/meson.build -@@ -2075,7 +2075,7 @@ atomicdefine = ''' +@@ -2077,7 +2077,7 @@ atomicdefine = ''' # We know that we can always use real ("lock free") atomic operations with MSVC if cc.get_id() == 'msvc' or cc.get_id() == 'clang-cl' or cc.links(atomictest, name : 'atomic ops') have_atomic_lock_free = true diff --git a/meta/recipes-core/glib-2.0/files/0001-meson.build-do-not-enable-pidfd-features-on-native-g.patch b/meta/recipes-core/glib-2.0/files/0001-meson.build-do-not-enable-pidfd-features-on-native-g.patch index e512940e34..aa098da379 100644 --- a/meta/recipes-core/glib-2.0/files/0001-meson.build-do-not-enable-pidfd-features-on-native-g.patch +++ b/meta/recipes-core/glib-2.0/files/0001-meson.build-do-not-enable-pidfd-features-on-native-g.patch @@ -17,7 +17,7 @@ diff --git a/meson.build b/meson.build index 041b68e..155bfd4 100644 --- a/meson.build +++ b/meson.build -@@ -1073,7 +1073,8 @@ if cc.links('''#include +@@ -1075,7 +1075,8 @@ if cc.links('''#include waitid (P_PIDFD, 0, &child_info, WEXITED | WNOHANG); return 0; }''', name : 'pidfd_open(2) system call') diff --git a/meta/recipes-core/glib-2.0/glib-2.0-initial_2.84.2.bb b/meta/recipes-core/glib-2.0/glib-2.0-initial_2.84.4.bb similarity index 100% rename from meta/recipes-core/glib-2.0/glib-2.0-initial_2.84.2.bb rename to meta/recipes-core/glib-2.0/glib-2.0-initial_2.84.4.bb diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.84.2.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.84.4.bb similarity index 100% rename from meta/recipes-core/glib-2.0/glib-2.0_2.84.2.bb rename to meta/recipes-core/glib-2.0/glib-2.0_2.84.4.bb diff --git a/meta/recipes-core/glib-2.0/glib.inc b/meta/recipes-core/glib-2.0/glib.inc index 819f3ff50a..c171598bed 100644 --- a/meta/recipes-core/glib-2.0/glib.inc +++ b/meta/recipes-core/glib-2.0/glib.inc @@ -234,7 +234,7 @@ SRC_URI:append:class-native = " file://relocate-modules.patch \ file://0001-meson.build-do-not-enable-pidfd-features-on-native-g.patch \ " -SRC_URI[sha256sum] = "88e960dd937057407d61fcb3b45a860704b25923c37ae2478b85f2ecb5a4021f" +SRC_URI[sha256sum] = "8a9ea10943c36fc117e253f80c91e477b673525ae45762942858aef57631bb90" # Find any meson cross files in FILESPATH that are relevant for the current # build (using siteinfo) and add them to EXTRA_OEMESON. From patchwork Thu Aug 21 15:39:51 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 68966 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B534CCA0FE1 for ; Thu, 21 Aug 2025 15:40:27 +0000 (UTC) Received: from mail-pg1-f180.google.com (mail-pg1-f180.google.com [209.85.215.180]) by mx.groups.io with SMTP id smtpd.web10.713.1755790821308639681 for ; Thu, 21 Aug 2025 08:40:21 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=mJwB5qDV; spf=softfail (domain: sakoman.com, ip: 209.85.215.180, mailfrom: steve@sakoman.com) Received: by mail-pg1-f180.google.com with SMTP id 41be03b00d2f7-b476c67c5easo808923a12.0 for ; Thu, 21 Aug 2025 08:40:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1755790820; x=1756395620; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=TIfJ1F9Gy0TUcBrvWp+MnVVECUxFK7nwMeaI8G8EruY=; b=mJwB5qDVye6VX01vUMspdXhqgcWsMPy/7tY9Y/9sEu8Y1tqgsleBbQkKF2nTFHzlGV ZI4HD3JGCbScKbh7M2Ca0vAwEpvCc50S0urllSa3z9KP+TPHO+MxLqfRcNdvviQIDfsW BY04WTgpxj7YiUIUEUl0NKSeUayXzFLhfSWxaCn38UWkVfKqh7yssf9Sq2Uiab2rQAfh ucCOvGhP3cve1jiI54Aw6zVFjQNbvWFnH0PFnQUuBE3pAhxhghaj3HIoN93AIomLkfgK wkXmLqUmBwlDpsdRfHJENmmRyg44Zorsl/AgaV0iG2AG9+/KEshQ2LpmTjjHn391EhYm i9QQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755790820; x=1756395620; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=TIfJ1F9Gy0TUcBrvWp+MnVVECUxFK7nwMeaI8G8EruY=; b=aF0agivQdAQdx47IXv5utYBvpiKb9AcF/nnhvIjno+JPaDQiB1UOEENQZ6DMeN/wmR XjssrEWUbjfSVhM072DZS82fT//pj/GvY1UursMJvI+6XxROporcgZXMMq1kCKXXl4l/ 5Zfu/hWm3N4oIlhnK0VwsYU4Seo4KZs0Em4/g2MxyUn4ok1AhIdCTUH058M1FNEIxL4x 3fy/aO7utblN+9DKwXU/eLCQZ1CXk/C+1x9yDhRD5HIWKjh51BNlEC7SwpJDCK2MmL2h pdRSvfBetce+if9I4IPo0gku1D43Msubt9xWmbG2rjxzkFAVw02xnCVRQsKJY+iebVFF IX0g== X-Gm-Message-State: AOJu0YwZhll0xSFZiCKU/GQP7jZFOVoucObjT7EIbOMOQ47jyZXB05ID bQCTsQss+xgnUkW3eNULHtschl2rVOhiyQYUjmlNgW8O62CMw/8WmKbOsrQRVXLnCM2T35q9hXq IJPkp X-Gm-Gg: ASbGnctqYhTU+V2naI7C8raogCy+RKpZXYQMXqhtq4fo8odVsMzKfwtJfVKFDEwZF7F beIjRsaCS+9n3n+ujpkm1GJipsrMQJIoQsrdEpqq/aK9ynjzaLXUwTF9cJn9NLH5YKIYHxEv/JX oGQoVXXC9OA2tOR8gfUqm0rrdLih9nHGdxWt6EyxoHMcdjguy7C+5cmDABrWfbw0oRNfoIRgImD wbA/oEhSAfKSQ2BgpuNAPw9Ku9/G4i0ZL4F28fuTaHfngENV3qZ93t0aTPj3LmASgn/4DnFtnOC Z6P2kOJbMX3NWk07sdJbyItMNt9ed0yZrKdmnPo1Uzxdm9PtWPW5nLjVKk0RAi/2bYWb1C0BAfB thUHf7eCR1CJS9w== X-Google-Smtp-Source: AGHT+IFwkV7o/WoMmYgf4EOz1fd53yhq/tsCZWIZXI8VgKcDhRxeue1Q2/cFTsnTBqClo5FmRoUKAw== X-Received: by 2002:a17:903:1c9:b0:240:8381:45b9 with SMTP id d9443c01a7336-246061bd07emr33960855ad.8.1755790820356; Thu, 21 Aug 2025 08:40:20 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:bc1c:6959:5ad5:d4f9]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-245ed51b3dfsm58901845ad.142.2025.08.21.08.40.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Aug 2025 08:40:20 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 10/15] glib-2.0: patch CVE-2025-6052 Date: Thu, 21 Aug 2025 08:39:51 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 21 Aug 2025 15:40:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/222259 From: Peter Marko Backport commits from [1] which references this CVE. [1] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4681 Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../glib-2.0/files/CVE-2025-6052-1.patch | 97 +++++++++++++++++++ .../glib-2.0/files/CVE-2025-6052-2.patch | 35 +++++++ meta/recipes-core/glib-2.0/glib.inc | 4 +- 3 files changed, 135 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-core/glib-2.0/files/CVE-2025-6052-1.patch create mode 100644 meta/recipes-core/glib-2.0/files/CVE-2025-6052-2.patch diff --git a/meta/recipes-core/glib-2.0/files/CVE-2025-6052-1.patch b/meta/recipes-core/glib-2.0/files/CVE-2025-6052-1.patch new file mode 100644 index 0000000000..a344735ee4 --- /dev/null +++ b/meta/recipes-core/glib-2.0/files/CVE-2025-6052-1.patch @@ -0,0 +1,97 @@ +From 6aa97beda32bb337370858862f4efe2f3372619f Mon Sep 17 00:00:00 2001 +From: Tobias Stoeckmann +Date: Mon, 7 Jul 2025 20:52:24 +0200 +Subject: [PATCH] gstring: Fix g_string_sized_new segmentation fault + +If glib is compiled with -Dglib_assert=false, i.e. no asserts +enabled, then g_string_sized_new(G_MAXSIZE) leads to a segmentation +fault due to an out of boundary write. + +This happens because the overflow check was moved into +g_string_maybe_expand which is not called by g_string_sized_new. + +By assuming that string->allocated_len is always larger than +string->len (and the code would be in huge trouble if that is not true), +the G_UNLIKELY check in g_string_maybe_expand can be rephrased to +avoid a potential G_MAXSIZE overflow. + +This in turn leads to 150-200 bytes smaller compiled library +depending on gcc and clang versions, and one less check for the most +common code paths. + +Reverts https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4655 and +reorders internal g_string_maybe_expand check to still fix +CVE-2025-6052. + +CVE: CVE-2025-6052 +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/6aa97beda32bb337370858862f4efe2f3372619f] +Signed-off-by: Peter Marko +--- + glib/gstring.c | 10 +++++----- + glib/tests/string.c | 18 ++++++++++++++++++ + 2 files changed, 23 insertions(+), 5 deletions(-) + +diff --git a/glib/gstring.c b/glib/gstring.c +index 010a8e976..24c4bfb40 100644 +--- a/glib/gstring.c ++++ b/glib/gstring.c +@@ -68,6 +68,10 @@ static void + g_string_expand (GString *string, + gsize len) + { ++ /* Detect potential overflow */ ++ if G_UNLIKELY ((G_MAXSIZE - string->len - 1) < len) ++ g_error ("adding %" G_GSIZE_FORMAT " to string would overflow", len); ++ + string->allocated_len = g_nearest_pow (string->len + len + 1); + /* If the new size is bigger than G_MAXSIZE / 2, only allocate enough + * memory for this string and don't over-allocate. +@@ -82,11 +86,7 @@ static inline void + g_string_maybe_expand (GString *string, + gsize len) + { +- /* Detect potential overflow */ +- if G_UNLIKELY ((G_MAXSIZE - string->len - 1) < len) +- g_error ("adding %" G_GSIZE_FORMAT " to string would overflow", len); +- +- if (G_UNLIKELY (string->len + len >= string->allocated_len)) ++ if (G_UNLIKELY (len >= string->allocated_len - string->len)) + g_string_expand (string, len); + } + +diff --git a/glib/tests/string.c b/glib/tests/string.c +index aa363c57a..e3bc4a02e 100644 +--- a/glib/tests/string.c ++++ b/glib/tests/string.c +@@ -767,6 +767,23 @@ test_string_new_take_null (void) + g_string_free (g_steal_pointer (&string), TRUE); + } + ++static void ++test_string_sized_new (void) ++{ ++ ++ if (g_test_subprocess ()) ++ { ++ GString *string = g_string_sized_new (G_MAXSIZE); ++ g_string_free (string, TRUE); ++ } ++ else ++ { ++ g_test_trap_subprocess (NULL, 0, G_TEST_SUBPROCESS_DEFAULT); ++ g_test_trap_assert_failed (); ++ g_test_trap_assert_stderr ("*string would overflow*"); ++ } ++} ++ + int + main (int argc, + char *argv[]) +@@ -796,6 +813,7 @@ main (int argc, + g_test_add_func ("/string/test-string-steal", test_string_steal); + g_test_add_func ("/string/test-string-new-take", test_string_new_take); + g_test_add_func ("/string/test-string-new-take/null", test_string_new_take_null); ++ g_test_add_func ("/string/sized-new", test_string_sized_new); + + return g_test_run(); + } diff --git a/meta/recipes-core/glib-2.0/files/CVE-2025-6052-2.patch b/meta/recipes-core/glib-2.0/files/CVE-2025-6052-2.patch new file mode 100644 index 0000000000..703dfdf46c --- /dev/null +++ b/meta/recipes-core/glib-2.0/files/CVE-2025-6052-2.patch @@ -0,0 +1,35 @@ +From 3752760c5091eaed561ec11636b069e529533514 Mon Sep 17 00:00:00 2001 +From: Tobias Stoeckmann +Date: Mon, 7 Jul 2025 20:57:41 +0200 +Subject: [PATCH] gstring: Improve g_string_append_len_inline checks + +Use the same style for the G_LIKELY check here as in g_string_sized_new. +The check could overflow on 32 bit systems. + +Also improve the memcpy/memmove check to use memcpy if val itself is +adjacent to end + len_unsigned, which means that no overlapping exists. + +CVE: CVE-2025-6052 +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/3752760c5091eaed561ec11636b069e529533514] +Signed-off-by: Peter Marko +--- + glib/gstring.h | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/glib/gstring.h b/glib/gstring.h +index e817176c9..c5e64b33a 100644 +--- a/glib/gstring.h ++++ b/glib/gstring.h +@@ -232,10 +232,10 @@ g_string_append_len_inline (GString *gstring, + else + len_unsigned = (gsize) len; + +- if (G_LIKELY (gstring->len + len_unsigned < gstring->allocated_len)) ++ if (G_LIKELY (len_unsigned < gstring->allocated_len - gstring->len)) + { + char *end = gstring->str + gstring->len; +- if (G_LIKELY (val + len_unsigned <= end || val > end + len_unsigned)) ++ if (G_LIKELY (val + len_unsigned <= end || val >= end + len_unsigned)) + memcpy (end, val, len_unsigned); + else + memmove (end, val, len_unsigned); diff --git a/meta/recipes-core/glib-2.0/glib.inc b/meta/recipes-core/glib-2.0/glib.inc index c171598bed..b967b9402f 100644 --- a/meta/recipes-core/glib-2.0/glib.inc +++ b/meta/recipes-core/glib-2.0/glib.inc @@ -229,8 +229,10 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \ file://0001-gio-tests-resources.c-comment-out-a-build-host-only-.patch \ file://0010-Do-not-hardcode-python-path-into-various-tools.patch \ file://skip-timeout.patch \ + file://CVE-2025-6052-1.patch \ + file://CVE-2025-6052-2.patch \ " -SRC_URI:append:class-native = " file://relocate-modules.patch \ +SRC_URI:append:class-native = " file://relocate-modules.patch \ file://0001-meson.build-do-not-enable-pidfd-features-on-native-g.patch \ " From patchwork Thu Aug 21 15:39:52 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 68963 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A70D5CA0FE2 for ; Thu, 21 Aug 2025 15:40:27 +0000 (UTC) Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by mx.groups.io with SMTP id smtpd.web11.723.1755790822843412923 for ; Thu, 21 Aug 2025 08:40:22 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=xvDF5zUK; spf=softfail (domain: sakoman.com, ip: 209.85.214.178, mailfrom: steve@sakoman.com) Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-24458194d83so9848175ad.2 for ; Thu, 21 Aug 2025 08:40:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1755790822; x=1756395622; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ErCK+j8xVqJA1uAm9m8dtJBgEM7C6dieVgCEarLfaGg=; b=xvDF5zUKZ82XRMgoR7m5vwUjze1d0or0nczgSHivgAYtQ9usDBpdgn0mb3ivdumVWr cwzEWHtxBNs+aZvyUq88J2rIKvLQN49627/j1NrEYJR7PYCJpbMEGlqmcgrpfiNmjs2N G3yxVumBolhV7RUS0iRCx1B2MpNWLMvDEFNx9XCdIMurOuj2duG2pLAaV1vkVWcf3v1x a8W1kjU742LWKxPRfGQK+Xtk8kqmEiQujsh3gPZ8gg3XluAIkTIR638ZkO1tHk5KQWy/ ZNadeHRCX6e0EHGYWpy+t+dTRYfTigiTtXXGrYrwRkP0jEP9R7SD3kquIJ/Jl2aa2wWd rniw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755790822; x=1756395622; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ErCK+j8xVqJA1uAm9m8dtJBgEM7C6dieVgCEarLfaGg=; b=gjDojllqLz7sotcPWeIeo10Fv+n7Abb8I+nbc5kSYYtqRsb2v6Za3uOCVtgr1yPTxB Lz33tq2Io6XkhVXv2Zt1+sd0oqE3toJxa5zEV04wxipS/GBZWOrh+2leaEs2No3SohCP juUakyu7XqvNrch1ND28AoTxPncRHvAe9qf4fiYb1//RKtZgLfYqN4KvyoPHhAdhxDm5 rmb1RYBLlDvm860Jh4/aqA05udY1Ta5xMnKib2nBDdVoPk7lLgcIw5Iql8WeEhD5jRmk kO7kHOBXkIm8ZOQ/wEh+EV6IWQqypWZ0HyM59FL+Mm61lb0pOz+Y7Cb/lrq8jP4XRFG1 qCDA== X-Gm-Message-State: AOJu0YxxxPcBpc939zkDv9buZ9/ymxCn/SwFA4YdIh/+iNrLCEfMWROY Ih0GBFg8IN6A/hW6XQ0mRawZIvuzodqRSF7y4JQ3H4G4ci4Lkox6YRAlun3bXZzR24FirqrL2S2 cX0V+ X-Gm-Gg: ASbGnctaRuFIuOeCGPdtU9YmN45rlAXP+iqPIroMTUQEE7vcaPp1Q1opnYPi2GjbRAR rwazd89+ducVdbulsLpkMavHNcReqfYLJA0i05ALg9u/fNtmb5yF87K+hyM9uWMrQkq5ALL3xsN rFDEZ0KqMw0pKJOTvP4ZMhy0HjPOcDGp7lnw6juYfL7LH8tPXbakUaARFiIOWlBIjX4UPKn1YAx q5xE63S2XpECAnKUMbiMszf5q/5JxllXDyFoTk+oQnKe4wPbVJT9LEA5t1gV8rnOcuOy5ewWUn0 hS4zFmfj0feEs496KF4jnMuBT2u9ye3/nGB6ohwxyE4DrOYyy4tlDfPzmaeDkf+eb/RmfhIrR7J Iv/9tyQTil3lYcQ== X-Google-Smtp-Source: AGHT+IFcTVbLrDx5Qs1HyJcUbbSEdTHt3wvF+9ut9A01fjAojNAj2At0Iby6cjB7V0EY1ufp7GdLig== X-Received: by 2002:a17:902:c942:b0:234:ba37:87ae with SMTP id d9443c01a7336-245febefa70mr40315905ad.4.1755790822000; Thu, 21 Aug 2025 08:40:22 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:bc1c:6959:5ad5:d4f9]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-245ed51b3dfsm58901845ad.142.2025.08.21.08.40.21 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Aug 2025 08:40:21 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 11/15] go: upgrade 1.24.5 -> 1.24.6 Date: Thu, 21 Aug 2025 08:39:52 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 21 Aug 2025 15:40:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/222260 From: Peter Marko Upgrade to latest 1.24.x release [1]: $ git --no-pager log --oneline go1.24.5..go1.24.6 7f36edc26d [release-branch.go1.24] go1.24.6 83b4a5db24 [release-branch.go1.24] database/sql: avoid closing Rows while scan is in progress 0f5133b742 [release-branch.go1.24] os/exec: fix incorrect expansion of "", "." and ".." in LookPath 6e1c4529e4 [release-branch.go1.24] cmd/compile: for arm64 epilog, do SP increment with a single instruction 731de13dc3 [release-branch.go1.24] os/user: user random name for the test user account 390ffce7d6 [release-branch.go1.24] runtime: prevent unnecessary zeroing of large objects with pointers b454859a8a [release-branch.go1.24] runtime: stash allpSnapshot on the M Fixes CVE-2025-47906 and CVE-2025-47907 [2]. [1] https://github.com/golang/go/compare/go1.24.5...go1.24.6 [2] https://groups.google.com/g/golang-announce/c/x5MKroML2yM Signed-off-by: Peter Marko Signed-off-by: Mathieu Dubois-Briand (cherry picked from commit f3072c210ac0a1e4d8046d920c3ebc29f9916b72) Signed-off-by: Archana Polampalli Signed-off-by: Steve Sakoman --- meta/recipes-devtools/go/{go-1.24.5.inc => go-1.24.6.inc} | 2 +- ...o-binary-native_1.24.5.bb => go-binary-native_1.24.6.bb} | 6 +++--- ...cross-canadian_1.24.5.bb => go-cross-canadian_1.24.6.bb} | 0 .../go/{go-cross_1.24.5.bb => go-cross_1.24.6.bb} | 0 .../go/{go-crosssdk_1.24.5.bb => go-crosssdk_1.24.6.bb} | 0 .../go/{go-runtime_1.24.5.bb => go-runtime_1.24.6.bb} | 0 meta/recipes-devtools/go/{go_1.24.5.bb => go_1.24.6.bb} | 0 7 files changed, 4 insertions(+), 4 deletions(-) rename meta/recipes-devtools/go/{go-1.24.5.inc => go-1.24.6.inc} (91%) rename meta/recipes-devtools/go/{go-binary-native_1.24.5.bb => go-binary-native_1.24.6.bb} (79%) rename meta/recipes-devtools/go/{go-cross-canadian_1.24.5.bb => go-cross-canadian_1.24.6.bb} (100%) rename meta/recipes-devtools/go/{go-cross_1.24.5.bb => go-cross_1.24.6.bb} (100%) rename meta/recipes-devtools/go/{go-crosssdk_1.24.5.bb => go-crosssdk_1.24.6.bb} (100%) rename meta/recipes-devtools/go/{go-runtime_1.24.5.bb => go-runtime_1.24.6.bb} (100%) rename meta/recipes-devtools/go/{go_1.24.5.bb => go_1.24.6.bb} (100%) diff --git a/meta/recipes-devtools/go/go-1.24.5.inc b/meta/recipes-devtools/go/go-1.24.6.inc similarity index 91% rename from meta/recipes-devtools/go/go-1.24.5.inc rename to meta/recipes-devtools/go/go-1.24.6.inc index fae0d3f333..a3933c2a61 100644 --- a/meta/recipes-devtools/go/go-1.24.5.inc +++ b/meta/recipes-devtools/go/go-1.24.6.inc @@ -17,4 +17,4 @@ SRC_URI += "\ file://0010-cmd-go-clear-GOROOT-for-func-ldShared-when-trimpath-.patch \ file://6d265b008e3d106b2706645e5a88cd8e2fb98953.patch \ " -SRC_URI[main.sha256sum] = "74fdb09f2352e2b25b7943e56836c9b47363d28dec1c8b56c4a9570f30b8f59f" +SRC_URI[main.sha256sum] = "e1cb5582aab588668bc04c07de18688070f6b8c9b2aaf361f821e19bd47cfdbd" diff --git a/meta/recipes-devtools/go/go-binary-native_1.24.5.bb b/meta/recipes-devtools/go/go-binary-native_1.24.6.bb similarity index 79% rename from meta/recipes-devtools/go/go-binary-native_1.24.5.bb rename to meta/recipes-devtools/go/go-binary-native_1.24.6.bb index 3de63060c7..86a3ad8556 100644 --- a/meta/recipes-devtools/go/go-binary-native_1.24.5.bb +++ b/meta/recipes-devtools/go/go-binary-native_1.24.6.bb @@ -9,9 +9,9 @@ PROVIDES = "go-native" # Checksums available at https://go.dev/dl/ SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}" -SRC_URI[go_linux_amd64.sha256sum] = "10ad9e86233e74c0f6590fe5426895de6bf388964210eac34a6d83f38918ecdc" -SRC_URI[go_linux_arm64.sha256sum] = "0df02e6aeb3d3c06c95ff201d575907c736d6c62cfa4b6934c11203f1d600ffa" -SRC_URI[go_linux_ppc64le.sha256sum] = "00bdfb16d1094e78473b681d2d09d42c19c886d4dfed743853769f1665c7a552" +SRC_URI[go_linux_amd64.sha256sum] = "bbca37cc395c974ffa4893ee35819ad23ebb27426df87af92e93a9ec66ef8712" +SRC_URI[go_linux_arm64.sha256sum] = "124ea6033a8bf98aa9fbab53e58d134905262d45a022af3a90b73320f3c3afd5" +SRC_URI[go_linux_ppc64le.sha256sum] = "63fc9559a3d6dfd63aa902f714375b879bbc848466181c035c122489b9646e27" UPSTREAM_CHECK_URI = "https://golang.org/dl/" UPSTREAM_CHECK_REGEX = "go(?P\d+(\.\d+)+)\.linux" diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.24.5.bb b/meta/recipes-devtools/go/go-cross-canadian_1.24.6.bb similarity index 100% rename from meta/recipes-devtools/go/go-cross-canadian_1.24.5.bb rename to meta/recipes-devtools/go/go-cross-canadian_1.24.6.bb diff --git a/meta/recipes-devtools/go/go-cross_1.24.5.bb b/meta/recipes-devtools/go/go-cross_1.24.6.bb similarity index 100% rename from meta/recipes-devtools/go/go-cross_1.24.5.bb rename to meta/recipes-devtools/go/go-cross_1.24.6.bb diff --git a/meta/recipes-devtools/go/go-crosssdk_1.24.5.bb b/meta/recipes-devtools/go/go-crosssdk_1.24.6.bb similarity index 100% rename from meta/recipes-devtools/go/go-crosssdk_1.24.5.bb rename to meta/recipes-devtools/go/go-crosssdk_1.24.6.bb diff --git a/meta/recipes-devtools/go/go-runtime_1.24.5.bb b/meta/recipes-devtools/go/go-runtime_1.24.6.bb similarity index 100% rename from meta/recipes-devtools/go/go-runtime_1.24.5.bb rename to meta/recipes-devtools/go/go-runtime_1.24.6.bb diff --git a/meta/recipes-devtools/go/go_1.24.5.bb b/meta/recipes-devtools/go/go_1.24.6.bb similarity index 100% rename from meta/recipes-devtools/go/go_1.24.5.bb rename to meta/recipes-devtools/go/go_1.24.6.bb From patchwork Thu Aug 21 15:39:53 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 68964 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id BD1C5CA0FE9 for ; Thu, 21 Aug 2025 15:40:27 +0000 (UTC) Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) by mx.groups.io with SMTP id smtpd.web10.715.1755790825390204373 for ; Thu, 21 Aug 2025 08:40:25 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=fAW4bPzu; spf=softfail (domain: sakoman.com, ip: 209.85.214.176, mailfrom: steve@sakoman.com) Received: by mail-pl1-f176.google.com with SMTP id d9443c01a7336-244582738b5so10543055ad.3 for ; Thu, 21 Aug 2025 08:40:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1755790825; x=1756395625; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=fo24Wo9EgjIluUSwNzrvBwc3hT0vZa5ULujJymc2DMU=; b=fAW4bPzu4FufYMagnsPOszoIjz6FM+MLYI2HuJRdkyWvqA3tfz6na20NsYmAolqHYV nq169q5rMbTFuBoSo5yeRpOt1KGDNtIA5EKZqIb4LlEVqylNCQqbrJqczHNSPVFwKHwN sxZ8mFTCmfa1HBbFzbyTyfB2M8VwygiQvEXyseIOvtcOseEehUq3IuraII2u/akGYBde mU6/iShHc88QoLHpjILwE55VCfAnq5jD4pfoYcTcfeQdkeuyedmS4cTIBw8amzuV7Sla 0WbRmTS51XGA7CDQEmH/HewOSMgvRkGIBoGv39FeGMZ7162YPgDxJdO0K2ozj+iR3Cim kmrw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755790825; x=1756395625; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=fo24Wo9EgjIluUSwNzrvBwc3hT0vZa5ULujJymc2DMU=; b=PJ5rH6oCkzWbLCbhSEFg0egRSLMZCF2786OfGNcEMgg5+xXvMwot6HovZpegojOhQe mxvCHKtjpyK3IMrvA3OXSkVAn+BZ7a1R4ffuMwGX27Ud+UqBZ4T/Ne5H3GhnVJV8kGng EOO/fJA5o2xqkcwifW/RYqCfiZxcQ7lpanVe4KkX2KW2ATJ/sP8dMudlqjBfzDRGp8XE mnGfZDRfTj7IKOpdDdJuoO+QiIsgbvbKuVrGMMieYug6LD71TedQAN1hdVpUtj8NEm6p k2bi6Ve1lFlS/wSctedC+DK490mJTb52Jsglfal0PPggCCuL342W9ch82m3l0D1pSaMc zUmg== X-Gm-Message-State: AOJu0YyXDYKkFP7PsaaZusGRhNBj7kCDTjD7xhFg2Y9jdJrfcPPtEZ2H /xove1c+Blgf/6MMTXsOlERKqhOQ6QjKYk70mLF/6l/jHQw0TwFNfB+GHPCS4a47dKjy8Rln96Y Tjy3E X-Gm-Gg: ASbGnctg+q/l8nFmRbNbHWW6d2pfdqTDHzpIYr60xT3bs/d201mdl3PKsNr242Pj3dL mWyQKRiQGIu+WmUddDsjnaLbIdv1fW4WfQIQuqbyXKxm7S16ZCpz1XWiENSMCqfzGzacjn5MBp5 6LXF3cWmxmKBKnsMpaFodpae35r+DmnFTGKUyhIQN3DnHN+9uwOjDCQhOT7LYE2mdnf2XJNPZXt 77u7PGV8JvHP7SIGwzDc+j/7WTeyl4v5759gyPLwzXk7u8y5FIZaQYJRyv3OZEnh5A3dyVTGZLV zJGHeaLClBUvtDIm0g4dwGPNzoezHcG93uuGzFc7N/uwOjmkgn4SaVMSmNzpQbi/6brML9XBfAn kYVgy54xDtokF0mo6Dgt76xkK X-Google-Smtp-Source: AGHT+IGrdtgMiV/VctZq/nhZy00CaxlICyLV3HZUg/TxE3y8MNqsTS2gVql4AGIR29uJxa1j4P+7bA== X-Received: by 2002:a17:903:2a8f:b0:242:9bbc:3644 with SMTP id d9443c01a7336-245ff878970mr46533065ad.54.1755790824047; Thu, 21 Aug 2025 08:40:24 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:bc1c:6959:5ad5:d4f9]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-245ed51b3dfsm58901845ad.142.2025.08.21.08.40.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Aug 2025 08:40:23 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 12/15] binutils: Fix gprofng broken symbolic link with gp-* Date: Thu, 21 Aug 2025 08:39:53 -0700 Message-ID: <55684a63904365d8a6ab2a8ce9e091f29b0b7df5.1755790385.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 21 Aug 2025 15:40:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/222261 From: Harish Sadineni In binutils 2.44, application names were changed from the gp- prefix (e.g., gp-display-text, gp-archive) to the gprofng- prefix (e.g., gprofng-display-text, gprofng-archive). Temporary gp-* symlinks were added to maintain compatibility with the older gprofng-gui. However, these compatibility symlinks did not support cross-platform toolchain prefixes, which resulted in broken gp-* symbolic links. Support for cross-platform prefixes are added upstream in binutils 2.45, so this change backports that fix to resolve broken symlinks issue. Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=90803ffdcc4d8c3d17566bf8dccadbad312f07a9] Signed-off-by: Harish Sadineni Signed-off-by: Steve Sakoman --- .../binutils/binutils-2.44.inc | 1 + .../0020-Fix-for-borken-symlinks.patch | 62 +++++++++++++++++++ 2 files changed, 63 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/0020-Fix-for-borken-symlinks.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.44.inc b/meta/recipes-devtools/binutils/binutils-2.44.inc index 32928ee167..26c2a413b8 100644 --- a/meta/recipes-devtools/binutils/binutils-2.44.inc +++ b/meta/recipes-devtools/binutils/binutils-2.44.inc @@ -45,5 +45,6 @@ SRC_URI = "\ file://0018-CVE-2025-5245.patch \ file://0019-CVE-2025-7545.patch \ file://0018-CVE-2025-7546.patch \ + file://0020-Fix-for-borken-symlinks.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/0020-Fix-for-borken-symlinks.patch b/meta/recipes-devtools/binutils/binutils/0020-Fix-for-borken-symlinks.patch new file mode 100644 index 0000000000..b26cf8a83a --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0020-Fix-for-borken-symlinks.patch @@ -0,0 +1,62 @@ +From 90803ffdcc4d8c3d17566bf8dccadbad312f07a9 Mon Sep 17 00:00:00 2001 +From: Zheng Junjie +Date: Mon, 10 Feb 2025 17:04:55 +0800 +Subject: [PATCH] gprofng: Fix cross-compilation binary name. + +commit d25ba4596e85da6d8af78c88b5917e14763afbe1 create symbolic link +no care cross-compilation prefix. + +(cherry picked from commit:90803ffdcc4d8c3d17566bf8dccadbad312f07a9) +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=90803ffdcc4d8c3d17566bf8dccadbad312f07a9] + +Signed-off-by: Harish Sadineni +--- + gprofng/src/Makefile.am | 12 +++++------- + gprofng/src/Makefile.in | 12 +++++------- + 2 files changed, 10 insertions(+), 14 deletions(-) + +diff --git a/gprofng/src/Makefile.am b/gprofng/src/Makefile.am +index a132a9ddb05..0465cdb06e3 100644 +--- a/gprofng/src/Makefile.am ++++ b/gprofng/src/Makefile.am +@@ -179,10 +179,8 @@ $(srcdir)/DbeSession.cc: QLParser.tab.hh + .PHONY: install-exec-local + install-exec-local: + $(mkinstalldirs) $(DESTDIR)$(bindir) +- rm -f $(DESTDIR)$(bindir)/gp-{archive,collect-app,display-html,display-src,display-text} +- ln -s gprofng-archive $(DESTDIR)$(bindir)/gp-archive +- ln -s gprofng-collect-app $(DESTDIR)$(bindir)/gp-collect-app +- ln -s gprofng-display-html $(DESTDIR)$(bindir)/gp-display-html +- ln -s gprofng-display-src $(DESTDIR)$(bindir)/gp-display-src +- ln -s gprofng-display-text $(DESTDIR)$(bindir)/gp-display-text +- ++ for i in gp-{archive,collect-app,display-html,display-src,display-text}; do \ ++ oldname=`echo $$i | sed '$(transform)'`; \ ++ rm -f $(DESTDIR)$(bindir)/$$oldname ; \ ++ ln -s `echo $$oldname | sed 's&gp-&gprofng-&'` $(DESTDIR)$(bindir)/$$oldname; \ ++ done +diff --git a/gprofng/src/Makefile.in b/gprofng/src/Makefile.in +index d0dec12e244..d6f1f9438b6 100644 +--- a/gprofng/src/Makefile.in ++++ b/gprofng/src/Makefile.in +@@ -1119,13 +1119,11 @@ $(srcdir)/DbeSession.cc: QLParser.tab.hh + .PHONY: install-exec-local + install-exec-local: + $(mkinstalldirs) $(DESTDIR)$(bindir) +- rm -f $(DESTDIR)$(bindir)/gp-{archive,collect-app,display-html,display-src,display-text} +- ln -s gprofng-archive $(DESTDIR)$(bindir)/gp-archive +- ln -s gprofng-collect-app $(DESTDIR)$(bindir)/gp-collect-app +- ln -s gprofng-display-html $(DESTDIR)$(bindir)/gp-display-html +- ln -s gprofng-display-src $(DESTDIR)$(bindir)/gp-display-src +- ln -s gprofng-display-text $(DESTDIR)$(bindir)/gp-display-text +- ++ for i in gp-{archive,collect-app,display-html,display-src,display-text}; do \ ++ oldname=`echo $$i | sed '$(transform)'`; \ ++ rm -f $(DESTDIR)$(bindir)/$$oldname ; \ ++ ln -s `echo $$oldname | sed 's&gp-&gprofng-&'` $(DESTDIR)$(bindir)/$$oldname; \ ++ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. + # Otherwise a system limit (for SysV at least) may be exceeded. + .NOEXPORT: +-- +2.43.7 From patchwork Thu Aug 21 15:39:54 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 68961 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9ABCECA0EFC for ; Thu, 21 Aug 2025 15:40:27 +0000 (UTC) Received: from mail-pl1-f177.google.com (mail-pl1-f177.google.com [209.85.214.177]) by mx.groups.io with SMTP id smtpd.web11.726.1755790827149874851 for ; Thu, 21 Aug 2025 08:40:27 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=Z1Ny/UTf; spf=softfail (domain: sakoman.com, ip: 209.85.214.177, mailfrom: steve@sakoman.com) Received: by mail-pl1-f177.google.com with SMTP id d9443c01a7336-2461864f7f8so5202305ad.2 for ; Thu, 21 Aug 2025 08:40:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1755790826; x=1756395626; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=+WWxqp3vD8HqDl2oxZr+HimFyCmGEw89I0y/p8RIceI=; b=Z1Ny/UTf58M51JQpoH2DjvhvizoJjm6cOdWLT40DYYaHFEjwweYku/40MArxEaxiO2 nwqDjZF1qqkAfaR2rme4kN9VIAcScaiDim9E8/TUps8iakqephsbDo2hlCQirdcUgsLQ gz41mxkYnQ0s6isqIw//OYhhbZ00jfotpfvLHglq0WGnBAb0YjIZUKBtY8D4r6VleAuQ dGRkX9EviGGtV5ttkFGzKzX57OhLJx8GGVdhmVaKkuV3ZuGF5+zGDP6HlPSrpiuO+P86 TSrb0zwOkgh6Lb6jBzqXxAeHWHJJ4M9VPJP6qhfhDTN+VmRn38GR5byxGGrgQOkn3/ki GtOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755790826; x=1756395626; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+WWxqp3vD8HqDl2oxZr+HimFyCmGEw89I0y/p8RIceI=; b=tMitsqGpiH3Yc7zs7tyxmuiw+3eL8ARi3vA7qVp2LGiu4khxjVab6uS3JV1OJATd70 iWkE0ZuygAo9mdtgaR1LJNlntuiEhL0LalqQaO/2RsiOwD7cJRAglaO3C2ykN5nrloHn dgEIe402tgC2euUWCYrLpfAUlLzBWz5lChieqpDhXmrXNTXD1HFVbar/34YMbDSY/MPf 4A7Zh60qOJofmHS8yrTqkI6TYgC54fpeZGV81hT4BArwxLi7khQMP+PwZAxrPgipgN94 tCkDWTH6Vtw9MBbNshTXQVGdHBeMwo25URgkH/SYMbr7j/xQJaFdXHI1IeSIv50XX3AF pOiQ== X-Gm-Message-State: AOJu0Yw6JQd70U4jj4hsBtKU50WBtLC8Q9El2VKwScCnSWpyDMcFUlUx KA2mHpSP2erVsYWAPQ4N/iV//ETvOaIxg/ovRHlo9ZpQu78TEeOTpS2y10fAWuXPnp42sY3C6E1 YeOpY X-Gm-Gg: ASbGncvbuzxr9qCAfHeQdapr78fL+KbI96SYTO2oTgqvFmtDr5nVmZitinz8d8uvGG5 X9xeGSpbQtsES8ATCLNDQH4rw+uws8181T9yg02FaUPEM6G/b5UhgVQ7v/MNlqp8nSqdzyZdDkg v1b8wgzdorn/tHCLmQRlPNli0zV9/SM/OdphVWkwx6+bZcMvkaXChrosD3tEtlZ0svOtGw4u1cK Ky+rvc0OLPgrR0NL52pOsCSETg6BqYsNImmagMlpC+OlBCssKF64gjEM2cR1jejl7pKGL5oxQtY EGQpJpNAfCdJ6AN6sh3MksXioB+W/oM7xdhF3sIeJMThpHm0PixQ8WcSpDKDlHbk5aXX9aM8quV cDBJ/7dA7huCPuA== X-Google-Smtp-Source: AGHT+IFFv5mOVV0XPW5xT06LGYH10i4ceTzaE46OEebebzfJX1GNbeM0tcK4yM5nty2wTdYBxa2BRg== X-Received: by 2002:a17:903:1b26:b0:240:a889:554d with SMTP id d9443c01a7336-245fedaee4bmr45752715ad.45.1755790826362; Thu, 21 Aug 2025 08:40:26 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:bc1c:6959:5ad5:d4f9]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-245ed51b3dfsm58901845ad.142.2025.08.21.08.40.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Aug 2025 08:40:26 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 13/15] pkgconfig: fix build with gcc-15 Date: Thu, 21 Aug 2025 08:39:54 -0700 Message-ID: <092ee1703d81b8aaed452189dd329320483087d3.1755790385.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 21 Aug 2025 15:40:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/222262 From: Martin Jansa * on hosts with gcc-15 or whenever glib PACKAGECONFIG isn't enabled and pkgconfig uses own old bundled glib * fixes: http://errors.yoctoproject.org/Errors/Details/853015/ ../../../git/glib/glib/goption.c:169:14: error: two or more data types in declaration specifiers 169 | gboolean bool; | ^~~~ ../../../git/glib/glib/goption.c:169:18: warning: declaration does not declare anything 169 | gboolean bool; | ^ Signed-off-by: Martin Jansa Signed-off-by: Richard Purdie Signed-off-by: Steve Sakoman --- ...0001-Do-not-use-bool-as-a-field-name.patch | 36 +++++++++++++++++++ .../pkgconfig/pkgconfig_git.bb | 1 + 2 files changed, 37 insertions(+) create mode 100644 meta/recipes-devtools/pkgconfig/pkgconfig/0001-Do-not-use-bool-as-a-field-name.patch diff --git a/meta/recipes-devtools/pkgconfig/pkgconfig/0001-Do-not-use-bool-as-a-field-name.patch b/meta/recipes-devtools/pkgconfig/pkgconfig/0001-Do-not-use-bool-as-a-field-name.patch new file mode 100644 index 0000000000..bcb7e94d69 --- /dev/null +++ b/meta/recipes-devtools/pkgconfig/pkgconfig/0001-Do-not-use-bool-as-a-field-name.patch @@ -0,0 +1,36 @@ +From b3b26a7e125e5e4f5b69975cc17eb6d33198ebaa Mon Sep 17 00:00:00 2001 +From: Emmanuele Bassi +Date: Thu, 11 Apr 2024 14:40:21 +0100 +Subject: [PATCH] Do not use bool as a field name + +C99 aliases `bool` to `_Bool`, and C23 introduces `bool` as a reserved +keyword. Let's avoid using `bool` as a field name. + +Upstream-Status: Backport [Backport from glib to bunlded version in pkg-config https://github.com/GNOME/glib/commit/9e320e1c43a4770ed1532248fe5416eb0c618120] +Signed-off-by: Martin Jansa +--- + glib/glib/goption.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/glib/glib/goption.c b/glib/glib/goption.c +index 0a22f6f..f439fd4 100644 +--- a/glib/glib/goption.c ++++ b/glib/glib/goption.c +@@ -166,7 +166,7 @@ typedef struct + gpointer arg_data; + union + { +- gboolean bool; ++ gboolean boolean; + gint integer; + gchar *str; + gchar **array; +@@ -1600,7 +1600,7 @@ free_changes_list (GOptionContext *context, + switch (change->arg_type) + { + case G_OPTION_ARG_NONE: +- *(gboolean *)change->arg_data = change->prev.bool; ++ *(gboolean *)change->arg_data = change->prev.boolean; + break; + case G_OPTION_ARG_INT: + *(gint *)change->arg_data = change->prev.integer; diff --git a/meta/recipes-devtools/pkgconfig/pkgconfig_git.bb b/meta/recipes-devtools/pkgconfig/pkgconfig_git.bb index baf37b0a9b..af512a42b4 100644 --- a/meta/recipes-devtools/pkgconfig/pkgconfig_git.bb +++ b/meta/recipes-devtools/pkgconfig/pkgconfig_git.bb @@ -15,6 +15,7 @@ SRC_URI = "git://gitlab.freedesktop.org/pkg-config/pkg-config.git;branch=master; file://pkg-config-esdk.in \ file://pkg-config-native.in \ file://0001-glib-gettext.m4-Update-AM_GLIB_GNU_GETTEXT-to-match-.patch \ + file://0001-Do-not-use-bool-as-a-field-name.patch \ " S = "${WORKDIR}/git" From patchwork Thu Aug 21 15:39:55 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 68967 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id BC286CA0EFC for ; Thu, 21 Aug 2025 15:40:37 +0000 (UTC) Received: from mail-pg1-f179.google.com (mail-pg1-f179.google.com [209.85.215.179]) by mx.groups.io with SMTP id smtpd.web11.727.1755790828498695636 for ; Thu, 21 Aug 2025 08:40:28 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=Aq5gfRh1; spf=softfail (domain: sakoman.com, ip: 209.85.215.179, mailfrom: steve@sakoman.com) Received: by mail-pg1-f179.google.com with SMTP id 41be03b00d2f7-b471738daabso1018080a12.1 for ; Thu, 21 Aug 2025 08:40:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1755790828; x=1756395628; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=G4vI8BU696Nj7eASIyv3BxPwm32KjgzhxreP1IMYKuE=; b=Aq5gfRh1Bo8mEKJly9gFJ9JdS0NJ4INafhtjkrhjtHnKVLPnXy5yovMcLQgnJPGON0 JMXKmqN6Xoe0UwrPy61e5ISq2PWYftTf6+76VHZkFBzh4gQkXZSxUp6YPkH6qCy4dcAS jnGUmecuYL6yKmID9XFTPdnqkt6XAdWERlRNHeejo3Oh/aCJb6IUYCfZ5lsuQLxrmekZ c0JFUtmX5y2u+bns/WGqrGbu2A+TWQ0jaT5CFyd7Fp59GyDDhwENpGYHpFWiuLn8Tijf Jm5a3pZK5wG4KtD2IpQwGdceo/irD9rRDPlE3b6kTY97fhaAAzSBHLhGAjYpjKXysUVU DfeA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755790828; x=1756395628; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=G4vI8BU696Nj7eASIyv3BxPwm32KjgzhxreP1IMYKuE=; b=ZiuzAmlKwWpDr1aUcXopWDjl5EqyvfNj/VIDBNlAXYtMrHTGqZV6AwF9c6t/OV5Iga bjMJOfAaDaugDc8073Gy8iEJxUO0KFL18NghMBEizh+hsxKS26K5DvtRaFU5EHd/zDOS DcUgqgYmVj5DgSntwwHSpmcuY98DFimK3rNZQqPrPKl1+F+QELT3OKsvWGsTzksTDw6h gm/DHIH4m7TlTlNfc9dL1aj8ScuB3kTKFZNLxtQHLK4GECe/2Sy3lBY6ST8kn6VADIS3 ae1pcdUuy5f0BBIZxhtglAZ0d2BSxFyfLA3v9lpN8FtuJsJpnMPMLDsBrWCN12LyHKu4 plaw== X-Gm-Message-State: AOJu0Yx9PoU51UvFxjgAlt7z2KvH9JRSzLBxGHQvgIJxX8sUbANLmC1g /oQt4qW3OSbEuRz8wLdLQNarNwEugGZLhpLHUMB7tn/N3DgO4OAiHrk/cbnvmbOglBigrOe8osz wA6FK X-Gm-Gg: ASbGncvA810yj6NhFBVWSQ1e78gL6DG6FsM/mdV1go+QuP2ycqJqq8eGdb6pWoJ9os+ aVwTBMWxTNHkg4Kdg9AYuOBTr98gHW3yWwctBivldyFiap8MYhx7Ah4VGbP0UpjXlWg9BqVRRZq KckbY60YVr3M+VPGI8LNZqU2sqb343RmdMeqxErJhn/gPiauYgKOcFaLpqNxf6XRR1wfmwNt7JC 25Aaj80MwzV76B7WaG79HrC63rUba+9W8TFwmaBd/Vrssei7wcQfM4P0zK2Ped5boTpZw7u6awg MOZwwFvK8l4mMjPK3ZqwoNE+fFemjLEg81Qzkce7zTP6ToE2nt5owsRBhwms2Ci6x1SZ2zJ8Lpp AXEwLUGKrP77hIg== X-Google-Smtp-Source: AGHT+IGYhzv5g3xAUnYEQlyCq3zlrkbXfQqR4jxbBl4i/xI5tg8EQ6f1iVaHBLZLlOIZuf0SiegH1Q== X-Received: by 2002:a17:903:2f4e:b0:240:79d5:8dc7 with SMTP id d9443c01a7336-245fedcd33bmr41371465ad.46.1755790827698; Thu, 21 Aug 2025 08:40:27 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:bc1c:6959:5ad5:d4f9]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-245ed51b3dfsm58901845ad.142.2025.08.21.08.40.27 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Aug 2025 08:40:27 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 14/15] bash: use -std=gnu17 also for native CFLAGS Date: Thu, 21 Aug 2025 08:39:55 -0700 Message-ID: <0c09f4a449fc03e6f5dfb6e5961c0a0471a7816d.1755790385.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 21 Aug 2025 15:40:37 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/222263 From: Martin Jansa * fixes builds on host with gcc-15: http://errors.yoctoproject.org/Errors/Details/853016/ ../../bash-5.2.37/builtins/mkbuiltins.c:268:29: error: too many arguments to function ‘xmalloc’; expected 0, have 1 268 | error_directory = xmalloc (2 + strlen (argv[arg_index])); | ^~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Signed-off-by: Martin Jansa Signed-off-by: Richard Purdie Signed-off-by: Steve Sakoman --- meta/recipes-extended/bash/bash_5.2.37.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-extended/bash/bash_5.2.37.bb b/meta/recipes-extended/bash/bash_5.2.37.bb index 9f02ea17b5..2c0645cbd9 100644 --- a/meta/recipes-extended/bash/bash_5.2.37.bb +++ b/meta/recipes-extended/bash/bash_5.2.37.bb @@ -21,5 +21,8 @@ DEBUG_OPTIMIZATION:append:armv4 = " ${@bb.utils.contains('TUNE_CCARGS', '-mthumb DEBUG_OPTIMIZATION:append:armv5 = " ${@bb.utils.contains('TUNE_CCARGS', '-mthumb', '-fomit-frame-pointer', '', d)}" CFLAGS += "-std=gnu17" +# mkbuiltins.c is built with native toolchain and needs gnu17 as well: +# http://errors.yoctoproject.org/Errors/Details/853016/ +BUILD_CFLAGS += "-std=gnu17" BBCLASSEXTEND = "nativesdk" From patchwork Thu Aug 21 15:39:56 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 68968 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id BC2BECA0FE1 for ; Thu, 21 Aug 2025 15:40:37 +0000 (UTC) Received: from mail-pg1-f175.google.com (mail-pg1-f175.google.com [209.85.215.175]) by mx.groups.io with SMTP id smtpd.web10.717.1755790830046085519 for ; Thu, 21 Aug 2025 08:40:30 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=APDxkNYY; spf=softfail (domain: sakoman.com, ip: 209.85.215.175, mailfrom: steve@sakoman.com) Received: by mail-pg1-f175.google.com with SMTP id 41be03b00d2f7-b471740e488so918183a12.1 for ; Thu, 21 Aug 2025 08:40:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1755790829; x=1756395629; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=f30i8ur4h3597xhrfJZeqRNgFYXKdDCsVs7SbVH4W+8=; b=APDxkNYYjkQoPDHpuQ8LxEqYZgyECp8clI7/Qasr/gkAiQUiD3uopCxQgbgJSxm8qQ 1+0ezWd/1of8RLuUOVf8/o0i6eu6/lc7B661stusIi0NrwfGA9o+4ZvPbn+hiXVqbIIh ibGUshXk2XM0JSiAiLvrQ5V2QKGpjy1Knvz/n5rGm3qzOieEhuUmHKUWKhc8r/q+x/2r 8VLvvG1+2wnJHopodGmHv+fI/lwqy/lBUiJaiyMW4RthzT3O5fUm+i+XBcS7aix2Tbxg Q8nvjSC3a+q41KNNGCGZ8TIsEctQaMHMhbVfNjywf0f/s+cOcw5HNiJlYTkLgvIEemg7 vHVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755790829; x=1756395629; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=f30i8ur4h3597xhrfJZeqRNgFYXKdDCsVs7SbVH4W+8=; b=eSKLtGTGeLTxOSs1pXONFgEvUci9r1HjjdoRKfUDsj/n6a9b57mjdnGg/oFXlOVb9L A4RCRATvI1nwKRb30pzhHw7/KaCi706FYQd6PADzuGy+k8kUUSHk54qclIkQhBM8E+j1 hXMhAOs+qWzJkGIaR8KtLRtzx8b/pj0sN7U3AXO8klp5gIhhu8O+eUY63u83Ob1PYBfD iyTfG6HZSSe2rDK5fpFtNFUcr/N09dJFX1Ro4nROqX+0UHOYLtrOE198qM4ol0iFTxLQ qQ+c7/xCp8qm2ADhHIT8vJG++7ku+pIT79L5RXbObti21gzqWjBHEsl3yuO/Ydyngeiy EK8Q== X-Gm-Message-State: AOJu0Yzue023waxnFoONood6lhkOhhEiR/rDXzl2fQipMrj9UJvVi+zJ GlRa8Eq6ck5ezAbiSCQqGMn3WKmxjPSwXWo+wjxWLQgkVXBg07cPzVkAm2/QywNKSIMvNcbp6t6 DHhc8 X-Gm-Gg: ASbGnctwhb/WqU+qsQDHO4jyHqDWvHBFeqRvERZz+hGg8oGvAmIWpU1ZQzAk0ZxA6jp cYxJ1z8E+gH5X8jc7tXdGieZ/PHl9ohuTt8r16gSCxIM+lUEa/wd/CMLi8TslmHZ49bb6fkLdMa Ac+4EX8F7GjSlOxAUZ/MbpcCY1/gevPQviRHcOvEMna1K5FnpqrRs3ULk7LX1jnpfTcZVLpdAHn Jr6exkCz0AAkuUYojDiiC/sjFGBIhf+hP6Fi7xL7kG3c3MWYdizOvoRurXxxfzs3x6aaBXzUA43 Kbv4xOEawmOtW/8wLnugtviDaT4j8WXbLZRYrY+pAtc1PGBWnE5aHrKvC7B0sI+ZA/VNdTOOQda xA03PXWpRfW2usQ== X-Google-Smtp-Source: AGHT+IHEKixM7J2kfDGwn3mXWQvhqM1tiHg37fpKgl9Dbl8tesV8xin+2AOIlj1k3MyRx3dlbSSv6w== X-Received: by 2002:a17:902:d487:b0:240:38f8:ed05 with SMTP id d9443c01a7336-245fed6924fmr46092675ad.36.1755790829137; Thu, 21 Aug 2025 08:40:29 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:bc1c:6959:5ad5:d4f9]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-245ed51b3dfsm58901845ad.142.2025.08.21.08.40.28 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Aug 2025 08:40:28 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 15/15] linux-firmware: fix FILES to drop RDEPENDS on full package Date: Thu, 21 Aug 2025 08:39:56 -0700 Message-ID: <4b785d2d416944a78bf4c09e85a508ae80e35ca4.1755790385.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 21 Aug 2025 15:40:37 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/222264 From: Patryk Seregiet linux-firmware-rtl8723 and linux-firmware-adsp-sst contain symlinks to files that were previously packaged only in the main linux-firmware package. This caused both subpackages to inherit an unintended RDEPENDS on the full package. This change resolves the issue by ensuring all required files are correctly included in their respective subpackages. Thanks to Peter Kjellerstedt for figuring out the rootcause. (From OE-Core rev: cf27c7d040e7a5f1bbc60fb36c98686704bd7dc5) Signed-off-by: Patryk Seregiet Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie (master rev: cf27c7d040e7a5f1bbc60fb36c98686704bd7dc5) Signed-off-by: Robert Yang Signed-off-by: Steve Sakoman --- .../linux-firmware/linux-firmware_20250311.bb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20250311.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20250311.bb index 675d378376..a4814d80d1 100644 --- a/meta/recipes-kernel/linux-firmware/linux-firmware_20250311.bb +++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20250311.bb @@ -1253,6 +1253,7 @@ FILES:${PN}-rtl8723 = " \ FILES:${PN}-rtl8821 = " \ ${nonarch_base_libdir}/firmware/rtlwifi/rtl8821*.bin* \ ${nonarch_base_libdir}/firmware/rtw88/rtw8821*.bin* \ + ${nonarch_base_libdir}/firmware/rtl_bt/rtl8821*.bin \ " FILES:${PN}-rtl8761 = " \ ${nonarch_base_libdir}/firmware/rtl_bt/rtl8761*.bin* \ @@ -1756,7 +1757,10 @@ RDEPENDS:${PN}-ice = "${PN}-ice-license" FILES:${PN}-adsp-sst-license = "${nonarch_base_libdir}/firmware/LICENCE.adsp_sst" LICENSE:${PN}-adsp-sst = "Firmware-adsp_sst" LICENSE:${PN}-adsp-sst-license = "Firmware-adsp_sst" -FILES:${PN}-adsp-sst = "${nonarch_base_libdir}/firmware/intel/dsp_fw*" +FILES:${PN}-adsp-sst = "\ + ${nonarch_base_libdir}/firmware/intel/dsp_fw* \ + ${nonarch_base_libdir}/firmware/intel/avs/*/dsp_basefw.bin \ +" RDEPENDS:${PN}-adsp-sst = "${PN}-adsp-sst-license" # For QAT