From patchwork Sat Nov 22 19:31:19 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 75209
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 84928CFD2E7
	for <webhook@archiver.kernel.org>; Sat, 22 Nov 2025 19:31:32 +0000 (UTC)
Received: from mail-wr1-f53.google.com (mail-wr1-f53.google.com
 [209.85.221.53])
 by mx.groups.io with SMTP id smtpd.msgproc02-g2.965.1763839891260847102
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:31 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=hRlMn6+R;
 spf=pass (domain: gmail.com, ip: 209.85.221.53,
 mailfrom: skandigraun@gmail.com)
Received: by mail-wr1-f53.google.com with SMTP id
 ffacd0b85a97d-42b379cd896so1696752f8f.3
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1763839890; x=1764444690;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:message-id:date:subject:to
         :from:from:to:cc:subject:date:message-id:reply-to;
        bh=4QzV3cS47xcl7482gfg/MO2kRj1kt2AhYdcrQzdbc/M=;
        b=hRlMn6+R+014vfFGHrna7IunwMKzSLjmOYGcKiNNIQftOTb9N0HKDEsEe0LdgQYdsT
         b9m5/W+xO5sW3j00FECg7Dqyo/qVrh8rBsx9NJvtv9Ih4v+qAqAoM0CLkXYm3jyBBLbK
         yc4sY3Wg6uW7EYpSAFHppW3fAXehyyCXccL4SfCj/grhqTW5voYnYdjpyayD0LoSNmhB
         FxugRXyR244BXr8Io8u4N9WlFbZ8tujLmoamUXanb6lTM9D9Gno91xvJ/9PYdC/eFJF1
         oUsHhD4arIafJV+IyiRzBx3kg+j8OihQZ/yo6Vu9lXev2IEJ+MC4v5CfCvZ3Esy+DBDO
         Gp0g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1763839890; x=1764444690;
        h=content-transfer-encoding:mime-version:message-id:date:subject:to
         :from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=4QzV3cS47xcl7482gfg/MO2kRj1kt2AhYdcrQzdbc/M=;
        b=YNycJvv4i+mTan+0/dLl3rw8TsyEuTE9l90uto1JJgrQb91gdyEclBSXkgYlIHc3sp
         LJhJ4sCUXUI3nRYvxFK1F0xWK+W7Qb53NE4jK2x7sw/oPMmHk/OI0dmumDm2rn0MOp7f
         ZwsruyCHNHcrrNUjs+EN80NfYDneVQaqj8qFtMq1yvU4JLHZ+RxRmRnj1fBH9x5HH1f7
         Miet+1b0aUtNbtLnbf2yEHZ0ZSfKjvErA/88d0uabdI9qJXJdc0Xdwewe5KXwgxYR1Em
         So333rKQYvwJpubIZg+oefHVx4TS4o3kGBgjZWrXEuN13pdKFgkablR4sXSmKlvDqVop
         QIEA==
X-Gm-Message-State: AOJu0YxdUU9blAf9ZRO1sbfDxzk+enp8hr0eIRMXbRuA6VrqxGuUbC6m
	pEZX46zr6RLhHXsH9j5orDjNd2X/Lnk+k5La6R19IyJ0qUz+HCqipZx7RHTu98Xx
X-Gm-Gg: ASbGncsL0oJ0aKh0mCimD2O0ErlrZqNDoGKs9JmVwou5g+aI3+9BcnvPS3VfcSIy+aU
	c7dhuZ0MB1Z94a/WHqXkpmJkwUZKYF26JDQaE7bfVpHwUrqRW9Gzm8McEgNO/UG45EZDmkG5+QN
	LMkDKIej0E34dsHBwzd7Wv6+LMxBgdrt1zBeUU2bQBHL+cdic5ZHmYvi7gWBROMtv0fhcwZvUnR
	YYCjRN05V7ubZPqRTDaxYQBiUpUrEDh6IMq+E7HEbri0CoKOMsdeS+Wq6GzoMcSkk3YOq3xfzTl
	kUBrDM9byN0PRLAJV9E/nErCgLSgnGKkHEdDj2Q0eWroK4zH8V3nqlcO6TdgdmJZhacP4uAT2fu
	aNod9QiH7D0TfHre9r+o0wtfmPFdvQbmJJ/vlfbuVsuX43dx9fm3VjbLheeHEKOuQ3qR6oMpBW0
	q/HJmLVZFl
X-Google-Smtp-Source: 
 AGHT+IE/uBMfCnmQQcq9zafL+NQ0WbkEYpaw8/oe4deY8jod76ci7Iu10AnmpFZJ8jenjfxei/bHww==
X-Received: by 2002:a05:6000:228a:b0:42b:2eb3:c90f with SMTP id
 ffacd0b85a97d-42cc1ac98b4mr7003109f8f.10.1763839889409;
        Sat, 22 Nov 2025 11:31:29 -0800 (PST)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 ffacd0b85a97d-42cb7fba201sm18314686f8f.32.2025.11.22.11.31.28
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 22 Nov 2025 11:31:28 -0800 (PST)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-webserver][kirkstone][PATCH 01/10] monkey: Update status for
 CVE-2013-2183
Date: Sat, 22 Nov 2025 20:31:19 +0100
Message-ID: <20251122193128.1703871-1-skandigraun@gmail.com>
X-Mailer: git-send-email 2.52.0
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com
 [45.33.107.173] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 22 Nov 2025 19:31:32 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/121979

From: Ninette Adhikari <ninette@thehoodiefirm.com>

Current version (1.6.9) is not affected. Issue was addressed in version 1.3.0

Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 17bcf478a512c7d75baa3b68e8f650aff7d17bbe)

Adapted to Kirkstone (CVE_STATUS -> CVE_CHECK_IGNORE)

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-webserver/recipes-httpd/monkey/monkey_1.6.9.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-webserver/recipes-httpd/monkey/monkey_1.6.9.bb b/meta-webserver/recipes-httpd/monkey/monkey_1.6.9.bb
index d3e22757c4..7b605158e0 100644
--- a/meta-webserver/recipes-httpd/monkey/monkey_1.6.9.bb
+++ b/meta-webserver/recipes-httpd/monkey/monkey_1.6.9.bb
@@ -86,3 +86,5 @@ CONFFILES:${PN} = "${sysconfdir}/monkey/monkey.conf \
                    ${sysconfdir}/monkey/plugins/auth/monkey.users \
                    "
 
+# cpe-incorrect: Current version (1.6.9) is not affected. Issue was addressed in version 1.3.0
+CVE_CHECK_IGNORE += "CVE-2013-2183"

From patchwork Sat Nov 22 19:31:20 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 75210
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 68086CFD2E8
	for <webhook@archiver.kernel.org>; Sat, 22 Nov 2025 19:31:42 +0000 (UTC)
Received: from mail-wm1-f45.google.com (mail-wm1-f45.google.com
 [209.85.128.45])
 by mx.groups.io with SMTP id smtpd.msgproc01-g2.15742.1763839892208465691
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:32 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=LtU7wa8j;
 spf=pass (domain: gmail.com, ip: 209.85.128.45,
 mailfrom: skandigraun@gmail.com)
Received: by mail-wm1-f45.google.com with SMTP id
 5b1f17b1804b1-477a2ab455fso33135015e9.3
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1763839890; x=1764444690;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=6QLhayZpDRtMXhd/WMu0p1dIGfWBjBGAou6JQvyGvoc=;
        b=LtU7wa8jx38JDJGo1KBMqOAgDGano4wwni9NVfMLySeBx7774NLM2hxjCnXmo9Ox0c
         CBKohdgfArNOgvsiHPfFc5yVytSnJMVSYC8W2B6djnBBDLTb2DM4JsqhWwmhSaW7cjXB
         iyBgNvoARfgdOPjpKKq4u9TI3mJBZahU+5WcrCURL9yl/QH27f0FXZbtRK2Fnpprk/gS
         2N813q6ahl1wsulQTlPYH85tt3vhaFx3UXVPPcAQXiuyNXGIdRdDbr8Buoi7H+eRIOk+
         qEOnPbQVqqd4YRU3o/C+/NyypboI4HC8+FTTmQMcKAg2PREW5JV7bX6TPe8AheuZrcHO
         KaeQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1763839890; x=1764444690;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to
         :cc:subject:date:message-id:reply-to;
        bh=6QLhayZpDRtMXhd/WMu0p1dIGfWBjBGAou6JQvyGvoc=;
        b=hXMh4wp29pWTYcUF5ydUh6zrqRSmueirfgGGi1pPDjQMG2hIvITvyGkMugWrVwy0sq
         F8jY4OhI4nHtGHQj2VW7/K2T3q4QfJT2nJ2w04DFJm+vyhit8eulzybqqQkKxptIjeQD
         f7TbMlNgLJj7WCZ5+OD3Z6FbUXo+GJv5i0u3gEizI9DsEgoW+vwq/LlesUJ+uHRZsgR0
         BClRNGpAePSynQUeetqbwZ/Z1OvO4SL6IT8z/6sNWj00DkYDDK3v5JaPLLwJCuB656z5
         /Xhv63+uAYiM33qEU0a8KutwC9wOdIl6wyWPcoqn7OeUvrZfkWWsJmzn/zQYiyeKsYGW
         k14A==
X-Gm-Message-State: AOJu0YzYTaSm0vD3dECxAonigA59LybPwY8ibZ95QFn8uuBDT7RysXUS
	mVGk5jdAtVMGDOOAl5h3wISw2CAL41MaVbAK35703ojnH3SW0xNj7YVFe2ObAHL/
X-Gm-Gg: ASbGnctBgMdgIn/veXXETQ3ygLBJWs8MvbbEWzuBRp11yzD61XyTDgfK2rOhDQGJf4N
	+cjO2N7/2vlSIHgekaDRhCYlGEFD0MKiz5zyKKyQ+erOkoEk3g3v6Kr/m63OgdWwGNCALHsvz2t
	2imQVc9A6vjzDYsHaggHG0U2ghXHxeiLbwecgz7vdONqYEgoq0KMTVlugDUfw1EBZ7ha3PtkP06
	hMLOZ/xmtYAn/8EQOyjeZ2WOMOAsZWtn0GtdbMusyN0BSOoI2nNctpNORMZn1L79IB14g6q08Tf
	1jNbo3wIdoK/8cgByyljESwg3587Ub76Q37r28jmD5SLiPk0wCcGEvgoYxwdSKfXsa8rAn/9K8k
	MceKiJYsg5uT4QxRnIcnstPBDXDMKIkYgR0brooXczif/AT9wx9E2q4LlWT/ZkcXMWLuGwGz7mp
	kmI3muf3il
X-Google-Smtp-Source: 
 AGHT+IEYhGhDkfPuRZOK/oRgveweWakMOHDRP37JllrT0PxTT8GV2rXwVqEmODhJKFEeY20Q/oL6ng==
X-Received: by 2002:a05:600c:3ba1:b0:475:dd89:acb with SMTP id
 5b1f17b1804b1-477c11160cdmr60593325e9.22.1763839890236;
        Sat, 22 Nov 2025 11:31:30 -0800 (PST)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 ffacd0b85a97d-42cb7fba201sm18314686f8f.32.2025.11.22.11.31.29
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 22 Nov 2025 11:31:29 -0800 (PST)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-webserver][kirkstone][PATCH 02/10] monkey: ignore CVE-2013-1771
Date: Sat, 22 Nov 2025 20:31:20 +0100
Message-ID: <20251122193128.1703871-2-skandigraun@gmail.com>
X-Mailer: git-send-email 2.52.0
In-Reply-To: <20251122193128.1703871-1-skandigraun@gmail.com>
References: <20251122193128.1703871-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com
 [45.33.107.173] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 22 Nov 2025 19:31:42 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/121980

From: Peter Marko <peter.marko@siemens.com>

This is gentoo specific CVE.
NVD tracks this as version-less CVE.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 36a7e409d8dcee804f911174291a0c72b8037934)

Adapted to Kirkstone (CVE_STATUS -> CVE_CHECK_IGNORE)

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-webserver/recipes-httpd/monkey/monkey_1.6.9.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-webserver/recipes-httpd/monkey/monkey_1.6.9.bb b/meta-webserver/recipes-httpd/monkey/monkey_1.6.9.bb
index 7b605158e0..786e270baa 100644
--- a/meta-webserver/recipes-httpd/monkey/monkey_1.6.9.bb
+++ b/meta-webserver/recipes-httpd/monkey/monkey_1.6.9.bb
@@ -88,3 +88,5 @@ CONFFILES:${PN} = "${sysconfdir}/monkey/monkey.conf \
 
 # cpe-incorrect: Current version (1.6.9) is not affected. Issue was addressed in version 1.3.0
 CVE_CHECK_IGNORE += "CVE-2013-2183"
+# not-applicable-platform: this is gentoo specific CVE
+CVE_CHECK_IGNORE += "CVE-2013-1771"

From patchwork Sat Nov 22 19:31:21 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 75212
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 8D5B8CFD2F0
	for <webhook@archiver.kernel.org>; Sat, 22 Nov 2025 19:31:42 +0000 (UTC)
Received: from mail-wr1-f49.google.com (mail-wr1-f49.google.com
 [209.85.221.49])
 by mx.groups.io with SMTP id smtpd.msgproc02-g2.966.1763839892657253983
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:32 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=aWhQg6OV;
 spf=pass (domain: gmail.com, ip: 209.85.221.49,
 mailfrom: skandigraun@gmail.com)
Received: by mail-wr1-f49.google.com with SMTP id
 ffacd0b85a97d-42b427cda88so2067482f8f.0
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1763839891; x=1764444691;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=j9UWz/c4Lv8BCfCw/+xSU3KvclHHjgoZyTcFZvuWDYo=;
        b=aWhQg6OVFZFOC44AzcCeNY+nsn7ehn8DBbdy/zZ1OJwK3q+i7ep1Q65fzoEa5zGCQV
         n7RChaj55Uz0rfwV1puLWYs43/fSVK2qqcurZeY1RmFz/yDUIdTtYL8ldQ/PR17nbwqZ
         reyQYdHbPqO0rZfzy9ZcFDZj8y28vGAWzy/8KI1FWB/xGEv+huQxTsTL1xg4kQCEtvXB
         NZ6NoQZXJyM1tSSA/Mwuo2FlGdUyNfII86+Bs29Qaq6Iz+twsnbfAOBsenROa/IQtyJt
         HL6e8XoBDhAwbHB+5fN0Va4ogEQcg8Vh+PP7MnhshygEzqEwyNUfrF9RDpucQESatEZb
         uSQA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1763839891; x=1764444691;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to
         :cc:subject:date:message-id:reply-to;
        bh=j9UWz/c4Lv8BCfCw/+xSU3KvclHHjgoZyTcFZvuWDYo=;
        b=gbXSufrpqkezNGawdK5hjq/v08FchGmWTx2dz8fiufDAw4LfYiaURtPcfy3vJRFcbw
         tntSg0IbDJYjoJc/1j1lIdedaiq7AKwyP0wMnO63IdF3CvBoD9C0x8hbVv8PJw0tukk9
         5uLvuucU+rDD4eh4a961Isi8ueafCVaLQS7ChE/1k8Lu+OjOivPpr/TYM+qVTxWEeBpG
         mi9PdTYsQEzQf3kIrRm5VGMVr6W5f06kxfhAj4ow3+zCcIxwEjKW1kQ6OiVTkGcma9uH
         HN994JyDw62L4OQmNn19VYN9T/NO/97O0jegmMnm0n40puhigdIyUwmXlPjzbdQR9Kce
         AyoQ==
X-Gm-Message-State: AOJu0YzyPNwVyHb2vNyMH8rLd2t7f3+y5bldjGLqJMADlVtNw8oamApQ
	Jb2TxtQF+lqxdDBNCYDfX2qQAQBhlFkMTW5c5pDYRkPdVx/2HdGvUp/504de7r/K
X-Gm-Gg: ASbGncuAawPdeK6Jl65c2PBe1/uvCYJHrcSmnEwMZyhYRrfWzGiIi/rjSLePYji8K+B
	6RkT/zxVbgqhhavgfQkVGDQ0N1ILt3j5MLar1h8jUU/rqzl2aXrh6rwIeBPQBEX1pDysaiGH5ba
	X0i8T+6GU7zjLwuSIvfv+X4E9ZfdRbRalWkNca6p3VW8O0cAGFP04+Z9EA3pRjzB/gqdkpOdrJB
	Lavp3rUWLy2wgMssoCTj0oMQiOIxTDXadDICTwWaXxNxa/oKm893de7JS7ALj15X7ir01+CUyuL
	veAt6iYpLRbCct+IxP6D6ndUmZklGhffWYJKGWUNaLhLzYo6QeiQ9pYwqeSrYkAxkvpHGJMTJWV
	iOs1GeOmrgdfI6cNhalppb8dTAQBqzGbWMMrUweH9UD9kMr3iar/R3SdsHIJMdFcNLmrlumQcg0
	7AQa7eE7eAA4DKr0s6CKw=
X-Google-Smtp-Source: 
 AGHT+IHqy2dI98fDf9WQRWLzGVUETNsXjwXyXoSyFgcA1wCZ+mhTtuF37H0EdEHuQN5CLRP7s2/aJg==
X-Received: by 2002:a05:6000:420e:b0:426:d5a0:bac8 with SMTP id
 ffacd0b85a97d-42cc1d19624mr7453387f8f.56.1763839890971;
        Sat, 22 Nov 2025 11:31:30 -0800 (PST)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 ffacd0b85a97d-42cb7fba201sm18314686f8f.32.2025.11.22.11.31.30
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 22 Nov 2025 11:31:30 -0800 (PST)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-perl][kirkstone][PATCH 03/10] logcheck: ignore CVE-2017-20148
Date: Sat, 22 Nov 2025 20:31:21 +0100
Message-ID: <20251122193128.1703871-3-skandigraun@gmail.com>
X-Mailer: git-send-email 2.52.0
In-Reply-To: <20251122193128.1703871-1-skandigraun@gmail.com>
References: <20251122193128.1703871-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com
 [45.33.107.173] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 22 Nov 2025 19:31:42 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/121981

Details: https://nvd.nist.gov/vuln/detail/CVE-2017-20148

The issue is specific to the postinstall script that Gentoo packages
with this application - we can ignore it.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-perl/recipes-extended/logcheck/logcheck_1.3.23.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta-perl/recipes-extended/logcheck/logcheck_1.3.23.bb b/meta-perl/recipes-extended/logcheck/logcheck_1.3.23.bb
index b40d52ab94..ce6118a12b 100644
--- a/meta-perl/recipes-extended/logcheck/logcheck_1.3.23.bb
+++ b/meta-perl/recipes-extended/logcheck/logcheck_1.3.23.bb
@@ -77,3 +77,6 @@ RDEPENDS:${PN} = "\
 "
 
 FILES:${PN} += "${datadir}/logtail"
+
+# This vulnerability is specific to the way Gentoo packages this application.
+CVE_CHECK_IGNORE += "CVE-2017-20148"

From patchwork Sat Nov 22 19:31:22 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 75213
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id A2FC1CFD2F5
	for <webhook@archiver.kernel.org>; Sat, 22 Nov 2025 19:31:42 +0000 (UTC)
Received: from mail-wm1-f49.google.com (mail-wm1-f49.google.com
 [209.85.128.49])
 by mx.groups.io with SMTP id smtpd.msgproc02-g2.967.1763839893285184974
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:33 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=ie+SkjEQ;
 spf=pass (domain: gmail.com, ip: 209.85.128.49,
 mailfrom: skandigraun@gmail.com)
Received: by mail-wm1-f49.google.com with SMTP id
 5b1f17b1804b1-4779d47be12so24228375e9.2
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1763839892; x=1764444692;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=QwU3mniBQRV5FPt+ktQlQXQmey6s++umDtet6r48n3I=;
        b=ie+SkjEQjhEPNp7D6Hn0hCe45Wq33HzETXndKoT0Gm6Nin1iIbuc8RGHVmqdyryrKv
         5lGFnonqfCx1aG8dh9hdsTpbTX4AXRfiaZShiUJgbwXLmX3Fk528Jz7kzY4CAqGezMtZ
         LIaoE+AEJa8MzMt/WFEREQjUkQY4kcBCYAlQ1wfZJU80wsnFJjNpY593iYHo25UPsDJ0
         jrC8dGSwG1B5SN7rkg7M5Rr8204z8jkBg65WAzk/jCH02K2Lhbe36ssoaLov/7uA1xbu
         KV413Uj6AdkkMMk33xqvi+/myu6tjSIwGgWkGNJtLMmX47vSolKaL4o+1ANj8G+hs9un
         Mj6g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1763839892; x=1764444692;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to
         :cc:subject:date:message-id:reply-to;
        bh=QwU3mniBQRV5FPt+ktQlQXQmey6s++umDtet6r48n3I=;
        b=mquSeE2D0cuJiPVlYNP8d33U8jOm7+RM0/T6ExP/Zv1jRXAjcm3WsDnhIb4LK9+l/X
         4y3TsT7F8Hil6RjhKehv4GtGBXnwUy1zFKLCO6QBeBZ4zSzbqoqRrAyZSl3PIYAbn8js
         Uriiub0Mal/ZDkgUhbt5axxjZB/o/FVoStCZ5+iit+8TilzE4c0KUV6MUTQ5X0ok6tAM
         HRe748bcEy6NjY6FBzi/nEeHqwO8z1L5D/AcplxygiXdq/V/jX0shpPZ2DMNDiRW1Q7n
         wEC+XFUf3XjBKGlZxyZzIdbtoMGyU4cVD4PI0D/PamPKOQJs80G3CA5yOPHPBCr0O/6x
         pqMQ==
X-Gm-Message-State: AOJu0YyUeRYePAX8s+nVTJvlnVmSLAi0hcLPT8G5nNKHBrc8wr69kWQ5
	tuI3cHkrZ8V0TOG4+usO06BTWARsQq+lc5Jqg3e7JbGFcm872IzR52Wq4gf9dmJi
X-Gm-Gg: ASbGncsrNTlBYpqDexfVMLZwW6/1kKmUbpTYsGKKsqO1S1chY5P20CKkRH9dCJikUiP
	ZyYfeTy0jNrmz3jUCa4D7AysLAV/Vv1EA9gz9i9ORMOs88e33l25JS1NuXm6JpCuAc4COCt5r4s
	q+2xp3+ioyqOpgVbtV3WPW70SxTUKe9thq3pGxLkXpH+/AMKOedwNcDvZrnfJIMI9mGwY8Gtrlz
	5g8BhuCln6ys9b0o6Yq2R9aEUFHXE1XD0ce5JEkhdYuN3Sj4UTEIT3WVF6go429ymoAEq/GDRz2
	MRs+uGIult0k9fCcM5TXsdEmwjg0k2DmgUPoK548ccnWmpNSi68Re+28/sVwmr15vpofQqNHYhu
	23LtqOBd3Dk5ClOb0qpEPV8RQ9/fp3J4z954cMnTawwkLkjSkOrQ6Vh1X9+pF0AtSG5f0yjPzui
	I8ny0PAXfw
X-Google-Smtp-Source: 
 AGHT+IHZPfJqsixm6uc/lg6zzYiT2KsF1NW8yxzOJB+8TZcP0UWphjZrw4jjPQBw7Rm3GCZE2RxX9g==
X-Received: by 2002:a05:600c:4e88:b0:46e:7247:cbc0 with SMTP id
 5b1f17b1804b1-477c01d4af2mr67366635e9.18.1763839891636;
        Sat, 22 Nov 2025 11:31:31 -0800 (PST)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 ffacd0b85a97d-42cb7fba201sm18314686f8f.32.2025.11.22.11.31.31
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 22 Nov 2025 11:31:31 -0800 (PST)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][kirkstone][PATCH 04/10] libtorrent: ignore CVE-2016-5301
Date: Sat, 22 Nov 2025 20:31:22 +0100
Message-ID: <20251122193128.1703871-4-skandigraun@gmail.com>
X-Mailer: git-send-email 2.52.0
In-Reply-To: <20251122193128.1703871-1-skandigraun@gmail.com>
References: <20251122193128.1703871-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com
 [45.33.107.173] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 22 Nov 2025 19:31:42 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/121982

Details: https://nvd.nist.gov/vuln/detail/CVE-2016-5301

This vulnerability is for another libtorrent (https://github.com/arvidn/libtorrent)

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb b/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb
index 28a3e1e77a..3a7eb91f56 100644
--- a/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb
+++ b/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb
@@ -13,6 +13,7 @@ SRCREV = "756f70010779927dc0691e1e722ed433d5d295e1"
 
 CVE_CHECK_IGNORE += "\
     CVE-2009-1760 \
+    CVE-2016-5301 \
 "
 
 PV = "0.13.8"

From patchwork Sat Nov 22 19:31:23 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 75218
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id B1D24CFD2F6
	for <webhook@archiver.kernel.org>; Sat, 22 Nov 2025 19:31:42 +0000 (UTC)
Received: from mail-wr1-f48.google.com (mail-wr1-f48.google.com
 [209.85.221.48])
 by mx.groups.io with SMTP id smtpd.msgproc01-g2.15744.1763839894185892484
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:34 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=dGpBBbNH;
 spf=pass (domain: gmail.com, ip: 209.85.221.48,
 mailfrom: skandigraun@gmail.com)
Received: by mail-wr1-f48.google.com with SMTP id
 ffacd0b85a97d-42b39d51dcfso1832767f8f.2
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1763839892; x=1764444692;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=Q0djncgh9NinBLUrHujhvwMmhrX4K1Vk5lYieBkpwiA=;
        b=dGpBBbNHVaK+IwttaDGqSjRIjElbJM2AJoqfzikujSYUVe8qLKNmdunrAT7IhixqAn
         0OBx2AuZx1PuhB1qU9JO0Pvda9FgmDTCtTDQSEABTHvX5+L1tvx7zV3Rg9B4zLlieh+g
         DOpeKPPSGN7Av6hsplsg4N8sUMBdchnpjOI7/r0xxbcab8boOqeO8uo9gCJN2D5DGuth
         bk+6ylnSu7pf+LgXJO32lFAkkuJMbyY5VVA5L73xJ4bod+JiIDivLSzm3aesNi83Zhvl
         iOUItdQk7ldS7+1tPqxKGG+JzAVvy1qf6wyDvJuJMXqzhCnYVb+PhOHSPbbmAGAtWxAF
         Omxw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1763839892; x=1764444692;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to
         :cc:subject:date:message-id:reply-to;
        bh=Q0djncgh9NinBLUrHujhvwMmhrX4K1Vk5lYieBkpwiA=;
        b=cs3lFEF4qLKH1JppB/+G2TJzNqv60Msyhniq87vvPOgL5nf/ekkocWMERdHi6XgjO5
         JbcFyDGBQ1If56HbWsQ4i255Dft0sYUORg0WLqHJuvYs6lmygh4sNx7RK7Nf8yeouW2e
         RyG0L+Snd4BNobcs8yH+cOYKiqPolfwq8HF5I9+VhNDUUECJkd8NU8Yt2/FbI3/U24l1
         SVs4CsNLvAb/TgSDn/MTV7wEESVrWghTqsr8wpf9eC6ltluDXFKTnbDWrpZQbiAf5EO9
         6zzsqrS8AOiGRj55CPaA+W8pgU19szrIwPix0xrX3ZPOyBVSyxriKa4vgZeQM66tLSuw
         tKFQ==
X-Gm-Message-State: AOJu0YzLsDy1JzrjA2QPNlCgr8Tr07D0tpjz76keXTQ4oEdzpT7PdTcQ
	nyR9S5X3EyTNmSgx56jleD8b6mMX6ktBzG7uWJFvb9rwTzvf0LBrlCPRU1kIqa1I
X-Gm-Gg: ASbGncvBB1k7UNoEqhWRjJSlPY3otcCd/bMCqvnZVme+xZVSDsvynw3CPBoTYOrXChD
	Dp1f5eOoOO/phoZvV9iGOLUQ4/Uro9D8wcxmIhYh9KQmwjgDdZo8eJzq9WTPX1BpREJuXnKhJe9
	B2v8Ls4MxA1Brd34jIIZpCYL4serwAoqCk2Dc1n5arHklxmsH99GHa2OoZNb4Whvozh7/M92NoX
	FgTIRNv/zaip/K07NKtrXIpPZDGoPQyqZG8IYLAcOvLXq4MpZSBaMN4LVmWPncBii6IyubxcZdw
	tPfcT1AOy51Pp8tZfn+fBq22j0oX4z1J8SFESSu8SBHRNsRRP1WWpgWl7BJK/2hP5gMlx8LMaNn
	6gd5XLqsm0dMDKraMgQQ9ktjeujv/YpdMWqbM6fhF1squdP0WO5Rf2l7oLjAHlFx9xD1idfipa2
	Iep0G7k0ox
X-Google-Smtp-Source: 
 AGHT+IGPKdh8zr5JTmogxjNUbq5SlV6/ld/uaKmjK4eEWtiORcjMqP1ecXX+sgKqHECQrxoQmd/b5A==
X-Received: by 2002:a5d:5d88:0:b0:429:b2ad:f31e with SMTP id
 ffacd0b85a97d-42cc1cf44a1mr6281232f8f.35.1763839892328;
        Sat, 22 Nov 2025 11:31:32 -0800 (PST)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 ffacd0b85a97d-42cb7fba201sm18314686f8f.32.2025.11.22.11.31.31
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 22 Nov 2025 11:31:31 -0800 (PST)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][kirkstone][PATCH 05/10] exiv2: patch CVE-2021-29623
Date: Sat, 22 Nov 2025 20:31:23 +0100
Message-ID: <20251122193128.1703871-5-skandigraun@gmail.com>
X-Mailer: git-send-email 2.52.0
In-Reply-To: <20251122193128.1703871-1-skandigraun@gmail.com>
References: <20251122193128.1703871-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com
 [45.33.107.173] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 22 Nov 2025 19:31:42 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/121983

Details: https://nvd.nist.gov/vuln/detail/CVE-2021-29623

Pick the patch from the PR mentioned in teh nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../exiv2/exiv2/CVE-2021-29623.patch          | 29 +++++++++++++++++++
 meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb | 20 +++++++------
 2 files changed, 40 insertions(+), 9 deletions(-)
 create mode 100644 meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29623.patch

diff --git a/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29623.patch b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29623.patch
new file mode 100644
index 0000000000..1c61d64e46
--- /dev/null
+++ b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29623.patch
@@ -0,0 +1,29 @@
+From 54ff4ef5f5cc82c276a079a66b307e9a6f70908c Mon Sep 17 00:00:00 2001
+From: Kevin Backhouse <kevinbackhouse@github.com>
+Date: Tue, 11 May 2021 12:14:33 +0100
+Subject: [PATCH] Use readOrThrow to check error conditions of iIo.read().
+
+CVE: CVE-2021-29623
+Upstream-Status: Backport [https://github.com/Exiv2/exiv2/commit/82e46b5524fb904e6660dadd2c6d8e5e47375a1a]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ src/webpimage.cpp | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/webpimage.cpp b/src/webpimage.cpp
+index 6248414..6578937 100644
+--- a/src/webpimage.cpp
++++ b/src/webpimage.cpp
+@@ -757,9 +757,9 @@ namespace Exiv2 {
+         byte webp[len];
+         byte data[len];
+         byte riff[len];
+-        iIo.read(riff, len);
+-        iIo.read(data, len);
+-        iIo.read(webp, len);
++        readOrThrow(iIo, riff, len, Exiv2::kerCorruptedMetadata);
++        readOrThrow(iIo, data, len, Exiv2::kerCorruptedMetadata);
++        readOrThrow(iIo, webp, len, Exiv2::kerCorruptedMetadata);
+         bool matched_riff = (memcmp(riff, RiffImageId, len) == 0);
+         bool matched_webp = (memcmp(webp, WebPImageId, len) == 0);
+         iIo.seek(-12, BasicIo::cur);
diff --git a/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb b/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
index b210fa6340..c8c5edbed4 100644
--- a/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
+++ b/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
@@ -4,19 +4,21 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=625f055f41728f84a8d7938acc35bdc2"
 
 DEPENDS = "zlib expat"
 
-SRC_URI = "https://github.com/Exiv2/${BPN}/releases/download/v${PV}/${BP}-Source.tar.gz"
+SRC_URI = "https://github.com/Exiv2/${BPN}/releases/download/v${PV}/${BP}-Source.tar.gz \
+           file://0001-Use-compiler-fcf-protection-only-if-compiler-arch-su.patch \
+           file://CVE-2021-29457.patch \
+           file://CVE-2021-29458.patch \
+           file://CVE-2021-29463.patch \
+           file://CVE-2021-29464.patch \
+           file://CVE-2021-29470.patch \
+           file://CVE-2021-29473.patch \
+           file://CVE-2021-3482.patch \
+           file://CVE-2021-29623.patch \
+           "
 SRC_URI[sha256sum] = "a79f5613812aa21755d578a297874fb59a85101e793edc64ec2c6bd994e3e778"
 
 # Once patch is obsolete (project should be aware due to PRs), dos2unix can be removed either
 inherit dos2unix
-SRC_URI += "file://0001-Use-compiler-fcf-protection-only-if-compiler-arch-su.patch \
-            file://CVE-2021-29457.patch \
-            file://CVE-2021-29458.patch \
-            file://CVE-2021-29463.patch \
-            file://CVE-2021-29464.patch \
-            file://CVE-2021-29470.patch \
-            file://CVE-2021-29473.patch \
-            file://CVE-2021-3482.patch"
 
 S = "${WORKDIR}/${BPN}-${PV}-Source"
 

From patchwork Sat Nov 22 19:31:24 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 75214
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 777A2CFD2EC
	for <webhook@archiver.kernel.org>; Sat, 22 Nov 2025 19:31:42 +0000 (UTC)
Received: from mail-wr1-f43.google.com (mail-wr1-f43.google.com
 [209.85.221.43])
 by mx.groups.io with SMTP id smtpd.msgproc01-g2.15745.1763839894736162467
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:35 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=faFeKyIe;
 spf=pass (domain: gmail.com, ip: 209.85.221.43,
 mailfrom: skandigraun@gmail.com)
Received: by mail-wr1-f43.google.com with SMTP id
 ffacd0b85a97d-42b2e9ac45aso1816205f8f.0
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1763839893; x=1764444693;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=C0Pu9rP0W4auWshZGLb7CeKNKH76B1lCELNC8fRCtwU=;
        b=faFeKyIe/CndOTM3ERgczl3NWuOGCw2yNGOUYsSHYP8RFzem9qSzvvQqJA0VTzr26t
         ucNDXbBl0eOFVJB4p2bxjUkgrKbEfz3wlx0BUXinCIQeq1WdECweezyWKhjFzcxoWQ+V
         oy91WsurQ95MBAqSjXyR9HKcNPv4UmSqXI/z4bF3iApCxcUZ8RJ7CJNheg+Idmz1dSzN
         cwfml+YTFuYOJcB6YDwyr0WZLPafSsLBY2u2aOkWVvRDMX54N4hMmpy7qCGu/jcLofUx
         JcEFCW4+4KVfEn4CP1f0/yEsCTOzc5Bre7TcsxCruh8DxcaSKEyRntxvZWHS4oPMSv1n
         HVZw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1763839893; x=1764444693;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to
         :cc:subject:date:message-id:reply-to;
        bh=C0Pu9rP0W4auWshZGLb7CeKNKH76B1lCELNC8fRCtwU=;
        b=QTfikj0gmteqcmh76RFgRisSqNOPc9Us7eJnO3yRT0w0Qujz7GMeRasEo2598/tsP7
         0a2D5gm2+Kf3VuImKxZ4/F20ZxBYQ7lpjYi3auhKfjA9GTBKY6l7VJqjzYHuqG2ukb3P
         GuBz9yz5do27B0otIO61Md2R5eCrI/2B5rwyeh+m7dHoESrlmeLlqUWfm4nfFSApFPPi
         yjT3bHUjxhNG34F+legXvYDQmi+y4rKAEncxT53IuBeLY8TZh/yG7vkZZCjlm6JSmTA0
         vUPY/vHahk6XMZW5BkMfH3f5POBVC+EvK0vfHG9YC+ISqC4hu6v/NsC2QVkVJHyiqdA+
         ZyxQ==
X-Gm-Message-State: AOJu0YxhZ8mEw5ryWBd02WbkW+zwyYvGYiyerNn8PvASd5llciAUDCJC
	0wuD4cR9y/nHN3hlUD11P54OjSoEEaPU15d4RNg79n+a4IYJN/9JmIMdWyvcAVri
X-Gm-Gg: ASbGncsI70lMZGpg/H4qIgYINr379b+nAsJaKcJZIDLKKorkdAatv2QpAY9a8/AqZvW
	2Sq+uNfR5G7SYwo+/IcnMRocml0qVKJQKH1UMwOXFoX8Ue46ubCwKNWMOZCZ8fMIp1KCwp+2O7c
	04qFurRlAULLPB5YoK6YNwkOiNr+PDCwcL0sHpXoouHTjVMgc9QmOscLcluDItLa8mS3uieAC/N
	0Z0kTCcyPd3UOLJnwqIATiJRlDWsSqw0sDeXGSSWJF7axTIP4UXkLLnlLq+D1MkpUlWH4Z2MVQA
	WMSbM6PYwGDOJrmosi0Sr7M0FqjuzqH7BlwGGOSdQvogUVqN46hnyma+nBWMKPjrWfvgBFgmM/C
	sufLLrIXi7TqpyHcAmqwcMCAw6r7dScHLG4752BDj6D/PutLGUcsVZPwRah4c2nSgyDDwQ3Y1cE
	JgKn/6QBBL
X-Google-Smtp-Source: 
 AGHT+IEbF93WnAOoscHNW0+if56h3psajUl57h8fJtqjHDrppvtQoAusqFHVrB9RqcWgR0Xyb3mBCA==
X-Received: by 2002:a5d:64a6:0:b0:42b:3878:beb7 with SMTP id
 ffacd0b85a97d-42cc1d18c40mr5527333f8f.43.1763839893069;
        Sat, 22 Nov 2025 11:31:33 -0800 (PST)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 ffacd0b85a97d-42cb7fba201sm18314686f8f.32.2025.11.22.11.31.32
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 22 Nov 2025 11:31:32 -0800 (PST)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][kirkstone][PATCH 06/10] exiv2: add missing CVE tag to patch
Date: Sat, 22 Nov 2025 20:31:24 +0100
Message-ID: <20251122193128.1703871-6-skandigraun@gmail.com>
X-Mailer: git-send-email 2.52.0
In-Reply-To: <20251122193128.1703871-1-skandigraun@gmail.com>
References: <20251122193128.1703871-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com
 [45.33.107.173] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 22 Nov 2025 19:31:42 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/121984

Details: https://nvd.nist.gov/vuln/detail/CVE-2021-29458
https://nvd.nist.gov/vuln/detail/CVE-2021-31292

The patch is already present, but it was missing the CVE tag, which
is added in this change.

The same patch fixes both CVEs.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29458.patch | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29458.patch b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29458.patch
index 285f6fe4ce..e7fb887844 100644
--- a/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29458.patch
+++ b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29458.patch
@@ -2,6 +2,9 @@ From 9b7a19f957af53304655ed1efe32253a1b11a8d0 Mon Sep 17 00:00:00 2001
 From: Kevin Backhouse <kevinbackhouse@github.com>
 Date: Fri, 9 Apr 2021 13:37:48 +0100
 Subject: [PATCH] Fix integer overflow.
+
+CVE: CVE-2021-29458 CVE-2021-31292
+
 ---
  src/crwimage_int.cpp | 8 ++++++--
  1 file changed, 6 insertions(+), 2 deletions(-)

From patchwork Sat Nov 22 19:31:25 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 75215
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 87FBCCFD2EF
	for <webhook@archiver.kernel.org>; Sat, 22 Nov 2025 19:31:42 +0000 (UTC)
Received: from mail-wr1-f43.google.com (mail-wr1-f43.google.com
 [209.85.221.43])
 by mx.groups.io with SMTP id smtpd.msgproc02-g2.970.1763839895624442331
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:35 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=k8QzH+6R;
 spf=pass (domain: gmail.com, ip: 209.85.221.43,
 mailfrom: skandigraun@gmail.com)
Received: by mail-wr1-f43.google.com with SMTP id
 ffacd0b85a97d-42b3720e58eso2381766f8f.3
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1763839894; x=1764444694;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=8ZUNyEProcEVmF7mFGPjeNMIfhLubUAqzlzgxBhu2D4=;
        b=k8QzH+6Rn21PDRnAQuW/oR/2PaMUPIXPwIJANh/c8cIhmRwUplbY5V2FfWq+qdqJVL
         3enWByzEkbhC7a0OP9aqaR65APulv/E/trMZoEKOIBYhrcdO4q7AQ5ukdGmfmGTE2BQD
         BlUGO5dqIgK7hZNOqIooBcgUNHZ+Twmw5FGOC4k0O+2t+YDP3sOLc1I+9QiPUlPHg+Xp
         pJyjXVOr29arlVAX+VeY7NugnoShObEku4kX4wjApLlTyArF5lx5RaCAuJCKXST8+orR
         zyP4vU6qoUod6U4FLBepGWJ2zn9rbqI97QlI9VdoFL32BKqBLm6QK6yynOHWk6Qc/N9U
         T46w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1763839894; x=1764444694;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to
         :cc:subject:date:message-id:reply-to;
        bh=8ZUNyEProcEVmF7mFGPjeNMIfhLubUAqzlzgxBhu2D4=;
        b=w6Xk+KY75hcy8APjQ3j9L/6gWFr3U5dEcBJ1Ansk+kAc3h7+jlOTaiG7q+3+vUFC8t
         xg7OxsWvdkgEnstzXlVX3N8A71CkE1hhP6hpfZn5lch22B32JUnGKb+wHSLFHc61pcXh
         YHomjVWR4q7uuXNPHRfCRY0suCeUoqzMeS/FKfLfHvQ+G6V5wSitIzkEBfT2MNnMuQmi
         tWXmL0hyLmpy6TLplQyBNIYWbbpTtDW5qz+6JmdL89lMMnfdUFBUVYu9nwPoMYkq+PUO
         V06EPVfiVjRagjq+uf9ljKi5c9MF+GQXnD06x+vovhVcIcPV0Y/EtelgZ1SMQR7c1r+L
         hUJw==
X-Gm-Message-State: AOJu0YzKRBroJWPWgFs6CSsMWawIQ9WWti+igU91t0rozQHTMhTSHM4H
	fKC0Kd40MGkNfrnnaoFz8ZKjM55vYTLwldHM19YEgIHJKBUY7wWG3bIv2PyxjIz/
X-Gm-Gg: ASbGncsLnylWvXq9VCCiZhUZRR4JRECGKpGzdm0Ihxlx9m/kKNx/737WC4hDJY2S7E3
	QlMCHk0MDX8PdMuyN7uAWI/+1SZm9iQdXORLSpoVT1fuJK+6TPJ1OruFvOROqegyF26Zp0TFcfo
	rRD+ZTFduXEM7nkDftsjJzRx5jY7HLG14cqodnl/HjW1DkcN/eS1wkyjyY8K0j1U8cyjTS+CHGt
	7+T7R7ClXckNNCtKTxKIEQei+g3qw9mOQcPTXRTzXrniVditgZUA7CAGeBdEDfjWDKsu99wmWjE
	kLD1qDfQxLhw5W6WhcUNKgovDtZ9UkWuJRQy2X/24phecj/PMgDJLu729iRatlSeJspelP2cWbb
	4rsEEb1wGe6lpw1czqVADq5FDDcj4YWSzugcdsVIFRv80n36J6epCUGNNyf2MSU1fjqtvdEuLCy
	ngrmkiIoks
X-Google-Smtp-Source: 
 AGHT+IGaw3a5l8v13uufMRckolHb0dWjcoKaxOiWx/ITu7BWhQMzNrdom2EEqpTbhuaCvPJdmd4Ltw==
X-Received: by 2002:a05:6000:230b:b0:42b:3b62:cd86 with SMTP id
 ffacd0b85a97d-42cc1cd5cedmr7088184f8f.6.1763839893740;
        Sat, 22 Nov 2025 11:31:33 -0800 (PST)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 ffacd0b85a97d-42cb7fba201sm18314686f8f.32.2025.11.22.11.31.33
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 22 Nov 2025 11:31:33 -0800 (PST)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][kirkstone][PATCH 07/10] exiv2: patch CVE-2021-32617
Date: Sat, 22 Nov 2025 20:31:25 +0100
Message-ID: <20251122193128.1703871-7-skandigraun@gmail.com>
X-Mailer: git-send-email 2.52.0
In-Reply-To: <20251122193128.1703871-1-skandigraun@gmail.com>
References: <20251122193128.1703871-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com
 [45.33.107.173] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 22 Nov 2025 19:31:42 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/121985

Details: https://nvd.nist.gov/vuln/detail/CVE-2021-32617

Pick the patch from the PR that's mentioned by the nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../exiv2/exiv2/CVE-2021-32617.patch          | 129 ++++++++++++++++++
 meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb |   1 +
 2 files changed, 130 insertions(+)
 create mode 100644 meta-oe/recipes-support/exiv2/exiv2/CVE-2021-32617.patch

diff --git a/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-32617.patch b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-32617.patch
new file mode 100644
index 0000000000..b34554e86b
--- /dev/null
+++ b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-32617.patch
@@ -0,0 +1,129 @@
+From 8353d035bc2e0a0500251168a350d0252900386b Mon Sep 17 00:00:00 2001
+From: Kevin Backhouse <kevinbackhouse@github.com>
+Date: Sun, 16 May 2021 15:05:08 +0100
+Subject: [PATCH] Fix quadratic complexity performance bug.
+
+CVE: CVE-2021-32617
+Upstream-Status: Backport [https://github.com/Exiv2/exiv2/commit/c261fbaa2567687eec6a595d3016212fd6ae648d]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ xmpsdk/src/XMPMeta-Parse.cpp | 57 +++++++++++++++++++++++-------------
+ 1 file changed, 36 insertions(+), 21 deletions(-)
+
+diff --git a/xmpsdk/src/XMPMeta-Parse.cpp b/xmpsdk/src/XMPMeta-Parse.cpp
+index 9f66fe8..6959693 100644
+--- a/xmpsdk/src/XMPMeta-Parse.cpp
++++ b/xmpsdk/src/XMPMeta-Parse.cpp
+@@ -976,12 +976,26 @@ ProcessUTF8Portion ( XMLParserAdapter * xmlParser,
+ {
+ 	const XMP_Uns8 * bufEnd = buffer + length;
+ 	
+-	const XMP_Uns8 * spanStart = buffer;
+ 	const XMP_Uns8 * spanEnd;
++
++	// `buffer` is copied into this std::string. If `buffer` only
++	// contains valid UTF-8 and no escape characters, then the copy
++	// will be identical to the original, but invalid characters are
++	// replaced - usually with a space character.  This std::string was
++	// added as a performance fix for:
++	// https://github.com/Exiv2/exiv2/security/advisories/GHSA-w8mv-g8qq-36mj
++	// Previously, the code was repeatedly calling
++	// `xmlParser->ParseBuffer()`, which turned out to have quadratic
++	// complexity, because expat kept reparsing the entire string from
++	// the beginning.
++	std::string copy;
+ 		
+-	for ( spanEnd = spanStart; spanEnd < bufEnd; ++spanEnd ) {
++	for ( spanEnd = buffer; spanEnd < bufEnd; ++spanEnd ) {
+ 
+-		if ( (0x20 <= *spanEnd) && (*spanEnd <= 0x7E) && (*spanEnd != '&') ) continue;	// A regular ASCII character.
++		if ( (0x20 <= *spanEnd) && (*spanEnd <= 0x7E) && (*spanEnd != '&') ) {
++			copy.push_back(*spanEnd);
++			continue;	// A regular ASCII character.
++		}
+ 
+ 		if ( *spanEnd >= 0x80 ) {
+ 		
+@@ -992,21 +1006,20 @@ ProcessUTF8Portion ( XMLParserAdapter * xmlParser,
+ 			if ( uniLen > 0 ) {
+ 
+ 				// A valid UTF-8 character, keep it as-is.
++				copy.append((const char*)spanEnd, uniLen);
+ 				spanEnd += uniLen - 1;	// ! The loop increment will put back the +1.
+ 
+ 			} else if ( (uniLen < 0) && (! last) ) {
+ 
+ 				// Have a partial UTF-8 character at the end of the buffer and more input coming.
+-				xmlParser->ParseBuffer ( spanStart, (spanEnd - spanStart), false );
++				xmlParser->ParseBuffer ( copy.c_str(), copy.size(), false );
+ 				return (spanEnd - buffer);
+ 
+ 			} else {
+ 
+ 				// Not a valid UTF-8 sequence. Replace the first byte with the Latin-1 equivalent.
+-				xmlParser->ParseBuffer ( spanStart, (spanEnd - spanStart), false );
+ 				const char * replacement = kReplaceLatin1 [ *spanEnd - 0x80 ];
+-				xmlParser->ParseBuffer ( replacement, strlen ( replacement ), false );
+-				spanStart = spanEnd + 1;	// ! The loop increment will do "spanEnd = spanStart".
++				copy.append ( replacement );
+ 
+ 			}
+ 		
+@@ -1014,11 +1027,12 @@ ProcessUTF8Portion ( XMLParserAdapter * xmlParser,
+ 
+ 			// Replace ASCII controls other than tab, LF, and CR with a space.
+ 
+-			if ( (*spanEnd == kTab) || (*spanEnd == kLF) || (*spanEnd == kCR) ) continue;
++			if ( (*spanEnd == kTab) || (*spanEnd == kLF) || (*spanEnd == kCR) ) {
++				copy.push_back(*spanEnd);
++				continue;
++			}
+ 
+-			xmlParser->ParseBuffer ( spanStart, (spanEnd - spanStart), false );
+-			xmlParser->ParseBuffer ( " ", 1, false );
+-			spanStart = spanEnd + 1;	// ! The loop increment will do "spanEnd = spanStart".
++			copy.push_back(' ');
+ 		
+ 		} else {
+ 		
+@@ -1030,18 +1044,21 @@ ProcessUTF8Portion ( XMLParserAdapter * xmlParser,
+ 			if ( escLen < 0 ) {
+ 
+ 				// Have a partial numeric escape in this buffer, wait for more input.
+-				if ( last ) continue;	// No more buffers, not an escape, absorb as normal input.
+-				xmlParser->ParseBuffer ( spanStart, (spanEnd - spanStart), false );
++				if ( last ) {
++					copy.push_back('&');
++					continue;	// No more buffers, not an escape, absorb as normal input.
++				}
++				xmlParser->ParseBuffer ( copy.c_str(), copy.size(), false );
+ 				return (spanEnd - buffer);
+ 
+ 			} else if ( escLen > 0 ) {
+ 
+ 				// Have a complete numeric escape to replace.
+-				xmlParser->ParseBuffer ( spanStart, (spanEnd - spanStart), false );
+-				xmlParser->ParseBuffer ( " ", 1, false );
+-				spanStart = spanEnd + escLen;
+-				spanEnd = spanStart - 1;	// ! The loop continuation will increment spanEnd!
++				copy.push_back(' ');
++				spanEnd = spanEnd + escLen - 1;	// ! The loop continuation will increment spanEnd!
+ 
++			} else {
++				copy.push_back('&');
+ 			}
+ 
+ 		}
+@@ -1049,10 +1066,8 @@ ProcessUTF8Portion ( XMLParserAdapter * xmlParser,
+ 	}
+ 	
+ 	XMP_Assert ( spanEnd == bufEnd );
+-
+-	if ( spanStart < bufEnd ) xmlParser->ParseBuffer ( spanStart, (spanEnd - spanStart), false );
+-	if ( last ) xmlParser->ParseBuffer ( " ", 1, true );
+-	
++	copy.push_back(' ');
++	xmlParser->ParseBuffer ( copy.c_str(), copy.size(), true );
+ 	return length;
+ 
+ }	// ProcessUTF8Portion
diff --git a/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb b/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
index c8c5edbed4..389d8da921 100644
--- a/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
+++ b/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
@@ -14,6 +14,7 @@ SRC_URI = "https://github.com/Exiv2/${BPN}/releases/download/v${PV}/${BP}-Source
            file://CVE-2021-29473.patch \
            file://CVE-2021-3482.patch \
            file://CVE-2021-29623.patch \
+           file://CVE-2021-32617.patch \
            "
 SRC_URI[sha256sum] = "a79f5613812aa21755d578a297874fb59a85101e793edc64ec2c6bd994e3e778"
 

From patchwork Sat Nov 22 19:31:26 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 75216
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 970F9CFD2F2
	for <webhook@archiver.kernel.org>; Sat, 22 Nov 2025 19:31:42 +0000 (UTC)
Received: from mail-wm1-f50.google.com (mail-wm1-f50.google.com
 [209.85.128.50])
 by mx.groups.io with SMTP id smtpd.msgproc02-g2.972.1763839896193529363
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:36 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=Vr0VUgPD;
 spf=pass (domain: gmail.com, ip: 209.85.128.50,
 mailfrom: skandigraun@gmail.com)
Received: by mail-wm1-f50.google.com with SMTP id
 5b1f17b1804b1-4779cb0a33fso29830945e9.0
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1763839894; x=1764444694;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=IoQyaGD3W2t28OmTyV+i79Abxa5U7rArgsD6EmxGkIg=;
        b=Vr0VUgPDTZ/0m8Ld6CvMbCfTGanojRdE4Q+gdEIGAyKMAP4UeD8GKGvbaXUkAvllDK
         Axkttp4vnY0m7zM1Wp4VIKU7/x3BblRX2aG2UL25Pp5cEMWc9zJSE3MZfqFm7b2YYJOp
         7uMowSmQzQc4OWbZKBR5LnOmrGVeTsBXu3jp72op8FpeMLgPy5HT1qBs6FgGJMrMIc4I
         4uGez3Iwx2ZqTXjqxVRy5KRgRQ5nAvuM0+9bJH8QC6SNscBau+2jo1JNr/HTnu0HCxw0
         0RIl1zsveFO2YUPkOKXZEOFCcgg85ykEmyM+S1iFAJ5hXSVTh/3l5tqlN0eRZNKBF/eb
         E5cg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1763839894; x=1764444694;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to
         :cc:subject:date:message-id:reply-to;
        bh=IoQyaGD3W2t28OmTyV+i79Abxa5U7rArgsD6EmxGkIg=;
        b=rve7C7zwOunmCK6itoVs5UwyqEGCZYPMYK4WIYgft+c56mIUxvVie8duaT4N08wg2n
         dbI6KHu77zawf3O3PUlkkcu1nxCogHTNyCtS9IOQJg/lrBpO6YqJEfGc8s1Lffzu7sSR
         sqBi+eQJqaJpY2RqaaaS0LT36rVb9x5rxGyUHudeRz4Vch+DnfWvCYTWm6HDZWoOG1B9
         Nj2OTMn99mLSOJUsM/clDp/W7IB+WAMFsYOQF3//cLrjsIe6KhSu2x8Vcno6imT0YkpJ
         nlaEiPQ0C72+skfkJ/nlEXaIhhllOF/Ur+JtfPFSg3ct6ZnRqg+VEbNodDRoTcsFzvkj
         LGFA==
X-Gm-Message-State: AOJu0YzPLC1dLIztG5uyXTMmpBdpQf/ps0eSE8gAKk3DcmpBIBm2CUxy
	TjmmXeb7/gTeRlek3SXw25rBw0kyAf172SjFc1CpM6fWOdCUEjGqibbcntQWAkLP
X-Gm-Gg: ASbGncv5O+EhD6g4N5Za962b/zMLqisI5AG71iHbeDenlIgKszUAOY8Qvb9al8TRaOj
	v2pegMQkLqTBQOV40BSQJlPa14evNiqnxQOHa7R8PylZDB+SfNAs8nxr0SGmX7z7+DkKypLvehY
	UUysJdEjvc+qJOQWyYX1n46e2ZqkeWoKreGwACCJGkbjXEslkuGLUkOGZ32vqYuYoJfzzpXlhGG
	CY8Bv3SdZQ7hknO7FZipaX06YyCaj0l1Qgx2jw5E0ZC9TUdqSWLWHhEehQkwmQJnL06ETM0I1fz
	lvl1zYHwiiK17vUR9XXa2vIMgJKuapj1bLrIkhVTzKpV5SBz105FSj/1w2R+achUZLcuMdpGhAJ
	VQnjTMbo4bOawFiLWmT6lWlXTFztc2tbGKM5h2D8dMJQ82y5dNVpBhNy7rKWKJq9wMkGWO6w7oJ
	UeV5OXjyoY
X-Google-Smtp-Source: 
 AGHT+IHOVY8nSUWofZ2ivALuOFFCEx1MR27Ax9Z8eUcAmpsKSUCGyC2N1I3fhQgKJCRkInNu8WleAA==
X-Received: by 2002:a05:600c:470d:b0:471:1717:411 with SMTP id
 5b1f17b1804b1-477c01edab1mr84591685e9.24.1763839894402;
        Sat, 22 Nov 2025 11:31:34 -0800 (PST)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 ffacd0b85a97d-42cb7fba201sm18314686f8f.32.2025.11.22.11.31.33
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 22 Nov 2025 11:31:34 -0800 (PST)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][kirkstone][PATCH 08/10] exiv2: patch CVE-2021-32815
Date: Sat, 22 Nov 2025 20:31:26 +0100
Message-ID: <20251122193128.1703871-8-skandigraun@gmail.com>
X-Mailer: git-send-email 2.52.0
In-Reply-To: <20251122193128.1703871-1-skandigraun@gmail.com>
References: <20251122193128.1703871-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com
 [45.33.107.173] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 22 Nov 2025 19:31:42 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/121986

Details: https://nvd.nist.gov/vuln/detail/CVE-2021-32815

Pick the patch from the PR mentioned in he nvd report.

This patch is a combination of 3 commits, which are so
small, that it is still very readable in this form also.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../exiv2/exiv2/CVE-2021-32815.patch          | 36 +++++++++++++++++++
 meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb |  1 +
 2 files changed, 37 insertions(+)
 create mode 100644 meta-oe/recipes-support/exiv2/exiv2/CVE-2021-32815.patch

diff --git a/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-32815.patch b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-32815.patch
new file mode 100644
index 0000000000..238e1cfb84
--- /dev/null
+++ b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-32815.patch
@@ -0,0 +1,36 @@
+From 14fc89433d22f56fa3ec973d802e9316a268deab Mon Sep 17 00:00:00 2001
+From: Kevin Backhouse <kevinbackhouse@github.com>
+Date: Wed, 23 Jun 2021 22:39:31 +0100
+Subject: [PATCH] Don't crash if s > size.
+
+CVE: CVE-2021-32815
+
+Upstream-Status: Backport [https://github.com/Exiv2/exiv2/pull/1739/commits/0c17eb33c0a7fad1796ce23b8bbc32067f511aed
+https://github.com/Exiv2/exiv2/pull/1739/commits/04466168b87dedff4ec09c09e9c23f2334ba1734
+https://github.com/Exiv2/exiv2/pull/1739/commits/c79d83f25fdd09218697d482211a61db87ce5333]
+
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ src/crwimage_int.cpp | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/src/crwimage_int.cpp b/src/crwimage_int.cpp
+index 2e3e507..0232867 100644
+--- a/src/crwimage_int.cpp
++++ b/src/crwimage_int.cpp
+@@ -1226,9 +1226,12 @@ namespace Exiv2 {
+         for (ExifData::const_iterator i = b; i != e; ++i) {
+             if (i->ifdId() != ifdId) continue;
+             const uint16_t s = i->tag()*2 + static_cast<uint16_t>(i->size());
+-            assert(s <= size);
+-            if (len < s) len = s;
+-            i->copy(buf.pData_ + i->tag()*2, byteOrder);
++            if (s <= size) {
++                if (len < s) len = s;
++                i->copy(buf.pData_ + i->tag()*2, byteOrder);
++            } else {
++                EXV_ERROR << "packIfdId out-of-bounds error: s = " << std::dec << s << "\n";
++            }
+         }
+         // Round the size to make it even.
+         buf.size_ = len + len%2;
diff --git a/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb b/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
index 389d8da921..2807cb8948 100644
--- a/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
+++ b/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
@@ -15,6 +15,7 @@ SRC_URI = "https://github.com/Exiv2/${BPN}/releases/download/v${PV}/${BP}-Source
            file://CVE-2021-3482.patch \
            file://CVE-2021-29623.patch \
            file://CVE-2021-32617.patch \
+           file://CVE-2021-32815.patch \
            "
 SRC_URI[sha256sum] = "a79f5613812aa21755d578a297874fb59a85101e793edc64ec2c6bd994e3e778"
 

From patchwork Sat Nov 22 19:31:27 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 75211
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 746C1CFD2EB
	for <webhook@archiver.kernel.org>; Sat, 22 Nov 2025 19:31:42 +0000 (UTC)
Received: from mail-wm1-f50.google.com (mail-wm1-f50.google.com
 [209.85.128.50])
 by mx.groups.io with SMTP id smtpd.msgproc01-g2.15747.1763839896877948180
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:37 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=isdsmc7R;
 spf=pass (domain: gmail.com, ip: 209.85.128.50,
 mailfrom: skandigraun@gmail.com)
Received: by mail-wm1-f50.google.com with SMTP id
 5b1f17b1804b1-47118259fd8so26836065e9.3
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1763839895; x=1764444695;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=RQBlcmuUam6Ot3q/tLsOTQ1GP+TUWAV0ayUCvDU7Kp0=;
        b=isdsmc7RcVNH12gjblM8oq5X+hjb7Y7XiP0q3rTBav8wie/JmUQP0de7RJxB0ogRnn
         m5OwDT2i6WG/1Iap0uS8cTs9TR5tVsD6QSIfxYEFIjP+SDQOKmEFu7iu63ohEvVsmngt
         L/hBoNkJXk5aBebR1x3pxuiGrVDq7KwFxZ3H4oLFrkGexMzqACWex2uQI0CoLWeTOQjd
         E57O09tDlHNnCXdezIZFm1/ucjke0Jf4Y4mRnOyZ6ifqU2Om3+PxKjZ3sCQhb754v9MU
         eyI+IDSDzeFpUOChh3cEUFNoQNWs/n631Kew8HWX8ms5Am6E74Ty4skzJ2+DqjK454RR
         yKvg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1763839895; x=1764444695;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to
         :cc:subject:date:message-id:reply-to;
        bh=RQBlcmuUam6Ot3q/tLsOTQ1GP+TUWAV0ayUCvDU7Kp0=;
        b=IvLy3lV8JGXfE9xpUmYkcYE1DAObK10vmPu60LGDlSFBdtQoJ7Eu4qPCSjB7TFZV/N
         Nx1wm6mu2jy1Z3NQ6Eo9QYmU1UMzy08RqjwbEIQAruh9qef/1D6COFBJ1yn72eT52MvK
         QH+ivgR6ZqtPQ0r9VnlfiLX6qSPtSG6umh2MjdVYePVAsKNvtirFjUwovt0TD9sK0dFA
         3JDocGqDgdHJuTPNInKivM7q+6fL0bllQYRMQBkd5XZ8S1uL77IJuBsFWZG/0MTAAg2n
         dicI3O/tj63taLSp4uciyk5EVcujGkFxF+dmOItPQ5c7BWCZ16m3veV/q0oEZCXw3aII
         tVBA==
X-Gm-Message-State: AOJu0YxJrsWtvCJVcccQ1BUyTBDLaMrP6BzkKha1xHXWvpOZvL25OTpw
	njvbhQJUbCseVcamw3+lS3geQ9MbR0nYp+blHoMY1fnQroEbnmLrqPGgJHHx9iV1
X-Gm-Gg: ASbGncusKXqHR28tXvMfwgGATPc6BHGz4TD4foIfsb13cQfN9Iuy9OZ+czxCmD0Ae3+
	FxlIQIQUmDzDrJ3Hgk+YGwRpZn+HqNechg6FhbbT2RCdmy+O+/7+y2LjKaJsE7tH3CV2qD8Z4Ll
	thBH5MQhiXa6ydmfxcdkwDoETHSoWrwCDs3obr76mMNf4YsFuoBkPt3F2CvIoKvcNHkV52DFuNR
	lBudoH4RwtcyymIn7UgFdpGfCOTDQE7b3h0vidyDboSlf8QSUuJzH/76cVjc+w47SwS8TSg+kSt
	dLwL3mvsLMLpUKeLPpUfqThSc6lnI6nAWSdfksZXhwZBPuElpLCMQufNYWqCcJ1onbTROU/ECfm
	3erjW34N66ZA2AP/W32y+R52gTZStiJyXNVEq614TetslTLVUkc7uIqveRa5OAonNkRDsoS9ptS
	cg6o6jT+tY
X-Google-Smtp-Source: 
 AGHT+IFbpGoQ9PLtSXt/TEwnOkH0Cb5ajaFKsFtlHKlePxOBmGM6C/ZiNdvjcm5IPLYbeHK4Gf9Qhg==
X-Received: by 2002:a05:600c:1f0f:b0:471:d2f:7987 with SMTP id
 5b1f17b1804b1-477c01e87b1mr58468015e9.26.1763839895097;
        Sat, 22 Nov 2025 11:31:35 -0800 (PST)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 ffacd0b85a97d-42cb7fba201sm18314686f8f.32.2025.11.22.11.31.34
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 22 Nov 2025 11:31:34 -0800 (PST)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][kirkstone][PATCH 09/10] exiv2: patch CVE-2021-34334
Date: Sat, 22 Nov 2025 20:31:27 +0100
Message-ID: <20251122193128.1703871-9-skandigraun@gmail.com>
X-Mailer: git-send-email 2.52.0
In-Reply-To: <20251122193128.1703871-1-skandigraun@gmail.com>
References: <20251122193128.1703871-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com
 [45.33.107.173] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 22 Nov 2025 19:31:42 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/121987

Details: https://nvd.nist.gov/vuln/detail/CVE-2021-34334

Pick the patches from the PR mentioned in the nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../exiv2/exiv2/CVE-2021-34334-1.patch        |  36 ++
 .../exiv2/exiv2/CVE-2021-34334-2.patch        | 322 ++++++++++++++++++
 .../exiv2/exiv2/CVE-2021-34334-3.patch        |  35 ++
 .../exiv2/exiv2/CVE-2021-34334-4.patch        |  25 ++
 meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb |   4 +
 5 files changed, 422 insertions(+)
 create mode 100644 meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34334-1.patch
 create mode 100644 meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34334-2.patch
 create mode 100644 meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34334-3.patch
 create mode 100644 meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34334-4.patch

diff --git a/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34334-1.patch b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34334-1.patch
new file mode 100644
index 0000000000..3ec5873ab4
--- /dev/null
+++ b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34334-1.patch
@@ -0,0 +1,36 @@
+From 5a11c81fe8df7cb82c2b2889b1d5863b42d59cc6 Mon Sep 17 00:00:00 2001
+From: Kevin Backhouse <kevinbackhouse@github.com>
+Date: Tue, 6 Jul 2021 18:15:40 +0100
+Subject: [PATCH] Extra checking to prevent the loop counter from wrapping
+ around.
+
+CVE: CVE-2021-34334
+Upstream-Status: Backport [https://github.com/Exiv2/exiv2/pull/1766/commits/97c4880882d87aee77809b4b6e8fb4a5558e4ca2]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ src/crwimage_int.cpp | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/src/crwimage_int.cpp b/src/crwimage_int.cpp
+index 0232867..4ccea63 100644
+--- a/src/crwimage_int.cpp
++++ b/src/crwimage_int.cpp
+@@ -868,12 +868,16 @@ namespace Exiv2 {
+         assert(ifdId != ifdIdNotSet);
+ 
+         std::string groupName(Internal::groupName(ifdId));
++        const uint32_t component_size = ciffComponent.size();
++        enforce(component_size % 2 == 0, kerCorruptedMetadata);
++        enforce(component_size/2 <= static_cast<uint32_t>(std::numeric_limits<uint16_t>::max()), kerCorruptedMetadata);
++        const uint16_t num_components = static_cast<uint16_t>(component_size/2);
+         uint16_t c = 1;
+-        while (uint32_t(c)*2 < ciffComponent.size()) {
++        while (c < num_components) {
+             uint16_t n = 1;
+             ExifKey key(c, groupName);
+             UShortValue value;
+-            if (ifdId == canonCsId && c == 23 && ciffComponent.size() > 50) n = 3;
++            if (ifdId == canonCsId && c == 23 && component_size >= 52) n = 3;
+             value.read(ciffComponent.pData() + c*2, n*2, byteOrder);
+             image.exifData().add(key, &value);
+             if (ifdId == canonSiId && c == 21) aperture = value.toLong();
diff --git a/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34334-2.patch b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34334-2.patch
new file mode 100644
index 0000000000..bc11894827
--- /dev/null
+++ b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34334-2.patch
@@ -0,0 +1,322 @@
+From fd66118143640ed248e209c18fc8f2447f1bc85e Mon Sep 17 00:00:00 2001
+From: Kevin Backhouse <kevinbackhouse@github.com>
+Date: Wed, 7 Jul 2021 14:41:42 +0100
+Subject: [PATCH] Defensive coding changes to avoid integer overflow in loop
+ conditions.
+
+CVE: CVE-2021-34334
+Upstream-Status: Backport [https://github.com/Exiv2/exiv2/pull/1766/commits/1b204d9b19efcff1acad56737d6483a393e24832]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ src/actions.cpp           |  4 ++--
+ src/basicio.cpp           |  9 ++++-----
+ src/convert.cpp           | 10 +++++-----
+ src/exif.cpp              |  2 +-
+ src/exiv2.cpp             |  4 ++--
+ src/iptc.cpp              |  9 ++++++---
+ src/preview.cpp           |  2 +-
+ src/tags_int.cpp          |  7 +++++--
+ src/tiffcomposite_int.cpp |  4 ++--
+ src/tiffvisitor_int.cpp   |  6 +++---
+ src/types.cpp             |  2 +-
+ src/xmp.cpp               |  2 +-
+ src/xmpsidecar.cpp        |  2 +-
+ 13 files changed, 34 insertions(+), 29 deletions(-)
+
+diff --git a/src/actions.cpp b/src/actions.cpp
+index a941d67..97acac7 100644
+--- a/src/actions.cpp
++++ b/src/actions.cpp
+@@ -702,8 +702,8 @@ namespace Action {
+             std::ostringstream os;
+             // #1114 - show negative values for SByte
+             if (md.typeId() == Exiv2::signedByte) {
+-                for ( int c = 0 ; c < md.value().count() ; c++ ) {
+-                    int value = md.value().toLong(c);
++                for ( long c = 0 ; c < md.value().count() ; c++ ) {
++                    long value = md.value().toLong(c);
+                     os << (c?" ":"") << std::dec << (value < 128 ? value : value - 256);
+                 }
+             } else {
+diff --git a/src/basicio.cpp b/src/basicio.cpp
+index b5ec43c..7b707e1 100644
+--- a/src/basicio.cpp
++++ b/src/basicio.cpp
+@@ -1800,9 +1800,10 @@ namespace Exiv2 {
+ 
+         // find $right
+         findDiff    = false;
+-        blockIndex  = nBlocks - 1;
+-        blockSize   = p_->blocksMap_[blockIndex].getSize();
+-        while ((blockIndex + 1 > 0) && right < src.size() && !findDiff) {
++        blockIndex  = nBlocks;
++        while (blockIndex > 0 && right < src.size() && !findDiff) {
++            blockIndex--;
++            blockSize = p_->blocksMap_[blockIndex].getSize();
+             if(src.seek(-1 * (blockSize + right), BasicIo::end)) {
+                 findDiff = true;
+             } else {
+@@ -1817,8 +1818,6 @@ namespace Exiv2 {
+                     }
+                 }
+             }
+-            blockIndex--;
+-            blockSize = (long)p_->blocksMap_[blockIndex].getSize();
+         }
+ 
+         // free buf
+diff --git a/src/convert.cpp b/src/convert.cpp
+index ef83a23..25fb587 100644
+--- a/src/convert.cpp
++++ b/src/convert.cpp
+@@ -545,7 +545,7 @@ namespace Exiv2 {
+         Exiv2::ExifData::iterator pos = exifData_->findKey(ExifKey(from));
+         if (pos == exifData_->end()) return;
+         if (!prepareXmpTarget(to)) return;
+-        for (int i = 0; i < pos->count(); ++i) {
++        for (long i = 0; i < pos->count(); ++i) {
+             std::string value = pos->toString(i);
+             if (!pos->value().ok()) {
+ #ifndef SUPPRESS_WARNINGS
+@@ -692,7 +692,7 @@ namespace Exiv2 {
+         if (pos == exifData_->end()) return;
+         if (!prepareXmpTarget(to)) return;
+         std::ostringstream value;
+-        for (int i = 0; i < pos->count(); ++i) {
++        for (long i = 0; i < pos->count(); ++i) {
+             value << static_cast<char>(pos->toLong(i));
+         }
+         (*xmpData_)[to] = value.str();
+@@ -705,7 +705,7 @@ namespace Exiv2 {
+         if (pos == exifData_->end()) return;
+         if (!prepareXmpTarget(to)) return;
+         std::ostringstream value;
+-        for (int i = 0; i < pos->count(); ++i) {
++        for (long i = 0; i < pos->count(); ++i) {
+             if (i > 0) value << '.';
+             value << pos->toLong(i);
+         }
+@@ -823,7 +823,7 @@ namespace Exiv2 {
+         Exiv2::XmpData::iterator pos = xmpData_->findKey(XmpKey(from));
+         if (pos == xmpData_->end()) return;
+         std::ostringstream array;
+-        for (int i = 0; i < pos->count(); ++i) {
++        for (long i = 0; i < pos->count(); ++i) {
+             std::string value = pos->toString(i);
+             if (!pos->value().ok()) {
+ #ifndef SUPPRESS_WARNINGS
+@@ -972,7 +972,7 @@ namespace Exiv2 {
+             return;
+         }
+ 
+-        for (unsigned i = 0; i < value.length(); ++i) {
++        for (size_t i = 0; i < value.length(); ++i) {
+             if (value[i] == '.') value[i] = ' ';
+         }
+         (*exifData_)[to] = value;
+diff --git a/src/exif.cpp b/src/exif.cpp
+index 493fd20..de93980 100644
+--- a/src/exif.cpp
++++ b/src/exif.cpp
+@@ -948,7 +948,7 @@ namespace {
+     long sumToLong(const Exiv2::Exifdatum& md)
+     {
+         long sum = 0;
+-        for (int i = 0; i < md.count(); ++i) {
++        for (long i = 0; i < md.count(); ++i) {
+             sum += md.toLong(i);
+         }
+         return sum;
+diff --git a/src/exiv2.cpp b/src/exiv2.cpp
+index a7c542e..09f690d 100644
+--- a/src/exiv2.cpp
++++ b/src/exiv2.cpp
+@@ -1499,7 +1499,7 @@ namespace {
+     std::string parseEscapes(const std::string& input)
+     {
+         std::string result = "";
+-        for (unsigned int i = 0; i < input.length(); ++i) {
++        for (size_t i = 0; i < input.length(); ++i) {
+             char ch = input[i];
+             if (ch != '\\') {
+                 result.push_back(ch);
+@@ -1526,7 +1526,7 @@ namespace {
+                 result.push_back('\t');
+                 break;
+             case 'u':                           // Escaping of unicode
+-                if (input.length() - 4 > i) {
++                if (input.length() >= 4 && input.length() - 4 > i) {
+                     int acc = 0;
+                     for (int j = 0; j < 4; ++j) {
+                         ++i;
+diff --git a/src/iptc.cpp b/src/iptc.cpp
+index 1ffc759..f823f74 100644
+--- a/src/iptc.cpp
++++ b/src/iptc.cpp
+@@ -27,6 +27,7 @@
+ #include "iptc.hpp"
+ #include "types.hpp"
+ #include "error.hpp"
++#include "enforce.hpp"
+ #include "value.hpp"
+ #include "datasets.hpp"
+ #include "jpgimage.hpp"
+@@ -350,22 +351,24 @@ namespace Exiv2 {
+ 
+     void IptcData::printStructure(std::ostream& out, const Slice<byte*>& bytes, uint32_t depth)
+     {
+-        uint32_t i = 0;
+-        while (i < bytes.size() - 3 && bytes.at(i) != 0x1c)
++        size_t i = 0;
++        while (i + 3 < bytes.size() && bytes.at(i) != 0x1c)
+             i++;
+         depth++;
+         out << Internal::indent(depth) << "Record | DataSet | Name                     | Length | Data" << std::endl;
+-        while (i < bytes.size() - 3) {
++        while (i + 3 < bytes.size()) {
+             if (bytes.at(i) != 0x1c) {
+                 break;
+             }
+             char buff[100];
+             uint16_t record = bytes.at(i + 1);
+             uint16_t dataset = bytes.at(i + 2);
++            enforce(bytes.size() - i >= 5, kerCorruptedMetadata);
+             uint16_t len = getUShort(bytes.subSlice(i + 3, bytes.size()), bigEndian);
+             sprintf(buff, "  %6d | %7d | %-24s | %6d | ", record, dataset,
+                     Exiv2::IptcDataSets::dataSetName(dataset, record).c_str(), len);
+ 
++            enforce(bytes.size() - i >= 5 + len, kerCorruptedMetadata);
+             out << buff << Internal::binaryToString(makeSlice(bytes, i + 5, i + 5 + (len > 40 ? 40 : len)))
+                 << (len > 40 ? "..." : "")
+                 << std::endl;
+diff --git a/src/preview.cpp b/src/preview.cpp
+index ed45566..d99a03a 100644
+--- a/src/preview.cpp
++++ b/src/preview.cpp
+@@ -809,7 +809,7 @@ namespace {
+                     enforce(size_ <= static_cast<uint32_t>(io.size()), kerCorruptedMetadata);
+                     DataBuf buf(size_);
+                     uint32_t idxBuf = 0;
+-                    for (int i = 0; i < sizes.count(); i++) {
++                    for (long i = 0; i < sizes.count(); i++) {
+                         uint32_t offset = dataValue.toLong(i);
+                         uint32_t size = sizes.toLong(i);
+                         enforce(Safe::add(idxBuf, size) < size_, kerCorruptedMetadata);
+diff --git a/src/tags_int.cpp b/src/tags_int.cpp
+index f29b1e3..6f76a87 100644
+--- a/src/tags_int.cpp
++++ b/src/tags_int.cpp
+@@ -24,6 +24,7 @@
+ 
+ #include "convert.hpp"
+ #include "error.hpp"
++#include "enforce.hpp"
+ #include "i18n.h"                // NLS support.
+ 
+ #include "canonmn_int.hpp"
+@@ -2173,7 +2174,9 @@ namespace Exiv2 {
+         {
+             uint16_t bit   = 0;
+             uint16_t comma = 0;
+-            for (uint16_t i = 0; i < value.count(); i++ ) { // for each element in value array
++            long count = value.count();
++            enforce(0 <= count && count <= std::numeric_limits<uint16_t>::max(), kerCorruptedMetadata);
++            for (uint16_t i = 0; i < count; i++ ) { // for each element in value array
+                 uint16_t bits = static_cast<uint16_t>(value.toLong(i));
+                 for (uint16_t b = 0; b < 16; ++b) { // for every bit
+                     if (bits & (1 << b)) {
+@@ -2867,7 +2870,7 @@ namespace Exiv2 {
+         if (stringValue[19] == 'Z') {
+             stringValue = stringValue.substr(0, 19);
+         }
+-        for (unsigned int i = 0; i < stringValue.length(); ++i) {
++        for (size_t i = 0; i < stringValue.length(); ++i) {
+             if (stringValue[i] == 'T') stringValue[i] = ' ';
+             if (stringValue[i] == '-') stringValue[i] = ':';
+         }
+diff --git a/src/tiffcomposite_int.cpp b/src/tiffcomposite_int.cpp
+index a6bf925..6424156 100644
+--- a/src/tiffcomposite_int.cpp
++++ b/src/tiffcomposite_int.cpp
+@@ -431,7 +431,7 @@ namespace Exiv2 {
+             return;
+         }
+         uint32_t size = 0;
+-        for (int i = 0; i < pSize->count(); ++i) {
++        for (long i = 0; i < pSize->count(); ++i) {
+             size += static_cast<uint32_t>(pSize->toLong(i));
+         }
+         uint32_t offset = static_cast<uint32_t>(pValue()->toLong(0));
+@@ -488,7 +488,7 @@ namespace Exiv2 {
+ #endif
+             return;
+         }
+-        for (int i = 0; i < pValue()->count(); ++i) {
++        for (long i = 0; i < pValue()->count(); ++i) {
+             const uint32_t offset = static_cast<uint32_t>(pValue()->toLong(i));
+             const byte* pStrip = pData + baseOffset + offset;
+             const uint32_t size = static_cast<uint32_t>(pSize->toLong(i));
+diff --git a/src/tiffvisitor_int.cpp b/src/tiffvisitor_int.cpp
+index 066e4fc..cca9679 100644
+--- a/src/tiffvisitor_int.cpp
++++ b/src/tiffvisitor_int.cpp
+@@ -477,7 +477,7 @@ namespace Exiv2 {
+         // create vector of signedShorts from unsignedShorts in Exif.Canon.AFInfo
+         std::vector<int16_t>  ints;
+         std::vector<uint16_t> uint;
+-        for (int i = 0; i < object->pValue()->count(); i++) {
++        for (long i = 0; i < object->pValue()->count(); i++) {
+             ints.push_back((int16_t) object->pValue()->toLong(i));
+             uint.push_back((uint16_t) object->pValue()->toLong(i));
+         }
+@@ -524,9 +524,9 @@ namespace Exiv2 {
+                 Exiv2::Value::AutoPtr v = Exiv2::Value::create(records[i].bSigned?Exiv2::signedShort:Exiv2::unsignedShort);
+                 std::ostringstream    s;
+                 if ( records[i].bSigned ) {
+-                    for ( int16_t k = 0 ; k < records[i].size ; k++ ) s << " " << ints.at(nStart++);
++                    for ( uint16_t k = 0 ; k < records[i].size ; k++ ) s << " " << ints.at(nStart++);
+                 } else {
+-                    for ( int16_t k = 0 ; k < records[i].size ; k++ ) s << " " << uint.at(nStart++);
++                    for ( uint16_t k = 0 ; k < records[i].size ; k++ ) s << " " << uint.at(nStart++);
+                 }
+ 
+                 v->read(s.str());
+diff --git a/src/types.cpp b/src/types.cpp
+index 17ab051..a122640 100644
+--- a/src/types.cpp
++++ b/src/types.cpp
+@@ -612,7 +612,7 @@ namespace Exiv2 {
+     bool stringTo<bool>(const std::string& s, bool& ok)
+     {
+         std::string lcs(s); /* lowercase string */
+-        for(unsigned i = 0; i < lcs.length(); i++) {
++        for(size_t i = 0; i < lcs.length(); i++) {
+             lcs[i] = std::tolower(s[i]);
+         }
+         /* handle the same values as xmp sdk */
+diff --git a/src/xmp.cpp b/src/xmp.cpp
+index d426c1e..0b7ade0 100644
+--- a/src/xmp.cpp
++++ b/src/xmp.cpp
+@@ -794,7 +794,7 @@ namespace Exiv2 {
+                 || i->typeId() == xmpAlt) {
+                 printNode(ns, i->tagName(), "", options);
+                 meta.SetProperty(ns.c_str(), i->tagName().c_str(), 0, options);
+-                for (int idx = 0; idx < i->count(); ++idx) {
++                for (long idx = 0; idx < i->count(); ++idx) {
+                     const std::string item = i->tagName() + "[" + toString(idx + 1) + "]";
+                     printNode(ns, item, i->toString(idx), 0);
+                     meta.SetProperty(ns.c_str(), item.c_str(), i->toString(idx).c_str());
+diff --git a/src/xmpsidecar.cpp b/src/xmpsidecar.cpp
+index 3146721..4791918 100644
+--- a/src/xmpsidecar.cpp
++++ b/src/xmpsidecar.cpp
+@@ -238,7 +238,7 @@ namespace Exiv2 {
+         std::string head(reinterpret_cast<const char*>(buf + start), len - start);
+         if (head.substr(0, 5)  == "<?xml") {
+             // Forward to the next tag
+-            for (unsigned i = 5; i < head.size(); ++i) {
++            for (size_t i = 5; i < head.size(); ++i) {
+                 if (head[i] == '<') {
+                     head = head.substr(i);
+                     break;
diff --git a/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34334-3.patch b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34334-3.patch
new file mode 100644
index 0000000000..7ee54a7bf0
--- /dev/null
+++ b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34334-3.patch
@@ -0,0 +1,35 @@
+From 95f5403e8b3a5d71241b6b9ef809f4097ad404a5 Mon Sep 17 00:00:00 2001
+From: Kevin Backhouse <kevinbackhouse@github.com>
+Date: Wed, 7 Jul 2021 16:49:24 +0100
+Subject: [PATCH] Better fix for potential integer overflow in `bytes.size() -
+ 3`.
+
+CVE: CVE-2021-34334
+Upstream-Status: Backport [https://github.com/Exiv2/exiv2/pull/1766/commits/ee8af718983469af5a86f041b58a5f52b1cbad76]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ src/iptc.cpp | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/src/iptc.cpp b/src/iptc.cpp
+index f823f74..8e54b9c 100644
+--- a/src/iptc.cpp
++++ b/src/iptc.cpp
+@@ -351,12 +351,15 @@ namespace Exiv2 {
+ 
+     void IptcData::printStructure(std::ostream& out, const Slice<byte*>& bytes, uint32_t depth)
+     {
++        if (bytes.size() < 3) {
++            return;
++        }
+         size_t i = 0;
+-        while (i + 3 < bytes.size() && bytes.at(i) != 0x1c)
++        while (i < bytes.size() - 3 && bytes.at(i) != 0x1c)
+             i++;
+         depth++;
+         out << Internal::indent(depth) << "Record | DataSet | Name                     | Length | Data" << std::endl;
+-        while (i + 3 < bytes.size()) {
++        while (i < bytes.size() - 3) {
+             if (bytes.at(i) != 0x1c) {
+                 break;
+             }
diff --git a/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34334-4.patch b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34334-4.patch
new file mode 100644
index 0000000000..5fa7b14629
--- /dev/null
+++ b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34334-4.patch
@@ -0,0 +1,25 @@
+From 28c81a061768f06aa88d52bf46e7195fe350c272 Mon Sep 17 00:00:00 2001
+From: Kevin Backhouse <kevinbackhouse@github.com>
+Date: Thu, 8 Jul 2021 10:46:24 +0100
+Subject: [PATCH] Type of escapeStart should be size_t.
+
+CVE: CVE-2021-34334
+Upstream-Status: Backport [https://github.com/Exiv2/exiv2/pull/1766/commits/e74d8accc431d9064589bad6cf8f17c30229523d]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ src/exiv2.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/exiv2.cpp b/src/exiv2.cpp
+index 09f690d..3d9fa4f 100644
+--- a/src/exiv2.cpp
++++ b/src/exiv2.cpp
+@@ -1505,7 +1505,7 @@ namespace {
+                 result.push_back(ch);
+                 continue;
+             }
+-            int escapeStart = i;
++            size_t escapeStart = i;
+             if (!(input.length() - 1 > i)) {
+                 result.push_back(ch);
+                 continue;
diff --git a/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb b/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
index 2807cb8948..339ce221dd 100644
--- a/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
+++ b/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
@@ -16,6 +16,10 @@ SRC_URI = "https://github.com/Exiv2/${BPN}/releases/download/v${PV}/${BP}-Source
            file://CVE-2021-29623.patch \
            file://CVE-2021-32617.patch \
            file://CVE-2021-32815.patch \
+           file://CVE-2021-34334-1.patch \
+           file://CVE-2021-34334-2.patch \
+           file://CVE-2021-34334-3.patch \
+           file://CVE-2021-34334-4.patch \
            "
 SRC_URI[sha256sum] = "a79f5613812aa21755d578a297874fb59a85101e793edc64ec2c6bd994e3e778"
 

From patchwork Sat Nov 22 19:31:28 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 75217
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id A5C5ACFD2F3
	for <webhook@archiver.kernel.org>; Sat, 22 Nov 2025 19:31:42 +0000 (UTC)
Received: from mail-wm1-f48.google.com (mail-wm1-f48.google.com
 [209.85.128.48])
 by mx.groups.io with SMTP id smtpd.msgproc02-g2.973.1763839897558248288
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:37 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=UIzZNcsZ;
 spf=pass (domain: gmail.com, ip: 209.85.128.48,
 mailfrom: skandigraun@gmail.com)
Received: by mail-wm1-f48.google.com with SMTP id
 5b1f17b1804b1-4779d47be12so24228655e9.2
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 22 Nov 2025 11:31:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1763839896; x=1764444696;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=StLfLuX08/2cDqZqAV6fFzXvVLMg4V2SdfX1NHqu8Kw=;
        b=UIzZNcsZ6rRSig8MHCqDEUL0cJajFDhwjEf0xbkHu7Ut6rrmd/VgfILTluiYnDlh79
         Bi+4N8qmLCTymmT938JnDW0fU2g/JJmrbU0M8sne7KtAAbi3pYfX3N98Ubr+iD5UquCd
         vd2gj5L7lssyKCUAAoLBqoTk27atnUG3pu/KY+cxOyWmFh0s0QGcftXax4+rzKvifq2K
         N7lWHex22b7OkgABnOwwme//FU5q69XbdsnNgrWjgmAjjO/oar6aIxCNvTRoD6u9XN4E
         2dQAeICL1a4hkFl91IEnTc6t3syDKZx8qAMax8q5cawtBr6GXphY3z9kdklO1BM9R6TS
         WQQg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1763839896; x=1764444696;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to
         :cc:subject:date:message-id:reply-to;
        bh=StLfLuX08/2cDqZqAV6fFzXvVLMg4V2SdfX1NHqu8Kw=;
        b=uhZ5KCzRGcA4Xbarjy2kg36FcEo/iKu73QV2lH1AjkfP03GKoxX2pc5Jcz0wheMX3E
         hLCo6RV0ODwfo3WaQknroAnhTL1AdaNy4hP7V0G8TGTgK/F6/u5z4r/cuoRHCy7JWkWO
         hOOXraoDUVT1qrei8PY8mTKmk8DKmqdPdC9dgDCoqH97apcyAi01dBUDlzWsIx808ZS3
         D7spx6CMt7LjbvRoB7P+3pb6Qr55kHsbEh/q9Z0te1xEaEvK9Ag0ZfqmoZDg+rB3/XEM
         K319Nlk0RYbcKpIa4saycLBsPW95TVvHIIgVlD+3ErvTmFrQENsKldK1/ZnzbR/yL2If
         /lvQ==
X-Gm-Message-State: AOJu0YxMiM2PpLqBDqJMjIdnqB4OQjBhG4qXEsHevA+c2PI8mL1JmuU7
	A93jQuokRv3Fctgs298QkNVYjdtH+EuHPcT0NRmtBHdjzjV4derMefzULj5zkSak
X-Gm-Gg: ASbGnctRgKQk2FVmJtoeUcKT8AilZCsSTC2WXZcdIF9WI7PekOLcFQS3X4woNArjHPP
	DSFVIGV9VY7Wd77m7rE6OQcF4V8Z1O2ih9Ya3bsgcaGmsw4MldqJQxIBuDpF20zMxKt1dtV3pu2
	/+keIGys1tW/4JMTB9UovLOFaa3H5oYQ2Akmly6bKgRRS6FlBG3XxbzrkCtwnp24W3STfGxu+cv
	cOeKKuKtNFZnVgnHcEQph0QRg+0qfpNHRfcKoS0ZdPpJ6mfJVUvigDgD6BY1p0Sbke00q48GgQT
	YDPo5IU2eabLUJmVOPxYRmtBxh3lKe8Nmv5HSutsfTfLFj5CUTLF3oKn/ktn4Yyd3aFyVGhV3ik
	wl8FYFF5eZH7XZM48O7Udw/lM8+qfQB5x6YcA2Lys63ihbJVdneNC4Iuhm6ArltB7DDN5DlrKcT
	mky8vPYuAi
X-Google-Smtp-Source: 
 AGHT+IGUaAd3mhAzL6hqiPw/v7fTaTEhnB/EXdkXasvwaKnER/cTNNWVj4JfxbzO5Tj7Gmz8I2nuJA==
X-Received: by 2002:a05:600c:4e8e:b0:477:5aaa:57a3 with SMTP id
 5b1f17b1804b1-477c017512dmr59739455e9.2.1763839895812;
        Sat, 22 Nov 2025 11:31:35 -0800 (PST)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 ffacd0b85a97d-42cb7fba201sm18314686f8f.32.2025.11.22.11.31.35
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 22 Nov 2025 11:31:35 -0800 (PST)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][kirkstone][PATCH 10/10] exiv2: patch CVE-2021-34335
Date: Sat, 22 Nov 2025 20:31:28 +0100
Message-ID: <20251122193128.1703871-10-skandigraun@gmail.com>
X-Mailer: git-send-email 2.52.0
In-Reply-To: <20251122193128.1703871-1-skandigraun@gmail.com>
References: <20251122193128.1703871-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com
 [45.33.107.173] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 22 Nov 2025 19:31:42 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/121988

Details: https://nvd.nist.gov/vuln/detail/CVE-2021-34335

Pick the patches from the PR mentioned in the nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../exiv2/exiv2/CVE-2021-34335-1.patch        | 43 ++++++++++++++
 .../exiv2/exiv2/CVE-2021-34335-2.patch        | 57 +++++++++++++++++++
 meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb |  2 +
 3 files changed, 102 insertions(+)
 create mode 100644 meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34335-1.patch
 create mode 100644 meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34335-2.patch

diff --git a/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34335-1.patch b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34335-1.patch
new file mode 100644
index 0000000000..055a7c5db0
--- /dev/null
+++ b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34335-1.patch
@@ -0,0 +1,43 @@
+From bde41fcab99f5def735bc4b0b8515f211eda98c0 Mon Sep 17 00:00:00 2001
+From: Kevin Backhouse <kevinbackhouse@github.com>
+Date: Tue, 29 Jun 2021 23:32:59 +0100
+Subject: [PATCH] Prevent divide-by-zero crash.
+
+CVE: CVE-2021-34335
+Upstream-Status: Backport [https://github.com/Exiv2/exiv2/pull/1750/commits/f2d6d24ed74b2c5dbbbdc25bafd42ce9357978f8]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ src/minoltamn_int.cpp | 16 ++++++++++------
+ 1 file changed, 10 insertions(+), 6 deletions(-)
+
+diff --git a/src/minoltamn_int.cpp b/src/minoltamn_int.cpp
+index f5c0b41..77521fc 100644
+--- a/src/minoltamn_int.cpp
++++ b/src/minoltamn_int.cpp
+@@ -2179,16 +2179,20 @@ namespace Exiv2 {
+ 
+             if ( model == "ILCE-6000" && maxAperture == F1_8 ) try {
+                 long    focalLength = getKeyLong  ("Exif.Photo.FocalLength"      ,metadata);
+-                long    focalL35mm  = getKeyLong  ("Exif.Photo.FocalLengthIn35mmFilm",metadata);
+-                long    focalRatio  = (focalL35mm*100)/focalLength;
+-                if ( inRange(focalRatio,145,155) ) index = 2 ;
++                if (focalLength > 0) {
++                  long    focalL35mm  = getKeyLong  ("Exif.Photo.FocalLengthIn35mmFilm",metadata);
++                  long    focalRatio  = (focalL35mm*100)/focalLength;
++                  if ( inRange(focalRatio,145,155) ) index = 2 ;
++                }
+             } catch (...) {}
+ 
+             if ( model == "ILCE-6000" && maxApertures.find(maxAperture) != maxApertures.end() ) try {
+                 long    focalLength = getKeyLong  ("Exif.Photo.FocalLength"      ,metadata);
+-                long    focalL35mm  = getKeyLong  ("Exif.Photo.FocalLengthIn35mmFilm",metadata);
+-                long    focalRatio  = (focalL35mm*100)/focalLength;
+-                if ( inRange(focalRatio,145,155) ) index = 3 ;
++                if (focalLength > 0) {
++                  long    focalL35mm  = getKeyLong  ("Exif.Photo.FocalLengthIn35mmFilm",metadata);
++                  long    focalRatio  = (focalL35mm*100)/focalLength;
++                  if ( inRange(focalRatio,145,155) ) index = 3 ;
++                }
+             } catch (...) {}
+ 
+             if ( index > 0 ) {
diff --git a/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34335-2.patch b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34335-2.patch
new file mode 100644
index 0000000000..35d1e79d01
--- /dev/null
+++ b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-34335-2.patch
@@ -0,0 +1,57 @@
+From fb3bfc509905b20cbde061ff3ec8be9d8a04e7c3 Mon Sep 17 00:00:00 2001
+From: Kevin Backhouse <kevinbackhouse@github.com>
+Date: Wed, 30 Jun 2021 11:57:46 +0100
+Subject: [PATCH] Defensive coding to avoid 0x80000000/0xFFFFFFFF FPE.
+
+CVE: CVE-2021-34335
+Upstream-Status: Backport [https://github.com/Exiv2/exiv2/pull/1750/commits/2d8d44e47b1500030e5b249bffbaf1e80aa74815]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ include/exiv2/value.hpp | 6 +++---
+ src/tags_int.cpp        | 2 +-
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/include/exiv2/value.hpp b/include/exiv2/value.hpp
+index 7ca57f3..f726f8c 100644
+--- a/include/exiv2/value.hpp
++++ b/include/exiv2/value.hpp
+@@ -1569,7 +1569,7 @@ namespace Exiv2 {
+     {
+         value_.clear();
+         long ts = TypeInfo::typeSize(typeId());
+-        if (ts != 0)
++        if (ts > 0)
+             if (len % ts != 0) len = (len / ts) * ts;
+         for (long i = 0; i < len; i += ts) {
+             value_.push_back(getValue<T>(buf + i, byteOrder));
+@@ -1653,7 +1653,7 @@ namespace Exiv2 {
+     template<>
+     inline long ValueType<Rational>::toLong(long n) const
+     {
+-        ok_ = (value_[n].second != 0 && INT_MIN < value_[n].first && value_[n].first < INT_MAX );
++        ok_ = (value_[n].second > 0 && INT_MIN < value_[n].first && value_[n].first < INT_MAX );
+         if (!ok_) return 0;
+         return value_[n].first / value_[n].second;
+     }
+@@ -1661,7 +1661,7 @@ namespace Exiv2 {
+     template<>
+     inline long ValueType<URational>::toLong(long n) const
+     {
+-        ok_ = (value_[n].second != 0 && value_[n].first < LARGE_INT);
++        ok_ = (value_[n].second > 0 && value_[n].first < LARGE_INT);
+         if (!ok_) return 0;
+         return value_[n].first / value_[n].second;
+     }
+diff --git a/src/tags_int.cpp b/src/tags_int.cpp
+index 6f76a87..df05522 100644
+--- a/src/tags_int.cpp
++++ b/src/tags_int.cpp
+@@ -2228,7 +2228,7 @@ namespace Exiv2 {
+     std::ostream& printLong(std::ostream& os, const Value& value, const ExifData*)
+     {
+         Rational r = value.toRational();
+-        if (r.second != 0) return os << static_cast<long>(r.first) / r.second;
++        if (r.second > 0) return os << static_cast<long>(r.first) / r.second;
+         return os << "(" << value << ")";
+     } // printLong
+ 
diff --git a/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb b/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
index 339ce221dd..1c1c05dfaa 100644
--- a/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
+++ b/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
@@ -20,6 +20,8 @@ SRC_URI = "https://github.com/Exiv2/${BPN}/releases/download/v${PV}/${BP}-Source
            file://CVE-2021-34334-2.patch \
            file://CVE-2021-34334-3.patch \
            file://CVE-2021-34334-4.patch \
+           file://CVE-2021-34335-1.patch \
+           file://CVE-2021-34335-2.patch \
            "
 SRC_URI[sha256sum] = "a79f5613812aa21755d578a297874fb59a85101e793edc64ec2c6bd994e3e778"