From patchwork Tue Jan 20 12:08:15 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79164 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C1E33D2ECF7 for ; Tue, 20 Jan 2026 12:09:24 +0000 (UTC) Received: from mail-wm1-f54.google.com (mail-wm1-f54.google.com [209.85.128.54]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.5038.1768910954403234021 for ; Tue, 20 Jan 2026 04:09:14 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=K6GvjUTI; spf=pass (domain: smile.fr, ip: 209.85.128.54, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f54.google.com with SMTP id 5b1f17b1804b1-47ff94b46afso35834835e9.1 for ; Tue, 20 Jan 2026 04:09:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910952; x=1769515752; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=lzdEgoHjhdbJL7J6G+vAEQQiAVfwWKwhKQ77d/i78EI=; b=K6GvjUTIHQ/OgvCCpWnXiueTZviFjOS2rLMNxVuQJdk95+Gs6UI7lAeUS/cbJj47+e Rh1sMrVR5ehV5iLPjehAhgRd5i7rCIAEkn1etEvbqFImtbO4Ef0OUnled0J8TWEbHLZb zDtyYspmXPUrS3aPHQGnSTohuuAILnX/rS03s= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910952; x=1769515752; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=lzdEgoHjhdbJL7J6G+vAEQQiAVfwWKwhKQ77d/i78EI=; b=b0ugFRGV8t2V5ARyTU78Udw4j1XNK4oPWbIyyYGoiVuwqKK3fmzKGgZv7C7gwIrhII U19FhvjVwX3qIzsZ1rFJHfUvjt9J3OGXSJx8O8FsO5O5mkL53jpa+fmVEMJeUkqNRs6f /rKe+UIJwOhoR06xA0Rc3C+/uE8zT9/xFw/5lw/nhK3Ou9W2ybNF/DvW6K6gxOm7VS1+ s41JmP8NAyo6Wk5N0g5tXwDx5TdllhKlXMX0I2lzdY/01NiSXsaBGwLzU4r7ICMyLRt/ D5f/+WbwoHPJFY2v3imgZwFqXgXFOBDAjZWHRb/9SNeneSegHYjgyc1yRFve1Sb9jVQO vHxQ== X-Gm-Message-State: AOJu0YwS+S+sW4TyQRllYq7aCEEkFCryvl4WElaHkkdjpAk2K+XdXg0z XPYvsGI+GZCUeC6934EGdRm1YCVVFwmKLSSYUH12455g6fQ+EbdQfwvHfosI3nnzVF2K8MOWKdP Ginpv X-Gm-Gg: AY/fxX5IlD9CbU2E3rf50WjiArbtBISciCcFTysHBjr0M2zJ/ca9dMAlgaz12kQ207Y z1IZAArtrYXq29oS4VRgqqNzc7EYrvSszYyrsPnIEh9uCaMzln8iLEmBtVb+Sv9WC4vixwc4FyR 9O0+w04NisWsWLdrrlNOtgSydDNIePIg/1Yhx5q6bCWiek6lrjFUyNKNXUWnR8tCv4UkmqmmLdF SNm8cVrtmHSlOpbfdMBtA0EH+CBhE4MssXI/qQqxqM0dsplslbVxmP9dvs+MY4a1Jts/BbwIiOC rBKPAC0pwE24Ku75B2mAmjq4jei33eqhTerVw5EnU+MgGrLl9uNwqO79NWgGCAYUI8Es/94eodT rBEzNPv+1qOVc3Y2EpG3wOf7n+Gl6eQ8BGAy4cLIlc5Ph4ZJnHdpMU23nbJkaPQQ6YQDq4LShdS p3la3PF163+4xUhLPl3v8t+qFIGrQzFITgY5lhhN/RpFU5xKl90HTXjkpinh6A8hsIsAL+JaK3e 2xK89VDUofx+rbVIl8nYw== X-Received: by 2002:a05:600c:3593:b0:47e:e59c:67c5 with SMTP id 5b1f17b1804b1-4801e547d1bmr202814355e9.8.1768910952428; Tue, 20 Jan 2026 04:09:12 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.11 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:11 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 01/22] python3: patch CVE-2025-12084 Date: Tue, 20 Jan 2026 13:08:15 +0100 Message-ID: <91eb6b2eb54e50a6a0db92f55b6abe9729c97c34.1768910519.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:24 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229679 From: Peter Marko Pick patch from 3.12 branch according to [1]. [1] https://nvd.nist.gov/vuln/detail/CVE-2025-12084 Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../python/python3/CVE-2025-12084.patch | 144 ++++++++++++++++++ .../python/python3_3.12.12.bb | 1 + 2 files changed, 145 insertions(+) create mode 100644 meta/recipes-devtools/python/python3/CVE-2025-12084.patch diff --git a/meta/recipes-devtools/python/python3/CVE-2025-12084.patch b/meta/recipes-devtools/python/python3/CVE-2025-12084.patch new file mode 100644 index 0000000000..b7c0650cdc --- /dev/null +++ b/meta/recipes-devtools/python/python3/CVE-2025-12084.patch @@ -0,0 +1,144 @@ +From 9c9dda6625a2a90d2a06c657eee021d6be19842d Mon Sep 17 00:00:00 2001 +From: "Miss Islington (bot)" + <31488909+miss-islington@users.noreply.github.com> +Date: Mon, 22 Dec 2025 14:48:49 +0100 +Subject: [PATCH] [3.12] gh-142145: Remove quadratic behavior in node ID cache + clearing (GH-142146) (#142211) + +* gh-142145: Remove quadratic behavior in node ID cache clearing (GH-142146) +* gh-142754: Ensure that Element & Attr instances have the ownerDocument attribute (GH-142794) +(cherry picked from commit 1cc7551b3f9f71efbc88d96dce90f82de98b2454) +(cherry picked from commit 08d8e18ad81cd45bc4a27d6da478b51ea49486e4) +(cherry picked from commit 8d2d7bb2e754f8649a68ce4116271a4932f76907) + +Co-authored-by: Jacob Walls <38668450+jacobtylerwalls@users.noreply.github.com> +Co-authored-by: Seth Michael Larson +Co-authored-by: Petr Viktorin +Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com> +Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com> +Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com> +Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com> +Co-authored-by: Gregory P. Smith + +CVE: CVE-2025-12084 +Upstream-Status: Backport [https://github.com/python/cpython/commit/9c9dda6625a2a90d2a06c657eee021d6be19842d] +Signed-off-by: Peter Marko +--- + Lib/test/test_minidom.py | 33 ++++++++++++++++++- + Lib/xml/dom/minidom.py | 11 ++----- + ...-12-01-09-36-45.gh-issue-142145.tcAUhg.rst | 6 ++++ + 3 files changed, 41 insertions(+), 9 deletions(-) + create mode 100644 Misc/NEWS.d/next/Security/2025-12-01-09-36-45.gh-issue-142145.tcAUhg.rst + +diff --git a/Lib/test/test_minidom.py b/Lib/test/test_minidom.py +index 699265ccadc..ab4823c8315 100644 +--- a/Lib/test/test_minidom.py ++++ b/Lib/test/test_minidom.py +@@ -2,13 +2,14 @@ + + import copy + import pickle ++import time + import io + from test import support + import unittest + + import xml.dom.minidom + +-from xml.dom.minidom import parse, Attr, Node, Document, parseString ++from xml.dom.minidom import parse, Attr, Node, Document, Element, parseString + from xml.dom.minidom import getDOMImplementation + from xml.parsers.expat import ExpatError + +@@ -176,6 +177,36 @@ class MinidomTest(unittest.TestCase): + self.confirm(dom.documentElement.childNodes[-1].data == "Hello") + dom.unlink() + ++ @support.requires_resource('cpu') ++ def testAppendChildNoQuadraticComplexity(self): ++ impl = getDOMImplementation() ++ ++ newdoc = impl.createDocument(None, "some_tag", None) ++ top_element = newdoc.documentElement ++ children = [newdoc.createElement(f"child-{i}") for i in range(1, 2 ** 15 + 1)] ++ element = top_element ++ ++ start = time.monotonic() ++ for child in children: ++ element.appendChild(child) ++ element = child ++ end = time.monotonic() ++ ++ # This example used to take at least 30 seconds. ++ # Conservative assertion due to the wide variety of systems and ++ # build configs timing based tests wind up run under. ++ # A --with-address-sanitizer --with-pydebug build on a rpi5 still ++ # completes this loop in <0.5 seconds. ++ self.assertLess(end - start, 4) ++ ++ def testSetAttributeNodeWithoutOwnerDocument(self): ++ # regression test for gh-142754 ++ elem = Element("test") ++ attr = Attr("id") ++ attr.value = "test-id" ++ elem.setAttributeNode(attr) ++ self.assertEqual(elem.getAttribute("id"), "test-id") ++ + def testAppendChildFragment(self): + dom, orig, c1, c2, c3, frag = self._create_fragment_test_nodes() + dom.documentElement.appendChild(frag) +diff --git a/Lib/xml/dom/minidom.py b/Lib/xml/dom/minidom.py +index ef8a159833b..cada981f39f 100644 +--- a/Lib/xml/dom/minidom.py ++++ b/Lib/xml/dom/minidom.py +@@ -292,13 +292,6 @@ def _append_child(self, node): + childNodes.append(node) + node.parentNode = self + +-def _in_document(node): +- # return True iff node is part of a document tree +- while node is not None: +- if node.nodeType == Node.DOCUMENT_NODE: +- return True +- node = node.parentNode +- return False + + def _write_data(writer, data): + "Writes datachars to writer." +@@ -355,6 +348,7 @@ class Attr(Node): + def __init__(self, qName, namespaceURI=EMPTY_NAMESPACE, localName=None, + prefix=None): + self.ownerElement = None ++ self.ownerDocument = None + self._name = qName + self.namespaceURI = namespaceURI + self._prefix = prefix +@@ -680,6 +674,7 @@ class Element(Node): + + def __init__(self, tagName, namespaceURI=EMPTY_NAMESPACE, prefix=None, + localName=None): ++ self.ownerDocument = None + self.parentNode = None + self.tagName = self.nodeName = tagName + self.prefix = prefix +@@ -1539,7 +1534,7 @@ def _clear_id_cache(node): + if node.nodeType == Node.DOCUMENT_NODE: + node._id_cache.clear() + node._id_search_stack = None +- elif _in_document(node): ++ elif node.ownerDocument: + node.ownerDocument._id_cache.clear() + node.ownerDocument._id_search_stack= None + +diff --git a/Misc/NEWS.d/next/Security/2025-12-01-09-36-45.gh-issue-142145.tcAUhg.rst b/Misc/NEWS.d/next/Security/2025-12-01-09-36-45.gh-issue-142145.tcAUhg.rst +new file mode 100644 +index 00000000000..05c7df35d14 +--- /dev/null ++++ b/Misc/NEWS.d/next/Security/2025-12-01-09-36-45.gh-issue-142145.tcAUhg.rst +@@ -0,0 +1,6 @@ ++Remove quadratic behavior in ``xml.minidom`` node ID cache clearing. In order ++to do this without breaking existing users, we also add the *ownerDocument* ++attribute to :mod:`xml.dom.minidom` elements and attributes created by directly ++instantiating the ``Element`` or ``Attr`` class. Note that this way of creating ++nodes is not supported; creator functions like ++:py:meth:`xml.dom.Document.documentElement` should be used instead. diff --git a/meta/recipes-devtools/python/python3_3.12.12.bb b/meta/recipes-devtools/python/python3_3.12.12.bb index b70f434ca9..786f52875a 100644 --- a/meta/recipes-devtools/python/python3_3.12.12.bb +++ b/meta/recipes-devtools/python/python3_3.12.12.bb @@ -35,6 +35,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ file://0001-test_active_children-skip-problematic-test.patch \ file://0001-test_readline-skip-limited-history-test.patch \ file://CVE-2025-6075.patch \ + file://CVE-2025-12084.patch \ " SRC_URI:append:class-native = " \ From patchwork Tue Jan 20 12:08:16 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79167 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id D045AD2ED16 for ; Tue, 20 Jan 2026 12:09:24 +0000 (UTC) Received: from mail-wr1-f42.google.com (mail-wr1-f42.google.com [209.85.221.42]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.5018.1768910954976542443 for ; Tue, 20 Jan 2026 04:09:15 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=mKMTlaGK; spf=pass (domain: smile.fr, ip: 209.85.221.42, mailfrom: yoann.congal@smile.fr) Received: by mail-wr1-f42.google.com with SMTP id ffacd0b85a97d-435903c4040so303596f8f.3 for ; Tue, 20 Jan 2026 04:09:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910953; x=1769515753; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=+tV7x4k7cEXVW4G988bUhCoPX+/hsrKpIjJ+Ew5ybgI=; b=mKMTlaGK3kiCt28DJAPwiur1EfW214LG9iMls3Dpe1Kh0urcoL7NK+i0iz1XASiepe 1xYpPvMTNAKJ+UMY1uyVMeT2kyCSHU0eWVa1nK0RCeCKJsccwFUEcBH5LhwUJxwQYJjE G4c338PTh+DHnE6UQPoHXS42G2a3999Iu7kQM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910953; x=1769515753; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=+tV7x4k7cEXVW4G988bUhCoPX+/hsrKpIjJ+Ew5ybgI=; b=PACKfN7enEBpTI5bIgQQU2tzFtkkkcKPvIWusRkGL2HrgTvYWB2pLvgQrp1/Img4g3 r1Vnwl7ryhcsq5L5GRaCIny/e9/8V9Wbj0ppP+ADqI4rTpbjUq/oEyljlTEHGsKi6m2Q SpEnOBN0QvR+hqmxsxArZ0qAXJPOQIWVDHxBD4qJXLr/S0vC/F6GRCLQcXjTIB4VlC0y +kSMoFSbM5fdy/2I0egdj5aWdWVQattYg93s6gsC2ArRGUd3hgySQD47LhnqsCNx6S4n eA3ty9tMmph0f2vbeHgJc61ddru01l3pbeVMduUw/xW2hviHhGrjMfnCD9Mxt0mWCnVj 5jhw== X-Gm-Message-State: AOJu0Yweyg/P2ZUStMjSBk5Al2eUsxbVmOi7XcT98Hgmktn/EAXVkLYE FGFFivXu68VYjZyB7TnMEg3CHvU9pszqNOYM7OaomhZ3ziZ/+TtrBMu29Emr72/YB4D+4nwrlBp zbpwF X-Gm-Gg: AZuq6aI4kbclBglSQai4fvOtqboKwzfrsa78lje8bgx4bbRsIKtkZS6qJJyNMxEa6fs K+WNMmx4u7S8SHNDMKbIEcnI03ijgbC6WqqFjLQ8sBdoTki1do1bh9b81P79hb+1jaF/RULKTEj pJlo4dUuy3EYzWwnaNX8qROdNgJ679FGjZ/MBJvqUwbmTAPTkGiXm3NTggQBq0tLc7AcoTBu4gg V0GsUrfsrU5R4g7WAdu9gmwYRGhS1+Y6uS6Q+i7x2fP4AV10M122BQ7w5pEi0e1pI/zSr/qC9K5 3Ozor5FTNK1R1WJUPQgPQwPFCd085p7cU/B1GcZV926pFuY3ds8ZAFwsJrSWvmbS6VoSHcyTBIZ GKzOMqGCPIKADjxxrPe/yKhlgCz/SXRQt5bXzXiaW67sRvUVfWMVIj/TPmxuXooIpmdCQqTZ4um NOCn4ukZYdzlXewDcVRtSgF6v55bvpPfUewGJXCPhCdspU+1RjF52A1uHjUqn458fOAyetf/mBC +acsF4eWfikNBkO7tHCzg== X-Received: by 2002:a05:6000:22c4:b0:42f:b65c:1e4f with SMTP id ffacd0b85a97d-4356a02c2b2mr17644150f8f.17.1768910952984; Tue, 20 Jan 2026 04:09:12 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.12 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:12 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 02/22] python3: patch CVE-2025-13836 Date: Tue, 20 Jan 2026 13:08:16 +0100 Message-ID: X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:24 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229680 From: Peter Marko Pick commit from branch 3.12 mentioned in [1]. [1] https://nvd.nist.gov/vuln/detail/CVE-2025-13836 Signed-off-by: Peter Marko Signed-off-by: Yoann Congal --- .../python/python3/CVE-2025-13836.patch | 162 ++++++++++++++++++ .../python/python3_3.12.12.bb | 1 + 2 files changed, 163 insertions(+) create mode 100644 meta/recipes-devtools/python/python3/CVE-2025-13836.patch diff --git a/meta/recipes-devtools/python/python3/CVE-2025-13836.patch b/meta/recipes-devtools/python/python3/CVE-2025-13836.patch new file mode 100644 index 0000000000..b90fc5f0ec --- /dev/null +++ b/meta/recipes-devtools/python/python3/CVE-2025-13836.patch @@ -0,0 +1,162 @@ +From 14b1fdb0a94b96f86fc7b86671ea9582b8676628 Mon Sep 17 00:00:00 2001 +From: "Miss Islington (bot)" + <31488909+miss-islington@users.noreply.github.com> +Date: Mon, 22 Dec 2025 14:50:18 +0100 +Subject: [PATCH] [3.12] gh-119451: Fix a potential denial of service in + http.client (GH-119454) (#142140) + +gh-119451: Fix a potential denial of service in http.client (GH-119454) + +Reading the whole body of the HTTP response could cause OOM if +the Content-Length value is too large even if the server does not send +a large amount of data. Now the HTTP client reads large data by chunks, +therefore the amount of consumed memory is proportional to the amount +of sent data. +(cherry picked from commit 5a4c4a033a4a54481be6870aa1896fad732555b5) + +Co-authored-by: Serhiy Storchaka + +CVE: CVE-2025-13836 +Upstream-Status: Backport [https://github.com/python/cpython/commit/14b1fdb0a94b96f86fc7b86671ea9582b8676628] +Signed-off-by: Peter Marko +--- + Lib/http/client.py | 28 ++++++-- + Lib/test/test_httplib.py | 66 +++++++++++++++++++ + ...-05-23-11-47-48.gh-issue-119451.qkJe9-.rst | 5 ++ + 3 files changed, 95 insertions(+), 4 deletions(-) + create mode 100644 Misc/NEWS.d/next/Security/2024-05-23-11-47-48.gh-issue-119451.qkJe9-.rst + +diff --git a/Lib/http/client.py b/Lib/http/client.py +index fb29923d942..70451d67d4c 100644 +--- a/Lib/http/client.py ++++ b/Lib/http/client.py +@@ -111,6 +111,11 @@ responses = {v: v.phrase for v in http.HTTPStatus.__members__.values()} + _MAXLINE = 65536 + _MAXHEADERS = 100 + ++# Data larger than this will be read in chunks, to prevent extreme ++# overallocation. ++_MIN_READ_BUF_SIZE = 1 << 20 ++ ++ + # Header name/value ABNF (http://tools.ietf.org/html/rfc7230#section-3.2) + # + # VCHAR = %x21-7E +@@ -639,10 +644,25 @@ class HTTPResponse(io.BufferedIOBase): + reading. If the bytes are truly not available (due to EOF), then the + IncompleteRead exception can be used to detect the problem. + """ +- data = self.fp.read(amt) +- if len(data) < amt: +- raise IncompleteRead(data, amt-len(data)) +- return data ++ cursize = min(amt, _MIN_READ_BUF_SIZE) ++ data = self.fp.read(cursize) ++ if len(data) >= amt: ++ return data ++ if len(data) < cursize: ++ raise IncompleteRead(data, amt - len(data)) ++ ++ data = io.BytesIO(data) ++ data.seek(0, 2) ++ while True: ++ # This is a geometric increase in read size (never more than ++ # doubling out the current length of data per loop iteration). ++ delta = min(cursize, amt - cursize) ++ data.write(self.fp.read(delta)) ++ if data.tell() >= amt: ++ return data.getvalue() ++ cursize += delta ++ if data.tell() < cursize: ++ raise IncompleteRead(data.getvalue(), amt - data.tell()) + + def _safe_readinto(self, b): + """Same as _safe_read, but for reading into a buffer.""" +diff --git a/Lib/test/test_httplib.py b/Lib/test/test_httplib.py +index 01f5a101901..e46dac00779 100644 +--- a/Lib/test/test_httplib.py ++++ b/Lib/test/test_httplib.py +@@ -1452,6 +1452,72 @@ class BasicTest(TestCase): + thread.join() + self.assertEqual(result, b"proxied data\n") + ++ def test_large_content_length(self): ++ serv = socket.create_server((HOST, 0)) ++ self.addCleanup(serv.close) ++ ++ def run_server(): ++ [conn, address] = serv.accept() ++ with conn: ++ while conn.recv(1024): ++ conn.sendall( ++ b"HTTP/1.1 200 Ok\r\n" ++ b"Content-Length: %d\r\n" ++ b"\r\n" % size) ++ conn.sendall(b'A' * (size//3)) ++ conn.sendall(b'B' * (size - size//3)) ++ ++ thread = threading.Thread(target=run_server) ++ thread.start() ++ self.addCleanup(thread.join, 1.0) ++ ++ conn = client.HTTPConnection(*serv.getsockname()) ++ try: ++ for w in range(15, 27): ++ size = 1 << w ++ conn.request("GET", "/") ++ with conn.getresponse() as response: ++ self.assertEqual(len(response.read()), size) ++ finally: ++ conn.close() ++ thread.join(1.0) ++ ++ def test_large_content_length_truncated(self): ++ serv = socket.create_server((HOST, 0)) ++ self.addCleanup(serv.close) ++ ++ def run_server(): ++ while True: ++ [conn, address] = serv.accept() ++ with conn: ++ conn.recv(1024) ++ if not size: ++ break ++ conn.sendall( ++ b"HTTP/1.1 200 Ok\r\n" ++ b"Content-Length: %d\r\n" ++ b"\r\n" ++ b"Text" % size) ++ ++ thread = threading.Thread(target=run_server) ++ thread.start() ++ self.addCleanup(thread.join, 1.0) ++ ++ conn = client.HTTPConnection(*serv.getsockname()) ++ try: ++ for w in range(18, 65): ++ size = 1 << w ++ conn.request("GET", "/") ++ with conn.getresponse() as response: ++ self.assertRaises(client.IncompleteRead, response.read) ++ conn.close() ++ finally: ++ conn.close() ++ size = 0 ++ conn.request("GET", "/") ++ conn.close() ++ thread.join(1.0) ++ + def test_putrequest_override_domain_validation(self): + """ + It should be possible to override the default validation +diff --git a/Misc/NEWS.d/next/Security/2024-05-23-11-47-48.gh-issue-119451.qkJe9-.rst b/Misc/NEWS.d/next/Security/2024-05-23-11-47-48.gh-issue-119451.qkJe9-.rst +new file mode 100644 +index 00000000000..6d6f25cd2f8 +--- /dev/null ++++ b/Misc/NEWS.d/next/Security/2024-05-23-11-47-48.gh-issue-119451.qkJe9-.rst +@@ -0,0 +1,5 @@ ++Fix a potential memory denial of service in the :mod:`http.client` module. ++When connecting to a malicious server, it could cause ++an arbitrary amount of memory to be allocated. ++This could have led to symptoms including a :exc:`MemoryError`, swapping, out ++of memory (OOM) killed processes or containers, or even system crashes. diff --git a/meta/recipes-devtools/python/python3_3.12.12.bb b/meta/recipes-devtools/python/python3_3.12.12.bb index 786f52875a..280d98424a 100644 --- a/meta/recipes-devtools/python/python3_3.12.12.bb +++ b/meta/recipes-devtools/python/python3_3.12.12.bb @@ -36,6 +36,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ file://0001-test_readline-skip-limited-history-test.patch \ file://CVE-2025-6075.patch \ file://CVE-2025-12084.patch \ + file://CVE-2025-13836.patch \ " SRC_URI:append:class-native = " \ From patchwork Tue Jan 20 12:08:17 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79173 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2F415D2ED1A for ; Tue, 20 Jan 2026 12:09:25 +0000 (UTC) Received: from mail-wr1-f43.google.com (mail-wr1-f43.google.com [209.85.221.43]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.5019.1768910955248401112 for ; Tue, 20 Jan 2026 04:09:15 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=Q5jwpXr5; spf=pass (domain: smile.fr, ip: 209.85.221.43, mailfrom: yoann.congal@smile.fr) Received: by mail-wr1-f43.google.com with SMTP id ffacd0b85a97d-42fb6ce71c7so4676124f8f.1 for ; Tue, 20 Jan 2026 04:09:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910953; x=1769515753; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=6MLca8ree7MA2qqGYQbmLjTpanUR/5LSGatt4OCvTSg=; b=Q5jwpXr56jBOVLIy1KiFKdJMzZekwkWfvfXYRI8KKpXZpQN8yu/baUYekD4q75DPT0 5ttE8eFgb7hWDRwDP3wiE0PyVXX6o1ycuJr1XBidHwGZOUao35WCkPjw2EnbWEZ6BDBB sSSTNcbtvElfBEYuhSTpY27XI6OanMv92Wrcg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910953; x=1769515753; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=6MLca8ree7MA2qqGYQbmLjTpanUR/5LSGatt4OCvTSg=; b=hZXK53Vu8Rb5tPVh4fpBTwxcoq68Cb12gnPxI/droCUVqxKKpMCV5gibpq1tpjTk+5 vBSCubZC5eekyx9/TKZAiKOMvezwGDIxh22zNqpuks0dLuED8BrgVRVi1hT3AkpJBduX XWg8o52szZteMc15PqOfkrAuaaSN1FRd1su6DpXl3FqMNDC7+pz9k98/pmsHjwQXH197 L08xX6Gkyo0wRz4k3Zwe04In4JhmRi1aDGTqc7TW5wIhsm29gvNw/UpZRwZoO30CBIDj 5wxDbxWGvtNHO0XIquk/4n/1rSkxvO07JfVlLkzCuPR3i/tAQh60I0vWsV8L82StNKoz NhWA== X-Gm-Message-State: AOJu0Yx41yZC/MJR+QTE+72ZyE8TBF6EWW276uJeJVJc8nHVNRBMx0jV o4fDfK+bceCbpc2aKWU78o4Rzn/HfqGCk4jBdFC1d1TrXrYCpKanSPYH3tdPmRn5tHqwD3i1eB+ Tsilj X-Gm-Gg: AZuq6aIAGRko+ReyzsgF0+7Mx4JUmUQKVpY1Z5aSocTAd9Rtw1rGZpENIW0L2kiwjk1 1ZVF69/EQz7+8cYG9FFvVA1B2+eXUGUeZv8oipAkKOHQ8d2aezOMomJRMTnmVUwgP4wM+UkfwxA id2Ugp5xtSJkjnJYqYTcIHr80zBR3vbGDh4glM7OWW3KeZY/udKq7gmInwEjev1fxxKxKOpvnVL l43/UWJdU9oAWkX9VNYvJumdJc5DKo84ir6ZpIoX1FoJcPTVhvZ7bRUdZxMnh08qrCVAxnwKN1M p3KMa38Mz1RdoVMNdHhyxlfWUOOkx/nNzT8JQcAtqluo9Ankzt3sjKtniW2BN3YCqtYWZNPGy3i g7jNF36c0Z97VKJO0rFUIkoKo2Pl2iM6EC2+zP0VSrKVKyemBQ9uAY0JOAVEjRVaLRJ7fIbwqlx S453JzDhuWtpiPxpK/YKNDAf2CrI6JblgSntXVID0xePA2N9eK6K6sgNvehiMthpi38NDSua5O5 GwFp2Kqt8ygYoLLnatpwA== X-Received: by 2002:a5d:584d:0:b0:432:84f9:8bea with SMTP id ffacd0b85a97d-43569bcf38emr20051982f8f.51.1768910953406; Tue, 20 Jan 2026 04:09:13 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:13 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 03/22] util-linux: patch CVE-2025-14104 Date: Tue, 20 Jan 2026 13:08:17 +0100 Message-ID: <6c5e4c2d720dd87274211a5648e5891b198af3f4.1768910519.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:25 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229681 From: Peter Marko Pick patches per [1]. [1] https://security-tracker.debian.org/tracker/CVE-2025-14104 Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- meta/recipes-core/util-linux/util-linux.inc | 2 ++ .../util-linux/CVE-2025-14104-01.patch | 33 +++++++++++++++++++ .../util-linux/CVE-2025-14104-02.patch | 28 ++++++++++++++++ 3 files changed, 63 insertions(+) create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2025-14104-01.patch create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2025-14104-02.patch diff --git a/meta/recipes-core/util-linux/util-linux.inc b/meta/recipes-core/util-linux/util-linux.inc index ccab4b17f4..4797682c5d 100644 --- a/meta/recipes-core/util-linux/util-linux.inc +++ b/meta/recipes-core/util-linux/util-linux.inc @@ -44,6 +44,8 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/util-linux/v${MAJOR_VERSION}/util-lin file://CVE-2024-28085-0002.patch \ file://fstab-isolation.patch \ file://sys-utils-hwclock-rtc-fix-pointer-usage.patch \ + file://CVE-2025-14104-01.patch \ + file://CVE-2025-14104-02.patch \ " SRC_URI[sha256sum] = "7b6605e48d1a49f43cc4b4cfc59f313d0dd5402fa40b96810bd572e167dfed0f" diff --git a/meta/recipes-core/util-linux/util-linux/CVE-2025-14104-01.patch b/meta/recipes-core/util-linux/util-linux/CVE-2025-14104-01.patch new file mode 100644 index 0000000000..23677345c9 --- /dev/null +++ b/meta/recipes-core/util-linux/util-linux/CVE-2025-14104-01.patch @@ -0,0 +1,33 @@ +From aaa9e718c88d6916b003da7ebcfe38a3c88df8e6 Mon Sep 17 00:00:00 2001 +From: Mohamed Maatallah +Date: Sat, 24 May 2025 03:16:09 +0100 +Subject: [PATCH] Update setpwnam.c + +CVE: CVE-2025-14104 +Upstream-Status: Backport [https://github.com/util-linux/util-linux/commit/aaa9e718c88d6916b003da7ebcfe38a3c88df8e6] +Signed-off-by: Peter Marko +--- + login-utils/setpwnam.c | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/login-utils/setpwnam.c b/login-utils/setpwnam.c +index 3e3c1abde..95e470b5a 100644 +--- a/login-utils/setpwnam.c ++++ b/login-utils/setpwnam.c +@@ -126,10 +126,12 @@ int setpwnam(struct passwd *pwd, const char *prefix) + } + + /* Is this the username we were sent to change? */ +- if (!found && linebuf[namelen] == ':' && +- !strncmp(linebuf, pwd->pw_name, namelen)) { +- /* Yes! So go forth in the name of the Lord and +- * change it! */ ++ if (!found && ++ strncmp(linebuf, pwd->pw_name, namelen) == 0 && ++ strlen(linebuf) > namelen && ++ linebuf[namelen] == ':') { ++ /* Yes! But this time let’s not walk past the end of the buffer ++ * in the name of the Lord, SUID, or anything else. */ + if (putpwent(pwd, fp) < 0) + goto fail; + found = 1; diff --git a/meta/recipes-core/util-linux/util-linux/CVE-2025-14104-02.patch b/meta/recipes-core/util-linux/util-linux/CVE-2025-14104-02.patch new file mode 100644 index 0000000000..9d21db2743 --- /dev/null +++ b/meta/recipes-core/util-linux/util-linux/CVE-2025-14104-02.patch @@ -0,0 +1,28 @@ +From 9a36d77012c4c771f8d51eba46b6e62c29bf572a Mon Sep 17 00:00:00 2001 +From: Mohamed Maatallah +Date: Mon, 26 May 2025 10:06:02 +0100 +Subject: [PATCH] Update bufflen + +Update buflen + +CVE: CVE-2025-14104 +Upstream-Status: Backport [https://github.com/util-linux/util-linux/commit/9a36d77012c4c771f8d51eba46b6e62c29bf572a] +Signed-off-by: Peter Marko +--- + login-utils/setpwnam.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/login-utils/setpwnam.c b/login-utils/setpwnam.c +index 95e470b5a..7778e98f7 100644 +--- a/login-utils/setpwnam.c ++++ b/login-utils/setpwnam.c +@@ -99,7 +99,8 @@ int setpwnam(struct passwd *pwd, const char *prefix) + goto fail; + + namelen = strlen(pwd->pw_name); +- ++ if (namelen > buflen) ++ buflen += namelen; + linebuf = malloc(buflen); + if (!linebuf) + goto fail; From patchwork Tue Jan 20 12:08:18 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79177 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3A318D2ED1E for ; Tue, 20 Jan 2026 12:09:25 +0000 (UTC) Received: from mail-wm1-f44.google.com (mail-wm1-f44.google.com [209.85.128.44]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.5021.1768910956120578553 for ; Tue, 20 Jan 2026 04:09:16 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=UIj53Ae1; spf=pass (domain: smile.fr, ip: 209.85.128.44, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f44.google.com with SMTP id 5b1f17b1804b1-4801c731d0aso31229135e9.1 for ; Tue, 20 Jan 2026 04:09:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910954; x=1769515754; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=OIu/n8fx0lwIdDWgzEq1QtXgVT5W2czTZz1M/FtQMMk=; b=UIj53Ae1wMUEIFlLzAVQigoghCXf87N6E+B3I4HIND2efDVuAj57V0uHtkQyJ0s0PP jDgG/+An2IHPIFNovJWirdBItFFjZy+omCKoQYHMB2jeW4JAko9rvov7QNMOVjKzV+dF tr1OEXhCFICF6wJK+W5E5kGI6Cvoq3Pnn5LR0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910954; x=1769515754; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=OIu/n8fx0lwIdDWgzEq1QtXgVT5W2czTZz1M/FtQMMk=; b=I/RztXz25BGSPqoesRg6pAXDxzDUUqg4OnF6uR3MaVn8se1YDT0RGZfPQ6TobqaCmB K68lp34V17vWw0LnFfoxJrLbToZ7ZsAN3ZB1M/3UZp1nIRZnrky8lAdrFkTt6Nh+OQ50 zLXiHavr4G6eCtlMr7F37Au+3Z1kOEqmqc9GsLWzCvNFIU67eB4x8mxxLW6XwVvybII8 W78dxBe6V+D8mrrpl7lAthPCqIXB93OxdwbpOwkbo/PzRwzaAwvfDju/TaYEskYuvcRN 9depo9JtijPIpYslrEuYvbxiryE8sWob1nK3yNCdJ/Lb1anjfwGFWpjBaPqeAiuwnDQ+ A8eQ== X-Gm-Message-State: AOJu0YyF6EpKxYCV8aNKJU6VMisCOJHY2+BQI0WlnBF88w7JY2ebZ35s IhOPE7oQ8spVpvN5O4aOQe2WeQ0qsNuanS5WUMSDWGkxxBB2QS0M4G9lLVgXPDDLBT9BinIVx4k s26+K X-Gm-Gg: AY/fxX73bnm/7QL+a15lOLCvXwit+idsjNMZeGM/2ikmyqhrgfLGMRz/N097nOH6Rxu zEILS8Bz9qvujS/WAwfiTZ+8AgL78N3j1KCT8sp+kHhCpaL1+vaP8IL+pZHprp5PlpGrxBYNxbd MNqMFuOmBz34bxVNsuEWi3PEvs9sTEVBweuiYGZOuE3tohJ0TLKzdDjDhhLE2ZkT+gj6ArapQY4 7tGFtQb+ngAEJkXYardEQhaGyeeLy+ZMhBK3doxV66ff7gbt358bZJCmHWv9ntuuP5vS1zzDuHS 74hLHHZi2eZ9MdpKH057/rSzQcX/OhJ1iNbMRGrZjwhJMODOqA+sUQgJyF/2jDXgtwFi9gPdZ7Y M/3o3uxzAxceVMzzRQwGCla7nrccx7ScUWDfDo+Ko7ugwCj5bNVIlKpQsCO6qzvK9cck3zorufe 5N90MKz/6ko2jqnjwKuW0ANK3glFRxkMlsoNJvy/Jj3KEkCyW7igs3O9qtfuDpjaQXTShU5pYOQ za1B+LKoQhJSElj+2dbvQ== X-Received: by 2002:a05:600c:1991:b0:47e:e4ff:e2ac with SMTP id 5b1f17b1804b1-4801e356cebmr182060405e9.33.1768910954272; Tue, 20 Jan 2026 04:09:14 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:13 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 04/22] qemu: ignore CVE-2025-54566 and CVE-2025-54567 Date: Tue, 20 Jan 2026 13:08:18 +0100 Message-ID: X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:25 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229682 From: Peter Marko These CVEs are not applicable to version 8.2.x as the vulnerable code was introduced inly in 10.0.0. Debian made the analysis, reuse their work. * https://security-tracker.debian.org/tracker/CVE-2025-54566 * https://security-tracker.debian.org/tracker/CVE-2025-54567 Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- meta/recipes-devtools/qemu/qemu.inc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index dde3b0be13..748a32215e 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -88,6 +88,9 @@ CVE_STATUS[CVE-2023-1386] = "disputed: not an issue as per https://bugzilla.redh CVE_STATUS[CVE-2024-7730] = "fixed-version: this is fixed in v8.2.7" +CVE_STATUS[CVE-2025-54566] = "cpe-incorrect: This issue was introduced in v10.0.0-rc0" +CVE_STATUS[CVE-2025-54567] = "cpe-incorrect: This issue was introduced in v10.0.0-rc0" + COMPATIBLE_HOST:mipsarchn32 = "null" COMPATIBLE_HOST:mipsarchn64 = "null" COMPATIBLE_HOST:riscv32 = "null" From patchwork Tue Jan 20 12:08:19 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79172 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1B8AAD2ED1C for ; Tue, 20 Jan 2026 12:09:25 +0000 (UTC) Received: from mail-wr1-f50.google.com (mail-wr1-f50.google.com [209.85.221.50]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.5040.1768910957370183235 for ; Tue, 20 Jan 2026 04:09:17 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=j/NndLk7; spf=pass (domain: smile.fr, ip: 209.85.221.50, mailfrom: yoann.congal@smile.fr) Received: by mail-wr1-f50.google.com with SMTP id ffacd0b85a97d-4358fb60802so333489f8f.1 for ; Tue, 20 Jan 2026 04:09:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910955; x=1769515755; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=8ZLDwqE1n+QcrP7b7razpqFHWPthUb+Ua4LZfNS4D2Y=; b=j/NndLk7Eh5vp+4d8l9tH0zc1AfqhkNh1IH9Et0R/p2MQQYBSEOC7xJEINuzXjPlGo CeG39RuWbYq5edMy8BCuw6eFlvm7cVv8X3n4Ccw5hFQBKNSstbq8bcqZf+BMGdBzpuRw ECeakK4xVtEm7kGIO+0fD1WhwEqdzKqjNS0Hk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910955; x=1769515755; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=8ZLDwqE1n+QcrP7b7razpqFHWPthUb+Ua4LZfNS4D2Y=; b=XnqncrG1cTzb72VN/H8CfgSSVs+4zPleZKkcrIHX4TpRmef/eqml+u79/jBK+j7CCh 1bzUtV4XQqwI6TZH/lht7lDxca0Aeqe+fRmRmyWOmbpFBReNfxVWT1oFwcSvnmvU/z/T +iwxHIB4bpUgRvx6RM0CzH3NL1t1OrgHNWAyYDoEC2Y3Zsr6PFVZN+7U0VFE7f6cwPN8 RsP2oqBssY99zVzFrc1TwbG+GgDiFpfwiV4mkGt2V/LT0Y7MmlkV9BQQtk5fjr4Mi1Dt ujeys1RCQznsSLl9ndFDE2LVFfxhbCq9XOmr+CaU5uB5EKg6fpE+OFoShQx0WZ8jz2S3 BvSQ== X-Gm-Message-State: AOJu0YyLHSVtdvyXfsik8KX7tOiE5aD6UKvdvLPec+lRbJuFoR41OayV 3Hix9SRFS15COw5y7bguiA89CMyUC0TKY4VD4zAl1eyXaM9fDyOp8vm31/wJljaqLoeS1vImyKN qnd1e X-Gm-Gg: AZuq6aKRrxSVx5V2DFk0CWlJLHTbHvzhvGNjRs4DsbjN5aiSRlWheGIbObWNAbQjpEt hoCQI2aeC4tRn+Zxpf7R+12d+9SPNVkEdyxC/uQxzJMqoVhFvGqNp5z/3KCR3fUaRUBliT/UqY6 7ztgwK5sXNFRCXSGDpNIMQseBFocG65SPsS6R6JRBfOjFNliW97Zw2QcuU5Fhj+OT7USn1xHWnS W0ZzaZ2YN7iwU+1kYx65XKt9jC8ZRr7yMLUgHtuowMjPuT9OrfBGiOS/O8/Ie750eOqRa+citvU ip30kcgTCyB+80YDv9geaSih/6iSMJ80UGQZ+hl32YNQa2tZer9MTR6m0wcuMXWIu8rxKh8inwJ /d0F0B46vZEg9IayhicW/DBg9U7jgBjJwjd/4iA6sF3j16Jk4Q4NPIeAfQstDr0Px4QK5HC4NyC eY4ielWmR+SkAEiC+4rQ0t/tM2YHYLUbBTs6zPY+5hRddefm5N4BVgB1MqDxol7MdC4FuvjD0Rg gyxzXGTDt6waYCSIo70Vg== X-Received: by 2002:a05:6000:2505:b0:432:88c4:e180 with SMTP id ffacd0b85a97d-434d75c16a2mr26586159f8f.15.1768910955247; Tue, 20 Jan 2026 04:09:15 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.14 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:14 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 05/22] glib-2.0: patch CVE-2025-13601 Date: Tue, 20 Jan 2026 13:08:19 +0100 Message-ID: <78a28bc320878736978ee72045b6a83fb1085522.1768910519.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:25 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229683 From: Peter Marko Pick commits from [1] per [2]. [1] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914 [2] https://nvd.nist.gov/vuln/detail/CVE-2025-13601 Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../glib-2.0/glib-2.0/CVE-2025-13601-01.patch | 125 +++++++++++++++++ .../glib-2.0/glib-2.0/CVE-2025-13601-02.patch | 128 ++++++++++++++++++ meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb | 2 + 3 files changed, 255 insertions(+) create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-13601-01.patch create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-13601-02.patch diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-13601-01.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-13601-01.patch new file mode 100644 index 0000000000..ae78832579 --- /dev/null +++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-13601-01.patch @@ -0,0 +1,125 @@ +From f28340ee62c655487972ad3c632d231ee098fb7f Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 13 Nov 2025 18:27:22 +0000 +Subject: [PATCH] gconvert: Error out if g_escape_uri_string() would overflow + +If the string to escape contains a very large number of unacceptable +characters (which would need escaping), the calculation of the length of +the escaped string could overflow, leading to a potential write off the +end of the newly allocated string. + +In addition to that, the number of unacceptable characters was counted +in a signed integer, which would overflow to become negative, making it +easier for an attacker to craft an input string which would cause an +out-of-bounds write. + +Fix that by validating the allocation length, and using an unsigned +integer to count the number of unacceptable characters. + +Spotted by treeplus. Thanks to the Sovereign Tech Resilience programme +from the Sovereign Tech Agency. ID: #YWH-PGM9867-134 + +Signed-off-by: Philip Withnall + +Fixes: #3827 + +CVE: CVE-2025-13601 +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/f28340ee62c655487972ad3c632d231ee098fb7f] +Signed-off-by: Peter Marko +--- + glib/gconvert.c | 36 +++++++++++++++++++++++++----------- + 1 file changed, 25 insertions(+), 11 deletions(-) + +diff --git a/glib/gconvert.c b/glib/gconvert.c +index b066dd5a8..a02d2ea73 100644 +--- a/glib/gconvert.c ++++ b/glib/gconvert.c +@@ -1428,8 +1428,9 @@ static const gchar hex[] = "0123456789ABCDEF"; + /* Note: This escape function works on file: URIs, but if you want to + * escape something else, please read RFC-2396 */ + static gchar * +-g_escape_uri_string (const gchar *string, +- UnsafeCharacterSet mask) ++g_escape_uri_string (const gchar *string, ++ UnsafeCharacterSet mask, ++ GError **error) + { + #define ACCEPTABLE(a) ((a)>=32 && (a)<128 && (acceptable[(a)-32] & use_mask)) + +@@ -1437,7 +1438,7 @@ g_escape_uri_string (const gchar *string, + gchar *q; + gchar *result; + int c; +- gint unacceptable; ++ size_t unacceptable; + UnsafeCharacterSet use_mask; + + g_return_val_if_fail (mask == UNSAFE_ALL +@@ -1454,7 +1455,14 @@ g_escape_uri_string (const gchar *string, + if (!ACCEPTABLE (c)) + unacceptable++; + } +- ++ ++ if (unacceptable >= (G_MAXSIZE - (p - string)) / 2) ++ { ++ g_set_error_literal (error, G_CONVERT_ERROR, G_CONVERT_ERROR_BAD_URI, ++ _("The URI is too long")); ++ return NULL; ++ } ++ + result = g_malloc (p - string + unacceptable * 2 + 1); + + use_mask = mask; +@@ -1479,12 +1487,13 @@ g_escape_uri_string (const gchar *string, + + + static gchar * +-g_escape_file_uri (const gchar *hostname, +- const gchar *pathname) ++g_escape_file_uri (const gchar *hostname, ++ const gchar *pathname, ++ GError **error) + { + char *escaped_hostname = NULL; +- char *escaped_path; +- char *res; ++ char *escaped_path = NULL; ++ char *res = NULL; + + #ifdef G_OS_WIN32 + char *p, *backslash; +@@ -1505,10 +1514,14 @@ g_escape_file_uri (const gchar *hostname, + + if (hostname && *hostname != '\0') + { +- escaped_hostname = g_escape_uri_string (hostname, UNSAFE_HOST); ++ escaped_hostname = g_escape_uri_string (hostname, UNSAFE_HOST, error); ++ if (escaped_hostname == NULL) ++ goto out; + } + +- escaped_path = g_escape_uri_string (pathname, UNSAFE_PATH); ++ escaped_path = g_escape_uri_string (pathname, UNSAFE_PATH, error); ++ if (escaped_path == NULL) ++ goto out; + + res = g_strconcat ("file://", + (escaped_hostname) ? escaped_hostname : "", +@@ -1516,6 +1529,7 @@ g_escape_file_uri (const gchar *hostname, + escaped_path, + NULL); + ++out: + #ifdef G_OS_WIN32 + g_free ((char *) pathname); + #endif +@@ -1849,7 +1863,7 @@ g_filename_to_uri (const gchar *filename, + hostname = NULL; + #endif + +- escaped_uri = g_escape_file_uri (hostname, filename); ++ escaped_uri = g_escape_file_uri (hostname, filename, error); + + return escaped_uri; + } diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-13601-02.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-13601-02.patch new file mode 100644 index 0000000000..75c4955316 --- /dev/null +++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-13601-02.patch @@ -0,0 +1,128 @@ +From 7bd3fc372040cdf8eada7f65c32c30da52a7461d Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 13 Nov 2025 18:31:43 +0000 +Subject: [PATCH] fuzzing: Add fuzz tests for g_filename_{to,from}_uri() + +These functions could be called on untrusted input data, and since they +do URI escaping/unescaping, they have non-trivial string handling code. + +Signed-off-by: Philip Withnall + +See: #3827 + +CVE: CVE-2025-13601 +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/7bd3fc372040cdf8eada7f65c32c30da52a7461d] +Signed-off-by: Peter Marko +--- + fuzzing/fuzz_filename_from_uri.c | 40 ++++++++++++++++++++++++++++++++ + fuzzing/fuzz_filename_to_uri.c | 40 ++++++++++++++++++++++++++++++++ + fuzzing/meson.build | 2 ++ + 3 files changed, 82 insertions(+) + create mode 100644 fuzzing/fuzz_filename_from_uri.c + create mode 100644 fuzzing/fuzz_filename_to_uri.c + +diff --git a/fuzzing/fuzz_filename_from_uri.c b/fuzzing/fuzz_filename_from_uri.c +new file mode 100644 +index 000000000..9b7a715f0 +--- /dev/null ++++ b/fuzzing/fuzz_filename_from_uri.c +@@ -0,0 +1,40 @@ ++/* ++ * Copyright 2025 GNOME Foundation, Inc. ++ * ++ * SPDX-License-Identifier: LGPL-2.1-or-later ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2.1 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, see . ++ */ ++ ++#include "fuzz.h" ++ ++int ++LLVMFuzzerTestOneInput (const unsigned char *data, size_t size) ++{ ++ unsigned char *nul_terminated_data = NULL; ++ char *filename = NULL; ++ GError *local_error = NULL; ++ ++ fuzz_set_logging_func (); ++ ++ /* ignore @size (g_filename_from_uri() doesn’t support it); ensure @data is nul-terminated */ ++ nul_terminated_data = (unsigned char *) g_strndup ((const char *) data, size); ++ filename = g_filename_from_uri ((const char *) nul_terminated_data, NULL, &local_error); ++ g_free (nul_terminated_data); ++ ++ g_free (filename); ++ g_clear_error (&local_error); ++ ++ return 0; ++} +diff --git a/fuzzing/fuzz_filename_to_uri.c b/fuzzing/fuzz_filename_to_uri.c +new file mode 100644 +index 000000000..acb319203 +--- /dev/null ++++ b/fuzzing/fuzz_filename_to_uri.c +@@ -0,0 +1,40 @@ ++/* ++ * Copyright 2025 GNOME Foundation, Inc. ++ * ++ * SPDX-License-Identifier: LGPL-2.1-or-later ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2.1 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, see . ++ */ ++ ++#include "fuzz.h" ++ ++int ++LLVMFuzzerTestOneInput (const unsigned char *data, size_t size) ++{ ++ unsigned char *nul_terminated_data = NULL; ++ char *uri = NULL; ++ GError *local_error = NULL; ++ ++ fuzz_set_logging_func (); ++ ++ /* ignore @size (g_filename_to_uri() doesn’t support it); ensure @data is nul-terminated */ ++ nul_terminated_data = (unsigned char *) g_strndup ((const char *) data, size); ++ uri = g_filename_to_uri ((const char *) nul_terminated_data, NULL, &local_error); ++ g_free (nul_terminated_data); ++ ++ g_free (uri); ++ g_clear_error (&local_error); ++ ++ return 0; ++} +diff --git a/fuzzing/meson.build b/fuzzing/meson.build +index addbe9071..05f936eeb 100644 +--- a/fuzzing/meson.build ++++ b/fuzzing/meson.build +@@ -22,6 +22,8 @@ fuzz_targets = [ + 'fuzz_date_parse', + 'fuzz_date_time_new_from_iso8601', + 'fuzz_dbus_message', ++ 'fuzz_filename_from_uri', ++ 'fuzz_filename_to_uri', + 'fuzz_inet_address_mask_new_from_string', + 'fuzz_inet_address_new_from_string', + 'fuzz_inet_socket_address_new_from_string', diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb index 9f93655739..e80ddab4d6 100644 --- a/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb +++ b/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb @@ -33,6 +33,8 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \ file://CVE-2025-6052-01.patch \ file://CVE-2025-6052-02.patch \ file://CVE-2025-6052-03.patch \ + file://CVE-2025-13601-01.patch \ + file://CVE-2025-13601-02.patch \ " SRC_URI:append:class-native = " file://relocate-modules.patch \ file://0001-meson.build-do-not-enable-pidfd-features-on-native-g.patch \ From patchwork Tue Jan 20 12:08:20 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79174 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 07957D2ED1B for ; Tue, 20 Jan 2026 12:09:25 +0000 (UTC) Received: from mail-wm1-f45.google.com (mail-wm1-f45.google.com [209.85.128.45]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.5041.1768910958250106107 for ; Tue, 20 Jan 2026 04:09:18 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=Um9KEsuW; spf=pass (domain: smile.fr, ip: 209.85.128.45, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f45.google.com with SMTP id 5b1f17b1804b1-47ee4539adfso44009905e9.3 for ; Tue, 20 Jan 2026 04:09:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910956; x=1769515756; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=UrqJr1TTWp36RFih9mEq60Ynmchr9fLnTbNCkpppUgY=; b=Um9KEsuWNZS8EBdXuN+zik74DBKZXqVLdUedK2crvtb0Pp6WCS8VLAPFf84ZVTWxBo GZ6Ldc9J7XbIOA3nr8rP3yxA29V7Kk5vnwOaBxd3U2ojIx7hGYYB2utcz8SeyD6DP0ix asAYNkyaza/bHLO5dFoHZK9CvXpi8glYFaNo0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910956; x=1769515756; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=UrqJr1TTWp36RFih9mEq60Ynmchr9fLnTbNCkpppUgY=; b=RVzCkCO+4SCwuHqubq/w5OXkLQ5t3Ci8VytGy5E1I7kFLUSYgwtyOtkfhMGDgDRR3P swSk4kVci9E6k8eMg7YY4WWpg8ue+OAaiZPGjXLrXCxIYcSF86qE0JUEynHCVoQYAzUz 4j1kYAJBpxXkXaBWBMKIP+1phSq0aM7SqcudypCtteL43llUi9EF5Rn+fa0psnPHvnLv 8a36Le1tcAEmdRKD22yaY5xRU8Hm9h9FUazJRMyprfALVrZe2VD1Nlyr+OwUKUo2jb0X ci+5ZTv4ebigcuECOt1ibqHFGyuiUlemJMCfJu+PjhtH9W/52N3QS5wRoNHhJvvKr8d3 xW7A== X-Gm-Message-State: AOJu0Yw7gm9CHYx22eYQmj6XQSeaDAWfHTlBC1PhP9YXC2tR7wiz/UTR jc6KFrk1hQG1HoVAlQej5y9O4a8+NdafF/IxjOPcFN117Ty7oBoNkH+reyNepCd8dSiRRhtPbNW zQYZl X-Gm-Gg: AZuq6aL+8Y/PfQBAwptLbxG+LuzYNtUsJW4x7uIBehe5jdYhfZFwDXNPqZxSeXnBgOj Ezsl2n3TWcpxxUIkKKdL69/iQRAVq+LpdtwUIL4o+UMP9LHTt53DVBBr9wTGFcq5to9cD4nAOOp 50baIdmSVchu1kyk2UnGLPPXIVGoHb6VomWGCUFF2/n20zNqWxyd+cruX6uHAvYmxSGa/bxognz AtTVqyv87tUfe0xcAhBdymLcYkNJ/p7WNfCpEXH3J+ZlQ5+cyqGrTG/qLJE36KHjM8EFne1bkvx iOEdnADn+Lwdm1SCKvtsplRxbliW/xOw2MryYQKCa332PzbbzxrezLalvw115qN8sdYzfcBMIo0 9Rh43LQYIk1sgXNAKcdgReNqSPidWpXjSGr0aFHmmaSbVI4T9qAu+sIVdiqTX7PbDUyt099XES2 +Bohom1aeegoukbyNbwDU1xz0u8gROmrTPKwxkZLJwOXuNboZnmPAkyNXOgE0NClw1L63Jm8k6C KTXUh0CSnGXleznugMubw== X-Received: by 2002:a05:6000:186f:b0:432:7d2a:2be4 with SMTP id ffacd0b85a97d-4358ff6fb27mr2282772f8f.60.1768910956174; Tue, 20 Jan 2026 04:09:16 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:15 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 06/22] glib-2.0: patch CVE-2025-14087 Date: Tue, 20 Jan 2026 13:08:20 +0100 Message-ID: X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:25 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229684 From: Peter Marko Pick commits from [1] linked from [2]. [1] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4933 [2] https://gitlab.gnome.org/GNOME/glib/-/issues/3834 Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../glib-2.0/glib-2.0/CVE-2025-14087-01.patch | 69 +++++ .../glib-2.0/glib-2.0/CVE-2025-14087-02.patch | 240 ++++++++++++++++++ .../glib-2.0/glib-2.0/CVE-2025-14087-03.patch | 150 +++++++++++ meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb | 3 + 4 files changed, 462 insertions(+) create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-01.patch create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-02.patch create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-03.patch diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-01.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-01.patch new file mode 100644 index 0000000000..6ff7747018 --- /dev/null +++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-01.patch @@ -0,0 +1,69 @@ +From 31f82e22e21bae520b7228f7f57d357fb20df8a4 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Tue, 25 Nov 2025 19:02:56 +0000 +Subject: [PATCH] gvariant-parser: Fix potential integer overflow parsing + (byte)strings + +The termination condition for parsing string and bytestring literals in +GVariant text format input was subject to an integer overflow for input +string (or bytestring) literals longer than `INT_MAX`. + +Fix that by counting as a `size_t` rather than as an `int`. The counter +can never correctly be negative. + +Spotted by treeplus. Thanks to the Sovereign Tech Resilience programme +from the Sovereign Tech Agency. ID: #YWH-PGM9867-145 + +Signed-off-by: Philip Withnall +Fixes: #3834 + +CVE: CVE-2025-14087 +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/31f82e22e21bae520b7228f7f57d357fb20df8a4] +Signed-off-by: Peter Marko +--- + glib/gvariant-parser.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/glib/gvariant-parser.c b/glib/gvariant-parser.c +index 2f1d3db9f..2d6e9856f 100644 +--- a/glib/gvariant-parser.c ++++ b/glib/gvariant-parser.c +@@ -597,7 +597,7 @@ ast_resolve (AST *ast, + { + GVariant *value; + gchar *pattern; +- gint i, j = 0; ++ size_t i, j = 0; + + pattern = ast_get_pattern (ast, error); + +@@ -1621,9 +1621,9 @@ string_free (AST *ast) + * No leading/trailing space allowed. */ + static gboolean + unicode_unescape (const gchar *src, +- gint *src_ofs, ++ size_t *src_ofs, + gchar *dest, +- gint *dest_ofs, ++ size_t *dest_ofs, + gsize length, + SourceRef *ref, + GError **error) +@@ -1684,7 +1684,7 @@ string_parse (TokenStream *stream, + gsize length; + gchar quote; + gchar *str; +- gint i, j; ++ size_t i, j; + + token_stream_start_ref (stream, &ref); + token = token_stream_get (stream); +@@ -1814,7 +1814,7 @@ bytestring_parse (TokenStream *stream, + gsize length; + gchar quote; + gchar *str; +- gint i, j; ++ size_t i, j; + + token_stream_start_ref (stream, &ref); + token = token_stream_get (stream); diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-02.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-02.patch new file mode 100644 index 0000000000..787c2564ab --- /dev/null +++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-02.patch @@ -0,0 +1,240 @@ +From ac9de0871281cf734f6e269988f90a2521582a08 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Tue, 25 Nov 2025 19:19:16 +0000 +Subject: [PATCH] gvariant-parser: Use size_t to count numbers of child + elements +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Rather than using `gint`, which could overflow for arrays (or dicts, or +tuples) longer than `INT_MAX`. There may be other limits which prevent +parsed containers becoming that long, but we might as well make the type +system reflect the programmer’s intention as best it can anyway. + +For arrays and tuples this is straightforward. For dictionaries, it’s +slightly complicated by the fact that the code used +`dict->n_children == -1` to indicate that the `Dictionary` struct in +question actually represented a single freestanding dict entry. In +GVariant text format, that would be `{1, "one"}`. + +The implementation previously didn’t define the semantics of +`dict->n_children < -1`. + +Now, instead, change `Dictionary.n_children` to `size_t`, and define a +magic value `DICTIONARY_N_CHILDREN_FREESTANDING_ENTRY` to indicate that +the `Dictionary` represents a single freestanding dict entry. + +This magic value is `SIZE_MAX`, and given that a dictionary entry takes +more than one byte to represent in GVariant text format, that means it’s +not possible to have that many entries in a parsed dictionary, so this +magic value won’t be hit by a normal dictionary. An assertion checks +this anyway. + +Spotted while working on #3834. + +Signed-off-by: Philip Withnall + +CVE: CVE-2025-14087 +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/ac9de0871281cf734f6e269988f90a2521582a08] +Signed-off-by: Peter Marko +--- + glib/gvariant-parser.c | 58 ++++++++++++++++++++++++------------------ + 1 file changed, 33 insertions(+), 25 deletions(-) + +diff --git a/glib/gvariant-parser.c b/glib/gvariant-parser.c +index 2d6e9856f..519baa3f3 100644 +--- a/glib/gvariant-parser.c ++++ b/glib/gvariant-parser.c +@@ -650,9 +650,9 @@ static AST *parse (TokenStream *stream, + GError **error); + + static void +-ast_array_append (AST ***array, +- gint *n_items, +- AST *ast) ++ast_array_append (AST ***array, ++ size_t *n_items, ++ AST *ast) + { + if ((*n_items & (*n_items - 1)) == 0) + *array = g_renew (AST *, *array, *n_items ? 2 ** n_items : 1); +@@ -661,10 +661,10 @@ ast_array_append (AST ***array, + } + + static void +-ast_array_free (AST **array, +- gint n_items) ++ast_array_free (AST **array, ++ size_t n_items) + { +- gint i; ++ size_t i; + + for (i = 0; i < n_items; i++) + ast_free (array[i]); +@@ -673,11 +673,11 @@ ast_array_free (AST **array, + + static gchar * + ast_array_get_pattern (AST **array, +- gint n_items, ++ size_t n_items, + GError **error) + { + gchar *pattern; +- gint i; ++ size_t i; + + /* Find the pattern which applies to all children in the array, by l-folding a + * coalesce operation. +@@ -709,7 +709,7 @@ ast_array_get_pattern (AST **array, + * pair of values. + */ + { +- int j = 0; ++ size_t j = 0; + + while (TRUE) + { +@@ -957,7 +957,7 @@ typedef struct + AST ast; + + AST **children; +- gint n_children; ++ size_t n_children; + } Array; + + static gchar * +@@ -990,7 +990,7 @@ array_get_value (AST *ast, + Array *array = (Array *) ast; + const GVariantType *childtype; + GVariantBuilder builder; +- gint i; ++ size_t i; + + if (!g_variant_type_is_array (type)) + return ast_type_error (ast, type, error); +@@ -1076,7 +1076,7 @@ typedef struct + AST ast; + + AST **children; +- gint n_children; ++ size_t n_children; + } Tuple; + + static gchar * +@@ -1086,7 +1086,7 @@ tuple_get_pattern (AST *ast, + Tuple *tuple = (Tuple *) ast; + gchar *result = NULL; + gchar **parts; +- gint i; ++ size_t i; + + parts = g_new (gchar *, tuple->n_children + 4); + parts[tuple->n_children + 1] = (gchar *) ")"; +@@ -1116,7 +1116,7 @@ tuple_get_value (AST *ast, + Tuple *tuple = (Tuple *) ast; + const GVariantType *childtype; + GVariantBuilder builder; +- gint i; ++ size_t i; + + if (!g_variant_type_is_tuple (type)) + return ast_type_error (ast, type, error); +@@ -1308,9 +1308,16 @@ typedef struct + + AST **keys; + AST **values; +- gint n_children; ++ ++ /* Iff this is DICTIONARY_N_CHILDREN_FREESTANDING_ENTRY then this struct ++ * represents a single freestanding dict entry (`{1, "one"}`) rather than a ++ * full dict. In the freestanding case, @keys and @values have exactly one ++ * member each. */ ++ size_t n_children; + } Dictionary; + ++#define DICTIONARY_N_CHILDREN_FREESTANDING_ENTRY ((size_t) -1) ++ + static gchar * + dictionary_get_pattern (AST *ast, + GError **error) +@@ -1325,7 +1332,7 @@ dictionary_get_pattern (AST *ast, + return g_strdup ("Ma{**}"); + + key_pattern = ast_array_get_pattern (dict->keys, +- abs (dict->n_children), ++ (dict->n_children == DICTIONARY_N_CHILDREN_FREESTANDING_ENTRY) ? 1 : dict->n_children, + error); + + if (key_pattern == NULL) +@@ -1356,7 +1363,7 @@ dictionary_get_pattern (AST *ast, + return NULL; + + result = g_strdup_printf ("M%s{%c%s}", +- dict->n_children > 0 ? "a" : "", ++ (dict->n_children > 0 && dict->n_children != DICTIONARY_N_CHILDREN_FREESTANDING_ENTRY) ? "a" : "", + key_char, value_pattern); + g_free (value_pattern); + +@@ -1370,7 +1377,7 @@ dictionary_get_value (AST *ast, + { + Dictionary *dict = (Dictionary *) ast; + +- if (dict->n_children == -1) ++ if (dict->n_children == DICTIONARY_N_CHILDREN_FREESTANDING_ENTRY) + { + const GVariantType *subtype; + GVariantBuilder builder; +@@ -1403,7 +1410,7 @@ dictionary_get_value (AST *ast, + { + const GVariantType *entry, *key, *val; + GVariantBuilder builder; +- gint i; ++ size_t i; + + if (!g_variant_type_is_subtype_of (type, G_VARIANT_TYPE_DICTIONARY)) + return ast_type_error (ast, type, error); +@@ -1444,12 +1451,12 @@ static void + dictionary_free (AST *ast) + { + Dictionary *dict = (Dictionary *) ast; +- gint n_children; ++ size_t n_children; + +- if (dict->n_children > -1) +- n_children = dict->n_children; +- else ++ if (dict->n_children == DICTIONARY_N_CHILDREN_FREESTANDING_ENTRY) + n_children = 1; ++ else ++ n_children = dict->n_children; + + ast_array_free (dict->keys, n_children); + ast_array_free (dict->values, n_children); +@@ -1467,7 +1474,7 @@ dictionary_parse (TokenStream *stream, + maybe_wrapper, dictionary_get_value, + dictionary_free + }; +- gint n_keys, n_values; ++ size_t n_keys, n_values; + gboolean only_one; + Dictionary *dict; + AST *first; +@@ -1510,7 +1517,7 @@ dictionary_parse (TokenStream *stream, + goto error; + + g_assert (n_keys == 1 && n_values == 1); +- dict->n_children = -1; ++ dict->n_children = DICTIONARY_N_CHILDREN_FREESTANDING_ENTRY; + + return (AST *) dict; + } +@@ -1543,6 +1550,7 @@ dictionary_parse (TokenStream *stream, + } + + g_assert (n_keys == n_values); ++ g_assert (n_keys != DICTIONARY_N_CHILDREN_FREESTANDING_ENTRY); + dict->n_children = n_keys; + + return (AST *) dict; diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-03.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-03.patch new file mode 100644 index 0000000000..38348c0927 --- /dev/null +++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14087-03.patch @@ -0,0 +1,150 @@ +From acaabfedff42e974334dd5368e6103d2845aaba6 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Tue, 25 Nov 2025 19:25:58 +0000 +Subject: [PATCH] gvariant-parser: Convert error handling code to use size_t + +The error handling code allows for printing out the range of input bytes +related to a parsing error. This was previously done using `gint`, but +the input could be longer than `INT_MAX`, so it should really be done +using `size_t`. + +Spotted while working on #3834. + +Signed-off-by: Philip Withnall + +CVE: CVE-2025-14087 +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/acaabfedff42e974334dd5368e6103d2845aaba6] +Signed-off-by: Peter Marko +--- + glib/gvariant-parser.c | 36 +++++++++++++++++++++++------------- + 1 file changed, 23 insertions(+), 13 deletions(-) + +diff --git a/glib/gvariant-parser.c b/glib/gvariant-parser.c +index 519baa3f3..1b1ddd654 100644 +--- a/glib/gvariant-parser.c ++++ b/glib/gvariant-parser.c +@@ -91,7 +91,9 @@ g_variant_parser_get_error_quark (void) + + typedef struct + { +- gint start, end; ++ /* Offsets from the start of the input, in bytes. Can be equal when referring ++ * to a point rather than a range. The invariant `end >= start` always holds. */ ++ size_t start, end; + } SourceRef; + + G_GNUC_PRINTF(5, 0) +@@ -106,14 +108,16 @@ parser_set_error_va (GError **error, + GString *msg = g_string_new (NULL); + + if (location->start == location->end) +- g_string_append_printf (msg, "%d", location->start); ++ g_string_append_printf (msg, "%" G_GSIZE_FORMAT, location->start); + else +- g_string_append_printf (msg, "%d-%d", location->start, location->end); ++ g_string_append_printf (msg, "%" G_GSIZE_FORMAT "-%" G_GSIZE_FORMAT, ++ location->start, location->end); + + if (other != NULL) + { + g_assert (other->start != other->end); +- g_string_append_printf (msg, ",%d-%d", other->start, other->end); ++ g_string_append_printf (msg, ",%" G_GSIZE_FORMAT "-%" G_GSIZE_FORMAT, ++ other->start, other->end); + } + g_string_append_c (msg, ':'); + +@@ -140,11 +144,15 @@ parser_set_error (GError **error, + + typedef struct + { ++ /* We should always have the following ordering constraint: ++ * start <= this <= stream <= end ++ * Additionally, unless in an error or EOF state, `this < stream`. ++ */ + const gchar *start; + const gchar *stream; + const gchar *end; + +- const gchar *this; ++ const gchar *this; /* (nullable) */ + } TokenStream; + + +@@ -175,7 +183,7 @@ token_stream_set_error (TokenStream *stream, + static gboolean + token_stream_prepare (TokenStream *stream) + { +- gint brackets = 0; ++ gssize brackets = 0; + const gchar *end; + + if (stream->this != NULL) +@@ -405,7 +413,7 @@ static void + pattern_copy (gchar **out, + const gchar **in) + { +- gint brackets = 0; ++ gssize brackets = 0; + + while (**in == 'a' || **in == 'm' || **in == 'M') + *(*out)++ = *(*in)++; +@@ -2742,7 +2750,7 @@ g_variant_builder_add_parsed (GVariantBuilder *builder, + static gboolean + parse_num (const gchar *num, + const gchar *limit, +- guint *result) ++ size_t *result) + { + gchar *endptr; + gint64 bignum; +@@ -2752,10 +2760,12 @@ parse_num (const gchar *num, + if (endptr != limit) + return FALSE; + ++ /* The upper bound here is more restrictive than it technically needs to be, ++ * but should be enough for any practical situation: */ + if (bignum < 0 || bignum > G_MAXINT) + return FALSE; + +- *result = (guint) bignum; ++ *result = (size_t) bignum; + + return TRUE; + } +@@ -2766,7 +2776,7 @@ add_last_line (GString *err, + { + const gchar *last_nl; + gchar *chomped; +- gint i; ++ size_t i; + + /* This is an error at the end of input. If we have a file + * with newlines, that's probably the empty string after the +@@ -2911,7 +2921,7 @@ g_variant_parse_error_print_context (GError *error, + + if (dash == NULL || colon < dash) + { +- guint point; ++ size_t point; + + /* we have a single point */ + if (!parse_num (error->message, colon, &point)) +@@ -2929,7 +2939,7 @@ g_variant_parse_error_print_context (GError *error, + /* We have one or two ranges... */ + if (comma && comma < colon) + { +- guint start1, end1, start2, end2; ++ size_t start1, end1, start2, end2; + const gchar *dash2; + + /* Two ranges */ +@@ -2945,7 +2955,7 @@ g_variant_parse_error_print_context (GError *error, + } + else + { +- guint start, end; ++ size_t start, end; + + /* One range */ + if (!parse_num (error->message, dash, &start) || !parse_num (dash + 1, colon, &end)) diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb index e80ddab4d6..f4df61c896 100644 --- a/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb +++ b/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb @@ -35,6 +35,9 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \ file://CVE-2025-6052-03.patch \ file://CVE-2025-13601-01.patch \ file://CVE-2025-13601-02.patch \ + file://CVE-2025-14087-01.patch \ + file://CVE-2025-14087-02.patch \ + file://CVE-2025-14087-03.patch \ " SRC_URI:append:class-native = " file://relocate-modules.patch \ file://0001-meson.build-do-not-enable-pidfd-features-on-native-g.patch \ From patchwork Tue Jan 20 12:08:21 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79175 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1C382D2ED1D for ; Tue, 20 Jan 2026 12:09:25 +0000 (UTC) Received: from mail-wm1-f48.google.com (mail-wm1-f48.google.com [209.85.128.48]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.5042.1768910958680656605 for ; Tue, 20 Jan 2026 04:09:18 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=246PIiqz; spf=pass (domain: smile.fr, ip: 209.85.128.48, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f48.google.com with SMTP id 5b1f17b1804b1-47ee4539adfso44009995e9.3 for ; Tue, 20 Jan 2026 04:09:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910957; x=1769515757; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=LkjmSAKt0Gg0OCpmRuhXxiy9bc+7Ga8tR+m7S57RKxY=; b=246PIiqzCri4CsXjxI0D/DPEyIg5xmP13MT3wR8p7fceerte1KU0/IF8QFQvdEPrb4 3c0Ql1bRxoAH/CgCFEspdUNYnNxwT2bTWN0WF9d5XKIBFSJcIW+8gxk/IHZEPip6KD1P S+GKtETFX8BOd0ZmImXgSO4GSQLl67E7JOqfM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910957; x=1769515757; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=LkjmSAKt0Gg0OCpmRuhXxiy9bc+7Ga8tR+m7S57RKxY=; b=nmPfPp+MbViK1FsYBHhdtmOVwtDxGHrlr5CwsHZU9mIHa+eKXnRXh1VAL7KxGC7DO7 rY1IvvmD2VJ6TDhl6/QfsoqXEd7JvY/w42LmydSW4fVcT5uucYZmAK01hn6qbtbqiCPw gChefkK2NL81HiNwWXQ7DVSwLRtxPOiCr1giKLbEkcVMPSMZOqpyyG3ZLs84Ozhrc78W HzNkMKXCYMc/38EFd54gbFcekVcDCcbcHzk4XGKCLGQ4gtIp3P+TijJKFFZc6fL45fwK wfLsAnpj/mInzcW+lHp/I/Ipe/38u5XiHF2kgWN/LQQj0xsWg/166VlryPfQHofpXG1W D2cg== X-Gm-Message-State: AOJu0Yy8Qs2u9TCpWGECzaHbd3xDtxQX6CSBYLHhn8zSKin+QSPJg9iT 57NI2SSHqNUlqafvGUmk4r2ncmnQETBDKLeK0DXyyN3e7Bbx/oLlN9UxE9HMzw07UOFncVyjRgz lon/y X-Gm-Gg: AY/fxX7NXqz7FzAc/O9vBFwuW5wqhKAhr4fzlS0YNe01YoSs9bZ5G2kR1eGSEn93DMr qgzylYlKD+PX5tAif8fLnk04LTzzJeYY7V0JIiX2pMpCvKDooc7afY4uiE2CLgQ6rpxhzlk+XcE Xn8XxjweyOehmUN/sD7tFh67U9ie4feZkGwj0O7fJTELZHawZqm36Kis+DNh7puGXrpTemn6t8P bVzJkHEYlnf3f5ZBnAtIHM8Pr+DbBetgZaEnfmXF9OJ8HWXJo1vlqbWVtAnVBzBlUUg21qvz3yC FEk2nYsvTXdWsSp8qcO3CrHQWcYqGVoP5ZqZ1ZAJQ/TVqLc0vxdP9hiPo5CbJy4020L7lbqSKHK R2XFr1oDGtlQeMTuRf64lMp4Zx7vgiFjshv+aFCCRaeLiBYqWnOa1LwZn6vVvnDZPpENorYfJwF uvjcgrf+5V7HxajpIG/T1U2xLw1VRANdid1GOIsvHVaFTenWB16iteQMb3BHHHij/uf6HqdXfp1 iTCpfWBc8wrDtCQROcX9g== X-Received: by 2002:a05:600c:820b:b0:47a:9560:ec28 with SMTP id 5b1f17b1804b1-4803e7a2d1dmr21465195e9.13.1768910956767; Tue, 20 Jan 2026 04:09:16 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:16 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 07/22] glib-2.0: patch CVE-2025-14512 Date: Tue, 20 Jan 2026 13:08:21 +0100 Message-ID: X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:25 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229685 From: Peter Marko Pick patch from [1] linked from [2]. [1] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4935 [2] https://gitlab.gnome.org/GNOME/glib/-/issues/3845 Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../glib-2.0/glib-2.0/CVE-2025-14512.patch | 70 +++++++++++++++++++ meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb | 1 + 2 files changed, 71 insertions(+) create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14512.patch diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14512.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14512.patch new file mode 100644 index 0000000000..689a433079 --- /dev/null +++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-14512.patch @@ -0,0 +1,70 @@ +From 1909d8ea9297287f1ff6862968608dcf06e60523 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 4 Dec 2025 16:37:19 +0000 +Subject: [PATCH] gfileattribute: Fix integer overflow calculating escaping for + byte strings + +The number of invalid characters in the byte string (characters which +would have to be percent-encoded) was only stored in an `int`, which +gave the possibility of a long string largely full of invalid +characters overflowing this and allowing an attacker-controlled buffer +size to be allocated. + +This could be triggered by an attacker controlled file attribute (of +type `G_FILE_ATTRIBUTE_TYPE_BYTE_STRING`), such as +`G_FILE_ATTRIBUTE_THUMBNAIL_PATH` or `G_FILE_ATTRIBUTE_STANDARD_NAME`, +being read by user code. + +Spotted by Codean Labs. + +Signed-off-by: Philip Withnall + +Fixes: #3845 + +CVE: CVE-2025-14512 +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/1909d8ea9297287f1ff6862968608dcf06e60523] +Signed-off-by: Peter Marko +--- + gio/gfileattribute.c | 11 +++++++++-- + 1 file changed, 9 insertions(+), 2 deletions(-) + +diff --git a/gio/gfileattribute.c b/gio/gfileattribute.c +index c6fde60fa..d3083e5bd 100644 +--- a/gio/gfileattribute.c ++++ b/gio/gfileattribute.c +@@ -22,6 +22,7 @@ + + #include "config.h" + ++#include + #include + + #include "gfileattribute.h" +@@ -273,11 +274,12 @@ valid_char (char c) + return c >= 32 && c <= 126 && c != '\\'; + } + ++/* Returns NULL on error */ + static char * + escape_byte_string (const char *str) + { + size_t i, len; +- int num_invalid; ++ size_t num_invalid; + char *escaped_val, *p; + unsigned char c; + const char hex_digits[] = "0123456789abcdef"; +@@ -295,7 +297,12 @@ escape_byte_string (const char *str) + return g_strdup (str); + else + { +- escaped_val = g_malloc (len + num_invalid*3 + 1); ++ /* Check for overflow. We want to check the inequality: ++ * !(len + num_invalid * 3 + 1 > SIZE_MAX) */ ++ if (num_invalid >= (SIZE_MAX - len) / 3) ++ return NULL; ++ ++ escaped_val = g_malloc (len + num_invalid * 3 + 1); + + p = escaped_val; + for (i = 0; i < len; i++) diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb index f4df61c896..c7e18c7bc4 100644 --- a/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb +++ b/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb @@ -38,6 +38,7 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \ file://CVE-2025-14087-01.patch \ file://CVE-2025-14087-02.patch \ file://CVE-2025-14087-03.patch \ + file://CVE-2025-14512.patch \ " SRC_URI:append:class-native = " file://relocate-modules.patch \ file://0001-meson.build-do-not-enable-pidfd-features-on-native-g.patch \ From patchwork Tue Jan 20 12:08:22 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79170 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0506FD2ED18 for ; Tue, 20 Jan 2026 12:09:25 +0000 (UTC) Received: from mail-wm1-f49.google.com (mail-wm1-f49.google.com [209.85.128.49]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.5023.1768910959320155816 for ; Tue, 20 Jan 2026 04:09:19 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=WT+Wc7tW; spf=pass (domain: smile.fr, ip: 209.85.128.49, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f49.google.com with SMTP id 5b1f17b1804b1-47ee76e8656so61610715e9.0 for ; Tue, 20 Jan 2026 04:09:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910957; x=1769515757; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=WtIwrkAXe8ujFzMM9E7VPDYLbfHd62lldi4kDIDHTm8=; b=WT+Wc7tW/6Y1bM9aMMHeAIHSxf0+KUcj9n+278QbrGDHBvVdvuy5L7rlzN4mlsonCr T8TN6za/xUKqWguXCAMdJAo2KjZhyuX5UXmB+lrd5VXwMzNBgO7kbpfoXgzRNR6MiDf9 EnU1PqfGm39GcdH+uD1QnLrDqyWlE+/aYfeuA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910957; x=1769515757; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=WtIwrkAXe8ujFzMM9E7VPDYLbfHd62lldi4kDIDHTm8=; b=Kvq2bgdYOTo83DZDcMqb1NO2OnUESUWUViTe3y5aETE7IvIXNCob3LVEs2QYa2ogli CeDnqq65ZRBZrc/QlB4DgqrXiX45buaVsXRYd7XiCiyEoKOVjFZt8zsPkC8pl0Pcb5dB D3/S+zVWEOSVNfVINUbBYJLAjErDXxyL47jknS+HKEwuohW8ITunl/67Hp4KbWiaFN/7 XLt2cko2aXPtu9iw+ujKUyIc56A+KkzmXGHROKyG44akKxDPndTOtpXJbFZJS7UpjmQi oe8RF25+atDzwGVg1lSCWh3adJEvHsUyJcRKA9c/ygNZXqafLS+JQvqRL0bJhKeTRsz8 Qzvw== X-Gm-Message-State: AOJu0YwncyU4nZTBV9guUQqlNfXsvZyZ15l48X+bC34LmETVKsaZsRRV psBzeljuxmZjtyL2JF7MWdsyE2yDFa8TbyPKVNP68WKN5xod+5UiRAavPEtQZmRKMZ2+FJItqGY CYak/ X-Gm-Gg: AZuq6aJTjiAwc5wi3nd18e1Wzd+Zs7IQhkRy3zZYGdCkg+q0tCf8KqKTdikaSV7jg9S IWjV8xB7x9LDYfAw8KOKdCe60A1jFHJemf13zHARnCBkfa9FwlUEim1d/zS+BTjI+ifvGwPf1hR wBam1YkpWihCJWAKUQql4LKQRK6RHXVGrVcWKdOg2zuQjjGhnH8iGcffjmZsWhI6o/iHsn2Xz6k j7T25C2Xn3bQ2qVMNMj3RsR0Jpaavk0YEf17003XgRd6TGH1oRlgAa65FKwYJuIH7FLBfjJOYLK jewwEr1mtkncVcVqmehyb28BH+gViZA9Pz/h4Irr2VqY6PtR/spW7MU+Tzo+tVdeMEx0bVHGV2e wdMCrzR3nTq1CqfnYzzDSIcMntqjiK1Oi0R3cfY5Uddoj28hSkf6Kj4jGekrFGWiMj81ZOhhO+N bGPsFThzIREWmFf3TUXTEQn666hKT0cVqwcziXdOSAaEj6YmK657z1S6fJp7WP8RF6MuOVoJYqJ 1++ERBMK5qtSn/eFw5ATQ== X-Received: by 2002:adf:ea4a:0:b0:435:96b7:e0db with SMTP id ffacd0b85a97d-43596b7e1f5mr7181f8f.17.1768910957338; Tue, 20 Jan 2026 04:09:17 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:17 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 08/22] dropbear: patch CVE-2019-6111 Date: Tue, 20 Jan 2026 13:08:22 +0100 Message-ID: X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:25 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229686 From: Peter Marko Pick patch mentioning this CVE number. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../dropbear/dropbear/CVE-2019-6111.patch | 157 ++++++++++++++++++ .../recipes-core/dropbear/dropbear_2022.83.bb | 1 + 2 files changed, 158 insertions(+) create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2019-6111.patch diff --git a/meta/recipes-core/dropbear/dropbear/CVE-2019-6111.patch b/meta/recipes-core/dropbear/dropbear/CVE-2019-6111.patch new file mode 100644 index 0000000000..f488ff92c0 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/CVE-2019-6111.patch @@ -0,0 +1,157 @@ +From 48a17cff6aa104b8e806ddb2191f83f1024060f1 Mon Sep 17 00:00:00 2001 +From: Matt Johnston +Date: Tue, 9 Dec 2025 22:59:19 +0900 +Subject: [PATCH] scp CVE-2019-6111 fix + +Cherry-pick from OpenSSH portable + +391ffc4b9d31 ("upstream: check in scp client that filenames sent during") + +upstream: check in scp client that filenames sent during + +remote->local directory copies satisfy the wildcard specified by the user. + +This checking provides some protection against a malicious server +sending unexpected filenames, but it comes at a risk of rejecting wanted +files due to differences between client and server wildcard expansion rules. + +For this reason, this also adds a new -T flag to disable the check. + +reported by Harry Sintonen +fix approach suggested by markus@; +has been in snaps for ~1wk courtesy deraadt@ + +CVE: CVE-2019-6111 +Upstream-Status: Backport [https://github.com/mkj/dropbear/commit/48a17cff6aa104b8e806ddb2191f83f1024060f1] +Signed-off-by: Peter Marko +--- + scp.c | 38 +++++++++++++++++++++++++++++--------- + 1 file changed, 29 insertions(+), 9 deletions(-) + +diff --git a/scp.c b/scp.c +index 384f2cb..bf98986 100644 +--- a/scp.c ++++ b/scp.c +@@ -76,6 +76,8 @@ + #include "includes.h" + /*RCSID("$OpenBSD: scp.c,v 1.130 2006/01/31 10:35:43 djm Exp $");*/ + ++#include ++ + #include "atomicio.h" + #include "compat.h" + #include "scpmisc.h" +@@ -291,14 +293,14 @@ void verifydir(char *); + + uid_t userid; + int errs, remin, remout; +-int pflag, iamremote, iamrecursive, targetshouldbedirectory; ++int Tflag, pflag, iamremote, iamrecursive, targetshouldbedirectory; + + #define CMDNEEDS 64 + char cmd[CMDNEEDS]; /* must hold "rcp -r -p -d\0" */ + + int response(void); + void rsource(char *, struct stat *); +-void sink(int, char *[]); ++void sink(int, char *[], const char *); + void source(int, char *[]); + void tolocal(int, char *[]); + void toremote(char *, int, char *[]); +@@ -325,8 +327,8 @@ main(int argc, char **argv) + args.list = NULL; + addargs(&args, "%s", ssh_program); + +- fflag = tflag = 0; +- while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:q1246S:o:F:")) != -1) ++ fflag = Tflag = tflag = 0; ++ while ((ch = getopt(argc, argv, "dfl:prtTvBCc:i:P:q1246S:o:F:")) != -1) + switch (ch) { + /* User-visible flags. */ + case '1': +@@ -389,9 +391,12 @@ main(int argc, char **argv) + setmode(0, O_BINARY); + #endif + break; ++ case 'T': ++ Tflag = 1; ++ break; + default: + usage(); +- } ++ } + argc -= optind; + argv += optind; + +@@ -409,7 +414,7 @@ main(int argc, char **argv) + } + if (tflag) { + /* Receive data. */ +- sink(argc, argv); ++ sink(argc, argv, NULL); + exit(errs != 0); + } + if (argc < 2) +@@ -589,7 +594,7 @@ tolocal(int argc, char **argv) + continue; + } + xfree(bp); +- sink(1, argv + argc - 1); ++ sink(1, argv + argc - 1, src); + (void) close(remin); + remin = remout = -1; + } +@@ -822,7 +827,7 @@ bwlimit(int amount) + } + + void +-sink(int argc, char **argv) ++sink(int argc, char **argv, const char *src) + { + static BUF buffer; + struct stat stb; +@@ -836,6 +841,7 @@ sink(int argc, char **argv) + off_t size, statbytes; + int setimes, targisdir, wrerrno = 0; + char ch, *cp, *np, *targ, *why, *vect[1], buf[2048]; ++ char *src_copy = NULL, *restrict_pattern = NULL; + struct timeval tv[2]; + + #define atime tv[0] +@@ -857,6 +863,17 @@ sink(int argc, char **argv) + (void) atomicio(vwrite, remout, "", 1); + if (stat(targ, &stb) == 0 && S_ISDIR(stb.st_mode)) + targisdir = 1; ++ if (src != NULL && !iamrecursive && !Tflag) { ++ /* ++ * Prepare to try to restrict incoming filenames to match ++ * the requested destination file glob. ++ */ ++ if ((src_copy = strdup(src)) == NULL) ++ fatal("strdup failed"); ++ if ((restrict_pattern = strrchr(src_copy, '/')) != NULL) { ++ *restrict_pattern++ = '\0'; ++ } ++ } + for (first = 1;; first = 0) { + cp = buf; + if (atomicio(read, remin, cp, 1) != 1) +@@ -939,6 +956,9 @@ sink(int argc, char **argv) + run_err("error: unexpected filename: %s", cp); + exit(1); + } ++ if (restrict_pattern != NULL && ++ fnmatch(restrict_pattern, cp, 0) != 0) ++ SCREWUP("filename does not match request"); + if (targisdir) { + static char *namebuf = NULL; + static size_t cursize = 0; +@@ -977,7 +997,7 @@ sink(int argc, char **argv) + goto bad; + } + vect[0] = xstrdup(np); +- sink(1, vect); ++ sink(1, vect, src); + if (setimes) { + setimes = 0; + if (utimes(vect[0], tv) < 0) diff --git a/meta/recipes-core/dropbear/dropbear_2022.83.bb b/meta/recipes-core/dropbear/dropbear_2022.83.bb index 2ed8d2c2a1..93563aa3b4 100644 --- a/meta/recipes-core/dropbear/dropbear_2022.83.bb +++ b/meta/recipes-core/dropbear/dropbear_2022.83.bb @@ -29,6 +29,7 @@ SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \ file://0001-cli-runopts.c-add-missing-DROPBEAR_CLI_PUBKEY_AUTH.patch \ file://0001-Avoid-unused-variable-with-DROPBEAR_CLI_PUBKEY_AUTH-.patch \ file://CVE-2025-47203.patch \ + file://CVE-2019-6111.patch \ " SRC_URI[sha256sum] = "bc5a121ffbc94b5171ad5ebe01be42746d50aa797c9549a4639894a16749443b" From patchwork Tue Jan 20 12:08:23 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79171 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F0820D2ED19 for ; Tue, 20 Jan 2026 12:09:24 +0000 (UTC) Received: from mail-wr1-f46.google.com (mail-wr1-f46.google.com [209.85.221.46]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.5043.1768910960333601316 for ; Tue, 20 Jan 2026 04:09:20 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=bja96wVh; spf=pass (domain: smile.fr, ip: 209.85.221.46, mailfrom: yoann.congal@smile.fr) Received: by mail-wr1-f46.google.com with SMTP id ffacd0b85a97d-42fbc305914so4323129f8f.0 for ; Tue, 20 Jan 2026 04:09:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910958; x=1769515758; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=4Fvnn3urU4VsKr83M1pOapn8MpGTS0SOQX9xj4FPrtY=; b=bja96wVhuVnRnkl0SSYxGR8ll0gz5FMfYhAr5pj7JiajC4M9G/lVWz1UNgtl7H48YI pybUlx8mPbPz6gDDGcvQ+0FfOq/1QD+kzz3lfhtQON6b/0CLkIfeOFXx0mFO5Rp2yOCn G99X5k4EVO9nTY77mRWnqskMNsynTGBYjw2wU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910958; x=1769515758; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=4Fvnn3urU4VsKr83M1pOapn8MpGTS0SOQX9xj4FPrtY=; b=JMuA8ZYo54a7SjjW7Pt2P8dE6KaIpUvJrORN3tuaE2pbFp+42cQzI0E8ITsewazEpp e2YrdUSjYs5RpDZ9Z8lXvxHMzchfMF4cjC6fGEXktZETVQ2T3B9L8xS9OcERChJf8wrC s57CkB4Gm4rjURXsd8WCAtVtaNjlOSL1pPQarpHB/UeBObXsAp89qVjmH++yRxDVaMbD WAFv8BfEd/TSo9FtbLfvEE8QDArTwhLvNlUX3GNl5pnzXEvDYMSH839iENtxmTaP4ba4 wO0FJhFq6y+oc1P56rkXoaUBiaq++ibHRGBezhbfVaP2YeUoRBsHSj6G5oRR70cruGrK bhlw== X-Gm-Message-State: AOJu0YxqXf2U/JtITq4889vCtCNIsk11EHjdKb13d3jZGnmZJ45OH5r7 hiDgUQ5cjrV/nT5UVL2YYf6Ctmj5hnvsla2DTi/SwthQjnTdFv82nhjieqxCk62HCVW41F7aHpN 07eaH X-Gm-Gg: AZuq6aKv193AJKLtipQvWV2vfeambGkhzUHM9mcozeu+/nYAMHXetcFx0lJ67Ct3hWq 0v9ctJwM1rAqcE6FV95nfytxoadncobuIbKbDIp5clXdQnJJfnhIQTqVj2BQGoZnUiTxo+8G0B9 mAzZI7Pdf7w0kXkrYffDJT8EH8ncGgmJt0o4NTKVLVGd+4LR8/BvO6CUCvq5L8g4SIlGnUK8Vm5 HnmMqYZQlosf9ae+kDIdYdVSwuNhlnINq/18U0VzXLyx7Wyrt5Fngu1LTvUyTKgKgoFMusGwks/ wLBjtd1uUJDrP3zvWFzn7glMU1+bih1YQEqsXDIrCeQ50nc9Hji49FgpcxV+6tSJVwBzlxtw/vq CI7KQYTZ/LiXd9LroJAtjxRSQQW5y5ne/EfJb7nI7DxCy9JSUXs3aoW0I7+O6KDfCK0w+5h59SG bRD9i8PIUyRjrO/SQZNvkejNFx42yZPt/afY+qepQs7siCwW2x8HSHxV7kkEQy77EEvEcrBq3Fp TSgsjJR3KnEasQEcWS6R4VCoWtjDsW2 X-Received: by 2002:a05:6000:2505:b0:42b:4267:83e9 with SMTP id ffacd0b85a97d-4358fed11efmr2231777f8f.2.1768910957957; Tue, 20 Jan 2026 04:09:17 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.17 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:17 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 09/22] libpcap: patch CVE-2025-11961 Date: Tue, 20 Jan 2026 13:08:23 +0100 Message-ID: <924b68cba6a3decd0c8a477bc1828335551d265d.1768910519.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:24 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229687 From: Peter Marko Pick patch per [1]. Also pick additional preparation patch to apply it cleanly. [1] https://nvd.nist.gov/vuln/detail/CVE-2025-11961 Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../libpcap/libpcap/CVE-2025-11961-01.patch | 38 ++ .../libpcap/libpcap/CVE-2025-11961-02.patch | 433 ++++++++++++++++++ .../libpcap/libpcap_1.10.4.bb | 2 + 3 files changed, 473 insertions(+) create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-01.patch create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-02.patch diff --git a/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-01.patch b/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-01.patch new file mode 100644 index 0000000000..73c3ab3f5c --- /dev/null +++ b/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-01.patch @@ -0,0 +1,38 @@ +From 7224be0fe2f4beb916b7b69141f478facd0f0634 Mon Sep 17 00:00:00 2001 +From: Denis Ovsienko +Date: Sat, 27 Dec 2025 21:36:11 +0000 +Subject: [PATCH] Rename one of the xdtoi() copies to simplify backporting. + +CVE: CVE-2025-11961 +Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/7224be0fe2f4beb916b7b69141f478facd0f0634] +Signed-off-by: Peter Marko +--- + nametoaddr.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/nametoaddr.c b/nametoaddr.c +index dc75495c..bdaacbf1 100644 +--- a/nametoaddr.c ++++ b/nametoaddr.c +@@ -646,7 +646,7 @@ pcap_nametollc(const char *s) + + /* Hex digit to 8-bit unsigned integer. */ + static inline u_char +-xdtoi(u_char c) ++pcapint_xdtoi(u_char c) + { + if (c >= '0' && c <= '9') + return (u_char)(c - '0'); +@@ -728,10 +728,10 @@ pcap_ether_aton(const char *s) + while (*s) { + if (*s == ':' || *s == '.' || *s == '-') + s += 1; +- d = xdtoi(*s++); ++ d = pcapint_xdtoi(*s++); + if (PCAP_ISXDIGIT(*s)) { + d <<= 4; +- d |= xdtoi(*s++); ++ d |= pcapint_xdtoi(*s++); + } + *ep++ = d; + } diff --git a/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-02.patch b/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-02.patch new file mode 100644 index 0000000000..2dca7908ef --- /dev/null +++ b/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11961-02.patch @@ -0,0 +1,433 @@ +From b2d2f9a9a0581c40780bde509f7cc715920f1c02 Mon Sep 17 00:00:00 2001 +From: Denis Ovsienko +Date: Fri, 19 Dec 2025 17:31:13 +0000 +Subject: [PATCH] CVE-2025-11961: Fix OOBR and OOBW in pcap_ether_aton(). + +pcap_ether_aton() has for a long time required its string argument to be +a well-formed MAC-48 address, which is always the case when the argument +comes from other libpcap code, so the function has never validated the +input and used a simple loop to parse any of the three common MAC-48 +address formats. However, the function has also been a part of the +public API, so calling it directly with a malformed address can cause +the loop to read beyond the end of the input string and/or to write +beyond the end of the allocated output buffer. + +To handle invalid input more appropriately, replace the simple loop with +new functions and require the input to match a supported address format. + +This problem was reported by Jin Wei, Kunwei Qian and Ping Chen. + +(backported from commit dd08e53e9380e217ae7c7768da9cc3d7bf37bf83) + +CVE: CVE-2025-11961 +Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/b2d2f9a9a0581c40780bde509f7cc715920f1c02] +Signed-off-by: Peter Marko +--- + gencode.c | 5 + + nametoaddr.c | 367 +++++++++++++++++++++++++++++++++++++++++++++++---- + 2 files changed, 349 insertions(+), 23 deletions(-) + +diff --git a/gencode.c b/gencode.c +index 3ddd15f8..76fb2d82 100644 +--- a/gencode.c ++++ b/gencode.c +@@ -7228,6 +7228,11 @@ gen_ecode(compiler_state_t *cstate, const char *s, struct qual q) + return (NULL); + + if ((q.addr == Q_HOST || q.addr == Q_DEFAULT) && q.proto == Q_LINK) { ++ /* ++ * Because the lexer guards the input string format, in this ++ * context the function returns NULL iff the implicit malloc() ++ * has failed. ++ */ + cstate->e = pcap_ether_aton(s); + if (cstate->e == NULL) + bpf_error(cstate, "malloc"); +diff --git a/nametoaddr.c b/nametoaddr.c +index f9fcd288..f50d0da5 100644 +--- a/nametoaddr.c ++++ b/nametoaddr.c +@@ -703,39 +703,360 @@ __pcap_atodn(const char *s, bpf_u_int32 *addr) + return(32); + } + ++// Man page: "xxxxxxxxxxxx", regexp: "^[0-9a-fA-F]{12}$". ++static u_char ++pcapint_atomac48_xxxxxxxxxxxx(const char *s, uint8_t *addr) ++{ ++ if (strlen(s) == 12 && ++ PCAP_ISXDIGIT(s[0]) && ++ PCAP_ISXDIGIT(s[1]) && ++ PCAP_ISXDIGIT(s[2]) && ++ PCAP_ISXDIGIT(s[3]) && ++ PCAP_ISXDIGIT(s[4]) && ++ PCAP_ISXDIGIT(s[5]) && ++ PCAP_ISXDIGIT(s[6]) && ++ PCAP_ISXDIGIT(s[7]) && ++ PCAP_ISXDIGIT(s[8]) && ++ PCAP_ISXDIGIT(s[9]) && ++ PCAP_ISXDIGIT(s[10]) && ++ PCAP_ISXDIGIT(s[11])) { ++ addr[0] = pcapint_xdtoi(s[0]) << 4 | pcapint_xdtoi(s[1]); ++ addr[1] = pcapint_xdtoi(s[2]) << 4 | pcapint_xdtoi(s[3]); ++ addr[2] = pcapint_xdtoi(s[4]) << 4 | pcapint_xdtoi(s[5]); ++ addr[3] = pcapint_xdtoi(s[6]) << 4 | pcapint_xdtoi(s[7]); ++ addr[4] = pcapint_xdtoi(s[8]) << 4 | pcapint_xdtoi(s[9]); ++ addr[5] = pcapint_xdtoi(s[10]) << 4 | pcapint_xdtoi(s[11]); ++ return 1; ++ } ++ return 0; ++} ++ ++// Man page: "xxxx.xxxx.xxxx", regexp: "^[0-9a-fA-F]{4}(\.[0-9a-fA-F]{4}){2}$". ++static u_char ++pcapint_atomac48_xxxx_3_times(const char *s, uint8_t *addr) ++{ ++ const char sep = '.'; ++ if (strlen(s) == 14 && ++ PCAP_ISXDIGIT(s[0]) && ++ PCAP_ISXDIGIT(s[1]) && ++ PCAP_ISXDIGIT(s[2]) && ++ PCAP_ISXDIGIT(s[3]) && ++ s[4] == sep && ++ PCAP_ISXDIGIT(s[5]) && ++ PCAP_ISXDIGIT(s[6]) && ++ PCAP_ISXDIGIT(s[7]) && ++ PCAP_ISXDIGIT(s[8]) && ++ s[9] == sep && ++ PCAP_ISXDIGIT(s[10]) && ++ PCAP_ISXDIGIT(s[11]) && ++ PCAP_ISXDIGIT(s[12]) && ++ PCAP_ISXDIGIT(s[13])) { ++ addr[0] = pcapint_xdtoi(s[0]) << 4 | pcapint_xdtoi(s[1]); ++ addr[1] = pcapint_xdtoi(s[2]) << 4 | pcapint_xdtoi(s[3]); ++ addr[2] = pcapint_xdtoi(s[5]) << 4 | pcapint_xdtoi(s[6]); ++ addr[3] = pcapint_xdtoi(s[7]) << 4 | pcapint_xdtoi(s[8]); ++ addr[4] = pcapint_xdtoi(s[10]) << 4 | pcapint_xdtoi(s[11]); ++ addr[5] = pcapint_xdtoi(s[12]) << 4 | pcapint_xdtoi(s[13]); ++ return 1; ++ } ++ return 0; ++} ++ + /* +- * Convert 's', which can have the one of the forms: ++ * Man page: "xx:xx:xx:xx:xx:xx", regexp: "^[0-9a-fA-F]{1,2}(:[0-9a-fA-F]{1,2}){5}$". ++ * Man page: "xx-xx-xx-xx-xx-xx", regexp: "^[0-9a-fA-F]{1,2}(-[0-9a-fA-F]{1,2}){5}$". ++ * Man page: "xx.xx.xx.xx.xx.xx", regexp: "^[0-9a-fA-F]{1,2}(\.[0-9a-fA-F]{1,2}){5}$". ++ * (Any "xx" above can be "x", which is equivalent to "0x".) + * +- * "xx:xx:xx:xx:xx:xx" +- * "xx.xx.xx.xx.xx.xx" +- * "xx-xx-xx-xx-xx-xx" +- * "xxxx.xxxx.xxxx" +- * "xxxxxxxxxxxx" ++ * An equivalent (and parametrisable for EUI-64) FSM could be implemented using ++ * a smaller graph, but that graph would be neither acyclic nor planar nor ++ * trivial to verify. + * +- * (or various mixes of ':', '.', and '-') into a new +- * ethernet address. Assumes 's' is well formed. ++ * | ++ * [.] v ++ * +<---------- START ++ * | | ++ * | | [0-9a-fA-F] ++ * | [.] v ++ * +<--------- BYTE0_X ----------+ ++ * | | | ++ * | | [0-9a-fA-F] | ++ * | [.] v | ++ * +<--------- BYTE0_XX | [:\.-] ++ * | | | ++ * | | [:\.-] | ++ * | [.] v | ++ * +<----- BYTE0_SEP_BYTE1 <-----+ ++ * | | ++ * | | [0-9a-fA-F] ++ * | [.] v ++ * +<--------- BYTE1_X ----------+ ++ * | | | ++ * | | [0-9a-fA-F] | ++ * | [.] v | ++ * +<--------- BYTE1_XX | ++ * | | | ++ * | | | ++ * | [.] v | ++ * +<----- BYTE1_SEP_BYTE2 <-----+ ++ * | | ++ * | | [0-9a-fA-F] ++ * | [.] v ++ * +<--------- BYTE2_X ----------+ ++ * | | | ++ * | | [0-9a-fA-F] | ++ * | [.] v | ++ * +<--------- BYTE2_XX | ++ * | | | ++ * | | | ++ * | [.] v | ++ * +<----- BYTE2_SEP_BYTE3 <-----+ ++ * | | ++ * | | [0-9a-fA-F] ++ * | [.] v ++ * +<--------- BYTE3_X ----------+ ++ * | | | ++ * | | [0-9a-fA-F] | ++ * | [.] v | ++ * +<--------- BYTE3_XX | ++ * | | | ++ * | | | ++ * | [.] v | ++ * +<----- BYTE3_SEP_BYTE4 <-----+ ++ * | | ++ * | | [0-9a-fA-F] ++ * | [.] v ++ * +<--------- BYTE4_X ----------+ ++ * | | | ++ * | | [0-9a-fA-F] | ++ * | [.] v | ++ * +<--------- BYTE4_XX | ++ * | | | ++ * | | | ++ * | [.] v | ++ * +<----- BYTE4_SEP_BYTE5 <-----+ ++ * | | ++ * | | [0-9a-fA-F] ++ * | [.] v ++ * +<--------- BYTE5_X ----------+ ++ * | | | ++ * | | [0-9a-fA-F] | ++ * | [.] v | ++ * +<--------- BYTE5_XX | \0 ++ * | | | ++ * | | \0 | ++ * | | v ++ * +--> (reject) +---------> (accept) ++ * ++ */ ++static u_char ++pcapint_atomac48_x_xx_6_times(const char *s, uint8_t *addr) ++{ ++ enum { ++ START, ++ BYTE0_X, ++ BYTE0_XX, ++ BYTE0_SEP_BYTE1, ++ BYTE1_X, ++ BYTE1_XX, ++ BYTE1_SEP_BYTE2, ++ BYTE2_X, ++ BYTE2_XX, ++ BYTE2_SEP_BYTE3, ++ BYTE3_X, ++ BYTE3_XX, ++ BYTE3_SEP_BYTE4, ++ BYTE4_X, ++ BYTE4_XX, ++ BYTE4_SEP_BYTE5, ++ BYTE5_X, ++ BYTE5_XX, ++ } fsm_state = START; ++ uint8_t buf[6]; ++ const char *seplist = ":.-"; ++ char sep; ++ ++ while (*s) { ++ switch (fsm_state) { ++ case START: ++ if (PCAP_ISXDIGIT(*s)) { ++ buf[0] = pcapint_xdtoi(*s); ++ fsm_state = BYTE0_X; ++ break; ++ } ++ goto reject; ++ case BYTE0_X: ++ if (strchr(seplist, *s)) { ++ sep = *s; ++ fsm_state = BYTE0_SEP_BYTE1; ++ break; ++ } ++ if (PCAP_ISXDIGIT(*s)) { ++ buf[0] = buf[0] << 4 | pcapint_xdtoi(*s); ++ fsm_state = BYTE0_XX; ++ break; ++ } ++ goto reject; ++ case BYTE0_XX: ++ if (strchr(seplist, *s)) { ++ sep = *s; ++ fsm_state = BYTE0_SEP_BYTE1; ++ break; ++ } ++ goto reject; ++ case BYTE0_SEP_BYTE1: ++ if (PCAP_ISXDIGIT(*s)) { ++ buf[1] = pcapint_xdtoi(*s); ++ fsm_state = BYTE1_X; ++ break; ++ } ++ goto reject; ++ case BYTE1_X: ++ if (*s == sep) { ++ fsm_state = BYTE1_SEP_BYTE2; ++ break; ++ } ++ if (PCAP_ISXDIGIT(*s)) { ++ buf[1] = buf[1] << 4 | pcapint_xdtoi(*s); ++ fsm_state = BYTE1_XX; ++ break; ++ } ++ goto reject; ++ case BYTE1_XX: ++ if (*s == sep) { ++ fsm_state = BYTE1_SEP_BYTE2; ++ break; ++ } ++ goto reject; ++ case BYTE1_SEP_BYTE2: ++ if (PCAP_ISXDIGIT(*s)) { ++ buf[2] = pcapint_xdtoi(*s); ++ fsm_state = BYTE2_X; ++ break; ++ } ++ goto reject; ++ case BYTE2_X: ++ if (*s == sep) { ++ fsm_state = BYTE2_SEP_BYTE3; ++ break; ++ } ++ if (PCAP_ISXDIGIT(*s)) { ++ buf[2] = buf[2] << 4 | pcapint_xdtoi(*s); ++ fsm_state = BYTE2_XX; ++ break; ++ } ++ goto reject; ++ case BYTE2_XX: ++ if (*s == sep) { ++ fsm_state = BYTE2_SEP_BYTE3; ++ break; ++ } ++ goto reject; ++ case BYTE2_SEP_BYTE3: ++ if (PCAP_ISXDIGIT(*s)) { ++ buf[3] = pcapint_xdtoi(*s); ++ fsm_state = BYTE3_X; ++ break; ++ } ++ goto reject; ++ case BYTE3_X: ++ if (*s == sep) { ++ fsm_state = BYTE3_SEP_BYTE4; ++ break; ++ } ++ if (PCAP_ISXDIGIT(*s)) { ++ buf[3] = buf[3] << 4 | pcapint_xdtoi(*s); ++ fsm_state = BYTE3_XX; ++ break; ++ } ++ goto reject; ++ case BYTE3_XX: ++ if (*s == sep) { ++ fsm_state = BYTE3_SEP_BYTE4; ++ break; ++ } ++ goto reject; ++ case BYTE3_SEP_BYTE4: ++ if (PCAP_ISXDIGIT(*s)) { ++ buf[4] = pcapint_xdtoi(*s); ++ fsm_state = BYTE4_X; ++ break; ++ } ++ goto reject; ++ case BYTE4_X: ++ if (*s == sep) { ++ fsm_state = BYTE4_SEP_BYTE5; ++ break; ++ } ++ if (PCAP_ISXDIGIT(*s)) { ++ buf[4] = buf[4] << 4 | pcapint_xdtoi(*s); ++ fsm_state = BYTE4_XX; ++ break; ++ } ++ goto reject; ++ case BYTE4_XX: ++ if (*s == sep) { ++ fsm_state = BYTE4_SEP_BYTE5; ++ break; ++ } ++ goto reject; ++ case BYTE4_SEP_BYTE5: ++ if (PCAP_ISXDIGIT(*s)) { ++ buf[5] = pcapint_xdtoi(*s); ++ fsm_state = BYTE5_X; ++ break; ++ } ++ goto reject; ++ case BYTE5_X: ++ if (PCAP_ISXDIGIT(*s)) { ++ buf[5] = buf[5] << 4 | pcapint_xdtoi(*s); ++ fsm_state = BYTE5_XX; ++ break; ++ } ++ goto reject; ++ case BYTE5_XX: ++ goto reject; ++ } // switch ++ s++; ++ } // while ++ ++ if (fsm_state == BYTE5_X || fsm_state == BYTE5_XX) { ++ // accept ++ memcpy(addr, buf, sizeof(buf)); ++ return 1; ++ } ++ ++reject: ++ return 0; ++} ++ ++// The 'addr' argument must point to an array of at least 6 elements. ++static int ++pcapint_atomac48(const char *s, uint8_t *addr) ++{ ++ return s && ( ++ pcapint_atomac48_xxxxxxxxxxxx(s, addr) || ++ pcapint_atomac48_xxxx_3_times(s, addr) || ++ pcapint_atomac48_x_xx_6_times(s, addr) ++ ); ++} ++ ++/* ++ * If 's' is a MAC-48 address in one of the forms documented in pcap-filter(7) ++ * for "ether host", return a pointer to an allocated buffer with the binary ++ * value of the address. Return NULL on any error. + */ + u_char * + pcap_ether_aton(const char *s) + { +- register u_char *ep, *e; +- register u_char d; ++ uint8_t tmp[6]; ++ if (! pcapint_atomac48(s, tmp)) ++ return (NULL); + +- e = ep = (u_char *)malloc(6); ++ u_char *e = malloc(6); + if (e == NULL) + return (NULL); +- +- while (*s) { +- if (*s == ':' || *s == '.' || *s == '-') +- s += 1; +- d = pcapint_xdtoi(*s++); +- if (PCAP_ISXDIGIT(*s)) { +- d <<= 4; +- d |= pcapint_xdtoi(*s++); +- } +- *ep++ = d; +- } +- ++ memcpy(e, tmp, sizeof(tmp)); + return (e); + } + diff --git a/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb b/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb index 36eb4bca75..df091e5ca2 100644 --- a/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb +++ b/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb @@ -14,6 +14,8 @@ SRC_URI = "https://www.tcpdump.org/release/${BP}.tar.gz \ file://CVE-2023-7256-pre1.patch \ file://CVE-2023-7256.patch \ file://CVE-2024-8006.patch \ + file://CVE-2025-11961-01.patch \ + file://CVE-2025-11961-02.patch \ " SRC_URI[sha256sum] = "ed19a0383fad72e3ad435fd239d7cd80d64916b87269550159d20e47160ebe5f" From patchwork Tue Jan 20 12:08:24 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79166 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id E2EF8D2ED17 for ; Tue, 20 Jan 2026 12:09:24 +0000 (UTC) Received: from mail-wr1-f53.google.com (mail-wr1-f53.google.com [209.85.221.53]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.5024.1768910960525535898 for ; Tue, 20 Jan 2026 04:09:20 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=TrQ3nf7Y; spf=pass (domain: smile.fr, ip: 209.85.221.53, mailfrom: yoann.congal@smile.fr) Received: by mail-wr1-f53.google.com with SMTP id ffacd0b85a97d-430fbb6012bso4488634f8f.1 for ; Tue, 20 Jan 2026 04:09:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910958; x=1769515758; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=t6ib1HyLTnzDH59OrmzQ+JBc9Kwzr5LuB62JjkW/KEo=; b=TrQ3nf7Y0bFbiUNy19foheSkI8QhgCZl5xAdVCClz76d3TvrqErNWt708v9+oSkLJD 5rPE4capL5DsIxaUrfPZFOTSj1reBZVNvb6uY0042PlGiDiCjoMt3hUkPAL48yCxd0fK UKCfJpCYJROOg3AzIJnp9WC+ABqhHtC1L1rLc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910958; x=1769515758; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=t6ib1HyLTnzDH59OrmzQ+JBc9Kwzr5LuB62JjkW/KEo=; b=rbhozZ8clDHbnHgFcIYMReRviVJw1h6suW0dDIS7xNL2qdFrRgpa42XYJnqQO83s+T HdSrh8YF8C9Ng7SIZEqTO3OLVwKHgZuE/2KAOTJfVymII3hqGBnKScCIcAwpBj69K0ND mYOJi/6XARqx9dpj4cUxoywRYscVgxrTfTxS6vswSzCMFHqADtgPeUmbQgNyNGI3DQo7 +oyIM79kfIm471gLilhc1SM2XshYE1jDCjdiA3L6eynlY6jTqoh41t/T4twBf9UtNdYV mlCpLsZg9PCY8ln1ROVAtenM+f9UeEOqvl/5dWqqrbUoS5P41L/bZUbnG3SNMGb1+Y9M mNhA== X-Gm-Message-State: AOJu0YxOUv7Skizft954+5gmA0U2uYx5mnT6kyhPj7REsd9UxWfP0i0W gYiw9WvEcz2sy+sJIE6hXcWs0WZPeaRZJMnaDAPnLxTnOrqRe31qjP+7ilxmaivzPz73xRjuokA WWvC7 X-Gm-Gg: AZuq6aJdeNR4dqjNAFZ5zp1L/18KfZH2zU9pI4Va/viaDcnUPxv1iBDKmR/tN+HYa2G jKJjqmxL5cs9tnNTmkwTEHuYapSQz18U6JlbzQQ267gw7Vmdxe3jXvOVN4dlYsBgosaHlyqTDyh ADtP+pygVJn4G+BnYpvJZSEDhM+1cnwOZ7FSgUzK7Rf6uvL+43co5fvyCBxsAQgrPSGqn83Kz+1 ky8LuHBZrB5S1VYtyLR5TIz1ZimM3jCRV+huF8ePupR59JCGAXAWlpqoVg5lQzE6ExCGZzxo8kV vHi/1MzQylndjsabrCix78Cl79wssG3pZGzVJZr34eChJmkWeKXWrQ4DdFeBrS/WJ0obdW/34wm MV2B8MmWhCaWhaIXV01HsWTuVlX/B8o7u+QYC5nYTPbpwQLZGMiOCGX5xt9RXpZXWXjdIVb2QLB 2hdo1AvUIO4CtSWBg6mCqV1zoMIrEa3KhXi5eQe30J03N5bUXaaVgWzHs6Vaih41f2j7hwW16oW HRPZSY8y8s9MWuCJozzMtO68F8+uGgn X-Received: by 2002:a05:6000:2386:b0:42f:bab5:953b with SMTP id ffacd0b85a97d-4358fed7979mr2502295f8f.16.1768910958502; Tue, 20 Jan 2026 04:09:18 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:18 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 10/22] libpcap: patch CVE-2025-11964 Date: Tue, 20 Jan 2026 13:08:24 +0100 Message-ID: <58f0bb5bef7092585c53dda9fc8bfa2955a27c1a.1768910519.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:24 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229688 From: Peter Marko Pick patch per [1]. [1] https://nvd.nist.gov/vuln/detail/CVE-2025-11964 Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../libpcap/libpcap/CVE-2025-11964.patch | 33 +++++++++++++++++++ .../libpcap/libpcap_1.10.4.bb | 1 + 2 files changed, 34 insertions(+) create mode 100644 meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch diff --git a/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch b/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch new file mode 100644 index 0000000000..003d21fb1f --- /dev/null +++ b/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch @@ -0,0 +1,33 @@ +From 7fabf607f2319a36a0bd78444247180acb838e69 Mon Sep 17 00:00:00 2001 +From: Guy Harris +Date: Sun, 7 Sep 2025 12:51:56 -0700 +Subject: [PATCH] Fix a copy-and-pasteo in utf_16le_to_utf_8_truncated(). + +For the four octets of UTF-8 case, it was decrementing the remaining +buffer length by 3, not 4. + +Thanks to a team of developers from the Univesity of Waterloo for +reporting this. + +(cherry picked from commit aebfca1aea2fc8c177760a26e8f4de27b51d1b3b) + +CVE: CVE-2025-11964 +Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/7fabf607f2319a36a0bd78444247180acb838e69] +Signed-off-by: Peter Marko +--- + fmtutils.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/fmtutils.c b/fmtutils.c +index a5a4fe62..78a0f8b7 100644 +--- a/fmtutils.c ++++ b/fmtutils.c +@@ -235,7 +235,7 @@ utf_16le_to_utf_8_truncated(const wchar_t *utf_16, char *utf_8, + *utf_8++ = ((uc >> 12) & 0x3F) | 0x80; + *utf_8++ = ((uc >> 6) & 0x3F) | 0x80; + *utf_8++ = ((uc >> 0) & 0x3F) | 0x80; +- utf_8_len -= 3; ++ utf_8_len -= 4; + } + } + diff --git a/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb b/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb index df091e5ca2..ee7d7540f6 100644 --- a/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb +++ b/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb @@ -16,6 +16,7 @@ SRC_URI = "https://www.tcpdump.org/release/${BP}.tar.gz \ file://CVE-2024-8006.patch \ file://CVE-2025-11961-01.patch \ file://CVE-2025-11961-02.patch \ + file://CVE-2025-11964.patch \ " SRC_URI[sha256sum] = "ed19a0383fad72e3ad435fd239d7cd80d64916b87269550159d20e47160ebe5f" From patchwork Tue Jan 20 12:08:25 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79169 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id DFB79D2ED0F for ; Tue, 20 Jan 2026 12:09:24 +0000 (UTC) Received: from mail-wr1-f43.google.com (mail-wr1-f43.google.com [209.85.221.43]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.5044.1768910961426933843 for ; Tue, 20 Jan 2026 04:09:21 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=elbsHGOM; spf=pass (domain: smile.fr, ip: 209.85.221.43, mailfrom: yoann.congal@smile.fr) Received: by mail-wr1-f43.google.com with SMTP id ffacd0b85a97d-42fbc305914so4323144f8f.0 for ; Tue, 20 Jan 2026 04:09:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910960; x=1769515760; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=+ekrIi5oc/E9E3aF5xTNsK6i4oyqFTtT5ldUTnMHl5o=; b=elbsHGOM/P7TvRUJSpHUNDfUvsRASQpAW1SDlCYO0TqH4hTVWEJjaQZ+IrgFmWHHFd bV+n3nki69Aktx8BlizAUxbdKyljPQN98kHMtZYyaGpLylSi1WCgX0Zubue/bRGdu7Mf TklzhmnF9RiWjcFp9s8NONgk4E/1hzA8DnMN8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910960; x=1769515760; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=+ekrIi5oc/E9E3aF5xTNsK6i4oyqFTtT5ldUTnMHl5o=; b=uMwJy8IUeBB3+lhJmVgr+dwHYeeknvTJQumf+6pQkYbytvNqbpMrPQmscpFX2DdClR bUmwLG73Im5TLhWTU8YpiqwxP2hj1L9rEOvwuJJsE9+1OOA8D5nWU9AKTxMn3QzHH2sx 0CKsX7Wapz/thQH/SkdjMsljpsIoDbSq2DnxzMczq7AAzvjdXoyPBBOEgcJtIMHNl8fs lwmCNvsdHR003vXidITPvFyGMvfN9Rgtvw3pymMS1jT9wYrdYxDGgvmqUus/RSMu8usN a9sdTagSamW3Hp/7Rvji+GWC/44dOHpE0pE7xj1UzDGliJBT6qeVadZzbacgmQZJoH/L x4Pw== X-Gm-Message-State: AOJu0Yz3Cv4rNXZQIMqmRN0I5TKSxGivqAjezUJVdUDdL9w1rSjExTON Sie7o2VdjtO8dOR6PJOL42MsNaBDsAV2jhpELet/Ero3HIQmbYT9B6vIVCaQ4WXJ7N0iKdkyzN0 wI1rL X-Gm-Gg: AZuq6aLa6w6jtmiBO4BawbjtojlgUIsUHvgpaAviG3l5MEha2Pdwoh0mEc5PfUl9Dsp JHZGFmSDMyQNWGgTvmd3dg7hwo44qvyxSW85lnJ+/4oVljWDDqAUBuR48jtgJPHnHVLNLrEBJ8x TBN2OX97sx0e4XkrqVFQIxVHvLmGVMr8DlqJkbXB6AJ8qY+jNP9liZJPA/NPS6PEk+9UpRbZVKN LlHAxKclM2DumsJ/tDs8VXt+7EKFGKVJ/hnbCm//Yjqfp6snx6k5uM9KEmb+f3c+QHR4zhgddOl f71+ydDdz6wQ0Uk0284sNexjNGHL8zIbjxm4LbWSuilmTxAm2+KIyZe2Wj98rgIhr/aWeGZ/evL PruaLpvhhqKI49MeS2cAKaMI8u3U0mbA3NrdYHDccK/TIJskWBKx8LSFCJo9anuPKwO1fPpiLHC OJYxUKqQwj42+vr0LzYlCyJOkoN7zT/Fr+Rm3oQj+NMQsaTcDaihbBeF3eUN8DNyNmerurr1O4t WUPKREDZmBA5lMkm7OP/g== X-Received: by 2002:a05:6000:290a:b0:430:f40f:61ba with SMTP id ffacd0b85a97d-4358ff2b2dcmr2611295f8f.41.1768910959537; Tue, 20 Jan 2026 04:09:19 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:18 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 11/22] cups: allow unknown directives in conf files Date: Tue, 20 Jan 2026 13:08:25 +0100 Message-ID: <534f207c2869c6fbbef5d061607a28b6114c7a22.1768910519.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:24 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229689 From: Peter Marko Patch for CVE-2025-61915 by mistake causes fatal error on unknown directives in configuration files. The default configuration already contains unknown directive in non-systemd setups: Unknown directive IdleExitTimeout on line 32 of /etc/cups/cupsd.conf Backport fix for this from 2.4.x branch which reverts this behavior. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- meta/recipes-extended/cups/cups.inc | 1 + ...pping-scheduler-on-unknown-directive.patch | 43 +++++++++++++++++++ 2 files changed, 44 insertions(+) create mode 100644 meta/recipes-extended/cups/cups/0001-conf.c-Fix-stopping-scheduler-on-unknown-directive.patch diff --git a/meta/recipes-extended/cups/cups.inc b/meta/recipes-extended/cups/cups.inc index 12668ca023..c7475d2b81 100644 --- a/meta/recipes-extended/cups/cups.inc +++ b/meta/recipes-extended/cups/cups.inc @@ -19,6 +19,7 @@ SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/cups-${PV}-source.tar.gz \ file://CVE-2025-58364.patch \ file://CVE-2025-58436.patch \ file://CVE-2025-61915.patch \ + file://0001-conf.c-Fix-stopping-scheduler-on-unknown-directive.patch \ " GITHUB_BASE_URI = "https://github.com/OpenPrinting/cups/releases" diff --git a/meta/recipes-extended/cups/cups/0001-conf.c-Fix-stopping-scheduler-on-unknown-directive.patch b/meta/recipes-extended/cups/cups/0001-conf.c-Fix-stopping-scheduler-on-unknown-directive.patch new file mode 100644 index 0000000000..cf01c82cd6 --- /dev/null +++ b/meta/recipes-extended/cups/cups/0001-conf.c-Fix-stopping-scheduler-on-unknown-directive.patch @@ -0,0 +1,43 @@ +From 277d3b1c49895f070bbf4b73cada011d71fbf9f3 Mon Sep 17 00:00:00 2001 +From: Zdenek Dohnal +Date: Thu, 4 Dec 2025 09:04:37 +0100 +Subject: [PATCH] conf.c: Fix stopping scheduler on unknown directive + +Change the return value to do not trigger stopping the scheduler in case +of unknown directive, because stopping the scheduler on config errors +should only happen in case of syntax errors. + +Upstream-Status: Backport [https://github.com/OpenPrinting/cups/commit/277d3b1c49895f070bbf4b73cada011d71fbf9f3] +Signed-off-by: Peter Marko +--- + scheduler/conf.c | 14 +++++++------- + 1 file changed, 7 insertions(+), 7 deletions(-) + +diff --git a/scheduler/conf.c b/scheduler/conf.c +index 7d6da0252..0e7be0ef4 100644 +--- a/scheduler/conf.c ++++ b/scheduler/conf.c +@@ -2697,16 +2697,16 @@ parse_variable( + { + /* + * Unknown directive! Output an error message and continue... ++ * ++ * Return value 1 is on purpose - we ignore unknown directives to log ++ * error, but do not stop the scheduler in case error in configuration ++ * is set to be fatal. + */ + +- if (!value) +- cupsdLogMessage(CUPSD_LOG_ERROR, "Missing value for %s on line %d of %s.", +- line, linenum, filename); +- else +- cupsdLogMessage(CUPSD_LOG_ERROR, "Unknown directive %s on line %d of %s.", +- line, linenum, filename); ++ cupsdLogMessage(CUPSD_LOG_ERROR, "Unknown directive %s on line %d of %s.", ++ line, linenum, filename); + +- return (0); ++ return (1); + } + + switch (var->type) From patchwork Tue Jan 20 12:08:26 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79165 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id D00C6D2ED15 for ; Tue, 20 Jan 2026 12:09:24 +0000 (UTC) Received: from mail-wr1-f48.google.com (mail-wr1-f48.google.com [209.85.221.48]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.5025.1768910962377198813 for ; Tue, 20 Jan 2026 04:09:22 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=0TcoUeXx; spf=pass (domain: smile.fr, ip: 209.85.221.48, mailfrom: yoann.congal@smile.fr) Received: by mail-wr1-f48.google.com with SMTP id ffacd0b85a97d-42fb2314eb0so4308232f8f.2 for ; Tue, 20 Jan 2026 04:09:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910960; x=1769515760; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=FDaDJElRNALhzi2Lb96qpr3ceKBgWFxHCDkLwtSKZh8=; b=0TcoUeXxzzqZJxaSEInGyITJ7NF5/aWeDtoREALVUgSqYhmGuQi5QoYgBluhepDQne obMDLsX58+KYOOh+SkABmmon7GJlH6VHyUrF3Ima2mfi5k6ixSH++bjpqoNn+J+AaINH yHoXLQbH1PmHWxtZ7s3UBYUJghh2WDICY0lcQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910960; x=1769515760; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=FDaDJElRNALhzi2Lb96qpr3ceKBgWFxHCDkLwtSKZh8=; b=EL/mcmkNgb5NNhvePBCdRj7ChuHZE1sn35jfXQSH8ZFzQtVCjLYb0AmvfS/dCEoOIS kARl6spMCXVR0H0DVbinjRX01GX1/AmKc/mvObZpXjgJ91SsuNmTlhwGYL/mS3poll30 wZvQoimCR9JcMOjDjFOV8NmVw5RLizmCTnHMEk40uulJZx/68Yml5KiCiie6X8ARRMoy G92PjD3m7OTDGeTJJiVMo2zM+2YrP/sLTTA0FIpW6gjFq0D86USfxVpicNXfHup9RWaL Tizb1mLiy9U1aGsjOilv502jAwlWqoazREqOCVuyBBustlHcDEHkxhmySDkk1FnGj2OW FzWQ== X-Gm-Message-State: AOJu0YzTLWoCqiYsWtX4ij5ffpCdfx2oqgFE4U/54rpLgyj4yyVzpYiv xcUIoAoINbvH2DPgHgTpDDVCAnagV5sITSwD6WCKsIFURMLPPHCzQBjfeQqPuKDssRxt92+FjDG riCso X-Gm-Gg: AZuq6aIabK4w7Uc6M3HPxPDL7bGvJtm/TQS9yFneqK8SXGLgdJzLskJAIffExFTVqrg jd2iLzyO9OX3RX2j4Khe4oU2VJSkWWYZyZB2kVu8TZ97syoQnHbx2MWEN94+ZjLJYoJixCbnEVh eufaIFEs54q6QUSnvrjiDPj2lFVaCWcu8ZL63Bh/sktrC+V/WS14rkauHFmD86qw2DJcb+Q3ImF etXtmkmLNipEX+Y1xsQbfIBv7+HWMSmj4i26oX2QWINVfU/PCyMxl8AJSJnUW8KAnddigkUCmvy 1xOwmBy1EY9xjlwAd+Xubl9miQDUbs2stnt7lUkIrD/n3nA007JcEYCJMtTSBpLosnwboyGKrzu KTzfXEps+jk4xsvk9gs6rcDRfuza43IR/0kaF8Yvfixno6i3Wb7A+ydFxT9WI7D77Ym9I7aRsBF s9e06OBs4+P1Dczt6D52mBkJjEof+m9YOKDx659jzR/COgDogUnsD+TC5AJ2F2337MufBijjX7Z 3eze78Zw5bQtZ97PAgBbw== X-Received: by 2002:a05:6000:26ce:b0:430:fd69:9920 with SMTP id ffacd0b85a97d-4358ff2af6fmr2410660f8f.16.1768910960474; Tue, 20 Jan 2026 04:09:20 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:19 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 12/22] libarchive: fix CVE-2025-60753 regression Date: Tue, 20 Jan 2026 13:08:26 +0100 Message-ID: X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:24 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229690 From: Peter Marko Pick patch from PR mentioned in v3.8.5 release notes. Signed-off-by: Peter Marko Signed-off-by: Yoann Congal --- ...25-60753.patch => CVE-2025-60753-01.patch} | 0 .../libarchive/CVE-2025-60753-02.patch | 46 +++++++++++++++++++ .../libarchive/libarchive_3.7.9.bb | 3 +- 3 files changed, 48 insertions(+), 1 deletion(-) rename meta/recipes-extended/libarchive/libarchive/{CVE-2025-60753.patch => CVE-2025-60753-01.patch} (100%) create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-60753-02.patch diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2025-60753.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2025-60753-01.patch similarity index 100% rename from meta/recipes-extended/libarchive/libarchive/CVE-2025-60753.patch rename to meta/recipes-extended/libarchive/libarchive/CVE-2025-60753-01.patch diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2025-60753-02.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2025-60753-02.patch new file mode 100644 index 0000000000..637162b894 --- /dev/null +++ b/meta/recipes-extended/libarchive/libarchive/CVE-2025-60753-02.patch @@ -0,0 +1,46 @@ +From cfb02de558d843dc5355c4aa2aeb4af49f88bdb9 Mon Sep 17 00:00:00 2001 +From: Martin Matuska +Date: Mon, 8 Dec 2025 21:40:46 +0100 +Subject: [PATCH] tar: fix off-bounds read resulting from #2787 (3150539ed) + +CVE: CVE-2025-60753 +Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/cfb02de558d843dc5355c4aa2aeb4af49f88bdb9] +Signed-off-by: Peter Marko +--- + tar/subst.c | 16 ++++++++-------- + 1 file changed, 8 insertions(+), 8 deletions(-) + +diff --git a/tar/subst.c b/tar/subst.c +index a466f653..53497ad0 100644 +--- a/tar/subst.c ++++ b/tar/subst.c +@@ -237,7 +237,7 @@ apply_substitution(struct bsdtar *bsdtar, const char *name, char **result, + + char isEnd = 0; + do { +- isEnd = *name == '\0'; ++ isEnd = *name == '\0'; + if (regexec(&rule->re, name, 10, matches, 0)) + break; + +@@ -293,13 +293,13 @@ apply_substitution(struct bsdtar *bsdtar, const char *name, char **result, + + realloc_strcat(result, rule->result + j); + if (matches[0].rm_eo > 0) { +- name += matches[0].rm_eo; +- } else { +- // We skip a character because the match is 0-length +- // so we need to add it to the output +- realloc_strncat(result, name, 1); +- name += 1; +- } ++ name += matches[0].rm_eo; ++ } else if (!isEnd) { ++ // We skip a character because the match is 0-length ++ // so we need to add it to the output ++ realloc_strncat(result, name, 1); ++ name += 1; ++ } + } while (rule->global && !isEnd); // Testing one step after because sed et al. run 0-length patterns a last time on the empty string at the end + } + diff --git a/meta/recipes-extended/libarchive/libarchive_3.7.9.bb b/meta/recipes-extended/libarchive/libarchive_3.7.9.bb index 86ba53aaf2..b62c3d69b9 100644 --- a/meta/recipes-extended/libarchive/libarchive_3.7.9.bb +++ b/meta/recipes-extended/libarchive/libarchive_3.7.9.bb @@ -42,7 +42,8 @@ SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz \ file://0001-Merge-pull-request-2749-from-KlaraSystems-des-tempdi.patch \ file://0001-Merge-pull-request-2753-from-KlaraSystems-des-temp-f.patch \ file://0001-Merge-pull-request-2768-from-Commandoss-master.patch \ - file://CVE-2025-60753.patch \ + file://CVE-2025-60753-01.patch \ + file://CVE-2025-60753-02.patch \ " UPSTREAM_CHECK_URI = "http://libarchive.org/" From patchwork Tue Jan 20 12:08:27 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79168 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C5273D2ED13 for ; Tue, 20 Jan 2026 12:09:24 +0000 (UTC) Received: from mail-wr1-f54.google.com (mail-wr1-f54.google.com [209.85.221.54]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.5027.1768910963212877849 for ; Tue, 20 Jan 2026 04:09:23 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=tyupW+U5; spf=pass (domain: smile.fr, ip: 209.85.221.54, mailfrom: yoann.congal@smile.fr) Received: by mail-wr1-f54.google.com with SMTP id ffacd0b85a97d-42fbbc3df8fso2876552f8f.2 for ; Tue, 20 Jan 2026 04:09:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910961; x=1769515761; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=McgWnosgCoWTpmUV0hgBTmL2Ns6M0LNmMsJ59blKGcU=; b=tyupW+U5nR1RuAEMprg3ftFu/HNEEHvZ++xBzWAizFMXCEUA6PrlifVl+c0mGMmFoN ReDjxE3TtExJEva0RqVjpoOfzqlFDb0WugGMHWLwTyhHipt7rjlcGf0OjefBg5Nqts5f UdlVYPwaBSb4s4Yn2se1GH/3zhdzzgvv0UEn0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910961; x=1769515761; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=McgWnosgCoWTpmUV0hgBTmL2Ns6M0LNmMsJ59blKGcU=; b=AGZShVqZN1t9FcIBe5olC9fTUBSoSHepObyEps4XW7V7xMxiPYVErhX4mxF2u6HwSb TQFNM5r6nKHm6LvPdCd6rmzLTnbrzgUGGrHb6f5Ggbn3itPrRT0RVpe1GF07cYEPuk4t epAWzv4+gM5xj2l1YytWu9kTBvItITeHtcpqdxH6RAW6pYykgIJ+APKAuT/LhA6IOA/F 1+okgShSLbsB6dgZ7ChfAMeLxiRrySNSYP9gxQ88VkFY9hf9V/3VicIXLsvJo+I8Yysr ZLcLpZUXQfLyqFrc0QuAzjzIFVudZJuNIWVDSJSKPfU2fDa5rpQjC3as89huOg8lWvB1 HI0g== X-Gm-Message-State: AOJu0YyB7ztWHn6PPiCCLP84AMq03grcSlgKU0Vg4kQPbgT55bLDKgsc pWh7fDrLo4bD7qybyapzIIwjQ2+iAJCImjLE22p6ieIGC1f6w9pknooAQFDYtfurBy09UgO9ejn joBbA X-Gm-Gg: AZuq6aJtmvQZZAG00iviQPRUndq75GfB4LFOli4GejsnXjRp3a22pJ8MErE8NcIm1hJ HH/Djdod2mNh6OEB97ykT51PcUv/FRB4QA7DstKSooS9/ARl/MqF9+ZsQYnvwJAM+SmYwMwmtiw 5PPxuJ7X+9rjFNAhP/yar5JJNHmDZSrPoYygTfPZmIOaCPI5Sesi4P+3RdP/1WOJgmdtLpitUFD qtgCnkl2KfaJW+ox8eoM3wJTi+e/eoKhFK5JkByyiTIN8/mfYXVuWWh8qnTXb2seef7pt5eDuzn Uh76EaPIv3xOwEzZ0+Gn21DiYBnIUij/xnHE6Uyl9S4azLMc8y4Z5XGN0a9cUwbjLkiv1m07fAA 9L5EL71MxkJTKcLG5L7gv0xmXkL2bKXYPLFBCJCU19nI/vwhcohX7v1XblneEpVrsmrCXhEj2j/ IoIh8L6Ri6GFvbJScvdcchlbiw5ICJ26gTdQ4ysSQpektUO4JroaHTHbMwyQnx+aCxnC2tCTi0+ p1OR34rby/QSbJ8hXB3aA== X-Received: by 2002:a05:6000:1acd:b0:431:8f8:7f1e with SMTP id ffacd0b85a97d-435901751cdmr2247325f8f.48.1768910961373; Tue, 20 Jan 2026 04:09:21 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.20 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:20 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 13/22] curl: patch CVE-2025-14017 Date: Tue, 20 Jan 2026 13:08:27 +0100 Message-ID: X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:24 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229691 From: Peter Marko Pick patch per [1]. [1] https://curl.se/docs/CVE-2025-14017.html Signed-off-by: Peter Marko Signed-off-by: Yoann Congal --- .../curl/curl/CVE-2025-14017.patch | 115 ++++++++++++++++++ meta/recipes-support/curl/curl_8.7.1.bb | 1 + 2 files changed, 116 insertions(+) create mode 100644 meta/recipes-support/curl/curl/CVE-2025-14017.patch diff --git a/meta/recipes-support/curl/curl/CVE-2025-14017.patch b/meta/recipes-support/curl/curl/CVE-2025-14017.patch new file mode 100644 index 0000000000..887ff2f97c --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2025-14017.patch @@ -0,0 +1,115 @@ +From 39d1976b7f709a516e3243338ebc0443bdd8d56d Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Thu, 4 Dec 2025 00:14:20 +0100 +Subject: [PATCH] ldap: call ldap_init() before setting the options + +Closes #19830 + +CVE: CVE-2025-14017 +Upstream-Status: Backport [https://github.com/curl/curl/commit/39d1976b7f709a516e3243338ebc0443bdd8d56d] +Signed-off-by: Peter Marko +--- + lib/ldap.c | 49 +++++++++++++++++++------------------------------ + 1 file changed, 19 insertions(+), 30 deletions(-) + +diff --git a/lib/ldap.c b/lib/ldap.c +index 63b2cbc414..0911a9239a 100644 +--- a/lib/ldap.c ++++ b/lib/ldap.c +@@ -362,16 +362,29 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) + passwd = conn->passwd; + } + ++#ifdef USE_WIN32_LDAP ++ if(ldap_ssl) ++ server = ldap_sslinit(host, conn->primary.remote_port, 1); ++ else ++#else ++ server = ldap_init(host, conn->primary.remote_port); ++#endif ++ if(!server) { ++ failf(data, "LDAP: cannot setup connect to %s:%u", ++ conn->host.dispname, conn->primary.remote_port); ++ result = CURLE_COULDNT_CONNECT; ++ goto quit; ++ } ++ + #ifdef LDAP_OPT_NETWORK_TIMEOUT +- ldap_set_option(NULL, LDAP_OPT_NETWORK_TIMEOUT, &ldap_timeout); ++ ldap_set_option(server, LDAP_OPT_NETWORK_TIMEOUT, &ldap_timeout); + #endif +- ldap_set_option(NULL, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto); ++ ldap_set_option(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto); + + if(ldap_ssl) { + #ifdef HAVE_LDAP_SSL + #ifdef USE_WIN32_LDAP + /* Win32 LDAP SDK doesn't support insecure mode without CA! */ +- server = ldap_sslinit(host, conn->primary.remote_port, 1); + ldap_set_option(server, LDAP_OPT_SSL, LDAP_OPT_ON); + #else + int ldap_option; +@@ -439,7 +452,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) + goto quit; + } + infof(data, "LDAP local: using PEM CA cert: %s", ldap_ca); +- rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, ldap_ca); ++ rc = ldap_set_option(server, LDAP_OPT_X_TLS_CACERTFILE, ldap_ca); + if(rc != LDAP_SUCCESS) { + failf(data, "LDAP local: ERROR setting PEM CA cert: %s", + ldap_err2string(rc)); +@@ -451,20 +464,13 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) + else + ldap_option = LDAP_OPT_X_TLS_NEVER; + +- rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &ldap_option); ++ rc = ldap_set_option(server, LDAP_OPT_X_TLS_REQUIRE_CERT, &ldap_option); + if(rc != LDAP_SUCCESS) { + failf(data, "LDAP local: ERROR setting cert verify mode: %s", + ldap_err2string(rc)); + result = CURLE_SSL_CERTPROBLEM; + goto quit; + } +- server = ldap_init(host, conn->primary.remote_port); +- if(!server) { +- failf(data, "LDAP local: Cannot connect to %s:%u", +- conn->host.dispname, conn->primary.remote_port); +- result = CURLE_COULDNT_CONNECT; +- goto quit; +- } + ldap_option = LDAP_OPT_X_TLS_HARD; + rc = ldap_set_option(server, LDAP_OPT_X_TLS, &ldap_option); + if(rc != LDAP_SUCCESS) { +@@ -473,15 +479,6 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) + result = CURLE_SSL_CERTPROBLEM; + goto quit; + } +-/* +- rc = ldap_start_tls_s(server, NULL, NULL); +- if(rc != LDAP_SUCCESS) { +- failf(data, "LDAP local: ERROR starting SSL/TLS mode: %s", +- ldap_err2string(rc)); +- result = CURLE_SSL_CERTPROBLEM; +- goto quit; +- } +-*/ + #else + /* we should probably never come up to here since configure + should check in first place if we can support LDAP SSL/TLS */ +@@ -498,15 +495,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) + result = CURLE_NOT_BUILT_IN; + goto quit; + } +- else { +- server = ldap_init(host, conn->primary.remote_port); +- if(!server) { +- failf(data, "LDAP local: Cannot connect to %s:%u", +- conn->host.dispname, conn->primary.remote_port); +- result = CURLE_COULDNT_CONNECT; +- goto quit; +- } +- } ++ + #ifdef USE_WIN32_LDAP + ldap_set_option(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto); + rc = ldap_win_bind(data, server, user, passwd); diff --git a/meta/recipes-support/curl/curl_8.7.1.bb b/meta/recipes-support/curl/curl_8.7.1.bb index 0af6a41399..aa978f0346 100644 --- a/meta/recipes-support/curl/curl_8.7.1.bb +++ b/meta/recipes-support/curl/curl_8.7.1.bb @@ -25,6 +25,7 @@ SRC_URI = " \ file://CVE-2024-11053-0003.patch \ file://CVE-2025-0167.patch \ file://CVE-2025-9086.patch \ + file://CVE-2025-14017.patch \ " SRC_URI:append:class-nativesdk = " \ From patchwork Tue Jan 20 12:08:28 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79163 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C1D4FD2ED12 for ; Tue, 20 Jan 2026 12:09:24 +0000 (UTC) Received: from mail-wm1-f41.google.com (mail-wm1-f41.google.com [209.85.128.41]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.5028.1768910964158872047 for ; Tue, 20 Jan 2026 04:09:24 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=QhdgZoJE; spf=pass (domain: smile.fr, ip: 209.85.128.41, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f41.google.com with SMTP id 5b1f17b1804b1-47ee4338e01so22678155e9.2 for ; Tue, 20 Jan 2026 04:09:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910962; x=1769515762; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=7dEivvJdmmb4GPJmrS9ji49n+J5tTO6Vr2WNn9p3IA4=; b=QhdgZoJED1nEyJXNGo/sE1fPdtmSS6TCxpIoHL96MvGXEweRlyC+QElYOwsF1U14L6 rSEdBXCXn/okn3ikVcwCCckgjr4o4vkInWpfsf+NRSZBqcMOA9xX5dqnSOOlApTQT1bF c1Y566JGx14C0Bj9/iIu7Pj0qCKYEvuB96pYM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910962; x=1769515762; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=7dEivvJdmmb4GPJmrS9ji49n+J5tTO6Vr2WNn9p3IA4=; b=gnmWzCI9Z/Kp/SSep6ZzMmGYLY4srMLfJ/GmUZzKQ5So5CY+udpPUIQuIw4EdhFxWx TUiMuz2qpqepCxfCvZJBLu5t9tLaJFo2g0A8iuSfb0BcE7Rz1M9+DgyWyewzfB5Ju/Fx Z1PxQnMM/D3HjSP4S9nSMRxwHB+IKBKBJShRAfNkXvf2n18rS3SgPa8b5jeaXPIQs8Oh LJWmhQKVTg36BDepCUjhvOpLvQC7aeWdqRaisViLSKFI2oU0LFz+PTQMu4b46Rf05Osn SA81aeNkve2w6oJEB8CWty5jcebe0hEkRM82GeaWbNISEvyuRCWqFFS1eyswuYepXTk8 /XuA== X-Gm-Message-State: AOJu0YxsBb7u7d1zuK0p96DddsVxPvsSoGI8s/TUEL3gZLHTaDqh4d7K OgjF6Hk6CED9fZWrcUd/BvHrjvNrP14sGELIaHlbzE9EuLxLtkQvJLwAUChOMeKX2J9rY3tJTU3 nWO5G X-Gm-Gg: AY/fxX7jrYnvaNP1UbFj6yQdFGUY44Y9INqTLGHam9BJMXmLzFBPpYuSwESaGLCnPHg JMcIzXpfpp4lPaxqSn7BP33rYq/pWXDxd9pS0UHvVFwiZJzNJN8StoomALS/sQKCxE9d49UU5UN 6V/OiAxMJpJKoIdpVHOSbJVK5XPamSXq9DrQerBU9XVZtO1Z4NA2ocdLwZGwrbH9sNx2D26BZZU pC7OjqMur5POrOVHIpTOjt9jUviRVrC7Jbfl47+qxuP5KnKyb9PW8ytZlmombPrEQNUfyO6+yD2 8BU/FXiXvYyA92qEEZh+5apLNL1fMFH3+ePK/mt1Q8eCD4oVWt7FiVczouXkHmoFI1gdORMObu3 PZ3pBXjcFmoYRkZ2J31ggaPNGNKyfQ+V5pyB5tGg5BBiRWanhsGuSyKP+SktIDXUPOPUhWzuZke XsBZBwlgCKAbZecaNRGbk8ZYrYOu32z8nQrZC01FybhLyPWXmov3xpf6Px4VDMO6tI80ao79JAr cxjXfsi5nXP6ip0jvLEOg== X-Received: by 2002:a05:600c:37c8:b0:46e:1a5e:211 with SMTP id 5b1f17b1804b1-4801eb09213mr183765475e9.21.1768910962241; Tue, 20 Jan 2026 04:09:22 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.21 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:21 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 14/22] curl: patch CVE-2025-14819 Date: Tue, 20 Jan 2026 13:08:28 +0100 Message-ID: <253501667b88fbd48a52e9f4616c246e9e030ade.1768910519.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:24 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229692 From: Peter Marko Pick patch per [1]. Additionally pick commit with definition of CURL_UNCONST to make the cherry-pick possible without build errors. It will be probably needed also by further CVE patches. [1] https://curl.se/docs/CVE-2025-14819.html Signed-off-by: Peter Marko Signed-off-by: Yoann Congal --- ...st-qual-fix-or-silence-compiler-warn.patch | 85 +++++++++++++++++++ .../curl/curl/CVE-2025-14819.patch | 73 ++++++++++++++++ meta/recipes-support/curl/curl_8.7.1.bb | 2 + 3 files changed, 160 insertions(+) create mode 100644 meta/recipes-support/curl/curl/0001-build-enable-Wcast-qual-fix-or-silence-compiler-warn.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2025-14819.patch diff --git a/meta/recipes-support/curl/curl/0001-build-enable-Wcast-qual-fix-or-silence-compiler-warn.patch b/meta/recipes-support/curl/curl/0001-build-enable-Wcast-qual-fix-or-silence-compiler-warn.patch new file mode 100644 index 0000000000..f652456990 --- /dev/null +++ b/meta/recipes-support/curl/curl/0001-build-enable-Wcast-qual-fix-or-silence-compiler-warn.patch @@ -0,0 +1,85 @@ +From 9989d5392e9e61c81fdd3e464511ddd8d73c2f87 Mon Sep 17 00:00:00 2001 +From: Viktor Szakats +Date: Fri, 31 Jan 2025 23:20:46 +0100 +Subject: [PATCH] build: enable `-Wcast-qual`, fix or silence compiler warnings + +The issues found fell into these categories, with the applied fixes: + +- const was accidentally stripped. + Adjust code to not cast or cast with const. + +- const/volatile missing from arguments, local variables. + Constify arguments or variables, adjust/delete casts. Small code + changes in a few places. + +- const must be stripped because an API dependency requires it. + Strip `const` with `CURL_UNCONST()` macro to silence the warning out + of our control. These happen at API boundaries. Sometimes they depend + on dependency version, which this patch handles as necessary. Also + enable const support for the zlib API, using `ZLIB_CONST`. Supported + by zlib 1.2.5.2 and newer. + +- const must be stripped because a curl API requires it. + Strip `const` with `CURL_UNCONST()` macro to silence the warning out + of our immediate control. For example we promise to send a non-const + argument to a callback, though the data is const internally. + +- other cases where we may avoid const stripping by code changes. + Also silenced with `CURL_UNCONST()`. + +- there are 3 places where `CURL_UNCONST()` is cast again to const. + To silence this type of warning: + ``` + lib/vquic/curl_osslq.c:1015:29: error: to be safe all intermediate + pointers in cast from 'unsigned char **' to 'const unsigned char **' + must be 'const' qualified [-Werror=cast-qual] + lib/cf-socket.c:734:32: error: to be safe all intermediate pointers in + cast from 'char **' to 'const char **' must be 'const' qualified + [-Werror=cast-qual] + ``` + There may be a better solution, but I couldn't find it. + +These cases are handled in separate subcommits, but without further +markup. + +If you see a `-Wcast-qual` warning in curl, we appreciate your report +about it. + +Closes #16142 + +Upstream-Status: Backport [https://github.com/curl/curl/commit/9989d5392e9e61c81fdd3e464511ddd8d73c2f87] + +Picked only header file definition, not complete code refactoring. +CURL_UNCONST will be probably needed also by further CVE patches due to this rework. + +Also later modified by removing VS2008 code per 2e1a045d8985e5daa4d9a4f908ed870a16d8e41e. + +Signed-off-by: Peter Marko +--- + lib/curl_setup_once.h | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +diff --git a/lib/curl_setup_once.h b/lib/curl_setup_once.h +index bf0ee663d3..df5b44c478 100644 +--- a/lib/curl_setup_once.h ++++ b/lib/curl_setup_once.h +@@ -69,10 +69,18 @@ + #include + #endif + +-#ifdef USE_WOLFSSL ++#if defined(HAVE_STDINT_H) || defined(USE_WOLFSSL) + #include + #endif + ++/* Macro to strip 'const' without triggering a compiler warning. ++ Use* it for APIs that do not or cannot support the const qualifier. */ ++#ifdef HAVE_STDINT_H ++# define CURL_UNCONST(p) ((void *)(uintptr_t)(const void *)(p)) ++#else ++# define CURL_UNCONST(p) ((void *)(p)) /* Fall back to simple cast */ ++#endif ++ + #ifdef USE_SCHANNEL + /* Must set this before is included directly or indirectly by + another Windows header. */ diff --git a/meta/recipes-support/curl/curl/CVE-2025-14819.patch b/meta/recipes-support/curl/curl/CVE-2025-14819.patch new file mode 100644 index 0000000000..7bed47e7b4 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2025-14819.patch @@ -0,0 +1,73 @@ +From cd046f6c93b39d673a58c18648d8906e954c4f5d Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Wed, 17 Dec 2025 10:54:16 +0100 +Subject: [PATCH] openssl: toggling CURLSSLOPT_NO_PARTIALCHAIN makes a + different CA cache + +Reported-by: Stanislav Fort + +Closes #20009 + +CVE: CVE-2025-14819 +Upstream-Status: Backport [https://github.com/curl/curl/commit/cd046f6c93b39d673a58c18648d8906e954c4f5d] +Signed-off-by: Peter Marko +--- + lib/vtls/openssl.c | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c +index a7f169d641..7563d9a090 100644 +--- a/lib/vtls/openssl.c ++++ b/lib/vtls/openssl.c +@@ -317,6 +317,7 @@ struct multi_ssl_backend_data { + char *CAfile; /* CAfile path used to generate X509 store */ + X509_STORE *store; /* cached X509 store or NULL if none */ + struct curltime time; /* when the cached store was created */ ++ BIT(no_partialchain); /* keep partial chain state */ + }; + #endif /* HAVE_SSL_X509_STORE_SHARE */ + +@@ -3378,12 +3379,16 @@ static bool cached_x509_store_expired(const struct Curl_easy *data, + + static bool cached_x509_store_different( + struct Curl_cfilter *cf, ++ const struct Curl_easy *data, + const struct multi_ssl_backend_data *mb) + { + struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf); ++ struct ssl_config_data *ssl_config = ++ Curl_ssl_cf_get_config(cf, CURL_UNCONST(data)); ++ if(mb->no_partialchain != ssl_config->no_partialchain) ++ return TRUE; + if(!mb->CAfile || !conn_config->CAfile) + return mb->CAfile != conn_config->CAfile; +- + return strcmp(mb->CAfile, conn_config->CAfile); + } + +@@ -3398,7 +3403,7 @@ static X509_STORE *get_cached_x509_store(struct Curl_cfilter *cf, + multi->ssl_backend_data && + multi->ssl_backend_data->store && + !cached_x509_store_expired(data, multi->ssl_backend_data) && +- !cached_x509_store_different(cf, multi->ssl_backend_data)) { ++ !cached_x509_store_different(cf, data, multi->ssl_backend_data)) { + store = multi->ssl_backend_data->store; + } + +@@ -3427,6 +3432,8 @@ static void set_cached_x509_store(struct Curl_cfilter *cf, + + if(X509_STORE_up_ref(store)) { + char *CAfile = NULL; ++ struct ssl_config_data *ssl_config = ++ Curl_ssl_cf_get_config(cf, CURL_UNCONST(data)); + + if(conn_config->CAfile) { + CAfile = strdup(conn_config->CAfile); +@@ -3444,6 +3451,7 @@ static void set_cached_x509_store(struct Curl_cfilter *cf, + mbackend->time = Curl_now(); + mbackend->store = store; + mbackend->CAfile = CAfile; ++ mbackend->no_partialchain = ssl_config->no_partialchain; + } + } + diff --git a/meta/recipes-support/curl/curl_8.7.1.bb b/meta/recipes-support/curl/curl_8.7.1.bb index aa978f0346..3134846e57 100644 --- a/meta/recipes-support/curl/curl_8.7.1.bb +++ b/meta/recipes-support/curl/curl_8.7.1.bb @@ -26,6 +26,8 @@ SRC_URI = " \ file://CVE-2025-0167.patch \ file://CVE-2025-9086.patch \ file://CVE-2025-14017.patch \ + file://0001-build-enable-Wcast-qual-fix-or-silence-compiler-warn.patch \ + file://CVE-2025-14819.patch \ " SRC_URI:append:class-nativesdk = " \ From patchwork Tue Jan 20 12:08:29 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79176 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 46F56D2ED1F for ; Tue, 20 Jan 2026 12:09:25 +0000 (UTC) Received: from mail-wm1-f47.google.com (mail-wm1-f47.google.com [209.85.128.47]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.5029.1768910964577065789 for ; Tue, 20 Jan 2026 04:09:24 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=Idid7ryH; spf=pass (domain: smile.fr, ip: 209.85.128.47, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f47.google.com with SMTP id 5b1f17b1804b1-4801c2fae63so33429925e9.2 for ; Tue, 20 Jan 2026 04:09:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910963; x=1769515763; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=g0YgtcVhkJ7CP6nGcujqmnxpQ2XHlercjg7OBocF/6Q=; b=Idid7ryHfT9qDNWHHSnyRMDXrfiQENx0so5X9pV+8iRmbyJEO9G78bQtKN/2dbmqxh AHCRV1s0+Iz9zr+RKQRHhWxIIUnTPeSWPNzf+inpcI+30p3c5xoqb3dI0AY49fPodwLv KRxnNJDxftYJnOUIS7mt1TcyTc5yh/HmKHjxs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910963; x=1769515763; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=g0YgtcVhkJ7CP6nGcujqmnxpQ2XHlercjg7OBocF/6Q=; b=oDk7t2CJGwZ663JGj8ncJmCIZzzoxg+SyzRxD43poEcwcVu6GulAFN5QTtVaiqMUJd WaKcXUF0nuYN6W67broA+6CTJVL5/68H68bigbsCEsrkqE+uadp42g0CcZP9CN6neGsx C+yRQQr5KbYwVY5sRyUMVrjhchlU6huLQS0+Ug23dvtz0KtW46odgMdjrRgOJ5qJWvNL dHKuOQJnn6QDtEPFvEw56yz7YWO4y7oy7VsL13vCa0befDWOfzFe/sssG2o+B9HmfIdx m2o0lf9bdJzSeBZZEOjCdVIx8C38E3wkBj0Ior6Ifng95URQOk2uv2+JAtIn/kcqXo4+ kB4w== X-Gm-Message-State: AOJu0YwiW1c5cgqhOjEFoQiO/oRbpiu/glEzHzu3o4NwVLTKpU8OOX1I GyRzCik/9RFVn03QUljahtpfz0kAVgIpV+M3VcaT+6obM2+nxy2t3XObJWu2F3mSwOktePMyiK7 MiL9f X-Gm-Gg: AY/fxX6+pe3NEMwZ4TK1IRbabXppnACaF5sAnp1Bi4V6U4Q7+HCqKBm9zChtdkzbAMq xHt28/AYPGQT8nqKiLKmHW/DHPfThu6uL2Rb9Rw3Av3rq6ZEWJ5aAPCDrOmFi6BjYxztg0sOHiU 1hoik5xb3EzcIlE4kecr+exup4oHsQZybsEqzo69CqdkRNJmm+DkYC1zcAJViwNU3xYoWLzeTzQ hw+v/pFMqhCWyz6AAu6vaHPVzK6Sv0aI1kVH7dvoJ7R4cP1lXz5l4WlqlHxH5mrYLTxZNRzZZho ohW/aIP+xY75XVnT75Uq0O3iXaS2xt2fDrATpX4jf4dNK7ipqgbbVHXW0JCVD2CYfktta2nSFik XZSmhU60yWX4zO8R+kNzhcntiA8xPOZtxLkpvY1u80et7rvyzxxZVu+nWf3EseOYsgPkIUfOaiT 0t8YGo72JoVeJmiooPN+xq7zB9stkoAuAIUpbNwJF+aOpgPbEol6bo045Q1xLUsLtE8SP7o5Ngs Fb/Yn9hr8Nteyju2PNAfQ== X-Received: by 2002:a05:600c:354a:b0:479:3a86:dc1f with SMTP id 5b1f17b1804b1-4801e3503c2mr168718935e9.37.1768910962779; Tue, 20 Jan 2026 04:09:22 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:22 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 15/22] curl: patch CVE-2025-15079 Date: Tue, 20 Jan 2026 13:08:29 +0100 Message-ID: X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:25 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229693 From: Peter Marko Pick patch per [1]. [1] https://curl.se/docs/CVE-2025-15079.html Signed-off-by: Peter Marko Signed-off-by: Yoann Congal --- .../curl/curl/CVE-2025-15079.patch | 32 +++++++++++++++++++ meta/recipes-support/curl/curl_8.7.1.bb | 1 + 2 files changed, 33 insertions(+) create mode 100644 meta/recipes-support/curl/curl/CVE-2025-15079.patch diff --git a/meta/recipes-support/curl/curl/CVE-2025-15079.patch b/meta/recipes-support/curl/curl/CVE-2025-15079.patch new file mode 100644 index 0000000000..47fa518309 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2025-15079.patch @@ -0,0 +1,32 @@ +From adca486c125d9a6d9565b9607a19dce803a8b479 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Wed, 24 Dec 2025 17:47:03 +0100 +Subject: [PATCH] libssh: set both knownhosts options to the same file + +Reported-by: Harry Sintonen + +Closes #20092 + +CVE: CVE-2025-15079 +Upstream-Status: Backport [https://github.com/curl/curl/commit/adca486c125d9a6d9565b9607a19dce803a8b479] +Signed-off-by: Peter Marko +--- + lib/vssh/libssh.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c +index 7d5905c83d..98c109ab59 100644 +--- a/lib/vssh/libssh.c ++++ b/lib/vssh/libssh.c +@@ -2224,6 +2224,11 @@ static CURLcode myssh_connect(struct Curl_easy *data, bool *done) + infof(data, "Known hosts: %s", data->set.str[STRING_SSH_KNOWNHOSTS]); + rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_KNOWNHOSTS, + data->set.str[STRING_SSH_KNOWNHOSTS]); ++ if(rc == SSH_OK) ++ /* libssh has two separate options for this. Set both to the same file ++ to avoid surprises */ ++ rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_GLOBAL_KNOWNHOSTS, ++ data->set.str[STRING_SSH_KNOWNHOSTS]); + if(rc != SSH_OK) { + failf(data, "Could not set known hosts file path"); + return CURLE_FAILED_INIT; diff --git a/meta/recipes-support/curl/curl_8.7.1.bb b/meta/recipes-support/curl/curl_8.7.1.bb index 3134846e57..85b91ef958 100644 --- a/meta/recipes-support/curl/curl_8.7.1.bb +++ b/meta/recipes-support/curl/curl_8.7.1.bb @@ -28,6 +28,7 @@ SRC_URI = " \ file://CVE-2025-14017.patch \ file://0001-build-enable-Wcast-qual-fix-or-silence-compiler-warn.patch \ file://CVE-2025-14819.patch \ + file://CVE-2025-15079.patch \ " SRC_URI:append:class-nativesdk = " \ From patchwork Tue Jan 20 12:08:30 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79179 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 40F4BD2ED13 for ; Tue, 20 Jan 2026 12:09:35 +0000 (UTC) Received: from mail-wr1-f52.google.com (mail-wr1-f52.google.com [209.85.221.52]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.5046.1768910965658905061 for ; Tue, 20 Jan 2026 04:09:25 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=eBR7EL21; spf=pass (domain: smile.fr, ip: 209.85.221.52, mailfrom: yoann.congal@smile.fr) Received: by mail-wr1-f52.google.com with SMTP id ffacd0b85a97d-42fbbc3df8fso2876576f8f.2 for ; Tue, 20 Jan 2026 04:09:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910964; x=1769515764; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=cSDvS/oeanhbzqflXQfS8oQwRdB3iUO16SxdvONYB8Q=; b=eBR7EL219+WaMxDvQDddYXl9kEPDNka3HvoW8VyvSxDlbu2KuWOaUjVDu1B9W5zOEr QzjsJdY+JlSO9J11iudtqfhf2izg+bxACyInnKq+EtCjxN1FVgQaLl+2fQFmXYSbYCi3 wkX99dVe6gq8SvIUYYMiIIlACdZp35Om/Vm4M= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910964; x=1769515764; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=cSDvS/oeanhbzqflXQfS8oQwRdB3iUO16SxdvONYB8Q=; b=VkMYf8MjsSrXVJO7ugtzXnAJ5LE4Wd/8QYLMQXorICguNSjQNGI5++xZLSdp/9KiNI jwt0duWK3WaMu3uhdbYiuSh+HFZl4UleBvrbxqY02D3qIjL+tu2sFTGjLh4OVlzb4uA4 b2E2ZnaIgY3QoCWWnvOFiKLT7ohwBwdEiujbSSYn/0xNh5TdDzth/FRDJEQdzBVpra1t 2vtpXpkz5tGX+dcFmD2X3IeGFTY07Kb/A12ZbzuJ9NsmK6LDrx59sQ0wM8XP8fY42+JA 0uXRjnNhnY32OBWNXLtQLdGiJmPuywZ1puTKCV1cPUc4exhiJ869d6Z71z0SUCilJvrC rITg== X-Gm-Message-State: AOJu0YyG8PQ5GfWz4qitIXvRIsEa2dCbz7m0LdHa1qCRCIlcCJv6XHq0 BA9y+HLxlaIqXikdXkc02GiUrXUen+eIuD0C9Ooj3r8SD88jLNXJEyWuCG0M7++rhCYGAEHqztu QGVJ6 X-Gm-Gg: AZuq6aL0p8m0d/OrsBYSvoSnllgFW1XyZQ+ChT0zIGmxbVyyRJiickVGiLihx0rpzi5 3YZ2vs7kkl0h0DfoE3EFL70cMPajym1xfWnaQ79/C41Vwhf2niBlLNA+SzauJlCKzyfxBHY/+bF bApFPE3sFuEGEfrP7qGZhIJcI5Q693pfKUgSaK5qP3ZcLNTAaCTGwc4s5O8gJPu5n5J22ubgYhv u/rN1plzdfb29TGipqrh3ScDGzfs6qA4AM8lQYTjVa5nN3ThLkIkkNDzHQcHblJR38DspAEEGE/ SBOfPiRAJOWjYc2VIQujBXaiDX0w7gtCO+TinoMZ8n9bXS1tf2TiZ0bQOIVzG6En9HXwMkObopn Ubm3oNx+r4m9ygRsr1rTx8JeoaN578bHlhOEE88YVUKfuyGGw1ValMsyE6hmgrAZQKpSmKOtiqC HZVMtRz+QFu7DSucxyw4ctWdykBP4aJTK8JfiNpOWXMZw+aNmeb+ma/iVW6s9vGzgGdcfCFkP05 tCEYrx3qr8s/PdjpHotWA== X-Received: by 2002:a5d:5d0f:0:b0:431:a38:c2f9 with SMTP id ffacd0b85a97d-4359017f5b1mr2337005f8f.63.1768910963709; Tue, 20 Jan 2026 04:09:23 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:22 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 16/22] curl: patch CVE-2025-15224 Date: Tue, 20 Jan 2026 13:08:30 +0100 Message-ID: <38881f68750f3f34cf425b1eec11b46058ab5f90.1768910519.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:35 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229694 From: Peter Marko Pick patch per [1]. [1] https://curl.se/docs/CVE-2025-15224.html Signed-off-by: Peter Marko Signed-off-by: Yoann Congal --- .../curl/curl/CVE-2025-15224.patch | 31 +++++++++++++++++++ meta/recipes-support/curl/curl_8.7.1.bb | 1 + 2 files changed, 32 insertions(+) create mode 100644 meta/recipes-support/curl/curl/CVE-2025-15224.patch diff --git a/meta/recipes-support/curl/curl/CVE-2025-15224.patch b/meta/recipes-support/curl/curl/CVE-2025-15224.patch new file mode 100644 index 0000000000..dc07f92100 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2025-15224.patch @@ -0,0 +1,31 @@ +From 16d5f2a5660c61cc27bd5f1c7f512391d1c927aa Mon Sep 17 00:00:00 2001 +From: Harry Sintonen +Date: Mon, 29 Dec 2025 16:56:39 +0100 +Subject: [PATCH] libssh: require private key or user-agent for public key auth + +Closes #20110 + +CVE: CVE-2025-15224 +Upstream-Status: Backport [https://github.com/curl/curl/commit/16d5f2a5660c61cc27bd5f1c7f512391d1c927aa] +Signed-off-by: Peter Marko +--- + lib/vssh/libssh.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c +index 5d5125b526..bde6355f73 100644 +--- a/lib/vssh/libssh.c ++++ b/lib/vssh/libssh.c +@@ -751,7 +751,11 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, bool *block) + "keyboard-interactive, " : "", + sshc->auth_methods & SSH_AUTH_METHOD_PASSWORD ? + "password": ""); +- if(sshc->auth_methods & SSH_AUTH_METHOD_PUBLICKEY) { ++ /* For public key auth we need either the private key or ++ CURLSSH_AUTH_AGENT. */ ++ if((sshc->auth_methods & SSH_AUTH_METHOD_PUBLICKEY) && ++ (data->set.str[STRING_SSH_PRIVATE_KEY] || ++ (data->set.ssh_auth_types & CURLSSH_AUTH_AGENT))) { + state(data, SSH_AUTH_PKEY_INIT); + infof(data, "Authentication using SSH public key file"); + } diff --git a/meta/recipes-support/curl/curl_8.7.1.bb b/meta/recipes-support/curl/curl_8.7.1.bb index 85b91ef958..ecda13a04e 100644 --- a/meta/recipes-support/curl/curl_8.7.1.bb +++ b/meta/recipes-support/curl/curl_8.7.1.bb @@ -29,6 +29,7 @@ SRC_URI = " \ file://0001-build-enable-Wcast-qual-fix-or-silence-compiler-warn.patch \ file://CVE-2025-14819.patch \ file://CVE-2025-15079.patch \ + file://CVE-2025-15224.patch \ " SRC_URI:append:class-nativesdk = " \ From patchwork Tue Jan 20 12:08:31 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79184 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 50350D2ED0F for ; Tue, 20 Jan 2026 12:09:35 +0000 (UTC) Received: from mail-wr1-f46.google.com (mail-wr1-f46.google.com [209.85.221.46]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.5032.1768910966222231428 for ; Tue, 20 Jan 2026 04:09:26 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=E+zjqRE3; spf=pass (domain: smile.fr, ip: 209.85.221.46, mailfrom: yoann.congal@smile.fr) Received: by mail-wr1-f46.google.com with SMTP id ffacd0b85a97d-432d2670932so4177373f8f.2 for ; Tue, 20 Jan 2026 04:09:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910964; x=1769515764; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=9TmxnCY+uv1HH1UjkTtuTo8cdB4lEi6OOGqCQWqqTJc=; b=E+zjqRE3+9+xiLoRjlCQt5JfAQKE7phrrlvs/ebi0D84s55TJlxXvYHfovlHIKTnjb 7QuIkOMZDqoki88E9/NkqGOXIeNT3QpkifJt79W5SDPVBEKsy2mQLe++/uAQ/Wt1yhxV kxUh4LDpBZcU1svAR0rHnBleIlp4q3ypsFjQE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910964; x=1769515764; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=9TmxnCY+uv1HH1UjkTtuTo8cdB4lEi6OOGqCQWqqTJc=; b=BL+yaNH13v6BfrGtEwLnHKkgf7uzqbeJXdx/+PS7KAQPUld3X902ZXCb+WRKtWhGHv BP+Ul669hhOEew6m2HjBrezvfg64qLso3gnCpwjv0S0ohZzddFzhFdU5CTuHo9BxOH+a Cd8qCmWjy7Z6yRb+Wpv281XANbz8LL9TU/g8l5B7M12TfPecRO4H+mhXs6ZykVBvEv6/ W6s4PqXN2d/Jt5JiGCt9CdekXeD9KHVvuNNmPNzeiu08AdqQFyPJlWZ9eGkOT9bpTu1H jYtdj+qHTzGJPuvpXFeRITglG48seLIScHS6rWKhd6rY7QXcs6FWdz5PCMd35j6GieZu cs7w== X-Gm-Message-State: AOJu0YzIi9yMFv6RZ6lqw9bR8EUCveqkvbZU4CpFt2TzsSpyB5Q8FWUA q7+8o8Dos/tn4xqEVPMf5XcYWA0spXLkUqMAPXuU4hyQ7vYCDhDbxWQZKlZY8CoJbol7nAb3sXv 2DS0S X-Gm-Gg: AZuq6aKF3RPdiMUysV1iOKp5SeyfLBqgc4zhbOl+BLbFEu5f0RbIBJ+xRGZZD6sAY3B OHYdH3KMpT+WbZAN2KvYF6xpiEE7BwiPks1YqvHI5BPFvHZwMqEJL5tQT50geps7QbTUYUqvMGY CgZx4jk1SZjkLO0wPjZj5EBOg6rQkpg8gaq3Q/OMZFibhDXVpceLm6wkXMmxG9zOjz4Wtul3sUX RvmprFycsedv4QArf2mmBIFhR3/uLDMs5CznTlretkrTPpD8DzIoKa7KiASy9OkzvmBctDpC/bh YuT76OXwN6k8EtUKRrpnIiTTzhQRkDJT2VdffSapuSz77A53itN9l7iGKdsT6ipP/NhVRr8G4jF ukF3PYodgipxZfy5s1MAEY4pb44uVCXP7Q+Qiz2LaBgkWSLJkZ4m1aX/hrvDxLL3PfwZu68Vrgy 8g5cYI48adHcMxcPIih/zAlZVzd7kYP7G+qBf/hY8SD6OoZjudP0RKMCsjlfcYMtkmPvrVzl/Oy J5hGUk2qBMBwOVS+eHVfA== X-Received: by 2002:a05:6000:40cb:b0:432:a9db:f9a2 with SMTP id ffacd0b85a97d-43569bc48a9mr21061686f8f.41.1768910964297; Tue, 20 Jan 2026 04:09:24 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:23 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 17/22] pseudo: Upgrade to version 1.9.1 Date: Tue, 20 Jan 2026 13:08:31 +0100 Message-ID: X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:35 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229695 From: Richard Purdie This brings in: * nftw, nftw64: add wrapper * ftw, nftw, ftw64, nftw64: add tests * Move ftw and ftw64 to calling ntfw and nftw64 * makewrappers: Introduce 'array' support * pseudo_util.c: Avoid warning when we intentionally discard const * pseudo_client.c: Fix warning * yocto-older-glibc-symbols.path: Add as a reference patch * pseudo/pseudo_client: Add wrapper functions to operate correctly with glibc 2.38 onwards * configure: Prune PIE flags * test/test-parallel-rename.sh: Add parallel rename test * test/test-parallel-symlinks.sh: Add parallel symlink test * ports/linux/guts: Add .gitignore to ignore generated files Signed-off-by: Richard Purdie (cherry picked from commit 994e508b2a0ede8b5cc4fe39444cf25dc9a53faf) Signed-off-by: Yoann Congal --- .../0001-configure-Prune-PIE-flags.patch | 44 ------------- .../pseudo/files/glibc238.patch | 65 ------------------- .../pseudo/files/older-glibc-symbols.patch | 4 +- meta/recipes-devtools/pseudo/pseudo_git.bb | 4 +- 4 files changed, 3 insertions(+), 114 deletions(-) delete mode 100644 meta/recipes-devtools/pseudo/files/0001-configure-Prune-PIE-flags.patch delete mode 100644 meta/recipes-devtools/pseudo/files/glibc238.patch diff --git a/meta/recipes-devtools/pseudo/files/0001-configure-Prune-PIE-flags.patch b/meta/recipes-devtools/pseudo/files/0001-configure-Prune-PIE-flags.patch deleted file mode 100644 index 43504eaab9..0000000000 --- a/meta/recipes-devtools/pseudo/files/0001-configure-Prune-PIE-flags.patch +++ /dev/null @@ -1,44 +0,0 @@ -From b5545c08e6c674c49aef14b47a56a3e92df4d2a7 Mon Sep 17 00:00:00 2001 -From: Khem Raj -Date: Wed, 17 Feb 2016 07:36:34 +0000 -Subject: [pseudo][PATCH] configure: Prune PIE flags - -LDFLAGS are not taken from environment and CFLAGS is used for LDFLAGS -however when using security options -fpie and -pie options are coming -as part of ARCH_FLAGS and they get into LDFLAGS of shared objects as -well so we end up with conflicting options -shared -pie, which gold -rejects outright and bfd linker lets the one appearning last in cmdline -take effect. This create quite a unpleasant situation in OE when -security flags are enabled and gold or not-gold options are used -it errors out but errors are not same. - -Anyway, with this patch we filter pie options from ARCH_FLAGS -ouright and take control of generating PIC objects - -Helps with errors like - -| /mnt/oe/build/tmp-glibc/sysroots/x86_64-linux/usr/libexec/x86_64-oe-linux/gcc/x86_64-oe-linux/5.3.0/ld: pseudo_client.o: relocation R_X86_64_PC32 against symbol `pseudo_util_debug_flags' can not be used when making a shared object; recompile with -fPIC -| /mnt/oe/build/tmp-glibc/sysroots/x86_64-linux/usr/libexec/x86_64-oe-linux/gcc/x86_64-oe-linux/5.3.0/ld: final link failed: Bad value -| collect2: error: ld returned 1 exit status -| make: *** [lib/pseudo/lib64/libpseudo.so] Error 1 - -Signed-off-by: Khem Raj ---- -Upstream-Status: Submitted - - configure | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/configure b/configure -index e5ef9ce..83b0890 100755 ---- a/configure -+++ b/configure -@@ -339,3 +339,5 @@ sed -e ' - s,@ARCH@,'"$opt_arch"',g - s,@BITS@,'"$opt_bits"',g - ' < Makefile.in > Makefile -+ -+sed -i -e 's/\-[f]*pie//g' Makefile --- -1.8.3.1 - diff --git a/meta/recipes-devtools/pseudo/files/glibc238.patch b/meta/recipes-devtools/pseudo/files/glibc238.patch deleted file mode 100644 index dfb5c283f6..0000000000 --- a/meta/recipes-devtools/pseudo/files/glibc238.patch +++ /dev/null @@ -1,65 +0,0 @@ -glibc 2.38 would include __isoc23_strtol and similar symbols. This is trggerd by -_GNU_SOURCE but we have to set that for other definitions. Therefore play with defines -to turn this off within pseudo_wrappers.c. Elsewhere we can switch to _DEFAULT_SOURCE -rather than _GNU_SOURCE. - -Upstream-Status: Pending - -Index: git/pseudo_wrappers.c -=================================================================== ---- git.orig/pseudo_wrappers.c -+++ git/pseudo_wrappers.c -@@ -6,6 +6,18 @@ - * SPDX-License-Identifier: LGPL-2.1-only - * - */ -+/* glibc 2.38 would include __isoc23_strtol and similar symbols. This is trggerd by -+ * _GNU_SOURCE but we have to set that for other definitions. Therefore play with defines -+ * to turn this off. -+ */ -+#include -+#undef __GLIBC_USE_ISOC2X -+#undef __GLIBC_USE_C2X_STRTOL -+#define __GLIBC_USE_C2X_STRTOL 0 -+#undef __GLIBC_USE_ISOC23 -+#undef __GLIBC_USE_C23_STRTOL -+#define __GLIBC_USE_C23_STRTOL 0 -+ - #include - #include - #include -Index: git/pseudo_util.c -=================================================================== ---- git.orig/pseudo_util.c -+++ git/pseudo_util.c -@@ -8,6 +8,17 @@ - */ - /* we need access to RTLD_NEXT for a horrible workaround */ - #define _GNU_SOURCE -+/* glibc 2.38 would include __isoc23_strtol and similar symbols. This is trggerd by -+ * _GNU_SOURCE but we have to set that for other definitions. Therefore play with defines -+ * to turn this off. -+ */ -+#include -+#undef __GLIBC_USE_ISOC2X -+#undef __GLIBC_USE_C2X_STRTOL -+#define __GLIBC_USE_C2X_STRTOL 0 -+#undef __GLIBC_USE_ISOC23 -+#undef __GLIBC_USE_C23_STRTOL -+#define __GLIBC_USE_C23_STRTOL 0 - - #include - #include -Index: git/pseudo_client.c -=================================================================== ---- git.orig/pseudo_client.c -+++ git/pseudo_client.c -@@ -6,7 +6,7 @@ - * SPDX-License-Identifier: LGPL-2.1-only - * - */ --#define _GNU_SOURCE -+#define _DEFAULT_SOURCE - - #include - #include diff --git a/meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch b/meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch index c453b5f735..f42b32b8d9 100644 --- a/meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch +++ b/meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch @@ -28,10 +28,10 @@ diff --git a/Makefile.in b/Makefile.in @@ -120,7 +120,7 @@ $(PSEUDODB): pseudodb.o $(SHOBJS) $(DBOBJS) pseudo_ipc.o | $(BIN) libpseudo: $(LIBPSEUDO) - $(LIBPSEUDO): $(WRAPOBJS) pseudo_client.o pseudo_ipc.o $(SHOBJS) | $(LIB) + $(LIBPSEUDO): $(WRAPOBJS) pseudo_client.o pseudo_client_scanf.o pseudo_ipc.o $(SHOBJS) | $(LIB) - $(CC) $(CFLAGS) $(CFLAGS_PSEUDO) -shared -o $(LIBPSEUDO) \ + $(CC) $(CFLAGS) -Lprebuilt/$(shell uname -m)-linux/lib/ $(CFLAGS_PSEUDO) -shared -o $(LIBPSEUDO) \ - pseudo_client.o pseudo_ipc.o \ + pseudo_client.o pseudo_client_scanf.o pseudo_ipc.o \ $(WRAPOBJS) $(SHOBJS) $(LDFLAGS) $(CLIENT_LDFLAGS) diff --git a/pseudo_wrappers.c b/pseudo_wrappers.c diff --git a/meta/recipes-devtools/pseudo/pseudo_git.bb b/meta/recipes-devtools/pseudo/pseudo_git.bb index 87c62e0678..5e2a8bf328 100644 --- a/meta/recipes-devtools/pseudo/pseudo_git.bb +++ b/meta/recipes-devtools/pseudo/pseudo_git.bb @@ -1,8 +1,6 @@ require pseudo.inc SRC_URI = "git://git.yoctoproject.org/pseudo;branch=master;protocol=https \ - file://0001-configure-Prune-PIE-flags.patch \ - file://glibc238.patch \ file://fallback-passwd \ file://fallback-group \ " @@ -14,7 +12,7 @@ SRC_URI:append:class-nativesdk = " \ file://older-glibc-symbols.patch" SRC_URI[prebuilt.sha256sum] = "ed9f456856e9d86359f169f46a70ad7be4190d6040282b84c8d97b99072485aa" -SRCREV = "28dcefb809ce95db997811b5662f0b893b9923e0" +SRCREV = "3fac97341f0f8270ca28a91098d0a58ca306a6bd" S = "${WORKDIR}/git" PV = "1.9.0+git" From patchwork Tue Jan 20 12:08:32 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79183 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6F3DAD2ED15 for ; Tue, 20 Jan 2026 12:09:35 +0000 (UTC) Received: from mail-wr1-f48.google.com (mail-wr1-f48.google.com [209.85.221.48]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.5034.1768910966808422910 for ; Tue, 20 Jan 2026 04:09:27 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=AmmR+T99; spf=pass (domain: smile.fr, ip: 209.85.221.48, mailfrom: yoann.congal@smile.fr) Received: by mail-wr1-f48.google.com with SMTP id ffacd0b85a97d-4359249bbacso228704f8f.0 for ; Tue, 20 Jan 2026 04:09:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910965; x=1769515765; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=lXo/CZ6o+twYNhJASlJkWrx0BTmzXf5fWMZ4Ju8ENiM=; b=AmmR+T99CImjYkP5BkWUB9v/cJ+QRM2mEOUkokm85uUX/ZASioOd9AAj5LhGPqb2KV ZdniUh22dc0UQ3TqZ6jxcyfM2AxqQ/JFH7Mm2uaukeLC9fRbGRK6xsh3hDaQq80gpLC3 x/GM0PZRpuaDVW9Zl3++xNLvTbCfOL2S5B0qI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910965; x=1769515765; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=lXo/CZ6o+twYNhJASlJkWrx0BTmzXf5fWMZ4Ju8ENiM=; b=O9mdpdJ5uZX3TCQM+EuodvA8+PbWgnxKih0bFWO+Z54Rlnn23gf5JQ01HZ0jlC1Q2d d1WmHJyaZcEQyiJmeOWslvTYzUPqro0dWdAk+TI+fXPqEctl/pFA+4eyKArnvblr6cCc og1QEuc1xxmFqj08xny+R3WY/lped+9HTe45CHxzIFMfoXQVRxEmxDHLXm67H+pz/4FP ebGlaW6k0e8heyGvZQrPWGUJRN47qvDiGXpT+mA+ioOwgO8H7iNc96OcPhDDhembQDCy BYnQQsM2IXqQO6QBVfzYi2/PkeEXSDFvWUxOboJtbIckrL2xrx8jBgrcuHsa4f8vbU/i ulBw== X-Gm-Message-State: AOJu0YzcwJRRMJLbmZ8jDSDW3SYq8Jc5po+MEn0rezJPLaMO5R628fTW 5pjylfdjWu9scRk8oid/ZdsPRa4Tr/E0DBSkTIBHMk7PY2iRPUN2P6kwm7gLvS5vDYXGwZetko4 dkuHD X-Gm-Gg: AZuq6aJ1YmTw/GndE+G3zrNNcy20hHQ+8gNmO316/GFRwXSjfG6/73BCgzx0NB4Ffnm HTJ6ucjrboCS+sUTKcinXdVk1lRqYoWvCZzoKw/Fz1g2k0nyBZ/gjT4BD6wjwhVJyXBnXhLXo8G 3s+wdASpGUTKAjX/tFfjgn5F6L86YZgJi8PJ+iSK5bX9KkEL8qQWmbUOF0ZDNhUi6t2GTVGZ+kA gy8Ruz5IM5/jIVV3R0jGajCuEIZiCwBdn9hQSMbkPPUlaU7Fvb1VZ2zrPJFsBXL0h8GZWIHoLuL RRx06vQ2QJtIMc3ej1VMKMkbZMclBl0jXmHBWJei4fHaL/L/+BdIdFSI4HS7fJSl+k/h92tWrrH uH9kxiRHTqfK4/ukluMnL0LI2A3M9+L/ROAB4PiW2rvNH+q7LYFp5xaMyHKU5LMNEmw6EujC0ZK b2eaPGNs8cTLrkdunh9We9MFdfUrFHdlHGI8JHtIJI1Ob2FQOEP14BJvAqM8WTFkPEj+MlG7BBz jbmlMtltTWIk9lxmXQemQ== X-Received: by 2002:a05:6000:2481:b0:432:86e3:84ec with SMTP id ffacd0b85a97d-435695652ecmr17731907f8f.23.1768910964868; Tue, 20 Jan 2026 04:09:24 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:24 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 18/22] pseudo: 1.9.0 -> 1.9.2 Date: Tue, 20 Jan 2026 13:08:32 +0100 Message-ID: X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:35 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229696 From: Robert Yang Signed-off-by: Robert Yang Signed-off-by: Richard Purdie (cherry picked from commit 48a42747fd280ce68283e1491971d22273e3bdf2) Signed-off-by: Yoann Congal --- meta/recipes-devtools/pseudo/pseudo_git.bb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/recipes-devtools/pseudo/pseudo_git.bb b/meta/recipes-devtools/pseudo/pseudo_git.bb index 5e2a8bf328..ec9ef2dd5d 100644 --- a/meta/recipes-devtools/pseudo/pseudo_git.bb +++ b/meta/recipes-devtools/pseudo/pseudo_git.bb @@ -12,9 +12,9 @@ SRC_URI:append:class-nativesdk = " \ file://older-glibc-symbols.patch" SRC_URI[prebuilt.sha256sum] = "ed9f456856e9d86359f169f46a70ad7be4190d6040282b84c8d97b99072485aa" -SRCREV = "3fac97341f0f8270ca28a91098d0a58ca306a6bd" +SRCREV = "b4645cb30573c5b3d5e94b9d50e1e2f8beefe9be" S = "${WORKDIR}/git" -PV = "1.9.0+git" +PV = "1.9.2" # largefile and 64bit time_t support adds these macros via compiler flags globally # remove them for pseudo since pseudo intercepts some of the functions which will be From patchwork Tue Jan 20 12:08:33 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79180 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 77B23D2ED19 for ; Tue, 20 Jan 2026 12:09:35 +0000 (UTC) Received: from mail-wm1-f43.google.com (mail-wm1-f43.google.com [209.85.128.43]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.5035.1768910967424918785 for ; Tue, 20 Jan 2026 04:09:27 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=uIIRe9au; spf=pass (domain: smile.fr, ip: 209.85.128.43, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f43.google.com with SMTP id 5b1f17b1804b1-4801c2fae63so33430365e9.2 for ; Tue, 20 Jan 2026 04:09:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910965; x=1769515765; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=iNz7FAA15gE4Gye59MMBcGVvU6mB2iTKMjbDJ9CSmMU=; b=uIIRe9auq46l5A+XdlPjV1yjYOmPAj+x7dxS+/KPhchcsEGcamCdzhdlCzKScZaF8J P+gq3zHby+AzCYdSkiVk9thi4wUfIIWFvutov1fWTjZAqsJCUMOfoGcTBJPmHZV5YVIX ns4+3qv0Jo/kJ7lIkiGf6c8ES7V10uSwwIOWo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910965; x=1769515765; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=iNz7FAA15gE4Gye59MMBcGVvU6mB2iTKMjbDJ9CSmMU=; b=Yx0P9UMXuycEXECJ4TNU9t1BRNn8KN2QE9jPL7/Y6B5xJ1NUiCFG5aVCl9Qfv2KBNP Y6rosjg12rtniyeCCNhgwo9SA15vb9kumsyO4lHBnMsomiLXlH3zGRvpN+6Uqo9rSQDi ooPjTcpRRL+hwd8PDfyLTFDqA4kLwyzL2svKxT7fNEnhKfbnHrELg8n6d6vXhCsfgUiR 7j1QWzt+jETdpQPrHduKTaR5cd8rt968kRVI54kRpMW9EhrFDhha7mKT1vYs11daO8JR b9uQjQWCb6Ahygqxx5ywtlbr4s8RUp6EgHiCKnbl0oXIH+uZzSPSur5h+uNiLUDVcu+A 18eQ== X-Gm-Message-State: AOJu0YxfQN+XMQzh5dvTbXAokEFdOgvCgVEqLrIKVhHLilzFloa3wToJ kZEkORnsXqfDV4iQ6DXPLo4zcvBnetWd+apJ6P3OyveIJC2D9kzmUpeMudd2xjjx1JJtcfGockk ZHGCm X-Gm-Gg: AY/fxX4Sa4wqCzss/54iwuTzwPuiS7DXwEf2J64ceXna1ZJbl1/OAQERPYRhUmdbMpg cqvVrxb61GuGMz7lkdjiyVB9jHipgmp7H02Nmf2Nf3MGE90GFMx5CvbtUuKifJIWEllbZKgf1RI 2QiBlEGjALFYyqRX/OwF78/VczlKcJ9i/8Baxp4jK4ePKRYaYQA3fMi2hhrb/NpK8XnExh2vr77 vHXxYAfNete9sOaVbOTC0nZONmSeMjMZndyPoR1YixZrCyw+jQiP3gIqUT2mFuoHmrcytz4aqIc QdUdeTNzcT+1EDwHkE0R5sRWNRFBwZlkAR3ne80niu2NG1sc37zP12tRFAYgYUG4nx/8bHl/daz CQDekHGVmhm8p43VTRh00d4vefFbqASMYPOhPQ73vDsR89vFcrs9KETrkEbITek1nbAlGbQlZAp 7vTGZEMQXbnRigdscNeuaJrgHe0BMGP4Ct/mLMLKz3tSrYMOPlcvPShQpq5xYNzRfsq/J1uK6br b4tPJpu4sEUxBFn7wsjIw== X-Received: by 2002:a05:600c:3494:b0:47e:e8de:7420 with SMTP id 5b1f17b1804b1-4801e33a85bmr198079395e9.22.1768910965455; Tue, 20 Jan 2026 04:09:25 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:25 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 19/22] pseudo: Update to pull in memleak fix Date: Tue, 20 Jan 2026 13:08:33 +0100 Message-ID: <6eda2338a0e3e7c10f160ef113acf059eda66f69.1768910519.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:35 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229697 From: Richard Purdie Signed-off-by: Richard Purdie (cherry picked from commit 42137b6f97da0672af365cd841678f39ce5907d2) Signed-off-by: Yoann Congal --- meta/recipes-devtools/pseudo/pseudo_git.bb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/recipes-devtools/pseudo/pseudo_git.bb b/meta/recipes-devtools/pseudo/pseudo_git.bb index ec9ef2dd5d..87730511a9 100644 --- a/meta/recipes-devtools/pseudo/pseudo_git.bb +++ b/meta/recipes-devtools/pseudo/pseudo_git.bb @@ -12,9 +12,9 @@ SRC_URI:append:class-nativesdk = " \ file://older-glibc-symbols.patch" SRC_URI[prebuilt.sha256sum] = "ed9f456856e9d86359f169f46a70ad7be4190d6040282b84c8d97b99072485aa" -SRCREV = "b4645cb30573c5b3d5e94b9d50e1e2f8beefe9be" +SRCREV = "d1db9c219abf92f15303486a409292237f1fc790" S = "${WORKDIR}/git" -PV = "1.9.2" +PV = "1.9.2+git" # largefile and 64bit time_t support adds these macros via compiler flags globally # remove them for pseudo since pseudo intercepts some of the functions which will be From patchwork Tue Jan 20 12:08:34 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79182 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 55E0FD2ED18 for ; Tue, 20 Jan 2026 12:09:35 +0000 (UTC) Received: from mail-wr1-f54.google.com (mail-wr1-f54.google.com [209.85.221.54]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.5047.1768910967954588767 for ; Tue, 20 Jan 2026 04:09:28 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=1k0XHKQQ; spf=pass (domain: smile.fr, ip: 209.85.221.54, mailfrom: yoann.congal@smile.fr) Received: by mail-wr1-f54.google.com with SMTP id ffacd0b85a97d-43590777e22so273265f8f.3 for ; Tue, 20 Jan 2026 04:09:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910966; x=1769515766; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=43uA3w4veefmnXhnhAd7FGhTHNfEexB0CNExXSaybxw=; b=1k0XHKQQR3zW8yUIX4Di6jqWQ6rs5I0wejrcM+zVKjo70qf9Zw1YtvFRDH55UcsK4c FgQA4The6naLcZoLvz8fyVzBM1+MgYSxPs96BMdrQMDdz0wNAn0h58NGJqCkleOiIfdu 9FPsRgxRK4TnPDyZUXij8jcn04tGC3rn5+c5I= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910966; x=1769515766; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=43uA3w4veefmnXhnhAd7FGhTHNfEexB0CNExXSaybxw=; b=sgBqBAO3BP9xXqGQCwWSS/61Tag1/uzRDrRxW1mRGOMtWO+LYhCLLDLrLgaF1yVyIw Hfx04oil3qihVDicKgtlA/xi9Mr08sr/CjqnXdfy4QM1VDbnxy2SRmUWqjuMvVdLvdwS rwdnEVm7a7DaLyBsr7WqkxeyrwpJ8G699au8pTL0rNHRvEJKR8PT5O8dGckzSG0BRbxi 4AUYDtJk4VoGsRIagQcPhzeTgv3rJNkfDSlpqw/fg4+vG/52eYmqA/uVlI2aRv+d09UV vafNvQz1jduh/AxoISVwUY2uyHJz8bOlaGex/4CR+1FS2xNSDUD5Er/YN1fiF0wvRe/K cyNw== X-Gm-Message-State: AOJu0YyE48VeIEbJs2Pm2LACoceslhbGzS6g9ZXXGIkm91vepSCF7UI9 KcGghqgh6Y5WWSz24Mq9SfdHpn6lIKq0T0mHil6Z0D4JbvBUM7ie6ILAIQMt0HC+YpP2ZLnPuAN VZHZL X-Gm-Gg: AZuq6aKiiDb+UVdyIEaVDs4Nw88Lf17y1ed/LaGlBL99dskoNGYTRjV4SskP+bHFbE3 Hp02wRfhbMRioRgV+Oe+Lvxv2oJhnXpGeSlwqs1hMskEeyK9lx8fsvrtrbyj/gzTRmMPS5kIETG 06tpIvZwmo25ZccBXgAm7xWPYTuvbCPXLP5iD62+2JP1v5GPCk2iQg8I+zz8Vg5sMxl6CK4BLmb xrZEl+vV8FiLATRsXOOqkwuOPr0NPN5jtmLCmr0GFbpz0LRUXN9a5/Lvv09r6k7LZn0hbpkm0tx nsmFzkdpg1pWWWDTxTpSM7TGlYYrvzjcKuedv8qYZgpnfR5KGf49WM0Bsq/QGdZh62zpIKf5Cg7 wpKwOtBSy4qv18fxGRi8WB3QRGRrqVdLDgfbqqR6Adim7eBpoaVF5Pc9ZRY1xSabp6iN2PaoFNP 8GZMdzWAx8YewdPlScLOFsbhbvGBLTmK97oH1jPwdMuAYCDrUor8QwXbE6seWFxsI5xOJl5fyT4 uYO9fXW9v0kEddCQ9aQfYAv3j/CGQZl X-Received: by 2002:a05:6000:4022:b0:431:a50:6e97 with SMTP id ffacd0b85a97d-4356a051a63mr15632079f8f.34.1768910966079; Tue, 20 Jan 2026 04:09:26 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:25 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 20/22] pseudo: Add hard sstate dependencies for pseudo-native Date: Tue, 20 Jan 2026 13:08:34 +0100 Message-ID: <714fd40e1f2d7c1d8568f5cb02b23c1075c1c328.1768910519.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:35 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229698 From: Paul Barker Where a task (such as do_package) runs under fakeroot, the corresponding setscene task (do_package_setscene) will also run under fakeroot when restoring from sstate. Assuming pseudo is used as the fakeroot implementation, we need pseudo-native and all its runtime dependencies to be available in the sysroot before running any setscene tasks under fakeroot. We already add a hard dependency from all do_package_setscene tasks to virtual/fakeroot-native:do_populate_sysroot in base.bbclass, but this does not cover transitive dependencies. So, extend the dependencies of pseudo-native:do_populate_sysroot_setscene to ensure that the sqlite3 library is also available in the sysroot before running fakeroot setscene tasks. [YOCTO #15963] Signed-off-by: Paul Barker Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie (cherry picked from commit 2c146ca657440550e00bc5e53d13502ef7aa945b) Signed-off-by: Yoann Congal --- meta/recipes-devtools/pseudo/pseudo.inc | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/meta/recipes-devtools/pseudo/pseudo.inc b/meta/recipes-devtools/pseudo/pseudo.inc index 7e09b6d58c..9c191560fb 100644 --- a/meta/recipes-devtools/pseudo/pseudo.inc +++ b/meta/recipes-devtools/pseudo/pseudo.inc @@ -156,3 +156,10 @@ do_install:append:class-nativesdk () { } BBCLASSEXTEND = "native nativesdk" + +# Setscene tasks which run under fakeroot must not be executed before +# pseudo-native and *all* its runtime dependencies are available in the +# sysroot. +PSEUDO_SETSCENE_DEPS = "" +PSEUDO_SETSCENE_DEPS:class-native = "sqlite3-native:do_populate_sysroot" +do_populate_sysroot_setscene[depends] += "${PSEUDO_SETSCENE_DEPS}" From patchwork Tue Jan 20 12:08:35 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79181 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 53966D2ED16 for ; Tue, 20 Jan 2026 12:09:35 +0000 (UTC) Received: from mail-wr1-f54.google.com (mail-wr1-f54.google.com [209.85.221.54]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.5048.1768910968482532316 for ; Tue, 20 Jan 2026 04:09:28 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=B/WfKTOq; spf=pass (domain: smile.fr, ip: 209.85.221.54, mailfrom: yoann.congal@smile.fr) Received: by mail-wr1-f54.google.com with SMTP id ffacd0b85a97d-430fbb6012bso4488750f8f.1 for ; Tue, 20 Jan 2026 04:09:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910967; x=1769515767; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ssKNyiz0ZjrqhCBfTlWsXYUT9yH9KEVoJfVrHOs7zYk=; b=B/WfKTOq00X9SCh/5jH4gWFXqG3uy0stmylsUwGx7hkc4jczI5GLOPEtbutF6uFsW/ GRP3uM9FhXbV4fJhC92lCesgjGO/7ZrogkYeuCFwSCpEPeXQjYE3MwJUSbRdI0Po4ttZ MKe0vpPciG0Qh4XkcYufdT4fahGMfqnnfiiPg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910967; x=1769515767; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=ssKNyiz0ZjrqhCBfTlWsXYUT9yH9KEVoJfVrHOs7zYk=; b=ulE+QQWVjEOzPgAFQ+EM3jh+oC+hESvl3NWoLQg+D7tcmhGvii23myLqbr0iNXZbzR CyTJMpj4e3VZ1vCbEg0IwJ7Xrmi5qqnzekQv8QzrsiBIB+rVYsjJ0PxIm+RZGhW+sTk9 hy3OmLBqkU+R6NmbjQjYkaOxG6Ve8PoyyMift48ghwl+8056gLrXQxtdYrPq+CFONxtI gXIXn7eMlmjAMa71BSLw2Hc0wmAD+w4qrQZ5PTWsX1Qc7YP8Bofs6YUe14IOV1geK8SZ YK0sS0Bub0wrKzZYQxRZHhqAZKGPWkpV3jM7sohB+bj9PDtJy5TL1s8QoVV+DEwKHK7u YI0Q== X-Gm-Message-State: AOJu0Yz8LWYIsb12/udkOzBUcst38SInFZJgI5f/m2TsI7eaBp/esuXr a/wjwROWuRk2OhHZoaQlKvoklHuH6/hOzPq89K71ciFXMcHxns4epoYs6f2wGw9OIlaBUOMhnJR zvZi3 X-Gm-Gg: AZuq6aK8NhwWijMCOrbmKBMcoLqPCw5PVOsFkX0wDWcV+tZfdG8PNRmCTGeIAkP2aTE rjw3HA5zOZ0iQWvJKV3toEcRK7oqzanlpnnxFLgC3Jru2w1FegGQDQUM1oQ9nqIIM8mAHG4039H jKwJPO6Ob3Jf7PQvhfyBZcocAnyfYSLV9DIoI2LDpFGkL97jtJCM81jiZclYByTPq1QkBHKUruo 3Nan/dFV3NBt88TgJGHzY+zdR2szHqAeCAqj19dK6FowRHGe5AFOhmcnbhXDfVO87KCmZJ0j3kx x5fqwArFNV4+//FswWuUgZ2iQ0iVEQF1s/OywtT2w4dafmyYteCwnRVMgqXYkW5E/9LeltWeRwN BBgD9AXEMg8PJptCm/mbyBeWXhI0RjgYllRqI0m179o3gN22p/zb02SVY0pAfjfV2ewJAFnMeXW Y+C/loZq5nEFl6PulIATlatxFtE0wdGh3OHH+cgHbd71Jlv9QowSUr2/D/VhIGQPmsFFb9Vb9yD GsTLveKKKpvR0ZWIZKPow== X-Received: by 2002:a05:6000:1a8e:b0:430:f463:b6ac with SMTP id ffacd0b85a97d-4358ff300a5mr2370412f8f.44.1768910966575; Tue, 20 Jan 2026 04:09:26 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.26 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:26 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 21/22] pseudo: Update to pull in openat2 and efault return code changes Date: Tue, 20 Jan 2026 13:08:35 +0100 Message-ID: <8e7ac4224ca7d271c6ee4e06700f8c8af7ef753b.1768910519.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:35 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229699 From: Richard Purdie Pulls in the following fixes: * makewrappers: Enable a new efault option * ports/linux/openat2: Add dummy wrapper * test-syscall: Add a syscall test * ports/linux/pseudo_wrappers: Avoid openat2 usage via syscall which should fix issues with the tar CVE fix on Centos/Alma/Rocky 9 distros that uses openat2 as well as the efault issue breaking rust based uutils. Signed-off-by: Richard Purdie (cherry picked from commit 51f1388dd1679a28ec3ca468cf16aa0ea32bccf9) Signed-off-by: Yoann Congal --- meta/recipes-devtools/pseudo/pseudo_git.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-devtools/pseudo/pseudo_git.bb b/meta/recipes-devtools/pseudo/pseudo_git.bb index 87730511a9..19da3d4e08 100644 --- a/meta/recipes-devtools/pseudo/pseudo_git.bb +++ b/meta/recipes-devtools/pseudo/pseudo_git.bb @@ -12,7 +12,7 @@ SRC_URI:append:class-nativesdk = " \ file://older-glibc-symbols.patch" SRC_URI[prebuilt.sha256sum] = "ed9f456856e9d86359f169f46a70ad7be4190d6040282b84c8d97b99072485aa" -SRCREV = "d1db9c219abf92f15303486a409292237f1fc790" +SRCREV = "9ce8c09980af23ebd4ebf072010469882d0459a6" S = "${WORKDIR}/git" PV = "1.9.2+git" From patchwork Tue Jan 20 12:08:36 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 79178 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 40EF3D2ED12 for ; Tue, 20 Jan 2026 12:09:35 +0000 (UTC) Received: from mail-wr1-f53.google.com (mail-wr1-f53.google.com [209.85.221.53]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.5036.1768910969439376007 for ; Tue, 20 Jan 2026 04:09:29 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=geyXALQL; spf=pass (domain: smile.fr, ip: 209.85.221.53, mailfrom: yoann.congal@smile.fr) Received: by mail-wr1-f53.google.com with SMTP id ffacd0b85a97d-432d28870ddso2925347f8f.3 for ; Tue, 20 Jan 2026 04:09:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1768910968; x=1769515768; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=XCC8XFgDP8Y6TuusrjN86nJ8/jzfdj1ZtX+Y3Hg7g2M=; b=geyXALQLr1r+HZyplc+qP22ku+5R/DLsAI3tZD8uNnMOm4BpUSug82n16GdXt14/6C phey8mCp7Z3DiwjwiLe7XEjl61B9MYHwhgjD4Eh/WWnjXb7GnOLJD3+oN4aotEg1Iuao //6gguL/XMKfMZmPQTuHaUy3DOyVjfKiBkaWI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768910968; x=1769515768; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=XCC8XFgDP8Y6TuusrjN86nJ8/jzfdj1ZtX+Y3Hg7g2M=; b=sajEJX6kngeAAyVjCAk5r4t1NXR9mMUQmjlK5DAtpPlLSLxur1GyAE6BrwuIUZSuIn 5x7H6mAVk0NGgao/vs3vwN4SQPwh0E4N0SjMzRfPNgfgwayQ4wOl+mdzGscfMCq746Uk XnbI+Y/ZolMLAoxmaWcnJoWbqyxH6LgCrZ/Gurp1z6EIZgVFZTSSLxNVKqs5pBxs4s6P R3qPYbGI1cooJOcVNSPHJV1wnhzfkPRXBJKL4XXJZ4EJebQbtnOIHRj7y9Rs2ZG4C+Aa bS+AAISBr7XhVOS8fYsiTMUCHTfaJZqV0BOA9Oz2KXrv68NT4gy9YRJutevVLebm3TpX sR/w== X-Gm-Message-State: AOJu0Yzksk0ZIRA04fNkHEDH+KaQcwFjapc8MO4yHcCva2Pcen1KLxzh +0ZlzZkSgYat/0Qko4eJ5mpRmUZpgHE+/6Zt/omSZ3WFnuToD8fBtqvE2FdPhuQlTKduZfapUcG TdKhP X-Gm-Gg: AZuq6aL0Np2+ZtU3oD6hlGoDJDQqI90DfOTxUrQ0oQDlOtz/bUu9bwNCEtQHqabItIz bVL1Sc4GZ1tYejExrW3HBCp5Dd4diMrD9KAMQJBUcTHLM5KpmZGUusCHH/cdtb4haMkzO3FPbgC JhnoSQodvTlxebxWcYKXakXAv9rm+dCqSFWrAsWoOAqS7np1t4x0H5PBhy51NXno4D0P/GB85Le GekMOyN490q01s3DXa1Fn7Q7aQ4PzWBER+DKwHtGwlORyAhc8pWMRFsXsLP+XREEE/0j/nZo6Ls Vv0l6tekAXnGgKfkyHon1bmZbiTmap/WF0b8ObIugFOZfUYEiWZwC0Jfel4t1bZpeLtSscLDrFi GzTfxjHTyrjtke2Cp0/dzjhkt13n2Wa38GUAJD6LGYDfy4CNq2EnMOs4z0nNwcv52vrLhQURnzZ 5XsOPVcKQdFwDo93WqcHbvSOEOvfdjMxzMaQ64e1huQwh9N9lGkao/0spYLFQU6plvLG6MJVHSF ZUFw+MAYYuO3LSwpTrc4I4nhRPluQTS X-Received: by 2002:a5d:64c3:0:b0:42b:3131:5437 with SMTP id ffacd0b85a97d-43569bc17f6mr16765166f8f.34.1768910967619; Tue, 20 Jan 2026 04:09:27 -0800 (PST) Received: from FRSMI25-LASER.idf.intranet (static-css-ccs-204145.business.bouyguestelecom.com. [176.157.204.145]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43569927007sm28916097f8f.16.2026.01.20.04.09.26 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Jan 2026 04:09:26 -0800 (PST) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 22/22] pseudo: Update to pull in 'makewrappers: Fix EFAULT implementation' Date: Tue, 20 Jan 2026 13:08:36 +0100 Message-ID: <199c6518f5e363a2d8648bdfe14233afd9b0ba6e.1768910519.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 20 Jan 2026 12:09:35 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/229700 From: Richard Purdie The pseudo update was causing hangs in builds, pull in the fix. Signed-off-by: Richard Purdie (cherry picked from commit 8acdbefd0a148c8b7713f46066ae8489984c5d2d) Signed-off-by: Yoann Congal --- meta/recipes-devtools/pseudo/pseudo_git.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-devtools/pseudo/pseudo_git.bb b/meta/recipes-devtools/pseudo/pseudo_git.bb index 19da3d4e08..c78f1ab724 100644 --- a/meta/recipes-devtools/pseudo/pseudo_git.bb +++ b/meta/recipes-devtools/pseudo/pseudo_git.bb @@ -12,7 +12,7 @@ SRC_URI:append:class-nativesdk = " \ file://older-glibc-symbols.patch" SRC_URI[prebuilt.sha256sum] = "ed9f456856e9d86359f169f46a70ad7be4190d6040282b84c8d97b99072485aa" -SRCREV = "9ce8c09980af23ebd4ebf072010469882d0459a6" +SRCREV = "125b020dd2bc46baa37a80784704e382732357b4" S = "${WORKDIR}/git" PV = "1.9.2+git"