From patchwork Tue Apr 7 07:13:09 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 85396 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id E437EEDB7DB for ; Tue, 7 Apr 2026 07:13:57 +0000 (UTC) Received: from mail-wm1-f53.google.com (mail-wm1-f53.google.com [209.85.128.53]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.75676.1775546024629933860 for ; Tue, 07 Apr 2026 00:13:45 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=kv3WEJMd; spf=pass (domain: smile.fr, ip: 209.85.128.53, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f53.google.com with SMTP id 5b1f17b1804b1-488a14c31eeso20795785e9.0 for ; Tue, 07 Apr 2026 00:13:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1775546023; x=1776150823; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=1ym6+A4JCVPCh2T4oIKQtV7Mrbzbqe03UJK+amU/8q8=; b=kv3WEJMdmGa+S7ajoJXVoAAQnZWHzS2y9I+R3l0P7LmMOKDB9x/5Vl8MlpCC5Rwjx6 5gsCJtZoYfpjqCle/spL6yLlnp8hRu5KQ7OPGODXrUC0gS3URco9pgh4SalIppVUVwb/ RgBjWD9AbAvOrICoE8aA1GYHnUahX9q9/zckg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775546023; x=1776150823; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=1ym6+A4JCVPCh2T4oIKQtV7Mrbzbqe03UJK+amU/8q8=; b=P7Vn97nDv+yzn/FVUdbYMMf7IFopboV7V3G/PCoPbv2fDMgW+Chy8csjSZupT82xiZ RF9vsD1XjwPLgpz9+QhUXv3ORIz3jIQaplfbH1w3ui8lTnZHtutjEsKfp5jti1hYHtdL 3w0qCyxEer02Ynjb4F8ykLdtgz0lRyvYQ7KVGDVGds8h8PFMWBghNvrnPltsngcKyo4L gKaRuB8e5H525x8DAFhC0llzxq5qz0r4A82xSSF9vvgw5M9TibGl8D9qfktBmm8yY+F4 txNJLnajE1lLEru2Hd50DC88mkbCJTw5o8Dk1wu+Gt8y8HTS14gYWE51HpSH6YdUedgJ 397Q== X-Gm-Message-State: AOJu0YxTKRwe/f8DjRoS08MdnfuRe0LLye2wx7OaR36QlG/YEzZ/Ox/V 2tVn4rOYcubCGptGNSyR3OM+ISBimTPVs90k6hshyd35iYSzZW49Efi0rkpch8RoXomW74X43KL wS+NkZiU= X-Gm-Gg: AeBDievWOlu0ey3ceG3A1cmRDcXpchAF+bG1e4ncaGcr2SJvWYsNJrcCiSyl7Ysdk9A mbg3Y9YFrouZuPmm8AkXL5OEhvNdbiUlciRWp8IS4TGzjdYxUoyFN8nkluhPAqkqol2KGoWvXhJ O8+krytZGwHR0xgfxP/C3CyjLG6/4O90NzN//gEfpGGUjpG+FmplsAvfbcLnit+B/rXXDsr0P/R iPXCf6PPpsF5L9ir4cNIVWaWeKBQVLefPxHxa9jO92ZVNIP3T53yCRydW800hsJG3WcZm6nih0S yoNF/UXjnClrdUrp5OsSGeixVFJFGo0XtczF5/12eK75YQaHgRxRyuD7O07dPqhY5oYQcB/z5Jc n/GEcIA+2WKY8HfCc81tUf2wxzCUDtT6SB+GX+8bmtuDGNcxu5QBbe/JGu3ezG/SSTOYvC4NdxK RVeIICX4zO9tez81JpVh5j/I5kFvGlvxyCnYX65zx+BRtYV8Fkbb79fWTyhp3c3XmgM5KVCzYKf Q8Hles+fmPH0cKa1h7bChmdlt0= X-Received: by 2002:a05:600c:4593:b0:488:7a24:9ddf with SMTP id 5b1f17b1804b1-488997dfafbmr230065215e9.28.1775546022545; Tue, 07 Apr 2026 00:13:42 -0700 (PDT) Received: from FRSMI25-LASER.home (2a01cb001331aa00a2e4fb7b0d887544.ipv6.abo.wanadoo.fr. [2a01:cb00:1331:aa00:a2e4:fb7b:d88:7544]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48899d0fc00sm156364925e9.4.2026.04.07.00.13.42 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2026 00:13:42 -0700 (PDT) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone v2 01/18] linux-yocto/5.15: update to v5.15.200 Date: Tue, 7 Apr 2026 09:13:09 +0200 Message-ID: <0ebdf9563aa64a1b9d8c6ae6fbd701de8178fa8b.1775545489.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 07 Apr 2026 07:13:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/234705 From: Bruce Ashfield Updating linux-yocto/5.15 to the latest korg -stable release that comprises the following commits: e45d5d41c1343 Linux 5.15.200 7ca5540ba6239 riscv: Replace function-like macro by static inline function cbae610ca9e27 nvmet-tcp: pass iov_len instead of sg->length to bvec_set_page() 6a04dc650cef8 spi: tegra: Fix a memory leak in tegra_slink_probe() c7a02a814dc51 spi: tegra210-quad: Protect curr_xfer clearing in tegra_qspi_non_combined_seq_xfer 9fa4262a80f75 spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer 55dfe2687a496 spi: tegra210-quad: Protect curr_xfer assignment in tegra_qspi_setup_transfer_one eebd79beb268c spi: tegra210-quad: Move curr_xfer read inside spinlock 4f9e7de7a6b8f spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed transfer b34289505180a iommu: disable SVA when CONFIG_X86 is set 1ecf6dc2676ea Bluetooth: hci_event: call disconnect callback before deleting conn 214b85b9b7187 gve: Correct ethtool rx_dropped calculation 9d93332397405 gve: Fix stats report corruption on queue count change 8aa1b0bc65967 tracing: Fix ftrace event field alignments c3c5cfa3170c0 gfs2: Fix NULL pointer dereference in gfs2_log_flush 343fe375a8dd6 hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() be6d98766ac95 riscv: uprobes: Add missing fence.i after building the XOL buffer d7ead65126504 ASoC: amd: fix memory leak in acp3x pdm dma ops 42afe8ed8ad2d nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec 4c09184f08ce6 nvmet-tcp: don't map pages which can't come from HIGHMEM 15e329ce1a957 nvmet-tcp: fix regression in data_digest calculation 1a5c3c99efa11 nvmet-tcp: fix memory leak when performing a controller reset 367fd132df419 nvmet-tcp: add an helper to free the cmd buffers 8c760ba4e36c7 netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() 166f29d4af575 hwmon: (occ) Mark occ_init_attribute() as __printf 3f531122a5801 tipc: use kfree_sensitive() for session key material 5dae6b36a7cb7 macvlan: fix error recovery in macvlan_common_newlink() 77611cab5bdff dpaa2-switch: add bounds check for if_id in IRQ handler 01fbca1e93ec3 net: liquidio: Fix off-by-one error in VF setup_nic_devices() cleanup d86c58eb005eb net: liquidio: Fix off-by-one error in PF setup_nic_devices() cleanup c81a8515fb8c8 net: liquidio: Initialize netdev pointer before queue setup 2fcccca88456b dpaa2-switch: prevent ZERO_SIZE_PTR dereference when num_ifs is zero c01cc6fe06cf2 platform/x86: intel_telemetry: Fix PSS event register mask 5bce10f0f9435 platform/x86: toshiba_haps: Fix memory leaks in add/remove routines 193f087207ad8 wifi: mac80211: don't increment crypto_tx_tailroom_needed_cnt twice 8518f072fc929 scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() fd8b090017330 scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() c85c9de39cd5d wifi: cfg80211: Fix bitrate calculation overflow for HE rates 15e9607df7925 ASoC: tlv320adcx140: Propagate error codes during probe 1525f1068295f ASoC: davinci-evm: Fix reference leak in davinci_evm_probe 536238ba39829 wifi: mac80211: collect station statistics earlier when disconnect 6e4cc9e399952 ring-buffer: Avoid softlockup in ring_buffer_resize() during memory free 16c2ca35257ed HID: Apply quirk HID_QUIRK_ALWAYS_POLL to Edifier QR30 (2d99:a101) 04485e691d8ca HID: quirks: Add another Chicony HP 5MP Cameras to hid_ignore_list 67e06e8a77c1a netfilter: replace -EEXIST with -EBUSY e9aefab3b7eb4 ALSA: hda/realtek: add HP Laptop 15s-eq1xxx mute LED quirk 2d8af4db1f209 HID: playstation: Center initial joystick axes to prevent spurious events d21497331b967 HID: intel-ish-hid: Reset enum_devices_done before enumeration d5cce2ec0e985 HID: multitouch: add MT_QUIRK_STICKY_FINGERS to MT_CLS_VTL a2c68e256fb7a smb/server: call ksmbd_session_rpc_close() on error path in create_smb2_pipe() e5dd6a58a52d5 block,bfq: fix aux stat accumulation destination 64240689acff8 net: usb: sr9700: support devices with virtual driver CD cd89a4656c03f wifi: wlcore: ensure skb headroom before skb_push b04c75366a547 wifi: mac80211: ocb: skip rx_no_sta when interface is not joined 9a6cdfd7b6aaa binderfs: fix ida_alloc_max() upper bound ba43ac025c431 timers: Fix NULL function pointer race in timer_shutdown_sync() f24f9ea7d69ef Bluetooth: hci_qca: Fix the teardown problem for real e7f1ca8ea41ab timers: Update the documentation to reflect on the new timer_shutdown() API 36bdfa51a1ad7 timers: Provide timer_shutdown[_sync]() debbcf812d735 timers: Add shutdown mechanism to the internal functions 21ca3ee3f6faa timers: Split [try_to_]del_timer[_sync]() to prepare for shutdown mode a7035e7d720f8 timers: Silently ignore timers with a NULL function e45a52685b335 Documentation: Replace del_timer/del_timer_sync() 29d5751350cdf timers: Rename del_timer() to timer_delete() a431c4c27ee05 timers: Replace BUG_ON()s d2736470196f2 timers: Get rid of del_singleshot_timer_sync() 9b78a3b948bb6 clocksource/drivers/sp804: Do not use timer namespace for timer_shutdown() function a97b47fed39d9 clocksource/drivers/arm_arch_timer: Do not use timer namespace for timer_shutdown() function b03eb334c42ea ARM: spear: Do not use timer namespace for timer_shutdown() function 7bcf91585f3b1 Documentation: Remove bogus claim about del_timer_sync() 4abccfb61f422 netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX d6ae339f18099 mm/kfence: randomize the freelist on initialization 2284bc168b148 KVM: Don't clobber irqfd routing type when deassigning irqfd a550cc2564cab ARM: 9468/1: fix memset64() on big-endian 5928ca551e361 rbd: check for EOD after exclusive lock is ensured to be held 446d7283cffa5 platform/x86: intel_telemetry: Fix swapped arrays in PSS output 674ebe2d6fe59 x86/kfence: fix booting on 32bit non-PAE systems Signed-off-by: Bruce Ashfield Signed-off-by: Yoann Congal --- .../linux/linux-yocto-rt_5.15.bb | 6 ++--- .../linux/linux-yocto-tiny_5.15.bb | 6 ++--- meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +++++++++---------- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb index e23c8bf88ab..526f3c64b7d 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "27c8048897d9d7ff1ed6d2643cbc024eb13ae342" -SRCREV_meta ?= "78eca082b68ad521c3bb9a1f9f0325e044045f18" +SRCREV_machine ?= "671f06e26c741b7d55d8afcc30e64f1480cec166" +SRCREV_meta ?= "b75d71b7f2455467f2260d514040ccb44d4bdda5" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.15.199" +LINUX_VERSION ?= "5.15.200" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb index 21233285b57..1eeda2e22ca 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb @@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.15.199" +LINUX_VERSION ?= "5.15.200" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine ?= "7b20eb2129d25bb2a1cb963d30c2f3adb1e144b3" -SRCREV_meta ?= "78eca082b68ad521c3bb9a1f9f0325e044045f18" +SRCREV_machine ?= "0d4112b87ce7dd038dc712ef616c0b6dd333c786" +SRCREV_meta ?= "b75d71b7f2455467f2260d514040ccb44d4bdda5" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb index 861af0041af..5f8bfba396e 100644 --- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb @@ -14,24 +14,24 @@ KBRANCH:qemux86 ?= "v5.15/standard/base" KBRANCH:qemux86-64 ?= "v5.15/standard/base" KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "0ea8d4a7d24642475c1d1e0d8be44976600eb630" -SRCREV_machine:qemuarm64 ?= "33aae9ebda82736fc0246e4d2bd7967bb7ef492a" -SRCREV_machine:qemumips ?= "0d159686c17443503bc7b59f25b5129c8543193d" -SRCREV_machine:qemuppc ?= "c8e213f83bae4792c1042bdcedd46fa60963c69b" -SRCREV_machine:qemuriscv64 ?= "e7bbf58a0f6828ffb92109eb423eb3d1327f091a" -SRCREV_machine:qemuriscv32 ?= "e7bbf58a0f6828ffb92109eb423eb3d1327f091a" -SRCREV_machine:qemux86 ?= "e7bbf58a0f6828ffb92109eb423eb3d1327f091a" -SRCREV_machine:qemux86-64 ?= "e7bbf58a0f6828ffb92109eb423eb3d1327f091a" -SRCREV_machine:qemumips64 ?= "58c96e47bbd784e078e265426b9276bad2bb7e22" -SRCREV_machine ?= "e7bbf58a0f6828ffb92109eb423eb3d1327f091a" -SRCREV_meta ?= "78eca082b68ad521c3bb9a1f9f0325e044045f18" +SRCREV_machine:qemuarm ?= "44b7b6bdfaab20ab51f175aeb0df8c27791cc40d" +SRCREV_machine:qemuarm64 ?= "d67ad97cb5d6a51184bd61853e3af7e044c7f1d4" +SRCREV_machine:qemumips ?= "94fe5264de5b6ba6a5fab53b3f2283e36033e373" +SRCREV_machine:qemuppc ?= "a065262f1076ca606ea8229f84b23c10be2680e7" +SRCREV_machine:qemuriscv64 ?= "af4baa923d4f04a259e3199e9e63d9415bdf3e3a" +SRCREV_machine:qemuriscv32 ?= "af4baa923d4f04a259e3199e9e63d9415bdf3e3a" +SRCREV_machine:qemux86 ?= "af4baa923d4f04a259e3199e9e63d9415bdf3e3a" +SRCREV_machine:qemux86-64 ?= "af4baa923d4f04a259e3199e9e63d9415bdf3e3a" +SRCREV_machine:qemumips64 ?= "00831bab13b4320ee27e4ddc72b55542bfe75ec8" +SRCREV_machine ?= "af4baa923d4f04a259e3199e9e63d9415bdf3e3a" +SRCREV_meta ?= "b75d71b7f2455467f2260d514040ccb44d4bdda5" # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll # get the /base branch, which is pure upstream -stable, and the same # meta SRCREV as the linux-yocto-standard builds. Select your version using the # normal PREFERRED_VERSION settings. BBCLASSEXTEND = "devupstream:target" -SRCREV_machine:class-devupstream ?= "7b232985052fcf6a78bf0f965aa4241c0678c2ba" +SRCREV_machine:class-devupstream ?= "e45d5d41c1343aad8c7587a5b15d58e99aff4c8a" PN:class-devupstream = "linux-yocto-upstream" KBRANCH:class-devupstream = "v5.15/base" @@ -39,7 +39,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.15.199" +LINUX_VERSION ?= "5.15.200" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" From patchwork Tue Apr 7 07:13:10 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 85400 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B7B23EDB7D8 for ; Tue, 7 Apr 2026 07:13:57 +0000 (UTC) Received: from mail-wm1-f46.google.com (mail-wm1-f46.google.com [209.85.128.46]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.75677.1775546025229079441 for ; Tue, 07 Apr 2026 00:13:45 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=lOF7tYu1; spf=pass (domain: smile.fr, ip: 209.85.128.46, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f46.google.com with SMTP id 5b1f17b1804b1-48896199cbaso40723245e9.1 for ; Tue, 07 Apr 2026 00:13:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1775546023; x=1776150823; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=+yR9Dh3QlptEbmJEZasIQsqijuqDXfBH6Jm1XCMvk/I=; b=lOF7tYu1i37UpX2w+XJiOpdtP1e9IzvzRkIOsgmSqyXivKkRD8ry3x45HTdIdW6EsD 7AHHAUh9b/ZCuyJ1M7klRBrjf1MIcC9T//kBtoLoGiC6Tr+7Q8wYCbRlLYQGGy68zn5B pMwYf5TGzPOgK9Xm9FT/HrLrxs8SaOt7FWvoY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775546023; x=1776150823; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=+yR9Dh3QlptEbmJEZasIQsqijuqDXfBH6Jm1XCMvk/I=; b=TJ16Et17hDHuIYsMsKwr0Cwb7rnI6IHnvWj8Lu847Ryt97LFETqkUrcUl9ccZYqRPd Yp+6WSahyEM7ssVy+a0g6mns/nUFRRp2g33RJHwwW4JQNceeIqKK16f7Qc4Z5QC0Prif EEPWMaKIL9yksF5+3g18z2Q2lqv3XcFTDxoE2ew2rOAlsRihSnfl1NuT7tANJRYjqco7 Fa2EGonNg21uYoDHajE8c+jiI2/1nEi9Tl4dWKINfjq0DU8OezZSVuVakOqpDzlGgiqT 58djOmLb2LDBMRrWTujP2QJhNeB+nrYnPB1eV52sGBydnoV2K1AAGYsYfdVH6OuTiWvY 6hZg== X-Gm-Message-State: AOJu0YyLPHYTD1my+h9pL6j99ana6ISx74/x2DvrRgsnQTPP/IRHHy14 PvNY/S2OKI7ARNijm8tLTDfkqKoZ8SXCtiLc1qhh4WdtZc47Wd8QOTPgeYPfwTIH+5s2aPh5OaL poIlZPwA= X-Gm-Gg: AeBDiesjcbqOzCWdQfCEGfF4HDIdcd+WA1kerd71mYlrHxN9mk+wMByxx3EO7F6pwpT ERDtwsah4WpiEyx5VE2x3vETT5Hj0cba0bAGnLG42uwDXDNgdyLZgicMSkDYxEbs1X+8J+vS9WH esTIw6Kb7C8ohhcpey/EvycJu+DCrKZMyclNESTYpn8Mpb4StSlu+nvloNdrhztWmM+T484z7K4 Rf3YVqqNwANAwj0oeY9eN3lyyalaP8r60iGTNthLIUFkoDn+sDthc6JG1TOxQoagn3COrEkLdVH AGk3gKTnjF4n6aylL8oBX/1wzvUsm/npuU1XiNczYdVacRPN1L4GpsuowibKPYiV5L7OYtkSvAq uSt3Qo30r4teKZKIY8If1Tj+k6xbuTK11JxHfa5RlkQb7MeCjbJQKOFIe+OcK5LlZ+VDp0P95PV sbBU3htowpn5YVFwlacSrzwaVnSpt9HEwFv1wleCuBJN9xrt8ZG3xlqKBNQs4UrDdOtUxelWCaH 0pn+YuCCmN8MPNSHGqVlBMRi9Q= X-Received: by 2002:a05:600c:8592:b0:485:5981:1423 with SMTP id 5b1f17b1804b1-488996b04e7mr145537665e9.3.1775546023222; Tue, 07 Apr 2026 00:13:43 -0700 (PDT) Received: from FRSMI25-LASER.home (2a01cb001331aa00a2e4fb7b0d887544.ipv6.abo.wanadoo.fr. [2a01:cb00:1331:aa00:a2e4:fb7b:d88:7544]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48899d0fc00sm156364925e9.4.2026.04.07.00.13.42 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2026 00:13:42 -0700 (PDT) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone v2 02/18] linux-yocto/5.15: update to v5.15.201 Date: Tue, 7 Apr 2026 09:13:10 +0200 Message-ID: <65c5b6d33aa81de3e85452a1c1e4395e49addcca.1775545489.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 07 Apr 2026 07:13:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/234706 From: Bruce Ashfield Updating linux-yocto/5.15 to the latest korg -stable release that comprises the following commits: 3330a8d33e08 Linux 5.15.201 cfd5eadd051a USB: serial: option: add Telit FN920C04 RNDIS compositions 438a405fbad6 f2fs: fix out-of-bounds access in sysfs attribute read/write 2f67ff1e15a8 f2fs: fix to avoid UAF in f2fs_write_end_io() 6167af934f95 fbdev: smscufx: properly copy ioctl memory to kernelspace 52916878db2b fbdev: rivafb: fix divide error in nv3_arb() fa9fb38f5fe9 PCI: endpoint: Avoid creating sub-groups asynchronously 7036aff5a5e8 PCI: endpoint: Remove unused field in struct pci_epf_group 8055827352b7 PCI: endpoint: Automatically create a function specific attributes group b74408de1f22 scsi: qla2xxx: Free sp in error path to fix system crash 794563147038 scsi: qla2xxx: Reduce fabric scan duplicate code 23507a811081 scsi: qla2xxx: Remove dead code (GNN ID) da9939b1ed8b scsi: qla2xxx: Use named initializers for port_[d]state_str f2bbb4db0e4a scsi: qla2xxx: Fix bsg_done() causing double free c71dfb7833db bus: fsl-mc: fix use-after-free in driver_override_show() 38770e103e4e bus: fsl-mc: Replace snprintf and sprintf with sysfs_emit in sysfs show functions 6dd2645cf080 smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection() dc5f09466448 crypto: virtio - Remove duplicated virtqueue_kick in virtio_crypto_skcipher_crypt_req 338d40bab283 mptcp: fix race in mptcp_pm_nl_flush_addrs_doit() ec7b6a042414 selftests: mptcp: pm: ensure unknown flags are ignored 51df5513cca6 net: dsa: free routing table on probe failure 4a6e4c56721a smb: client: set correct id, uid and cruid for multiuser automounts b0bb67385480 btrfs: fix racy bitfield write in btrfs_clear_space_info_full() cfdb22762f90 Revert "wireguard: device: enable threaded NAPI" 20c83788eafe gpiolib: acpi: Fix gpio count with string references 612ffe1f4f04 ASoC: fsl_xcvr: fix missing lock in fsl_xcvr_mode_put() ff96318c22fa platform/x86: panasonic-laptop: Fix sysfs group leak in error path af673209d43b platform/x86: classmate-laptop: Add missing NULL pointer checks 72f97ee4950d drm/tegra: hdmi: sor: Fix error: variable ā€˜jā€™ set but not used f2521ab1f63a romfs: check sb_set_blocksize() return value f14e997a372a gpio: sprd: Change sprd_gpio lock to raw_spin_lock 1fe2603fb171 ALSA: hda/realtek: Fix headset mic for TongFang X6AR55xU 86588916e188 gpio: omap: do not register driver in probe() 7e0b2cdbe660 scsi: qla2xxx: Query FW again before proceeding with login 891f9969a29e scsi: qla2xxx: Delay module unload while fabric scan in progress a46f81c1e627 scsi: qla2xxx: Validate sp before freeing associated memory ba18e5f22f26 nilfs2: Fix potential block overflow that cause system hang 8ee8ccfd60bf crypto: virtio - Add spinlock protection with virtqueue notification 31aff96a41ae crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly a60b17cedb44 crypto: octeontx - Fix length check to avoid truncation in ucode_load_store Signed-off-by: Bruce Ashfield Signed-off-by: Yoann Congal --- .../linux/linux-yocto-rt_5.15.bb | 4 ++-- .../linux/linux-yocto-tiny_5.15.bb | 4 ++-- meta/recipes-kernel/linux/linux-yocto_5.15.bb | 24 +++++++++---------- 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb index 526f3c64b7d..ea763ce9aa1 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "671f06e26c741b7d55d8afcc30e64f1480cec166" +SRCREV_machine ?= "46e4e1200a4fa889438a2cc62151bb7f1057421a" SRCREV_meta ?= "b75d71b7f2455467f2260d514040ccb44d4bdda5" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.15.200" +LINUX_VERSION ?= "5.15.201" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb index 1eeda2e22ca..56853f481fa 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb @@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.15.200" +LINUX_VERSION ?= "5.15.201" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -14,7 +14,7 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine ?= "0d4112b87ce7dd038dc712ef616c0b6dd333c786" +SRCREV_machine ?= "5ae014d6b48449ae38584cc174ef362f6582a8fc" SRCREV_meta ?= "b75d71b7f2455467f2260d514040ccb44d4bdda5" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb index 5f8bfba396e..176d17e5736 100644 --- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb @@ -14,16 +14,16 @@ KBRANCH:qemux86 ?= "v5.15/standard/base" KBRANCH:qemux86-64 ?= "v5.15/standard/base" KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "44b7b6bdfaab20ab51f175aeb0df8c27791cc40d" -SRCREV_machine:qemuarm64 ?= "d67ad97cb5d6a51184bd61853e3af7e044c7f1d4" -SRCREV_machine:qemumips ?= "94fe5264de5b6ba6a5fab53b3f2283e36033e373" -SRCREV_machine:qemuppc ?= "a065262f1076ca606ea8229f84b23c10be2680e7" -SRCREV_machine:qemuriscv64 ?= "af4baa923d4f04a259e3199e9e63d9415bdf3e3a" -SRCREV_machine:qemuriscv32 ?= "af4baa923d4f04a259e3199e9e63d9415bdf3e3a" -SRCREV_machine:qemux86 ?= "af4baa923d4f04a259e3199e9e63d9415bdf3e3a" -SRCREV_machine:qemux86-64 ?= "af4baa923d4f04a259e3199e9e63d9415bdf3e3a" -SRCREV_machine:qemumips64 ?= "00831bab13b4320ee27e4ddc72b55542bfe75ec8" -SRCREV_machine ?= "af4baa923d4f04a259e3199e9e63d9415bdf3e3a" +SRCREV_machine:qemuarm ?= "9750e854c9e92d55a2cb042c5ce72e712b24217d" +SRCREV_machine:qemuarm64 ?= "8634ca1dd87be9b55bd383dc8636b73b82a28051" +SRCREV_machine:qemumips ?= "54eca1788efd507120c9dc08681a6a31038513a1" +SRCREV_machine:qemuppc ?= "3a3a4ecdcebb4d3deaa8b5c4ec3e167d5f31305c" +SRCREV_machine:qemuriscv64 ?= "b5ccd2e275c9b68e5dc564b6febeaae8dda42bc5" +SRCREV_machine:qemuriscv32 ?= "b5ccd2e275c9b68e5dc564b6febeaae8dda42bc5" +SRCREV_machine:qemux86 ?= "b5ccd2e275c9b68e5dc564b6febeaae8dda42bc5" +SRCREV_machine:qemux86-64 ?= "b5ccd2e275c9b68e5dc564b6febeaae8dda42bc5" +SRCREV_machine:qemumips64 ?= "e643e82fef4b4352b8f6ddf802181526edc806ca" +SRCREV_machine ?= "b5ccd2e275c9b68e5dc564b6febeaae8dda42bc5" SRCREV_meta ?= "b75d71b7f2455467f2260d514040ccb44d4bdda5" # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll @@ -31,7 +31,7 @@ SRCREV_meta ?= "b75d71b7f2455467f2260d514040ccb44d4bdda5" # meta SRCREV as the linux-yocto-standard builds. Select your version using the # normal PREFERRED_VERSION settings. BBCLASSEXTEND = "devupstream:target" -SRCREV_machine:class-devupstream ?= "e45d5d41c1343aad8c7587a5b15d58e99aff4c8a" +SRCREV_machine:class-devupstream ?= "3330a8d33e086f76608bb4e80a3dc569d04a8814" PN:class-devupstream = "linux-yocto-upstream" KBRANCH:class-devupstream = "v5.15/base" @@ -39,7 +39,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.15.200" +LINUX_VERSION ?= "5.15.201" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" From patchwork Tue Apr 7 07:13:11 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 85395 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F2E8EEDB7DE for ; Tue, 7 Apr 2026 07:13:57 +0000 (UTC) Received: from mail-wm1-f53.google.com (mail-wm1-f53.google.com [209.85.128.53]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.75678.1775546025777870082 for ; Tue, 07 Apr 2026 00:13:46 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=SzXKfDDo; spf=pass (domain: smile.fr, ip: 209.85.128.53, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f53.google.com with SMTP id 5b1f17b1804b1-4887eca00c4so31465455e9.2 for ; Tue, 07 Apr 2026 00:13:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1775546024; x=1776150824; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=xFSjZKpY+ZOBlTnU1ZhWa2/FzL7hm+4wH1p530QQaSk=; b=SzXKfDDob/zR8q+HggZtgf4/VMCwuGhOk3QrexZohMeif1hIfS+at/ppSENv8PTedI pCr0AUwfRJWnPN/MUTXMdzpbrCCG09PZUpFqN+HqEVHHyP6EwnYhtDq+jzmS01eFjEHv wbYAynKMO1/Y8jaQj4aysfhlY61XB8h1ogr6M= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775546024; x=1776150824; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=xFSjZKpY+ZOBlTnU1ZhWa2/FzL7hm+4wH1p530QQaSk=; b=lYxF+p7lbjB1ZU9DFQ44UtFymNEg7CH4Bf/iEfvkieB2GSs+JDhI/F+HLzbu6264lT nkzh+C+ipx0HxaGAgjB8UE6NdQkBbsQhTan6b44SWItNKL31q5UI2rvidjtjZwjQ9ISH H3wUEj1pQuJItrSh5p3mPcbcijZ1lWXxevV1dxVhY3LutYUI2GiinlfcgWDIVqCZiFt9 hkcOkkujRK3LRcX/11ufxUd3Ph/R672+zv/3pG+NaAZNSUACeW7IQiy57QQ8jwlOqWLP 7h4QCbJrpp/EpCwm/9TgwJVoXKiJMYQVTwZCqRvWhAQppPu0uoBAANUpVBR322pXrXoZ KqnA== X-Gm-Message-State: AOJu0YyXtuUUZDhJ1A7wr1Y2ptuMxsCoBaYr2MS6Pxf7V3FvUPVJzPhL g2LrQSI5ILt+ESzxT0N1Gv5z9isNlmJMPmYXgdXEYHb33ivw7QZgPjO+qJ5DEA6nDuuvtWm1PJl LG9TDfAk= X-Gm-Gg: AeBDieuuE9tTBFlgtU6cqf34fbP7xcWUk8Edd9se509KJ3AS36rKyyvPnPt33v34m2D 1Ttj+lgaYgOUxZSPoVVjhJz7D3Sc6UhHu8BAHo/u/2hUF7kdlbZVyLqfRFTJJf57pfplAYceXqt XVZ86Gm3TZK6iLwIuzHfQtrYvjv3DiMwYQgCHyfGWPJwx7W1s7uZb6iDVE6HMWZo85/YwQW6Bmm 2KN5QW1xTT/McvmyvwxzXg2EPnmsM6e2YQNBgN75RfAUUCo8GniySRUj0kMgfvb/B4rvFm+nSlX nh1M0FLDRG6FcPUJ0u3fimnS1r567LrbqVVdA8gnsoRW1o+/W282P7eHj9ioMwYvQLXMJq3oY8h 8sE/HOlPpXnRo+Rs/tFxJ3hdxmk+VuqgUVUTcKcBHQVXRLrzPcOY/3dBgzzBb+jQ0aM/5pa6IwY XG4K34S1Jz9LOvsoRbg3Om/6WotfjkrREiIYb0MuirdtDGNnEuxLnnnbs0+Zu9Xy4W2YCMFRGkE 9yhfVurcxBFegTUWsMNvaj1Rxc= X-Received: by 2002:a05:600c:a404:b0:488:b749:8478 with SMTP id 5b1f17b1804b1-488b74988e4mr48722135e9.6.1775546023864; Tue, 07 Apr 2026 00:13:43 -0700 (PDT) Received: from FRSMI25-LASER.home (2a01cb001331aa00a2e4fb7b0d887544.ipv6.abo.wanadoo.fr. [2a01:cb00:1331:aa00:a2e4:fb7b:d88:7544]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48899d0fc00sm156364925e9.4.2026.04.07.00.13.43 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2026 00:13:43 -0700 (PDT) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone v2 03/18] create-pull-request: Keep commit hash to be pulled in cover email Date: Tue, 7 Apr 2026 09:13:11 +0200 Message-ID: <58138d386f1c221e87d2217bddc7e31d02cab58c.1775545489.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 07 Apr 2026 07:13:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/234707 From: Paul Barker The cover email mangling in create-pull-request was cutting off the actual commit hash to be pulled, making it difficult to verify that the changes a maintainer merges exactly match those intended by the pull request author. The extra lines we want to include are, for example from a recent whinlatter stable branch PR: for you to fetch changes up to 6c4c6d39ea3202d756acc13f8ce81b114a468541: cups: upgrade from 2.4.14 to 2.4.15 (2025-12-29 09:49:31 -0800) Signed-off-by: Paul Barker Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie (cherry picked from commit c78f5ae4a5ba3675b78cc226feb7b9fbbfd8da19) Signed-off-by: Fabien Thomas Signed-off-by: Yoann Congal --- scripts/create-pull-request | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/create-pull-request b/scripts/create-pull-request index 885105fab3d..5c4414ecd5f 100755 --- a/scripts/create-pull-request +++ b/scripts/create-pull-request @@ -219,7 +219,7 @@ fi # The cover letter already has a diffstat, remove it from the pull-msg # before inserting it. -sed -n "0,\#$REMOTE_URL# p" "$PM" | sed -i "/BLURB HERE/ r /dev/stdin" "$CL" +sed -n "0,\#^----------------------------------------------------------------# p" "$PM" | sed -i "/BLURB HERE/ r /dev/stdin" "$CL" rm "$PM" # If this is an RFC, make that clear in the cover letter From patchwork Tue Apr 7 07:13:12 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 85394 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 77FDFEDB7D1 for ; Tue, 7 Apr 2026 07:13:57 +0000 (UTC) Received: from mail-wm1-f46.google.com (mail-wm1-f46.google.com [209.85.128.46]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.75679.1775546026288806877 for ; Tue, 07 Apr 2026 00:13:46 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=Bpnpx3gB; spf=pass (domain: smile.fr, ip: 209.85.128.46, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f46.google.com with SMTP id 5b1f17b1804b1-488a14c31eeso20796025e9.0 for ; Tue, 07 Apr 2026 00:13:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1775546024; x=1776150824; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=aZXJksZ6cDyZy+zz8rFNmc7ug59d92x1hFHDvQgME1M=; b=Bpnpx3gB5gUV8IR5GDVumvfL/C008a9Kd15kJyyrGOFaxSYPOrj5Di6W7g2j5ECddL XEmB5sPjhVSoTmqJXZOgfDzZUaGaJXLCsjiIjkiFIH4cV6Wpt1W/+jaozKE7WnzaOsV2 eRv05Z4dNvULAjq5DuDT5XdsiZBeKMbRUVYww= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775546024; x=1776150824; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=aZXJksZ6cDyZy+zz8rFNmc7ug59d92x1hFHDvQgME1M=; b=X2oX3J4wL6abe9eSza5QU0umBprCiP9RExIFODcVY0C7ila5hLRXMnwHGHUCjf9059 HrC7FT1+2s+3Lq3Kx4/Y8Xz8RmMN8+PaNhEzPXU/k0jwlE+E2nYT+fLyCS6fJjQNOw0K vXPzs1OW/Z0AhDIobaoESKgEtzRENo8paG7HMNixN4j1lPwo4yLyl0QsKGEhGO97Oj20 NDZcOHZ1+++3noC7SiHob8vYavZECu14p/MfPL2jcgPCa1mCtQuRfehfGD6ql9Fz4mMC E0BTluEjG7nFz2ThyqJIBt5INV4J9u9g6lt4BtxTxlmTF4ssEAOlUFK+QB83Sjm5NBQs XsVQ== X-Gm-Message-State: AOJu0YwT7iVjdOb4rmAuRU6I+N0FBgRaTJfm012RUSWzldEn37Tw5am0 XmmXJyjsl+OSX+YvMyGsH3s+czIK4OHRS4C1E8+q5mN6vDmIhLmUPcPezl9ZtkL0zkDFLbHoXPN wH4G+1ls= X-Gm-Gg: AeBDievfGLugiKvAPXpTmc1OKisO3mk7ibSexi7BW5iLw/DNZ2xndXaKeTfbaYvNWOL kWkmIH0qgiMF53Gs0eUjsEdlvhw/yZG/CtZ4NiS+jG5Djxr5Bq9p5+kCANCiyLDMhxkpis0hb+t y0vGz7fW/hg7GEctiCdCRxEBlPv2kzRx2nQ5uDQOkdcWU0qWjVMYfpGE2M+WKJUEEdZRb8KFItp EiQ813FdvXziiMolG1W0CxAGvy4MguYxFQGERaGVGhAJ01MQibLFmqqTE6TcbgukV0SEFXtspWe UkUtjuld4TaSqS1TO4bgRqFkMsC70Jxmz5R/VNq8y8xO56oj5QfKFD04c6Y0cnGjDSq5s5EwF7y vfxlyotmUY93eSRYTcd1Wi85hMwHjCYiBWCBdd3whoEzy2aXNNEeWmaU77Oy/MIvBnMTNeumt0z 5RFpg6dF+an7a4bL3/U4I5TznJbAnhJETGRvulJYYhqH8XWDMMKqRadv3OllkZzD5HSY+JQnKRv IcdfBNETWrF67UnLRiDatFDJGg= X-Received: by 2002:a05:600c:6085:b0:488:b239:77ec with SMTP id 5b1f17b1804b1-488b2397962mr79075515e9.17.1775546024430; Tue, 07 Apr 2026 00:13:44 -0700 (PDT) Received: from FRSMI25-LASER.home (2a01cb001331aa00a2e4fb7b0d887544.ipv6.abo.wanadoo.fr. [2a01:cb00:1331:aa00:a2e4:fb7b:d88:7544]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48899d0fc00sm156364925e9.4.2026.04.07.00.13.43 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2026 00:13:44 -0700 (PDT) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone v2 04/18] README.OE-Core: update contributor links and add kirkstone prefix Date: Tue, 7 Apr 2026 09:13:12 +0200 Message-ID: <2e04debcb02caa9121a8f933c59fd69666a44fd8.1775545489.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 07 Apr 2026 07:13:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/234708 From: Fabien Thomas The current README points to an old Wiki page. Update this to the Yocto documentation. Additionally, add a helper command for git-send-email that includes the 'kirkstone' subject prefix to ensure patches are correctly identified by the maintainers and CI. Suggested-by: Yoann Congal Signed-off-by: Fabien Thomas Signed-off-by: Yoann Congal --- README.OE-Core.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/README.OE-Core.md b/README.OE-Core.md index 2f2127fb03a..8a724dd6d0a 100644 --- a/README.OE-Core.md +++ b/README.OE-Core.md @@ -16,9 +16,13 @@ which can be found at: Contributing ------------ -Please refer to -https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded -for guidelines on how to submit patches. +Please refer to our contributor guide here: https://docs.yoctoproject.org/dev/contributor-guide/ +for full details on how to submit changes. + +As a quick guide, patches should be sent to openembedded-core@lists.openembedded.org +The git command to do that would be: + + git send-email -M -1 --to openembedded-core@lists.openembedded.org --subject-prefix='kirkstone][PATCH' Mailing list: From patchwork Tue Apr 7 07:13:13 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 85385 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 63EC5EDB7C2 for ; Tue, 7 Apr 2026 07:13:56 +0000 (UTC) Received: from mail-wm1-f53.google.com (mail-wm1-f53.google.com [209.85.128.53]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.75566.1775546027146302108 for ; Tue, 07 Apr 2026 00:13:47 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=yJHiIetG; spf=pass (domain: smile.fr, ip: 209.85.128.53, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f53.google.com with SMTP id 5b1f17b1804b1-4838c15e3cbso35108555e9.3 for ; Tue, 07 Apr 2026 00:13:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1775546025; x=1776150825; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=CT90VZFAvpsWISE0hnXnwKX8/4gqB+DBOKG5HEgjKQY=; b=yJHiIetGsqGyhfDN4bX7HMkjca9/vtFZRzI9LxVNVeSeBeESqiW99TTezpaiKBGPLK tJDGkfihvCIPVvbLmvCkbAEPmlCTMiG6yjrlyYihp8eB8uL/c1iO8O3O3LpVPXN28yfY qwJJVN5NJSxN3XLQz9Re8oTkd8mN6mnMiC+MM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775546025; x=1776150825; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=CT90VZFAvpsWISE0hnXnwKX8/4gqB+DBOKG5HEgjKQY=; b=PL5/G0Pq3feiN7hkzUJfRDNEx4VgLAIoD8pfqmaVi9FFeZr77sczcuwpqwuLfjJ7nh L6RJLoH/W7SOGEvlB60yECt4DrFZSyPq9KK00rlLUpstAvd8F7bsB2VegxAmqWdtyd+s xL9BrCMjyV6/Lkg7lOT6gj/xWNUrRnfXmBNoblwcnidzfoTBYRIGzntkMZBN1/t4u1Mr Y72oKp02dts1Xmyfxn0x9yW57FSvDMmQJEgy56vs8x37KyMY0MKSzFWfTLZYOCZncyPp kQiDaxfd5vpG7IsexsNcJ1S6F9TasbRdcmns78UKjXVyXiL51O0zx7XTqMcN9N6xVY3I 5LQw== X-Gm-Message-State: AOJu0YykiCv6+0p180tqD8pCg+an2vG1qhTWQSyCGP8r67EOz1B7SQFD c+VJUb67NnG7Dp/q7H1Eo+ZQpOupijBsXRy4vPzQ6UiD8QByIg4fQqI385PrcVeNn8dizrqCuMI UZXwMgm0= X-Gm-Gg: AeBDiestv/Rbux1+TSLEg7U89IsNwgAnVtWmV6p2cr0g0h4oBQdwCv5yI7PlsEe9r9s qMeKMxdtLyXNg+/Org53o/DU9dJTWPsNWqd6UAXKix7j3I0ch6XAtIhYq6zvgEtRwLXOjpobL3U MNTnDJQ1k6T04f5il911AjZZ7mXDPlY/+W2N+Z/TNXEV0NqSkf7Ai5scUjZ8JzF2Aibc92XtTk/ GNXFZVMQHguGq/tyXEcu43HThaN0r/6v2y0Etl/Za5qKYxDlVO2Zi025j+8S9wlJhcfR6bcgboo zz6qydjYocx51QlNEoFvoXIF01/gNfVK1DHncFYKVgRNv1XJtTsN9MkjQRj7kCHvEma4tGmoo/h CXpC/hX4Cof2re3uL7qJCAxl402JfY69yEkPSGT7lmD7EFPtyk/qAysr0cDlw3v5cFakuTld4YY Pl2JqnfaHJF6DHoVy34cb09XFbopg7q+mVTUx36DdpwM/Gt1P38K91NjKA74AeAaWNlfxncmYGJ kXo/GID+vm/o25BUMroM5KHsh8= X-Received: by 2002:a05:600c:444c:b0:488:a977:8de with SMTP id 5b1f17b1804b1-488a9770d4amr124408645e9.16.1775546025330; Tue, 07 Apr 2026 00:13:45 -0700 (PDT) Received: from FRSMI25-LASER.home (2a01cb001331aa00a2e4fb7b0d887544.ipv6.abo.wanadoo.fr. [2a01:cb00:1331:aa00:a2e4:fb7b:d88:7544]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48899d0fc00sm156364925e9.4.2026.04.07.00.13.44 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2026 00:13:44 -0700 (PDT) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone v2 05/18] libtheora: mark CVE-2024-56431 as not vulnerable yet Date: Tue, 7 Apr 2026 09:13:13 +0200 Message-ID: X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 07 Apr 2026 07:13:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/234709 From: Peter Marko CVE patch [1] aplies only on main branch which is base for 1.2.x. Branch 1.1 has a different initial commit and does not contain vulnerable code where the CVE patch applies. Also Debian [2] marked 1.1 as not vulnerable. [1] https://gitlab.xiph.org/xiph/theora/-/commit/5665f86b8fd8345bb09469990e79221562ac204b [2] https://security-tracker.debian.org/tracker/CVE-2024-56431 Signed-off-by: Peter Marko Signed-off-by: Yoann Congal Signed-off-by: Paul Barker Picked from scarthgap commit 07f35d022b88ab4d297d0252f9909e252b7e4cfe Reworked from CVE_STATUS to CVE_CHECK_IGNORE Signed-off-by: Peter Marko Signed-off-by: Yoann Congal --- meta/recipes-multimedia/libtheora/libtheora_1.1.1.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-multimedia/libtheora/libtheora_1.1.1.bb b/meta/recipes-multimedia/libtheora/libtheora_1.1.1.bb index ad0be85559b..4066bb1513b 100644 --- a/meta/recipes-multimedia/libtheora/libtheora_1.1.1.bb +++ b/meta/recipes-multimedia/libtheora/libtheora_1.1.1.bb @@ -22,3 +22,6 @@ CVE_PRODUCT = "theora" inherit autotools pkgconfig EXTRA_OECONF = "--disable-examples" + +# fixed-version:branch 1.1 is not affected, vulnerable code is not present yet +CVE_CHECK_IGNORE += "CVE-2024-56431" From patchwork Tue Apr 7 07:13:14 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 85397 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 19AA4EDB7E0 for ; Tue, 7 Apr 2026 07:13:58 +0000 (UTC) Received: from mail-wm1-f49.google.com (mail-wm1-f49.google.com [209.85.128.49]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.75567.1775546028165077872 for ; Tue, 07 Apr 2026 00:13:48 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=EbZMb7nX; spf=pass (domain: smile.fr, ip: 209.85.128.49, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f49.google.com with SMTP id 5b1f17b1804b1-488a9033b2cso23288215e9.2 for ; Tue, 07 Apr 2026 00:13:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1775546026; x=1776150826; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=WBTX+qTNavn6kWq18ryoO1tzu8j0c9iwV7PD4ZfpRZY=; b=EbZMb7nXS0PCtseTq/egiBR6KdSNaaIqbtZBbqbs5onN/hrC4HVReY/624bJiG1HmN 6Y1DWOKUw5KRHE9qrrjQISS00a4eQJDbS98SKFb5sqJDjFtK7YUXUWbDU7XYx19cmr20 rGWy99L+OJ7AWal6dMp8VsZVzrfvmLR7Msx04= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775546026; x=1776150826; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=WBTX+qTNavn6kWq18ryoO1tzu8j0c9iwV7PD4ZfpRZY=; b=M3kGB449qnZdPd7X44+mpm7ukHhbaDjInLSDNgbVaIOE9frkZDCtqRYVS4edffk0mP de2XNC0r9uqgP0MNjAEqNSaO+2xRQin83itmGXLpBeDnUQVf83z6xOxtTAzFqCTCG+6U hpCccG3GoGYRmc7d6ljOPm/VJJZ7c4ZLHU36oY5ihd7EE5R8sqkyWPRhpwQtVYzvR41m QZANNqR+XuEjgDSP46gRvI+qdEhHTHMvDnoDGYk/Vq7zbJuiLHb/0AEojBZYtTg66c7V an1lwZZAkzXt8Or6QzNbvqGRQwN+g5kENrRMPua8WblUFbheaN/Gpee+669xBuspm+UY VGiw== X-Gm-Message-State: AOJu0YyamnNSzbKTgJVWTSIt1LTe07R/PwsiC/4GykBt1DpCX2lbzdGf BbTs8EyE0dEcXSRwjSsvrWEaCkVgV+feJqR4EeiqQ7BWSQ98L7qxQe4obpy9bdk11wb6ykhKdh2 8xni3Gc8= X-Gm-Gg: AeBDiev5KlSsfX7JeNH6CjycDS4hDuupHsGnlrvJBoW1ZYaIfJA9ck5aefmATbQeG6x MGNPwtRRzzvG08S1Gf3YHAQ/og0KXY4UxUA7hH70MWCVbOI9bYxLKgG2gHp1vd3Ld46JbYzqOYa LIccg4mLG8qOnX4Xf4x25JxmruaZDzVvXhfM5I4Yls51pWGk937eiuRQnKVDD5p1cC6RzvSlEU0 cnPUN2aDnTBAG6GwJc++LMXZgclnl7/3oxmBDrakxaLwp9sFPYBuHnyIDU17+g+/McKWIigeJtz Mq+WMSD5RlfVJfujsR/8yjxUmgFbFyMOxAVYhXaIwx6GsZMAoIfD6ehStLnr/OzPJVCIhP2Cpkd OKv5skP6Q5foL61AG7GDKXDUsgvIJR3nJWJ4ezNwuF7hiMyYUvvp4HarFVCn5POIk8pZO21S8Uu uOJ4tIL1vUwneyvGkJEkiupvGnBDopzFQtXIEPcj42puNn+l0r4/JDZbNSFPzlUzmBO6BmxTSKL LkLuXiBjnWnNXdZ71HtR81bomvkOxpjtsegkA== X-Received: by 2002:a05:600c:3546:b0:485:419c:4eba with SMTP id 5b1f17b1804b1-488996da17bmr216992805e9.1.1775546026195; Tue, 07 Apr 2026 00:13:46 -0700 (PDT) Received: from FRSMI25-LASER.home (2a01cb001331aa00a2e4fb7b0d887544.ipv6.abo.wanadoo.fr. [2a01:cb00:1331:aa00:a2e4:fb7b:d88:7544]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48899d0fc00sm156364925e9.4.2026.04.07.00.13.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2026 00:13:45 -0700 (PDT) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone v2 06/18] tzdata,tzcode-native: Upgrade 2025b -> 2025c Date: Tue, 7 Apr 2026 09:13:14 +0200 Message-ID: X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 07 Apr 2026 07:13:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/234710 From: Vijay Anusuri This release mostly changes code and commentary. The only changed data are leap second table expiration and pre-1976 time in Baja California. Full release notes: https://lists.iana.org/hyperkitty/list/tz-announce@iana.org/thread/TAGXKYLMAQRZRFTERQ33CEKOW7KRJVAK/ Signed-off-by: Paul Barker Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie (cherry picked from commit 452334219309793ad74abd6ff390dcb06cab929b) Signed-off-by: Vijay Anusuri Signed-off-by: Yoann Congal --- meta/recipes-extended/timezone/timezone.inc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/meta/recipes-extended/timezone/timezone.inc b/meta/recipes-extended/timezone/timezone.inc index bb81d77ccc5..1c08d4b1023 100644 --- a/meta/recipes-extended/timezone/timezone.inc +++ b/meta/recipes-extended/timezone/timezone.inc @@ -6,7 +6,7 @@ SECTION = "base" LICENSE = "PD & BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=c679c9d6b02bc2757b3eaf8f53c43fba" -PV = "2025b" +PV = "2025c" SRC_URI =" https://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz;name=tzcode;subdir=tz \ https://www.iana.org/time-zones/repository/releases/tzdata${PV}.tar.gz;name=tzdata;subdir=tz \ @@ -16,5 +16,5 @@ S = "${WORKDIR}/tz" UPSTREAM_CHECK_URI = "https://www.iana.org/time-zones" -SRC_URI[tzcode.sha256sum] = "05f8fedb3525ee70d49c87d3fae78a8a0dbae4fe87aa565c65cda9948ae135ec" -SRC_URI[tzdata.sha256sum] = "11810413345fc7805017e27ea9fa4885fd74cd61b2911711ad038f5d28d71474" +SRC_URI[tzcode.sha256sum] = "697ebe6625444aef5080f58e49d03424bbb52e08bf483d3ddb5acf10cbd15740" +SRC_URI[tzdata.sha256sum] = "4aa79e4effee53fc4029ffe5f6ebe97937282ebcdf386d5d2da91ce84142f957" From patchwork Tue Apr 7 07:13:15 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 85392 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 465D6EDB7D0 for ; Tue, 7 Apr 2026 07:13:57 +0000 (UTC) Received: from mail-wm1-f41.google.com (mail-wm1-f41.google.com [209.85.128.41]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.75680.1775546028720102648 for ; Tue, 07 Apr 2026 00:13:49 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=ZYISrCzj; spf=pass (domain: smile.fr, ip: 209.85.128.41, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f41.google.com with SMTP id 5b1f17b1804b1-48896199cbaso40723735e9.1 for ; Tue, 07 Apr 2026 00:13:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1775546027; x=1776150827; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=NCGN8BUF5urP1YIACI5hJZJcaPbWT21zdmBon9wV9V4=; b=ZYISrCzje3nJGhaqg5JtlBiWWl/zbY4XIt6SpcLvLga3CKrWq1teziAgp2iSDe9tSI qCG8WrlM8UqppYKn2H3y463sEyyS0wWsDnWH5RdDNy0StZg5SnHkxktDVue/r/7jPAef +hORlU+4Ts/sSl4emwtgBfl2T3HzV7DWajM6w= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775546027; x=1776150827; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=NCGN8BUF5urP1YIACI5hJZJcaPbWT21zdmBon9wV9V4=; b=I3DemwxSstmOV6duMXkf4xk1mNerCyNcTvifbhDjBEPXdwuZhKkSqwpStLXa6UVosz 70DSx9V5TbWBu178QHjkPDmVPL6qI+vb+AgQmMaXmIXw2gt4eTKl26tt/oRxL+CKXd20 K5F8+JP+UyyV1395ayzJpK+sDhXTtNlNlwYPZt3rCFh9U0LULBtUNpqXct7i0XVwNUjS vyX5wHL/LxVvAFAl2lD+dJVbIpo5YY0F+8TJ0YXvOrCmw0zMjYWiQiCjLyOSg+tTyZlf ZsjirlsgAFSgMkrZUkpkdK+USr/MgMohNruawVdVJYQyi0YehTC2ta4kBjoLV8ckqGr7 3/bw== X-Gm-Message-State: AOJu0Yx7uNeKsjWkcIRIkTPE9nwecNBlFm/bF6Mn6r61EkNvl/TWaOLu Y4kmf0GbKMPoD+vps2g7iPpXWjxtvFBZwIThaSLnZUMFP/msiA9KJXSrjS1/dO8v7g6/lH4Uq9k vOi2iYl0= X-Gm-Gg: AeBDievEEhlDkswaPBxm6GjYnYs6UL1i+o3ytNZz+uGrhw8c1PujO3N21fxkGTG7RL0 zTuhMP3eLhPEfApno9mFnftMSoHP/3VSgztRzk7Jf/wzoLVjysxmR0xomnDnqIjkPBe1Eq4mAlg j21m/7pYB914lljxX6dghwLlDNl4gw3EQp9lUeCqWOnwvx6HnCHBziGQPKVCAKUoZNQRimm3HO2 QeHCNJXq5UUBlA0FYoH1AoQZvPhKaXRP325sSM+qurmLW69kSZQO5h9cG7zdRReLl8//W1laGgF y794/gjZM6g/PjXg9/7Rcf2U1+FzUnALIYLVn7kwmdW/O7eTBJHQu7v55CN0yxeCrxMuat3b1bw ST0Y8yPJI9DWSUZkZn4JcVFfEEseabh77CmmkJ3wZSu18/9+x0ySMh1I50yHKJwNXN2gGixvzxg 7Syc7byep4mnYhkHIPKM/VJv8P8B8cVgFGq0JAhsjpmes078TY3KT2rrP4n4hb+OW51SR+RKnRm qgEdWl5XktwaMASKhH4qh/4oG0= X-Received: by 2002:a05:600c:638e:b0:485:1878:7b8c with SMTP id 5b1f17b1804b1-488997b21e9mr217852495e9.18.1775546026815; Tue, 07 Apr 2026 00:13:46 -0700 (PDT) Received: from FRSMI25-LASER.home (2a01cb001331aa00a2e4fb7b0d887544.ipv6.abo.wanadoo.fr. [2a01:cb00:1331:aa00:a2e4:fb7b:d88:7544]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48899d0fc00sm156364925e9.4.2026.04.07.00.13.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2026 00:13:46 -0700 (PDT) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone v2 07/18] tzdata/tzcode-native: upgrade 2025c -> 2026a Date: Tue, 7 Apr 2026 09:13:15 +0200 Message-ID: X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 07 Apr 2026 07:13:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/234711 From: Jinfeng Wang Signed-off-by: Jinfeng Wang Signed-off-by: Richard Purdie (cherry picked from commit 217ede26d64901d9a38fc119efa684487714c08a) Signed-off-by: Vijay Anusuri Signed-off-by: Yoann Congal --- meta/recipes-extended/timezone/timezone.inc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/meta/recipes-extended/timezone/timezone.inc b/meta/recipes-extended/timezone/timezone.inc index 1c08d4b1023..c498c0c9ffa 100644 --- a/meta/recipes-extended/timezone/timezone.inc +++ b/meta/recipes-extended/timezone/timezone.inc @@ -6,7 +6,7 @@ SECTION = "base" LICENSE = "PD & BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=c679c9d6b02bc2757b3eaf8f53c43fba" -PV = "2025c" +PV = "2026a" SRC_URI =" https://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz;name=tzcode;subdir=tz \ https://www.iana.org/time-zones/repository/releases/tzdata${PV}.tar.gz;name=tzdata;subdir=tz \ @@ -16,5 +16,5 @@ S = "${WORKDIR}/tz" UPSTREAM_CHECK_URI = "https://www.iana.org/time-zones" -SRC_URI[tzcode.sha256sum] = "697ebe6625444aef5080f58e49d03424bbb52e08bf483d3ddb5acf10cbd15740" -SRC_URI[tzdata.sha256sum] = "4aa79e4effee53fc4029ffe5f6ebe97937282ebcdf386d5d2da91ce84142f957" +SRC_URI[tzcode.sha256sum] = "f80a17a2eddd2b54041f9c98d75b0aa8038b016d7c5de72892a146d9938740e1" +SRC_URI[tzdata.sha256sum] = "77b541725937bb53bd92bd484c0b43bec8545e2d3431ee01f04ef8f2203ba2b7" From patchwork Tue Apr 7 07:13:16 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 85399 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 43F08EDB7CF for ; Tue, 7 Apr 2026 07:13:57 +0000 (UTC) Received: from mail-wm1-f43.google.com (mail-wm1-f43.google.com [209.85.128.43]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.75681.1775546030019934646 for ; Tue, 07 Apr 2026 00:13:50 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=dj8/aE4z; spf=pass (domain: smile.fr, ip: 209.85.128.43, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f43.google.com with SMTP id 5b1f17b1804b1-488b8bc6bc9so6563105e9.3 for ; Tue, 07 Apr 2026 00:13:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1775546028; x=1776150828; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=cX520mzOuiO3Yx7LzznJ5dTFaH7s3NIr4oNCz19cNII=; b=dj8/aE4z72Kh91NHvgWrsxWD8Xz4HRMVLR2VSOKcZCdgmJznjbB9zD2UVB19svPm7+ ClnelrXvi2X0Qmo8EcyQjY1TVgNmq5U73OHWdUxQqTsuxpQE07w2/9as2OzZfeqdSBGN LcQJs0/xrTync8gID8gXjdHhrtL5hV6PD4Gng= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775546028; x=1776150828; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=cX520mzOuiO3Yx7LzznJ5dTFaH7s3NIr4oNCz19cNII=; b=MnV4k7Lp/+u3G6/3aGqDGTvAEUdxAwPg++d367ceCL2DHgZ5NrRlmzuzPcPPcVYtjV S5mSBLyqYBWHu6PvP8KIT2iFNUDopCe64ut6daG5Y1Tw9bOQ1d33A/JO5hEBF/x+h5PD QQfu8Gag8RSNCKIe1Ydvxn+KMSNqYQAemweFm88BWGLCxTC6bJnNZUNGnuc5IhXSOR0r FHJgvLc/g4XIm0xE5w1CUygXj5FG2j1GQ9N7y9/j5go8T0Xntn8mnKQjK3uuH4NcmEpy 7O0mAPAJ9cpMw2t+IVl5LSUb4cBEa8gFGNyLnGyiZ3Sw0ZjbgTrI3AY1k85bilkqXgq/ CQSw== X-Gm-Message-State: AOJu0Yw4VJmpLm8eBix/rCaV+2dCCHi2MAdrRezrk/DnWdViEp2gPrGf 2Yz8O14XzhjRTkeKs34kcrS6AR8NPAyIE7dBDVhYoNH8ZtmplAW0lrwHjFAS8ioRSiWPaYhJ4U/ C9DiSCqQ= X-Gm-Gg: AeBDiesg3oVTagenuOp2TdNJq4PrCRgdL1bqFzytYBGEdFVzgWfUPzxbeSt3HZ8hKjw tdHyvLtEqhiUmKWYzuJOKaqyqv6d2v5BJy1an60swPhI0V1m8x9Gi+Wk9BvZJeoCGjvbKAGZIy5 mIdK8NFA75yR/HoRqt9hQsrG5c9Z3+8jg56tEiIaLyk1bE/DJXWQwYOMeoi76VcDI8NrRtgwi0y NP3oxGXpFUcNY+oEpLBR84s75qeBChXOy2X9u3jmlAiE55AMiHQsq15x729lbz5gJPi/GOL0BOj P8zHNmIsiSkQzQMrkj0CH2xOfrYlcDhrnKkPL/7CDL86OBi3m/7tu2lqJrVoJOvj2whdCbYMzSL r//agFx+82Y2Wl/pXP/R0r49RBbpxtM4MJVWLxHpAnpyXU7BSiSAJzLdhBgUJS3lL5flzA13alm 1L8a96L9yK+6hd4mlwcYf5hNI0S/ZMxVI0GhiaTDs9Pipenc/IADq7iKvo/w5ZL6TWqldc2NeQ+ KhOYKYGZ5ohrD+rBF8o8FlPPYs= X-Received: by 2002:a05:600c:1d1d:b0:488:7ebd:78 with SMTP id 5b1f17b1804b1-4889977cbb7mr212848445e9.14.1775546027412; Tue, 07 Apr 2026 00:13:47 -0700 (PDT) Received: from FRSMI25-LASER.home (2a01cb001331aa00a2e4fb7b0d887544.ipv6.abo.wanadoo.fr. [2a01:cb00:1331:aa00:a2e4:fb7b:d88:7544]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48899d0fc00sm156364925e9.4.2026.04.07.00.13.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2026 00:13:46 -0700 (PDT) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone v2 08/18] python3: upgrade 3.10.19 -> 3.10.20 Date: Tue, 7 Apr 2026 09:13:16 +0200 Message-ID: <51e1581d337b674272c1a71dfc366387577bc5df.1775545489.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 07 Apr 2026 07:13:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/234712 From: Vijay Anusuri Drop upstreamed patches. Release information: * https://www.python.org/downloads/release/python-31020/ * The release you're looking at is Python 3.10.20, a security bugfix release for the legacy 3.10 series. Handles CVE-2024-6923 CVE-2025-6075 CVE-2025-12084 CVE-2025-13836 CVE-2025-13837 CVE-2025-15282 CVE-2025-59375 CVE-2026-0865 CVE-2026-24515 CVE-2026-25210 Signed-off-by: Vijay Anusuri [YC: rebased on top of kirkstone] Signed-off-by: Yoann Congal --- .../python/python3/CVE-2025-12084.patch | 171 -------- .../python/python3/CVE-2025-13836.patch | 163 -------- .../python/python3/CVE-2025-13837.patch | 162 -------- .../python/python3/CVE-2025-6075.patch | 364 ------------------ ...{python3_3.10.19.bb => python3_3.10.20.bb} | 6 +- 5 files changed, 1 insertion(+), 865 deletions(-) delete mode 100644 meta/recipes-devtools/python/python3/CVE-2025-12084.patch delete mode 100644 meta/recipes-devtools/python/python3/CVE-2025-13836.patch delete mode 100644 meta/recipes-devtools/python/python3/CVE-2025-13837.patch delete mode 100644 meta/recipes-devtools/python/python3/CVE-2025-6075.patch rename meta/recipes-devtools/python/{python3_3.10.19.bb => python3_3.10.20.bb} (98%) diff --git a/meta/recipes-devtools/python/python3/CVE-2025-12084.patch b/meta/recipes-devtools/python/python3/CVE-2025-12084.patch deleted file mode 100644 index 0c9bb435edf..00000000000 --- a/meta/recipes-devtools/python/python3/CVE-2025-12084.patch +++ /dev/null @@ -1,171 +0,0 @@ -From c97e87593063d84a2bd9fe7068b30eb44de23dc0 Mon Sep 17 00:00:00 2001 -From: "Miss Islington (bot)" - <31488909+miss-islington@users.noreply.github.com> -Date: Sun, 25 Jan 2026 18:10:49 +0100 -Subject: [PATCH] [3.10] gh-142145: Remove quadratic behavior in node ID cache - clearing (GH-142146) (#142213) - -* gh-142145: Remove quadratic behavior in node ID cache clearing (GH-142146) - -* Remove quadratic behavior in node ID cache clearing - -Co-authored-by: Jacob Walls <38668450+jacobtylerwalls@users.noreply.github.com> - -* Add news fragment - -CVE: CVE-2025-12084 -Upstream-Status: Backport [https://github.com/python/cpython/commit/c97e87593063d84a2bd9fe7068b30eb44de23dc0] -Signed-off-by: Peter Marko ---------- -(cherry picked from commit 08d8e18ad81cd45bc4a27d6da478b51ea49486e4) - -Co-authored-by: Seth Michael Larson -Co-authored-by: Jacob Walls <38668450+jacobtylerwalls@users.noreply.github.com> - -* [3.14] gh-142754: Ensure that Element & Attr instances have the ownerDocument attribute (GH-142794) (#142818) - -gh-142754: Ensure that Element & Attr instances have the ownerDocument attribute (GH-142794) -(cherry picked from commit 1cc7551b3f9f71efbc88d96dce90f82de98b2454) - -Co-authored-by: Petr Viktorin -Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com> - -* gh-142145: relax the no-longer-quadratic test timing (GH-143030) - -* gh-142145: relax the no-longer-quadratic test timing - -* require cpu resource -(cherry picked from commit 8d2d7bb2e754f8649a68ce4116271a4932f76907) - -Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com> - -* merge NEWS entries into one - ---------- - -Co-authored-by: Seth Michael Larson -Co-authored-by: Jacob Walls <38668450+jacobtylerwalls@users.noreply.github.com> -Co-authored-by: Petr Viktorin -Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com> -Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com> -Co-authored-by: Gregory P. Smith ---- - Lib/test/test_minidom.py | 33 ++++++++++++++++++- - Lib/xml/dom/minidom.py | 11 ++----- - ...-12-01-09-36-45.gh-issue-142145.tcAUhg.rst | 6 ++++ - 3 files changed, 41 insertions(+), 9 deletions(-) - create mode 100644 Misc/NEWS.d/next/Security/2025-12-01-09-36-45.gh-issue-142145.tcAUhg.rst - -diff --git a/Lib/test/test_minidom.py b/Lib/test/test_minidom.py -index ef38c36210..c68bd990f7 100644 ---- a/Lib/test/test_minidom.py -+++ b/Lib/test/test_minidom.py -@@ -2,6 +2,7 @@ - - import copy - import pickle -+import time - import io - from test import support - import unittest -@@ -9,7 +10,7 @@ import unittest - import pyexpat - import xml.dom.minidom - --from xml.dom.minidom import parse, Attr, Node, Document, parseString -+from xml.dom.minidom import parse, Attr, Node, Document, Element, parseString - from xml.dom.minidom import getDOMImplementation - from xml.parsers.expat import ExpatError - -@@ -177,6 +178,36 @@ class MinidomTest(unittest.TestCase): - self.confirm(dom.documentElement.childNodes[-1].data == "Hello") - dom.unlink() - -+ @support.requires_resource('cpu') -+ def testAppendChildNoQuadraticComplexity(self): -+ impl = getDOMImplementation() -+ -+ newdoc = impl.createDocument(None, "some_tag", None) -+ top_element = newdoc.documentElement -+ children = [newdoc.createElement(f"child-{i}") for i in range(1, 2 ** 15 + 1)] -+ element = top_element -+ -+ start = time.monotonic() -+ for child in children: -+ element.appendChild(child) -+ element = child -+ end = time.monotonic() -+ -+ # This example used to take at least 30 seconds. -+ # Conservative assertion due to the wide variety of systems and -+ # build configs timing based tests wind up run under. -+ # A --with-address-sanitizer --with-pydebug build on a rpi5 still -+ # completes this loop in <0.5 seconds. -+ self.assertLess(end - start, 4) -+ -+ def testSetAttributeNodeWithoutOwnerDocument(self): -+ # regression test for gh-142754 -+ elem = Element("test") -+ attr = Attr("id") -+ attr.value = "test-id" -+ elem.setAttributeNode(attr) -+ self.assertEqual(elem.getAttribute("id"), "test-id") -+ - def testAppendChildFragment(self): - dom, orig, c1, c2, c3, frag = self._create_fragment_test_nodes() - dom.documentElement.appendChild(frag) -diff --git a/Lib/xml/dom/minidom.py b/Lib/xml/dom/minidom.py -index ef8a159833..cada981f39 100644 ---- a/Lib/xml/dom/minidom.py -+++ b/Lib/xml/dom/minidom.py -@@ -292,13 +292,6 @@ def _append_child(self, node): - childNodes.append(node) - node.parentNode = self - --def _in_document(node): -- # return True iff node is part of a document tree -- while node is not None: -- if node.nodeType == Node.DOCUMENT_NODE: -- return True -- node = node.parentNode -- return False - - def _write_data(writer, data): - "Writes datachars to writer." -@@ -355,6 +348,7 @@ class Attr(Node): - def __init__(self, qName, namespaceURI=EMPTY_NAMESPACE, localName=None, - prefix=None): - self.ownerElement = None -+ self.ownerDocument = None - self._name = qName - self.namespaceURI = namespaceURI - self._prefix = prefix -@@ -680,6 +674,7 @@ class Element(Node): - - def __init__(self, tagName, namespaceURI=EMPTY_NAMESPACE, prefix=None, - localName=None): -+ self.ownerDocument = None - self.parentNode = None - self.tagName = self.nodeName = tagName - self.prefix = prefix -@@ -1539,7 +1534,7 @@ def _clear_id_cache(node): - if node.nodeType == Node.DOCUMENT_NODE: - node._id_cache.clear() - node._id_search_stack = None -- elif _in_document(node): -+ elif node.ownerDocument: - node.ownerDocument._id_cache.clear() - node.ownerDocument._id_search_stack= None - -diff --git a/Misc/NEWS.d/next/Security/2025-12-01-09-36-45.gh-issue-142145.tcAUhg.rst b/Misc/NEWS.d/next/Security/2025-12-01-09-36-45.gh-issue-142145.tcAUhg.rst -new file mode 100644 -index 0000000000..05c7df35d1 ---- /dev/null -+++ b/Misc/NEWS.d/next/Security/2025-12-01-09-36-45.gh-issue-142145.tcAUhg.rst -@@ -0,0 +1,6 @@ -+Remove quadratic behavior in ``xml.minidom`` node ID cache clearing. In order -+to do this without breaking existing users, we also add the *ownerDocument* -+attribute to :mod:`xml.dom.minidom` elements and attributes created by directly -+instantiating the ``Element`` or ``Attr`` class. Note that this way of creating -+nodes is not supported; creator functions like -+:py:meth:`xml.dom.Document.documentElement` should be used instead. diff --git a/meta/recipes-devtools/python/python3/CVE-2025-13836.patch b/meta/recipes-devtools/python/python3/CVE-2025-13836.patch deleted file mode 100644 index c4387b60194..00000000000 --- a/meta/recipes-devtools/python/python3/CVE-2025-13836.patch +++ /dev/null @@ -1,163 +0,0 @@ -From 289f29b0fe38baf2d7cb5854f4bb573cc34a6a15 Mon Sep 17 00:00:00 2001 -From: "Miss Islington (bot)" - <31488909+miss-islington@users.noreply.github.com> -Date: Fri, 5 Dec 2025 16:21:57 +0100 -Subject: [PATCH] [3.13] gh-119451: Fix a potential denial of service in - http.client (GH-119454) (#142139) - -gh-119451: Fix a potential denial of service in http.client (GH-119454) - -Reading the whole body of the HTTP response could cause OOM if -the Content-Length value is too large even if the server does not send -a large amount of data. Now the HTTP client reads large data by chunks, -therefore the amount of consumed memory is proportional to the amount -of sent data. -(cherry picked from commit 5a4c4a033a4a54481be6870aa1896fad732555b5) - -CVE: CVE-2025-13836 -Upstream-Status: Backport [https://github.com/python/cpython/commit/289f29b0fe38baf2d7cb5854f4bb573cc34a6a15] -Signed-off-by: Hitendra Prajapati ---- - Lib/http/client.py | 28 ++++++-- - Lib/test/test_httplib.py | 66 +++++++++++++++++++ - ...-05-23-11-47-48.gh-issue-119451.qkJe9-.rst | 5 ++ - 3 files changed, 95 insertions(+), 4 deletions(-) - create mode 100644 Misc/NEWS.d/next/Security/2024-05-23-11-47-48.gh-issue-119451.qkJe9-.rst - -diff --git a/Lib/http/client.py b/Lib/http/client.py -index d1b7b10..c8ab5b7 100644 ---- a/Lib/http/client.py -+++ b/Lib/http/client.py -@@ -111,6 +111,11 @@ responses = {v: v.phrase for v in http.HTTPStatus.__members__.values()} - _MAXLINE = 65536 - _MAXHEADERS = 100 - -+# Data larger than this will be read in chunks, to prevent extreme -+# overallocation. -+_MIN_READ_BUF_SIZE = 1 << 20 -+ -+ - # Header name/value ABNF (http://tools.ietf.org/html/rfc7230#section-3.2) - # - # VCHAR = %x21-7E -@@ -628,10 +633,25 @@ class HTTPResponse(io.BufferedIOBase): - reading. If the bytes are truly not available (due to EOF), then the - IncompleteRead exception can be used to detect the problem. - """ -- data = self.fp.read(amt) -- if len(data) < amt: -- raise IncompleteRead(data, amt-len(data)) -- return data -+ cursize = min(amt, _MIN_READ_BUF_SIZE) -+ data = self.fp.read(cursize) -+ if len(data) >= amt: -+ return data -+ if len(data) < cursize: -+ raise IncompleteRead(data, amt - len(data)) -+ -+ data = io.BytesIO(data) -+ data.seek(0, 2) -+ while True: -+ # This is a geometric increase in read size (never more than -+ # doubling out the current length of data per loop iteration). -+ delta = min(cursize, amt - cursize) -+ data.write(self.fp.read(delta)) -+ if data.tell() >= amt: -+ return data.getvalue() -+ cursize += delta -+ if data.tell() < cursize: -+ raise IncompleteRead(data.getvalue(), amt - data.tell()) - - def _safe_readinto(self, b): - """Same as _safe_read, but for reading into a buffer.""" -diff --git a/Lib/test/test_httplib.py b/Lib/test/test_httplib.py -index 77152cf..89ec5f6 100644 ---- a/Lib/test/test_httplib.py -+++ b/Lib/test/test_httplib.py -@@ -1226,6 +1226,72 @@ class BasicTest(TestCase): - thread.join() - self.assertEqual(result, b"proxied data\n") - -+ def test_large_content_length(self): -+ serv = socket.create_server((HOST, 0)) -+ self.addCleanup(serv.close) -+ -+ def run_server(): -+ [conn, address] = serv.accept() -+ with conn: -+ while conn.recv(1024): -+ conn.sendall( -+ b"HTTP/1.1 200 Ok\r\n" -+ b"Content-Length: %d\r\n" -+ b"\r\n" % size) -+ conn.sendall(b'A' * (size//3)) -+ conn.sendall(b'B' * (size - size//3)) -+ -+ thread = threading.Thread(target=run_server) -+ thread.start() -+ self.addCleanup(thread.join, 1.0) -+ -+ conn = client.HTTPConnection(*serv.getsockname()) -+ try: -+ for w in range(15, 27): -+ size = 1 << w -+ conn.request("GET", "/") -+ with conn.getresponse() as response: -+ self.assertEqual(len(response.read()), size) -+ finally: -+ conn.close() -+ thread.join(1.0) -+ -+ def test_large_content_length_truncated(self): -+ serv = socket.create_server((HOST, 0)) -+ self.addCleanup(serv.close) -+ -+ def run_server(): -+ while True: -+ [conn, address] = serv.accept() -+ with conn: -+ conn.recv(1024) -+ if not size: -+ break -+ conn.sendall( -+ b"HTTP/1.1 200 Ok\r\n" -+ b"Content-Length: %d\r\n" -+ b"\r\n" -+ b"Text" % size) -+ -+ thread = threading.Thread(target=run_server) -+ thread.start() -+ self.addCleanup(thread.join, 1.0) -+ -+ conn = client.HTTPConnection(*serv.getsockname()) -+ try: -+ for w in range(18, 65): -+ size = 1 << w -+ conn.request("GET", "/") -+ with conn.getresponse() as response: -+ self.assertRaises(client.IncompleteRead, response.read) -+ conn.close() -+ finally: -+ conn.close() -+ size = 0 -+ conn.request("GET", "/") -+ conn.close() -+ thread.join(1.0) -+ - def test_putrequest_override_domain_validation(self): - """ - It should be possible to override the default validation -diff --git a/Misc/NEWS.d/next/Security/2024-05-23-11-47-48.gh-issue-119451.qkJe9-.rst b/Misc/NEWS.d/next/Security/2024-05-23-11-47-48.gh-issue-119451.qkJe9-.rst -new file mode 100644 -index 0000000..6d6f25c ---- /dev/null -+++ b/Misc/NEWS.d/next/Security/2024-05-23-11-47-48.gh-issue-119451.qkJe9-.rst -@@ -0,0 +1,5 @@ -+Fix a potential memory denial of service in the :mod:`http.client` module. -+When connecting to a malicious server, it could cause -+an arbitrary amount of memory to be allocated. -+This could have led to symptoms including a :exc:`MemoryError`, swapping, out -+of memory (OOM) killed processes or containers, or even system crashes. --- -2.50.1 - diff --git a/meta/recipes-devtools/python/python3/CVE-2025-13837.patch b/meta/recipes-devtools/python/python3/CVE-2025-13837.patch deleted file mode 100644 index 36bf75792bb..00000000000 --- a/meta/recipes-devtools/python/python3/CVE-2025-13837.patch +++ /dev/null @@ -1,162 +0,0 @@ -From 5a8b19677d818fb41ee55f310233772e15aa1a2b Mon Sep 17 00:00:00 2001 -From: Serhiy Storchaka -Date: Mon, 22 Dec 2025 15:49:44 +0200 -Subject: [PATCH] [3.12] gh-119342: Fix a potential denial of service in - plistlib (GH-119343) (#142149) - -Reading a specially prepared small Plist file could cause OOM because file's -read(n) preallocates a bytes object for reading the specified amount of -data. Now plistlib reads large data by chunks, therefore the upper limit of -consumed memory is proportional to the size of the input file. -(cherry picked from commit 694922cf40aa3a28f898b5f5ee08b71b4922df70) - -CVE: CVE-2025-13837 -Upstream-Status: Backport [https://github.com/python/cpython/commit/5a8b19677d818fb41ee55f310233772e15aa1a2b] -Signed-off-by: Peter Marko ---- - Lib/plistlib.py | 31 ++++++++++------ - Lib/test/test_plistlib.py | 37 +++++++++++++++++-- - ...-05-21-22-11-31.gh-issue-119342.BTFj4Z.rst | 5 +++ - 3 files changed, 59 insertions(+), 14 deletions(-) - create mode 100644 Misc/NEWS.d/next/Security/2024-05-21-22-11-31.gh-issue-119342.BTFj4Z.rst - -diff --git a/Lib/plistlib.py b/Lib/plistlib.py -index 3292c30d5f..c5554ea1f7 100644 ---- a/Lib/plistlib.py -+++ b/Lib/plistlib.py -@@ -73,6 +73,9 @@ from xml.parsers.expat import ParserCreate - PlistFormat = enum.Enum('PlistFormat', 'FMT_XML FMT_BINARY', module=__name__) - globals().update(PlistFormat.__members__) - -+# Data larger than this will be read in chunks, to prevent extreme -+# overallocation. -+_MIN_READ_BUF_SIZE = 1 << 20 - - class UID: - def __init__(self, data): -@@ -499,12 +502,24 @@ class _BinaryPlistParser: - - return tokenL - -+ def _read(self, size): -+ cursize = min(size, _MIN_READ_BUF_SIZE) -+ data = self._fp.read(cursize) -+ while True: -+ if len(data) != cursize: -+ raise InvalidFileException -+ if cursize == size: -+ return data -+ delta = min(cursize, size - cursize) -+ data += self._fp.read(delta) -+ cursize += delta -+ - def _read_ints(self, n, size): -- data = self._fp.read(size * n) -+ data = self._read(size * n) - if size in _BINARY_FORMAT: - return struct.unpack(f'>{n}{_BINARY_FORMAT[size]}', data) - else: -- if not size or len(data) != size * n: -+ if not size: - raise InvalidFileException() - return tuple(int.from_bytes(data[i: i + size], 'big') - for i in range(0, size * n, size)) -@@ -561,22 +576,16 @@ class _BinaryPlistParser: - - elif tokenH == 0x40: # data - s = self._get_size(tokenL) -- result = self._fp.read(s) -- if len(result) != s: -- raise InvalidFileException() -+ result = self._read(s) - - elif tokenH == 0x50: # ascii string - s = self._get_size(tokenL) -- data = self._fp.read(s) -- if len(data) != s: -- raise InvalidFileException() -+ data = self._read(s) - result = data.decode('ascii') - - elif tokenH == 0x60: # unicode string - s = self._get_size(tokenL) * 2 -- data = self._fp.read(s) -- if len(data) != s: -- raise InvalidFileException() -+ data = self._read(s) - result = data.decode('utf-16be') - - elif tokenH == 0x80: # UID -diff --git a/Lib/test/test_plistlib.py b/Lib/test/test_plistlib.py -index fa46050658..229a5a242e 100644 ---- a/Lib/test/test_plistlib.py -+++ b/Lib/test/test_plistlib.py -@@ -838,8 +838,7 @@ class TestPlistlib(unittest.TestCase): - - class TestBinaryPlistlib(unittest.TestCase): - -- @staticmethod -- def decode(*objects, offset_size=1, ref_size=1): -+ def build(self, *objects, offset_size=1, ref_size=1): - data = [b'bplist00'] - offset = 8 - offsets = [] -@@ -851,7 +850,11 @@ class TestBinaryPlistlib(unittest.TestCase): - len(objects), 0, offset) - data.extend(offsets) - data.append(tail) -- return plistlib.loads(b''.join(data), fmt=plistlib.FMT_BINARY) -+ return b''.join(data) -+ -+ def decode(self, *objects, offset_size=1, ref_size=1): -+ data = self.build(*objects, offset_size=offset_size, ref_size=ref_size) -+ return plistlib.loads(data, fmt=plistlib.FMT_BINARY) - - def test_nonstandard_refs_size(self): - # Issue #21538: Refs and offsets are 24-bit integers -@@ -959,6 +962,34 @@ class TestBinaryPlistlib(unittest.TestCase): - with self.assertRaises(plistlib.InvalidFileException): - plistlib.loads(b'bplist00' + data, fmt=plistlib.FMT_BINARY) - -+ def test_truncated_large_data(self): -+ self.addCleanup(os_helper.unlink, os_helper.TESTFN) -+ def check(data): -+ with open(os_helper.TESTFN, 'wb') as f: -+ f.write(data) -+ # buffered file -+ with open(os_helper.TESTFN, 'rb') as f: -+ with self.assertRaises(plistlib.InvalidFileException): -+ plistlib.load(f, fmt=plistlib.FMT_BINARY) -+ # unbuffered file -+ with open(os_helper.TESTFN, 'rb', buffering=0) as f: -+ with self.assertRaises(plistlib.InvalidFileException): -+ plistlib.load(f, fmt=plistlib.FMT_BINARY) -+ for w in range(20, 64): -+ s = 1 << w -+ # data -+ check(self.build(b'\x4f\x13' + s.to_bytes(8, 'big'))) -+ # ascii string -+ check(self.build(b'\x5f\x13' + s.to_bytes(8, 'big'))) -+ # unicode string -+ check(self.build(b'\x6f\x13' + s.to_bytes(8, 'big'))) -+ # array -+ check(self.build(b'\xaf\x13' + s.to_bytes(8, 'big'))) -+ # dict -+ check(self.build(b'\xdf\x13' + s.to_bytes(8, 'big'))) -+ # number of objects -+ check(b'bplist00' + struct.pack('>6xBBQQQ', 1, 1, s, 0, 8)) -+ - - class TestKeyedArchive(unittest.TestCase): - def test_keyed_archive_data(self): -diff --git a/Misc/NEWS.d/next/Security/2024-05-21-22-11-31.gh-issue-119342.BTFj4Z.rst b/Misc/NEWS.d/next/Security/2024-05-21-22-11-31.gh-issue-119342.BTFj4Z.rst -new file mode 100644 -index 0000000000..04fd8faca4 ---- /dev/null -+++ b/Misc/NEWS.d/next/Security/2024-05-21-22-11-31.gh-issue-119342.BTFj4Z.rst -@@ -0,0 +1,5 @@ -+Fix a potential memory denial of service in the :mod:`plistlib` module. -+When reading a Plist file received from untrusted source, it could cause -+an arbitrary amount of memory to be allocated. -+This could have led to symptoms including a :exc:`MemoryError`, swapping, out -+of memory (OOM) killed processes or containers, or even system crashes. diff --git a/meta/recipes-devtools/python/python3/CVE-2025-6075.patch b/meta/recipes-devtools/python/python3/CVE-2025-6075.patch deleted file mode 100644 index eab5a882a0d..00000000000 --- a/meta/recipes-devtools/python/python3/CVE-2025-6075.patch +++ /dev/null @@ -1,364 +0,0 @@ -From 892747b4cf0f95ba8beb51c0d0658bfaa381ebca Mon Sep 17 00:00:00 2001 -From: Łukasz Langa -Date: Fri, 31 Oct 2025 17:51:32 +0100 -Subject: [PATCH] gh-136065: Fix quadratic complexity in os.path.expandvars() - (GH-134952) (GH-140851) - -(cherry picked from commit f029e8db626ddc6e3a3beea4eff511a71aaceb5c) - -Co-authored-by: Serhiy Storchaka - -CVE: CVE-2025-6075 - -Upstream-Status: Backport [https://github.com/python/cpython/commit/892747b4cf0f95ba8beb51c0d0658bfaa381ebca] - -Signed-off-by: Praveen Kumar ---- - Lib/ntpath.py | 126 ++++++------------ - Lib/posixpath.py | 43 +++--- - Lib/test/test_genericpath.py | 14 ++ - Lib/test/test_ntpath.py | 20 ++- - ...-05-30-22-33-27.gh-issue-136065.bu337o.rst | 1 + - 5 files changed, 93 insertions(+), 111 deletions(-) - create mode 100644 Misc/NEWS.d/next/Security/2025-05-30-22-33-27.gh-issue-136065.bu337o.rst - -diff --git a/Lib/ntpath.py b/Lib/ntpath.py -index 9b0cca4..bd2b4e2 100644 ---- a/Lib/ntpath.py -+++ b/Lib/ntpath.py -@@ -374,17 +374,23 @@ def expanduser(path): - # XXX With COMMAND.COM you can use any characters in a variable name, - # XXX except '^|<>='. - -+_varpattern = r"'[^']*'?|%(%|[^%]*%?)|\$(\$|[-\w]+|\{[^}]*\}?)" -+_varsub = None -+_varsubb = None -+ - def expandvars(path): - """Expand shell variables of the forms $var, ${var} and %var%. - - Unknown variables are left unchanged.""" - path = os.fspath(path) -+ global _varsub, _varsubb - if isinstance(path, bytes): - if b'$' not in path and b'%' not in path: - return path -- import string -- varchars = bytes(string.ascii_letters + string.digits + '_-', 'ascii') -- quote = b'\'' -+ if not _varsubb: -+ import re -+ _varsubb = re.compile(_varpattern.encode(), re.ASCII).sub -+ sub = _varsubb - percent = b'%' - brace = b'{' - rbrace = b'}' -@@ -393,94 +399,44 @@ def expandvars(path): - else: - if '$' not in path and '%' not in path: - return path -- import string -- varchars = string.ascii_letters + string.digits + '_-' -- quote = '\'' -+ if not _varsub: -+ import re -+ _varsub = re.compile(_varpattern, re.ASCII).sub -+ sub = _varsub - percent = '%' - brace = '{' - rbrace = '}' - dollar = '$' - environ = os.environ -- res = path[:0] -- index = 0 -- pathlen = len(path) -- while index < pathlen: -- c = path[index:index+1] -- if c == quote: # no expansion within single quotes -- path = path[index + 1:] -- pathlen = len(path) -- try: -- index = path.index(c) -- res += c + path[:index + 1] -- except ValueError: -- res += c + path -- index = pathlen - 1 -- elif c == percent: # variable or '%' -- if path[index + 1:index + 2] == percent: -- res += c -- index += 1 -- else: -- path = path[index+1:] -- pathlen = len(path) -- try: -- index = path.index(percent) -- except ValueError: -- res += percent + path -- index = pathlen - 1 -- else: -- var = path[:index] -- try: -- if environ is None: -- value = os.fsencode(os.environ[os.fsdecode(var)]) -- else: -- value = environ[var] -- except KeyError: -- value = percent + var + percent -- res += value -- elif c == dollar: # variable or '$$' -- if path[index + 1:index + 2] == dollar: -- res += c -- index += 1 -- elif path[index + 1:index + 2] == brace: -- path = path[index+2:] -- pathlen = len(path) -- try: -- index = path.index(rbrace) -- except ValueError: -- res += dollar + brace + path -- index = pathlen - 1 -- else: -- var = path[:index] -- try: -- if environ is None: -- value = os.fsencode(os.environ[os.fsdecode(var)]) -- else: -- value = environ[var] -- except KeyError: -- value = dollar + brace + var + rbrace -- res += value -- else: -- var = path[:0] -- index += 1 -- c = path[index:index + 1] -- while c and c in varchars: -- var += c -- index += 1 -- c = path[index:index + 1] -- try: -- if environ is None: -- value = os.fsencode(os.environ[os.fsdecode(var)]) -- else: -- value = environ[var] -- except KeyError: -- value = dollar + var -- res += value -- if c: -- index -= 1 -+ -+ def repl(m): -+ lastindex = m.lastindex -+ if lastindex is None: -+ return m[0] -+ name = m[lastindex] -+ if lastindex == 1: -+ if name == percent: -+ return name -+ if not name.endswith(percent): -+ return m[0] -+ name = name[:-1] - else: -- res += c -- index += 1 -- return res -+ if name == dollar: -+ return name -+ if name.startswith(brace): -+ if not name.endswith(rbrace): -+ return m[0] -+ name = name[1:-1] -+ -+ try: -+ if environ is None: -+ return os.fsencode(os.environ[os.fsdecode(name)]) -+ else: -+ return environ[name] -+ except KeyError: -+ return m[0] -+ -+ return sub(repl, path) - - - # Normalize a path, e.g. A//B, A/./B and A/foo/../B all become A\B. -diff --git a/Lib/posixpath.py b/Lib/posixpath.py -index b8dd563..75020ee 100644 ---- a/Lib/posixpath.py -+++ b/Lib/posixpath.py -@@ -279,42 +279,41 @@ def expanduser(path): - # This expands the forms $variable and ${variable} only. - # Non-existent variables are left unchanged. - --_varprog = None --_varprogb = None -+_varpattern = r'\$(\w+|\{[^}]*\}?)' -+_varsub = None -+_varsubb = None - - def expandvars(path): - """Expand shell variables of form $var and ${var}. Unknown variables - are left unchanged.""" - path = os.fspath(path) -- global _varprog, _varprogb -+ global _varsub, _varsubb - if isinstance(path, bytes): - if b'$' not in path: - return path -- if not _varprogb: -+ if not _varsubb: - import re -- _varprogb = re.compile(br'\$(\w+|\{[^}]*\})', re.ASCII) -- search = _varprogb.search -+ _varsubb = re.compile(_varpattern.encode(), re.ASCII).sub -+ sub = _varsubb - start = b'{' - end = b'}' - environ = getattr(os, 'environb', None) - else: - if '$' not in path: - return path -- if not _varprog: -+ if not _varsub: - import re -- _varprog = re.compile(r'\$(\w+|\{[^}]*\})', re.ASCII) -- search = _varprog.search -+ _varsub = re.compile(_varpattern, re.ASCII).sub -+ sub = _varsub - start = '{' - end = '}' - environ = os.environ -- i = 0 -- while True: -- m = search(path, i) -- if not m: -- break -- i, j = m.span(0) -- name = m.group(1) -- if name.startswith(start) and name.endswith(end): -+ -+ def repl(m): -+ name = m[1] -+ if name.startswith(start): -+ if not name.endswith(end): -+ return m[0] - name = name[1:-1] - try: - if environ is None: -@@ -322,13 +321,11 @@ def expandvars(path): - else: - value = environ[name] - except KeyError: -- i = j -+ return m[0] - else: -- tail = path[j:] -- path = path[:i] + value -- i = len(path) -- path += tail -- return path -+ return value -+ -+ return sub(repl, path) - - - # Normalize a path, e.g. A//B, A/./B and A/foo/../B all become A/B. -diff --git a/Lib/test/test_genericpath.py b/Lib/test/test_genericpath.py -index 1ff7f75..b0a1326 100644 ---- a/Lib/test/test_genericpath.py -+++ b/Lib/test/test_genericpath.py -@@ -7,6 +7,7 @@ import os - import sys - import unittest - import warnings -+from test import support - from test.support import os_helper - from test.support import warnings_helper - from test.support.script_helper import assert_python_ok -@@ -430,6 +431,19 @@ class CommonTest(GenericTest): - os.fsencode('$bar%s bar' % nonascii)) - check(b'$spam}bar', os.fsencode('%s}bar' % nonascii)) - -+ @support.requires_resource('cpu') -+ def test_expandvars_large(self): -+ expandvars = self.pathmodule.expandvars -+ with os_helper.EnvironmentVarGuard() as env: -+ env.clear() -+ env["A"] = "B" -+ n = 100_000 -+ self.assertEqual(expandvars('$A'*n), 'B'*n) -+ self.assertEqual(expandvars('${A}'*n), 'B'*n) -+ self.assertEqual(expandvars('$A!'*n), 'B!'*n) -+ self.assertEqual(expandvars('${A}A'*n), 'BA'*n) -+ self.assertEqual(expandvars('${'*10*n), '${'*10*n) -+ - def test_abspath(self): - self.assertIn("foo", self.pathmodule.abspath("foo")) - with warnings.catch_warnings(): -diff --git a/Lib/test/test_ntpath.py b/Lib/test/test_ntpath.py -index f790f77..161e57d 100644 ---- a/Lib/test/test_ntpath.py -+++ b/Lib/test/test_ntpath.py -@@ -5,8 +5,8 @@ import sys - import unittest - import warnings - from ntpath import ALLOW_MISSING -+from test import support - from test.support import os_helper --from test.support import TestFailed - from test.support.os_helper import FakePath - from test import test_genericpath - from tempfile import TemporaryFile -@@ -56,7 +56,7 @@ def tester(fn, wantResult): - fn = fn.replace("\\", "\\\\") - gotResult = eval(fn) - if wantResult != gotResult and _norm(wantResult) != _norm(gotResult): -- raise TestFailed("%s should return: %s but returned: %s" \ -+ raise support.TestFailed("%s should return: %s but returned: %s" \ - %(str(fn), str(wantResult), str(gotResult))) - - # then with bytes -@@ -72,7 +72,7 @@ def tester(fn, wantResult): - warnings.simplefilter("ignore", DeprecationWarning) - gotResult = eval(fn) - if _norm(wantResult) != _norm(gotResult): -- raise TestFailed("%s should return: %s but returned: %s" \ -+ raise support.TestFailed("%s should return: %s but returned: %s" \ - %(str(fn), str(wantResult), repr(gotResult))) - - -@@ -689,6 +689,19 @@ class TestNtpath(NtpathTestCase): - check('%spam%bar', '%sbar' % nonascii) - check('%{}%bar'.format(nonascii), 'ham%sbar' % nonascii) - -+ @support.requires_resource('cpu') -+ def test_expandvars_large(self): -+ expandvars = ntpath.expandvars -+ with os_helper.EnvironmentVarGuard() as env: -+ env.clear() -+ env["A"] = "B" -+ n = 100_000 -+ self.assertEqual(expandvars('%A%'*n), 'B'*n) -+ self.assertEqual(expandvars('%A%A'*n), 'BA'*n) -+ self.assertEqual(expandvars("''"*n + '%%'), "''"*n + '%') -+ self.assertEqual(expandvars("%%"*n), "%"*n) -+ self.assertEqual(expandvars("$$"*n), "$"*n) -+ - def test_expanduser(self): - tester('ntpath.expanduser("test")', 'test') - -@@ -923,6 +936,7 @@ class TestNtpath(NtpathTestCase): - self.assertIsInstance(b_final_path, bytes) - self.assertGreater(len(b_final_path), 0) - -+ - class NtCommonTest(test_genericpath.CommonTest, unittest.TestCase): - pathmodule = ntpath - attributes = ['relpath'] -diff --git a/Misc/NEWS.d/next/Security/2025-05-30-22-33-27.gh-issue-136065.bu337o.rst b/Misc/NEWS.d/next/Security/2025-05-30-22-33-27.gh-issue-136065.bu337o.rst -new file mode 100644 -index 0000000..1d152bb ---- /dev/null -+++ b/Misc/NEWS.d/next/Security/2025-05-30-22-33-27.gh-issue-136065.bu337o.rst -@@ -0,0 +1 @@ -+Fix quadratic complexity in :func:`os.path.expandvars`. --- -2.40.0 diff --git a/meta/recipes-devtools/python/python3_3.10.19.bb b/meta/recipes-devtools/python/python3_3.10.20.bb similarity index 98% rename from meta/recipes-devtools/python/python3_3.10.19.bb rename to meta/recipes-devtools/python/python3_3.10.20.bb index fbb2f80886b..88a57971b95 100644 --- a/meta/recipes-devtools/python/python3_3.10.19.bb +++ b/meta/recipes-devtools/python/python3_3.10.20.bb @@ -37,10 +37,6 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ file://0001-Avoid-shebang-overflow-on-python-config.py.patch \ file://0001-test_storlines-skip-due-to-load-variability.patch \ file://0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch \ - file://CVE-2025-6075.patch \ - file://CVE-2025-13836.patch \ - file://CVE-2025-13837.patch \ - file://CVE-2025-12084.patch \ " SRC_URI:append:class-native = " \ @@ -49,7 +45,7 @@ SRC_URI:append:class-native = " \ file://12-distutils-prefix-is-inside-staging-area.patch \ file://0001-Don-t-search-system-for-headers-libraries.patch \ " -SRC_URI[sha256sum] = "c8f4a596572201d81dd7df91f70e177e19a70f1d489968b54b5fbbf29a97c076" +SRC_URI[sha256sum] = "de6517421601e39a9a3bc3e1bc4c7b2f239297423ee05e282598c83ec0647505" # exclude pre-releases for both python 2.x and 3.x UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P\d+(\.\d+)+).tar" From patchwork Tue Apr 7 07:13:17 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 85398 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id E53D2EDB7DC for ; Tue, 7 Apr 2026 07:13:57 +0000 (UTC) Received: from mail-wm1-f54.google.com (mail-wm1-f54.google.com [209.85.128.54]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.75682.1775546030223969579 for ; Tue, 07 Apr 2026 00:13:50 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=VkK7XYSc; spf=pass (domain: smile.fr, ip: 209.85.128.54, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f54.google.com with SMTP id 5b1f17b1804b1-488971db0fdso35010865e9.0 for ; Tue, 07 Apr 2026 00:13:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1775546028; x=1776150828; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=PGwAQjzppj08vZE+eBqJn8AJRwFKcPlSu7fv234ON6o=; b=VkK7XYScX21k7arBEgYsW8rFncMY/jOLZ6noXvuewo5XzAwDvieGUJZW958IGQZS/1 zszn8vz5AaVCWzQREKYXev8KjFWWJ8ZnsQdhimwpw2ZMiJu/b1EojlMVXV88iYPTB5dw fpkgM0AsGj/6iv0OW+r+sldASs79RYzLrrVHE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775546028; x=1776150828; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=PGwAQjzppj08vZE+eBqJn8AJRwFKcPlSu7fv234ON6o=; b=YGdGXAkShZLhBxTairWhICcYKpR9vv2NBPB5w7vU2TsixTDVomhSkFzr1rRknIGgCm ul4DFyw0/EWob2ns5DbmAcNNDb4KoYFz9GdT9XA7AeIZ24vBXFn0g5+VZ9FOZn+Jtoec daC6BBu2okDn90ehvLIwJ+dD6xEA5svdN7S7GA8BakHTiQzBqJ0BKnJm6Z2/qGsA/lTA GIkSR/QIGvWGZgIK6AMy1hLXCNDP35qe80Y+rcVODpq7BT3hG7Y/k6kRgZMTb1QCHKfR Erc8gU2q9+RrlZ+pSs3y3u9YlSUVfmlBJQvCb+2mcBmFrSuemGTwmZ9zUE7VQBpVn0ZK aRQA== X-Gm-Message-State: AOJu0YwZ3CwU2qrvAQn/PBwQk9NPFcgh9NIzEukwkI49mRMAzp5Fz8Vm Y2gJLuDpVYdD093unJGuvzRSVBwzHqGbQgm+iAVoKmlZ0Uvv/WgTtKEsuamogmNjFZ7gZ9wizYq YM9Pst+Y= X-Gm-Gg: AeBDieslxyevgeuXgkqgP4r36Rgw0RDZNbnF/FrV9b4NfR4sjyqTjHmjYtf5ixybiMJ YTSnFqnGHYRKLygjfUSbWpm4rpxuqZ2r8S5sEvXxQDwKdbH7S7gBvB9g+R/8NRifwiR3P/zGM2e wBVlLFdYF38I4eMCpiAI3ikpeTpsnwGVsLZtK0wt66d5kBvGEhaYQMIQ8u1awFmVyddVX4dH55Y wB5l0wiO2zBrL+qxA2QTEH3WKbgC/hp/u4KOtQX2cxf5abd1mPRWxHbjyPKCLJ5Pgmpnbqdgwn7 zeyQi6rAWlzYGWuooMZ+SOX20o7UE3kMHOR4XnyGeL3vQqISDg6MHqL5TQOsdOEIWvz+GpKvt/v 3fDa9asGLVQtY6ik0re12UeE/+k9ESfQSxJdBxHs5fEi87a5ELmVI1Evgif0ogx1fbMO61kUePn 2KG5xNLd2KJRIk5Xq4tPkbeU256cEda+OAk/dS58NeYIQ1uuHU41iySgEMC74ryqS3VcpWoXeNo 74eXLwdoIJ+8d+1RTh0leWTXHXiEeOsZLw31A== X-Received: by 2002:a05:600c:19c9:b0:488:b749:8482 with SMTP id 5b1f17b1804b1-488b749894cmr61537185e9.4.1775546028061; Tue, 07 Apr 2026 00:13:48 -0700 (PDT) Received: from FRSMI25-LASER.home (2a01cb001331aa00a2e4fb7b0d887544.ipv6.abo.wanadoo.fr. [2a01:cb00:1331:aa00:a2e4:fb7b:d88:7544]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48899d0fc00sm156364925e9.4.2026.04.07.00.13.47 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2026 00:13:47 -0700 (PDT) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone v2 09/18] python3-pyopenssl: Fix CVE-2026-27448 Date: Tue, 7 Apr 2026 09:13:17 +0200 Message-ID: X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 07 Apr 2026 07:13:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/234713 From: Vijay Anusuri Pick patch mentioned in NVD [1] https://nvd.nist.gov/vuln/detail/CVE-2026-27448 [2] https://ubuntu.com/security/CVE-2026-27448 Signed-off-by: Vijay Anusuri Signed-off-by: Yoann Congal --- .../python3-pyopenssl/CVE-2026-27448.patch | 125 ++++++++++++++++++ .../python/python3-pyopenssl_22.0.0.bb | 4 + 2 files changed, 129 insertions(+) create mode 100644 meta/recipes-devtools/python/python3-pyopenssl/CVE-2026-27448.patch diff --git a/meta/recipes-devtools/python/python3-pyopenssl/CVE-2026-27448.patch b/meta/recipes-devtools/python/python3-pyopenssl/CVE-2026-27448.patch new file mode 100644 index 00000000000..4a06e2c0201 --- /dev/null +++ b/meta/recipes-devtools/python/python3-pyopenssl/CVE-2026-27448.patch @@ -0,0 +1,125 @@ +From d41a814759a9fb49584ca8ab3f7295de49a85aa0 Mon Sep 17 00:00:00 2001 +From: Alex Gaynor +Date: Mon, 16 Feb 2026 21:04:37 -0500 +Subject: [PATCH] Handle exceptions in set_tlsext_servername_callback callbacks + (#1478) + +When the servername callback raises an exception, call sys.excepthook +with the exception info and return SSL_TLSEXT_ERR_ALERT_FATAL to abort +the handshake. Previously, exceptions would propagate uncaught through +the CFFI callback boundary. + +https://claude.ai/code/session_01P7y1XmWkdtC5UcmZwGDvGi + +Co-authored-by: Claude + +Upstream-Status: Backport [https://github.com/pyca/pyopenssl/commit/d41a814759a9fb49584ca8ab3f7295de49a85aa0] +CVE: CVE-2026-27448 +Signed-off-by: Vijay Anusuri +--- + CHANGELOG.rst | 2 ++ + src/OpenSSL/SSL.py | 7 ++++++- + tests/test_ssl.py | 50 ++++++++++++++++++++++++++++++++++++++++++++++ + 3 files changed, 58 insertions(+), 1 deletion(-) + +diff --git a/CHANGELOG.rst b/CHANGELOG.rst +index c84b30a..5b6d523 100644 +--- a/CHANGELOG.rst ++++ b/CHANGELOG.rst +@@ -20,6 +20,8 @@ Deprecations: + Changes: + ^^^^^^^^ + ++- ``Context.set_tlsext_servername_callback`` now handles exceptions raised in the callback by calling ``sys.excepthook`` and returning a fatal TLS alert. Previously, exceptions were silently swallowed and the handshake would proceed as if the callback had succeeded. ++ + - Expose wrappers for some `DTLS + `_ + primitives. `#1026 `_ +diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py +index 12374b7..6ef44d4 100644 +--- a/src/OpenSSL/SSL.py ++++ b/src/OpenSSL/SSL.py +@@ -1,5 +1,6 @@ + import os + import socket ++import sys + from sys import platform + from functools import wraps, partial + from itertools import count, chain +@@ -1431,7 +1432,11 @@ class Context(object): + + @wraps(callback) + def wrapper(ssl, alert, arg): +- callback(Connection._reverse_mapping[ssl]) ++ try: ++ callback(Connection._reverse_mapping[ssl]) ++ except Exception: ++ sys.excepthook(*sys.exc_info()) ++ return _lib.SSL_TLSEXT_ERR_ALERT_FATAL + return 0 + + self._tlsext_servername_callback = _ffi.callback( +diff --git a/tests/test_ssl.py b/tests/test_ssl.py +index ccc8a38..77e1876 100644 +--- a/tests/test_ssl.py ++++ b/tests/test_ssl.py +@@ -1884,6 +1884,56 @@ class TestServerNameCallback(object): + + assert args == [(server, b"foo1.example.com")] + ++ def test_servername_callback_exception( ++ self, monkeypatch: pytest.MonkeyPatch ++ ) -> None: ++ """ ++ When the callback passed to `Context.set_tlsext_servername_callback` ++ raises an exception, ``sys.excepthook`` is called with the exception ++ and the handshake fails with an ``Error``. ++ """ ++ exc = TypeError("server name callback failed") ++ ++ def servername(conn: Connection) -> None: ++ raise exc ++ ++ excepthook_calls: list[ ++ tuple[type[BaseException], BaseException, object] ++ ] = [] ++ ++ def custom_excepthook( ++ exc_type: type[BaseException], ++ exc_value: BaseException, ++ exc_tb: object, ++ ) -> None: ++ excepthook_calls.append((exc_type, exc_value, exc_tb)) ++ ++ context = Context(SSLv23_METHOD) ++ context.set_tlsext_servername_callback(servername) ++ ++ # Necessary to actually accept the connection ++ context.use_privatekey(load_privatekey(FILETYPE_PEM, server_key_pem)) ++ context.use_certificate( ++ load_certificate(FILETYPE_PEM, server_cert_pem) ++ ) ++ ++ # Do a little connection to trigger the logic ++ server = Connection(context, None) ++ server.set_accept_state() ++ ++ client = Connection(Context(SSLv23_METHOD), None) ++ client.set_connect_state() ++ client.set_tlsext_host_name(b"foo1.example.com") ++ ++ monkeypatch.setattr(sys, "excepthook", custom_excepthook) ++ with pytest.raises(Error): ++ interact_in_memory(server, client) ++ ++ assert len(excepthook_calls) == 1 ++ assert excepthook_calls[0][0] is TypeError ++ assert excepthook_calls[0][1] is exc ++ assert excepthook_calls[0][2] is not None ++ + + class TestApplicationLayerProtoNegotiation(object): + """ +-- +2.25.1 + diff --git a/meta/recipes-devtools/python/python3-pyopenssl_22.0.0.bb b/meta/recipes-devtools/python/python3-pyopenssl_22.0.0.bb index db0e809ef54..13d87939b62 100644 --- a/meta/recipes-devtools/python/python3-pyopenssl_22.0.0.bb +++ b/meta/recipes-devtools/python/python3-pyopenssl_22.0.0.bb @@ -10,6 +10,10 @@ SRC_URI[sha256sum] = "660b1b1425aac4a1bea1d94168a85d99f0b3144c869dd4390d27629d00 PYPI_PACKAGE = "pyOpenSSL" inherit pypi setuptools3 +SRC_URI += " \ + file://CVE-2026-27448.patch \ +" + PACKAGES =+ "${PN}-tests" FILES:${PN}-tests = "${libdir}/${PYTHON_DIR}/site-packages/OpenSSL/test" From patchwork Tue Apr 7 07:13:18 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 85390 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F1E20EDB7CC for ; Tue, 7 Apr 2026 07:13:56 +0000 (UTC) Received: from mail-wm1-f51.google.com (mail-wm1-f51.google.com [209.85.128.51]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.75683.1775546030477224880 for ; Tue, 07 Apr 2026 00:13:50 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=38u2AF40; spf=pass (domain: smile.fr, ip: 209.85.128.51, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f51.google.com with SMTP id 5b1f17b1804b1-4887fd35e60so29522745e9.2 for ; Tue, 07 Apr 2026 00:13:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1775546029; x=1776150829; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=DS4DHbc7Jf3zRsV2JHtkpVskXSIoVHL+z+JE3NrXy+4=; b=38u2AF40PB8UbcItiR0yptZByLNbkdMQfDMr/Qx/4xGOQjXtFDvyCfUXBM1DkKN9GJ Qp5Um4P6pBUCQ5uDMFHBorCevLc3osUarA5UWF4a8IxsZCTs2xrdynRRQG6bqHPFF8sH 8rRDNwshJdYOA+Xti6K4adHyQ42+Y+8bYTark= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775546029; x=1776150829; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=DS4DHbc7Jf3zRsV2JHtkpVskXSIoVHL+z+JE3NrXy+4=; b=iBBClOrv3mmTusKlY50vg+NNXemDVpCG/FERLiU/LCQ+ZON3aFKWevNwM7dLFkKjOt /jVEO/Zi8H6ZTGb0f2wsdWPC7MV5YwmAbcMCsP3Hef3EermBkzwZGt6Jyqgiw3Kk4sIl NXbAUoTGoCILbKIQubmcOga5B8WJOPmlWbLkGxdiT8jkfmxNCaIpSALMiIOZG/ybIqw5 k6OR4l4//ZlAAemakP1VG74m8O5hopQ/iDZjXCWIaEg1yBz6iSYwG6kRn6WB6hgL3/FQ Sigqls76XOAxm6bgjyxskukht6p8awRuXOTqJj9JNW1pUJ3MDwH3HfyturQk7LILLXzt Xpqw== X-Gm-Message-State: AOJu0YxUzfkmrWaYcGwBgqGqdzukqj+anIUBFZRSIh4JaEzQkr8DRqm7 Y19CIkqPlFumcEaGOIpSzx0+hfknQms2lpBfjmOnUCJtFhVE5key+CD+lMaFwNHGk/TmbDdxlJQ YO3nHSTM= X-Gm-Gg: AeBDies6RzmvwSoIyxKlCylEt7pnSaqPFTsAYdPLtdSwS9olYHjWFyLGw8aBMpaagl3 5gmf5Q5pfge1ATHXw6QzEJzN3FJnSWl6yGa358vI+bLJ5KLvkRcOJeg6FzF21l3Sj/vWnpnLJLH 8VusLeO8KnoQCdnefzJU0RoSLUU2d+yvrbZnzkLVonq7CtLUUEYO1keVX6TH0dP/8SPJWZjuPUE y/Cm3l7dkZozzKhBBIgBSgfl5aT9Wvs1ROWjrQEthNJzE9w7du1FUh1brJaCo4tIFKsJkA6Wnv3 pKgKITQ4p2KLZyVZljbBq9jejDubYPgnHo07VWhLsgr0/Ieek3F+8Nuik7gc8+IEolHIHn+wgrK 25JqVkhB3cCf0+eE7hXkJ+uU4afEAVG/EVpjnNL5wzmJcfEgDz/FxPWjSYPJjhQ25eUCnSW+cvm gkgjHaBsIGQMyXvMQ5ywMUxdV6sg6blG/OGBzF4w5TK785gmDDSoMOLuizDwO5lGGjC1gkp6oUC oAU8mwBVU3zWQq5sGcOEWGaZJc= X-Received: by 2002:a05:600c:8012:b0:486:f4d2:eac6 with SMTP id 5b1f17b1804b1-4889974a310mr228120555e9.13.1775546028608; Tue, 07 Apr 2026 00:13:48 -0700 (PDT) Received: from FRSMI25-LASER.home (2a01cb001331aa00a2e4fb7b0d887544.ipv6.abo.wanadoo.fr. [2a01:cb00:1331:aa00:a2e4:fb7b:d88:7544]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48899d0fc00sm156364925e9.4.2026.04.07.00.13.48 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2026 00:13:48 -0700 (PDT) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone v2 10/18] python3-pyopenssl: Fix CVE-2026-27459 Date: Tue, 7 Apr 2026 09:13:18 +0200 Message-ID: X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 07 Apr 2026 07:13:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/234714 From: Vijay Anusuri Pick patch mentioned in NVD [1] https://nvd.nist.gov/vuln/detail/CVE-2026-27459 [2] https://ubuntu.com/security/CVE-2026-27459 Signed-off-by: Vijay Anusuri Signed-off-by: Yoann Congal --- .../python3-pyopenssl/CVE-2026-27459.patch | 106 ++++++++++++++++++ .../python/python3-pyopenssl_22.0.0.bb | 1 + 2 files changed, 107 insertions(+) create mode 100644 meta/recipes-devtools/python/python3-pyopenssl/CVE-2026-27459.patch diff --git a/meta/recipes-devtools/python/python3-pyopenssl/CVE-2026-27459.patch b/meta/recipes-devtools/python/python3-pyopenssl/CVE-2026-27459.patch new file mode 100644 index 00000000000..b5e37a6900d --- /dev/null +++ b/meta/recipes-devtools/python/python3-pyopenssl/CVE-2026-27459.patch @@ -0,0 +1,106 @@ +From 57f09bb4bb051d3bc2a1abd36e9525313d5cd408 Mon Sep 17 00:00:00 2001 +From: Alex Gaynor +Date: Wed, 18 Feb 2026 07:46:15 -0500 +Subject: [PATCH] Fix buffer overflow in DTLS cookie generation callback + (#1479) + +The cookie generate callback copied user-returned bytes into a +fixed-size native buffer without enforcing a maximum length. A +callback returning more than DTLS1_COOKIE_LENGTH bytes would overflow +the OpenSSL-provided buffer, corrupting adjacent memory. + +Co-authored-by: Claude Opus 4.6 + +Upstream-Status: Backport [https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408] +CVE: CVE-2026-27459 +Signed-off-by: Vijay Anusuri +--- + CHANGELOG.rst | 1 + + src/OpenSSL/SSL.py | 7 +++++++ + tests/test_ssl.py | 38 ++++++++++++++++++++++++++++++++++++++ + 3 files changed, 46 insertions(+) + +diff --git a/CHANGELOG.rst b/CHANGELOG.rst +index 5b6d523..13d8abd 100644 +--- a/CHANGELOG.rst ++++ b/CHANGELOG.rst +@@ -20,6 +20,7 @@ Deprecations: + Changes: + ^^^^^^^^ + ++- Properly raise an error if a DTLS cookie callback returned a cookie longer than ``DTLS1_COOKIE_LENGTH`` bytes. Previously this would result in a buffer-overflow. + - ``Context.set_tlsext_servername_callback`` now handles exceptions raised in the callback by calling ``sys.excepthook`` and returning a fatal TLS alert. Previously, exceptions were silently swallowed and the handshake would proceed as if the callback had succeeded. + + - Expose wrappers for some `DTLS +diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py +index 6ef44d4..fa1b556 100644 +--- a/src/OpenSSL/SSL.py ++++ b/src/OpenSSL/SSL.py +@@ -556,11 +556,18 @@ class _CookieGenerateCallbackHelper(_CallbackExceptionHelper): + def __init__(self, callback): + _CallbackExceptionHelper.__init__(self) + ++ max_cookie_len = getattr(_lib, "DTLS1_COOKIE_LENGTH", 255) ++ + @wraps(callback) + def wrapper(ssl, out, outlen): + try: + conn = Connection._reverse_mapping[ssl] + cookie = callback(conn) ++ if len(cookie) > max_cookie_len: ++ raise ValueError( ++ f"Cookie too long (got {len(cookie)} bytes, " ++ f"max {max_cookie_len})" ++ ) + out[0 : len(cookie)] = cookie + outlen[0] = len(cookie) + return 1 +diff --git a/tests/test_ssl.py b/tests/test_ssl.py +index 77e1876..fb77b75 100644 +--- a/tests/test_ssl.py ++++ b/tests/test_ssl.py +@@ -4455,3 +4455,41 @@ class TestDTLS(object): + assert 0 < c.get_cleartext_mtu() < 500 + except NotImplementedError: # OpenSSL 1.1.0 and earlier + pass ++ ++ def test_cookie_generate_too_long(self) -> None: ++ s_ctx = Context(DTLS_METHOD) ++ ++ def generate_cookie(ssl: Connection) -> bytes: ++ return b"\x00" * 256 ++ ++ def verify_cookie(ssl: Connection, cookie: bytes) -> bool: ++ return True ++ ++ s_ctx.set_cookie_generate_callback(generate_cookie) ++ s_ctx.set_cookie_verify_callback(verify_cookie) ++ s_ctx.use_privatekey(load_privatekey(FILETYPE_PEM, server_key_pem)) ++ s_ctx.use_certificate(load_certificate(FILETYPE_PEM, server_cert_pem)) ++ s_ctx.set_options(OP_NO_QUERY_MTU) ++ s = Connection(s_ctx) ++ s.set_accept_state() ++ ++ c_ctx = Context(DTLS_METHOD) ++ c_ctx.set_options(OP_NO_QUERY_MTU) ++ c = Connection(c_ctx) ++ c.set_connect_state() ++ ++ c.set_ciphertext_mtu(1500) ++ s.set_ciphertext_mtu(1500) ++ ++ # Client sends ClientHello ++ try: ++ c.do_handshake() ++ except SSL.WantReadError: ++ pass ++ chunk = c.bio_read(self.LARGE_BUFFER) ++ s.bio_write(chunk) ++ ++ # Server tries DTLSv1_listen, which triggers cookie generation. ++ # The oversized cookie should raise ValueError. ++ with pytest.raises(ValueError, match="Cookie too long"): ++ s.DTLSv1_listen() +-- +2.25.1 + diff --git a/meta/recipes-devtools/python/python3-pyopenssl_22.0.0.bb b/meta/recipes-devtools/python/python3-pyopenssl_22.0.0.bb index 13d87939b62..42de3207b46 100644 --- a/meta/recipes-devtools/python/python3-pyopenssl_22.0.0.bb +++ b/meta/recipes-devtools/python/python3-pyopenssl_22.0.0.bb @@ -12,6 +12,7 @@ inherit pypi setuptools3 SRC_URI += " \ file://CVE-2026-27448.patch \ + file://CVE-2026-27459.patch \ " PACKAGES =+ "${PN}-tests" From patchwork Tue Apr 7 07:13:19 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 85389 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9EE20EDB7C5 for ; Tue, 7 Apr 2026 07:13:56 +0000 (UTC) Received: from mail-wm1-f45.google.com (mail-wm1-f45.google.com [209.85.128.45]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.75568.1775546032204924042 for ; Tue, 07 Apr 2026 00:13:52 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=xCOSKhJq; spf=pass (domain: smile.fr, ip: 209.85.128.45, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f45.google.com with SMTP id 5b1f17b1804b1-4887fd35e60so29522905e9.2 for ; Tue, 07 Apr 2026 00:13:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1775546030; x=1776150830; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ugHqcjdN6zoBas+QQwnv65Xz4W7IIwZMWDc6pFdOi90=; b=xCOSKhJqqwJdBH831MfjgG+ccCEyvYxhB0VoduoqD6aNatfR+Jyz51GmAzv86f3A9O EejARpxB/7/o0j0nVBlYDyvf4mDjqycch4JAEu9HvyW4G4B8WRJe+iBz3TirfLeWQBp6 T6/cDG0zQZoAjUDGmV0he3+Qe0NobbqRbsaE4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775546030; x=1776150830; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=ugHqcjdN6zoBas+QQwnv65Xz4W7IIwZMWDc6pFdOi90=; b=UHwhqh2Caz8Il4UO+xaOm1nABeNhTE/dY7CBIDk7floB1gwYaK6rJSXBrz+VJtqGjS B+1ov7b2rUB/HCKOyAwExs9jCrTYj/qpYOlK+iVIMGnOdVjwfdGXerLcBnSg2HeHQ6DH r1RcHLJnazpQaYUHqEKrRmzv2Q0EpYgc2l69gz+PZgKZ0zb+3VNLfD45X93jpQfHuIrO BBU4ftVun2Dnx/PSAy/bAcs/6avZM9Xyg0RQ3CIkUHwc2kOmkdi6HZjJsjkeTXth17mW yGTCxm3o4ecW+5sI7E1r33oPNhFdXDQLgyFim8wbLg/UbBCoV0lELLjEs3ZQgQaTWEJu A5iA== X-Gm-Message-State: AOJu0Yw5GuCaoZvcIxw77gvUkIz/BE/fkcR+zLGqP2lkh2mbcBmv93Rt 7h6flOhpxk1bz7JDnnItoq92QBDe77RPdvR54thCFDMCVnnANck9LjZs6sCYoUBBNKqVDD0PIvK YBP1Ub5k= X-Gm-Gg: AeBDieswpgYEC50+gQ8YKcRt4hr6ikKukH+9IbRZ9hBVXzzBfcu52hT740hXxJe5asr 8IrfHqPo7VD8rhyRHFORVlLCgsW+2FXV0tzqaHBrcKNWOKsgmeYxC3zUnyExvaOze0Dwup3xClt NXeYWjXipPlbsdzJW4Iu0Rc4uUqyoVRP6W697duE+6hO+GzA7Nbplftq8qHF8u/1eqYxwzmjs3l WjKOXIuqQxHvI6BmrF/jGdS6YByDcqzR1KVCaw0o0ZspiCppOz4vpC5G4+asBNB6FOejWs5lxWp vdwHRrX+HctAylpeaorxF42CRDgO7ITBRI6oEMzUDKMjHn/SaywKRFJwhrVGL8gc9G5gDfZkCoP OZ2zQQ4gb61GC7H4dj4DkEgSmbkudYvslWts+cv7AX0BYTcIoYbObujgdT21NjsXTul6++dQOUk AvVu9JCsGyRBE1GxMMjvoUPLmiOz98uO4XIhKpmKOTTfn9bsJqouDZlViZPcIfwRFwJMCX33pDI 39V/cBOIZrJLsR5HoyCgQveQMtV4MjgdKx/3w== X-Received: by 2002:a05:600c:5292:b0:485:9a50:338d with SMTP id 5b1f17b1804b1-488996cd79dmr238359685e9.3.1775546029619; Tue, 07 Apr 2026 00:13:49 -0700 (PDT) Received: from FRSMI25-LASER.home (2a01cb001331aa00a2e4fb7b0d887544.ipv6.abo.wanadoo.fr. [2a01:cb00:1331:aa00:a2e4:fb7b:d88:7544]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48899d0fc00sm156364925e9.4.2026.04.07.00.13.48 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2026 00:13:48 -0700 (PDT) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone v2 11/18] libarchive: Fix CVE-2026-4111 Date: Tue, 7 Apr 2026 09:13:19 +0200 Message-ID: <9af05e2d56ed355c02722a24ee66b2b0d4097cb9.1775545489.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 07 Apr 2026 07:13:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/234715 From: Vijay Anusuri Pick patch according to [1] [1] https://security-tracker.debian.org/tracker/CVE-2026-4111 [2] https://github.com/libarchive/libarchive/pull/2877 [3] https://access.redhat.com/errata/RHSA-2026:5080 Signed-off-by: Vijay Anusuri Signed-off-by: Yoann Congal --- .../libarchive/CVE-2026-4111-1.patch | 32 ++ .../libarchive/CVE-2026-4111-2.patch | 308 ++++++++++++++++++ .../libarchive/libarchive_3.6.2.bb | 2 + 3 files changed, 342 insertions(+) create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2026-4111-1.patch create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2026-4111-2.patch diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2026-4111-1.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2026-4111-1.patch new file mode 100644 index 00000000000..1f065b13648 --- /dev/null +++ b/meta/recipes-extended/libarchive/libarchive/CVE-2026-4111-1.patch @@ -0,0 +1,32 @@ +From 7273d04803a1e5a482f26d8d0fbaf2b204a72168 Mon Sep 17 00:00:00 2001 +From: Tim Kientzle +Date: Sun, 1 Mar 2026 20:24:56 -0800 +Subject: [PATCH] Reject filters when the block length is nonsensical + +Credit: Grzegorz Antoniak @antekone + +Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/7273d04803a1e5a482f26d8d0fbaf2b204a72168] +CVE: CVE-2026-4111 +Signed-off-by: Vijay Anusuri +--- + libarchive/archive_read_support_format_rar5.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/libarchive/archive_read_support_format_rar5.c b/libarchive/archive_read_support_format_rar5.c +index 38979cb..867f0a8 100644 +--- a/libarchive/archive_read_support_format_rar5.c ++++ b/libarchive/archive_read_support_format_rar5.c +@@ -2914,7 +2914,9 @@ static int parse_filter(struct archive_read* ar, const uint8_t* p) { + if(block_length < 4 || + block_length > 0x400000 || + filter_type > FILTER_ARM || +- !is_valid_filter_block_start(rar, block_start)) ++ !is_valid_filter_block_start(rar, block_start) || ++ (rar->cstate.window_size > 0 && ++ (ssize_t)block_length > rar->cstate.window_size >> 1)) + { + archive_set_error(&ar->archive, ARCHIVE_ERRNO_FILE_FORMAT, + "Invalid filter encountered"); +-- +2.25.1 + diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2026-4111-2.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2026-4111-2.patch new file mode 100644 index 00000000000..243a03a8e5d --- /dev/null +++ b/meta/recipes-extended/libarchive/libarchive/CVE-2026-4111-2.patch @@ -0,0 +1,308 @@ +From ef53e2023d75a205cf7cbddb5d01c4cc592e9ce4 Mon Sep 17 00:00:00 2001 +From: Tim Kientzle +Date: Sun, 1 Mar 2026 10:04:01 -0800 +Subject: [PATCH] Infinite loop in Rar5 decompression + +Found by: Elhanan Haenel + +Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/ef53e2023d75a205cf7cbddb5d01c4cc592e9ce4] +CVE: CVE-2026-4111 +Signed-off-by: Vijay Anusuri +--- + Makefile.am | 2 + + libarchive/test/CMakeLists.txt | 1 + + .../test/test_read_format_rar5_loop_bug.c | 53 +++++ + .../test_read_format_rar5_loop_bug.rar.uu | 189 ++++++++++++++++++ + 4 files changed, 245 insertions(+) + create mode 100644 libarchive/test/test_read_format_rar5_loop_bug.c + create mode 100644 libarchive/test/test_read_format_rar5_loop_bug.rar.uu + +diff --git a/Makefile.am b/Makefile.am +index dd1620d..14edb2a 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -507,6 +507,7 @@ libarchive_test_SOURCES= \ + libarchive/test/test_read_format_rar_invalid1.c \ + libarchive/test/test_read_format_rar_overflow.c \ + libarchive/test/test_read_format_rar5.c \ ++ libarchive/test/test_read_format_rar5_loop_bug.c \ + libarchive/test/test_read_format_raw.c \ + libarchive/test/test_read_format_tar.c \ + libarchive/test/test_read_format_tar_concatenated.c \ +@@ -869,6 +870,7 @@ libarchive_test_EXTRA_DIST=\ + libarchive/test/test_read_format_rar5_invalid_dict_reference.rar.uu \ + libarchive/test/test_read_format_rar5_leftshift1.rar.uu \ + libarchive/test/test_read_format_rar5_leftshift2.rar.uu \ ++ libarchive/test/test_read_format_rar5_loop_bug.rar.uu \ + libarchive/test/test_read_format_rar5_multiarchive.part01.rar.uu \ + libarchive/test/test_read_format_rar5_multiarchive.part02.rar.uu \ + libarchive/test/test_read_format_rar5_multiarchive.part03.rar.uu \ +diff --git a/libarchive/test/CMakeLists.txt b/libarchive/test/CMakeLists.txt +index 05c6fd7..c8f2e90 100644 +--- a/libarchive/test/CMakeLists.txt ++++ b/libarchive/test/CMakeLists.txt +@@ -156,6 +156,7 @@ IF(ENABLE_TEST) + test_read_format_rar_filter.c + test_read_format_rar_overflow.c + test_read_format_rar5.c ++ test_read_format_rar5_loop_bug.c + test_read_format_raw.c + test_read_format_tar.c + test_read_format_tar_concatenated.c +diff --git a/libarchive/test/test_read_format_rar5_loop_bug.c b/libarchive/test/test_read_format_rar5_loop_bug.c +new file mode 100644 +index 0000000..77dd78c +--- /dev/null ++++ b/libarchive/test/test_read_format_rar5_loop_bug.c +@@ -0,0 +1,53 @@ ++/*- ++ * Copyright (c) 2026 Tim Kientzle ++ * All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR ++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES ++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. ++ * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, ++ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, ++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY ++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT ++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF ++ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ++ */ ++#include "test.h" ++ ++DEFINE_TEST(test_read_format_rar5_loop_bug) ++{ ++ const char *reffile = "test_read_format_rar5_loop_bug.rar"; ++ struct archive_entry *ae; ++ struct archive *a; ++ const void *buf; ++ size_t size; ++ la_int64_t offset; ++ ++ extract_reference_file(reffile); ++ assert((a = archive_read_new()) != NULL); ++ assertEqualIntA(a, ARCHIVE_OK, archive_read_support_filter_all(a)); ++ assertEqualIntA(a, ARCHIVE_OK, archive_read_support_format_all(a)); ++ assertEqualIntA(a, ARCHIVE_OK, archive_read_open_filename(a, reffile, 10240)); ++ ++ // This has just one entry ++ assertEqualIntA(a, ARCHIVE_OK, archive_read_next_header(a, &ae)); ++ ++ // Read blocks until the end of the entry ++ while (ARCHIVE_OK == archive_read_data_block(a, &buf, &size, &offset)) { ++ } ++ ++ assertEqualIntA(a, ARCHIVE_EOF, archive_read_next_header(a, &ae)); ++ ++ assertEqualIntA(a, ARCHIVE_OK, archive_read_close(a)); ++ assertEqualInt(ARCHIVE_OK, archive_free(a)); ++} +diff --git a/libarchive/test/test_read_format_rar5_loop_bug.rar.uu b/libarchive/test/test_read_format_rar5_loop_bug.rar.uu +new file mode 100644 +index 0000000..3e47004 +--- /dev/null ++++ b/libarchive/test/test_read_format_rar5_loop_bug.rar.uu +@@ -0,0 +1,189 @@ ++begin 644 test_read_format_rar5_loop_bug.rar ++M4F%R(1H'`0#%&C,R`P$``)T-9%L.`@+P0`"`@`P`@`,``6'(WFP@`?\7_U/^ ++M8@!.`B`H```````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++M```````````````````````````````````````````````````````````` ++5```````````````````Y^;*!`@4` ++` ++end +-- +2.25.1 + diff --git a/meta/recipes-extended/libarchive/libarchive_3.6.2.bb b/meta/recipes-extended/libarchive/libarchive_3.6.2.bb index e74326b40fd..85fe6e5baa2 100644 --- a/meta/recipes-extended/libarchive/libarchive_3.6.2.bb +++ b/meta/recipes-extended/libarchive/libarchive_3.6.2.bb @@ -50,6 +50,8 @@ SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz \ file://0001-Merge-pull-request-2768-from-Commandoss-master.patch \ file://CVE-2025-60753-01.patch \ file://CVE-2025-60753-02.patch \ + file://CVE-2026-4111-1.patch \ + file://CVE-2026-4111-2.patch \ " UPSTREAM_CHECK_URI = "http://libarchive.org/" From patchwork Tue Apr 7 07:13:20 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 85391 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 65C3DEDB7D2 for ; Tue, 7 Apr 2026 07:13:57 +0000 (UTC) Received: from mail-wm1-f46.google.com (mail-wm1-f46.google.com [209.85.128.46]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.75569.1775546032401976278 for ; Tue, 07 Apr 2026 00:13:52 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=GPh75y2v; spf=pass (domain: smile.fr, ip: 209.85.128.46, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f46.google.com with SMTP id 5b1f17b1804b1-482f454be5bso59008915e9.0 for ; Tue, 07 Apr 2026 00:13:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1775546030; x=1776150830; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=BP2dmZ8/tCvcPVYoWBz+GfrxwcZDBTHysfpT3H3eCm0=; b=GPh75y2vT8nNJ5xITq3CJruFGsXMdCDB55T8QZPc1TM122A14VXf0YSOQM5l19ghWs CAiBI6AWALVw9djfNU2fVCw/p8NnGS2NvQA+yAeSJa8G7szxEmBcCp8x6PHqdwNnCSec mUp3V1uoACIuKiZkGiYW0s8zQyhe4NnF7fjNs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775546030; x=1776150830; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=BP2dmZ8/tCvcPVYoWBz+GfrxwcZDBTHysfpT3H3eCm0=; b=seYMiRAfdxl4gJTILqYAeU0LrbdcBI2zyPQLZI8XmZ/a8XjJg5scGjFlbpi/J/K1Up RapRK5Pqid8/jzwafURl+fa/vyRFYxhm8iT3S9frAqKcLOm4vIeckaEcx7zZveU4+2kd goz26WI1ZjpZgki+NAeQDr2F0GJdvZIxjdFxRnDPvLgazlQxaz5midwhYTC3HXI52pI5 OgI847GHVLyw/Tf/hIrrNEhA6P1QOheL7NVy3m8Cjp2EoWZY/BdrIhb7PMEveYSGS8mE xQc9ZOVdh2WTq1BHTS706fulUh8JpfIc9o6wJn8sYdvl2Phx6RYZUfmWxJxlvwxb0jme Evgg== X-Gm-Message-State: AOJu0YwH9odyBtiF4q/V9dHgbQ9X2rr1OX1vVO9K/79UERnuYydiON3m x+M9ohxCPbHdv8+DgS8CrYcYjA/6Y7bMRdUgMlzHOQJNCsLi/kFmNH1N0Qb4NtcV5Ya+bA3omSG JOM5yXFI= X-Gm-Gg: AeBDieuNYXngNiykmaFuv/jyfyDAZRvnQvqurjQS6lZHW06xiftla/eSQ8iFhcdM1P1 n7g76UA7H+neg5vKF8Q8LYN0Y8J3of/dcYXHZnNkfyOYu97h6EK32AwoCkmr+8BQEeN3Qdlqkn8 9+wRbDk2Oxm22buWyfufkJJ1tKXhmcRPxIUas3VA2fbn8zycIq4AHtRDfZ8XcUQ0IcZApT5GEMA cayiBGaZ68V4OlsCXQ8Z0OkWPLAv1gn0QMFUNHlrS4O+MYBFATwDLNmbPEi92Pd9h4SZN60T+mZ fgXUPBMpmf07WsIF4Z2v9Snm436Z9reKFTqKA95RN2kQGF2KLt6XqnMmMRhWVxGWTHiKzMK6vbU Jc9PB2+Pf30aFhJiMbqygFOPAvONJIZcCVxs0N33Pi0Z2hXe2ukr9xoybjcDNTu4UO5mK7WY1uz MgEgBm/Yna4Qeyr8zx7SvJE2o5QFfxE/aZfmllrDRHFSXvv2WnbSCckH77q8RbtGRfU/10y5AUz wmyRzSttMkEueghirSE6purITg= X-Received: by 2002:a05:600c:c096:b0:487:12c:e7ea with SMTP id 5b1f17b1804b1-4889946a4demr134150765e9.5.1775546030227; Tue, 07 Apr 2026 00:13:50 -0700 (PDT) Received: from FRSMI25-LASER.home (2a01cb001331aa00a2e4fb7b0d887544.ipv6.abo.wanadoo.fr. [2a01:cb00:1331:aa00:a2e4:fb7b:d88:7544]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48899d0fc00sm156364925e9.4.2026.04.07.00.13.49 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2026 00:13:49 -0700 (PDT) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone v2 12/18] vim: Fix CVE-2026-33412 Date: Tue, 7 Apr 2026 09:13:20 +0200 Message-ID: <910667342b78fefa22214f6375b657e8b130a24a.1775545489.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 07 Apr 2026 07:13:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/234716 From: Hitendra Prajapati Pick patch from [1] also mentioned in NVD report with [2] [1] https://github.com/vim/vim/commit/645ed6597d1ea896c712cd7ddbb6edee79577e9a [2] https://nvd.nist.gov/vuln/detail/CVE-2026-33412 Signed-off-by: Hitendra Prajapati Signed-off-by: Yoann Congal --- .../vim/files/CVE-2026-33412.patch | 61 +++++++++++++++++++ meta/recipes-support/vim/vim.inc | 1 + 2 files changed, 62 insertions(+) create mode 100644 meta/recipes-support/vim/files/CVE-2026-33412.patch diff --git a/meta/recipes-support/vim/files/CVE-2026-33412.patch b/meta/recipes-support/vim/files/CVE-2026-33412.patch new file mode 100644 index 00000000000..62daa308b58 --- /dev/null +++ b/meta/recipes-support/vim/files/CVE-2026-33412.patch @@ -0,0 +1,61 @@ +From 645ed6597d1ea896c712cd7ddbb6edee79577e9a Mon Sep 17 00:00:00 2001 +From: pyllyukko +Date: Thu, 19 Mar 2026 19:58:05 +0000 +Subject: [PATCH] patch 9.2.0202: [security]: command injection via newline in + glob() + +Problem: The glob() function on Unix-like systems does not escape + newline characters when expanding wildcards. A maliciously + crafted string containing '\n' can be used as a command + separator to execute arbitrary shell commands via + mch_expand_wildcards(). This depends on the user's 'shell' + setting. +Solution: Add the newline character ('\n') to the SHELL_SPECIAL + definition to ensure it is properly escaped before being + passed to the shell (pyllyukko). + +closes: #19746 + +Github Advisory: +https://github.com/vim/vim/security/advisories/GHSA-w5jw-f54h-x46c + +Signed-off-by: pyllyukko +Signed-off-by: Christian Brabandt + +CVE: CVE-2026-33412 +Upstream-Status: Backport [https://github.com/vim/vim/commit/645ed6597d1ea896c712cd7ddbb6edee79577e9a] +Signed-off-by: Hitendra Prajapati +--- + src/os_unix.c | 2 +- + src/version.c | 2 ++ + 2 files changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/os_unix.c b/src/os_unix.c +index cf195e62e1..d767956b1a 100644 +--- a/src/os_unix.c ++++ b/src/os_unix.c +@@ -7106,7 +7106,7 @@ mch_expandpath( + # define SEEK_END 2 + #endif + +-#define SHELL_SPECIAL (char_u *)"\t \"&'$;<>()\\|" ++# define SHELL_SPECIAL (char_u *)"\t \"&'$;<>()\\|\n" + + int + mch_expand_wildcards( +diff --git a/src/version.c b/src/version.c +index 4f3912aedd..712a3e637c 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -724,6 +724,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 1684, + /**/ + 1683, + /**/ +-- +2.50.1 + diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc index 289f31be707..fc9b4db055a 100644 --- a/meta/recipes-support/vim/vim.inc +++ b/meta/recipes-support/vim/vim.inc @@ -16,6 +16,7 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://disable_acl_header_check.patch \ file://0001-src-Makefile-improve-reproducibility.patch \ file://no-path-adjust.patch \ + file://CVE-2026-33412.patch \ " PV .= ".1683" From patchwork Tue Apr 7 07:13:21 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 85386 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id D73A0EDB7CA for ; Tue, 7 Apr 2026 07:13:56 +0000 (UTC) Received: from mail-wm1-f44.google.com (mail-wm1-f44.google.com [209.85.128.44]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.75570.1775546032829428289 for ; Tue, 07 Apr 2026 00:13:53 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=Oz/l1ip6; spf=pass (domain: smile.fr, ip: 209.85.128.44, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f44.google.com with SMTP id 5b1f17b1804b1-488b8bc6bc9so6563375e9.3 for ; Tue, 07 Apr 2026 00:13:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1775546031; x=1776150831; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=sMEM8VvFmNdDO0qa35jZnfImu6P/RN8dlTc/DuIxpfs=; b=Oz/l1ip64rIO1cgQ21YOiVEGBp7BVMvAP9TFjTXDSQGhMYm5KdwKNHSnllZnBKld4y pEpHanFxsRE3yQZcwxriHXB8EKNtSuGy1J92BETnVmDgl7WGxgHoZZrnl0K0Om7Yf8gC GgVj0jDyr82lyiuOnWvvclcY9JTqAYSNXfHP8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775546031; x=1776150831; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=sMEM8VvFmNdDO0qa35jZnfImu6P/RN8dlTc/DuIxpfs=; b=gCIMQyK/QEpFuxogzCJRXseXPi+WXgsmE5xA3NWVnoOy7oofPwLI5guTGye7E7LqKe MU2UsUxJSvFKqg0bdJjyHl6oLAZeDZg/0VBmfvVy7Nwt1PzQGtaMictvNoT1q2BhvsUN fCkxVrSN8OiVA4QeErfd0XwJGdvTQFM7kPcdS+sOgspkf/nlsX+CNX2Go5LRnF+/Dx/5 XIh+NMQFVCUgEYmMYyyHM7mopBnRJ+xIQRa6n/P4+KRYLahN02EYeI45cBkhsSsRqiI6 ARz0ReeBbs1TeSbfIbRHSRNhxvhvEEM3Yolj9yUTMeVz7jDmATSaAx3jmUSOxv7eLgV+ RgfQ== X-Gm-Message-State: AOJu0YwGCF2gZRi051av7h8SCgoiaYmUmQPFbIAJeHBSL5GveOtxxz2O LHUvRTIxevbkJ89KW4RAKdRaSfR1UFf/NKkZTjI1Q56P8CTNhvWZWblddbqd026fTqckfbywqUd bFjlt6p0= X-Gm-Gg: AeBDievbFWaZ4yKckqO+HlrBsU1UdTafZaVu5b/1CVZS1GT3l9JAIfNW9+5dPPW3bmA EuWYZn8sK7LSYFBfMLmFEzW17cKjF+BmjcCDn7kS4PnBCG50eZQxMYLajMsJ92ztrYPf0/WYA2Z ipDDxEJIbXy4MozwqejGpSKwr5ldMXmS+Pumx7U5H0lE/LSpj6Seu8JISgwQQhLgLx1fAI6Y3LE wNRrr5s29XwW81jiokwo0jWUQ+a+bjQ5qDoVzhVc5xnwM6Dkite+dLmWbsJ48kzix6wXpQNeXHc DGC/j/FJ3FNPXpFzdupz6pgeH8Hnm0HuBT6ckkbSOpgeYEGYtgi3hMwzz1vGROMKd49skL8LHyp GpQay4kkGsdkhnNkN4zui+MtcLEvoRLS24ibpRwDS7Vgsu1V/KVGLu75aHRcc6pZgvs6PeckHxi xCVolRcWsNjofk0xSJaoZ8o9zzxsqpTeBVUCz0GBaH3cQF6ACliNufdC3UA8N1H+sNn4nHISeAa cwpKO3zE0jwvzmqdagu0lvICJwZu981VSfqfg== X-Received: by 2002:a05:600c:3b1e:b0:485:3f1c:d8a1 with SMTP id 5b1f17b1804b1-488996e728cmr212900685e9.9.1775546030843; Tue, 07 Apr 2026 00:13:50 -0700 (PDT) Received: from FRSMI25-LASER.home (2a01cb001331aa00a2e4fb7b0d887544.ipv6.abo.wanadoo.fr. [2a01:cb00:1331:aa00:a2e4:fb7b:d88:7544]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48899d0fc00sm156364925e9.4.2026.04.07.00.13.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2026 00:13:50 -0700 (PDT) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone v2 13/18] sqlite3: Fix CVE-2025-70873 Date: Tue, 7 Apr 2026 09:13:21 +0200 Message-ID: X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 07 Apr 2026 07:13:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/234717 From: Vijay Anusuri Pick patch as per [1] [1] https://sqlite.org/src/info/3d459f1fb1bd1b5e [2] https://sqlite.org/forum/forumpost/761eac3c82 [3] https://gist.github.com/cnwangjihe/f496393f30f5ecec5b18c8f5ab072054 Signed-off-by: Vijay Anusuri Signed-off-by: Yoann Congal --- .../sqlite/files/CVE-2025-70873.patch | 33 +++++++++++++++++++ meta/recipes-support/sqlite/sqlite3_3.38.5.bb | 1 + 2 files changed, 34 insertions(+) create mode 100644 meta/recipes-support/sqlite/files/CVE-2025-70873.patch diff --git a/meta/recipes-support/sqlite/files/CVE-2025-70873.patch b/meta/recipes-support/sqlite/files/CVE-2025-70873.patch new file mode 100644 index 00000000000..86004c0b741 --- /dev/null +++ b/meta/recipes-support/sqlite/files/CVE-2025-70873.patch @@ -0,0 +1,33 @@ +From 5a05c59d4d75c03f23d5fb70feac9f789954bf8a Mon Sep 17 00:00:00 2001 +From: drh <> +Date: Sat, 6 Dec 2025 20:41:24 +0000 +Subject: [PATCH] In the zipfile extension, only return as many bytes as + Inflate actually generated. [forum:/forumpost/761eac3c82|Forum post + 761eac3c82]. Adjust ./configure so that it builds zipfile into testfixture if + ZLIB is available, so that tests get run on unix platforms. + +FossilOrigin-Name: 3d459f1fb1bd1b5e723629c463ab392af7b206ece3388bda216c6a4c26160909 + +Upstream-Status: Backport [https://github.com/sqlite/sqlite/commit/5a05c59d4d75c03f23d5fb70feac9f789954bf8a] +CVE: CVE-2025-70873 +Signed-off-by: Vijay Anusuri +--- + shell.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/shell.c b/shell.c +index fa45d40..3c4902c 100644 +--- a/shell.c ++++ b/shell.c +@@ -7668,7 +7668,7 @@ static void zipfileInflate( + if( err!=Z_STREAM_END ){ + zipfileCtxErrorMsg(pCtx, "inflate() failed (%d)", err); + }else{ +- sqlite3_result_blob(pCtx, aRes, nOut, zipfileFree); ++ sqlite3_result_blob(pCtx, aRes, (int)str.total_out, zipfileFree); + aRes = 0; + } + } +-- +2.25.1 + diff --git a/meta/recipes-support/sqlite/sqlite3_3.38.5.bb b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb index acdd80022e1..9e10caa399a 100644 --- a/meta/recipes-support/sqlite/sqlite3_3.38.5.bb +++ b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb @@ -10,6 +10,7 @@ SRC_URI = "http://www.sqlite.org/2022/sqlite-autoconf-${SQLITE_PV}.tar.gz \ file://CVE-2023-7104.patch \ file://CVE-2025-29088.patch \ file://CVE-2025-6965.patch \ + file://CVE-2025-70873.patch \ " SRC_URI[sha256sum] = "5af07de982ba658fd91a03170c945f99c971f6955bc79df3266544373e39869c" From patchwork Tue Apr 7 07:13:22 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 85388 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C116CEDB7C8 for ; Tue, 7 Apr 2026 07:13:56 +0000 (UTC) Received: from mail-wm1-f54.google.com (mail-wm1-f54.google.com [209.85.128.54]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.75684.1775546033516870632 for ; Tue, 07 Apr 2026 00:13:53 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=Fn9k8+IZ; spf=pass (domain: smile.fr, ip: 209.85.128.54, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f54.google.com with SMTP id 5b1f17b1804b1-482f454be5bso59009085e9.0 for ; Tue, 07 Apr 2026 00:13:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1775546031; x=1776150831; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=DnPfSxuNmlH81fbdPnvc6ltVJQ+styhsyLQRmmXMXrU=; b=Fn9k8+IZ2/tOHO5J0mi0gyjQ+1PT1Ph58Z2+0VzbKNFMe0SPzY8ZbIm+BlU8MPuZLB KjCSCr+2KA5rdmFlFUvBHPdWn4N3XthOtmd8br5k/RtKvO51TXxQngHcDRtQOITpMom0 1244xCp36np5RsqLknUItSCXvxLxHiEE3rjyU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775546031; x=1776150831; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=DnPfSxuNmlH81fbdPnvc6ltVJQ+styhsyLQRmmXMXrU=; b=lZ2AeK7eNhb4slY8/g6CEbQFOyqlKabN24GB8rqKyYZwo2owoksybli1g+g0d3IdmE muMSKLAuxEy1ETMUaESH47y4jMAMQSoj09410Xzo2695IUvfAubtxYstGosbE19wILiD 3vAd5IOobzuhZyUfpGGw3epyjDY6r/OFRMTrJ/EGKxE5eJ1X1P19cf5UOPAR42nAt7y6 974S+iR9pnfdIpAIRlDO2bN9PLpkyrAfPsjNFjT/cG+1hZsnMns24K1IMeT8EJm58wPf eEBXpbZCI54XQ8Jb2zqan2q/o5lDiiewGkvFl9gCo19Y5RvYUsppjeEjqMAJcB5ehVjr LUag== X-Gm-Message-State: AOJu0Yww6Gx7FtvDpAvU2WtEMn/+QeO+GHD4h5kTfznguCSapebL/nKw CdzD3+ubY5q2TV3vbrdj9fXojM+s7fw2i5978M/r2a1m1cxvi+TnJBggUm0zNiAje+Nado12BAL JDae2s0o= X-Gm-Gg: AeBDietQBIg4xf5Qh6iX6PEPMtQbBDZRWwqVr9eatUjzuL2DHRAYXDtXwyx9MtpEbpu KvXoF5w/iwjKL2t/fVmTotR83katX0R5OyipDoe7VoRg9fbiikWDuoOMwGn5gnH1J4JE6sHPIG4 5Fq8Jy8M875b4DkAG02ZgMD/9WsqJLvuPw7JQeUxz9pI+mjInyh2cbt9VjGmMIiKASmYEgNCrwC t55j/qqgronGHPppm2/se0DLBLDojslchj68dDGLKXH//FEOCX9uWc16Whx30c6XW1aZ0NR0ghr hjAd0CxdgN+gRlj3OLkno8kzU5kTzgWwJ8vx9ly8CFAw59qctY9aSDnpbRNuZYzhxq374w9jLxe RxOKjfsaY91rjButT1BgzKbIBaATf43ZzZNbpqZyYS4aXf3R74CtDe/V0olYoiAdPzDz/2netzK 8uYM+sjgKEOktQNT6MuK8iq0ksvwhb23IilqNazN4Dw06YzgtMnGJiOuax0+lPun1TvHegoQTyK VWVXQSHFU/X3JmLf13LR6bUB+KkwqgQpVMF/w== X-Received: by 2002:a05:600c:45cf:b0:477:9890:9ab8 with SMTP id 5b1f17b1804b1-4889945f8c3mr185236135e9.3.1775546031449; Tue, 07 Apr 2026 00:13:51 -0700 (PDT) Received: from FRSMI25-LASER.home (2a01cb001331aa00a2e4fb7b0d887544.ipv6.abo.wanadoo.fr. [2a01:cb00:1331:aa00:a2e4:fb7b:d88:7544]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48899d0fc00sm156364925e9.4.2026.04.07.00.13.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2026 00:13:50 -0700 (PDT) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone v2 14/18] curl: patch CVE-2025-14524 Date: Tue, 7 Apr 2026 09:13:22 +0200 Message-ID: <69b98b1f2bd0717b0ab7adcb5d8aa9b84ae2f48b.1775545489.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 07 Apr 2026 07:13:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/234718 From: Vijay Anusuri Pick commit per [1]. [1] https://curl.se/docs/CVE-2025-14524.html [2] https://security-tracker.debian.org/tracker/CVE-2025-14524 Signed-off-by: Amaury Couderc Signed-off-by: Paul Barker Signed-off-by: Vijay Anusuri [YC: cherry-picked from scarthgap commit 951113a6e8185969444b5e28292f23434dba1f6c] Signed-off-by: Yoann Congal --- .../curl/curl/CVE-2025-14524.patch | 42 +++++++++++++++++++ meta/recipes-support/curl/curl_7.82.0.bb | 1 + 2 files changed, 43 insertions(+) create mode 100644 meta/recipes-support/curl/curl/CVE-2025-14524.patch diff --git a/meta/recipes-support/curl/curl/CVE-2025-14524.patch b/meta/recipes-support/curl/curl/CVE-2025-14524.patch new file mode 100644 index 00000000000..0ab77ade9d5 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2025-14524.patch @@ -0,0 +1,42 @@ +From b3e2318ff3cbe4a9babe5b6875916a429bd584be Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Wed, 10 Dec 2025 11:40:47 +0100 +Subject: [PATCH] curl_sasl: if redirected, require permission to use bearer + +Closes #19933 + +CVE: CVE-2025-14524 +Upstream-Status: Backport [https://github.com/curl/curl/commit/1a822275d333dc6da6043497160fd04c8fa48640] + +Signed-off-by: Amaury Couderc + +--- + lib/curl_sasl.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c +index 7e28c92..f0b0341 100644 +--- a/lib/curl_sasl.c ++++ b/lib/curl_sasl.c +@@ -345,7 +345,9 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct Curl_easy *data, + data->set.str[STRING_SERVICE_NAME] : + sasl->params->service; + #endif +- const char *oauth_bearer = data->set.str[STRING_BEARER]; ++ const char *oauth_bearer = ++ (!data->state.this_is_a_follow || data->set.allow_auth_to_other_hosts) ? ++ data->set.str[STRING_BEARER] : NULL; + struct bufref nullmsg; + + Curl_bufref_init(&nullmsg); +@@ -531,7 +533,9 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct Curl_easy *data, + data->set.str[STRING_SERVICE_NAME] : + sasl->params->service; + #endif +- const char *oauth_bearer = data->set.str[STRING_BEARER]; ++ const char *oauth_bearer = ++ (!data->state.this_is_a_follow || data->set.allow_auth_to_other_hosts) ? ++ data->set.str[STRING_BEARER] : NULL; + struct bufref serverdata; + + Curl_bufref_init(&serverdata); diff --git a/meta/recipes-support/curl/curl_7.82.0.bb b/meta/recipes-support/curl/curl_7.82.0.bb index 72bd1a20881..b8fa8b5266a 100644 --- a/meta/recipes-support/curl/curl_7.82.0.bb +++ b/meta/recipes-support/curl/curl_7.82.0.bb @@ -70,6 +70,7 @@ SRC_URI = "https://curl.se/download/${BP}.tar.xz \ file://CVE-2025-14017.patch \ file://CVE-2025-15079.patch \ file://CVE-2025-15224.patch \ + file://CVE-2025-14524.patch \ " SRC_URI[sha256sum] = "0aaa12d7bd04b0966254f2703ce80dd5c38dbbd76af0297d3d690cdce58a583c" From patchwork Tue Apr 7 07:13:23 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 85393 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A400AEDB7D4 for ; Tue, 7 Apr 2026 07:13:57 +0000 (UTC) Received: from mail-wm1-f47.google.com (mail-wm1-f47.google.com [209.85.128.47]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.75571.1775546034084707086 for ; Tue, 07 Apr 2026 00:13:54 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=Ebn3bBau; spf=pass (domain: smile.fr, ip: 209.85.128.47, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f47.google.com with SMTP id 5b1f17b1804b1-483487335c2so46926285e9.2 for ; Tue, 07 Apr 2026 00:13:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1775546032; x=1776150832; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=OCrRpjcSzw3cpfrKy1N2tyj/zldtSrQhQmfan6FM4XI=; b=Ebn3bBauhOtRGFM+sSUcT+uAzzjYF3P2CCfwj/vK/j0e1HlKgCTsU0j9zdeNKL6cAH Df/98SXZgvW4XzHCSzGDv/EuvswsJ42p9TxxzKeDTX5htGZ81eE83jAKUBksowz9svgo 5RCV+YuNTCRghcH9cZckhrGPENxnwtdBjrR/I= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775546032; x=1776150832; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=OCrRpjcSzw3cpfrKy1N2tyj/zldtSrQhQmfan6FM4XI=; b=TPdjpyGXiMnJZ/Vc+eR7NvhWNsYTrIxCjWbyVuMgH+qLp36J/YD/ouFe7+FtLkgHP+ oKaZSBZyml+9u/eL3x8rI1LVQeZx+R0XeKmTgjJLnHGatyskGJ6vierV66bCJv9jJF68 5L5NlAUXfDjimIXtIlg9Dk1t6fuWfeNWN92mNYY1drmZLXy3AkOdcUzpcDGY0COZ4D5A KzFSP7EihhKUO0gvUEaY/BJBeeu35agvmbx5vaDe2+qoh8x9ZWZKYU6AfRk5+BDfGHCU VnC3/8YbBdf+WWIlwIrbxaaGU9v92SmyLML47FolseavzIFxQKgIQkd7JHHdceYuJw/q k5iQ== X-Gm-Message-State: AOJu0Yy8l0lqreSgFdiRy+TgOpm+O6RgAtJm1LPHZCmEM9kdu0SZ8HjG mTEEPtpXh4hlrlDpl1bDLE5VEOlV6hDVSm2pU7Jm9PuSK0InakkuwkciJAKinHQ9gTie46aJ1Py Jw5qchLI= X-Gm-Gg: AeBDieuaOYO9UQ4WARX9Hb4LhO3Q5isj+ycsXxDu2J1g/jHgUEcB6ubJ3+wkBBQz9E7 P2QElfBoiWH7Li4f3L+J+ZogAdd+8FlBQmKKE0yghz9YJ2PMyDC5BVUwOzCg7y5PNXNyXFGXnC4 8XX6vRskoYG1GN9GZmYg4ZnNc0PwkzdqA7VgMIEt7woUEUSYjxSkrPyb0U6+18PsV5jzpuxOCwL cYIY3jo6Z+zpkVSLGPF2+0uoZv5MkZ9Iu7P4C/Ix+JWawmTBGRCn+elJNyIB7gJcKW32tCHhSpo K2N80tIkFoslVC3/56ttd+YmIq+2KApFSly9YNNCF8gtx8nzt3wny556MRi1JqnyyYoBx7wRwwi v6YltKFYmeIKmcO/GuKK9QQziyfjaRq4Mwnn/dnREbnxCC5UoYodXotPWAW+Z6CnmHobJ4U6YEJ KV8HQdIT+8Ou8YedLWnX8d0XkfO5WrhFXQw+ihgOwEe8/P7AnbmS0+poMvCbyW9toEc+PYlS3Qz 754cWs/2L3TyOVlAr4sSBecE1qklgfdPgKpxg== X-Received: by 2002:a05:600c:1f96:b0:483:8062:b2f with SMTP id 5b1f17b1804b1-488996e142bmr217450915e9.6.1775546032126; Tue, 07 Apr 2026 00:13:52 -0700 (PDT) Received: from FRSMI25-LASER.home (2a01cb001331aa00a2e4fb7b0d887544.ipv6.abo.wanadoo.fr. [2a01:cb00:1331:aa00:a2e4:fb7b:d88:7544]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48899d0fc00sm156364925e9.4.2026.04.07.00.13.51 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2026 00:13:51 -0700 (PDT) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone v2 15/18] curl: patch CVE-2026-1965 Date: Tue, 7 Apr 2026 09:13:23 +0200 Message-ID: X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 07 Apr 2026 07:13:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/234719 From: Vijay Anusuri pick patches from ubuntu per [1] [1] https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/curl/7.81.0-1ubuntu1.23/curl_7.81.0-1ubuntu1.23.debian.tar.xz [2] https://ubuntu.com/security/CVE-2026-1965 [3] https://curl.se/docs/CVE-2026-1965.html Signed-off-by: Vijay Anusuri Signed-off-by: Yoann Congal --- .../curl/curl/CVE-2026-1965-1.patch | 98 +++++++++++++++++++ .../curl/curl/CVE-2026-1965-2.patch | 29 ++++++ meta/recipes-support/curl/curl_7.82.0.bb | 2 + 3 files changed, 129 insertions(+) create mode 100644 meta/recipes-support/curl/curl/CVE-2026-1965-1.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2026-1965-2.patch diff --git a/meta/recipes-support/curl/curl/CVE-2026-1965-1.patch b/meta/recipes-support/curl/curl/CVE-2026-1965-1.patch new file mode 100644 index 00000000000..1d0f5c59e8d --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2026-1965-1.patch @@ -0,0 +1,98 @@ +From 34fa034d9a390c4bd65e2d05262755ec8646ac12 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Thu, 5 Feb 2026 08:34:21 +0100 +Subject: [PATCH] url: fix reuse of connections using HTTP Negotiate + +Assume Negotiate means connection-based + +Reported-by: Zhicheng Chen +Closes #20534 + +Upstream-Status: Backport [https://github.com/curl/curl/commit/34fa034d9a390c4bd6] +Backported by Ubuntu team https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/curl/7.81.0-1ubuntu1.23/curl_7.81.0-1ubuntu1.23.debian.tar.xz + +CVE: CVE-2026-1965 +Signed-off-by: Vijay Anusuri +--- + lib/url.c | 87 +++++++++++++++++++++++++++++++++++++++++++++++++++---- + 1 file changed, 82 insertions(+), 5 deletions(-) + +--- a/lib/url.c ++++ b/lib/url.c +@@ -1145,6 +1145,18 @@ ConnectionExists(struct Curl_easy *data, + #endif + #endif + ++#if !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO) ++ bool wantNegohttp = ++ (data->state.authhost.want & CURLAUTH_NEGOTIATE) && ++ (needle->handler->protocol & PROTO_FAMILY_HTTP); ++#ifndef CURL_DISABLE_PROXY ++ bool wantProxyNegohttp = ++ needle->bits.proxy_user_passwd && ++ (data->state.authproxy.want & CURLAUTH_NEGOTIATE) && ++ (needle->handler->protocol & PROTO_FAMILY_HTTP); ++#endif ++#endif ++ + *force_reuse = FALSE; + *waitpipe = FALSE; + +@@ -1496,6 +1508,57 @@ ConnectionExists(struct Curl_easy *data, + continue; + } + #endif ++ ++#ifdef USE_SPNEGO ++ /* If we are looking for an HTTP+Negotiate connection, check if this is ++ already authenticating with the right credentials. If not, keep looking ++ so that we can reuse Negotiate connections if possible. */ ++ if(wantNegohttp) { ++ if(Curl_timestrcmp(needle->user, check->user) || ++ Curl_timestrcmp(needle->passwd, check->passwd)) ++ continue; ++ } ++ else if(check->http_negotiate_state != GSS_AUTHNONE) { ++ /* Connection is using Negotiate auth but we do not want Negotiate */ ++ continue; ++ } ++ ++#ifndef CURL_DISABLE_PROXY ++ /* Same for Proxy Negotiate authentication */ ++ if(wantProxyNegohttp) { ++ /* Both check->http_proxy.user and check->http_proxy.passwd can be ++ * NULL */ ++ if(!check->http_proxy.user || !check->http_proxy.passwd) ++ continue; ++ ++ if(Curl_timestrcmp(needle->http_proxy.user, ++ check->http_proxy.user) || ++ Curl_timestrcmp(needle->http_proxy.passwd, ++ check->http_proxy.passwd)) ++ continue; ++ } ++ else if(check->proxy_negotiate_state != GSS_AUTHNONE) { ++ /* Proxy connection is using Negotiate auth but we do not want Negotiate */ ++ continue; ++ } ++#endif ++ if(wantNTLMhttp || wantProxyNTLMhttp) { ++ /* Credentials are already checked, we may use this connection. We MUST ++ * use a connection where it has already been fully negotiated. If it has ++ * not, we keep on looking for a better one. */ ++ chosen = check; ++ if((wantNegohttp && ++ (check->http_negotiate_state != GSS_AUTHNONE)) || ++ (wantProxyNegohttp && ++ (check->proxy_negotiate_state != GSS_AUTHNONE))) { ++ /* We must use this connection, no other */ ++ *force_reuse = TRUE; ++ break; ++ } ++ continue; /* get another */ ++ } ++#endif ++ + if(canmultiplex) { + /* We can multiplex if we want to. Let's continue looking for + the optimal connection to use. */ diff --git a/meta/recipes-support/curl/curl/CVE-2026-1965-2.patch b/meta/recipes-support/curl/curl/CVE-2026-1965-2.patch new file mode 100644 index 00000000000..fa5fefd2517 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2026-1965-2.patch @@ -0,0 +1,29 @@ +From f1a39f221d57354990e3eeeddc3404aede2aff70 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Sat, 21 Feb 2026 18:11:41 +0100 +Subject: [PATCH] url: fix copy and paste url_match_auth_nego mistake + +Follow-up to 34fa034 +Reported-by: dahmono on github +Closes #20662 + +Upstream-Status: Backport [https://github.com/curl/curl/commit/f1a39f221d57354990] +Backported by Ubuntu team https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/curl/7.81.0-1ubuntu1.23/curl_7.81.0-1ubuntu1.23.debian.tar.xz + +CVE: CVE-2026-1965 +Signed-off-by: Vijay Anusuri +--- + lib/url.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/lib/url.c ++++ b/lib/url.c +@@ -1542,7 +1542,7 @@ ConnectionExists(struct Curl_easy *data, + continue; + } + #endif +- if(wantNTLMhttp || wantProxyNTLMhttp) { ++ if(wantNegohttp || wantProxyNegohttp) { + /* Credentials are already checked, we may use this connection. We MUST + * use a connection where it has already been fully negotiated. If it has + * not, we keep on looking for a better one. */ diff --git a/meta/recipes-support/curl/curl_7.82.0.bb b/meta/recipes-support/curl/curl_7.82.0.bb index b8fa8b5266a..0e107f1e753 100644 --- a/meta/recipes-support/curl/curl_7.82.0.bb +++ b/meta/recipes-support/curl/curl_7.82.0.bb @@ -71,6 +71,8 @@ SRC_URI = "https://curl.se/download/${BP}.tar.xz \ file://CVE-2025-15079.patch \ file://CVE-2025-15224.patch \ file://CVE-2025-14524.patch \ + file://CVE-2026-1965-1.patch \ + file://CVE-2026-1965-2.patch \ " SRC_URI[sha256sum] = "0aaa12d7bd04b0966254f2703ce80dd5c38dbbd76af0297d3d690cdce58a583c" From patchwork Tue Apr 7 07:13:24 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 85387 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 773ECEDB7C4 for ; Tue, 7 Apr 2026 07:13:56 +0000 (UTC) Received: from mail-wm1-f54.google.com (mail-wm1-f54.google.com [209.85.128.54]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.75572.1775546034600830604 for ; Tue, 07 Apr 2026 00:13:54 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=h/uDFOPq; spf=pass (domain: smile.fr, ip: 209.85.128.54, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f54.google.com with SMTP id 5b1f17b1804b1-4887fd35e60so29523105e9.2 for ; Tue, 07 Apr 2026 00:13:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1775546033; x=1776150833; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=mHQ/4LWJhGkDYCDuIEIGCpAaK6+07wKzkT6vBVw3cXE=; b=h/uDFOPqw9qJs9KDiA60+Sz1JnPJ9oP3qMHL+wAQaPtegC0fO7528W4nQLNmumP3D3 nKFj/NKd/tEHznhU3ub/ii+7Rz7DT479IGpMkKE4QVbbHrTCePyiIahQTMyrkwcyajww eUHsXJyBw+4Oimp/nljNa0n9ULq8HlKIF6d+U= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775546033; x=1776150833; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=mHQ/4LWJhGkDYCDuIEIGCpAaK6+07wKzkT6vBVw3cXE=; b=bPkofwZCKt2S+PRg8ZITJxrgK2j8x82QlMqvWqoxs7MadSKZ7scNvl1DZUMxSK8GTZ nIl1/EFZZXNiei+xHYm9YOr3eFMlAfv5rHKKLBsazHZGoWYbNVlSEft7wNZEVlYBakoD sQ5nB5WrTGb8j6DDFa9HD1VM1Rt7hmJkR/ktNJRC1Z+ZhQqQgZZb3Yh7M+cdR2EldNkn QYVtkeSoMhxrzhhzzRsNIdE7iRm3oDA4NXpMXWjrPGNUlsNiqk55jhGb7jUQmSgWDohM lVbHXmG5KESvlJPefCzQ/ewVOAoOzXP7G3I+g1et9XpJgS2ThPofNUf718lq2qGKiVfb MeQg== X-Gm-Message-State: AOJu0Yy82QfMrG9gYf3BbEQZsoMJPT4sZYmU8Oh1WehJLZ6jbJOQqdUF cGMKOrn94CDdJ5/g49bptQjVxyYKDI/ncI92CndiNeI0kwfkKXlCRoLLcSiZZE9/zbeifh0B9r4 RAamBKlo= X-Gm-Gg: AeBDievLD5SJHAD2M7A/DScPBWEYnlCe048s+POGXaArcdBGDmD6jRrHh+hv7iekIYI KQsY2saenj3douGgKU2I0jofWXAby9CohU/wZ+aU1zo1V+xVtXZLqCmi0X6+1hH1cJwSIgMajxT HHmowtnw5N76Jiz5tStAX8t5El2g1BKg1eybPCEKX3vlpVJcdOjqNgBl6HgArkHWdJXI7ZxflCI /L60nAmowLcFdV5oVOI4WF+eV9McOWal3qvUsaJDPlGcPQrHF+8nFoQKNLQqERQzY0K7mtV6J7I 9HvZSzWPGRCPQ6py7fer/vZraOa2y9yDJgkRW5Qa6UCnBDbqOo8MV8fprSXPv9843DfMzy25Hoh yTwPmjG8thDrjbY2NfbcM90TG6qbbBlTEgA/VTCVKXPRohZ4dT4DA7Db5pMAEVdTUblZcSDvxGo 56BpfgYA1ZcG/jpCrtVnkScKliEQ/VzARVtRo/99cboRNxHcTeH/7eYCMpPOe5/TtWKjb25O1Q0 7Q6md9BpW/COV2p4wHriD+HFKI= X-Received: by 2002:a05:600c:621a:b0:488:af7f:7707 with SMTP id 5b1f17b1804b1-488af7f7fd3mr96958065e9.18.1775546032610; Tue, 07 Apr 2026 00:13:52 -0700 (PDT) Received: from FRSMI25-LASER.home (2a01cb001331aa00a2e4fb7b0d887544.ipv6.abo.wanadoo.fr. [2a01:cb00:1331:aa00:a2e4:fb7b:d88:7544]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48899d0fc00sm156364925e9.4.2026.04.07.00.13.52 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2026 00:13:52 -0700 (PDT) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone v2 16/18] curl: patch CVE-2026-3783 Date: Tue, 7 Apr 2026 09:13:24 +0200 Message-ID: X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 07 Apr 2026 07:13:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/234720 From: Vijay Anusuri CVE-2026-3783-pre1.patch is dependency patch for CVE-2026-3783.patch cherry picked from upstream commit: https://github.com/curl/curl/commit/d7b970e46ba29a7e558e21d19f485977ffed6266 https://github.com/curl/curl/commit/e3d7401a32a46516c9e5ee877 Reference: https://curl.se/docs/CVE-2026-3783.html Signed-off-by: Vijay Anusuri Signed-off-by: Yoann Congal --- .../curl/curl/CVE-2026-3783-pre1.patch | 66 ++++++++ .../curl/curl/CVE-2026-3783.patch | 157 ++++++++++++++++++ meta/recipes-support/curl/curl_7.82.0.bb | 2 + 3 files changed, 225 insertions(+) create mode 100644 meta/recipes-support/curl/curl/CVE-2026-3783-pre1.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2026-3783.patch diff --git a/meta/recipes-support/curl/curl/CVE-2026-3783-pre1.patch b/meta/recipes-support/curl/curl/CVE-2026-3783-pre1.patch new file mode 100644 index 00000000000..746e5d9ab6c --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2026-3783-pre1.patch @@ -0,0 +1,66 @@ +From d7b970e46ba29a7e558e21d19f485977ffed6266 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Fri, 29 Apr 2022 22:56:47 +0200 +Subject: [PATCH] http: move Curl_allow_auth_to_host() + +It was mistakenly put within the CURL_DISABLE_HTTP_AUTH #ifdef + +Reported-by: Michael Olbrich +Fixes #8772 +Closes #8775 + +Upstream-Status: Backport [https://github.com/curl/curl/commit/d7b970e46ba29a7e558e21d19f485977ffed6266] +CVE: CVE-2026-3783 #Dependency Patch +Signed-off-by: Vijay Anusuri +--- + lib/http.c | 30 +++++++++++++++--------------- + 1 file changed, 15 insertions(+), 15 deletions(-) + +diff --git a/lib/http.c b/lib/http.c +index 0d5c449bc72a..b215307dcaaa 100644 +--- a/lib/http.c ++++ b/lib/http.c +@@ -651,6 +651,21 @@ CURLcode Curl_http_auth_act(struct Curl_easy *data) + return result; + } + ++/* ++ * Curl_allow_auth_to_host() tells if authentication, cookies or other ++ * "sensitive data" can (still) be sent to this host. ++ */ ++bool Curl_allow_auth_to_host(struct Curl_easy *data) ++{ ++ struct connectdata *conn = data->conn; ++ return (!data->state.this_is_a_follow || ++ data->set.allow_auth_to_other_hosts || ++ (data->state.first_host && ++ strcasecompare(data->state.first_host, conn->host.name) && ++ (data->state.first_remote_port == conn->remote_port) && ++ (data->state.first_remote_protocol == conn->handler->protocol))); ++} ++ + #ifndef CURL_DISABLE_HTTP_AUTH + /* + * Output the correct authentication header depending on the auth type +@@ -775,21 +790,6 @@ output_auth_headers(struct Curl_easy *data, + return CURLE_OK; + } + +-/* +- * Curl_allow_auth_to_host() tells if authentication, cookies or other +- * "sensitive data" can (still) be sent to this host. +- */ +-bool Curl_allow_auth_to_host(struct Curl_easy *data) +-{ +- struct connectdata *conn = data->conn; +- return (!data->state.this_is_a_follow || +- data->set.allow_auth_to_other_hosts || +- (data->state.first_host && +- strcasecompare(data->state.first_host, conn->host.name) && +- (data->state.first_remote_port == conn->remote_port) && +- (data->state.first_remote_protocol == conn->handler->protocol))); +-} +- + /** + * Curl_http_output_auth() setups the authentication headers for the + * host/proxy and the correct authentication diff --git a/meta/recipes-support/curl/curl/CVE-2026-3783.patch b/meta/recipes-support/curl/curl/CVE-2026-3783.patch new file mode 100644 index 00000000000..769198d6883 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2026-3783.patch @@ -0,0 +1,157 @@ +From e3d7401a32a46516c9e5ee877e613e62ed35bddc Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Fri, 6 Mar 2026 23:13:07 +0100 +Subject: [PATCH] http: only send bearer if auth is allowed + +Verify with test 2006 + +Closes #20843 + +Curl_auth_allowed_to_host() function got renamed from +Curl_allow_auth_to_host() by the commit +https://github.com/curl/curl/commit/72652c0613d37ce18e99cca17a42887f12ad43da + +Current curl version 7.82.0 has function Curl_allow_auth_to_host() + +Upstream-Status: Backport [https://github.com/curl/curl/commit/e3d7401a32a46516c9e5ee877] +CVE: CVE-2026-3783 +Signed-off-by: Vijay Anusuri +--- + lib/http.c | 1 + + tests/data/Makefile.inc | 2 +- + tests/data/test2006 | 98 +++++++++++++++++++++++++++++++++++++++++ + 3 files changed, 100 insertions(+), 1 deletion(-) + create mode 100644 tests/data/test2006 + +diff --git a/lib/http.c b/lib/http.c +index 691091b..6acd537 100644 +--- a/lib/http.c ++++ b/lib/http.c +@@ -757,6 +757,7 @@ output_auth_headers(struct Curl_easy *data, + if(authstatus->picked == CURLAUTH_BEARER) { + /* Bearer */ + if((!proxy && data->set.str[STRING_BEARER] && ++ Curl_allow_auth_to_host(data) && + !Curl_checkheaders(data, STRCONST("Authorization")))) { + auth = "Bearer"; + result = http_output_bearer(data); +diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc +index ad41a5e..e641cb8 100644 +--- a/tests/data/Makefile.inc ++++ b/tests/data/Makefile.inc +@@ -221,7 +221,7 @@ test1916 test1917 test1918 \ + \ + test1933 test1934 test1935 test1936 test1937 test1938 test1939 \ + \ +-test2000 test2001 test2002 test2003 test2004 \ ++test2000 test2001 test2002 test2003 test2004 test2006 \ + \ + test2023 \ + test2024 test2025 test2026 test2027 test2028 test2029 test2030 test2031 \ +diff --git a/tests/data/test2006 b/tests/data/test2006 +new file mode 100644 +index 0000000..200d30a +--- /dev/null ++++ b/tests/data/test2006 +@@ -0,0 +1,98 @@ ++ ++ ++ ++ ++netrc ++HTTP ++ ++ ++# Server-side ++ ++ ++HTTP/1.1 301 Follow this you fool ++Date: Tue, 09 Nov 2010 14:49:00 GMT ++Server: test-server/fake ++Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT ++ETag: "21025-dc7-39462498" ++Accept-Ranges: bytes ++Content-Length: 6 ++Connection: close ++Location: http://b.com/%TESTNUMBER0002 ++ ++-foo- ++ ++ ++ ++HTTP/1.1 200 OK ++Date: Tue, 09 Nov 2010 14:49:00 GMT ++Server: test-server/fake ++Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT ++ETag: "21025-dc7-39462498" ++Accept-Ranges: bytes ++Content-Length: 7 ++Connection: close ++ ++target ++ ++ ++ ++HTTP/1.1 301 Follow this you fool ++Date: Tue, 09 Nov 2010 14:49:00 GMT ++Server: test-server/fake ++Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT ++ETag: "21025-dc7-39462498" ++Accept-Ranges: bytes ++Content-Length: 6 ++Connection: close ++Location: http://b.com/%TESTNUMBER0002 ++ ++HTTP/1.1 200 OK ++Date: Tue, 09 Nov 2010 14:49:00 GMT ++Server: test-server/fake ++Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT ++ETag: "21025-dc7-39462498" ++Accept-Ranges: bytes ++Content-Length: 7 ++Connection: close ++ ++target ++ ++ ++ ++# Client-side ++ ++ ++http ++ ++ ++proxy ++ ++ ++.netrc default with redirect plus oauth2-bearer ++ ++ ++--netrc --netrc-file %LOGDIR/netrc%TESTNUMBER --oauth2-bearer SECRET_TOKEN -L -x http://%HOSTIP:%HTTPPORT/ http://a.com/ ++ ++ ++default login testuser password testpass ++ ++ ++ ++ ++ ++GET http://a.com/ HTTP/1.1 ++Host: a.com ++Authorization: Bearer SECRET_TOKEN ++User-Agent: curl/%VERSION ++Accept: */* ++Proxy-Connection: Keep-Alive ++ ++GET http://b.com/%TESTNUMBER0002 HTTP/1.1 ++Host: b.com ++User-Agent: curl/%VERSION ++Accept: */* ++Proxy-Connection: Keep-Alive ++ ++ ++ ++ +-- +2.25.1 + diff --git a/meta/recipes-support/curl/curl_7.82.0.bb b/meta/recipes-support/curl/curl_7.82.0.bb index 0e107f1e753..f50af1d4722 100644 --- a/meta/recipes-support/curl/curl_7.82.0.bb +++ b/meta/recipes-support/curl/curl_7.82.0.bb @@ -73,6 +73,8 @@ SRC_URI = "https://curl.se/download/${BP}.tar.xz \ file://CVE-2025-14524.patch \ file://CVE-2026-1965-1.patch \ file://CVE-2026-1965-2.patch \ + file://CVE-2026-3783-pre1.patch \ + file://CVE-2026-3783.patch \ " SRC_URI[sha256sum] = "0aaa12d7bd04b0966254f2703ce80dd5c38dbbd76af0297d3d690cdce58a583c" From patchwork Tue Apr 7 07:13:25 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 85383 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4FFC6F46C7F for ; Tue, 7 Apr 2026 07:13:56 +0000 (UTC) Received: from mail-wm1-f52.google.com (mail-wm1-f52.google.com [209.85.128.52]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.75685.1775546035115343993 for ; Tue, 07 Apr 2026 00:13:55 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=TM6A1g9G; spf=pass (domain: smile.fr, ip: 209.85.128.52, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f52.google.com with SMTP id 5b1f17b1804b1-488b0e1b870so27174135e9.2 for ; Tue, 07 Apr 2026 00:13:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1775546033; x=1776150833; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ImvltFtUT4cB6LZ4Yhh3fO4WvYNXpQvW2K3n+YAiVQk=; b=TM6A1g9G2/vL6kySAb2XAZdiYSnPgzekuuj5BrRRdNoKm1kohJYb0fCUrdbouPh/q7 tnKOvBJ+0CgEyDjaXVM5rk5dbsuNTGvD4eyTKpT0cMFmQ8tFv9bdnswQLzBafL/iHq6e JfAlAMCmR8iB3ErBgeY7FAreWyYpVUdreSLDY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775546033; x=1776150833; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=ImvltFtUT4cB6LZ4Yhh3fO4WvYNXpQvW2K3n+YAiVQk=; b=nQT0NQ6p+G5L/eswmRKHk3TB8eI/yll6OkxQDQU3m9u0/KGrilW2DB0pM2o3Dx/Xqp a3g+S8EOgDvzC5ukFqoxNTcEN84ur6PWIYP5mBgvkRIL6/+2/rt0s6BORpB7yEwq/lLD jcb9BzT+gXl8U8bc9RRrJHGPRo5koeGB1pSqUvdacEOLHTVrhgrGhenRFg+hbD/D+9tP Lis2b9YBiUsJXY+mAgUb+hL7SXUPSRvjX9zQbAW7O+OmLjINVB48crk5CU7CFhkSTKc1 ChfFcgLMqZLTBF9K8Eq6oKoiKt7D2slq5GG8Q5yVs3XVfLLfztAerIJZQrlDGCMlaqMi lf2A== X-Gm-Message-State: AOJu0YwQO1Y9BfvVbtuUZsfa5ETrpb1Y8fjord/2ngAidTVuLCJFAEJG l/T6sAY6q3vO/e01QH7MFyKxObasfEfJFcuXfrzd8DM9ZnpRO4uGzgeXSCpMDCnelMwISdV5z48 p8qIXpXE= X-Gm-Gg: AeBDiesLA5KdCTI2KdRyFAKxcFOD29nF0NtGlmeHVlHjlpKT9rvKiNY5pATNIfwdJ3a gWueUrE8/g5F3tVZ0BAKzPMBvUnrYyJrjVVCVoKzfWy8D2j9dUqYKTWDtZzyNCu1rLrHhyX41Cr n8HwIhrpSS0zEwJCSGdbE9fX4+WIw4Mvb2MtPiCh7Xy9mS7aiNuhSk6VSKCDcdPyHBsOM3LStkc fDBe1NvHkgeAyPMSR81/6LgnisOVXg+NR6OtUqWJxTiOI7uNxBPhh1pEiQAmJ9ijMkdx6b604jr dvLP71qavBm+3tHZLP8ZbKm9bhZ2Y4MMVETA24CRFx+69UewUnkCx50Px8vqvzlIpIYEKjRtpni UeW3IxMg5jxlftVptCXgxQOPViEzNFz4jPkyB66rxLGVoZ3zZhaFIph2YRMbK+xZvcpiAlMhAI0 Grh2CIWqbddmNtHvszHBLoG/HtSOrhP6YIEn6p5GTtBhkcyiCLoKsUhTxlYRjnrkwFG47kDkWkG NXWrjUqVQfcGpckvPBfOgYRrvo= X-Received: by 2002:a05:600c:5292:b0:488:8c89:cfaa with SMTP id 5b1f17b1804b1-488996b021fmr243581695e9.3.1775546033140; Tue, 07 Apr 2026 00:13:53 -0700 (PDT) Received: from FRSMI25-LASER.home (2a01cb001331aa00a2e4fb7b0d887544.ipv6.abo.wanadoo.fr. [2a01:cb00:1331:aa00:a2e4:fb7b:d88:7544]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48899d0fc00sm156364925e9.4.2026.04.07.00.13.52 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2026 00:13:52 -0700 (PDT) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone v2 17/18] curl: patch CVE-2026-3784 Date: Tue, 7 Apr 2026 09:13:25 +0200 Message-ID: <659a32145680054823581ddcf6412410247df108.1775545489.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 07 Apr 2026 07:13:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/234721 From: Vijay Anusuri pick patch from ubuntu per [1] [1] https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/curl/7.81.0-1ubuntu1.23/curl_7.81.0-1ubuntu1.23.debian.tar.xz [2] https://ubuntu.com/security/CVE-2026-3784 [3] https://curl.se/docs/CVE-2026-3784.html Signed-off-by: Vijay Anusuri Signed-off-by: Yoann Congal --- .../curl/curl/CVE-2026-3784.patch | 73 +++++++++++++++++++ meta/recipes-support/curl/curl_7.82.0.bb | 1 + 2 files changed, 74 insertions(+) create mode 100644 meta/recipes-support/curl/curl/CVE-2026-3784.patch diff --git a/meta/recipes-support/curl/curl/CVE-2026-3784.patch b/meta/recipes-support/curl/curl/CVE-2026-3784.patch new file mode 100644 index 00000000000..95784e47637 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2026-3784.patch @@ -0,0 +1,73 @@ +From 5f13a7645e565c5c1a06f3ef86e97afb856fb364 Mon Sep 17 00:00:00 2001 +From: Stefan Eissing +Date: Fri, 6 Mar 2026 14:54:09 +0100 +Subject: [PATCH] proxy-auth: additional tests + +Also eliminate the special handling for socks proxy match. + +Closes #20837 + +Upstream-Status: Backport [https://github.com/curl/curl/commit/5f13a7645e565c5c1a06f3] +Backported by Ubuntu team https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/curl/7.81.0-1ubuntu1.23/curl_7.81.0-1ubuntu1.23.debian.tar.xz + +CVE: CVE-2026-3784 +Signed-off-by: Vijay Anusuri +--- + lib/url.c | 28 +++++++--------------------- + tests/http/test_13_proxy_auth.py | 20 ++++++++++++++++++++ + tests/http/testenv/curl.py | 18 +++++++++++++++--- + 3 files changed, 42 insertions(+), 24 deletions(-) + +--- a/lib/url.c ++++ b/lib/url.c +@@ -930,33 +930,15 @@ proxy_info_matches(const struct proxy_in + { + if((data->proxytype == needle->proxytype) && + (data->port == needle->port) && +- Curl_safe_strcasecompare(data->host.name, needle->host.name)) +- return TRUE; ++ curl_strequal(data->host.name, needle->host.name)) { + ++ if(Curl_timestrcmp(data->user, needle->user) || ++ Curl_timestrcmp(data->passwd, needle->passwd)) ++ return FALSE; ++ return TRUE; ++ } + return FALSE; + } +- +-static bool +-socks_proxy_info_matches(const struct proxy_info *data, +- const struct proxy_info *needle) +-{ +- if(!proxy_info_matches(data, needle)) +- return FALSE; +- +- /* the user information is case-sensitive +- or at least it is not defined as case-insensitive +- see https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.1 */ +- +- /* curl_strequal does a case insentive comparison, so do not use it here! */ +- if(Curl_timestrcmp(data->user, needle->user) || +- Curl_timestrcmp(data->passwd, needle->passwd)) +- return FALSE; +- return TRUE; +-} +-#else +-/* disabled, won't get called */ +-#define proxy_info_matches(x,y) FALSE +-#define socks_proxy_info_matches(x,y) FALSE + #endif + + /* A connection has to have been idle for a shorter time than 'maxage_conn' +@@ -1282,8 +1264,8 @@ ConnectionExists(struct Curl_easy *data, + continue; + + if(needle->bits.socksproxy && +- !socks_proxy_info_matches(&needle->socks_proxy, +- &check->socks_proxy)) ++ !proxy_info_matches(&needle->socks_proxy, ++ &check->socks_proxy)) + continue; + #endif + if(needle->bits.conn_to_host != check->bits.conn_to_host) diff --git a/meta/recipes-support/curl/curl_7.82.0.bb b/meta/recipes-support/curl/curl_7.82.0.bb index f50af1d4722..a2ee5736810 100644 --- a/meta/recipes-support/curl/curl_7.82.0.bb +++ b/meta/recipes-support/curl/curl_7.82.0.bb @@ -75,6 +75,7 @@ SRC_URI = "https://curl.se/download/${BP}.tar.xz \ file://CVE-2026-1965-2.patch \ file://CVE-2026-3783-pre1.patch \ file://CVE-2026-3783.patch \ + file://CVE-2026-3784.patch \ " SRC_URI[sha256sum] = "0aaa12d7bd04b0966254f2703ce80dd5c38dbbd76af0297d3d690cdce58a583c" From patchwork Tue Apr 7 07:13:26 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yoann Congal X-Patchwork-Id: 85384 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 39356F46C7B for ; Tue, 7 Apr 2026 07:13:56 +0000 (UTC) Received: from mail-wm1-f46.google.com (mail-wm1-f46.google.com [209.85.128.46]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.75573.1775546035542996358 for ; Tue, 07 Apr 2026 00:13:55 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@smile.fr header.s=google header.b=dfFOrAdl; spf=pass (domain: smile.fr, ip: 209.85.128.46, mailfrom: yoann.congal@smile.fr) Received: by mail-wm1-f46.google.com with SMTP id 5b1f17b1804b1-488a041eae5so20786795e9.1 for ; Tue, 07 Apr 2026 00:13:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smile.fr; s=google; t=1775546034; x=1776150834; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=E7WGJo+r4HFWOocOezDDbAgVUcH9E73x0W7UiWaboFc=; b=dfFOrAdl5jg7DIgpikIIh1veuqKzsO784qopCB+eEdJnPIxWmS357IMjnqVdkkUf1E qkV5wlaXdo5YiUmjNKGa07BnwXMHGvI2iNdxq1Hv0i3A1hIxTX8HTO12jn4dRAe5BpiL rqU4dsheweU/B9Tb3ylb67XAgitIElwZT+U0I= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775546034; x=1776150834; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=E7WGJo+r4HFWOocOezDDbAgVUcH9E73x0W7UiWaboFc=; b=s5VGxcUEv0VkfqNfdV4Ad/h+FkZeFD+WZcLvAqklfh0AIiE1EqxeNoRtGSRcnUu7pA gOqslmY094O5oXS7QNtKz+NxDPp2mwkf3jc493r8WXRGvkOF/B1IFbpuAIkof0w+p+mz MROF+i278KTmd8V5rKhbRPzpdW1MyTEF4aQa4I/DUJy8ifJMyb+WnQZsol3jnGfmmIHV yzjxX0zrzGsRt8amTMG66+YSFYdBDm6nHwMoGtD7PUNmf/zvljokmnTo0tZL4O8BX6AP lIsYLXS6i1zUoKehqi5nyg2OHPHuSCLwArl0BLQuYE+e4A2xLFEYI20RI5m4MgsRy+CU 4QDw== X-Gm-Message-State: AOJu0Yw42Wep4Eq6KB+y1I2UD7ajZduJ2bygBEfPss4BmMdNQXSbdjH+ x5QF/QlNHKHRlLJDfL/Ome8juOvetonSUuos/bVVeUXVo0FxAsyMfKMPHA1rorDTcSzbD3wVPgO uCqf4l8s= X-Gm-Gg: AeBDieuKxwDTZAoR5JjE9LSZOXGlzF0TXdsSQYan8rp3WJhoE1SE7/Ja9QHmeDNCmaw MlS9188jVekbmCSGMQZ2t9aioKpWxJLq+9vnosFaZCllhjHVXXnqtfVze+STPJ6TZCZfQF7TcLF lHcAbYzbKANA9euHm6Wwu6YQDU4K1Vt9Ai5el4lkHjq0OHF1CZ/Acy3/EnpIGh2XRsavSkMfX/r CP91uw4biYIMHDx30NDIzO5PZzJc7THBHAGDDXmI7Sxo+/u+tSUVsRb6P2eblPKEOH8J0m47+hb RldiVRr3IXiGbuyqtj1A7Y7KLGdVvjUmucm78EpxgmWLieUlWgKr6r2wujN2OdtJjvDkPNMkDEJ Zdt0+wqDJAq0uFuxVbf/vB/BxIrmO2y4p0SeIa/QrUwJC3iUvpKObd/h1DXtwjJ12tq1qTnjKax qFmwC02arftwX+OmeLHavYro12kyr4YxTZ8iGOASuVrjreueOKpDJDQZsFy0Np+dMl9sI3J48s9 AWlXJpInce+rQeTKmlULI6p0aQ= X-Received: by 2002:a05:600c:4f46:b0:488:ae26:435e with SMTP id 5b1f17b1804b1-488ae264582mr107077245e9.16.1775546033734; Tue, 07 Apr 2026 00:13:53 -0700 (PDT) Received: from FRSMI25-LASER.home (2a01cb001331aa00a2e4fb7b0d887544.ipv6.abo.wanadoo.fr. [2a01:cb00:1331:aa00:a2e4:fb7b:d88:7544]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48899d0fc00sm156364925e9.4.2026.04.07.00.13.53 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2026 00:13:53 -0700 (PDT) From: Yoann Congal To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone v2 18/18] scripts/install-buildtools: Update to 4.0.34 Date: Tue, 7 Apr 2026 09:13:26 +0200 Message-ID: <14ffe9ce3bfb10dc658d3bd648e531c9fadfe20a.1775545489.git.yoann.congal@smile.fr> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 07 Apr 2026 07:13:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/234722 From: Yoann Congal Update to the 4.0.34 release of the 4.0 series for buildtools Signed-off-by: Yoann Congal --- scripts/install-buildtools | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/install-buildtools b/scripts/install-buildtools index 6a1762c14b3..8754f2d773e 100755 --- a/scripts/install-buildtools +++ b/scripts/install-buildtools @@ -57,8 +57,8 @@ logger = scriptutils.logger_create(PROGNAME, stream=sys.stdout) DEFAULT_INSTALL_DIR = os.path.join(os.path.split(scripts_path)[0],'buildtools') DEFAULT_BASE_URL = 'https://downloads.yoctoproject.org/releases/yocto' -DEFAULT_RELEASE = 'yocto-4.0.33' -DEFAULT_INSTALLER_VERSION = '4.0.33' +DEFAULT_RELEASE = 'yocto-4.0.34' +DEFAULT_INSTALLER_VERSION = '4.0.34' DEFAULT_BUILDDATE = '202110XX' # Python version sanity check