exiv2: patch CVE-2025-26623 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Gyorgy Sarvari <skandigraun@gmail.com>	2025-10-15 12:32:23 +1300
committer	Anuj Mittal <anuj.mittal@intel.com>	2025-10-30 14:43:35 +0800
commit	cd7e963b09c996828602b3fac4af13b83e6b2849 (patch)
tree	3d368c38f82498f66e283c3afe4a99b1b0b01797 /meta-python
parent	e34da7d9dca10fd2b42aa0987ac0413e8f87e385 (diff)
download	meta-openembedded-cd7e963b09c996828602b3fac4af13b83e6b2849.tar.gz

exiv2: patch CVE-2025-26623

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-26623 Apply the first to PRs from the relevant issue. (The second PR adds a test, and the 3rd PR tries to reimplement correctly the feature that introduced the vulnerability: it is switching some raw pointers to smart pointers. It was not picked because the 1. In the original issue it is stated that the first PR itself fixes the vulnerability 2. The patch doesn't apply clean due to the time gap between our and their version 3. The behavior of the application does not change ) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> (cherry picked from commit 7907a3e206fb049e609996df8d09141bfb291fcd) Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>

Diffstat (limited to 'meta-python')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: