summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--meta-oe/recipes-extended/gnuplot/gnuplot/CVE-2025-31181.patch43
-rw-r--r--meta-oe/recipes-extended/gnuplot/gnuplot_5.4.3.bb1
2 files changed, 44 insertions, 0 deletions
diff --git a/meta-oe/recipes-extended/gnuplot/gnuplot/CVE-2025-31181.patch b/meta-oe/recipes-extended/gnuplot/gnuplot/CVE-2025-31181.patch
new file mode 100644
index 0000000000..2de4617ff1
--- /dev/null
+++ b/meta-oe/recipes-extended/gnuplot/gnuplot/CVE-2025-31181.patch
@@ -0,0 +1,43 @@
1From 2d9e68278aece7e971815d9c3ec297c5e9bc51bd Mon Sep 17 00:00:00 2001
2From: Ethan A Merritt <merritt@u.washington.edu>
3Date: Tue, 14 Jan 2025 20:56:37 -0800
4Subject: [PATCH] x11: protect against double fclose() if two errors in a row
5
6Bug 2753
7
8CVE: CVE-2025-31181
9Upstream-Status: Backport [https://sourceforge.net/p/gnuplot/gnuplot-main/ci/af96c2c1b20383684b1ec2084dab7936f7053031/]
10Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
11---
12 term/x11.trm | 8 +++++---
13 1 file changed, 5 insertions(+), 3 deletions(-)
14
15diff --git a/term/x11.trm b/term/x11.trm
16index 458fcf5f9..1b51a80c8 100644
17--- a/term/x11.trm
18+++ b/term/x11.trm
19@@ -856,8 +856,9 @@ X11_atexit()
20 /* dont wait(), since they might be -persist */
21 X11_ipc = NULL;
22 #ifdef PIPE_IPC
23- close(ipc_back_fd);
24- ipc_back_fd = -1;
25+ if (ipc_back_fd >= 0)
26+ close(ipc_back_fd);
27+ ipc_back_fd = IPC_BACK_CLOSED;
28 #endif
29 }
30 }
31@@ -1412,7 +1413,8 @@ X11_graphics()
32 #ifdef PIPE_IPC
33 /* if we know the outboard driver has stopped, restart it */
34 if (ipc_back_fd == IPC_BACK_CLOSED) {
35- fclose(X11_ipc);
36+ if (X11_ipc > 0)
37+ fclose(X11_ipc);
38 X11_ipc = NULL;
39 X11_init();
40 }
41--
422.43.0
43
diff --git a/meta-oe/recipes-extended/gnuplot/gnuplot_5.4.3.bb b/meta-oe/recipes-extended/gnuplot/gnuplot_5.4.3.bb
index c2644eaa33..b945cc318d 100644
--- a/meta-oe/recipes-extended/gnuplot/gnuplot_5.4.3.bb
+++ b/meta-oe/recipes-extended/gnuplot/gnuplot_5.4.3.bb
@@ -21,6 +21,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}/${PV}/${BP}.tar.gz;name=a
21 file://CVE-2025-31178.patch \ 21 file://CVE-2025-31178.patch \
22 file://CVE-2025-31179.patch \ 22 file://CVE-2025-31179.patch \
23 file://CVE-2025-31180.patch \ 23 file://CVE-2025-31180.patch \
24 file://CVE-2025-31181.patch \
24 " 25 "
25SRC_URI:append:class-target = " \ 26SRC_URI:append:class-target = " \
26 file://0002-do-not-build-demos.patch \ 27 file://0002-do-not-build-demos.patch \