| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
Pick commit referencing this CVE from 2.13 branch.
(From OE-Core rev: 9418c88c964dffc21abe6a056db72c3c81e25137)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE patch [1] as mentioned in [2] relies on several patches not yet
available in version 2020.81 we have in kirkstone.
The good folks from Debian did the hard work identifying them as they
have the same version in bullseye release.
The commits were picked from [3] and they have their references to
dropbear upstream commits.
[1] https://github.com/mkj/dropbear/commit/e5a0ef27c227f7ae69d9a9fec98a056494409b9b
[2] https://security-tracker.debian.org/tracker/CVE-2025-47203
[3] https://salsa.debian.org/debian/dropbear/-/commit/7f48e75892c40cfc6336137d62581d2c4ca7d84c
(From OE-Core rev: 91eeffaf14917c7c994a8de794b915231e69c5d6)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Below commits on glibc-2.35 stable branch are updated.
git log --oneline d2febe7c407665c18cfea1930c65f41899ab3aa3..80401002011f470d9c6eb604bf734715e9b3a8c2
8040100201 Fix error reporting (false negatives) in SGID tests
c6ec750be5 support: Pick group in support_capture_subprogram_self_sgid if UID == 0
c9e44b6467 support: Don't fail on fchown when spawning sgid processes
621c65ccf1 elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static
c7ff2bc297 Revert "elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static"
8624f6431b elf: Fix subprocess status handling for tst-dlopen-sgid (bug 32987)
ed10034f00 elf: Test case for bug 32976 (CVE-2025-4802)
08aea7712d support: Add support_record_failure_barrier
901e24b128 support: Use const char * argument in support_capture_subprogram_self_sgid
bff3b0f16c elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static
Dropped :
0025-CVE-2025-4802.patch
ed10034f00 elf: Test case for bug 32976 (CVE-2025-4802)
Test results:
Before after diff
PASS 4833 4839 +6
XPASS 6 6 0
FAIL 133 130 -3
XFAIL 16 16 0
UNSUPPORTED 200 197 -3
Following commits improved test results:
8040100201 Fix error reporting (false negatives) in SGID tests
Improved SGID test handling by unifying error reporting and using secure temporary directories.
Replaced non-standard exit codes and fixed premature exits to avoid masking failures.
These changes reduced false negatives, increasing overall test pass rates.
8624f6431b elf: Fix subprocess status handling for tst-dlopen-sgid (bug 32987)
Fixed tst-dlopen-sgid false positives by correctly handling subprocess exit status (bug 32987).
Ensured test fails on abnormal or non-zero child exits.
This commit restores reliability in SGID testing and is the first step toward centralized SGID test error handling.
UNSUPPORTED tests changes
-UNSUPPORTED: elf/tst-env-setuid
-UNSUPPORTED: elf/tst-env-setuid-tunables
-UNSUPPORTED: stdlib/tst-secure-getenv
FAILed tests changes
-FAIL: elf/tst-dlopen-sgid
-FAIL: misc/tst-error1
-FAIL: resolv/tst-resolv-aliases
PASSed tests changes
+PASS: elf/tst-env-setuid
+PASS: elf/tst-env-setuid-tunables
+PASS: stdlib/tst-secure-getenv
+PASS: elf/tst-dlopen-sgid
+PASS: misc/tst-error1
+PASS: resolv/tst-resolv-aliases
(From OE-Core rev: 2ea1d2d9bc6d173a8a586542d47a7f8a443d24c1)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pick relevant part of snapshot commit 20250329, see [1].
That has:
add a buffer-limit check in postprocess_termcap (report/testcase by
Yifan Zhang).
[1] https://invisible-island.net/ncurses/NEWS.html#index-t20250329
(From OE-Core rev: 8d09a78a79d7f4b4ae9654bdcdf5f33dab9a8b95)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
Upstream-Status: Backport from https://gitlab.gnome.org/GNOME/libxml2/-/commit/71e1e8af5ee46dad1b57bb96cfbf1c3ad21fbd7b
(From OE-Core rev: 691b74a5d019752428adc81b114fb4458ece1ebe)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Backport patch to fix CVE-2025-5278.
The patch is adjusted to fit 9.0 version. And the test case is
also adjusted to avoid using valgrind. valgrind in kirkstone is
reporting errors for coreutils' sort utility with/without this patch.
To avoid ptest failure, we disable valgrind explicitly.
(From OE-Core rev: bb7dbb195b55d9aaa0180906843f5af2dcf7509f)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
| |
Failing ptest with valgrind on target
This reverts commit 4e55668ef07d99d8c1141c2f4270f43f5b280159.
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Backport patch to fix CVE-2025-5278.
The patch is adjusted to fit 9.0 version.
(From OE-Core rev: 4e55668ef07d99d8c1141c2f4270f43f5b280159)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
Upstream-Status: Backport from https://gitlab.gnome.org/GNOME/libxml2/-/commit/acbbeef9f5dcdcc901c5f3fa14d583ef8cfd22f0
(From OE-Core rev: f75ef5dc195490ef8223f9a16086243450141e61)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Patch 0003 is the actual patch to fix CVE.
Patch 0002 is a preparation patch which systemd upstream uses for
all actively maintained branches in preparation for patch 0003.
Patch 0001 is a bug fix patch and is needed to avoid conflict introduced
by patch 0002. Note that patch 0002 claims itself to be of no functional
change, so this patch 0001 is really needed for patch 0002.
Patch 0004 is a compilation fix patch which adds a macro needed by
previous 0002 patch.
(From OE-Core rev: a2e75ca4fa01d5005906fb88d28d52ea951def00)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
| |
(From OE-Core rev: 75e54301c5076eb0454aee33c870adf078f563fd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The following commits have been cherry-picked from Glibc master branch:
Bug : https://sourceware.org/bugzilla/show_bug.cgi?id=25847
Upstream-Status: Backport
[https://sourceware.org/git/?p=glibc.git;a=commit;h=91bb902f58264a2fd50fbce8f39a9a290dd23706]
(From OE-Core rev: e0857503de9f427d177fe85c32cf0d2748d779fb)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The following commits have been cherry-picked from Glibc master branch:
Bug : https://sourceware.org/bugzilla/show_bug.cgi?id=25847
Upstream-Status: Backport
[https://sourceware.org/git/?p=glibc.git;a=commit;h=4b79e27a5073c02f6bff9aa8f4791230a0ab1867]
(From OE-Core rev: e7eb16d59c81636c1fdffca307768776d990d732)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The following commits have been cherry-picked from Glibc master branch:
Bug : https://sourceware.org/bugzilla/show_bug.cgi?id=25847
Upstream-Status: Backport
[https://sourceware.org/git/?p=glibc.git;a=commit;h=ee6c14ed59d480720721aaacc5fb03213dc153da]
(From OE-Core rev: e4b4cd362cfcb7fd6517165ae59cb218420b9039)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The following commits have been cherry-picked from Glibc master branch:
Bug : https://sourceware.org/bugzilla/show_bug.cgi?id=25847
Upstream-Status: Backport
[https://sourceware.org/git/?p=glibc.git;a=commit;h=929a4764ac90382616b6a21f099192b2475da674]
(From OE-Core rev: eab44f7a027414ef29f6d07617997cc50fc515cd)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The following commits have been cherry-picked from Glibc master branch:
Bug : https://sourceware.org/bugzilla/show_bug.cgi?id=25847
Upstream-Status: Backport
[https://sourceware.org/git/?p=glibc.git;a=commit;h=4f7b051f8ee3feff1b53b27a906f245afaa9cee1]
(From OE-Core rev: 761758340002f9dbff8e0668f4883ff623b232a0)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The following commits have been cherry-picked from Glibc master branch:
Bug : https://sourceware.org/bugzilla/show_bug.cgi?id=25847
Upstream-Status: Backport
[https://sourceware.org/git/?p=glibc.git;a=commit;h=b42cc6af11062c260c7dfa91f1c89891366fed3e]
(From OE-Core rev: 02f2ac08edb506ec43cec93a5b09f5e6d7df02ec)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The following commits have been cherry-picked from Glibc master branch:
Bug : https://sourceware.org/bugzilla/show_bug.cgi?id=25847
Upstream-Status: Backport
[https://sourceware.org/git/?p=glibc.git;a=commit;h=0cc973160c23bb67f895bc887dd6942d29f8fee3]
(From OE-Core rev: e5296415e97e4d704c4c8d11ad243061a1e14997)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The following commits have been cherry-picked from Glibc master branch:
Bug : https://sourceware.org/bugzilla/show_bug.cgi?id=25847
Upstream-Status: Backport
[https://sourceware.org/git/?p=glibc.git;a=commit;h=1db84775f831a1494993ce9c118deaf9537cc50a]
(From OE-Core rev: c05290e51d0faf661bac587066a79626919609e8)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static
[https://sourceware.org/bugzilla/show_bug.cgi?id=32976]
Upstream-Status: Backport [ https://sourceware.org/cgit/glibc/commit/?id=5451fa962cd0a90a0e2ec1d8910a559ace02bba0 &&
https://sourceware.org/cgit/glibc/commit/?id=d8f7a79335b0d861c12c42aec94c04cd5bb181e2 ]
(From OE-Core rev: 2d0c574852ed934f339547220364f1d236aad987)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
During ptest execution, util-linux adds mount entries in /etc/fstab
and runs `mount -a`, which mounts all available entries from
/etc/fstab. This can cause unintended mounts that are unrelated to
the test, leading to incorrect test behavior.
To avoid this, upstream util-linux introduced a mechanism using
CUSTOM_FSTAB,which isolates test-specific fstab entries. Only entries
listed in CUSTOM_FSTAB are mounted during test execution, ensuring
tests do not interfere with or depend on the system's /etc/fstab.
This commit backports below upstream changes to use CUSTOM_FSTAB.
https://github.com/util-linux/util-linux/commit/ed3d33faff17fb702a3acfca2f9f24e69f4920de
https://github.com/util-linux/util-linux/commit/b1580bd760519a2cf052f023057846e54de47484
https://github.com/util-linux/util-linux/commit/6aa8d17b6b53b86a46c5da68c02a893113130496
(From OE-Core rev: 94747fb63518bf907eb7c09fc2e146e39e235a7d)
Signed-off-by: Virendra Thakur <virendra.thakur@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A flaw was found in GLib, which is vulnerable to an integer overflow
in the g_string_insert_unichar() function. When the position at which
to insert the character is large, the position will overflow, leading
to a buffer underwrite.
References:
https://nvd.nist.gov/vuln/detail/CVE-2025-4373
https://security-tracker.debian.org/tracker/CVE-2025-4373
Upstream-patches:
https://gitlab.gnome.org/GNOME/glib/-/commit/cc647f9e46d55509a93498af19659baf9c80f2e3
https://gitlab.gnome.org/GNOME/glib/-/commit/4d435bb4809793c445846db8fb87e3c9184c4703
(From OE-Core rev: 7a7319745637d4b681935ae71706dcc467df3040)
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
| |
(From OE-Core rev: e8be08a624b2d024715a5c8b0c37f2345a02336b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
d2febe7c40 math: Improve layout of exp/exp10 data
20b5d5ce26 AArch64: Use prefer_sve_ifuncs for SVE memset
9569a67a58 AArch64: Add SVE memset
59f67e1b82 math: Improve layout of expf data
904c58e47b AArch64: Remove zva_128 from memset
8042d17638 AArch64: Optimize memset
be451d6053 AArch64: Improve generic strlen
8b3d09dc0d assert: Add test for CVE-2025-0395
29d9b1e59e assert: Reformat Makefile.
Testresults:
Before update |After update |Difference
PASS: 4832 |PASS:4833 |PASS: +1
FAIL: 132 |FAIL:132 |FAIL: 0
XPASS: 6 |XPASS:6 |XPASS: 0
XFAIL: 16 |XFAIL:16 |XFAIL: 0
UNSUPPORTED: 200|UNSUPPORTED:200 |UNSUPPORTED: 0
(From OE-Core rev: 70e9ae425e34221af6a7bdda6b83f2f8e7848278)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Backport a patch [1] to improve performance of rand() and __random()[2]
by adding a single-threaded fast path.
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=be0cfd848d9ad7378800d6302bc11467cf2b514f
[2] https://sourceware.org/bugzilla/show_bug.cgi?id=32777
(From OE-Core rev: 00f7a2f60dd6de95a1a47fa642978613ce76dc56)
Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
Upstream-Status: Backport from https://git.busybox.net/busybox/commit/?id=9a8796436b9b0641e13480811902ea2ac57881d3
(From OE-Core rev: c0b71ec35716a512915b00808a26f77481db0e0a)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 7adaec468d3a61d88c990b1b319b34850bee7e44.
It does not seem to fix the issue it was supposed to fix.
Additionally it breaks code which decides in full/partial update,
because it manipulates timestamp that code is relying on.
(From OE-Core rev: 25ba9895b98715adb66a06e50f644aea2e2c9eb6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ebc65fdddd7ce51f0f1008baa30d0ae7918ae0bb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A LogNamespace error for systemd v250:
"""
Apr 28 17:44:00 a-rinline2b systemd[467]:
systemd-journald@tester.service: Failed to set up special execution
directory in /var/log: Not a directory
Apr 28 17:44:00 a-rinline2b systemd[467]:
systemd-journald@tester.service: Failed at step LOGS_DIRECTORY spawning
/lib/systemd/systemd-journald: Not a directory
"""
That's because that "/var/log/journal" couldn't be created during
program runtime.
(From OE-Core rev: 8eb185024f9a9e57a9b710c70f09552729558892)
Signed-off-by: Haitao Liu <haitao.liu@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Backport a patch to fix systemd journal issue about
sd_journal_next not behaving correctly after sd_journal_seek_tail.
(From OE-Core rev: ea59aed1ff7dbfb28d1e2cd55adca80dad2502e2)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Backport commits from [1] fixing [2] for 2.82.x.
[1] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4499
[2] https://gitlab.gnome.org/GNOME/glib/-/issues/3647x
(From OE-Core rev: 606cc539ab19ae2bceb366eda7d4872c3763400f)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
Pick commit from 2.13 branch as 2.9 branch is unmaintained now.
(From OE-Core rev: 7777cd6b28988a0981b990d9da9d448dcdfe7b8b)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
Pick commit from 2.12 branch as 2.9 branch is unmaintained now.
(From OE-Core rev: fbd708438aba0381a6c4f3d6cfbbd743f89a4f97)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Upgrade from 250.5 to 250.14 removed patches for these CVEs because they
were interated in the new version.
However NVD DB does not contain information about these backports to
v250 branch, so they need to be ignored.
(From OE-Core rev: b86129da823c55a3e08ee72c99675301948949f8)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NVD responses changed to an invalid json between:
* April 5, 2025 at 3:03:44 AM GMT+2
* April 5, 2025 at 4:19:48 AM GMT+2
The last response is since then in format
{
"resultsPerPage": 625,
"startIndex": 288000,
"totalResults": 288625,
"format": "NVD_CVE",
"version": "2.0",
"timestamp": "2025-04-07T07:17:17.534",
"vulnerabilities": [
{...},
...
{...},
]
}
Json does not allow trailing , in responses, that is json5 format.
So cve-update-nvd2-native do_Fetch task fails with log backtrace ending:
...
File: '/builds/ccp/meta-siemens/projects/ccp/../../poky/meta/recipes-core/meta/cve-update-nvd2-native.bb', lineno: 234, function: update_db_file
0230: if raw_data is None:
0231: # We haven't managed to download data
0232: return False
0233:
*** 0234: data = json.loads(raw_data)
0235:
0236: index = data["startIndex"]
0237: total = data["totalResults"]
0238: per_page = data["resultsPerPage"]
...
File: '/usr/lib/python3.11/json/decoder.py', lineno: 355, function: raw_decode
0351: """
0352: try:
0353: obj, end = self.scan_once(s, idx)
0354: except StopIteration as err:
*** 0355: raise JSONDecodeError("Expecting value", s, err.value) from None
0356: return obj, end
Exception: json.decoder.JSONDecodeError: Expecting value: line 1 column 1442633 (char 1442632)
...
There was no announcement about json format of API v2.0 by nvd.
Also this happens only if whole database is queried (database update is
fine, even when multiple pages as queried).
And lastly it's only the cve list, all other lists inside are fine.
So this looks like a bug in NVD 2.0 introduced with some update.
Patch this with simple character deletion for now and let's monitor the
situation and possibly switch to json5 in the future.
Note that there is no native json5 support in python, we'd have to use
one of external libraries for it.
(From OE-Core rev: cee817c0c3653cc96833815bfe2c87d2d85cc19e)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6e526327f5c9e739ac7981e4a43a4ce53a908945)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
| |
(From OE-Core rev: 1efbe1004bc82e7c14c1e8bd4ce644f5015c3346)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Directory traversal vulnerability in the do_extract_currentfile
function in miniunz.c in miniunzip in minizip before 1.1-5 might
allow remote attackers to write to arbitrary files via a crafted
entry in a ZIP archive.
Reference:
https://security-tracker.debian.org/tracker/CVE-2014-9485
Upstream-patch:
https://github.com/madler/zlib/commit/14a5f8f266c16c87ab6c086fc52b770b27701e01
(From OE-Core rev: 32c4b28fc06e39ab8ef86aebc5e1e1ae19934495)
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is a new CVE which is missing vulnStatus field:
https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-2682
This leads to:
File: '<snip>/poky/meta/recipes-core/meta/cve-update-nvd2-native.bb', lineno: 336, function: update_db
0332:
0333: accessVector = None
0334: vectorString = None
0335: cveId = elt['cve']['id']
*** 0336: if elt['cve']['vulnStatus'] == "Rejected":
0337: c = conn.cursor()
0338: c.execute("delete from PRODUCTS where ID = ?;", [cveId])
0339: c.execute("delete from NVD where ID = ?;", [cveId])
0340: c.close()
Exception: KeyError: 'vulnStatus'
(From OE-Core rev: 453c5c8d9031be2b3a25e2a04e0f5f6325ef7298)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixed:
IMAGE_INSTALL:append = " libxcrypt-compat"
$ bitbake <image> -cpopulate_sdk
file /usr/lib/libcrypt.so from install of libxcrypt-compat-dev-4.4.33-r0.0.aarch64 conflicts with file from package libcrypt-dev-4.4.33-r0.2.aarch64
Remove libcrypt.so like other files to fix the error.
(From OE-Core rev: dc0c7a8c3d1d4f02869b7f0d42f704fd24bf0dde)
(From OE-Core rev: 1172a71f2104454a13e64886adbdb381aa8d6e0e)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
This vulnerability has now a CVE assigned.
(From OE-Core rev: 204ff9dd9c62a8a346e89880b2e15a4c0e9ad6e0)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Latest stable branch update which includes 396 commits and the full
list of changes can be found at:
https://github.com/systemd/systemd-stable/compare/v250.5...v250.14
All the patches were refreshed with devtool.
Backported this upstreamed patch to resolve the compile error while
building systemd with qemumips machine.
- 0001-core-fix-build-when-seccomp-is-off.patch
These 2 below patches were modified to resolve the merge conflicts
introduced by systemd v250.14 version:
1. 0001-Move-sysusers.d-sysctl.d-binfmt.d-modules-load.d-to-.patch
- This patch was just adjusted based on the systemd v250.14 version.
2. 0001-pass-correct-parameters-to-getdents64.patch
- For this patch, there was a commit reverted as part of the v250.8 tag:
https://github.com/systemd/systemd-stable/commit/51089e007f2f45fc15e37e7a9dcf3045416e1239
These below 6 patches were dropped as systemd v250.14 already has
the changes:
- 0001-shared-json-allow-json_variant_dump-to-return-an-err.patch
- CVE-2022-3821.patch
- CVE-2022-4415-1.patch
- CVE-2022-4415-2.patch
- CVE-2022-45873.patch
- CVE-2023-7008.patch
(From OE-Core rev: 371d030a665e3c963a586ab02d10f1f36b225435)
Signed-off-by: Narpat Mali <narpat.falna@gmail.com>
Signed-off-by: Randy Macleod <randy.macleod@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
Pick commit fomr 2.12 branch.
(From OE-Core rev: 3ccd936adb928612c9721768708534350aeee351)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
Pick commit from 2.12 branch.
(From OE-Core rev: ab804cd27ecf7ee65a9feea477140502ecbc0d73)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This was reported as sucurity fix in
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.10
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.6
(From OE-Core rev: 0dc99e25c16a1e74aa80ca20132609990bb9dff7)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit a9cd3321558e95f61ed4c5eca0dcf5a3f4704925.
The fix for CVE-2023-45237 has been reverted. And the fix for
CVE-2023-45236 depends on it. So revert it too.
(From OE-Core rev: c61e31f192837b05bc309a05aef95c3be5b44997)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 6f8bdaad9d22e65108f859a695277ce1b20ef7c6.
his reverts commit 4c2d3e37308cac98614dfafed79b7323423af8bc.
The fix for CVE-2023-45237 causes ovmf firmware not support pxe boot
any more and no boot item in OVMF menu such as
UEFI PXEv4 (MAC address)
It has not been fixed by ovmf upstream and an issue has been created on
https://github.com/tianocore/tianocore.github.io/issues/82
Revert the fixes for now.
(From OE-Core rev: d3f399f54042efc6f4ca2092dd11819ae1f7c51f)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b]
Reference:
https://access.redhat.com/security/cve/cve-2022-49043
(From OE-Core rev: 82b6c943bb6435171d1924cbebe794b901eb3705)
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
| |
(From OE-Core rev: 5a794fd244f7fdeb426bd5e3def6b4effc0e8c62)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When building with GCC -Os, a warning is triggered indicating that sprintf might overflow.
Error:
netname.c: In function 'user2netname':
netname.c:51:28: error: '%s' directive writing up to 255 bytes into a
region of size between 239 and 249 [-Werror=format-overflow=]
51 | sprintf (netname, "%s.%d@%s", OPSYS, uid, dfltdom);
| ^~ ~~~~~~~
netname.c:51:3: note: 'sprintf' output between 8 and 273 bytes into a
destination of size 256
51 | sprintf (netname, "%s.%d@%s", OPSYS, uid, dfltdom);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
However the code does test prior the sprintf call that dfltdom plus
the required extra space for OPSYS, uid, and extra character will not
overflow and return 0 instead.
Upstream-patch: https://github.com/bminor/glibc/commit/6128e82ebe973163d2dd614d31753c88c0c4d645
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
(From OE-Core rev: 78fac0f623e01bd52b2ea3a597d056726deca8a4)
Signed-off-by: Nikhil R <nikhilr5@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
549d831579 stdlib: Test using setenv with updated environ [BZ #32588]
8b5d4be762 Fix underallocation of abort_msg_s struct (CVE-2025-0395)
525e5f13de stdlib: Simplify buffer management in canonicalize
5eae275400 realpath: Bring back GNU extension on ENOENT and EACCES [BZ #28996]
8a82a76a42 realpath: Do not copy result on failure (BZ #28815)
e369114462 misc: Add support for Linux uio.h RWF_NOAPPEND flag
3f1ab0ed66 nptl: Convert tst-setuid2 to test-driver
76adee6e0f support: Add xpthread_cond_signal wrapper
c3beedeb70 elf: Support recursive use of dynamic TLS in interposed malloc
f48d763ab8 elf: Avoid some free (NULL) calls in _dl_update_slotinfo
710057676d sysdeps/x86/Makefile: Split and sort tests
a4207d4e83 x86: Only align destination to 1x VEC_SIZE in memset 4x loop
889f99c149 elf: Fix slow tls access after dlopen [BZ #19924]
543efedcb3 x86: Check the lower byte of EAX of CPUID leaf 2 [BZ #30643]
41a3e51233 x86_64: Add log1p with FMA
0d1c70aa4c x86_64: Add expm1 with FMA
516180d399 x86_64: Add log2 with FMA
30384b91ad x86_64: Sort fpu/multiarch/Makefile
d626c31ce5 x86: Avoid integer truncation with large cache sizes (bug 32470)
7ea35e28b4 nptl: initialize cpu_id_start prior to rseq registration
47d70ca8d9 nptl: initialize rseq area prior to registration
(From OE-Core rev: a397c152abf4f3da1323594e79ebac844a2c9f45)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
| |
(From OE-Core rev: a270d4c957259761bcc7382fcc54642a02f9fc7d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
