| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
| |
A flaw was found in the RandR extension, where the RRChangeProviderProperty function
does not properly validate input. This issue leads to an integer overflow when
computing the total size to allocate.
(From OE-Core rev: 15881f41f8c00c5f0a68628c2d49ca1aa1999c2e)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients
function does not check for an integer overflow when computing request length,
which allows a client to bypass length checks.
(From OE-Core rev: de28bff9b54b2725d8c06c4760e0ed2b59d3fa61)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
A flaw was found in the X server's request handling. Non-zero 'bytes to ignore'
in a client's request can cause the server to skip processing another client's
request, potentially leading to a denial of service.
(From OE-Core rev: 4c6df8320497c2ebf09902a62b6a3f3b061be917)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler
does not validate the request length, allowing a client to read unintended memory
from previous requests
(From OE-Core rev: 0b2afd59ce8c35083c1cb3596a2f7d4eaa7bd1c8)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
A flaw was found in the Big Requests extension. The request length is multiplied
by 4 before checking against the maximum allowed size, potentially causing an
integer overflow and bypassing the size check.
(From OE-Core rev: 0a2c5179e1f08ccd0fcaccb6f95c892ebafac8a8)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
A flaw was found in the X Rendering extension's handling of animated cursors.
If a client provides no cursors, the server assumes at least one is present,
leading to an out-of-bounds read and potential crash.
(From OE-Core rev: fec7644b70452794fabfb7d967e2124918215440)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A vulnerability has been identified in the libarchive library. This flaw can be triggered whe
n file streams are piped into bsdtar, potentially allowing for reading past the end of the fi
le. This out-of-bounds read can lead to unintended consequences, including unpredictable prog
ram behavior, memory corruption, or a denial-of-service condition.
CVE-2025-5918-0001 is the dependent commit and CVE-2025-5918-0002 is the actual CVE fix.
Reference:
https://security-tracker.debian.org/tracker/CVE-2025-5918
Upstream-patches:
https://github.com/libarchive/libarchive/commit/89b8c35ff4b5addc08a85bf5df02b407f8af1f6c
https://github.com/libarchive/libarchive/commit/dcbf1e0ededa95849f098d154a25876ed5754bcf
(From OE-Core rev: 369c164a163b2c7f15ee5fc41130be9feaf7245e)
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-
one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-
byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, lea
ding to unpredictable program behavior, crashes, or in specific circumstances, could be lever
aged as a building block for more sophisticated exploitation.
Reference:
https://security-tracker.debian.org/tracker/CVE-2025-5917
Upstream-patch:
https://github.com/libarchive/libarchive/commit/7c02cde37a63580cd1859183fbbd2cf04a89be85
(From OE-Core rev: 2b6832b05bab414df1da7c74a0c6a5e5a9d75b29)
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A vulnerability has been identified in the libarchive library. This flaw
involves an integer overflow that can be triggered when processing a Web
Archive (WARC) file that claims to have more than INT64_MAX - 4 content
bytes. An attacker could craft a malicious WARC archive to induce this
overflow, potentially leading to unpredictable program behavior, memory
corruption, or a denial-of-service condition within applications that
process such archives using libarchive.
Reference:
https://security-tracker.debian.org/tracker/CVE-2025-5916
Upstream-patch:
https://github.com/libarchive/libarchive/commit/ef093729521fcf73fa4007d5ae77adfe4df42403
(From OE-Core rev: 9c74d3a096fed68d173f8711b373a42f158d6cc7)
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A vulnerability has been identified in the libarchive library. This flaw can lead to a heap b
uffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer
-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memo
ry buffer, which can result in unpredictable program behavior, crashes (denial of service), o
r the disclosure of sensitive information from adjacent memory regions.
Reference:
https://security-tracker.debian.org/tracker/CVE-2025-5915
Upstream-patches:
https://github.com/libarchive/libarchive/commit/a612bf62f86a6faa47bd57c52b94849f0a404d8c
(From OE-Core rev: 99fdc86ad57db4d8829a33033918cf78419977af)
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A vulnerability has been identified in the libarchive library, specifically within the archiv
e_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultim
ately lead to a double-free condition. Exploiting a double-free vulnerability can result in m
emory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service
condition.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-5914
Upstream-patch:
https://github.com/libarchive/libarchive/commit/09685126fcec664e2b8ca595e1fc371bd494d209
(From OE-Core rev: b7d8249bda296620a5bbf592f4cdf566b4537563)
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
The SRC_URI is changed to git://gitlab.eclipse.org/eclipse/tcf/tcf.agent.git
(From OE-Core rev: 175cd54fd57266d7dea07121861a4f15be00a882)
Signed-off-by: Guocai He <guocai.he.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport from master:
https://git.openembedded.org/openembedded-core/commit/?id=debc691853e2954bd325bad395b8829939afaa08
When assembling all of the various filenames that are installed/deployed
from u-boot, we have been including the PV and PR in the filenames. This
change introduces a single variable to replace these two in the
filenames.
This change should not be disruptive since the default value for the new
UBOOT_VERSION variable is "${PV}-${PR}".
In one case (UBOOT_EXTLINUX_SYMLINK [1]), PR was used without PV, this
patch assumes this was a mistake and corrects it as PR would not be of
much use alone.
[1] https://git.openembedded.org/openembedded-core/commit/?h=master-next&id=33df3a65f3e8e136811da715d0cc247ce66ae0ea
(From OE-Core rev: 58ad450e84db35d5b38dab65edbbc33bc6fef750)
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When SPDX_INCLUDE_COMPILED_SOURCES is enabled, only include the
source code files that are used during compilation.
It uses debugsource information generated during do_package.
This enables an external tool to use the SPDX information to disregard
vulnerabilities that are not compiled.
As example, when used with the default config with linux-yocto, the spdx size is
reduced from 156MB to 61MB.
Tested with bitbake world on oe-core.
(From OE-Core rev: c6a2f1fca76fae4c3ea471a0c63d0b453beea968)
Adapted to existing files for create-spdx-2.2
CC: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
CC: Joshua Watt <JPEWhacker@gmail.com>
(From OE-Core rev: a2866934e58fb377a73e87576c8594988a63ad1b)
Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The source information used during packaging can be use from other tasks to
have more detailed information on the files used during the compilation and
improve SPDX accuracy.
Source files used during compilation are store as compressed zstd json in
pkgdata/debugsources/$PN-debugsources.json.zstd
Format:
{ binary1: [src1, src2, ...], binary2: [src1, src2, ...] }
I checked the sstate size, and it slightly increases using core-image-full-cmdline:
without patch: 2456792 KB sstate-cache/
with patch: 2460028 KB sstate-cache/
(4236 KB or 0.17%)
(From OE-Core rev: c507dcb8a8780a42bfe68b1ebaff0909b4236e6b)
Adaptations to match spdx in scarthgap: change BP to PF
CC: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
CC: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: cba53212f5debf897752453364b9756a05c197de)
Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the input compiler enables AVX, stack realignment requirements
causes gcc to fail to omit %rbp use, due to which the test fails to
clobber %rbp in inline asm. Disable AVX to build the test on x86_64 so
that the test continues working.
Fix compilation with gcc v13.4+. Cherry picked from oe-core, master branch.
(From OE-Core rev: 54d6fa7bc9f4ae6bdb98862488e8d09200d3bc14)
Signed-off-by: Preeti Sachan <preeti.sachan@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This release includes fix for CVE-2025-30258.
Support for --enable-gpg-is-gpg2 config option has been partially removed in
version 2.4.6.
Changelog:
https://dev.gnupg.org/T7428
CVE: CVE-2025-30258
(From OE-Core rev: 41ef33ebf3e1a922aa44da8d75b240163d7954b1)
Signed-off-by: Roland Kovacs <roland.kovacs@est.tech>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
shell: avoid segfault on ${0::0/0~09J}. Closes 15216
CVE: CVE-2022-48174
Upstream-Status: Backport [https://git.launchpad.net/ubuntu/+source/busybox/commit/?id=ca2afcbf42017d998ce3d6726f5ff5072a3fa853]
(From OE-Core rev: a81aff7d810800ce3265422cddde26d11366d514)
Signed-off-by: Victor Giraud <vgiraud.opensource@witekio.com>
Signed-off-by: Bruno Vernay <bruno.vernay@se.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Proxy-Authorization and Proxy-Authenticate headers persisted on
cross-origin redirects potentially leaking sensitive information.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-4673
Upstream-patch:
https://github.com/golang/go/commit/b897e97c36cb62629a458bc681723ca733404e32
(From OE-Core rev: 72279bbc1ff2d85563c5245195435f078c5d1a68)
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ctest automatically optimizes the order of (parallel) test execution based on
historic test case runtime via the COST property (see [0]), which can have a
significant impact on overall test run times. Sadly this feature is broken in
CMake < 4.0.0 for test cases that have spaces in their name (see [1]).
This commit is a backport of f24178f3 (which itself backports the upstream fix).
The patch was adapted slightly to apply cleanly to the older CMake version in
scarthgap. As repeated test runs are expected to mainly take place inside the
SDK, the patch is only applied to 'nativesdk' builds.
[0]: https://cmake.org/cmake/help/latest/prop_test/COST.html
[1]: https://gitlab.kitware.com/cmake/cmake/-/issues/26594
Reported-By: John Drouhard <john@drouhard.dev>
(From OE-Core rev: cfa97a50e06fb0fcc7cbc0ada54ce7ad5ba29ebe)
Signed-off-by: Moritz Haase <Moritz.Haase@bmw.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
$ git log --oneline 3463100f2d47f2897a24ba8023a5c7aaf2d26550..06a70769fd0b2e1f2a3085ad50ab620282bd77b3
06a70769fd ppc64le: Revert "powerpc: Optimized strcmp for power10" (CVE-2025-5702)
3875045da5 ppc64le: Revert "powerpc : Add optimized memchr for POWER10" (Bug 33059)
c6240a11f7 ppc64le: Revert "powerpc: Fix performance issues of strcmp power10" (CVE-2025-5702)
2caef2827f elf: Fix subprocess status handling for tst-dlopen-sgid (bug 32987)
9e25c0f445 x86_64: Fix typo in ifunc-impl-list.c.
ca99d55315 elf: Test case for bug 32976 (CVE-2025-4802)
71ddb11ccd support: Add support_record_failure_barrier
abdeb4b520 support: Use const char * argument in support_capture_subprogram_self_sgid
147bed0a71 elf: Keep using minimal malloc after early DTV resize (bug 32412)
4e5ee49a43 sysdeps/unix/sysv/linux/x86_64/Makefile: Add the end marker
37b30b6a68 sysdeps/x86_64/Makefile (tests): Add the end marker
9fe51d34bb sort-makefile-lines.py: Allow '_' in name and "^# name"
14ec225d85 libio: Correctly link tst-popen-fork against libpthread
1dcfb9479d libio: Fix a deadlock after fork in popen
e31ac9a639 libio: Sort test variables in Makefile
68f3f1a1d0 Linux: Switch back to assembly syscall wrapper for prctl (bug 29770)
d33d10642f nptl: PTHREAD_COND_INITIALIZER compatibility with pre-2.41 versions (bug 32786)
b1eb369aee nptl: Use all of g1_start and g_signals
ac5da3c0e4 nptl: rename __condvar_quiesce_and_switch_g1
2fdc0afd07 nptl: Fix indentation
582c99b2c0 nptl: Use a single loop in pthread_cond_wait instaed of a nested loop
fc2a25417d nptl: Remove g_refs from condition variables
6f5ba03968 nptl: Remove unnecessary quadruple check in pthread_cond_wait
d0da34ad30 nptl: Remove unnecessary catch-all-wake in condvar group switch
ea13a35e37 nptl: Update comments and indentation for new condvar implementation
2451ef5c4a pthreads NPTL: lost wakeup fix 2
test results:
Before After Diff
FAIL 207 207 0
PASS 4912 4915 +3
UNSUPPORTED 230 230 0
XFAIL 16 16 0
XPASS 4 4 0
(From OE-Core rev: c94b6686a1edcaa1bea1ff5e716df96da8e36b7c)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
Backport patch to fix CVE-2025-5278.
(From OE-Core rev: 7af711c0a31359b57903503ab37bad53aad89c22)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NVD ([1]) tracks this as:
cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*
Running on/with
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Yocto cve-check ignores the "Running on/with", so it needs to be ignored
explicitly.
[1] https://nvd.nist.gov/vuln/detail/CVE-2024-3566
(From OE-Core rev: b8841097eaf7545abf56eb52a122e113b54ba2a7)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
The recipe was accidentally renamed with a 'v'
prefix in 29e623b2ad00555788412fa520fbb9ffec794cbb.
(From OE-Core rev: db02a4cc542d0e7e563ec46c91bf9a7313a71d02)
Signed-off-by: Savvas Etairidis <setairidis@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Install libpng test-suite to run it as a ptest.
As the test-suite takes more than 30 seconds to run,
add libpng-ptest to PTESTS_SLOW in ptest-packagelists.inc
(From OE-Core rev: 1b52b7ebe5f8fb490088622181cdb95e6b7f5a29)
Signed-off-by: Poonam Jadhav <poonam.jadhav@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Remove aarch64 for ARM Cortex-R52 processor as it supports only 32-bit
ISA but not 64-bit ISA. Also update ARMPKGARCH for cortexr52hf.
(From OE-Core rev: 8ee21ec40e9f25ee97ec077b93751fea14b66e32)
Signed-off-by: Sandeep Gundlupet Raju <sandeep.gundlupet-raju@amd.com>
Signed-off-by: Sandeep Gundlupet Raju <grsandeep85@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a bugfix release in GCC13 release series
100+ bugfixes
https://gcc.gnu.org/bugzilla/buglist.cgi?bug_status=RESOLVED&resolution=FIXED&target_milestone=13.4
Dropped the following patches:
0028-gcc-Fix-c-tweak-for-Wrange-loop-construct.patch
https://github.com/gcc-mirror/gcc/commit/179dc0f0fe01012675c1b430591b9891ce96c26e
gcc.git-ab884fffe3fc82a710bea66ad651720d71c938b8.patch
https://github.com/gcc-mirror/gcc/commit/5ceea2ac106d6dd1aa8175670b15a801316cf1c9
#GCC 13.3 #GCC 13.4 #Diff
No. of expected passes 148863 149440 +577
No. of unexpected failures 14 14 0
No. of expected failures 1415 1414 -1
No. of unresolved testcases 25384 25660 +276
No. of unsupported tests 2692 2689 -3
(From OE-Core rev: 7af83314fea5948937403b5d59ba5df6fecdd81a)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Changelog:
https://requests.readthedocs.io/en/latest/community/updates/#release-history
(From OE-Core rev: 0f0a06ccef45792f65b823ecc0ef10525d94084f)
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
CVE-2025-1373 does not appear to affect ffmpeg 5.0.3. The CVE has been
marked as "fixed-version".
(From OE-Core rev: 0ffe159d9a4ee434b4c995e1ca9a85b01e0a5d05)
Signed-off-by: Colin Pinnell McAllister <colin.mcallister@garmin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
Backport patch for this CVE and also patch for its regression.
(From OE-Core rev: 352525443b1844cdfd28355dfc1444046bbb76e8)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
/etc/os-release is a symlink to /usr/lib.
Symlink is retrieved as a dead link which points to nowhere if also the
original file is not accompanying it.
Fetch the real file in addition to this link.
Alternative could be to use "tar -h" (supported also by busybox tar),
however that could lose some important information if links are relevant
for failure analysis.
(From OE-Core rev: ed43f9ccb3c08845259e24440912631afd780d12)
(From OE-Core rev: f7ee6db8ca5dc72b7a468531e31403b60e6a0020)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes [YOCTO #15513]
When built without the wayland feature, gtk4 does not
build due to a missing explicit dependency on libdrm.
(From OE-Core rev: 46c7f1a8d6b39256479abd8a7bb7be1ccf221267)
Signed-off-by: Andrew Fernandes <andrew@fernandes.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b32290d9bbcfccc9b85fa5acbeaee5d32d9a9091)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop upstreamed patch and refresh remaining patches.
* https://www.python.org/downloads/release/python-31210/
Python 3.12.10 is the latest maintenance release of Python 3.12, and
the last full maintenance release. Subsequent releases of 3.12 will be
security-fixes only.
* https://www.python.org/downloads/release/python-31211/
Security content in this release
* gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330]
[CVE 2025-4435] [CVE 2025-4517] Fixes multiple issues that allowed
tarfile extraction filters (filter="data" and filter="tar") to be
bypassed using crafted symlinks and hard links.
* gh-133767: Fix use-after-free in the “unicode-escape” decoder with a
non-“strict” error handler.
* gh-128840: Short-circuit the processing of long IPv6 addresses early
in ipaddress to prevent excessive memory consumption and a minor
denial-of-service.
gh-133767 got meawhile CVE-2025-4516 assigned.
(From OE-Core rev: 6cca08b2857efd5481e837ecd6bb295cb8a99ee1)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog
https://downloads.isc.org/isc/kea/2.4.2/Kea-2.4.2-ReleaseNotes.txt
License-Update: Update copyright year
Includes security fixes for CVE-2025-32801, CVE-2025-32802 and CVE-2025-32803
(From OE-Core rev: 2f3d2a2848472bdf87fbce00967bc780fc859e05)
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/422
(From OE-Core rev: 504d92b01ac9a227e8e57b677f016fdfeccd5666)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/422
(From OE-Core rev: 9c014c1b96f4ebeb0f6f504b6c7c0d8063b6a6b7)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/440
(From OE-Core rev: ebb87904c97f4b27a023b2347622519c702d4d2d)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/449
(From OE-Core rev: 737d50288a37f51f17cf3fef0422e27dbd115cce)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Refer:
http://gitlab.gnome.org/GNOME/libsoup/-/issues/449
(From OE-Core rev: b4fb5cd0d3385989842ad5a84d34cf451679c59a)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/439
(From OE-Core rev: f1450eea34202a9cc46294e3d8244c829556c369)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/439
(From OE-Core rev: 9e32f4fd761b591ea2f5ce26381135e9a8db94ce)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/424
(From OE-Core rev: 563a34faae35e4587fe2740c26c4bc149555a5de)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/424
(From OE-Core rev: d16627901125854f5346711e96d635c704438705)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/401
(From OE-Core rev: dd92cad39759b7ad105d8bcd42672847a273bccc)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/425
(From OE-Core rev: 9a8a5072969a326e296d840296cb475fb3c0e2ff)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/425
(From OE-Core rev: f3890f25cc036fd184578d7b85e6410ee97dc3ad)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The update includes 79 commits. Full list of changes can be found on
Github [1]
All patches were refreshed with devtool.
[1] https://github.com/systemd/systemd-stable/compare/v255.18...v255.21
(From OE-Core rev: 29e623b2ad00555788412fa520fbb9ffec794cbb)
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A minor information leak when running Screen with setuid-root
privileges allosw unprivileged users to deduce information
about a path that would otherwise not be available.
Affected are older Screen versions, as well as version 5.0.0.
Reference:
https://security-tracker.debian.org/tracker/CVE-2025-46804
Upstream-patch:
https://cgit.git.savannah.gnu.org/cgit/screen.git/commit/?id=e0eef5aac453fa98a2664416a56c50ad1d00cb30
(From OE-Core rev: a313af8ca347797214669406ee86f5239997f7e3)
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For a short time they PTY is set to mode 666, allowing any user on the
system to connect to the screen session.
Reference:
https://security-tracker.debian.org/tracker/CVE-2025-46802
Upstream-patch:
https://cgit.git.savannah.gnu.org/cgit/screen.git/commit/?id=049b26b22e197ba3be9c46e5c193032e01a4724a
(From OE-Core rev: b17e091eb4681b69c5a050d3fa0f9289f524e205)
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
PR32858 ld segfault on fuzzed object
We missed one place where it is necessary to check for empty groups.
Backport a patch from upstream to fix CVE-2025-5244
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=d1458933830456e54223d9fc61f0d9b3a19256f5]
(From OE-Core rev: 31fc180f606c5bb141c9c6dd85a7b1d876e1d692)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
