glibc: stable 2.41 branch updates

$ git log --oneline 6e489c17f827317bcf8544efefa65f13b5a079dc..e7c419a2957590fb657900fc92a89708f41abd9d e7c419a295 (origin/release/2.41/master, release/2.41/master) iconv: iconv -o should not create executable files (bug 33164) 1e16d0096d posix: Fix double-free after allocation failure in regcomp (bug 33185) Add CVE-2025-8058 to CVE ignore list as this is (bug 33185) commit. (From OE-Core rev: af3e5e432d9bf1e5811ea92f3e29c0874b6b9405) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2026-04-20 00:32:13 +02:00 · 2025-08-07 19:17:02 +02:00
parent 170d5d0523
commit 39bb9e606b
2 changed files with 2 additions and 2 deletions
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
 SRCBRANCH ?= "release/2.41/master"
 PV = "2.41+git"
-SRCREV_glibc ?= "6e489c17f827317bcf8544efefa65f13b5a079dc"
+SRCREV_glibc ?= "e7c419a2957590fb657900fc92a89708f41abd9d"
 SRCREV_localedef ?= "fab74f31b3811df543e24b6de47efdf45b538abc"

 GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https"
--- a/meta/recipes-core/glibc/glibc_2.41.bb
+++ b/meta/recipes-core/glibc/glibc_2.41.bb
@@ -17,7 +17,7 @@ Allows for ASLR bypass so can bypass some hardening, not an exploit in itself, m
 easier access for another. 'ASLR bypass itself is not a vulnerability.'"

 CVE_STATUS_GROUPS += "CVE_STATUS_STABLE_BACKPORTS"
-CVE_STATUS_STABLE_BACKPORTS = "CVE-2025-4802 CVE-2025-5702 CVE-2025-5745"
+CVE_STATUS_STABLE_BACKPORTS = "CVE-2025-4802 CVE-2025-5702 CVE-2025-5745 CVE-2025-8058"
 CVE_STATUS_STABLE_BACKPORTS[status] = "cpe-stable-backport: fix available in used git hash"

 DEPENDS += "gperf-native bison-native"