Updating linux-yocto/5.15 to the latest korg -stable release that comprises
the following commits:
c79648372d02 Linux 5.15.189
3e4028ef31b6 rseq: Fix segfault on registration when rseq_cs is non-zero
4b934b78041f x86: Fix X86_FEATURE_VERW_CLEAR definition
562f207d0a91 x86/mm: Disable hugetlb page table sharing on 32-bit
8312a1ccff15 vhost-scsi: protect vq->log_used with vq->mutex
02fd0c7d0d14 Input: atkbd - do not skip atkbd_deactivate() when skipping ATKBD_CMD_GETID
1b297ab6f38c HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras
68c0e3adf09a HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY
95f184337eb4 vt: add missing notification when switching back to text mode
f174d73b3fb0 HID: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2
acc94849ebb9 net: usb: qmi_wwan: add SIMCom 8230C composition
78fe114f13a3 um: vector: Reduce stack usage in vector_eth_configure()
8ea9a9fb79a9 atm: idt77252: Add missing `dma_map_error()`
8d672a1a6bfc bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT
0118fe8fbe2b bnxt_en: Fix DCB ETS validation
8d11e48b1276 net: ll_temac: Fix missing tx_pending check in ethtools_set_ringparam()
0da557bbeae2 can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level
6b08605e12b3 net: phy: microchip: limit 100M workaround to link-down events on LAN88xx
b2f5dfa87367 net: appletalk: Fix device refcount leak in atrtr_create()
a3aea97d5596 netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()
df525911974c ksmbd: fix a mount write count leak in ksmbd_vfs_kern_path_locked()
fedd65b58469 smb: server: make use of rdma_destroy_qp()
cb121c47f364 nbd: fix uaf in nbd_genl_connect() error path
10c6021a609d raid10: cleanup memleak at raid10_make_request
48da050b4f54 md/raid1: Fix stack memory use after return in raid1_reshape
b24f65c18454 wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev()
09064e6d6597 dma-buf: fix timeout handling in dma_resv_wait_timeout v2
419192cb11f2 dma-buf: use new iterator in dma_resv_wait_timeout
84df80b4c704 dma-buf: add dma_resv_for_each_fence_unlocked v8
3435a2048972 usb: dwc3: Abort suspend on soft disconnect failure
c1cb5c166fec usb: cdnsp: Fix issue with CV Bad Descriptor test
ba3a2e446fc7 usb: cdnsp: Replace snprintf() with the safer scnprintf() variant
2991f28da681 usb:cdnsp: remove TRB_FLUSH_ENDPOINT command
9a433cd87236 Input: xpad - support Acer NGR 200 Controller
e9b894ca7589 xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS
e262ff8d634c usb: xhci: quirk for data loss in ISOC transfers
59aca35c69c2 xhci: Allow RPM on the USB controller (1022:43f7) by default
982beb7582c1 virtio-net: ensure the received length does not exceed allocated size
c47c83f6f2ec netlink: make sure we allow at least one dump skb
ccc9da90af65 netlink: Fix rmem check in netlink_broadcast_deliver().
a2504279841f pwm: mediatek: Ensure to disable clocks in error path
d7684190951e RDMA/mlx5: Fix vport loopback for MPV device
e774a693b7ff btrfs: use btrfs_record_snapshot_destroy() during rmdir
21ab2c7c9794 btrfs: propagate last_unlink_trans earlier when doing a rmdir
d216d5a277de Revert "ACPI: battery: negate current when discharging"
a5012673d497 usb: gadget: u_serial: Fix race condition in TTY wakeup
2f4df5d07c77 drm/gem: Fix race in drm_gem_handle_create_tail()
ef841f8e4e1f drm/sched: Increment job count before swapping tail spsc queue
cb4b08a095b1 pinctrl: qcom: msm: mark certain pins as invalid for interrupts
0c1ad5738526 gre: Fix IPv6 multicast route creation.
e3154a48fd0b x86/mce: Make sure CMCI banks are cleared during shutdown on Intel
9f4431ba8501 x86/mce: Don't remove sysfs if thresholding sysfs init fails
9cd4fa64814b x86/mce/amd: Fix threshold limit reset
ae0e082687b2 xen: replace xen_remap() with memremap()
f98bf80b20f4 jfs: fix null ptr deref in dtInsertEntry
65ad600b9bde bpf, sockmap: Fix skb refcnt race after locking changes
2499fa286fb0 aoe: avoid potential deadlock at set_capacity
39d5137085a6 thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR
e37e3b6cc8dc bpf: fix precision backtracking instruction iteration
f5e72b7824d0 rxrpc: Fix oops due to non-existence of prealloc backlog struct
d30910170f7e ice: safer stats processing
32caa50275cc fs/proc: do_task_stat: use __for_each_thread()
25452638f133 net/sched: Abort __tc_modify_qdisc if parent class does not exist
7f1cad84ac1a atm: clip: Fix NULL pointer dereference in vcc_sendmsg()
5641019dfbae atm: clip: Fix infinite recursive call of clip_push().
1c075e88d585 atm: clip: Fix memory leak of struct clip_vcc.
3251ce3979f4 atm: clip: Fix potential null-ptr-deref in to_atmarpd().
66f9065c1c7d net: phy: smsc: Fix link failure in forced mode with Auto-MDIX
29a5de38fa1e net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap
0ba1021a8302 vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also `transport_local`
36a439049b34 vsock: Fix transport_* TOCTOU
80d7dc15805a vsock: Fix transport_{g2h,h2g} TOCTOU
dab8ded2e5ff tipc: Fix use-after-free in tipc_conn_close().
fd69af061010 netlink: Fix wraparounds of sk->sk_rmem_alloc.
552a066477cb fix proc_sys_compare() handling of in-lookup dentries
c0aec35f861f perf: Revert to requiring CAP_SYS_ADMIN for uprobes
2df3e265a301 ASoC: fsl_asrc: use internal measured ratio for non-ideal ratio mode
87825fbd1e17 drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling
(From OE-Core rev: b3f7c8cd4d56120e96b2b12f5a1eb76dc65f682b)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Updating linux-yocto/5.15 to the latest korg -stable release that comprises
the following commits:
89950c454265 Linux 5.15.188
cd0d988f7dd7 x86/CPU/AMD: Properly check the TSA microcode
2f693b607545 Linux 5.15.187
21953dde398d x86/process: Move the buffer clearing before MONITOR
c334ae4a545a KVM: SVM: Advertise TSA CPUID bits to guests
3d6513b51b72 KVM: x86: add support for CPUID leaf 0x80000021
f2b75f1368af x86/bugs: Add a Transient Scheduler Attacks mitigation
04304f5fe3e3 x86/bugs: Rename MDS machinery to something more generic
7be0d1ea71f5 usb: typec: displayport: Fix potential deadlock
5bcca95ca6d2 platform/x86: think-lmi: Create ksets consecutively
d01c737efd81 Logitech C-270 even more broken
475f89e1f9bd i2c/designware: Fix an initialization issue
b32dfd00bd51 usb: cdnsp: do not disable slot for disabled slot
969941ca9f1e xhci: dbc: Flush queued requests before stopping dbc
45f2cd76bc50 xhci: dbctty: disable ECHO flag by default
d8ccb3d08159 platform/x86: dell-wmi-sysman: Fix class device unregistration
8ac2cb8d809b platform/x86: think-lmi: Fix class device unregistration
846baaa88a2d dpaa2-eth: fix xdp_rxq_info leak
3f0b6236e11f net: dpaa2-eth: rearrange variable in dpaa2_eth_get_ethtool_stats
b2e1b676711e dpaa2-eth: Update SINGLE_STEP register access
8e4d49fc2617 dpaa2-eth: Update dpni_get_single_step_cfg command
0ab03e2616a1 ethernet: atl1: Add missing DMA mapping error checks and count errors
94a09ec93e93 NFSv4/flexfiles: Fix handling of NFS level errors in I/O
576a6739e08a drm/v3d: Disable interrupts before resetting the GPU
56738cbac3bb regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods
e772f8f5c82d regulator: gpio: Add input_supply support in gpio_regulator_config
1728e17762b9 mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier
bee6329e5fd5 rcu: Return early if callback is not specified
68d3417305ee mtd: spinand: fix memory leak of ECC engine conf
ab1e8491c19e ACPICA: Refuse to evaluate a method if arguments are missing
46b47d4b06fa wifi: ath6kl: remove WARN on bad firmware input
a856228c44dc wifi: mac80211: drop invalid source address OCB frames
1129e0e0a833 scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port()
161ff4102038 powerpc: Fix struct termio related ioctl macros
ce5f6b2540d6 ata: pata_cs5536: fix build on 32-bit UML
ba5104b9b3fa ALSA: sb: Force to disable DMAs once when DMA mode is changed
73337c003f3d ALSA: sb: Don't allow changing the DMA mode during operations
5deab0fa6cfd drm/msm: Fix a fence leak in submit error path
e269f29e9395 net/sched: Always pass notifications when child class becomes empty
7bf497c2ad87 nui: Fix dma_mapping_error() check
2b952dbb32fe rose: fix dangling neighbour pointers in rose_rt_device_down()
1fba51f021b2 enic: fix incorrect MTU comparison in enic_change_mtu()
52b4b2e85e63 amd-xgbe: align CL37 AN sequence as per databook
7edff1bbdd3a lib: test_objagg: Set error message in check_expect_hints_stats()
f5874e0dea9e igc: disable L1.2 PCI-E link substate to avoid performance issue
f10af3426144 drm/i915/gt: Fix timeline left held on VMA alloc error
92c2d914b533 platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks
4caf6a93ac39 drm/i915/selftests: Change mock_request() to return error pointers
54f62d542d2c spi: spi-fsl-dspi: Clear completion counter before initiating transfer
4c315caf16e8 drm/exynos: fimd: Guard display clock control with runtime PM calls
a1950bb9edfa btrfs: fix missing error handling when searching for inode refs during log replay
9f0771b8cc4a RDMA/mlx5: Fix CC counters query for MPV
abfdb3b4ce2b scsi: ufs: core: Fix spelling of a sysfs attribute name
1afb58c7e32b scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu()
9ceff7ded1e9 scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database()
8846fd02c98d NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN
b92397ce9674 nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails.
00ed215f5938 RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert
16a16c901a75 platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment
944ced3e4a09 mtk-sd: reset host->mrq on prepare_data() error
48bf4f3dfcda mtk-sd: Prevent memory corruption from DMA map failure
2580162c4ebf mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data
621d5a3ef023 usb: typec: altmodes/displayport: do not index invalid pin_assignments
aab032d171e7 Revert "mmc: sdhci: Disable SD card clock before changing parameters"
3d07fd496513 mmc: sdhci: Add a helper function for dump register in dynamic debug mode
2d44723a091b vsock/vmci: Clear the vmci transport packet properly when initializing it
1def00386211 rtc: cmos: use spin_lock_irqsave in cmos_interrupt
8516edd36397 ARM: 9354/1: ptrace: Use bitfield helpers
143842584c12 btrfs: don't drop extent_map for free space inode on write error
6a8aa6420ad3 arm64: Restrict pagetable teardown to avoid false warning
6d486f1e3818 Revert "ipv6: save dontfrag in cork"
9f69eb424aa2 s390: Add '-std=gnu11' to decompressor and purgatory CFLAGS
707030cb1c66 s390/entry: Fix last breaking event handling in case of stack corruption
9e2976e4e326 media: uvcvideo: Rollback non processed entities on error
45d1aa5674d6 PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time
34d3e10ab905 drm/amd/display: Add null pointer check for get_first_active_display()
53dee8fd76a6 drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready
62a7143dce1c drm/bridge: cdns-dsi: Check return value when getting default PHY config
49a421180aaa drm/bridge: cdns-dsi: Fix connecting to next bridge
6c3056ed0b73 drm/bridge: cdns-dsi: Fix the clock variable for mode_valid()
105b0a0c7e65 drm/amdkfd: Fix race in GWS queue scheduling
b0dc5d6da1da drm/udl: Unregister device before cleaning up on disconnect
c7fc459ae6f9 drm/tegra: Fix a possible null pointer dereference
21dfbd590734 drm/tegra: Assign plane type before registration
03b68435fbe3 HID: wacom: fix kobject reference count leak
796abf9f710a HID: wacom: fix memory leak on sysfs attribute creation failure
ca7b6d00a713 HID: wacom: fix memory leak on kobject creation failure
896bc23e1e25 btrfs: update superblock's device bytes_used when dropping chunk
2826ef05854d dm-raid: fix variable in journal device check
78f4cf0e81b7 Bluetooth: L2CAP: Fix L2CAP MTU negotiation
34cbe5543bec dt-bindings: serial: 8250: Make clocks and clock-frequency exclusive
f61db0a69d0b staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher()
9f7fd60fb8f7 net: selftests: fix TCP packet checksum
26248d5d68c8 atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().
6b908e85a739 net: enetc: Correct endianness handling in _enetc_rd_reg64
8898080d6143 um: ubd: Add missing error check in start_io_thread()
a4aa7c001043 vsock/uapi: fix linux/vm_sockets.h userspace compilation errors
1bc8c7b8e5b9 af_unix: Don't set -ECONNRESET for consumed OOB skb.
2afcde1b3676 wifi: mac80211: fix beacon interval calculation overflow
1197abb1ee3b libbpf: Fix null pointer dereference in btf_dump__free on allocation failure
6b4ce195552b attach_recursive_mnt(): do not lock the covering tree when sliding something under it
c3fb926abe90 ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3()
9199e8cb75f1 atm: clip: prevent NULL deref in clip_push()
ad1bdd24a02d s390/pkey: Prevent overflow in size calculation for memdup_user()
56e54021b77c i2c: robotfuzz-osif: disable zero-length read messages
d6bc3e078509 i2c: tiny-usb: disable zero-length read messages
9b084de34f1a platform/x86: ideapad-laptop: use usleep_range() for EC polling
d0537c51b4a1 dummycon: Trigger redraw when switching consoles with deferred takeover
acd41ac591b7 tty: vt: make consw::con_switch() return a bool
a74907cdd18d tty: vt: sanitize arguments of consw::con_clear()
d2781a0ba98c tty: vt: make init parameter of consw::con_init() a bool
de2871093fa3 vgacon: remove unneeded forward declarations
72dc92531df9 vgacon: switch vgacon_scrolldelta() and vgacon_restore_screen()
4b0b22dfe4d6 tty/vt: consolemap: rename and document struct uni_pagedir
3a88320314ab fbcon: delete a few unneeded forward decl
c8ea0f204cf4 uio_hv_generic: Align ring size to system page
a955c1b360b3 uio_hv_generic: Query the ringbuffer size for device
a8c1b5e33a1c Drivers: hv: vmbus: Add utility function for querying ring size
101c4437f6fb Drivers: hv: Rename 'alloced' to 'allocated'
1f2f2f56f59e f2fs: don't over-report free space or inodes in statvfs
fbcbbf2ebe5c media: imx-jpeg: Drop the first error frames
8701675abab4 clk: ti: am43xx: Add clkctrl data for am43xx ADC1
9f55faa41eac media: omap3isp: use sgtable-based scatterlist wrappers
78b7d79b8626 media: davinci: vpif: Fix memory leak in probe error path
c3705c82b740 jfs: validate AG parameters in dbMount() to prevent crashes
4789cea3f8d4 fs/jfs: consolidate sanity checking in dbMount
8c8d1dcc726a ovl: Check for NULL d_inode() in ovl_dentry_upper()
42923c6e9cd7 ceph: fix possible integer overflow in ceph_zero_objects()
bfdbc927d165 ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock
da01b76bb66a ALSA: hda: Add new pci id for AMD GPU display HD audio controller
44aa0cdaed5f ALSA: hda: Ignore unsol events for cards being shut down
56846793f105 usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode
cd414d7d7077 usb: cdc-wdm: avoid setting WDM_READ for ZLP-s
383d33f3aeb7 usb: Add checks for snprintf() calls in usb_alloc_dev()
780e48c99f66 usb: common: usb-conn-gpio: use a unique name for usb connector device
9c905fdbba68 tty: serial: uartlite: register uart driver in init
6f77e344515b usb: potential integer overflow in usbg_make_tpg()
5cb3cb3db317 usb: dwc2: also exit clock_gating when stopping udc while suspended
fd72dd6a82e2 coresight: Only check bottom two claim bits
be620f25161f um: Add cmpxchg8b_emu and checksum functions to asm-prototypes.h
82ddbbc98949 iio: pressure: zpa2326: Use aligned_s64 for the timestamp
1f25f2d3fa29 bcache: fix NULL pointer in cache_set_flush()
8ddce5eab6c3 md/md-bitmap: fix dm-raid max_write_behind setting
477c044309e6 dmaengine: xilinx_dma: Set dma_device directions
566487aad232 ksmbd: allow a filename to contain special characters on SMB3.1.1 posix extension
d8322d861a6f hwmon: (pmbus/max34440) Fix support for max34451
bbd1511e27ee leds: multicolor: Fix intensity setting while SW blinking
a23b82a0693b mfd: max14577: Fix wakeup source leaks on device unbind
852a2bda152a mailbox: Not protect module_put with spin_lock_irqsave
86be8c7409b7 NFSv4.2: fix listxattr to return selinux security label
a35f2168961e NFSv4: Always set NLINK even if the server doesn't support it
80251a15ed61 cifs: Fix cifs_query_path_info() for Windows NT servers
(From OE-Core rev: 6b6a51e73e89903e5766175c54fad23cc4a1721b)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
glib-networking's OpenSSL backend fails to properly check the return
value of memory allocation routines. An out of memory condition could
potentially result in writing to an invalid memory location.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-60019
Upstream-patch:
70df675dd4
(From OE-Core rev: eda5838fcbb8c725e6e39d6e72b63c33f6c44446)
Signed-off-by: Rajeshkumar Ramasamy <rajeshkumar.ramasamy@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
To facilitate a clean backport of the full 10-commit series
addressing the pthread condition variable lost wakeup issue
(BZ#25847) in glibc 2.35, remove the existing 8 patches that
were applied as a partial backport.
The previous partial backport excluded commit:
c36fc50781995e6758cae2b6927839d0157f213c ("nptl: Remove
g_refs from condition variables") based on guidance from
glibc maintainer Florian Weimer(#comment #74)
This exclusion was recommended for stable branches to
avoid altering the layout of pthread_cond_t, which could
introduce ABI incompatibilities. Additionally, the dependent
commit dbc5a50d12eff4cb3f782129029d04b8a76f58e7 was not needed
in the partial backport.
To align with upstream mainline, per maintainer Carlos O'Donell
(comment #75), apply the complete 10-commit series for consistency.
By removing these patches first, we ensure the subsequent
application of the full 10 commits results in cleaner, more
reviewable changes without intermixed conflicts or overlaps.
Removed patches and corresponding upstream commits:
- 0026-PR25847-1.patch: 1db84775f831a1494993ce9c118deaf9537cc50a
- 0026-PR25847-2.patch: 0cc973160c23bb67f895bc887dd6942d29f8fee3
- 0026-PR25847-3.patch: b42cc6af11062c260c7dfa91f1c89891366fed3e
- 0026-PR25847-4.patch: 4f7b051f8ee3feff1b53b27a906f245afaa9cee1
- 0026-PR25847-5.patch: 929a4764ac90382616b6a21f099192b2475da674
- 0026-PR25847-6.patch: ee6c14ed59d480720721aaacc5fb03213dc153da
- 0026-PR25847-7.patch: 4b79e27a5073c02f6bff9aa8f4791230a0ab1867
- 0026-PR25847-8.patch: 91bb902f58264a2fd50fbce8f39a9a290dd23706
Bug reference: https://sourceware.org/bugzilla/show_bug.cgi?id=25847
This change prepares the branch for the full backport in follow-up commits.
(From OE-Core rev: 9881dd70305b87945e9649d744bcbc40a1a7b780)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick commit per [1].
(From OE-Core rev: bebd1b24473e3480ae6c4ae2897fbfdf4942ea11)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
ftp.gnu.org is the main server of the GNU project, however download speed
can vary greatly based on one's location.
Using ftpmirror.gnu.org should redirect the request to the closest up-to-date mirror,
which should result sometimes in significantly faster download speed, depending
on one's location. This should also distribute the traffic more across the mirrors.
This information was sourced from https://www.gnu.org/prep/ftp.html
(From OE-Core rev: 0d11c9103f072841baf39166efc133f2a20fc4dc)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
ftp.gnu.org is the main server of the GNU project, however download speed
can vary greatly based on one's location.
Using ftpmirror.gnu.org should redirect the request to the closest up-to-date mirror,
which should result sometimes in significantly faster download speed, depending
on one's location. This should also distribute the traffic more across the mirrors.
This information was sourced from https://www.gnu.org/prep/ftp.html
(From OE-Core rev: 97939775d2b81af392a2f98c922165763ff0ae5f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
ftp.gnu.org is the main server of the GNU project, however download speed
can vary greatly based on one's location.
Using ftpmirror.gnu.org should redirect the request to the closest up-to-date mirror,
which should result sometimes in significantly faster download speed, depending
on one's location. This should also distribute the traffic more across the mirrors.
This information was sourced from https://www.gnu.org/prep/ftp.html .
(From OE-Core rev: 8418289277056d582d88916b524b920a2e005c75)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d8c6f01d7467e018aa0ed27a87850d9e4434a47a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Disable NLS in the build when USE_NLS is off.
(From OE-Core rev: b94798ecd535956ef4565663710ea9a701ff21ed)
This change corresponds to upstream eeb3974472
from master .
Since the p11-kit version are different between master & kirkstone
applied the patch manually
(From OE-Core rev: c621612a12cdbf5c89279b69e28d0e3a0b5d0a86)
Signed-off-by: Philip Lorenz <philip.lorenz@bmw.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: AshishKumar Mishra <emailaddress.ashish@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Do not build translations when NLS is disabled.
(From OE-Core rev: 83795ef6c3fa12a863cd20b7ec1a2607606987b6)
This change corresponds to upstream d848b454e6
from master .
Since the systemd version are different between master & kirkstone
applied the patch manually
(From OE-Core rev: 4b612ae7cbdc8327765c34d0e64fa8e0564891d4)
Signed-off-by: Philip Lorenz <philip.lorenz@bmw.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: AshishKumar Mishra <emailaddress.ashish@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
If the PATH environment variable contains paths which are executables
(rather than just directories), passing certain strings to LookPath
("", ".", and ".."), can result in the binaries listed in the PATH
being unexpectedly returned.
(From OE-Core rev: c4d81e32ee3fb7d05db2cfbfaaa8081841bc16ce)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
As per the linked ticket, this issue is related to an Ubuntu-specific
patch that we don't have.
(From OE-Core rev: dc81fdc6bdf8ab39b7f2fd994d50256430c36558)
(From OE-Core rev: 72e63e44a0c6ad5a408c4dc59a24288c36463439)
Rewritten CVE_STATUS to CVE_CHECK_IGNORE.
(From OE-Core rev: 66e45229a9614d33f64167f0259ae1d719839d83)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick commit mentioned in the NVD report.
(From OE-Core rev: 5109fd6675b6782f10f86f774fe54b6ccecee415)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick commit mentioned in the NVD report.
(From OE-Core rev: 10a51275bb0f62b018a6182953352ecf7aa3d220)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick commit mentioned in the NVD report.
(From OE-Core rev: dc65da274b26c1e7f4143154cd7639a93cc658be)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
All these CVEs were fixed in recent commits.
(From OE-Core rev: 86f48cdb1b26b6e234dde10b1e636e54e8a7e71f)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick commit mentioning this CVE.
Additionally fix test broken by the CVE fix.
(From OE-Core rev: 137299edbc47e8a57173ef3c22bcb719d48d5302)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A flaw was found in Libtiff. This vulnerability is a "write-what-where"
condition, triggered when the library processes a specially crafted TIFF
image file.[EOL][EOL]By providing an abnormally large image height value
in the file's metadata, an attacker can trick the library into writing
attacker-controlled color data to an arbitrary memory location. This
memory corruption can be exploited to cause a denial of service (application
crash) or to achieve arbitrary code execution with the permissions of the user.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-9900
Upstream patch:
3e0dcf0ec6
(From OE-Core rev: f4e5cdeccee02d3ea78db91d5dfdcfd017c40ee0)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
1, A cookie is set using the secure keyword for https://target
2, curl is redirected to or otherwise made to speak with http://target
(same hostname, but using clear text HTTP) using the same cookie set
3, The same cookie name is set - but with just a slash as path (path="/").
Since this site is not secure, the cookie should just be ignored.
4, A bug in the path comparison logic makes curl read outside a heap buffer boundary
The bug either causes a crash or it potentially makes the comparison come to
the wrong conclusion and lets the clear-text site override the contents of
the secure cookie, contrary to expectations and depending on the memory contents
immediately following the single-byte allocation that holds the path.
The presumed and correct behavior would be to plainly ignore the second set of
the cookie since it was already set as secure on a secure host so overriding
it on an insecure host should not be okay.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-9086
Upstream patch:
https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6
(From OE-Core rev: dc842a631b178acd9c4f00c4a3b87831baf08ebb)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Cancelling a query (e.g. by cancelling the context passed to one of
the query methods) during a call to the Scan method of the returned
Rows can result in unexpected results if other queries are being made
in parallel. This can result in a race condition that may overwrite
the expected results with those of another query, causing the call to
Scan to return either unexpected results from the other query or an
error.
Made below changes for Go 1.17 backport:
- Replaced `atomic.Pointer[error]` with `atomic.Value`, since
atomic pointers are not supported in Go 1.17.
- Used errp.(*error) to retrieve and dereference
the stored *error, Without this, build fails with:
invalid indirect of errp (type interface{}).
- Replaced Go 1.18 `any` keyword with `interface{}` for backward
compatibility with Go 1.17.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-47907
Upstream-patch:
8a924caaf3298fe517a9c23579f031
(From OE-Core rev: af9c43c39764ce9ce37785c44dfb83e25cb24703)
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
