mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-12 11:43:04 +01:00
Code Issues Packages Projects Releases Wiki Activity
68,873 Commits 38 Branches 617 Tags
94dea33c75f818c1424dc24366a3e3f368a208fe
Commit Graph

37 Commits

Author SHA1 Message Date
Deepesh Varatharajan
520ba611e6 binutils: Fix CVE-2025-1178 
Prevent an abort in the bfd linker when attempting to
generate dynamic relocs for a corrupt input file.

PR 32638

Backport a patch from upstream to fix CVE-2025-1178
Upstream-Status: Backport from [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=75086e9de1707281172cc77f178e7949a4414ed0]

(From OE-Core rev: e820e5364c4b3ec52796a77842b480fea8bc7967)

Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-05-02 08:12:41 -07:00
Deepesh Varatharajan
e9f1ad6922 binutils: Fix CVE-2025-0840 
PR32560 stack-buffer-overflow at objdump disassemble_bytes

Backport a patch from upstream to fix CVE-2025-0840
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=baac6c221e9d69335bf41366a1c7d87d8ab2f893]

(From OE-Core rev: e12ee4b1713aa25465aa3f866d345d84e9eb948a)

Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-03-13 08:50:03 -07:00
Yash Shinde
7e19a67813 binutils: internal gdb: Fix CVE-2024-53589 
CVE: CVE-2024-53589

(From OE-Core rev: 2d6df18f4a694d6499b337bbbab10ba8bb6e3fe4)

Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-02-05 06:54:35 -08:00
Deepthi Hemraj
d0eef85d33 bintuils: stable 2.38 branch update 
Below commit on binutils-2.38 stable branch are updated.
4d71e17a9fd libctf: fix ref leak of names of newly-inserted non-root-visible types

(From OE-Core rev: 98517fbc5bbddbe8608b41a7771eb7d90d7860a7)

Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2024-10-07 05:43:22 -07:00
Vijay Anusuri
8d93dec85f binutils: Rename CVE-2022-38126 patch to CVE-2022-35205 
CVE-2022-38126 has been marked "REJECT" in the CVE List by NVD.

Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-38126

As commit changes in 0016-CVE-2022-38126.patch fixes CVE-2022-35205.
Hence renamed the patch.

Link: https://ubuntu.com/security/CVE-2022-35205

(From OE-Core rev: d91af23e4fef0f1999c18fc3a43085b70e98dfd5)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2024-05-29 05:24:08 -07:00
Deepthi Hemraj
698ba6a8ed binutils: internal gdb: Fix CVE-2023-39130 
CVE: CVE-2023-39130
(From OE-Core rev: 97b5bf2505d68bea6d1c2a66318cfbc51335463a)

Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2024-02-09 03:46:50 -10:00
Deepthi Hemraj
1398a0e07f binutils: internal gdb: Fix CVE-2023-39129 
CVE: CVE-2023-39129
(From OE-Core rev: fd3f20e1e8bcd63b75e8800fe60d6194a4fd6bd4)

Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2024-02-09 03:46:50 -10:00
Deepthi Hemraj
c771630e99 binutils: Fix CVE-2022-48064 
(From OE-Core rev: 88cbf5eb4a075e677b1f9e6444ec6378a5949978)

Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2023-11-28 05:00:32 -10:00
Deepthi Hemraj
39aa7af59b binutils: Fix CVE-2022-47007 
(From OE-Core rev: 03e6ea59d82e613ba3b5d388fa87317cef982f2b)

Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2023-11-28 05:00:32 -10:00
Sanjana
f9a95adda5 binutils: Fix CVE-2022-47010 
(From OE-Core rev: 3fd5701a861aa263ad1d912bfd44d4d5826d11a1)

Signed-off-by: Sanjana <Sanjana.Venkatesh@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2023-11-14 06:49:11 -10:00
Armin Kuster
f550a63161 binutils: CVE-2022-48063 
Source: Binutils
MR: 128800
Type: Security Fix
Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=75393a2d54bcc40053e5262a3de9d70c5ebfbbfd
ChangeID: ab04e4ec62d054c90d94f82230adb2342ce1ee1b
Description:

Affects binutils < 2.40

(From OE-Core rev: 80a8d16a4038868469b4583404b6f73e12bae0f1)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2023-10-21 05:21:36 -10:00
Deepthi Hemraj
8391218990 binutils: Fix CVE-2022-47011 
(From OE-Core rev: 5ff2e3c880705c2e920a4a61a5165810fadd7b84)

Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2023-10-21 05:21:35 -10:00
Deepthi Hemraj
bdcc4c9909 binutils: Fix CVE-2022-47008 
(From OE-Core rev: 3a299d1610bf085790017569de090b0a41cf809b)

Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2023-10-21 05:21:35 -10:00
Chaitanya Vadrevu
4537f28311 binutils: Fix CVE-2022-47695 
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=3d3af4ba39e892b1c544d667ca241846bc3df386]

(From OE-Core rev: 4d4732c2e295fea610d266fa12bae3cc01f93dfa)

Signed-off-by: Chaitanya Vadrevu <chaitanya.vadrevu@ni.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2023-10-21 05:21:35 -10:00
Yash Shinde
e77b551dbf binutils: Fix CVE-2022-45703 
(From OE-Core rev: b2fa5b29462a16b238f8a6a40886b45aa483e963)

Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2023-10-18 05:13:24 -10:00
Yash Shinde
600b508c37 binutils: Fix CVE-2022-44840 
(From OE-Core rev: 7a42ae332ebde565cc7c6fca568563f076bd26ba)

Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2023-10-18 05:13:24 -10:00
Sanjana
07593122c9 binutils: stable 2.38 branch updates 
Below commits on binutils-2.38 stable branch are updated.

ea5fe5d01e5 PR30697, ppc32 mix of local-dynamic and global-dynamic TLS

(From OE-Core rev: e8becc003d6926cc347ec42c0f13dcd5d9042b4d)

Signed-off-by: Sanjana <sanjanasanju1608@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2023-09-23 05:26:15 -10:00
Sanjana
2a7595f1c1 binutils: Fix CVE-2022-48065 
(From OE-Core rev: 860ecdbbf5cfd8737c914522af16dbc8bee0f72f)

Signed-off-by: Sanjana <sanjanasanju1608@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2023-09-23 05:26:15 -10:00
Deepthi Hemraj
8876f53021 binutils : Fix CVE-2023-25588 
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=d12f8998d2d086f0a6606589e5aedb7147e6f2f1]

(From OE-Core rev: fd0d01aca6f2aea51e9704e0ba48dc35dfd87b81)

Signed-off-by: Deepthi Hemraj <deepadeepthi98@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2023-05-10 04:19:56 -10:00
Deepthi Hemraj
2396bda079 binutils : Fix CVE-2023-1972 
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=c22d38baefc5a7a1e1f5cdc9dbb556b1f0ec5c57]

(From OE-Core rev: d46891efa23932a048f7cc4d82c6387e03262f76)

Signed-off-by: Deepthi Hemraj <deepadeepthi98@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2023-05-10 04:19:56 -10:00
Deepthi Hemraj
2d215bee87 binutils : Fix CVE-2023-25585 
Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=65cf035b8dc1df5d8020e0b1449514a3c42933e7]

(From OE-Core rev: 033db4876844b17de7673970860eb155d15c56e7)

Signed-off-by: Deepthi Hemraj <deepadeepthi98@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2023-05-10 04:19:56 -10:00
Deepthi Hemraj
614a9a6f9f binutils : Fix CVE-2023-25584 
Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=77c225bdeb410cf60da804879ad41622f5f1aa44]

(From OE-Core rev: 27278ebd5d102ce5a9d45f94a93932065025657b)

Signed-off-by: Deepthi Hemraj <deepadeepthi98@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2023-05-10 04:19:56 -10:00
Yash Shinde
dea0c1e1f5 binutils : Fix CVE-2023-1579 
Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3e307d538c351aa9327cbad672c884059ecc20dd]

(From OE-Core rev: d478e7ea0bb897e13d86c476966924ef9927f11a)

Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2023-04-19 04:44:59 -10:00
Yash Shinde
6a1554f16d binutils : Fix CVE-2023-22608 
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=8af23b30edbaedf009bc9b243cd4dfa10ae1ac09]

(From OE-Core rev: 3dd27bbe8c19aa358916de940453de81d3831510)

Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2023-03-09 13:19:02 +00:00
Yash.Shinde@windriver.com
47edd3bbdd binutils : Fix CVE-2022-4285 
Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5c831a3c7f3ca98d6aba1200353311e1a1f84c70]

(From OE-Core rev: 1f269e532a8fd463de2869be2768feb79ad36bd7)

Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2023-01-06 17:33:23 +00:00
Yash Shinde
7b6d1acff1 binutils: stable 2.38 branch updates 
Below commits on binutils-2.38 stable branch are updated.
dc2474e7d20 (HEAD -> binutils-2_38-branch, origin/binutils-2_38-branch) elf: Reset alignment for each PT_LOAD segment
f184ba116ed Re: PowerPC64 pcrel got relocs against local symbols
737e29d05eb PowerPC64 pcrel got relocs against local symbols

(From OE-Core rev: 3ea33ca1a83d8621f1feee78f2c63850c1bc73e3)

Signed-off-by: Yash Shinde <yashinde145@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-10-29 16:32:24 +01:00
pgowda
1b2fb9a1a5 binutils : Fix CVE-2022-38128 
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=f07c08e115e27cddf5a0030dc6332bbee1bd9c6a]
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=175b91507b83ad42607d2f6dadaf55b7b511bdbe]
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=695c6dfe7e85006b98c8b746f3fd5f913c94ebff]

(From OE-Core rev: 21fb0b441096ec8b5cfa1d5b645f9a3a2ace1e09)

Signed-off-by: pgowda <pgowda.cve@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-10-20 15:36:01 +01:00
pgowda
401ced2671 binutils : Fix CVE-2022-38127 
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=19c26da69d68d5d863f37c06ad73ab6292d02ffa]
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=ec41dd75c866599fc03c390c6afb5736c159c0ff]
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=f18acc9c4e5d18f4783f3a7d59e3ec95d7af0199]
Upstream-Status: Backport
[https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e98e7d9a70dcc987bff0e925f20b78cd4a2979ed]

(From OE-Core rev: e384b754eb0223928c239db42ece93c06dce6daa)

Signed-off-by: pgowda <pgowda.cve@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-10-11 21:56:13 +01:00
pgowda
7935b3f5a1 binutils: fix CVE-2022-38126 
Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e3e5ae049371a27fd1737aba946fe26d06e029b5]

(From OE-Core rev: 1c3eaf29fc21579a8e4aa8ab6c356d773f8a38f5)

Signed-off-by: pgowda <pgowda.cve@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-09-28 08:02:10 +01:00
pgowda
72aa63fcf5 binutils : CVE-2022-38533 
Upstream-Status: Backport
[https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ef186fe54aa6d281a3ff8a9528417e5cc614c797]

(From OE-Core rev: 9644d9a38dac8d2c0263f4e8a67624da7a8bc55b)

Signed-off-by: pgowda <pgowda.cve@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-09-12 08:41:47 +01:00
Sundeep KOKKONDA
03e778a636 binutils: stable 2.38 branch updates 
Below commits on Binutils-2.38 development branch are updated.
5c0b4ee4060 i386: Don't allow GOTOFF relocation against IFUNC symbol for PIC
19892fedb7b x86: Properly check invalid relocation against protected symbol
b8a2baa80b1 libctf: tests: prune warnings from compiler output
7f9a495a167 libctf: fix linking together multiple objects derived from the same source
97dd8079feb PowerPC64: fix assertion in ppc_build_one_stub with -Os code

(From OE-Core rev: 4eb53b33bc46a8131653354bd077229ee7ee42ed)

Signed-off-by: Sundeep KOKKONDA <sundeep.kokkonda@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-08-08 16:23:37 +01:00
Sundeep KOKKONDA
ff1b9910c8 binutils : stable 2.38 branch updates 
Below commits on Binutils-2.38 development branch are updated.

binutils:
e1ea1dafff6 x86: Properly handle IFUNC function pointer reference
ffc7aa903b9 AArch64: Enable FP16 by default for Armv9-A.

(From OE-Core rev: 2023e334efa325bcd08b7bcc92455afdbf4e66d7)

Signed-off-by: Sundeep KOKKONDA <sundeep.kokkonda@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-07-16 06:52:45 +01:00
Pgowda
2a59abcb90 binutils : CVE-2019-1010204 
Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=2a4fc266dbf77ed7ab83da16468e9ba627b8bc2d]

(From OE-Core rev: 4bc6bb36dba96a534998928959acf637f9360775)

Signed-off-by: Pgowda <pgowda.cve@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0c55355a83130c2c0a59e9fb94f8914499943dd4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-07-08 08:27:15 +01:00
Samuli Piippo
cf6699a5cb binutils: Bump to latest 2.38 release branch 
Fixes Qt build with GCC 12.1.

Brings following fixes

 * 3d549e5ccc0 PR29142, segv in ar with empty archive and libdeps specified
 * c473aa1b9d8 M68K: avoid quadratic slowdlow in label alignment check
 * 8d1187516e3 Adjust ld ctf test for 32-bit targets
 * 9c67f6382ac x86: Properly handle function pointer reference
 * 9a01457e02e s390: Add DT_JMPREL pointing to .rela.[i]plt with static-pie
 * 82a5bb730a1 s390: Avoid dynamic TLS relocs in PIE
 * d54081c642a LoongArch: Update ABI eflag in elf header.
 * fb4d148004f IBM zSystems: Add support for z16 as CPU name.
 * 975b5540232 libctf, ld: diagnose corrupted CTF header cth_strlen
 * 99852365513 dlltool: Use the output name as basis for deterministic temp prefixes
 * 210bf1d6225 Updated Serbian (for binutils/) and Russian (for gprof/) translations
 * fcf60fe8482 PR28959, obdump doesn't disassemble mftb instruction
 * e4a35c73196 PowerPC64 DT_RELR relative reloc addresses
 * 7183434818e Work around gcc-4 warnings in elf64-ppc.c

(From OE-Core rev: cefc45625535972d20b252ed0a2f497dff7d5fe5)

Signed-off-by: Samuli Piippo <samuli.piippo@qt.io>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c007a7251e697836a29bd1aebe49d4f2433a5e6e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-05-25 22:45:50 +01:00
Khem Raj
80ad825f6a binutils: Bump to latest 2.38 release branch 
Fixes building ppc32 kernels

Brings following fixes

* 2d92604cd30 Revert "Check thin archive element file size against archive header"
  * ed9b2e40ebf binutils 2.38 vs. ppc32 linux kernel
  * 40d32f56f63 Updated Serbian translations for the bfd, gold, ld and opcodes directories
  * 6aa1b7df2fc ld: Keep indirect symbol from IR if referenced from shared object
  * ae1cab7d3f3 i386: Update I386_NEED_DYNAMIC_RELOC_TYPE_P for DT_TEXTREL
  * df9071487a8 PR28882, build failure with gcc-4.2 due to use of 0b literals
  * caa6172de4b x86: Disallow invalid relocation against protected symbol

(From OE-Core rev: f5fb73ea3d868997f2fc3744ddb0647ab3284218)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-03-15 08:40:09 +00:00
Pgowda
967ff0e2af binutils: Avoid Race condition in as.info 
The race condition in binutils/gas folder was introduced with the
following patch. The patch avoids recursive make into the doc folder.
It would speed up the build process slightly. However, the as.info
is installed twice which resulted in the race condition sometimes.
https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=bde299e063de090bf36c1fe51874d1e9f4d94c3c

On debugging the code, it was found that the issue was related to
install-data-local. On further analysis, there is already a patch in
binutils that removes install-data-local.
On applying the patch as.info is installed once as expected and there’s
no possibility of any race condition.
https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=9a84a44d5df4618dd616137fa755bd71b7eacc5f

Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=9a84a44d5df4618dd616137fa755bd71b7eacc5f]

[YOCTO #14725]

(From OE-Core rev: c08a245990eb46906476dc0f6ade0482c7be241d)

Signed-off-by: pgowda <pgowda.cve@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-03-04 17:14:15 +00:00
Khem Raj
6957ff06a0 binutils: Upgrade to 2.38 release 
Release Notes are here [1]

[1] https://lists.gnu.org/archive/html/info-gnu/2022-02/msg00009.html

(From OE-Core rev: 77a1038828e638518dceda969da0817aa13eb5d3)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-02-16 09:46:28 +00:00