A flaw was found in m2crypto. This issue may allow a remote attacker to
decrypt captured messages in TLS servers that use RSA key exchanges,
which may lead to exposure of confidential or sensitive data.
The CVE-2023-50781 in M2Crypto is addressed by modifying OpenSSL because
M2Crypto relies on OpenSSL for its cryptographic operations.The issue
stems from OpenSSL’s RSA PKCS#1 v1.5 padding verification being
vulnerable to Bleichenbacher-type attacks.To mitigate this, OpenSSL
introduced an implicit rejection mechanism in the RSA PKCS#1 v1.5
padding.Therefore, resolving the vulnerability requires changes within
OpenSSL itself to ensure M2Crypto’s security.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-50781https://github.com/openssl/openssl/pull/13817/commitshttps://todo.sr.ht/~mcepl/m2crypto/342?__goaway_challenge=meta-refresh&__goaway_id=45a03d6accb7b343867110db1f7fb334
(From OE-Core rev: d24c4923d6f7a25bdc3ec5d4ac6bee32bb0bae88)
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Fix:
../recipe-sysroot/usr/include/libuboot.h:29:2: error: unknown type name 'size_t'
size_t envsize;
^
This error can be avoided by using CXXFLAGS:append = " -include cstddef"
but this way would be needed in all recipes that use libuboot.h.
Therefore, Backport the patch to include <cstddef> in C++ builds.
(From OE-Core rev: e401a16d8e26d25cec95fcea98d6530036cffca1)
Signed-off-by: Youngseok Jeong <youngseok1.jeong@lge.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The previous fix missed another cherry-pick that fixed building
manpages after the coredump patch. The version-info.xml file doesn't
exist in 250. It was introduced later, so remove the reference to
it.
(From OE-Core rev: 0a383ef579ffe5f5c4ef2c78040540f1332e4ea6)
Signed-off-by: Daniel McGregor <daniel.mcgregor@vecima.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This class has been in OE-Core for a while but never documented in the
reference manual. Add some description for it and link to the existing
documentation on it.
(From yocto-docs rev: 1576091585f8ffdcadd8b8eee525614ab16b6fa0)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 362a331255525fc853dab3af4ec905c417fabb0b)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This variable is part of uboot-sign but not documented.
(From yocto-docs rev: 1a07897a273867b4cf26759e88e423c552a09c4a)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 05eb461cb1da76ad9cbaf634da7f47447b3f6765)
[fix minor conflicts in classes.rst]
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Update the distributions to match the list of workers on the
Autobuilder. This list was generated with the help of
yocto-autobuilder-helper/scripts/yocto-supported-distros.
Also:
- Sort the lists alphabetically.
- Fill the second list with EOL distros still running on the
Autobuilder.
(From yocto-docs rev: 207477ddfead183f9df06215b1acb453138708cb)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The example repo doesn't seem to have ever been under MIT to begin with
but rather Apache-2.0.
The license file exists in the sources, so use that one instead of
taking it from the OE-Core license directory.
License-Update: Incorrect license is now proper
(From OE-Core rev: 3d1c037a7cb7858a4e3c33a94f5d343a81aac5f7)
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
By default, the tests are built and run at do_compile and we can see
errors like below in log.do_compile:
gnupg-2.3.7/tests/cms/inittests: line 99: ../../sm/gpgsm: cannot execute binary file: Exec format error
Note that the do_compile process still succeeds. However, we'd better avoid
executing these target binaries at build time.
(From OE-Core rev: b02f99a0b82ed55a07c00b32805ad676c04ee4ab)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(master rev: 74d48497470ce209bc6bdf49c2e2cfda67dce6ae)
Signed-off-by: Guocai He <guocai.he.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick 2 commits as in scarthgap branch plus one additional precondition
to apply those.
(From OE-Core rev: e43507dad134c5036be1c79a37f73c34f4fb6292)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability was found in LibTIFF up to 4.7.0. It has been
rated as critical. This issue affects the function setrow of the
file tools/thumbnail.c. The manipulation leads to buffer overflow.
An attack has to be approached locally. The patch is named
e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It is recommended to
apply a patch to fix this issue. This vulnerability only affects
products that are no longer supported by the maintainer.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-8177
Upstream patch:
e8de4dc1f9
(From OE-Core rev: fbf3238630c104c9e17d6e902986358cea5986ff)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability was found in LibTIFF up to 4.7.0. It has
been declared as critical. This vulnerability affects the
function get_histogram of the file tools/tiffmedian.c. The
manipulation leads to use after free. The attack needs to
be approached locally. The exploit has been disclosed to
the public and may be used. The patch is identified as
fe10872e53efba9cc36c66ac4ab3b41a839d5172. It is recommended
to apply a patch to fix this issue.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-8176
Upstream patches:
3994cf3b3bce46f002ececc4ddbf1f
(From OE-Core rev: 5dbc4ccce8676b016de8c1393c2f0d0f74eb9337)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This is a single commit bump containing only CVE fix
$ git log --oneline d80401002011f470d9c6eb604bf734715e9b3a8c..a66bc3941ff298e474d5f02d0c3303401951141f
a66bc3941f posix: Fix double-free after allocation failure in regcomp (bug 33185)
Test results didn't change except newly added test succeeding.
(tst-regcomp-bracket-free)
Also add CVE-2025-0395 ignore which was already included in previous
hash bumps.
Also drop an unreferenced patch.
(From OE-Core rev: 3921549f6420e44a250d06cdef2c9d423fb6e39f)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick commit referencing this CVE from 2.13 branch.
(From OE-Core rev: 9418c88c964dffc21abe6a056db72c3c81e25137)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick relevant commit from 3.8.10 release MR [1].
The MR contains referece to undiscoled issue, so any security relevant
patch should be picked.
Binary test file was added as separate file as binary diffs are not
supported.
[1] https://gitlab.com/gnutls/gnutls/-/merge_requests/1979
(From OE-Core rev: 990bd6fab5c6004b9fbcdb9c76bcb3a96ba5887a)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick relevant commit from 3.8.10 release MR [1].
The ME contains referece to undiscoled issue, so any security relevant
patch should be picked.
Binary test file was added as separate file as binary diffs are not
supported.
[1] https://gitlab.com/gnutls/gnutls/-/merge_requests/1979
(From OE-Core rev: 33181e3e8c7427fc823f750e936732b69e247987)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
CVE patch [1] as mentioned in [2] relies on several patches not yet
available in version 2020.81 we have in kirkstone.
The good folks from Debian did the hard work identifying them as they
have the same version in bullseye release.
The commits were picked from [3] and they have their references to
dropbear upstream commits.
[1] e5a0ef27c2
[2] https://security-tracker.debian.org/tracker/CVE-2025-47203
[3] 7f48e75892
(From OE-Core rev: 91eeffaf14917c7c994a8de794b915231e69c5d6)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
* many configure tests (which might not fail before) are failing with gcc-14:
# grep implicit build/config.log
conftest.c:47:1: error: return type defaults to 'int' [-Wimplicit-int]
conftest.c:47:1: error: return type defaults to 'int' [-Wimplicit-int]
conftest.c:47:1: error: return type defaults to 'int' [-Wimplicit-int]
conftest.c:47:1: error: return type defaults to 'int' [-Wimplicit-int]
conftest.c:47:1: error: return type defaults to 'int' [-Wimplicit-int]
conftest.c:47:1: error: return type defaults to 'int' [-Wimplicit-int]
conftest.c:50:17: error: implicit declaration of function 'exit' [-Wimplicit-function-declaration]
conftest.c:50:17: warning: incompatible implicit declaration of built-in function 'exit' [-Wbuiltin-declaration-mismatch]
conftest.c:53:9: error: implicit declaration of function 'msem_init' [-Wimplicit-function-declaration]
conftest.c:54:9: error: implicit declaration of function 'msem_lock' [-Wimplicit-function-declaration]
conftest.c:55:9: error: implicit declaration of function 'msem_unlock' [-Wimplicit-function-declaration]
conftest.c:56:9: error: implicit declaration of function 'exit' [-Wimplicit-function-declaration]
conftest.c:56:9: warning: incompatible implicit declaration of built-in function 'exit' [-Wbuiltin-declaration-mismatch]
conftest.c:50:9: error: implicit declaration of function '_spin_lock_try' [-Wimplicit-function-declaration]
conftest.c:51:9: error: implicit declaration of function '_spin_unlock' [-Wimplicit-function-declaration]
* I have noticed this on db-native build on host with gcc-14
where it caused fatal do_configure error:
http://errors.yoctoproject.org/Errors/Details/784164/
checking for mutexes... UNIX/fcntl
configure: error: Support for FCNTL mutexes was removed in BDB 4.8.
the config.log confirms it's because implicit-int:
configure:22798: checking for mutexes
configure:22925: gcc -o conftest -isystem/OE/build/oe-core/tmp-glibc/work/x86_64-linux/db-native/5.3.28/recipe-sysroot-native/usr/include -O2 -pipe -isystem/OE/build/oe-core/tmp-glibc/work/x86_64-linux/db-native/5.3.28/recipe-sysroot-native/usr/include -D_GNU_SOURCE -D_REENTRANT -L/OE/build/oe-core/tmp-glibc/work/x86_64-linux/db-native/5.3.28/recipe-sysroot-native/usr/lib -L/OE/build/oe-core/tmp-glibc/work/x86_64-linux/db-native/5.3.28/recipe-sysroot-native/lib -Wl,--enable-new-dtags -Wl,-rpath-link,/OE/build/oe-core/tmp-glibc/work/x86_64-linux/db-native/5.3.28/recipe-sysroot-native/usr/lib -Wl,-rpath-link,/OE/build/oe-core/tmp-glibc/work/x86_64-linux/db-native/5.3.28/recipe-sysroot-native/lib -Wl,-rpath,/OE/build/oe-core/tmp-glibc/work/x86_64-linux/db-native/5.3.28/recipe-sysroot-native/usr/lib -Wl,-rpath,/OE/build/oe-core/tmp-glibc/work/x86_64-linux/db-native/5.3.28/recipe-sysroot-native/lib -Wl,-O1 conftest.c -lpthread >&5
conftest.c:47:1: error: return type defaults to 'int' [-Wimplicit-int]
47 | main() {
| ^~~~
configure:22925: $? = 1
configure: program exited with status 1
* comparing target db with and without this change shows following diff
in log.do_configure:
db $ diff 5.3.28*/temp/log.do_configure
268c268
< checking for mutexes... POSIX/pthreads/library
---
> checking for mutexes... POSIX/pthreads/library/x86_64/gcc-assembly
271c271
< checking for atomic operations... no
---
> checking for atomic operations... x86/gcc-assembly
(From OE-Core rev: 4d3ce333c10fadf746b6d8b55a88777c97e11ffa)
(From OE-Core rev: 277b5ec3c0212ca8600dd89d0a33f784a060131f)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6108da955e7c553247ff5356cf1c990b3d334edf)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Update to the 4.0.28 release of the 4.0 series for buildtools
(From OE-Core rev: 8e59118164d6468443db211d9ade058402f21add)
Signed-off-by: Aleksandar Nikolic <aleksandar.nikolic@zeiss.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Below commits on glibc-2.35 stable branch are updated.
git log --oneline d2febe7c407665c18cfea1930c65f41899ab3aa3..80401002011f470d9c6eb604bf734715e9b3a8c2
8040100201 Fix error reporting (false negatives) in SGID tests
c6ec750be5 support: Pick group in support_capture_subprogram_self_sgid if UID == 0
c9e44b6467 support: Don't fail on fchown when spawning sgid processes
621c65ccf1 elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static
c7ff2bc297 Revert "elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static"
8624f6431b elf: Fix subprocess status handling for tst-dlopen-sgid (bug 32987)
ed10034f00 elf: Test case for bug 32976 (CVE-2025-4802)
08aea7712d support: Add support_record_failure_barrier
901e24b128 support: Use const char * argument in support_capture_subprogram_self_sgid
bff3b0f16c elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static
Dropped :
0025-CVE-2025-4802.patch
ed10034f00 elf: Test case for bug 32976 (CVE-2025-4802)
Test results:
Before after diff
PASS 4833 4839 +6
XPASS 6 6 0
FAIL 133 130 -3
XFAIL 16 16 0
UNSUPPORTED 200 197 -3
Following commits improved test results:
8040100201 Fix error reporting (false negatives) in SGID tests
Improved SGID test handling by unifying error reporting and using secure temporary directories.
Replaced non-standard exit codes and fixed premature exits to avoid masking failures.
These changes reduced false negatives, increasing overall test pass rates.
8624f6431b elf: Fix subprocess status handling for tst-dlopen-sgid (bug 32987)
Fixed tst-dlopen-sgid false positives by correctly handling subprocess exit status (bug 32987).
Ensured test fails on abnormal or non-zero child exits.
This commit restores reliability in SGID testing and is the first step toward centralized SGID test error handling.
UNSUPPORTED tests changes
-UNSUPPORTED: elf/tst-env-setuid
-UNSUPPORTED: elf/tst-env-setuid-tunables
-UNSUPPORTED: stdlib/tst-secure-getenv
FAILed tests changes
-FAIL: elf/tst-dlopen-sgid
-FAIL: misc/tst-error1
-FAIL: resolv/tst-resolv-aliases
PASSed tests changes
+PASS: elf/tst-env-setuid
+PASS: elf/tst-env-setuid-tunables
+PASS: stdlib/tst-secure-getenv
+PASS: elf/tst-dlopen-sgid
+PASS: misc/tst-error1
+PASS: resolv/tst-resolv-aliases
(From OE-Core rev: 2ea1d2d9bc6d173a8a586542d47a7f8a443d24c1)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The previous fix for CVE-2024-43398 did not include patches
to provide context for the changes it made.
This caused an exception at run-time when ruby parsed
rexml/parsers/baseparser.rb. This was first observed when using
ruby-native to build the sdformat recipe.
With these additional backports, the sdformat build proceeds
successfully. The REXML library was also tested manually on-target
with a script that used REXML::Document.new file to parse an
XML file.
(From OE-Core rev: 6bf00fde2d4043c6b558733a33041ce5694342d3)
Signed-off-by: Rob Woolley <rob.woolley@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
These two CVEs were fixed via the 5.0.3 release, and the
backported patches that fixed them were subsequently left
behind (although not deleted) by dadb16481810 ("ffmpeg:
upgrade 5.0.1 -> 5.0.3")
* CVE-2022-3109: An issue was discovered in the FFmpeg
package, where vp3_decode_frame in libavcodec/vp3.c lacks
check of the return value of av_malloc() and will cause a
null pointer dereference, impacting availability.
* CVE-2022-3341: A null pointer dereference issue was
discovered in 'FFmpeg' in decode_main_header() function of
libavformat/nutdec.c file. The flaw occurs because the
function lacks check of the return value of
avformat_new_stream() and triggers the null pointer
dereference error, causing an application to crash.
`bitbake ffmpeg` reports these two as "Unpatched".
Ignore them for now, until the NVD updates the versions where
these do not affect anymore.
(From OE-Core rev: 78aef4b1002c515aa2c1a64fea5bb013c9bc86a8)
Signed-off-by: Daniel Díaz <daniel.diaz@sonos.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
