Pick fix commit from PR linked in NVD report.
(From OE-Core rev: e3c0ac137e50d35e83e8e4ed2c4e09f2eb9d3bca)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
This is CVE for example tool contrib/untgz.
This is not compiled in Yocto zlib recipe.
This CVE has controversial CVSS3 score of 9.8.
(From OE-Core rev: 1bdcd62d34b0b060b0e1e5142c5f3e7075f21cc2)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
glib-networking's OpenSSL backend fails to properly check the return
value of memory allocation routines. An out of memory condition could
potentially result in writing to an invalid memory location.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-60019
Upstream-patch:
70df675dd4
(From OE-Core rev: eda5838fcbb8c725e6e39d6e72b63c33f6c44446)
Signed-off-by: Rajeshkumar Ramasamy <rajeshkumar.ramasamy@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
To facilitate a clean backport of the full 10-commit series
addressing the pthread condition variable lost wakeup issue
(BZ#25847) in glibc 2.35, remove the existing 8 patches that
were applied as a partial backport.
The previous partial backport excluded commit:
c36fc50781995e6758cae2b6927839d0157f213c ("nptl: Remove
g_refs from condition variables") based on guidance from
glibc maintainer Florian Weimer(#comment #74)
This exclusion was recommended for stable branches to
avoid altering the layout of pthread_cond_t, which could
introduce ABI incompatibilities. Additionally, the dependent
commit dbc5a50d12eff4cb3f782129029d04b8a76f58e7 was not needed
in the partial backport.
To align with upstream mainline, per maintainer Carlos O'Donell
(comment #75), apply the complete 10-commit series for consistency.
By removing these patches first, we ensure the subsequent
application of the full 10 commits results in cleaner, more
reviewable changes without intermixed conflicts or overlaps.
Removed patches and corresponding upstream commits:
- 0026-PR25847-1.patch: 1db84775f831a1494993ce9c118deaf9537cc50a
- 0026-PR25847-2.patch: 0cc973160c23bb67f895bc887dd6942d29f8fee3
- 0026-PR25847-3.patch: b42cc6af11062c260c7dfa91f1c89891366fed3e
- 0026-PR25847-4.patch: 4f7b051f8ee3feff1b53b27a906f245afaa9cee1
- 0026-PR25847-5.patch: 929a4764ac90382616b6a21f099192b2475da674
- 0026-PR25847-6.patch: ee6c14ed59d480720721aaacc5fb03213dc153da
- 0026-PR25847-7.patch: 4b79e27a5073c02f6bff9aa8f4791230a0ab1867
- 0026-PR25847-8.patch: 91bb902f58264a2fd50fbce8f39a9a290dd23706
Bug reference: https://sourceware.org/bugzilla/show_bug.cgi?id=25847
This change prepares the branch for the full backport in follow-up commits.
(From OE-Core rev: 9881dd70305b87945e9649d744bcbc40a1a7b780)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Do not build translations when NLS is disabled.
(From OE-Core rev: 83795ef6c3fa12a863cd20b7ec1a2607606987b6)
This change corresponds to upstream d848b454e6
from master .
Since the systemd version are different between master & kirkstone
applied the patch manually
(From OE-Core rev: 4b612ae7cbdc8327765c34d0e64fa8e0564891d4)
Signed-off-by: Philip Lorenz <philip.lorenz@bmw.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: AshishKumar Mishra <emailaddress.ashish@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick commit mentioning this CVE.
Additionally fix test broken by the CVE fix.
(From OE-Core rev: 137299edbc47e8a57173ef3c22bcb719d48d5302)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The previous fix missed another cherry-pick that fixed building
manpages after the coredump patch. The version-info.xml file doesn't
exist in 250. It was introduced later, so remove the reference to
it.
(From OE-Core rev: 0a383ef579ffe5f5c4ef2c78040540f1332e4ea6)
Signed-off-by: Daniel McGregor <daniel.mcgregor@vecima.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This is a single commit bump containing only CVE fix
$ git log --oneline d80401002011f470d9c6eb604bf734715e9b3a8c..a66bc3941ff298e474d5f02d0c3303401951141f
a66bc3941f posix: Fix double-free after allocation failure in regcomp (bug 33185)
Test results didn't change except newly added test succeeding.
(tst-regcomp-bracket-free)
Also add CVE-2025-0395 ignore which was already included in previous
hash bumps.
Also drop an unreferenced patch.
(From OE-Core rev: 3921549f6420e44a250d06cdef2c9d423fb6e39f)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick commit referencing this CVE from 2.13 branch.
(From OE-Core rev: 9418c88c964dffc21abe6a056db72c3c81e25137)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
CVE patch [1] as mentioned in [2] relies on several patches not yet
available in version 2020.81 we have in kirkstone.
The good folks from Debian did the hard work identifying them as they
have the same version in bullseye release.
The commits were picked from [3] and they have their references to
dropbear upstream commits.
[1] e5a0ef27c2
[2] https://security-tracker.debian.org/tracker/CVE-2025-47203
[3] 7f48e75892
(From OE-Core rev: 91eeffaf14917c7c994a8de794b915231e69c5d6)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Below commits on glibc-2.35 stable branch are updated.
git log --oneline d2febe7c407665c18cfea1930c65f41899ab3aa3..80401002011f470d9c6eb604bf734715e9b3a8c2
8040100201 Fix error reporting (false negatives) in SGID tests
c6ec750be5 support: Pick group in support_capture_subprogram_self_sgid if UID == 0
c9e44b6467 support: Don't fail on fchown when spawning sgid processes
621c65ccf1 elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static
c7ff2bc297 Revert "elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static"
8624f6431b elf: Fix subprocess status handling for tst-dlopen-sgid (bug 32987)
ed10034f00 elf: Test case for bug 32976 (CVE-2025-4802)
08aea7712d support: Add support_record_failure_barrier
901e24b128 support: Use const char * argument in support_capture_subprogram_self_sgid
bff3b0f16c elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static
Dropped :
0025-CVE-2025-4802.patch
ed10034f00 elf: Test case for bug 32976 (CVE-2025-4802)
Test results:
Before after diff
PASS 4833 4839 +6
XPASS 6 6 0
FAIL 133 130 -3
XFAIL 16 16 0
UNSUPPORTED 200 197 -3
Following commits improved test results:
8040100201 Fix error reporting (false negatives) in SGID tests
Improved SGID test handling by unifying error reporting and using secure temporary directories.
Replaced non-standard exit codes and fixed premature exits to avoid masking failures.
These changes reduced false negatives, increasing overall test pass rates.
8624f6431b elf: Fix subprocess status handling for tst-dlopen-sgid (bug 32987)
Fixed tst-dlopen-sgid false positives by correctly handling subprocess exit status (bug 32987).
Ensured test fails on abnormal or non-zero child exits.
This commit restores reliability in SGID testing and is the first step toward centralized SGID test error handling.
UNSUPPORTED tests changes
-UNSUPPORTED: elf/tst-env-setuid
-UNSUPPORTED: elf/tst-env-setuid-tunables
-UNSUPPORTED: stdlib/tst-secure-getenv
FAILed tests changes
-FAIL: elf/tst-dlopen-sgid
-FAIL: misc/tst-error1
-FAIL: resolv/tst-resolv-aliases
PASSed tests changes
+PASS: elf/tst-env-setuid
+PASS: elf/tst-env-setuid-tunables
+PASS: stdlib/tst-secure-getenv
+PASS: elf/tst-dlopen-sgid
+PASS: misc/tst-error1
+PASS: resolv/tst-resolv-aliases
(From OE-Core rev: 2ea1d2d9bc6d173a8a586542d47a7f8a443d24c1)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
