mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-27 03:32:12 +02:00
Code Issues Packages Projects Releases Wiki Activity
69,317 Commits 38 Branches 623 Tags
caac6c06bbeff7691f4f26c1d41e94de3d3c1c9a
Commit Graph

29 Commits

Author SHA1 Message Date
Changqing Li
65b1587627 libsoup-2.4: fix CVE-2025-4945 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/448

(From OE-Core rev: 2169742d4b88f9072501819b5842efbed04939f2)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-07-14 08:37:40 -07:00
Changqing Li
bfcca9e202 libsoup-2.4: refresh CVE-2025-4969.patch 
refresh CVE-2025-4969.patch to fix the following build failure for
libsoup-2.4-native on fedora40/41:

../libsoup-2.74.3/tests/multipart-test.c:578:63: error: passing argument 2 of ‘soup_multipart_new_from_message’ from incompatible pointer type [-Wincompatible-pointer-types]
  578 |         multipart = soup_multipart_new_from_message (headers, bytes);
      |                                                               ^~~~~
      |                                                               |
      |                                                               GBytes * {aka struct _GBytes *}

(From OE-Core rev: 4a0135992778110f2b523f436538c1197ef971b8)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-07-14 08:37:40 -07:00
Changqing Li
b4284b3eb2 libsoup-2.4: fix CVE-2025-4476 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/440

(From OE-Core rev: 2be01469687f30f33b768164f66916b081cc8c62)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-25 08:11:58 -07:00
Changqing Li
09407f375d libsoup-2.4: fix CVE-2025-4948 
Refer:
http://gitlab.gnome.org/GNOME/libsoup/-/issues/449

(From OE-Core rev: d5af0295d26f8967dfe49a53ffa6f275e249d087)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-25 08:11:58 -07:00
Changqing Li
3aa44948cb libsoup-2.4: fix CVE-2025-46421 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/439

(From OE-Core rev: 33bf900bcb563c5769b75e69059751f969a8771f)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-25 08:11:58 -07:00
Changqing Li
6a19b931f0 libsoup-2.4: fix CVE-2025-32907 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/428

(From OE-Core rev: e6d9dd16d9b70cc8d3a9ca8b2fc542d547b456b9)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-25 08:11:57 -07:00
Hitendra Prajapati
467cc32439 libsoup-2.4: Fix CVE-2025-4969 
Upstream-Status: Backport from 07b94e27af

(From OE-Core rev: 5a6af5bcbe45184e7ac0535549c25cbe64113ba7)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-25 08:11:57 -07:00
Vijay Anusuri
dd4d1b28e3 libsoup-2.4: Fix CVE-2025-32053 
Upstream-Status: Backport
[eaed42ca8d]

(From OE-Core rev: a563a644fcdb556d904c3c391fbf9435fcd4bdf0)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-20 08:06:29 -07:00
Vijay Anusuri
4976dc40af libsoup-2.4: Fix CVE-2025-32052 
Upstream-Status: Backport
[f182429e5b]

(From OE-Core rev: ab4d381f1cfd8613c23da514a0786a7505579203)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-20 08:06:29 -07:00
Vijay Anusuri
ca51d99bf3 libsoup-2.4: Fix CVE-2025-32050 
Upstream-Status: Backport
[9bb0a55de5]

(From OE-Core rev: c5afbcf487cb7331f641c4dd2c7a972b4cd3c787)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-20 08:06:29 -07:00
Vijay Anusuri
f49fc9966d libsoup-2.4: Fix CVE-2025-2784 
Upstream-Status: Backport
[242a10fbb1
&
c415ad0b67]

https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/435

(From OE-Core rev: 5cea727e87489b144cba9b2aa491d0c90f34f93d)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-20 08:06:29 -07:00
Vijay Anusuri
9a368c7b92 libsoup-2.4: Backport auth tests for CVE-2025-32910 
libsoup-2.74.2/tests/auth-test.c:1554:39: error: unknown type name 'SoupServerMessage'; did you mean 'SoupServerClass'?

Fix auth-test.c compilation failure caused by CVE-2025-32910 patch

Link: 9af7d0fc75

(From OE-Core rev: 05d14768b5edf41c89b05725e06fd86b5376e6fd)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 08:42:34 -07:00
Vijay Anusuri
ef632f4693 libsoup-2.4: Fix CVE-2025-32914 
import patch from debian to fix
 CVE-2025-32914

Upstream-Status: Backport [import from debian https://salsa.debian.org/gnome-team/libsoup/-/tree/debian/bullseye/debian/patches?ref_type=heads
Upstream commit 5bfcf81575]

Reference:
https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/450
https://security-tracker.debian.org/tracker/CVE-2025-32914

(From OE-Core rev: 8996e178264cf6bf9b69365172f43a5ee8e9f727)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-05-28 08:46:32 -07:00
Vijay Anusuri
cbbea14280 libsoup-2.4: Fix CVE-2025-32912 
Upstream-Status: Backport from
cd077513f2
& 910ebdcd3d

(From OE-Core rev: e66218f6cda7de046bace6880ea5052900fd6605)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-05-28 08:46:32 -07:00
Vijay Anusuri
d8278fd9f9 libsoup-2.4: Fix CVE-2025-32911 & CVE-2025-32913 
Upstream-Status: Backport from
7b4ef0e004
& f4a761fb66

(From OE-Core rev: ff1896b14347c7b4a166716338d3822da97be2e4)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-05-28 08:46:32 -07:00
Vijay Anusuri
21bb9c063b libsoup-2.4: Fix CVE-2025-32910 
import patch from debian to fix
 CVE-2025-32910

Upstream-Status: Backport [import from debian https://salsa.debian.org/gnome-team/libsoup/-/tree/debian/bullseye/debian/patches?ref_type=heads
Upstream commit e40df6d48a
&
405a8a3459
&
ea16eeacb0]

Reference:
https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/417
https://security-tracker.debian.org/tracker/CVE-2025-32910

(From OE-Core rev: b65e3d3a4dc2375d9bb81c7a91c84139cc667a47)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-05-28 08:46:32 -07:00
Ashish Sharma
0f58759f1b libsoup-2.4: Fix CVE-2025-46420 
Upstream-Status: Backport [c9083869ec]

(From OE-Core rev: f0d5d13b0b7b2cf3f60c85b0c135fd948c648256)

Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-05-28 08:46:32 -07:00
Vijay Anusuri
e07ed2059c libsoup-2.4: Fix CVE-2025-32909 
Upstream-Status: Backport from https://gitlab.gnome.org/GNOME/libsoup/-/comm
it/ba4c3a6f988beff59e45801ab36067293d24ce92

(From OE-Core rev: ad1244ee75b4169eab21c2c8744b86342b32dd07)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-05-16 08:58:06 -07:00
Vijay Anusuri
6b27d84c2c libsoup-2.4: Fix CVE-2025-32906 
Upstream-Status: Backport from
1f509f31b6
& af5b9a4a39

(From OE-Core rev: 2b938dd6beb1badca59804ffbe395deb679bc1b1)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-05-16 08:58:06 -07:00
Vijay Anusuri
02c2876c5e libsoup-2.4: Update fix CVE-2024-52532 
Upstream-Status: Backport from 4c9e75c667

(From OE-Core rev: 144d067ed5b98b8ca477a6a0e8c958c0b15e9643)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-05-16 08:58:06 -07:00
Vijay Anusuri
880002d47c libsoup-2.4: Backport fix for CVE-2024-52531 
import patch from ubuntu to fix
 CVE-2024-52531

Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/libsoup2.4/tree/debian/patches?h=ubuntu/jammy-security
Upstream commit
a35222dd0b
&
825fda3425]

Reference:
https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407/
https://ubuntu.com/security/CVE-2024-52531

(From OE-Core rev: 763af055ccb1cbcc4f8fa0944815ec02e3bff87c)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2024-12-09 07:54:03 -08:00
Vijay Anusuri
c1d55bc349 libsoup-2.4: Backport fix for CVE-2024-52530 and CVE-2024-52532 
Upstream-Status: Backport from
04df03bc09
&
6adc0e3eb7
& 29b96fab25

(From OE-Core rev: 87b0badcb1d10eddae31ac7b282a4e44778d63af)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2024-11-27 06:27:25 -08:00
Guocai He
2b5ca6638e libsoup: fix compile error on centos7 
Backport a patch [1] to fix the below build failure.

FAILED: libsoup/libsoup-2.4.so.1.11.0.p/soup-address.c.o
In file included from /usr/include/glib-2.0/gio/gnetworking.h:40,
                 from ../libsoup-2.72.0/libsoup/soup-address.c:14:
/usr/include/resolv.h:75:15: error: unknown type name ‘u_char’
         const u_char **__query,
               ^~~~~~

[1] 5c3d431bdb

(From OE-Core rev: 963085afced737863cf4ff8515a1cf08365d5d87)

Signed-off-by: Guocai He <guocai.he.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2024-08-28 06:49:22 -07:00
Alexander Kanavin
6417746ccd libsoup-2.4: update to 2.68.3 
Drop backported patch.

tls-check merely checks at configure time whether glib-networking has tls
support enabled (by running a target executable which doesn't work for us);
it does not affect the actual build.

(From OE-Core rev: 2537fcf3143153e272630c42fc1d7ce85b463590)

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2019-12-09 12:00:42 +00:00
Ross Burton
0d3a95b64d libsoup: update patch upstream status 
This has been merged to master now, so mark as a backport.

(From OE-Core rev: bf8a5c92f2c2a40150159b811fa9d0a12919d43e)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2019-11-14 13:20:59 +00:00
Alistair Francis
dfd5d84ecf libsoup: Upgrade from 2.64.2 to 2.66.1 
(From OE-Core rev: 8e9e352a0c16296cd8a530a8bccfa138b9f04040)

Signed-off-by: Alistair Francis <alistair@alistair23.me>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2019-04-29 14:16:30 +01:00
Alexander Kanavin
46c4856377 libsoup-2.4: convert from autotools to meson 
(From OE-Core rev: df6dbc1ba37937c3338f6d842af99f1f1c1a626d)

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2019-02-19 16:14:57 +00:00
Ross Burton
d89034988e libsoup: upgrade to 2.62.3 
Freeze-breaking upgrade for a security bug fix involving cookie URLs, and a
number of static analysis fixes.

Drop CVE-2018-12910.patch as this is merged in 2.62.3.

(From OE-Core rev: a8098782fab87498026a09c06716b631c77c5ad6)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-10-09 19:04:02 +01:00
Ross Burton
4205e87a77 libsoup: fix CVE-2018-12910 
(From OE-Core rev: 112683815ed1f63a96e845f264a2fd3390c6d01b)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-06-29 11:07:45 +01:00