mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-01-29 21:08:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
484d31c23d941f1bb9d084a21148ae17aeacea80
poky/meta/recipes-devtools/binutils/binutils-2.38.inc
Peter Marko 484d31c23d binutils: patch CVE-2025-11413 
Pick commit per NVD CVE report.

Note that there were two patches for this, first [1] and then [2].
The second patch moved the original patch to different location.
Cherry-pick of second patch is successful leaving out the code removing
the code from first location, so the patch attached here is not
identical to the upstream commit but is identical to applying both and
merging them to a single patch.

[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=1108620d7a521f1c85d2f629031ce0fbae14e331
[2] https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=72efdf166aa0ed72ecc69fc2349af6591a7a19c0

(From OE-Core rev: 98df728e6136d04af0f4922b7ffbeffb704de395)

(From OE-Core rev: 8d1a830c713a299f67fc512ed8bc0be21be4b9f0)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-11-06 07:14:05 -08:00

91 lines
3.8 KiB
PHP
Raw Blame History

LIC_FILES_CHKSUM="\
file://COPYING;md5=59530bdf33659b29e73d4adb9f9f6552\
file://COPYING.LIB;md5=9f604d8a4f8e74f4f5140845a21b6674\
file://COPYING3;md5=d32239bcb673463ab874e80d47fae504\
file://COPYING3.LIB;md5=6a6a8e020838b23406c81b19c1d46df6\
file://gas/COPYING;md5=d32239bcb673463ab874e80d47fae504\
file://include/COPYING;md5=59530bdf33659b29e73d4adb9f9f6552\
file://include/COPYING3;md5=d32239bcb673463ab874e80d47fae504\
file://libiberty/COPYING.LIB;md5=a916467b91076e631dd8edb7424769c7\
file://bfd/COPYING;md5=d32239bcb673463ab874e80d47fae504\
"
# When upgrading to 2.39, please make sure there is no trailing .0, so
# that upstream version check can work correctly.
PV = "2.38"
CVE_VERSION = "2.38"
SRCBRANCH ?= "binutils-2_38-branch"
UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P<pver>\d+_(\d_?)*)"
SRCREV ?= "9bee8d65d32ac1480997c13ce76ae7991180f1ed"
BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${SRCBRANCH};protocol=git"
SRC_URI = "\
${BINUTILS_GIT_URI} \
file://0004-Point-scripts-location-to-libdir.patch \
file://0005-Only-generate-an-RPATH-entry-if-LD_RUN_PATH-is-not-e.patch \
file://0006-don-t-let-the-distro-compiler-point-to-the-wrong-ins.patch \
file://0007-warn-for-uses-of-system-directories-when-cross-linki.patch \
file://0008-fix-the-incorrect-assembling-for-ppc-wait-mnemonic.patch \
file://0009-Use-libtool-2.4.patch \
file://0010-Fix-rpath-in-libtool-when-sysroot-is-enabled.patch \
file://0011-sync-with-OE-libtool-changes.patch \
file://0012-Check-for-clang-before-checking-gcc-version.patch \
file://0013-Avoid-as-info-race-condition.patch \
file://0014-CVE-2019-1010204.patch \
file://0015-CVE-2022-38533.patch \
file://0016-CVE-2022-35205.patch \
file://0017-CVE-2022-38127-1.patch \
file://0017-CVE-2022-38127-2.patch \
file://0017-CVE-2022-38127-3.patch \
file://0017-CVE-2022-38127-4.patch \
file://0018-CVE-2022-38128-1.patch \
file://0018-CVE-2022-38128-2.patch \
file://0018-CVE-2022-38128-3.patch \
file://0019-CVE-2022-4285.patch \
file://0020-CVE-2023-22608-1.patch \
file://0020-CVE-2023-22608-2.patch \
file://0020-CVE-2023-22608-3.patch \
file://0021-CVE-2023-1579-1.patch \
file://0021-CVE-2023-1579-2.patch \
file://0021-CVE-2023-1579-3.patch \
file://0021-CVE-2023-1579-4.patch \
file://0022-CVE-2023-25584-1.patch \
file://0022-CVE-2023-25584-2.patch \
file://0022-CVE-2023-25584-3.patch \
file://0023-CVE-2023-25585.patch \
file://0026-CVE-2023-1972.patch \
file://0025-CVE-2023-25588.patch \
file://0027-CVE-2022-47008.patch \
file://0028-CVE-2022-47011.patch \
file://0029-CVE-2022-48065-1.patch \
file://0029-CVE-2022-48065-2.patch \
file://0029-CVE-2022-48065-3.patch \
file://0030-CVE-2022-44840.patch \
file://0031-CVE-2022-45703-1.patch \
file://0031-CVE-2022-45703-2.patch \
file://0031-CVE-2022-47695.patch \
file://CVE-2022-48063.patch \
file://0032-CVE-2022-47010.patch \
file://0033-CVE-2022-47007.patch \
file://0034-CVE-2022-48064.patch \
file://0035-CVE-2023-39129.patch \
file://0036-CVE-2023-39130.patch \
file://0037-CVE-2024-53589.patch \
file://0038-CVE-2025-0840.patch \
file://0039-CVE-2025-1178.patch \
file://0040-CVE-2025-1180.patch \
file://0040-CVE-2025-1182.patch \
file://0041-CVE-2025-5244.patch \
file://0042-CVE-2025-5245.patch \
file://0043-CVE-2025-7546.patch \
file://0043-CVE-2025-7545.patch \
file://0044-CVE-2025-11082.patch \
file://0045-CVE-2025-11083.patch \
file://0046-CVE-2025-11081.patch \
file://0047-CVE-2025-8225.patch \
file://CVE-2025-11412.patch \
file://CVE-2025-11413.patch \
"
S = "${WORKDIR}/git"
Reference in New Issue View Git Blame Copy Permalink