Adarsh Jagadish Kamini 48269c1e3f binutils: mark CVE-2025-69650 and CVE-2025-69651 as disputed ...

Both CVEs are disputed by third parties. The observed behavior
(double free / invalid pointer free in readelf) only occurred in
pre-release code and did not affect any tagged version [1][2].

CVE_STATUS[CVE-2025-69650] = "disputed: observed behavior only in pre-release code, does not affect any tagged version"
CVE_STATUS[CVE-2025-69651] = "disputed: observed behavior only in pre-release code, does not affect any tagged version"

[1] https://www.cve.org/CVERecord?id=CVE-2025-69650
[2] https://www.cve.org/CVERecord?id=CVE-2025-69651

(From OE-Core rev: 55a0d8abad8a81f7d900557c2eb2d9327ee115df)

Signed-off-by: Adarsh Jagadish Kamini <adarsh.jagadish.kamini@est.tech>
(cherry picked from commit 9c6df56fe18237880c391798c2083dca595566f4)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>

2026-05-04 13:57:31 +01:00

..

binutils

binutils: fix CVE-2025-11840

2025-12-31 07:49:31 -08:00

binutils_2.42.bb

binutils: Add missing perl modules to RDEPENDS for nativesdk variant

2024-11-18 06:59:35 -08:00

binutils-2.42.inc

binutils: mark CVE-2025-69650 and CVE-2025-69651 as disputed

2026-05-04 13:57:31 +01:00

binutils-cross_2.42.bb

binutils: Upgrade to binutils 2.42

2024-02-05 14:06:10 +00:00

binutils-cross-canadian_2.42.bb

binutils: Upgrade to binutils 2.42

2024-02-05 14:06:10 +00:00

binutils-cross-canadian.inc

gcc/go: Drop crosssdk suffix from virtual provides to improve dependency handling

2023-05-02 10:24:50 +01:00

binutils-cross-testsuite_2.42.bb

binutils: Upgrade to binutils 2.42

2024-02-05 14:06:10 +00:00

binutils-cross.inc

binutils-cross: Disable gprofng for when building cross binutils

2022-08-21 22:51:41 +01:00

binutils-crosssdk_2.42.bb

binutils: Upgrade to binutils 2.42

2024-02-05 14:06:10 +00:00

binutils.inc

binutils: move packaging of gprofng static lib into common .inc

2023-06-13 22:10:32 +01:00