<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/poky.git/meta/recipes-devtools/elfutils/files, branch kirkstone</title>
<subtitle>Mirror of git.yoctoproject.org/poky</subtitle>
<id>https://git.enea.com/cgit/linux/poky.git/atom?h=kirkstone</id>
<link rel='self' href='https://git.enea.com/cgit/linux/poky.git/atom?h=kirkstone'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/'/>
<updated>2025-11-24T14:57:39+00:00</updated>
<entry>
<title>elfutils: Fix CVE-2025-1377</title>
<updated>2025-11-24T14:57:39+00:00</updated>
<author>
<name>Soumya Sambu</name>
<email>soumya.sambu@windriver.com</email>
</author>
<published>2025-11-14T12:19:41+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=36037789d23df9db38fbbe5351d1a25fbe85e61d'/>
<id>urn:sha1:36037789d23df9db38fbbe5351d1a25fbe85e61d</id>
<content type='text'>
A vulnerability, which was classified as problematic, has been found in GNU elfutils
0.192. This issue affects the function gelf_getsymshndx of the file strip.c of the
component eu-strip. The manipulation leads to denial of service. The attack needs to
be approached locally. The exploit has been disclosed to the public and may be used.
The identifier of the patch is fbf1df9ca286de3323ae541973b08449f8d03aba. It is
recommended to apply a patch to fix this issue.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-1377

Upstream patch:
https://sourceware.org/git/?p=elfutils.git;a=commit;h=fbf1df9ca286de3323ae541973b08449f8d03aba

(From OE-Core rev: e4e8392e688ceb0d8e68fe48118383c031178b5e)

Signed-off-by: Soumya Sambu &lt;soumya.sambu@windriver.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>elfutils: Fix CVE-2025-1376</title>
<updated>2025-11-24T14:57:39+00:00</updated>
<author>
<name>Soumya Sambu</name>
<email>soumya.sambu@windriver.com</email>
</author>
<published>2025-11-14T12:19:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=7dd51aea98fbf282536ae4f78a86ae4b63e5a1dc'/>
<id>urn:sha1:7dd51aea98fbf282536ae4f78a86ae4b63e5a1dc</id>
<content type='text'>
A vulnerability classified as problematic was found in GNU elfutils 0.192. This
vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c
of the component eu-strip. The manipulation leads to denial of service. It is
possible to launch the attack on the local host. The complexity of an attack is
rather high. The exploitation appears to be difficult. The exploit has been
disclosed to the public and may be used. The name of the patch is
b16f441cca0a4841050e3215a9f120a6d8aea918. It is recommended to apply a patch to
fix this issue.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-1376

Upstream patch:
https://sourceware.org/git/?p=elfutils.git;a=commit;h=b16f441cca0a4841050e3215a9f120a6d8aea918

(From OE-Core rev: 1126e5c1e63b876499c78ac403d1327645edf1c7)

Signed-off-by: Soumya Sambu &lt;soumya.sambu@windriver.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>elfutils: Fix multiple CVEs</title>
<updated>2025-03-04T16:46:02+00:00</updated>
<author>
<name>Hitendra Prajapati</name>
<email>hprajapati@mvista.com</email>
</author>
<published>2025-02-28T06:14:11+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=9c934f60ce05ba23e9ecaa1e5d540b3baae9a540'/>
<id>urn:sha1:9c934f60ce05ba23e9ecaa1e5d540b3baae9a540</id>
<content type='text'>
Backport fixes for:

* CVE-2025-1352 - Upstream-Status: Backport from https://sourceware.org/git/?p=elfutils.git;a=commit;h=2636426a091bd6c6f7f02e49ab20d4cdc6bfc753
* CVE-2025-1372 - Upstream-Status: Backport from https://sourceware.org/git/?p=elfutils.git;a=commit;h=73db9d2021cab9e23fd734b0a76a612d52a6f1db

(From OE-Core rev: 8ea258ad9c83be5d9548a796f7dda4ac820fc435)

Signed-off-by: Hitendra Prajapati &lt;hprajapati@mvista.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>elfutils: update patch submitted upstream</title>
<updated>2021-12-17T09:56:14+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alex.kanavin@gmail.com</email>
</author>
<published>2021-12-15T22:40:12+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=1f1f12feca749b0f3b1b67ea188a14db7e86e47e'/>
<id>urn:sha1:1f1f12feca749b0f3b1b67ea188a14db7e86e47e</id>
<content type='text'>
As that's what upstream prefers.

(From OE-Core rev: 5a6cd9cc1b9d8fd3607f3df311accb483d2989a3)

Signed-off-by: Alexander Kanavin &lt;alex@linutronix.de&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>elfutils: submit patch upstream</title>
<updated>2021-11-25T21:55:10+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alex.kanavin@gmail.com</email>
</author>
<published>2021-11-24T08:08:19+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=e6f91350d1e2b1dd527a3d25150cb0cd2f24ec82'/>
<id>urn:sha1:e6f91350d1e2b1dd527a3d25150cb0cd2f24ec82</id>
<content type='text'>
(From OE-Core rev: a71a527ecf198e2e3712ed9608b74e78e09ece0f)

Signed-off-by: Alexander Kanavin &lt;alex@linutronix.de&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>elfutils: update 0.185 -&gt; 0.186</title>
<updated>2021-11-25T21:55:10+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alex.kanavin@gmail.com</email>
</author>
<published>2021-11-24T08:08:10+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=5185608b6012f8fcf5945a7b3e11b1a22376c0a3'/>
<id>urn:sha1:5185608b6012f8fcf5945a7b3e11b1a22376c0a3</id>
<content type='text'>
Drop glibc-2.34-fix.patch merged upstream.

Rework support for error() on non-glibc targets:
upstream now provides its own implementation, so we can drop
the patch that adds ours; said implementation isn't
build-tested with tests, so ptest has to be disabled on musl.
This, in turns, allows dropping 0004-Fix-error-on-musl.patch.

License-Update: copyright years
(From OE-Core rev: 9c51ae20c0e4c0d3e7161fc6b51fca078dbf014a)

Signed-off-by: Alexander Kanavin &lt;alex@linutronix.de&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>patches: correct whitespace/spelling for Upstream-Status tags</title>
<updated>2021-11-21T11:05:02+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alex.kanavin@gmail.com</email>
</author>
<published>2021-11-17T15:35:13+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=b3ac015389173471e4d3e1e1841e99175f780d63'/>
<id>urn:sha1:b3ac015389173471e4d3e1e1841e99175f780d63</id>
<content type='text'>
(From OE-Core rev: c613ca14c35a5d1782c79a25b83875cbfa2b952b)

Signed-off-by: Alexander Kanavin &lt;alex@linutronix.de&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>elfutils: Add patch from upstream for glibc 2.34 ptest fixes</title>
<updated>2021-08-05T16:48:29+00:00</updated>
<author>
<name>Richard Purdie</name>
<email>richard.purdie@linuxfoundation.org</email>
</author>
<published>2021-08-04T21:47:18+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=671b49e077b11d28a16122c5847a6638957fe2d4'/>
<id>urn:sha1:671b49e077b11d28a16122c5847a6638957fe2d4</id>
<content type='text'>
Add a patch being discussed upstream to fix a ptest issue with glibc 2.34.

(From OE-Core rev: 8921f2acfd566d2c03cea7bdb9f0b1883994148b)

Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>elfutils: update 0.183 -&gt; 0.185</title>
<updated>2021-06-06T22:16:51+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alex.kanavin@gmail.com</email>
</author>
<published>2021-06-04T09:14:50+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=c7b15f642b7a219dde771eee3a07bbe9b6e276d0'/>
<id>urn:sha1:c7b15f642b7a219dde771eee3a07bbe9b6e276d0</id>
<content type='text'>
0001-add-support-for-ipkg-to-debuginfod.cxx.patch merged upstream.

0001-debuginfod-debuginfod-client.c-correct-string-format.patch rebased.

(From OE-Core rev: 466ba2d5c81f817334b2f9242daa8ffca271e224)

Signed-off-by: Alexander Kanavin &lt;alex.kanavin@gmail.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>elfutils: Make 64bit time_t fix generic</title>
<updated>2021-04-23T09:12:08+00:00</updated>
<author>
<name>Khem Raj</name>
<email>raj.khem@gmail.com</email>
</author>
<published>2021-04-21T19:28:17+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=972888296cf425f1e6771a175561ef755e95197f'/>
<id>urn:sha1:972888296cf425f1e6771a175561ef755e95197f</id>
<content type='text'>
Apply it always since more than x32 needs it

(From OE-Core rev: faf5034876c319aa51d6b3e21265d0984566bb9e)

Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
</feed>
