glibc: Refresh CVE backports after 2.42 release

CVE-2025-4802 is already addressed in 2.39+ [1] Other two are part of 2.42 release [1] https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e (From OE-Core rev: 728911c19c7bf6518d437999cb2f39e09bc8f3e4) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Khem Raj <raj.khem@gmail.com> 2025-07-28 18:49:48 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2025-08-04 18:04:03 +0100
commit: 6f31ea9a5ec725c91e20c6bb1798c854aa0bee85 (patch)
tree: 38fa21c91535b9da4b9cc2cdeaad3c4bd9308a8a
parent: 754345d6063c51eef56ffb6db3135a4f68e6ed2d (diff)
download: poky-6f31ea9a5ec725c91e20c6bb1798c854aa0bee85.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/meta/recipes-core/glibc/glibc_2.41.bb b/meta/recipes-core/glibc/glibc_2.41.bb
index 0852bb4bdb..042abb7e45 100644
--- a/meta/recipes-core/glibc/glibc_2.41.bb
+++ b/meta/recipes-core/glibc/glibc_2.41.bb
@@ -17,7 +17,7 @@ Allows for ASLR bypass so can bypass some hardening, not an exploit in itself, m
 easier access for another. 'ASLR bypass itself is not a vulnerability.'"
 CVE_STATUS_GROUPS += "CVE_STATUS_STABLE_BACKPORTS"
-CVE_STATUS_STABLE_BACKPORTS = "CVE-2025-4802 CVE-2025-5702 CVE-2025-5745"
+CVE_STATUS_STABLE_BACKPORTS = ""
 CVE_STATUS_STABLE_BACKPORTS[status] = "cpe-stable-backport: fix available in used git hash"
 DEPENDS += "gperf-native bison-native"
author	Khem Raj <raj.khem@gmail.com>	2025-07-28 18:49:48 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2025-08-04 18:04:03 +0100
commit	6f31ea9a5ec725c91e20c6bb1798c854aa0bee85 (patch)
tree	38fa21c91535b9da4b9cc2cdeaad3c4bd9308a8a
parent	754345d6063c51eef56ffb6db3135a4f68e6ed2d (diff)
download	poky-6f31ea9a5ec725c91e20c6bb1798c854aa0bee85.tar.gz

diff --git a/meta/recipes-core/glibc/glibc_2.41.bb b/meta/recipes-core/glibc/glibc_2.41.bb index 0852bb4bdb..042abb7e45 100644 --- a/meta/recipes-core/glibc/glibc_2.41.bb +++ b/meta/recipes-core/glibc/glibc_2.41.bb
@@ -17,7 +17,7 @@ Allows for ASLR bypass so can bypass some hardening, not an exploit in itself, m
17	easier access for another. 'ASLR bypass itself is not a vulnerability.'"	17	easier access for another. 'ASLR bypass itself is not a vulnerability.'"
18		18
19	CVE_STATUS_GROUPS += "CVE_STATUS_STABLE_BACKPORTS"	19	CVE_STATUS_GROUPS += "CVE_STATUS_STABLE_BACKPORTS"
20	CVE_STATUS_STABLE_BACKPORTS = "CVE-2025-4802 CVE-2025-5702 CVE-2025-5745"	20	CVE_STATUS_STABLE_BACKPORTS = ""
21	CVE_STATUS_STABLE_BACKPORTS[status] = "cpe-stable-backport: fix available in used git hash"	21	CVE_STATUS_STABLE_BACKPORTS[status] = "cpe-stable-backport: fix available in used git hash"
22		22
23	DEPENDS += "gperf-native bison-native"	23	DEPENDS += "gperf-native bison-native"