| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
| |
(From OE-Core rev: 51259c7e933a2ac8ebc01604d6e65607b76b7b56)
Signed-off-by: Paul Barker <paul@pbarker.dev>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This corresponds to the master
commit 139102a73d41 ("recipes: Default to https git protocol where possible").
But only for the git.yoctoproject.org and git.openembedded.org repos.
> The recommendation from server maintainers is that the https protocol
> is both faster and more reliable than the dedicated git protocol at this point.
> Switch to it where possible.
(From OE-Core rev: c1b208babae70244ab062b2e4674b0309fbd65e5)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pick relevant part of snapshot commit 20251213, see [1].
That has:
add a limit-check in infocmp -i option (report/example by Yixuan Cao).
[1] https://invisible-island.net/ncurses/NEWS.html#index-t20251213
References:
1. https://github.com/Cao-Wuhui/CVE-2025-69720
2. https://nvd.nist.gov/vuln/detail/CVE-2025-69720
3. https://access.redhat.com/errata/RHSA-2026:5913
(From OE-Core rev: 4a046b39185314ceafbc7846b9c00fb8984c71ce)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
|
| |
|
|
|
|
| |
(From OE-Core rev: c4194cadb1180da37514c55cd97827eb0269c8e2)
Signed-off-by: Paul Barker <paul@pbarker.dev>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Although the patch was not merged yet, Debian already took it ([1]).
Since busybox CVE handling is slow, follow Debian decision.
[1] https://sources.debian.org/src/busybox/1:1.37.0-10.1/debian/patches/wget-disallow-control-chars-in-URLs-CVE-2025-60876.patch
(From OE-Core rev: 6274e354680db9521d188309cb32d90996ebb3e5)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Fabien Thomas <fabien.thomas@smile.fr>
[YC: fixed weird encoding in URL, added "CVE-" to subject]
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
|
| |
|
|
|
|
| |
(From OE-Core rev: 7b6c9faa301a6d058ca34e230586f6a81ffa3ffb)
Signed-off-by: Paul Barker <paul@pbarker.dev>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
git log --oneline 4e50046821f05ada5f14c76803845125ddb3ed7d..bb59339d02faebac534a87eea50c83c948f35b77
bb59339d02 (HEAD -> release/2.35/master, origin/release/2.35/master) posix: Reset wordexp_t fields with WRDE_REUSE (CVE-2025-15281 / BZ 33814)
66f0cb057c resolv: Fix NSS DNS backend for getnetbyaddr (CVE-2026-0915)
499d1ccafc memalign: reinstate alignment overflow check (CVE-2026-0861)
9e1a305028 nptl: Optimize trylock for high cache contention workloads (BZ #33704)
a94467ce05 ppc64le: Power 10 rawmemchr clobbers v20 (bug #33091)
Testing Results:
Before After Diff
PASS 4774 4770 -4
XPASS 6 6 0
FAIL 149 154 +5
XFAIL 16 16 0
UNSUPPORTED 246 246 0
Changes in failed testcases:
testcase-name before after
malloc/tst-malloc-fork-deadlock-malloc-hugetlb2 FAIL PASS
posix/tst-wait4 FAIL PASS
malloc/tst-malloc-too-large PASS FAIL
malloc/tst-malloc-too-large-malloc-check PASS FAIL
malloc/tst-malloc-too-large-malloc-hugetlb1 PASS FAIL
malloc/tst-malloc-too-large-malloc-hugetlb2 PASS FAIL
malloc/tst-malloc-too-large-mcheck PASS FAIL
malloc/tst-mallocfork2 PASS FAIL
malloc/tst-mallocfork3 PASS FAIL
(From OE-Core rev: 8102d2252d50a52fbf48810226bcff92a925a39e)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Pick patch from [1] linked from [2].
[1] https://gitlab.gnome.org/GNOME/glib/-/issues/3872
[2] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4984
(From OE-Core rev: ad9c57c36f6afa675468426da4ba1263eaeee2c5)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Pick patch from [1] linked from [2].
[1] https://gitlab.gnome.org/GNOME/glib/-/issues/3871
[2] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4981
(From OE-Core rev: 1996441fcebaa2e08eecceb3cf00d39fda8cff35)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Pick patches from [1] linked from [2].
[1] https://gitlab.gnome.org/GNOME/glib/-/issues/3870
[2] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4979
(From OE-Core rev: 045f902fd570df65f6ed2534d8885cee26fb6ef1)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Pick relevant commit from [2] linked from [1].
[1] https://gitlab.gnome.org/GNOME/glib/-/issues/3851
[2] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4944
(From OE-Core rev: bb6a6ab6d948ce5a8a86479c68af43f7f86b98a5)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Pick patches from [1].
[1] https://github.com/libexpat/libexpat/pull/1075
(From OE-Core rev: 406471f765fd1ce6bc5aab51c724476684e40d21)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
|
| |
|
|
|
|
|
|
|
|
| |
Pick fix commit from PR linked in NVD report.
(From OE-Core rev: e3c0ac137e50d35e83e8e4ed2c4e09f2eb9d3bca)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
References:
* https://gitlab.gnome.org/GNOME/libxml2/-/issues/1019
* https://gitlab.gnome.org/GNOME/libxml2/-/merge_requests/377
(From OE-Core rev: 957244b2861f394237b8a3ec4d549d5118627955)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pick patch which closed [1].
Adapt for missing xmlCatalogPrintDebug per [2].
[1] https://gitlab.gnome.org/GNOME/libxml2/-/issues/1019
[2] https://gitlab.gnome.org/GNOME/libxml2/-/commit/728869809eb7eee1b1681d558b4b506a8019c151
(From OE-Core rev: efef4d450500eb3a43b9f1f399ca84f9ca837d8b)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Pick patch which closed [1].
[1] https://gitlab.gnome.org/GNOME/libxml2/-/issues/1018
(From OE-Core rev: 3af64204dec407546bed8f1dc0cb8b4a1501e471)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This is CVE for example tool contrib/untgz.
This is not compiled in Yocto zlib recipe.
This CVE has controversial CVSS3 score of 9.8.
(From OE-Core rev: 1bdcd62d34b0b060b0e1e5142c5f3e7075f21cc2)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
|
| |
|
|
|
|
| |
(From OE-Core rev: e2994ca0076ec99038790e7a40936236a5078135)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: 036f76ea35c49a78d612093dcd8eb1fac7ded8d7)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Pick patch mentioning this CVE number.
(From OE-Core rev: 3a8effd37b83cab3421ee1fe59da232cdf338743)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pick patch from [1] linked from [2].
[1] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4935
[2] https://gitlab.gnome.org/GNOME/glib/-/issues/3845
(From OE-Core rev: 2fb84f36c77e0d049a71dcfa597a67d297cbfd0a)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pick commits from [1] linked from [2].
[1] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4933
[2] https://gitlab.gnome.org/GNOME/glib/-/issues/3834
(From OE-Core rev: 6e1ce2de818d647d69f652ab67c0c2d13860e77b)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pick commits from [1] per [2].
[1] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914
[2] https://nvd.nist.gov/vuln/detail/CVE-2025-13601
(From OE-Core rev: eb0e4e0fce9378100e4482fc91d6886d84ef7ec2)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Pick patches per [1].
[1] https://security-tracker.debian.org/tracker/CVE-2025-14104
(From OE-Core rev: 8f7f1562f6cba3b67cc4301702c03ab31551a155)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: 2ed3f8b938579dbbb804e04c45a968cc57761db7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2025-7425
libxslt: heap-use-after-free in xmlFreeID caused by `atype` corruption
Origin: https://launchpad.net/ubuntu/+source/libxml2/2.9.14+dfsg-1.3ubuntu3.6
Ref : https://security-tracker.debian.org/tracker/CVE-2025-7425
Upstream-Status: Backport from https://gitlab.gnome.org/GNOME/libxslt/-/issues/140
(From OE-Core rev: cf260bef4495186662b74b8324d01efcfc2121fd)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-26519
Pick the patches that are attached to the musl advisory:
https://www.openwall.com/lists/musl/2025/02/13/1
(From OE-Core rev: e1c1b4b5100e08b63a2e6e5ff608f79e7b202649)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
| |
(From OE-Core rev: 99204008786f659ab03538cd2ae2fd23ed4164c5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
glib-networking's OpenSSL backend fails to properly check the return
value of memory allocation routines. An out of memory condition could
potentially result in writing to an invalid memory location.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-60019
Upstream-patch:
https://gitlab.gnome.org/GNOME/glib-networking/-/commit/70df675dd4f5e4a593b2f95406c1aac031aa8bc7
(From OE-Core rev: eda5838fcbb8c725e6e39d6e72b63c33f6c44446)
Signed-off-by: Rajeshkumar Ramasamy <rajeshkumar.ramasamy@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
glib-networking's OpenSSL backend fails to properly check the return
value of a call to BIO_write(), resulting in an out of bounds read.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-60018
Upstream-patch:
https://gitlab.gnome.org/GNOME/glib-networking/-/commit/4dd540505d40babe488404f3174ec39f49a84485
(From OE-Core rev: bd11f18909b5946e4570e0eba9b3cb9b47791dc1)
Signed-off-by: Rajeshkumar Ramasamy <rajeshkumar.ramasamy@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
32786)
The following commits have been cherry-picked from Glibc master branch:
Bug : https://sourceware.org/bugzilla/show_bug.cgi?id=25847
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=dbc5a50d12eff4cb3f782129029d04b8a76f58e7
[2] https://sourceware.org/pipermail/libc-stable/2025-July/002282.html
(From OE-Core rev: 8f1000d9dad5e51f08a40b0f6650204425cc8efb)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The following commits have been cherry-picked from Glibc master branch:
Bug : https://sourceware.org/bugzilla/show_bug.cgi?id=25847
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=91bb902f58264a2fd50fbce8f39a9a290dd23706
[2] https://sourceware.org/pipermail/libc-stable/2025-July/002283.html
(From OE-Core rev: 4593e800b832d740d0b63ddd4b5c948c564116b2)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The following commits have been cherry-picked from Glibc master branch:
Bug : https://sourceware.org/bugzilla/show_bug.cgi?id=25847
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=4b79e27a5073c02f6bff9aa8f4791230a0ab1867
[2] https://sourceware.org/pipermail/libc-stable/2025-July/002281.html
(From OE-Core rev: 0a9ccd040037c12aa2e7fbc2213ca60b30dafcc4)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The following commits have been cherry-picked from Glibc master branch:
Bug : https://sourceware.org/bugzilla/show_bug.cgi?id=25847
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=ee6c14ed59d480720721aaacc5fb03213dc153da
[2] https://sourceware.org/pipermail/libc-stable/2025-July/002280.html
(From OE-Core rev: f54e082df2f07893f66183089518f98cb792f22e)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The following commits have been cherry-picked from Glibc master branch:
Bug : https://sourceware.org/bugzilla/show_bug.cgi?id=25847
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=929a4764ac90382616b6a21f099192b2475da674
[2] https://sourceware.org/pipermail/libc-stable/2025-July/002279.html
(From OE-Core rev: 75bbc8cb3a94640120d778916abb2edf78b89fd0)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The following commits have been cherry-picked from Glibc master branch:
Bug : https://sourceware.org/bugzilla/show_bug.cgi?id=25847
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=c36fc50781995e6758cae2b6927839d0157f213c
[2] https://sourceware.org/pipermail/libc-stable/2025-July/002278.html
(From OE-Core rev: 1972b6776fa8a23b9d373d516ace32e136e9058f)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The following commits have been cherry-picked from Glibc master branch:
Bug : https://sourceware.org/bugzilla/show_bug.cgi?id=25847
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=4f7b051f8ee3feff1b53b27a906f245afaa9cee1
[2] https://sourceware.org/pipermail/libc-stable/2025-July/002276.html
(From OE-Core rev: e6cac5aef751d698327f6ebee966462644c6c6a8)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The following commits have been cherry-picked from Glibc master branch:
Bug : https://sourceware.org/bugzilla/show_bug.cgi?id=25847
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=b42cc6af11062c260c7dfa91f1c89891366fed3e
[2] https://sourceware.org/pipermail/libc-stable/2025-July/002274.html
(From OE-Core rev: 18b4f22aaae19cd0efb21433f0c23c5580246a2e)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The following commits have been cherry-picked from Glibc master branch:
Bug : https://sourceware.org/bugzilla/show_bug.cgi?id=25847
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=0cc973160c23bb67f895bc887dd6942d29f8fee3
[2] https://sourceware.org/pipermail/libc-stable/2025-July/002275.html
(From OE-Core rev: bf3d91124c2584b9d3000098d1f81d9459d143fc)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The following commits have been cherry-picked from Glibc master branch:
Bug : https://sourceware.org/bugzilla/show_bug.cgi?id=25847
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=1db84775f831a1494993ce9c118deaf9537cc50a
[2] https://sourceware.org/pipermail/libc-stable/2025-July/002277.html
(From OE-Core rev: 4d57f7c82ccb64e2bd2a2371ef18bdc5a4b718e3)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To facilitate a clean backport of the full 10-commit series
addressing the pthread condition variable lost wakeup issue
(BZ#25847) in glibc 2.35, remove the existing 8 patches that
were applied as a partial backport.
The previous partial backport excluded commit:
c36fc50781995e6758cae2b6927839d0157f213c ("nptl: Remove
g_refs from condition variables") based on guidance from
glibc maintainer Florian Weimer(#comment #74)
This exclusion was recommended for stable branches to
avoid altering the layout of pthread_cond_t, which could
introduce ABI incompatibilities. Additionally, the dependent
commit dbc5a50d12eff4cb3f782129029d04b8a76f58e7 was not needed
in the partial backport.
To align with upstream mainline, per maintainer Carlos O'Donell
(comment #75), apply the complete 10-commit series for consistency.
By removing these patches first, we ensure the subsequent
application of the full 10 commits results in cleaner, more
reviewable changes without intermixed conflicts or overlaps.
Removed patches and corresponding upstream commits:
- 0026-PR25847-1.patch: 1db84775f831a1494993ce9c118deaf9537cc50a
- 0026-PR25847-2.patch: 0cc973160c23bb67f895bc887dd6942d29f8fee3
- 0026-PR25847-3.patch: b42cc6af11062c260c7dfa91f1c89891366fed3e
- 0026-PR25847-4.patch: 4f7b051f8ee3feff1b53b27a906f245afaa9cee1
- 0026-PR25847-5.patch: 929a4764ac90382616b6a21f099192b2475da674
- 0026-PR25847-6.patch: ee6c14ed59d480720721aaacc5fb03213dc153da
- 0026-PR25847-7.patch: 4b79e27a5073c02f6bff9aa8f4791230a0ab1867
- 0026-PR25847-8.patch: 91bb902f58264a2fd50fbce8f39a9a290dd23706
Bug reference: https://sourceware.org/bugzilla/show_bug.cgi?id=25847
This change prepares the branch for the full backport in follow-up commits.
(From OE-Core rev: 9881dd70305b87945e9649d744bcbc40a1a7b780)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Do not build translations when NLS is disabled.
(From OE-Core rev: 83795ef6c3fa12a863cd20b7ec1a2607606987b6)
This change corresponds to upstream d848b454e64ffbd642590b4bbc378619e1547ad3
from master .
Since the systemd version are different between master & kirkstone
applied the patch manually
(From OE-Core rev: 4b612ae7cbdc8327765c34d0e64fa8e0564891d4)
Signed-off-by: Philip Lorenz <philip.lorenz@bmw.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: AshishKumar Mishra <emailaddress.ashish@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
git log --oneline a66bc3941ff298e474d5f02d0c3303401951141f..4e50046821f05ada5f14c76803845125ddb3ed7d
4e50046821 (HEAD, origin/release/2.35/master) x86-64: Add GLIBC_ABI_DT_X86_64_PLT [BZ #33212]
c97735cfde elf: Handle ld.so with LOAD segment gaps in _dl_find_object (bug 31943)
96cc65a28a elf: Extract rtld_setup_phdr function from dl_main
e3f04f64fa elf: Do not add a copy of _dl_find_object to libc.so
bfae8bf49c arm: Use _dl_find_object on __gnu_Unwind_Find_exidx (BZ 31405)
Testing Results:
Before After Diff
PASS 4605 4609 +4
XPASS 6 6 0
FAIL 358 356 -2
XFAIL 16 16 0
UNRESOLVED 0 1 +1
UNSUPPORTED 197 197 0
Testcases changes
testcase-name before after
elf/tst-link-map-contiguous-libc(new) - PASS
elf/tst-link-map-contiguous-ldso(new) - FAIL
elf/check-dt-x86-64-plt(new) - UNRESOLVED
misc/tst-tsearch FAIL PASS
posix/bug-regex24 FAIL PASS
string/tst-cmp FAIL PASS
(From OE-Core rev: 932ee96c0dc24ac3cdb9cee5bf96375568b41df0)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Pick commit mentioning this CVE.
Additionally fix test broken by the CVE fix.
(From OE-Core rev: 137299edbc47e8a57173ef3c22bcb719d48d5302)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
Upstream-Status: Backport from https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21
(From OE-Core rev: 277692c2472f03ae62401bfbd26e8c4d872113d0)
Signed-off-by: Theo GAIGE <tgaige.opensource@witekio.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
| |
(From OE-Core rev: d381eeb5e70bd0ce9e78032c909e4a23564f4dd7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Pick commit per [1].
Also pick commit which changed the same code before to apply it cleanly.
[1] https://security-tracker.debian.org/tracker/CVE-2025-7039
(From OE-Core rev: 79355004da104587b2fb40dcb76053431c6a6182)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NVD report [1] says:
A flaw was found in GLib. A denial of service on **Windows platforms**
may occur if an application attempts to spawn a program using long
command lines.
The fix [3] (linked from [2]) also changes only files
glib/gspawn-win32-helper.c
glib/gspawn-win32.c
[1] https://nvd.nist.gov/vuln/detail/CVE-2025-4056
[2] https://gitlab.gnome.org/GNOME/glib/-/issues/3668
[3] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4570
(From OE-Core rev: 8c69793deb78cf9718801825477938c22e229eca)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The previous fix missed another cherry-pick that fixed building
manpages after the coredump patch. The version-info.xml file doesn't
exist in 250. It was introduced later, so remove the reference to
it.
(From OE-Core rev: 0a383ef579ffe5f5c4ef2c78040540f1332e4ea6)
Signed-off-by: Daniel McGregor <daniel.mcgregor@vecima.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
| |
(From OE-Core rev: bd620eb14660075fd0f7476bbbb65d5da6293874)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|