summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/elfutils/elfutils_0.191.bb
Commit message (Collapse)AuthorAgeFilesLines
* elfutils: Fix CVE-2025-1377Soumya Sambu2025-11-031-0/+1
| | | | | | | | | | | | | | | | | | | | A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelf_getsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is fbf1df9ca286de3323ae541973b08449f8d03aba. It is recommended to apply a patch to fix this issue. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-1377 Upstream patch: https://sourceware.org/git/?p=elfutils.git;a=fbf1df9ca286de3323ae541973b08449f8d03aba (From OE-Core rev: ae89d0c2ca49c40429f787577d280b5886f42cc1) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* elfutils: Fix CVE-2025-1376Soumya Sambu2025-11-031-0/+1
| | | | | | | | | | | | | | | | | | | | | | A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is b16f441cca0a4841050e3215a9f120a6d8aea918. It is recommended to apply a patch to fix this issue. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-1376 Upstream patch: https://sourceware.org/git/?p=elfutils.git;a=commit;h=b16f441cca0a4841050e3215a9f120a6d8aea918 (From OE-Core rev: 06e3cd0891f553b0ed036d9247dfa7c5ed814d78) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* elfutils: fix build with gcc-15Martin Jansa2025-09-011-0/+1
| | | | | | | (From OE-Core rev: ece06774fd1c261c333f61779579614e0b40b927) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* elfutils: Fix CVE-2025-1371Soumya Sambu2025-05-081-0/+1
| | | | | | | | | | | | | | | | | | | | | A vulnerability has been found in GNU elfutils 0.192 and classified as problematic. This vulnerability affects the function handle_dynamic_symtab of the file readelf.c of the component eu-read. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is identified as b38e562a4c907e08171c76b8b2def8464d5a104a. It is recommended to apply a patch to fix this issue. References: https://nvd.nist.gov/vuln/detail/CVE-2025-1371 https://ubuntu.com/security/CVE-2025-1371 Upstream patch: https://sourceware.org/cgit/elfutils/commit/?id=b38e562a4c907e08171c76b8b2def8464d5a104a (From OE-Core rev: 11c44bde4f3d9e63506ece2f9b27114914aacc4b) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* elfutils: Fix multiple CVEsHitendra Prajapati2025-03-051-0/+3
| | | | | | | | | | | | | Backport fixes for: * CVE-2025-1352 - Upstream-Status: Backport from https://sourceware.org/git/?p=elfutils.git;a=commit;h=2636426a091bd6c6f7f02e49ab20d4cdc6bfc753 * CVE-2025-1365 - Upstream-Status: Backport from https://sourceware.org/git/?p=elfutils.git;a=commit;h=5e5c0394d82c53e97750fe7b18023e6f84157b81 * CVE-2025-1372 - Upstream-Status: Backport from https://sourceware.org/git/?p=elfutils.git;a=commit;h=73db9d2021cab9e23fd734b0a76a612d52a6f1db (From OE-Core rev: 938676089fb5da383b7daf6c5e6348079ecf5674) Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* elfutils: fix unused variable BUFFER_SIZEJose Quaresma2024-03-201-0/+1
| | | | | | | | | Fix build break with clang (From OE-Core rev: 760292c23213476169116b8608ca4119b99e6ff8) Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* elfutils: Fix build break with clangKhem Raj2024-03-181-0/+1
| | | | | | | (From OE-Core rev: 68923430069fcc049ad9c5f7830f72c1c3e7d501) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* elfutils: upgrade 0.189 -> 0.191Alexander Kanavin2024-03-071-0/+175
Drop backports: 0001-Add-helper-function-for-basename.patch 0001-tests-fix-build-against-upcoming-gcc-14-Werror-callo.patch (From OE-Core rev: 797117902490fcd336697397ea5d8c2a601124b2) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2026-04-21 23:36:28 +0000