RDK-59201 : Patch CVEs for critical components

[KTirumalaSrihari]

Reason for change: Addressing multiple CVE's of glib-2.0,curl,libxml2,libarchive,cjson,openssl
Test Procedure: Build and verify if CVE's are patched and the functionality of components remain unaffected
Risks: None
Priority: P2

[Copilot]

Pull request overview

This PR addresses multiple critical CVEs across several system libraries and components by applying backported security patches. The changes include patches for glib-2.0, curl, libxml2, libarchive, cjson, openssl, and busybox.

Changes:

• Added CVE patches for 7 different components addressing security vulnerabilities
• Updated bbappend files to reference the new security patches
• All patches are backported from upstream sources with proper attribution

Reviewed changes

Copilot reviewed 17 out of 17 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
recipes-support/libarchive/libarchive_3.6.1.bbappend	Added CVE-2025-5914 patch reference
recipes-support/libarchive/libarchive/CVE-2025-5914_3.6.1_fix.patch	Fix for integer overflow vulnerability
recipes-support/curl/curl_7.82%/CVE-2025-0725_7.82_fix.patch	Removes old zlib support to address decompression vulnerability
recipes-support/curl/curl_7.82%.bbappend	Added CVE-2025-0725 patch reference
recipes-support/cjson/files/CVE-2025-57052_1.7.15_fix.patch	Fixes array index parsing bug
recipes-support/cjson/cjson_1.7%.bbappend	Added CVE-2025-57052 patch reference
recipes-core/libxml2/libxml2_2.9.14.bbappend	Added 3 CVE patch references
recipes-core/libxml2/libxml2/CVE-2025-9714_2.9.14_fix.patch	Fixes depth tracking in XPath evaluation
recipes-core/libxml2/libxml2/CVE-2025-6021_2.9.14_fix.patch	Adds overflow checks in QName building
recipes-core/libxml2/libxml2/CVE-2025-24928_2.9.14_fix.patch	Fixes buffer overflow in element name formatting
recipes-core/glib-2.0/glib-2.0_2.7%.bbappend	Added 2 CVE patch references
recipes-core/glib-2.0/glib-2.0/CVE-2025-4056_2.74_fix.patch	Changes integer types to prevent overflow
recipes-core/glib-2.0/glib-2.0/CVE-2024-52533_2.74_fix.patch	Fixes buffer size calculation in SOCKS4 proxy
recipes-core/busybox/busybox_1.35%.bbappend	Added CVE-2025-46394 patch reference
recipes-core/busybox/busybox/CVE-2025-46394_1.35_fix.patch	Sanitizes filenames before output to prevent injection
recipes-connectivity/openssl/openssl_3.0.%.bbappend	Added CVE-2025-15467 patch reference
recipes-connectivity/openssl/openssl/CVE-2025-15467_3.0.5_fix.patch	Fixes AEAD parameter handling

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

There is an unnecessary blank line. This should be removed to maintain consistent formatting in the file.

Suggested change

[Copilot]

The indentation appears inconsistent. Line 33 uses spaces for indentation while it should likely use tabs to match the surrounding code style. Please verify the indentation matches the original file's style.

Suggested change

	if ((cur->ns != NULL) && (cur->ns->prefix != NULL)) {
	if ((cur->ns != NULL) && (cur->ns->prefix != NULL)) {

[Copilot]

The upstream URL is incomplete. It ends with "76f83f0db23846e254d940ec7" which appears to be a truncated commit hash. The full commit reference should be provided for proper upstream traceability.

Suggested change

	https://github.com/curl/curl/commit/76f83f0db23846e254d940ec7 CVE :
	https://curl.se/docs/CVE-2025-0725.html

[Copilot]

The indentation is inconsistent with the rest of the patch. This line uses more spaces than the previous lines. Please ensure the indentation matches the original file's formatting.

Suggested change

	+ printable_string(file_header->name));
	+ printable_string(file_header->name));