Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
From df24df430af3532c24d8c47a430555fd9f3d890e Mon Sep 17 00:00:00 2001
From: skondu363 <Srihariraghava_konduritirumala@comcast.com>
Date: Thu, 5 Feb 2026 09:09:13 +0000
Subject: [PATCH]
Upstream-Status: Backport
https://github.com/openssl/openssl/commit/0ddd6b6bcbdedbe2c8304af05771f8ab11939112
CVE : CVE-2025-15467

Signed-off-by: skondu363 <Srihariraghava_konduritirumala@comcast.com>
---
crypto/evp/evp_lib.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index b918081..f833bbb 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -249,10 +249,9 @@ int evp_cipher_get_asn1_aead_params(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
if (type == NULL || asn1_params == NULL)
return 0;

- i = ossl_asn1_type_get_octetstring_int(type, &tl, NULL, EVP_MAX_IV_LENGTH);
- if (i <= 0)
+ i = ossl_asn1_type_get_octetstring_int(type, &tl, iv, EVP_MAX_IV_LENGTH);
+ if (i <= 0 || i > EVP_MAX_IV_LENGTH)
return -1;
- ossl_asn1_type_get_octetstring_int(type, &tl, iv, i);

memcpy(asn1_params->iv, iv, i);
asn1_params->iv_len = i;
1 change: 1 addition & 0 deletions recipes-connectivity/openssl/openssl_3.0.%.bbappend
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ LOGROTATE_ROTATION_MEM_sslendpoint="3"
FILESEXTRAPATHS:prepend:="${THISDIR}/${PN}:"

SRC_URI += " file://openssl-c_rehash.sh \
file://CVE-2025-15467_3.0.5_fix.patch \
"

PTEST_ENABLED = "${@bb.utils.contains('DISTRO_FEATURES', 'benchmark_enable', '1', '0', d)}"
Expand Down
38 changes: 38 additions & 0 deletions recipes-core/busybox/busybox/CVE-2025-46394_1.35_fix.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
From 4333a6788d6b4f2ab22aa570e2d0f0ebcff07817 Mon Sep 17 00:00:00 2001
From: skondu363 <Srihariraghava_konduritirumala@comcast.com>
Date: Wed, 4 Feb 2026 06:25:25 +0000
Subject: [PATCH]
Upstream-Status: Backport
https://patchwork.yoctoproject.org/project/oe-core/patch/20250928221332.1308547-1-peter.marko@siemens.com/#31415
CVE : CVE-2025-46394

Signed-off-by: skondu363 <Srihariraghava_konduritirumala@comcast.com>
---
archival/libarchive/header_list.c | 2 +-
archival/libarchive/header_verbose_list.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/archival/libarchive/header_list.c b/archival/libarchive/header_list.c
index 0621aa4..9490b36 100644
--- a/archival/libarchive/header_list.c
+++ b/archival/libarchive/header_list.c
@@ -8,5 +8,5 @@
void FAST_FUNC header_list(const file_header_t *file_header)
{
//TODO: cpio -vp DIR should output "DIR/NAME", not just "NAME" */
- puts(file_header->name);
+ puts(printable_string(file_header->name));
}
diff --git a/archival/libarchive/header_verbose_list.c b/archival/libarchive/header_verbose_list.c
index a575a08..baedf75 100644
--- a/archival/libarchive/header_verbose_list.c
+++ b/archival/libarchive/header_verbose_list.c
@@ -40,7 +40,7 @@ void FAST_FUNC header_verbose_list(const file_header_t *file_header)
ptm->tm_hour,
ptm->tm_min,
ptm->tm_sec,
- file_header->name);
+ printable_string(file_header->name));
Copy link

Copilot AI Feb 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The indentation is inconsistent with the rest of the patch. This line uses more spaces than the previous lines. Please ensure the indentation matches the original file's formatting.

Suggested change
+ printable_string(file_header->name));
+ printable_string(file_header->name));

Copilot uses AI. Check for mistakes.

#else /* !FEATURE_TAR_UNAME_GNAME */

4 changes: 4 additions & 0 deletions recipes-core/busybox/busybox_1.35%.bbappend
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
FILESEXTRAPATHS:prepend := "${THISDIR}/${BPN}:"

SRC_URI += " file://CVE-2025-46394_1.35_fix.patch \
"
29 changes: 29 additions & 0 deletions recipes-core/glib-2.0/glib-2.0/CVE-2024-52533_2.74_fix.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
From df1c6f3b0dcadc33eadbdff9213b255aa178d8c2 Mon Sep 17 00:00:00 2001
From: skondu363 <Srihariraghava_konduritirumala@comcast.com>
Date: Wed, 4 Feb 2026 07:39:46 +0000
Subject: [PATCH]
Upstream-Status: Backport
https://gitlab.gnome.org/GNOME/glib/-/commit/25833cefda24c60af913d6f2d532b5afd608b821
CVE : CVE-2024-52533

Signed-off-by: skondu363 <Srihariraghava_konduritirumala@comcast.com>
---
gio/gsocks4aproxy.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gio/gsocks4aproxy.c b/gio/gsocks4aproxy.c
index 3dad118..b3146d0 100644
--- a/gio/gsocks4aproxy.c
+++ b/gio/gsocks4aproxy.c
@@ -79,9 +79,9 @@ g_socks4a_proxy_init (GSocks4aProxy *proxy)
* +----+----+----+----+----+----+----+----+----+----+....+----+------+....+------+
* | VN | CD | DSTPORT | DSTIP | USERID |NULL| HOST | | NULL |
* +----+----+----+----+----+----+----+----+----+----+....+----+------+....+------+
- * 1 1 2 4 variable 1 variable
+ * 1 1 2 4 variable 1 variable 1
*/
-#define SOCKS4_CONN_MSG_LEN (9 + SOCKS4_MAX_LEN * 2)
+#define SOCKS4_CONN_MSG_LEN (10 + SOCKS4_MAX_LEN * 2)
static gint
set_connect_msg (guint8 *msg,
const gchar *hostname,
44 changes: 44 additions & 0 deletions recipes-core/glib-2.0/glib-2.0/CVE-2025-4056_2.74_fix.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
From 5c1c14f220c7f431cb451f9f5174a2386e398a27 Mon Sep 17 00:00:00 2001
From: skondu363 <Srihariraghava_konduritirumala@comcast.com>
Date: Wed, 4 Feb 2026 08:09:29 +0000
Subject: [PATCH]
Upstream-Status: Backport
https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4570/diffs.patch
CVE : CVE-2025-4056

Signed-off-by: skondu363 <Srihariraghava_konduritirumala@comcast.com>
---
glib/gspawn-win32-helper.c | 4 ++--
glib/gspawn-win32.c | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/glib/gspawn-win32-helper.c b/glib/gspawn-win32-helper.c
index 72b49ba..dddd9d8 100644
--- a/glib/gspawn-win32-helper.c
+++ b/glib/gspawn-win32-helper.c
@@ -94,8 +94,8 @@ protect_wargv (gint argc,
{
wchar_t *p = wargv[i];
wchar_t *q;
- gint len = 0;
- gint pre_bslash = 0;
+ size_t len = 0;
+ size_t pre_bslash = 0;
gboolean need_dblquotes = FALSE;
while (*p)
{
diff --git a/glib/gspawn-win32.c b/glib/gspawn-win32.c
index 7fa5e26..e4b402f 100644
--- a/glib/gspawn-win32.c
+++ b/glib/gspawn-win32.c
@@ -174,8 +174,8 @@ protect_argv_string (const gchar *string)
{
const gchar *p = string;
gchar *retval, *q;
- gint len = 0;
- gint pre_bslash = 0;
+ size_t len = 0;
+ size_t pre_bslash = 0;
gboolean need_dblquotes = FALSE;
while (*p)
{
2 changes: 2 additions & 0 deletions recipes-core/glib-2.0/glib-2.0_2.7%.bbappend
Original file line number Diff line number Diff line change
Expand Up @@ -10,5 +10,7 @@ RDEPENDS:${PN}-utils += "libelf"
SRC_URI:append = " \
file://0001-Fix-passing-NULL-to-g_task_get_cancellable.patch \
file://0001-RDKTV-35445-Fix-localhost-DNS-resolution.patch \
file://CVE-2024-52533_2.74_fix.patch \
file://CVE-2025-4056_2.74_fix.patch \
"

54 changes: 54 additions & 0 deletions recipes-core/libxml2/libxml2/CVE-2025-24928_2.9.14_fix.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
From fb535342c9cd0ba411c4c65e4e8147f77dfe804c Mon Sep 17 00:00:00 2001
From: skondu363 <Srihariraghava_konduritirumala@comcast.com>
Date: Thu, 5 Feb 2026 08:40:28 +0000
Subject: [PATCH]
Upstream-Status: Backport
https://gitlab.gnome.org/GNOME/libxml2/-/commit/8c8753ad5280ee13aee5eec9b0f6eee2ed920f57.patch
CVE : CVE-2025-24928

Signed-off-by: skondu363 <Srihariraghava_konduritirumala@comcast.com>
---
valid.c | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/valid.c b/valid.c
index ed3c850..c69093f 100644
--- a/valid.c
+++ b/valid.c
@@ -5259,25 +5259,25 @@ xmlSnprintfElements(char *buf, int size, xmlNodePtr node, int glob) {
return;
}
switch (cur->type) {
- case XML_ELEMENT_NODE:
+ case XML_ELEMENT_NODE: {
+ int qnameLen = xmlStrlen(cur->name);
+
+ if ((cur->ns != NULL) && (cur->ns->prefix != NULL))
+ qnameLen += xmlStrlen(cur->ns->prefix) + 1;
+ if (size - len < qnameLen + 10) {
+ if ((size - len > 4) && (buf[len - 1] != '.'))
+ strcat(buf, " ...");
+ return;
+ }
if ((cur->ns != NULL) && (cur->ns->prefix != NULL)) {
Copy link

Copilot AI Feb 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The indentation appears inconsistent. Line 33 uses spaces for indentation while it should likely use tabs to match the surrounding code style. Please verify the indentation matches the original file's style.

Suggested change
if ((cur->ns != NULL) && (cur->ns->prefix != NULL)) {
if ((cur->ns != NULL) && (cur->ns->prefix != NULL)) {

Copilot uses AI. Check for mistakes.
- if (size - len < xmlStrlen(cur->ns->prefix) + 10) {
- if ((size - len > 4) && (buf[len - 1] != '.'))
- strcat(buf, " ...");
- return;
- }
strcat(buf, (char *) cur->ns->prefix);
strcat(buf, ":");
}
- if (size - len < xmlStrlen(cur->name) + 10) {
- if ((size - len > 4) && (buf[len - 1] != '.'))
- strcat(buf, " ...");
- return;
- }
strcat(buf, (char *) cur->name);
if (cur->next != NULL)
strcat(buf, " ");
break;
+ }
case XML_TEXT_NODE:
if (xmlIsBlankNode(cur))
break;
47 changes: 47 additions & 0 deletions recipes-core/libxml2/libxml2/CVE-2025-6021_2.9.14_fix.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
From a0ed04217e2dcdcd617c8f8a8be0819460f490c6 Mon Sep 17 00:00:00 2001
From: skondu363 <Srihariraghava_konduritirumala@comcast.com>
Date: Thu, 5 Feb 2026 08:04:17 +0000
Subject: [PATCH]
Upstream-Status: Backport
https://gitlab.gnome.org/GNOME/libxml2/-/commit/ad346c9a249c4b380bf73c460ad3e81135c5d781
CVE : CVE-2025-6021

Signed-off-by: skondu363 <Srihariraghava_konduritirumala@comcast.com>
---
tree.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/tree.c b/tree.c
index f837932..3cc026d 100644
--- a/tree.c
+++ b/tree.c
@@ -21,6 +21,7 @@
#include <string.h> /* for memset() only ! */
#include <stddef.h>
#include <limits.h>
+#include <stdint.h>
#ifdef HAVE_CTYPE_H
#include <ctype.h>
#endif
@@ -222,16 +223,18 @@ xmlGetParameterEntityFromDtd(const xmlDtd *dtd, const xmlChar *name) {
xmlChar *
xmlBuildQName(const xmlChar *ncname, const xmlChar *prefix,
xmlChar *memory, int len) {
- int lenn, lenp;
+ size_t lenn, lenp;
xmlChar *ret;

- if (ncname == NULL) return(NULL);
+ if ((ncname == NULL) || (len < 0)) return(NULL);
if (prefix == NULL) return((xmlChar *) ncname);

lenn = strlen((char *) ncname);
lenp = strlen((char *) prefix);
+ if (lenn >= SIZE_MAX - lenp - 1)
+ return(NULL);

- if ((memory == NULL) || (len < lenn + lenp + 2)) {
+ if ((memory == NULL) || ((size_t)len < lenn + lenp + 2)) {
ret = (xmlChar *) xmlMallocAtomic(lenn + lenp + 2);
if (ret == NULL) {
xmlTreeErrMemory("building QName");
110 changes: 110 additions & 0 deletions recipes-core/libxml2/libxml2/CVE-2025-9714_2.9.14_fix.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,110 @@
From 8b45761e6ea0bb7eeb466d8597207655310fec33 Mon Sep 17 00:00:00 2001
From: skondu363 <Srihariraghava_konduritirumala@comcast.com>
Date: Wed, 4 Feb 2026 08:40:29 +0000
Subject: [PATCH]
Upstream-Status: Backport
https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21
CVE : CVE-2025-9714

Signed-off-by: skondu363 <Srihariraghava_konduritirumala@comcast.com>
---
xpath.c | 23 +++++++++++++++++------
1 file changed, 17 insertions(+), 6 deletions(-)

diff --git a/xpath.c b/xpath.c
index c2d8458..028471d 100644
--- a/xpath.c
+++ b/xpath.c
@@ -13883,12 +13883,11 @@ static int
xmlXPathRunEval(xmlXPathParserContextPtr ctxt, int toBool)
{
xmlXPathCompExprPtr comp;
+ int oldDepth;

if ((ctxt == NULL) || (ctxt->comp == NULL))
return(-1);

- ctxt->context->depth = 0;
-
if (ctxt->valueTab == NULL) {
/* Allocate the value stack */
ctxt->valueTab = (xmlXPathObjectPtr *)
@@ -13942,11 +13941,13 @@ xmlXPathRunEval(xmlXPathParserContextPtr ctxt, int toBool)
"xmlXPathRunEval: last is less than zero\n");
return(-1);
}
+ oldDepth = ctxt->context->depth;
if (toBool)
return(xmlXPathCompOpEvalToBoolean(ctxt,
&comp->steps[comp->last], 0));
else
xmlXPathCompOpEval(ctxt, &comp->steps[comp->last]);
+ ctxt->context->depth = oldDepth;

return(0);
}
@@ -14217,6 +14218,7 @@ xmlXPathCompExprPtr
xmlXPathCtxtCompile(xmlXPathContextPtr ctxt, const xmlChar *str) {
xmlXPathParserContextPtr pctxt;
xmlXPathCompExprPtr comp;
+ int oldDepth = 0;

#ifdef XPATH_STREAMING
comp = xmlXPathTryStreamCompile(ctxt, str);
@@ -14230,8 +14232,10 @@ xmlXPathCtxtCompile(xmlXPathContextPtr ctxt, const xmlChar *str) {
if (pctxt == NULL)
return NULL;
if (ctxt != NULL)
- ctxt->depth = 0;
+ oldDepth = ctxt->depth;
xmlXPathCompileExpr(pctxt, 1);
+ if (ctxt != NULL)
+ ctxt->depth = oldDepth;

if( pctxt->error != XPATH_EXPRESSION_OK )
{
@@ -14252,8 +14256,10 @@ xmlXPathCtxtCompile(xmlXPathContextPtr ctxt, const xmlChar *str) {
comp = pctxt->comp;
if ((comp->nbStep > 1) && (comp->last >= 0)) {
if (ctxt != NULL)
- ctxt->depth = 0;
+ oldDepth = ctxt->depth;
xmlXPathOptimizeExpression(pctxt, &comp->steps[comp->last]);
+ if (ctxt != NULL)
+ ctxt->depth = oldDepth;
}
pctxt->comp = NULL;
}
@@ -14409,6 +14415,7 @@ xmlXPathEvalExpr(xmlXPathParserContextPtr ctxt) {
#ifdef XPATH_STREAMING
xmlXPathCompExprPtr comp;
#endif
+ int oldDepth = 0;

if (ctxt == NULL) return;

@@ -14422,8 +14429,10 @@ xmlXPathEvalExpr(xmlXPathParserContextPtr ctxt) {
#endif
{
if (ctxt->context != NULL)
- ctxt->context->depth = 0;
+ oldDepth = ctxt->context->depth;
xmlXPathCompileExpr(ctxt, 1);
+ if (ctxt->context != NULL)
+ ctxt->context->depth = oldDepth;
CHECK_ERROR;

/* Check for trailing characters. */
@@ -14432,9 +14441,11 @@ xmlXPathEvalExpr(xmlXPathParserContextPtr ctxt) {

if ((ctxt->comp->nbStep > 1) && (ctxt->comp->last >= 0)) {
if (ctxt->context != NULL)
- ctxt->context->depth = 0;
+ oldDepth = ctxt->context->depth;
xmlXPathOptimizeExpression(ctxt,
&ctxt->comp->steps[ctxt->comp->last]);
+ if (ctxt->context != NULL)
+ ctxt->context->depth = oldDepth;
}
}

3 changes: 3 additions & 0 deletions recipes-core/libxml2/libxml2_2.9.14.bbappend
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"

SRC_URI:append = " file://CVE-2025-27113_2.9.14_fix.patch \
file://CVE-2025-9714_2.9.14_fix.patch \
file://CVE-2025-6021_2.9.14_fix.patch \
file://CVE-2025-24928_2.9.14_fix.patch \
"
4 changes: 4 additions & 0 deletions recipes-support/cjson/cjson_1.7%.bbappend
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
FILESEXTRAPATHS:prepend := "${THISDIR}/files:"


Copy link

Copilot AI Feb 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is an unnecessary blank line. This should be removed to maintain consistent formatting in the file.

Suggested change

Copilot uses AI. Check for mistakes.
SRC_URI:append = " file://CVE-2025-57052_1.7.15_fix.patch"
Loading