rdkcentral · KTirumalaSrihari · Feb 16, 2026 · Feb 16, 2026 · Feb 17, 2026 · Feb 17, 2026
@@ -0,0 +1,30 @@
+From df24df430af3532c24d8c47a430555fd9f3d890e Mon Sep 17 00:00:00 2001
+From: skondu363 <Srihariraghava_konduritirumala@comcast.com>
+Date: Thu, 5 Feb 2026 09:09:13 +0000
+Subject: [PATCH]
+Upstream-Status: Backport
+                 https://github.com/openssl/openssl/commit/0ddd6b6bcbdedbe2c8304af05771f8ab11939112
+CVE : CVE-2025-15467
+
+Signed-off-by: skondu363 <Srihariraghava_konduritirumala@comcast.com>
+---
+ crypto/evp/evp_lib.c | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
+index b918081..f833bbb 100644
+--- a/crypto/evp/evp_lib.c
++++ b/crypto/evp/evp_lib.c
+@@ -249,10 +249,9 @@ int evp_cipher_get_asn1_aead_params(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
+     if (type == NULL || asn1_params == NULL)
+         return 0;
+
+-    i = ossl_asn1_type_get_octetstring_int(type, &tl, NULL, EVP_MAX_IV_LENGTH);
+-    if (i <= 0)
++    i = ossl_asn1_type_get_octetstring_int(type, &tl, iv, EVP_MAX_IV_LENGTH);
++    if (i <= 0 || i > EVP_MAX_IV_LENGTH)
+         return -1;
+-    ossl_asn1_type_get_octetstring_int(type, &tl, iv, i);
+
+     memcpy(asn1_params->iv, iv, i);
+     asn1_params->iv_len = i;
@@ -37,6 +37,7 @@ LOGROTATE_ROTATION_MEM_sslendpoint="3"
 FILESEXTRAPATHS:prepend:="${THISDIR}/${PN}:"
 
 SRC_URI += " file://openssl-c_rehash.sh \
+             file://CVE-2025-15467_3.0.5_fix.patch \
            "
 
 PTEST_ENABLED = "${@bb.utils.contains('DISTRO_FEATURES', 'benchmark_enable', '1', '0', d)}"

@@ -0,0 +1,38 @@
+From 4333a6788d6b4f2ab22aa570e2d0f0ebcff07817 Mon Sep 17 00:00:00 2001
+From: skondu363 <Srihariraghava_konduritirumala@comcast.com>
+Date: Wed, 4 Feb 2026 06:25:25 +0000
+Subject: [PATCH]
+Upstream-Status: Backport
+         https://patchwork.yoctoproject.org/project/oe-core/patch/20250928221332.1308547-1-peter.marko@siemens.com/#31415
+CVE : CVE-2025-46394
+
+Signed-off-by: skondu363 <Srihariraghava_konduritirumala@comcast.com>
+---
+ archival/libarchive/header_list.c         | 2 +-
+ archival/libarchive/header_verbose_list.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/archival/libarchive/header_list.c b/archival/libarchive/header_list.c
+index 0621aa4..9490b36 100644
+--- a/archival/libarchive/header_list.c
++++ b/archival/libarchive/header_list.c
+@@ -8,5 +8,5 @@
+ void FAST_FUNC header_list(const file_header_t *file_header)
+ {
+ //TODO: cpio -vp DIR should output "DIR/NAME", not just "NAME" */
+-	puts(file_header->name);
++	puts(printable_string(file_header->name));
+ }
+diff --git a/archival/libarchive/header_verbose_list.c b/archival/libarchive/header_verbose_list.c
+index a575a08..baedf75 100644
+--- a/archival/libarchive/header_verbose_list.c
++++ b/archival/libarchive/header_verbose_list.c
+@@ -40,7 +40,7 @@ void FAST_FUNC header_verbose_list(const file_header_t *file_header)
+ 		ptm->tm_hour,
+ 		ptm->tm_min,
+ 		ptm->tm_sec,
+-		file_header->name);
++                printable_string(file_header->name));
-+                printable_string(file_header->name));
+		printable_string(file_header->name));
-+                printable_string(file_header->name));
+		printable_string(file_header->name));
+
+ #else /* !FEATURE_TAR_UNAME_GNAME */
+
@@ -0,0 +1,4 @@
+FILESEXTRAPATHS:prepend := "${THISDIR}/${BPN}:"
+
+SRC_URI += " file://CVE-2025-46394_1.35_fix.patch \
+           "
@@ -0,0 +1,29 @@
+From df1c6f3b0dcadc33eadbdff9213b255aa178d8c2 Mon Sep 17 00:00:00 2001
+From: skondu363 <Srihariraghava_konduritirumala@comcast.com>
+Date: Wed, 4 Feb 2026 07:39:46 +0000
+Subject: [PATCH]
+Upstream-Status: Backport
+         https://gitlab.gnome.org/GNOME/glib/-/commit/25833cefda24c60af913d6f2d532b5afd608b821
+CVE : CVE-2024-52533
+
+Signed-off-by: skondu363 <Srihariraghava_konduritirumala@comcast.com>
+---
+ gio/gsocks4aproxy.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/gio/gsocks4aproxy.c b/gio/gsocks4aproxy.c
+index 3dad118..b3146d0 100644
+--- a/gio/gsocks4aproxy.c
++++ b/gio/gsocks4aproxy.c
+@@ -79,9 +79,9 @@ g_socks4a_proxy_init (GSocks4aProxy *proxy)
+  * +----+----+----+----+----+----+----+----+----+----+....+----+------+....+------+
+  * | VN | CD | DSTPORT |      DSTIP        | USERID       |NULL| HOST |    | NULL |
+  * +----+----+----+----+----+----+----+----+----+----+....+----+------+....+------+
+- *    1    1      2              4           variable       1    variable
++ *    1    1      2              4           variable       1    variable    1
+  */
+-#define SOCKS4_CONN_MSG_LEN	    (9 + SOCKS4_MAX_LEN * 2)
++#define SOCKS4_CONN_MSG_LEN	    (10 + SOCKS4_MAX_LEN * 2)
+ static gint
+ set_connect_msg (guint8      *msg,
+ 		 const gchar *hostname,
@@ -0,0 +1,44 @@
+From 5c1c14f220c7f431cb451f9f5174a2386e398a27 Mon Sep 17 00:00:00 2001
+From: skondu363 <Srihariraghava_konduritirumala@comcast.com>
+Date: Wed, 4 Feb 2026 08:09:29 +0000
+Subject: [PATCH]
+Upstream-Status: Backport 
+        https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4570/diffs.patch
+CVE : CVE-2025-4056
+
+Signed-off-by: skondu363 <Srihariraghava_konduritirumala@comcast.com>
+---
+ glib/gspawn-win32-helper.c | 4 ++--
+ glib/gspawn-win32.c        | 4 ++--
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/glib/gspawn-win32-helper.c b/glib/gspawn-win32-helper.c
+index 72b49ba..dddd9d8 100644
+--- a/glib/gspawn-win32-helper.c
++++ b/glib/gspawn-win32-helper.c
+@@ -94,8 +94,8 @@ protect_wargv (gint       argc,
+     {
+       wchar_t *p = wargv[i];
+       wchar_t *q;
+-      gint len = 0;
+-      gint pre_bslash = 0;
++      size_t len = 0;
++      size_t pre_bslash = 0;
+       gboolean need_dblquotes = FALSE;
+       while (*p)
+ 	{
+diff --git a/glib/gspawn-win32.c b/glib/gspawn-win32.c
+index 7fa5e26..e4b402f 100644
+--- a/glib/gspawn-win32.c
++++ b/glib/gspawn-win32.c
+@@ -174,8 +174,8 @@ protect_argv_string (const gchar *string)
+ {
+   const gchar *p = string;
+   gchar *retval, *q;
+-  gint len = 0;
+-  gint pre_bslash = 0;
++  size_t len = 0;
++  size_t pre_bslash = 0;
+   gboolean need_dblquotes = FALSE;
+   while (*p)
+     {
@@ -10,5 +10,7 @@ RDEPENDS:${PN}-utils += "libelf"
 SRC_URI:append = " \
            file://0001-Fix-passing-NULL-to-g_task_get_cancellable.patch \
            file://0001-RDKTV-35445-Fix-localhost-DNS-resolution.patch \
+           file://CVE-2024-52533_2.74_fix.patch \
+           file://CVE-2025-4056_2.74_fix.patch \
            "
 
@@ -0,0 +1,54 @@
+From fb535342c9cd0ba411c4c65e4e8147f77dfe804c Mon Sep 17 00:00:00 2001
+From: skondu363 <Srihariraghava_konduritirumala@comcast.com>
+Date: Thu, 5 Feb 2026 08:40:28 +0000
+Subject: [PATCH]
+Upstream-Status: Backport
+         https://gitlab.gnome.org/GNOME/libxml2/-/commit/8c8753ad5280ee13aee5eec9b0f6eee2ed920f57.patch
+CVE : CVE-2025-24928
+
+Signed-off-by: skondu363 <Srihariraghava_konduritirumala@comcast.com>
+---
+ valid.c | 22 +++++++++++-----------
+ 1 file changed, 11 insertions(+), 11 deletions(-)
+
+diff --git a/valid.c b/valid.c
+index ed3c850..c69093f 100644
+--- a/valid.c
++++ b/valid.c
+@@ -5259,25 +5259,25 @@ xmlSnprintfElements(char *buf, int size, xmlNodePtr node, int glob) {
+ 	    return;
+ 	}
+         switch (cur->type) {
+-            case XML_ELEMENT_NODE:
++            case XML_ELEMENT_NODE: {
++                int qnameLen = xmlStrlen(cur->name);
++
++		if ((cur->ns != NULL) && (cur->ns->prefix != NULL))
++                     qnameLen += xmlStrlen(cur->ns->prefix) + 1;
++                if (size - len < qnameLen + 10) {
++                    if ((size - len > 4) && (buf[len - 1] != '.'))
++                        strcat(buf, " ...");
++		    return;
++		}
+ 		if ((cur->ns != NULL) && (cur->ns->prefix != NULL)) {
- 		if ((cur->ns != NULL) && (cur->ns->prefix != NULL)) {
+		if ((cur->ns != NULL) && (cur->ns->prefix != NULL)) {
- 		if ((cur->ns != NULL) && (cur->ns->prefix != NULL)) {
+		if ((cur->ns != NULL) && (cur->ns->prefix != NULL)) {
+-		    if (size - len < xmlStrlen(cur->ns->prefix) + 10) {
+-			if ((size - len > 4) && (buf[len - 1] != '.'))
+-			    strcat(buf, " ...");
+-			return;
+-		    }
+ 		    strcat(buf, (char *) cur->ns->prefix);
+ 		    strcat(buf, ":");
+ 		}
+-                if (size - len < xmlStrlen(cur->name) + 10) {
+-		    if ((size - len > 4) && (buf[len - 1] != '.'))
+-			strcat(buf, " ...");
+-		    return;
+-		}
+ 	        strcat(buf, (char *) cur->name);
+ 		if (cur->next != NULL)
+ 		    strcat(buf, " ");
+ 		break;
++            }
+             case XML_TEXT_NODE:
+ 		if (xmlIsBlankNode(cur))
+ 		    break;
@@ -0,0 +1,47 @@
+From a0ed04217e2dcdcd617c8f8a8be0819460f490c6 Mon Sep 17 00:00:00 2001
+From: skondu363 <Srihariraghava_konduritirumala@comcast.com>
+Date: Thu, 5 Feb 2026 08:04:17 +0000
+Subject: [PATCH]
+Upstream-Status: Backport
+     https://gitlab.gnome.org/GNOME/libxml2/-/commit/ad346c9a249c4b380bf73c460ad3e81135c5d781
+ CVE : CVE-2025-6021
+
+Signed-off-by: skondu363 <Srihariraghava_konduritirumala@comcast.com>
+---
+ tree.c | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/tree.c b/tree.c
+index f837932..3cc026d 100644
+--- a/tree.c
++++ b/tree.c
+@@ -21,6 +21,7 @@
+ #include <string.h> /* for memset() only ! */
+ #include <stddef.h>
+ #include <limits.h>
++#include <stdint.h>
+ #ifdef HAVE_CTYPE_H
+ #include <ctype.h>
+ #endif
+@@ -222,16 +223,18 @@ xmlGetParameterEntityFromDtd(const xmlDtd *dtd, const xmlChar *name) {
+ xmlChar *
+ xmlBuildQName(const xmlChar *ncname, const xmlChar *prefix,
+ 	      xmlChar *memory, int len) {
+-    int lenn, lenp;
++    size_t lenn, lenp;
+     xmlChar *ret;
+
+-    if (ncname == NULL) return(NULL);
++    if ((ncname == NULL) || (len < 0)) return(NULL);
+     if (prefix == NULL) return((xmlChar *) ncname);
+
+     lenn = strlen((char *) ncname);
+     lenp = strlen((char *) prefix);
++    if (lenn >= SIZE_MAX - lenp - 1)
++	return(NULL);
+
+-    if ((memory == NULL) || (len < lenn + lenp + 2)) {
++    if ((memory == NULL) || ((size_t)len < lenn + lenp + 2)) {
+ 	ret = (xmlChar *) xmlMallocAtomic(lenn + lenp + 2);
+ 	if (ret == NULL) {
+ 	    xmlTreeErrMemory("building QName");
@@ -0,0 +1,110 @@
+From 8b45761e6ea0bb7eeb466d8597207655310fec33 Mon Sep 17 00:00:00 2001
+From: skondu363 <Srihariraghava_konduritirumala@comcast.com>
+Date: Wed, 4 Feb 2026 08:40:29 +0000
+Subject: [PATCH]
+Upstream-Status: Backport
+         https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21
+CVE : CVE-2025-9714
+
+Signed-off-by: skondu363 <Srihariraghava_konduritirumala@comcast.com>
+---
+ xpath.c | 23 +++++++++++++++++------
+ 1 file changed, 17 insertions(+), 6 deletions(-)
+
+diff --git a/xpath.c b/xpath.c
+index c2d8458..028471d 100644
+--- a/xpath.c
++++ b/xpath.c
+@@ -13883,12 +13883,11 @@ static int
+ xmlXPathRunEval(xmlXPathParserContextPtr ctxt, int toBool)
+ {
+     xmlXPathCompExprPtr comp;
++    int oldDepth;
+
+     if ((ctxt == NULL) || (ctxt->comp == NULL))
+ 	return(-1);
+
+-    ctxt->context->depth = 0;
+-
+     if (ctxt->valueTab == NULL) {
+ 	/* Allocate the value stack */
+ 	ctxt->valueTab = (xmlXPathObjectPtr *)
+@@ -13942,11 +13941,13 @@ xmlXPathRunEval(xmlXPathParserContextPtr ctxt, int toBool)
+ 	    "xmlXPathRunEval: last is less than zero\n");
+ 	return(-1);
+     }
++    oldDepth = ctxt->context->depth;
+     if (toBool)
+ 	return(xmlXPathCompOpEvalToBoolean(ctxt,
+ 	    &comp->steps[comp->last], 0));
+     else
+ 	xmlXPathCompOpEval(ctxt, &comp->steps[comp->last]);
++    ctxt->context->depth = oldDepth;
+
+     return(0);
+ }
+@@ -14217,6 +14218,7 @@ xmlXPathCompExprPtr
+ xmlXPathCtxtCompile(xmlXPathContextPtr ctxt, const xmlChar *str) {
+     xmlXPathParserContextPtr pctxt;
+     xmlXPathCompExprPtr comp;
++    int oldDepth = 0;
+
+ #ifdef XPATH_STREAMING
+     comp = xmlXPathTryStreamCompile(ctxt, str);
+@@ -14230,8 +14232,10 @@ xmlXPathCtxtCompile(xmlXPathContextPtr ctxt, const xmlChar *str) {
+     if (pctxt == NULL)
+         return NULL;
+     if (ctxt != NULL)
+-        ctxt->depth = 0;
++        oldDepth = ctxt->depth;
+     xmlXPathCompileExpr(pctxt, 1);
++    if (ctxt != NULL)
++        ctxt->depth = oldDepth;
+
+     if( pctxt->error != XPATH_EXPRESSION_OK )
+     {
+@@ -14252,8 +14256,10 @@ xmlXPathCtxtCompile(xmlXPathContextPtr ctxt, const xmlChar *str) {
+ 	comp = pctxt->comp;
+ 	if ((comp->nbStep > 1) && (comp->last >= 0)) {
+             if (ctxt != NULL)
+-                ctxt->depth = 0;
++                oldDepth = ctxt->depth;
+ 	    xmlXPathOptimizeExpression(pctxt, &comp->steps[comp->last]);
++            if (ctxt != NULL)
++                ctxt->depth = oldDepth;
+ 	}
+ 	pctxt->comp = NULL;
+     }
+@@ -14409,6 +14415,7 @@ xmlXPathEvalExpr(xmlXPathParserContextPtr ctxt) {
+ #ifdef XPATH_STREAMING
+     xmlXPathCompExprPtr comp;
+ #endif
++    int oldDepth = 0;
+
+     if (ctxt == NULL) return;
+
+@@ -14422,8 +14429,10 @@ xmlXPathEvalExpr(xmlXPathParserContextPtr ctxt) {
+ #endif
+     {
+         if (ctxt->context != NULL)
+-            ctxt->context->depth = 0;
++            oldDepth = ctxt->context->depth;
+ 	xmlXPathCompileExpr(ctxt, 1);
++        if (ctxt->context != NULL)
++            ctxt->context->depth = oldDepth;
+         CHECK_ERROR;
+
+         /* Check for trailing characters. */
+@@ -14432,9 +14441,11 @@ xmlXPathEvalExpr(xmlXPathParserContextPtr ctxt) {
+
+ 	if ((ctxt->comp->nbStep > 1) && (ctxt->comp->last >= 0)) {
+             if (ctxt->context != NULL)
+-                ctxt->context->depth = 0;
++                oldDepth = ctxt->context->depth;
+ 	    xmlXPathOptimizeExpression(ctxt,
+ 		&ctxt->comp->steps[ctxt->comp->last]);
++            if (ctxt->context != NULL)
++                ctxt->context->depth = oldDepth;
+         }
+     }
+
@@ -1,4 +1,7 @@
 FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"
 
 SRC_URI:append = " file://CVE-2025-27113_2.9.14_fix.patch \
+                   file://CVE-2025-9714_2.9.14_fix.patch \
+                   file://CVE-2025-6021_2.9.14_fix.patch \
+                   file://CVE-2025-24928_2.9.14_fix.patch \
                  "
@@ -0,0 +1,4 @@
+FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
+
+
-
-
+SRC_URI:append = " file://CVE-2025-57052_1.7.15_fix.patch"