]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e76e1cb) | patch
wpa-supplicant: patch CVE-2025-24912
authorPeter Marko <peter.marko@siemens.com>
Sat, 1 Nov 2025 21:04:15 +0000 (22:04 +0100)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Mon, 3 Nov 2025 17:39:51 +0000 (17:39 +0000)
commit2eed0deab456df4ef8876afe0710c9c89b41d45f
treee9e241024632c54685b9d8d0c7dc1758871ff488tree | snapshot
parente76e1cb7d1c109455ad6cf64244549966b93008ecommit | diff
wpa-supplicant: patch CVE-2025-24912

Pick patches as listed in NVD CVE report.

Note that Debian lists one of the patches as introducing the
vulnerability. This is against what the original report [1] says.
Also the commit messages provide hints that the first patch fixes this
issue and second is fixing problem with the first patch.

[1] https://jvn.jp/en/jp/JVN19358384/

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2025-24912-01.patch [new file with mode: 0644] blob
meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2025-24912-02.patch [new file with mode: 0644] blob
meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.11.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib