git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit

binutils: set status for CVE-2025-7545 and CVE-2025-7546

The patches linked in NVD reports are present in binutils-2_45-branch.
Technically the NVD is wrong (=2.45 should be <2.45), but fixing it in
the recipe is not problematic as all cpe-stable-backport will be
automatically removed in next upgrade so will not be "kept forever".

CVE-2025-7545
* https://nvd.nist.gov/vuln/detail/CVE-2025-7545
* https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944

CVE-2025-7546
* https://nvd.nist.gov/vuln/detail/CVE-2025-7546
* https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=41461010eb7c79fee7a9d5f6209accdaac66cc6b

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

author	Peter Marko <peter.marko@siemens.com>
	Sun, 24 Aug 2025 11:51:26 +0000 (13:51 +0200)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Thu, 28 Aug 2025 08:49:38 +0000 (09:49 +0100)
commit	0fb876e247faea84dfa8fd302b80cb7afdc575d9
tree	8aa47956b7dd135a57edec68ec08fb1775a731f9	tree \| snapshot
parent	46c24b67d4e9d28e7216a7394090d807cf879fa7	commit \| diff