git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit

author	Peter Marko <peter.marko@siemens.com>
	Sun, 2 Nov 2025 11:59:03 +0000 (12:59 +0100)
committer	Steve Sakoman <steve@sakoman.com>
	Mon, 3 Nov 2025 17:18:14 +0000 (09:18 -0800)
commit	8d1a830c713a299f67fc512ed8bc0be21be4b9f0
tree	a5b0cab2c49718142b27adc88414ae0d727bf59a	tree \| snapshot
parent	9130f3471f4814979cfdfa66ca118929f240cb30	commit \| diff

binutils: patch CVE-2025-11413

Pick commit per NVD CVE report.

Note that there were two patches for this, first [1] and then [2].
The second patch moved the original patch to different location.
Cherry-pick of second patch is successful leaving out the code removing
the code from first location, so the patch attached here is not
identical to the upstream commit but is identical to applying both and
merging them to a single patch.

[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=1108620d7a521f1c85d2f629031ce0fbae14e331
[2] https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=72efdf166aa0ed72ecc69fc2349af6591a7a19c0

(From OE-Core rev: 98df728e6136d04af0f4922b7ffbeffb704de395)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

meta/recipes-devtools/binutils/binutils-2.38.inc		diff \| blob \| blame \| history
meta/recipes-devtools/binutils/binutils/CVE-2025-11413.patch	[new file with mode: 0644]	blob