]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commitdiff
projects / thirdparty / openembedded / openembedded-core-contrib.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a0ffc4e)
binutils: mark CVE-2025-1153 as fixed
authorPeter Marko <peter.marko@siemens.com>
Tue, 20 May 2025 20:20:32 +0000 (22:20 +0200)
committerSteve Sakoman <steve@sakoman.com>
Tue, 27 May 2025 16:58:23 +0000 (09:58 -0700)
We had this CVE patched but the patch was removed with last 2.44 branch
updates as it is now included.
Since there is no new version which could be set in NVD DB, this needs
to be explicitly handled.

(From OE-Core rev: 32f18145dee54f61203506daef339cd132908287)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-devtools/binutils/binutils-2.44.inc patch | blob | blame | history

diff --git a/meta/recipes-devtools/binutils/binutils-2.44.inc b/meta/recipes-devtools/binutils/binutils-2.44.inc
index 41071fada14a792c6fcde1a2c5563c096c47ec54..28100abbe98d8658e36fb2790464d404569ea58d 100644 (file)
--- a/meta/recipes-devtools/binutils/binutils-2.44.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.44.inc
@@ -18,6 +18,8 @@ SRCBRANCH ?= "binutils-2_44-branch"
 
 UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P<pver>\d+_(\d_?)*)"
 
+CVE_STATUS[CVE-2025-1153] = "cpe-stable-backport: fix available in used git hash"
+
 SRCREV ?= "819d713b6340ed3657e00ad0bc8d5f2b73094a0f"
 BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${SRCBRANCH};protocol=https"
 SRC_URI = "\
Mirror of git://git.openembedded.org/openembedded-core-contrib