From: Daniel Turull <daniel.turull@ericsson.com>
Date: Wed, 17 Dec 2025 09:22:24 +0000 (+0100)
Subject: cmake-native: fix CVE-2025-9301
X-Git-Tag: 2024-04.15-scarthgap~18
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=24f831be7d99d5ea3fe304b9aa2d82e7e2d4a5fa;p=thirdparty%2Fopenembedded%2Fopenembedded-core.git

cmake-native: fix CVE-2025-9301

Add fix for native recipe, since previous commit for cmake missed it.
5d8a6fb52c cmake: fix CVE-2025-9301

CC: Saravanan <saravanan.kadambathursubramaniyam@windriver.com>
CC: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---

diff --git a/meta/recipes-devtools/cmake/cmake-native_3.28.3.bb b/meta/recipes-devtools/cmake/cmake-native_3.28.3.bb
index 376da3254b..7b250752d8 100644
--- a/meta/recipes-devtools/cmake/cmake-native_3.28.3.bb
+++ b/meta/recipes-devtools/cmake/cmake-native_3.28.3.bb
@@ -7,6 +7,7 @@ SRC_URI += "file://OEToolchainConfig.cmake \
             file://environment.d-cmake.sh \
             file://0005-Disable-use-of-ext2fs-ext2_fs.h-by-cmake-s-internal-.patch \
             file://0001-CMakeLists.txt-disable-USE_NGHTTP2.patch \
+            file://CVE-2025-9301.patch \
             "
 
 LICENSE:append = " & BSD-1-Clause & MIT & BSD-2-Clause & curl"