From: Peter Marko Date: Tue, 29 Jul 2025 21:45:52 +0000 (+0200) Subject: glibc: fix CVE-2025-8058 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c2b63f171719e2b1c12ba049cbe776adf9e0244b;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git glibc: fix CVE-2025-8058 This is a single commit bump containing only CVE fix $ git log --oneline cff1042cceec3502269947e96cf7023451af22f3..b027d5b145f1b2908f370bdb96dfe40180d0fcb6 b027d5b145 posix: Fix double-free after allocation failure in regcomp (bug 33185) Test results didn't change except newly added test succeeding. (tst-regcomp-bracket-free) Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc index 6ee9fc7a0b..89e532fd67 100644 --- a/meta/recipes-core/glibc/glibc-version.inc +++ b/meta/recipes-core/glibc/glibc-version.inc @@ -1,6 +1,6 @@ SRCBRANCH ?= "release/2.39/master" PV = "2.39+git" -SRCREV_glibc ?= "cff1042cceec3502269947e96cf7023451af22f3" +SRCREV_glibc ?= "b027d5b145f1b2908f370bdb96dfe40180d0fcb6" SRCREV_localedef ?= "fab74f31b3811df543e24b6de47efdf45b538abc" GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https" diff --git a/meta/recipes-core/glibc/glibc_2.39.bb b/meta/recipes-core/glibc/glibc_2.39.bb index c87eb76f41..ff6c8f3b43 100644 --- a/meta/recipes-core/glibc/glibc_2.39.bb +++ b/meta/recipes-core/glibc/glibc_2.39.bb @@ -18,7 +18,7 @@ easier access for another. 'ASLR bypass itself is not a vulnerability.'" CVE_STATUS_GROUPS += "CVE_STATUS_STABLE_BACKPORTS" CVE_STATUS_STABLE_BACKPORTS = "CVE-2024-2961 CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602 CVE-2025-0395 \ - CVE-2025-4802 CVE-2025-5702" + CVE-2025-4802 CVE-2025-5702 CVE-2025-8058" CVE_STATUS_STABLE_BACKPORTS[status] = "cpe-stable-backport: fix available in used git hash" DEPENDS += "gperf-native bison-native"