From 0fb876e247faea84dfa8fd302b80cb7afdc575d9 Mon Sep 17 00:00:00 2001 From: Peter Marko Date: Sun, 24 Aug 2025 13:51:26 +0200 Subject: [PATCH] binutils: set status for CVE-2025-7545 and CVE-2025-7546 The patches linked in NVD reports are present in binutils-2_45-branch. Technically the NVD is wrong (=2.45 should be <2.45), but fixing it in the recipe is not problematic as all cpe-stable-backport will be automatically removed in next upgrade so will not be "kept forever". CVE-2025-7545 * https://nvd.nist.gov/vuln/detail/CVE-2025-7545 * https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944 CVE-2025-7546 * https://nvd.nist.gov/vuln/detail/CVE-2025-7546 * https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=41461010eb7c79fee7a9d5f6209accdaac66cc6b Signed-off-by: Peter Marko Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie --- meta/recipes-devtools/binutils/binutils-2.45.inc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-devtools/binutils/binutils-2.45.inc b/meta/recipes-devtools/binutils/binutils-2.45.inc index 00bb181172c..c69b4298c81 100644 --- a/meta/recipes-devtools/binutils/binutils-2.45.inc +++ b/meta/recipes-devtools/binutils/binutils-2.45.inc @@ -18,6 +18,9 @@ SRCBRANCH ?= "binutils-2_45-branch" UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P\d+_(\d_?)*)" +CVE_STATUS[CVE-2025-7545] = "cpe-stable-backport: fix available in used git hash" +CVE_STATUS[CVE-2025-7546] = "cpe-stable-backport: fix available in used git hash" + SRCREV ?= "2bc7af1ff7732451b6a7b09462a815c3284f9613" BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${SRCBRANCH};protocol=https" SRC_URI = "\ -- 2.47.3