[dunfell,02/11] binutils: Mark CVE-2022-47696 as patched

Message ID	a2af1a2b05e3046995f48e4d823c9dfc97b95529.1701870718.git.steve@sakoman.com
State	Accepted, archived
Commit	a2af1a2b05e3046995f48e4d823c9dfc97b95529
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.210.174, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 02/11] binutils: Mark CVE-2022-47696 as patched Date: Wed, 6 Dec 2023 03:55:45 -1000 Message-Id: <a2af1a2b05e3046995f48e4d823c9dfc97b95529.1701870718.git.steve@sakoman.com> In-Reply-To: <cover.1701870718.git.steve@sakoman.com> References: <cover.1701870718.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[dunfell,01/11] binutils 2.34: Fix CVE-2021-46174 \| expand [dunfell,01/11] binutils 2.34: Fix CVE-2021-46174 [dunfell,02/11] binutils: Mark CVE-2022-47696 as patched [dunfell,03/11] mdadm: Backport fix for CVE-2023-28938 [dunfell,04/11] libsndfile: fix CVE-2022-33065 Signed integer overflow in src/mat4.c [dunfell,05/11] epiphany: fix CVE-2022-29536 [dunfell,06/11] qemu: ignore CVE-2021-20295 CVE-2023-2680 [dunfell,07/11] vim: upgrade 9.0.2068 -> 9.0.2130 [dunfell,08/11] linux-yocto/5.4: update to v5.4.258 [dunfell,09/11] linux-yocto/5.4: update to v5.4.260 [dunfell,10/11] linux-yocto/5.4: update to v5.4.262 [dunfell,11/11] cve-exclusion_5.4.inc: update for 5.4.262

Message ID

a2af1a2b05e3046995f48e4d823c9dfc97b95529.1701870718.git.steve@sakoman.com

State

Accepted, archived

Commit

a2af1a2b05e3046995f48e4d823c9dfc97b95529

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 02/11] binutils: Mark CVE-2022-47696 as patched
Date: Wed,  6 Dec 2023 03:55:45 -1000
Message-Id: 
 <a2af1a2b05e3046995f48e4d823c9dfc97b95529.1701870718.git.steve@sakoman.com>
In-Reply-To: <cover.1701870718.git.steve@sakoman.com>
References: <cover.1701870718.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[dunfell,01/11] binutils 2.34: Fix CVE-2021-46174 | expand

Commit Message

Steve Sakoman Dec. 6, 2023, 1:55 p.m. UTC

From: poojitha adireddy <pooadire@cisco.com>

CVE-2022-47696 and CVE-2023-25588 are representing similar kind
of vulnerability.

Reference:
https://ubuntu.com/security/CVE-2022-47696
https://sourceware.org/bugzilla/show_bug.cgi?id=29677

Signed-off-by: poojitha adireddy <pooadire@cisco.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/binutils/binutils/CVE-2023-25588.patch | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2023-25588.patch b/meta/recipes-devtools/binutils/binutils/CVE-2023-25588.patch
index 065d8e47f0..aa5ce5f3ff 100644
--- a/meta/recipes-devtools/binutils/binutils/CVE-2023-25588.patch
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2023-25588.patch
@@ -13,7 +13,10 @@  anyway, so get rid of them.  Also, simplify and correct sanity checks.
 ---
 Upstream-Status: Backport from [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=d12f8998d2d086f0a6606589e5aedb7147e6f2f1]
 CVE: CVE-2023-25588
+CVE: CVE-2022-47696
+
 Signed-off-by: Ashish Sharma <asharma@mvista.com>
+Signed-off-by: poojitha adireddy <pooadire@cisco.com>
 
  bfd/mach-o.c | 72 ++++++++++++++++++++++------------------------------
  1 file changed, 31 insertions(+), 41 deletions(-)

[dunfell,02/11] binutils: Mark CVE-2022-47696 as patched

Commit Message

Patch