mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity

gnuplot: fix CVE-2025-3359

Browse Source 
CVE-2025-3359:
A flaw was found in GNUPlot. A segmentation fault via IO_str_init_static_internal
may jeopardize the environment.

Reference:
[https://nvd.nist.gov/vuln/detail/CVE-2025-3359]

Upstream patches:
[https://sourceforge.net/p/gnuplot/gnuplot-main/ci/a5897feadc4be73b0ffd8458556c47117bd24d03/]

Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
This commit is contained in:
Zhang Peng
2025-09-02 15:44:26 +08:00
committed by Anuj Mittal
parent a8fdc03123
commit 9d3537ef42
2 changed files with 68 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-oe/recipes-extended/gnuplot/gnuplot_5.4.3.bb
+1
View File
@@ -15,6 +15,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}/${PV}/${BP}.tar.gz;name=a
http://www.mneuroth.de/privat/zaurus/qtplot-0.2.tar.gz;name=qtplot \
file://gnuplot.desktop \
file://gnuplot.png \
file://CVE-2025-3359.patch \
"
SRC_URI:append:class-target = " \
file://0002-do-not-build-demos.patch \