gnuplot: fix CVE-2025-31176

CVE-2025-31176: A flaw was found in gnuplot. The plot3d_points() function may lead to a segmentation fault and cause a system crash. Reference: [https://nvd.nist.gov/vuln/detail/CVE-2025-31176] Upstream patches: [https://sourceforge.net/p/gnuplot/gnuplot-main/ci/b456a3ef618f55a20b3071d336cb20514274f1d4/] Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
2026-06-14 17:59:59 +00:00 · 2025-09-02 15:44:27 +08:00
parent 9d3537ef42
commit a3826c4999
2 changed files with 87 additions and 0 deletions
@@ -16,6 +16,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}/${PV}/${BP}.tar.gz;name=a
           file://gnuplot.desktop \
           file://gnuplot.png \
           file://CVE-2025-3359.patch \
+           file://CVE-2025-31176.patch \
           "
 SRC_URI:append:class-target = " \
    file://0002-do-not-build-demos.patch \