yasm: fix CVE-2024-22653

yasm commit 9defefae was discovered to contain a NULL pointer
dereference via the yasm_section_bcs_append function at section.c.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-22653

Upstream-patch:
https://github.com/yasm/yasm/commit/121ab150b3577b666c79a79f4a511798d7ad2432

Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
This commit is contained in:
Praveen Kumar
2025-10-15 17:29:42 +05:30
committed by Anuj Mittal
parent 5be19f09df
commit ed71c716fa
2 changed files with 33 additions and 0 deletions
@@ -16,6 +16,7 @@ SRC_URI = "git://github.com/yasm/yasm.git;branch=master;protocol=https \
file://CVE-2023-37732.patch \
file://0001-yasm-Set-build-date-to-SOURCE_DATE_EPOCH.patch \
file://0002-yasm-Use-BUILD_DATE-for-reproducibility.patch \
file://CVE-2024-22653.patch \
"
S = "${WORKDIR}/git"