mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-13 17:39:57 +00:00
Shaik Moin
4aea1a32d6
Backport the fix for CVE-2025-62594 Changes are made with 7.0.10 version code and only required and compatible code is taken into patch. image-private.h:- Integrated only the essential and compatible updates from the 7.0.10 upstream patch. Specifically, the changes related to the Macro's and CastDoubleToPtrdiffT were adopted, as these updates are directly tied to the vulnerability fix. The remaining modifications in this file were excluded because they do not affect the execution paths relevant to our codebase. composite.c:- This file was intentionally left unchanged. The upstream patch contains only a formatting update (a trailing space adjustment) with no functional relevance or security impact, so the change was not included in our patch. enhance.c:- All functional hunks from the upstream vulnerability fix were applied. These modifications directly contribute to addressing the CVE by strengthening bounds handling and improving input validation in the enhancement routines. Signed-off-by: Shaik Moin <careers.myinfo@gmail.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
meta-oe ======= This layer depends on: URI: git://github.com/openembedded/openembedded-core.git branch: kirkstone luajit recipe requires host compiler to be able to generate 32bit code when target is 32bit e.g. arm, so ensure that $CC -m32 is functional on build host, if building this recipe, needed packages to fullfit this might have different names on different host distributions e.g. on archlinux based distributions install prerequisites like below pacman -S lib32-gcc-libs lib32-glibc Ubuntu sudo apt-get install gcc-multilib linux-libc-dev:i386 Send pull requests to openembedded-devel@lists.openembedded.org with '[meta-oe][kirkstone]' in the subject' When sending single patches, please use something like: 'git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix="meta-oe][kirkstone][PATCH"' You are encouraged to fork the mirror on GitHub https://github.com/openembedded/meta-openembedded to share your patches, this is preferred for patch sets consisting of more than one patch. Other services like GitLab, repo.or.cz or self-hosted setups are of course accepted as well, 'git fetch <remote>' works the same on all of them. We recommend GitHub because it is free, easy to use, has been proven to be reliable and has a really good web GUI. Layer maintainer: Gyorgy Sarvari <skandigraun@gmail.com> Layer maintainer emeritus: Armin Kuster <akuster808@gmail.com>