11094 Commits

Author SHA1 Message Date
Emil Kronborg Andersen
f642e61588 snappy: add CVE_PRODUCT
If CVE_PRODUCT is not explicitly set to google:snappy, CVEs are
found for https://github.com/KnpLabs/snappy instead.

Signed-off-by: Emil Kronborg Andersen <emkan@prevas.dk>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b888130e957eb4fe9d69fd70f3b3778ba980b728)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-25 15:09:15 +01:00
Gyorgy Sarvari
9af2a4a468 dbus-broker: patch CVE-2022-31212
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-31212

A detailed writeup[1] is referenced by the nvd report, which
describes that the vulnerability itself is not in the application,
rather in a dependency of it, in c-shutil, which is pulled in as
a submodule.

Pick the patch from this submodule that fixes a stack overflow, and
adds a test explictly verifying the described vulnerability.

[1]: https://sec-consult.com/vulnerability-lab/advisory/memory-corruption-vulnerabilities-dbus-broker/

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-25 13:57:04 +01:00
Gyorgy Sarvari
5b7d15db18 cups-filters: patch CVE-2023-24805
Details: https://nvd.nist.gov/vuln/detail/CVE-2023-24805

Pick the patch referenced by the nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-25 13:57:02 +01:00
Gyorgy Sarvari
c590e88d19 cups-filters: patch CVE-2025-64524
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-64524

Pick the patch referenced by the nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-25 13:57:02 +01:00
Gyorgy Sarvari
16f6b4287c cups-filters: patch CVE-2025-57812
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-57812

Backport the patch that is referenced by te nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-25 13:57:01 +01:00
Gyorgy Sarvari
4da4c6547c redis: ignore CVE-2025-46686
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-46686

Upstream disputes that it is a security violation, and says that
implementing a mitigation for this would negatively affect the rest
of the application, so they elected to ignore it.

See Github advisory about the same vulnerability:
https://github.com/redis/redis/security/advisories/GHSA-2r7g-8hpc-rpq9

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-25 13:57:00 +01:00
Gyorgy Sarvari
ef7ac09d7a nanopb: patch CVE-2024-53984
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-53984

Pick the patch referenced by the nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-25 13:56:59 +01:00
Gyorgy Sarvari
12807d9007 zabbix: patch CVE-2025-49643
The actual patch was identified by checking the file that was modified
in the tag 6.0.42, and also by looking at the Jira item referenced by it:
the patch references DEV-4466, the same ID that is referenced in the
Jira ticket[1] referenced by the NVD report (look in the "All Activity" tab).

[1]: https://support.zabbix.com/browse/ZBX-27284

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-25 10:17:02 +01:00
Gyorgy Sarvari
68bc6d3bbe imagemagick: patch CVE-2025-62171
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-62171

Pick the patch that's mentioned in the nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-25 10:17:02 +01:00
Gyorgy Sarvari
339ac6d59c imagemagick: patch CVE-2025-65955
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-65955

Pick the patch referenced by the NVD report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-25 10:17:02 +01:00
Gyorgy Sarvari
4eae56f5d0 imagemagick: patch CVE-2022-1115
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-1115

Pick the patch referenced in the NVD report.
Tested successfully against the PoC described in the related Github issue[1].

[1]: https://github.com/ImageMagick/ImageMagick/issues/4974

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-25 10:17:02 +01:00
Hitendra Prajapati
4ac316bf47 krb5: fix for CVE-2024-3596
Upstream-Status: Backport from 871125fea8

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-25 10:17:01 +01:00
Gyorgy Sarvari
d2894888c9 nodejs: fix CVE_PRODUCT
The CVE_PRODUCT is set with a weak default assignment in the cve-check.bbclass,
which means that when the recipe uses +=, it overrides the original weak adefault
value instead of appending to it.

Set all applicable values in CVE_PRODUCT variable explicitly.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-22 20:56:37 +01:00
Gyorgy Sarvari
94f3cecaae postgresql: upgrade 14.19 -> 14.20
Beside other bugfixes, it contains fixes for CVE-2025-12817 and CVE-2025-12818.

Release notes: https://www.postgresql.org/docs/release/14.20/

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-17 15:37:58 +01:00
Gyorgy Sarvari
74491cf152 botan: patch CVE-2024-34702
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-34702

The same patch fixes both CVE-2024-39312 and CVE-2024-34702, according
to the release notes[1] of the final 2.9.x release.

[1]: https://github.com/randombit/botan/blob/2.19.5/news.rst

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-16 08:43:03 +01:00
Shinji Matsunaga
9b5b7102ca audit: Fix CVE_PRODUCT
Fix "audit" set in CVE_PRODUCT to "linux:audit" to detect only vulnerabilities where the vendor is "linux".

Currently, CVE_PRODUCT also detects vulnerabilities where the vendor is "visionsoft",
which are unrelated to the "audit" in this recipe.
https://www.opencve.io/cve?vendor=visionsoft&product=audit

In addition, all the vulnerabilities currently detected in "audit" have the vendor of "visionsoft" or "linux".
Therefore, fix "audit" set in CVE_PRODUCT to "linux:audit".

Signed-off-by: Shinji Matsunaga <shin.matsunaga@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e87e51da49fe121be8f6dd4cec3263a345f2f876)

Adapted to Kirkstone.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-16 08:42:29 +01:00
Gyorgy Sarvari
cdd9a07823 gosu: set SRCREV_FORMAT variable
The recipe fetches from multiple repositories, however the SRCREV_FORMAT
variable wasn't set. Due to this the recipe couldn't reuse sstate artifacts from
a mirror, only threw warnings:

WARNING: gosu-1.14-r0 do_package_qa_setscene: ExpansionError('SRCPV',
  '${@bb.fetch2.get_srcrev(d)}', FetchError('The SRCREV_FORMAT variable
  must be set when multiple SCMs are used.\nThe SCMs are:
  git://github.com/tianon/gosu.git;branch=master;protocol=https
  git://github.com/opencontainers/runc;name=runc;branch=main;protocol=https', None))
WARNING: Setscene task (/cocto/kirkstone-next/meta-openembedded/meta-oe/recipes-support/
  gosu/gosu_1.14.bb:do_package_qa_setscene) failed with exit code '1' - real task
  will be run instead

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-14 16:18:49 +01:00
Gyorgy Sarvari
af6c27eaa1 sysdig: set SRCREV_FORMAT
It fetches from multiple repositories, but didn't have SRCREV_FORMAT
set. Because of this, the recipe couldn't use sstate artifacts from
a mirror, just threw many warnings:

WARNING: sysdig-0.28.0-r0 do_package_qa_setscene: ExpansionError('SRCPV',
  '${@bb.fetch2.get_srcrev(d)}', FetchError('The SRCREV_FORMAT variable
  must be set when multiple SCMs are used.\nThe SCMs
  are:\ngit://github.com/draios/sysdig.git;branch=dev;protocol=https;name=sysdig
  git://github.com/falcosecurity/libs;protocol=https;branch=master;name=falco;subdir=git/falcosecurity-libs',
  None))
WARNING: Setscene task (/cocto/kirkstone-next/meta-openembedded/meta-oe/recipes-extended/sysdig/sysdig_0.28.0.bb
  :do_package_qa_setscene) failed with exit code '1' - real task will be run instead

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-14 16:18:48 +01:00
Gyorgy Sarvari
d9fbd8560e zlog: patch CVE-2024-22857
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-22857

Pick the patch from the PR mentioned by the nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-14 16:18:47 +01:00
Divyanshu Rathore
2114ae5f26 ImageMagick: Fix CVE-2023-34151
Backport the fix for CVE-2023-34151

Upstream-Status: Backport [3d6d98d8a2]

Add below patch to fix
0011-ImageMagick-Fix-CVE-2023-34151.patch

Add below support patch to fix
0011-ImageMagick-Add-support-patch-1-to-fix-CVE-2023-3415.patch
0011-ImageMagick-Add-support-patch-2-to-fix-CVE-2023-3415.patch
0011-ImageMagick-Add-support-patch-3-to-fix-CVE-2023-3415.patch

Signed-off-by: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-12 22:06:56 +01:00
Divyanshu Rathore
3a86962b26 ImageMagick: Fix CVE-2025-55298
Backport the fix for CVE-2025-55298

Upstream-Status: Backport [439b362b93]
                          [1f93323df9]

Add below patch to fix
0010-ImageMagick-Fix-CVE-2025-55298-1.patch
0010-ImageMagick-Fix-CVE-2025-55298-2.patch

Add below support patch to fix
0010-ImageMagick-Add-support-patch-1-to-fix-CVE-2025-5529.patch
0010-ImageMagick-Add-support-patch-2-to-fix-CVE-2025-5529.patch
0010-ImageMagick-Add-support-patch-3-to-fix-CVE-2025-5529.patch

Signed-off-by: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-12 22:06:55 +01:00
Divyanshu Rathore
a137e10750 ImageMagick: Fix CVE-2025-55154
Backport the fix for CVE-2025-55154

Upstream-Status: Backport [db986e4782]

Add below patch to fix
0009-ImageMagick-Fix-CVE-2025-55154.patch

Signed-off-by: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-12 22:06:54 +01:00
Divyanshu Rathore
4f4cf3248e ImageMagick: Fix CVE-2025-57807
Backport the fix for CVE-2025-57807

Upstream-Status: Backport [077a417a19]

Add below patch to fix
0008-ImageMagick-Fix-CVE-2025-57807.patch

Signed-off-by: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-12 22:06:53 +01:00
Divyanshu Rathore
f978eae8fc ImageMagick: Fix CVE-2025-57803
Backport the fix for CVE-2025-57803

Upstream-Status: Backport [61f444e545]

Add below patch to fix
0007-ImageMagick-Fix-CVE-2025-57803.patch

Add below support patch to fix
0007-ImageMagick-Add-support-patch-to-fix-CVE-2025-57803.patch

Signed-off-by: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-12 22:06:52 +01:00
Divyanshu Rathore
222e1b635e ImageMagick: Fix CVE-2025-55004
Backport the fix for CVE-2025-55004

Upstream-Status: Backport [55d97055e0]

Add below patch to fix
0006-ImageMagick-Fix-CVE-2025-55004.patch

Signed-off-by: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-12 22:06:51 +01:00
Divyanshu Rathore
a1c2509aea ImageMagick: Fix CVE-2025-53019
Backport the fix for CVE-2025-53019

Upstream-Status: Backport [fc3ab0812e]

Add below patch to fix CVE-2025-53019
0005-ImageMagick-Fix-CVE-2025-53019.patch

Signed-off-by: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-12 22:06:50 +01:00
Divyanshu Rathore
f0ce346514 ImageMagick: Fix CVE-2025-55005
Backport the fix for CVE-2025-55005

Upstream-Status: Backport [b68bb6d3cf]

Add below patch to fix
0004-ImageMagick-Fix-CVE-2025-55005.patch

Signed-off-by: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-12 22:06:49 +01:00
Divyanshu Rathore
7b1c9fa6fb ImageMagick: Fix CVE-2025-55160
Backport the fix for CVE-2025-55160

Upstream-Status: Backport [63d8769dd6]

Add below patch to fix
0003-ImageMagick-Fix-CVE-2025-55160.patch

Signed-off-by: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-12 22:06:48 +01:00
Divyanshu Rathore
bbcd2ab724 ImageMagick: Fix CVE-2025-53101
Backport the fix for CVE-2025-53101

Upstream-Status: Backport [66dc8f51c1]

Add below patch to fix
0002-ImageMagick-Fix-CVE-2025-53101.patch

Signed-off-by: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-12 22:06:47 +01:00
Divyanshu Rathore
520f64ef3c ImageMagick: Fix CVE-2025-53014
Backport the fix for CVE-2025-53014

Upstream-Status: Backport [29d82726c7]

Add below patch to fix CVE-2025-53014
0001-ImageMagick-Fix-CVE-2025-53014.patch

Signed-off-by: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-12 22:06:46 +01:00
Viswanath Kraleti
cac725f7d2 gflags: switch Git branch from master to main
Update SRC_URI to use the 'main' branch instead of 'master' since
the upstream GitHub repository has renamed its default branch.

Signed-off-by: Viswanath Kraleti <viswanath.kraleti@oss.qualcomm.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-12 19:22:39 +01:00
Gyorgy Sarvari
d95d7c8e7b xrdp: add ptest support
It takes under 10 seconds to run the suite.
Executed succesfully on x86-64, with musl and glibc.

The recipe requires pam DISTRO_FEATURE to be present.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 54ca51b6c6c90ad464a488e1ee271d3fff708955)

Adapted to Kirkstone
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-06 19:34:17 +01:00
Gyorgy Sarvari
dcc7681d01 xrdp: patch CVE-2022-23493
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-23493

Pick the patch that mentions this vulnerability explicitly.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-06 17:33:13 +01:00
Gyorgy Sarvari
fc2c0460ab xrdp: patch CVE-2022-23484
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-23484

Pick the patch that mentions this vulnerability explicitly.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-06 17:33:11 +01:00
Gyorgy Sarvari
e89a73a759 xrdp: patch CVE-2022-23483
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-23483

Pick the patch that mentions this vulnerability explicitly.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-06 17:33:10 +01:00
Gyorgy Sarvari
e0e34a0615 xrdp: patch CVE-2022-23481
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-23481

Pick the patch that mentions this vulnerability explicitly.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-06 17:33:09 +01:00
Gyorgy Sarvari
07291c5d65 xrdp: patch CVE-2022-23480
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-23480

Pick the patch that mentions this vulnerability explicitly.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-06 17:33:09 +01:00
Gyorgy Sarvari
d2a493539f xrdp: patch CVE-2022-23479
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-23479

Pick the patch that mentions this vulnerability explicitly.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-06 17:33:08 +01:00
Gyorgy Sarvari
444c8f69d2 xrdp: patch CVE-2022-23478
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-23478

Pick the patch that mentions this vulnerability explicitly.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-06 17:33:07 +01:00
Gyorgy Sarvari
74b0b81579 xrdp: patch CVE-2022-23477
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-23477

Pick the patch that mentions this vulnerability explicitly.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-06 17:33:06 +01:00
Gyorgy Sarvari
5709e8f6ec xrdp: patch CVE-2022-23468
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-23468

Pick the patch that mentions this vulnerability explicitly.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-06 17:33:05 +01:00
Gyorgy Sarvari
f218f0373f xrdp: upgrade 0.9.18 -> 0.9.18.1
Contains fix for CVE-2022-23613

Changelog: https://github.com/neutrinolabs/xrdp/releases/tag/v0.9.18.1

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-06 17:33:04 +01:00
Khem Raj
edb07bc11e scsirastools: Fix build with usrmerge
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 4448cd9ee7e62de0a2787110256c8c0cabb941ee)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-02 13:54:27 +01:00
Gyorgy Sarvari
4a70d6f944 gradm: fix installation with usrmerge enabled
In case usrmerge DISTRO_FEATURE is enabled, the recipe installs its
binaries into /sbin folder, which however supposed to be a symlink
to /usr/sbin folder, thus ultimately failing the installation.

To avoid this problem, backport a patch from master branch that allows
specifying the installation location.

This is a partial backport of 682657248c654c54ac87edc9bf0a95fb59ff0b1e

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-12-02 13:54:16 +01:00
Gyorgy Sarvari
6416254c0b fontforge: patch CVE-2024-25081 and CVE-2024-25082
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-25081
https://nvd.nist.gov/vuln/detail/CVE-2024-25082

The same patch fixes both vulnerabilities.
Take the patch from the pull request that is referenced by the
nv report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-11-30 20:48:08 +01:00
Gyorgy Sarvari
2491ea2ffb fontforge: patch CVE-2020-5395, CVE-2020-25690 and CVE-2020-5496
Details: https://nvd.nist.gov/vuln/detail/CVE-2020-5395
https://nvd.nist.gov/vuln/detail/CVE-2020-25690
https://nvd.nist.gov/vuln/detail/CVE-2020-5496

The same patch fixes all three.
The patch for CVE-2020-25690 is mentioned in the RedHat bug, which is
referenced in the nvd report.
The patch for CVE-2020-5395 is mentioned in the Github issue that
is referenced in the nvd report.
The patch for CVE-2020-5496 is mentioned in the comments of the issue
that is linked in the nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-11-30 20:48:07 +01:00
Gyorgy Sarvari
48d2305f48 fontforge: ignore CVE-2019-15785
Details: https://nvd.nist.gov/vuln/detail/CVE-2019-15785

The vulnerability is not present in the currently used version, so
ignore it.

Current version: 20190801
First vulnerable version: 20190813

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-11-30 20:48:06 +01:00
Gyorgy Sarvari
67bb8e4b16 yasm: patch CVE-2021-33456
Details: https://nvd.nist.gov/vuln/detail/CVE-2021-33465

The patch was taken from Debian:
https://sources.debian.org/patches/yasm/1.3.0-8/1020-hash-null-CVE-2021-33456.patch/

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1e2731fce05d15020fddf3dca5d8ee42ec3c04e1)
2025-11-30 20:48:05 +01:00
Gyorgy Sarvari
68a44fe280 yasm: patch CVE-2021-33464
Details: https://nvd.nist.gov/vuln/detail/CVE-2021-33464

The patch was taken from Debian:
https://sources.debian.org/patches/yasm/1.3.0-8/1010-nasm-pp-no-env-CVE-2021-33464.patch/

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 66a0b01b52e5d1cd2af4c41ae0b67541464874e6)
2025-11-30 20:48:04 +01:00
Gyorgy Sarvari
5fb0376aed yasm: patch CVE-2023-29579
Details: https://nvd.nist.gov/vuln/detail/CVE-2023-29579

The patch was taken from Debian:
https://sources.debian.org/patches/yasm/1.3.0-8/1000-x86-dir-cpu-CVE-2023-29579.patch/

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit cc30757a7fd0af5f60b9a6408b3eb94c0810acda)
2025-11-30 20:48:03 +01:00