[OE-core] [PATCH] cmake: upgrade 4.1.2 -> 4.2.0

Moritz Haase via lists.openembedded.org Sun, 23 Nov 2025 22:27:54 -0800

Release notes are available at [0].

License-Update: File name reference updated via [1] due to renaming in [2]


[0]: https://cmake.org/cmake/help/v4.2/release/4.2.html
[1]: 
https://gitlab.kitware.com/cmake/cmake/-/commit/cf04a5cf275098bb8348a3f7de3bbe50e9b832ff#748a774aa414d3d0082c025e5025208196812e80
[1]: 
https://github.com/libarchive/libarchive/commit/c26f0377457db392bd57a640e8fe25506120f810#diff-9de61d76392eebe613f97d9d5b429a1337cc79a7ce765c95aa5a4f38d8150b4e

Signed-off-by: Moritz Haase <[email protected]>
---
 ...-native_4.1.2.bb => cmake-native_4.2.0.bb} |  2 +-
 meta/recipes-devtools/cmake/cmake.inc         |  2 +-
 .../cmake/cmake/CVE-2025-9301.patch           | 71 -------------------
 .../cmake/{cmake_4.1.2.bb => cmake_4.2.0.bb}  |  2 -
 4 files changed, 2 insertions(+), 75 deletions(-)
 rename meta/recipes-devtools/cmake/{cmake-native_4.1.2.bb => 
cmake-native_4.2.0.bb} (96%)
 delete mode 100644 meta/recipes-devtools/cmake/cmake/CVE-2025-9301.patch
 rename meta/recipes-devtools/cmake/{cmake_4.1.2.bb => cmake_4.2.0.bb} (98%)

diff --git a/meta/recipes-devtools/cmake/cmake-native_4.1.2.bb 
b/meta/recipes-devtools/cmake/cmake-native_4.2.0.bb
similarity index 96%
rename from meta/recipes-devtools/cmake/cmake-native_4.1.2.bb
rename to meta/recipes-devtools/cmake/cmake-native_4.2.0.bb
index 7b90bff52f..128fef8a6e 100644
--- a/meta/recipes-devtools/cmake/cmake-native_4.1.2.bb
+++ b/meta/recipes-devtools/cmake/cmake-native_4.2.0.bb
@@ -12,7 +12,7 @@ SRC_URI += "file://OEToolchainConfig.cmake \
 LICENSE:append = " & BSD-1-Clause & MIT & BSD-2-Clause & curl"
 LIC_FILES_CHKSUM:append = " \
     file://Utilities/cmjsoncpp/LICENSE;md5=5d73c165a0f9e86a1342f32d19ec5926 \
-    file://Utilities/cmlibarchive/COPYING;md5=d499814247adaee08d88080841cb5665 
\
+    file://Utilities/cmlibarchive/COPYING;md5=7ce08437ff7f5e24d72e666313ae4084 
\
     file://Utilities/cmexpat/COPYING;md5=7b3b078238d0901d3b339289117cb7fb \
     file://Utilities/cmlibrhash/COPYING;md5=a8c2a557a5c53b1c12cddbee98c099af \
     file://Utilities/cmlibuv/LICENSE;md5=ad93ca1fffe931537fcf64f6fcce084d \
diff --git a/meta/recipes-devtools/cmake/cmake.inc 
b/meta/recipes-devtools/cmake/cmake.inc
index 256275d42b..0dcc5c3f55 100644
--- a/meta/recipes-devtools/cmake/cmake.inc
+++ b/meta/recipes-devtools/cmake/cmake.inc
@@ -19,7 +19,7 @@ CMAKE_MAJOR_VERSION = 
"${@'.'.join(d.getVar('PV').split('.')[0:2])}"
 SRC_URI = "https://cmake.org/files/v${CMAKE_MAJOR_VERSION}/cmake-${PV}.tar.gz \
            "
 
-SRC_URI[sha256sum] = 
"643f04182b7ba323ab31f526f785134fb79cba3188a852206ef0473fee282a15"
+SRC_URI[sha256sum] = 
"4104e94657d247c811cb29985405a360b78130b5d51e7f6daceb2447830bd579"
 
 UPSTREAM_CHECK_REGEX = "cmake-(?P<pver>\d+(\.\d+)+)\.tar"
 
diff --git a/meta/recipes-devtools/cmake/cmake/CVE-2025-9301.patch 
b/meta/recipes-devtools/cmake/cmake/CVE-2025-9301.patch
deleted file mode 100644
index 5e765c6d9d..0000000000
--- a/meta/recipes-devtools/cmake/cmake/CVE-2025-9301.patch
+++ /dev/null
@@ -1,71 +0,0 @@
-From 37e27f71bc356d880c908040cd0cb68fa2c371b8 Mon Sep 17 00:00:00 2001
-From: Tyler Yankee <[email protected]>
-Date: Wed, 13 Aug 2025 15:22:28 -0400
-Subject: [PATCH] foreach: Explicitly skip replay without iterations
-
-As written, foreach loops with a trailing `IN` (i.e., no loop
-variable(s) given) lead to an assertion error. Handle this case by
-exiting early when we know the loop won't execute anything.
-
-Fixes: #27135
-
-CVE: CVE-2025-9301
-
-Upstream-Status: Backport
-https://gitlab.kitware.com/cmake/cmake/-/commit/37e27f71bc356d880c908040cd0cb68fa2c371b8
-
-Signed-off-by: Tyler Yankee <[email protected]>
-Signed-off-by: Saravanan <[email protected]>
----
- Source/cmForEachCommand.cxx                  | 3 +++
- Tests/RunCMake/foreach/RunCMakeTest.cmake    | 1 +
- Tests/RunCMake/foreach/TrailingIn-result.txt | 1 +
- Tests/RunCMake/foreach/TrailingIn.cmake      | 5 +++++
- 4 files changed, 10 insertions(+)
- create mode 100644 Tests/RunCMake/foreach/TrailingIn-result.txt
- create mode 100644 Tests/RunCMake/foreach/TrailingIn.cmake
-
-diff --git a/Source/cmForEachCommand.cxx b/Source/cmForEachCommand.cxx
-index 96867e26..8b741183 100644
---- a/Source/cmForEachCommand.cxx
-+++ b/Source/cmForEachCommand.cxx
-@@ -100,6 +100,9 @@ bool 
cmForEachFunctionBlocker::ArgumentsMatch(cmListFileFunction const& lff,
- bool cmForEachFunctionBlocker::Replay(
-   std::vector<cmListFileFunction> functions, cmExecutionStatus& inStatus)
- {
-+  if (this->Args.size() == this->IterationVarsCount) {
-+    return true;
-+  }
-   return this->ZipLists ? this->ReplayZipLists(functions, inStatus)
-                         : this->ReplayItems(functions, inStatus);
- }
-diff --git a/Tests/RunCMake/foreach/RunCMakeTest.cmake 
b/Tests/RunCMake/foreach/RunCMakeTest.cmake
-index 15ca4770..acfc742e 100644
---- a/Tests/RunCMake/foreach/RunCMakeTest.cmake
-+++ b/Tests/RunCMake/foreach/RunCMakeTest.cmake
-@@ -22,3 +22,4 @@ run_cmake(foreach-RANGE-invalid-test)
- run_cmake(foreach-RANGE-out-of-range-test)
- run_cmake(foreach-var-scope-CMP0124-OLD)
- run_cmake(foreach-var-scope-CMP0124-NEW)
-+run_cmake(TrailingIn)
-diff --git a/Tests/RunCMake/foreach/TrailingIn-result.txt 
b/Tests/RunCMake/foreach/TrailingIn-result.txt
-new file mode 100644
-index 00000000..573541ac
---- /dev/null
-+++ b/Tests/RunCMake/foreach/TrailingIn-result.txt
-@@ -0,0 +1 @@
-+0
-diff --git a/Tests/RunCMake/foreach/TrailingIn.cmake 
b/Tests/RunCMake/foreach/TrailingIn.cmake
-new file mode 100644
-index 00000000..e2b5b2f2
---- /dev/null
-+++ b/Tests/RunCMake/foreach/TrailingIn.cmake
-@@ -0,0 +1,5 @@
-+foreach(v IN)
-+endforeach()
-+
-+foreach(v1 v2 IN)
-+endforeach()
--- 
-2.48.1
-
diff --git a/meta/recipes-devtools/cmake/cmake_4.1.2.bb 
b/meta/recipes-devtools/cmake/cmake_4.2.0.bb
similarity index 98%
rename from meta/recipes-devtools/cmake/cmake_4.1.2.bb
rename to meta/recipes-devtools/cmake/cmake_4.2.0.bb
index de86625892..cfc5cb1b93 100644
--- a/meta/recipes-devtools/cmake/cmake_4.1.2.bb
+++ b/meta/recipes-devtools/cmake/cmake_4.2.0.bb
@@ -11,8 +11,6 @@ SRC_URI:append:class-nativesdk = " \
     file://environment.d-cmake.sh \
 "
 
-SRC_URI += "file://CVE-2025-9301.patch"
-
 LICENSE:append = " & BSD-1-Clause & MIT"
 LIC_FILES_CHKSUM:append = " \
     file://Utilities/cmjsoncpp/LICENSE;md5=5d73c165a0f9e86a1342f32d19ec5926 \

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#226736): 
https://lists.openembedded.org/g/openembedded-core/message/226736
Mute This Topic: https://lists.openembedded.org/mt/116448004/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] cmake: upgrade 4.1.2 -> 4.2.0

Reply via email to