Re: [OE-core] [scarthgap][PATCH] openssl: fix CVE-2025-15467

Wed, 04 Feb 2026 09:11:47 -0800 

Whinlatter should take openssl upgrade instead of patches.
https://lists.openembedded.org/g/openembedded-core/message/230229
It is now merged to master so that blocked is gone and it can be taken.

Peter

-----Original Message-----
From: [email protected] 
<[email protected]> On Behalf Of Yoann Congal via 
lists.openembedded.org
Sent: Wednesday, February 4, 2026 17:50
To: [email protected]; [email protected]
Subject: Re: [OE-core] [scarthgap][PATCH] openssl: fix CVE-2025-15467

On Fri Jan 30, 2026 at 6:43 AM CET, Hitendra Prajapati via 
lists.openembedded.org wrote:
> Upstream-Status: Backport from 
> https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e
>  && 
> https://github.com/openssl/openssl/commit/cdccf8f2ef17ae020bd69360c43a39306b89c381
>  && 
> https://github.com/openssl/openssl/commit/e0666f72294691a808443970b654412a6d92fa0f
>
> Signed-off-by: Hitendra Prajapati <[email protected]>
> ---
>  .../openssl/openssl/CVE-2025-15467-01.patch   |  40 ++++++
>  .../openssl/openssl/CVE-2025-15467-02.patch   |  65 +++++++++
>  .../openssl/openssl/CVE-2025-15467-03.patch   | 128 ++++++++++++++++++
>  .../openssl/openssl_3.2.6.bb                  |   3 +
>  4 files changed, 236 insertions(+)
>  create mode 100644 
> meta/recipes-connectivity/openssl/openssl/CVE-2025-15467-01.patch
>  create mode 100644 
> meta/recipes-connectivity/openssl/openssl/CVE-2025-15467-02.patch
>  create mode 100644 
> meta/recipes-connectivity/openssl/openssl/CVE-2025-15467-03.patch

Hello,

Thanks for the patch.

As far as I can tell, CVE-2025-15467 does also impact whinlatter. Can you
send a fix there (either by then backport or maybe an upgrade?)

Thanks!
-- 
Yoann Congal
Smile ECS


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#230555): 
https://lists.openembedded.org/g/openembedded-core/message/230555
Mute This Topic: https://lists.openembedded.org/mt/117540534/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to