On Fri Jun 19, 2026 at 11:59 AM CEST, Harish.Sadineni wrote: > From: Harish Sadineni <[email protected]> > > CVE-2025-69648 was marked as a duplicate of CVE-2025-69646. The > existing patch already fixes the issue associated with both CVEs. > > Rename the patch and update the CVE tag to reference both identifiers.
Hello, Since these 2 CVEs are duplicates, please juste add the "CVE:" tag to the existing patch without renaming. Also, if possible, could you reach NVD to make them mark the second CVE as duplicate of the first? Thanks! > > Signed-off-by: Harish Sadineni <[email protected]> > --- > meta/recipes-devtools/binutils/binutils-2.42.inc | 2 +- > ...CVE-2025-69648.patch => CVE-2025-69646_CVE-2025-69648.patch} | 2 +- > 2 files changed, 2 insertions(+), 2 deletions(-) > rename meta/recipes-devtools/binutils/binutils/{CVE-2025-69648.patch => > CVE-2025-69646_CVE-2025-69648.patch} (99%) > > diff --git a/meta/recipes-devtools/binutils/binutils-2.42.inc > b/meta/recipes-devtools/binutils/binutils-2.42.inc > index 1a865c45f4..96e9e6cc21 100644 > --- a/meta/recipes-devtools/binutils/binutils-2.42.inc > +++ b/meta/recipes-devtools/binutils/binutils-2.42.inc > @@ -73,6 +73,6 @@ SRC_URI = "\ > file://0029-CVE-2025-11839.patch \ > file://0030-CVE-2025-11840.patch \ > file://CVE-2025-69647.patch \ > - file://CVE-2025-69648.patch \ > + file://CVE-2025-69646_CVE-2025-69648.patch \ > " > S = "${WORKDIR}/git" > diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2025-69648.patch > b/meta/recipes-devtools/binutils/binutils/CVE-2025-69646_CVE-2025-69648.patch > similarity index 99% > rename from meta/recipes-devtools/binutils/binutils/CVE-2025-69648.patch > rename to > meta/recipes-devtools/binutils/binutils/CVE-2025-69646_CVE-2025-69648.patch > index e04d7ed6c2..b02b5e0531 100644 > --- a/meta/recipes-devtools/binutils/binutils/CVE-2025-69648.patch > +++ > b/meta/recipes-devtools/binutils/binutils/CVE-2025-69646_CVE-2025-69648.patch > @@ -19,7 +19,7 @@ length field. > (display_debug_ranges): Check display_debug_rnglists_unit_header > return status. Stop output on error. > > -CVE: CVE-2025-69648 > +CVE: CVE-2025-69646 CVE-2025-69648 > Upstream-Status: Backport > [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=598704a00cbac5e85c2bedd363357b5bf6fcee33] > > (cherry picked from commit 598704a00cbac5e85c2bedd363357b5bf6fcee33) -- Yoann Congal Smile ECS
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#239817): https://lists.openembedded.org/g/openembedded-core/message/239817 Mute This Topic: https://lists.openembedded.org/mt/119880997/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
