On Fri Jun 19, 2026 at 11:59 AM CEST, Harish.Sadineni wrote:
> From: Harish Sadineni <[email protected]>
>
> CVE-2025-69648 was marked as a duplicate of CVE-2025-69646. The
> existing patch already fixes the issue associated with both CVEs.
>
> Rename the patch and update the CVE tag to reference both identifiers.

Hello,

Since these 2 CVEs are duplicates, please juste add the "CVE:" tag to
the existing patch without renaming. Also, if possible, could you reach
NVD to make them mark the second CVE as duplicate of the first?

Thanks!

>
> Signed-off-by: Harish Sadineni <[email protected]>
> ---
>  meta/recipes-devtools/binutils/binutils-2.42.inc                | 2 +-
>  ...CVE-2025-69648.patch => CVE-2025-69646_CVE-2025-69648.patch} | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)
>  rename meta/recipes-devtools/binutils/binutils/{CVE-2025-69648.patch => 
> CVE-2025-69646_CVE-2025-69648.patch} (99%)
>
> diff --git a/meta/recipes-devtools/binutils/binutils-2.42.inc 
> b/meta/recipes-devtools/binutils/binutils-2.42.inc
> index 1a865c45f4..96e9e6cc21 100644
> --- a/meta/recipes-devtools/binutils/binutils-2.42.inc
> +++ b/meta/recipes-devtools/binutils/binutils-2.42.inc
> @@ -73,6 +73,6 @@ SRC_URI = "\
>       file://0029-CVE-2025-11839.patch \
>       file://0030-CVE-2025-11840.patch \
>       file://CVE-2025-69647.patch \
> -     file://CVE-2025-69648.patch \
> +     file://CVE-2025-69646_CVE-2025-69648.patch \
>  "
>  S  = "${WORKDIR}/git"
> diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2025-69648.patch 
> b/meta/recipes-devtools/binutils/binutils/CVE-2025-69646_CVE-2025-69648.patch
> similarity index 99%
> rename from meta/recipes-devtools/binutils/binutils/CVE-2025-69648.patch
> rename to 
> meta/recipes-devtools/binutils/binutils/CVE-2025-69646_CVE-2025-69648.patch
> index e04d7ed6c2..b02b5e0531 100644
> --- a/meta/recipes-devtools/binutils/binutils/CVE-2025-69648.patch
> +++ 
> b/meta/recipes-devtools/binutils/binutils/CVE-2025-69646_CVE-2025-69648.patch
> @@ -19,7 +19,7 @@ length field.
>       (display_debug_ranges): Check display_debug_rnglists_unit_header
>       return status.  Stop output on error.
>  
> -CVE: CVE-2025-69648
> +CVE: CVE-2025-69646 CVE-2025-69648
>  Upstream-Status: Backport 
> [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=598704a00cbac5e85c2bedd363357b5bf6fcee33]
>  
>  (cherry picked from commit 598704a00cbac5e85c2bedd363357b5bf6fcee33)


-- 
Yoann Congal
Smile ECS

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#239817): 
https://lists.openembedded.org/g/openembedded-core/message/239817
Mute This Topic: https://lists.openembedded.org/mt/119880997/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to