{"id":2230251,"url":"http://patchwork.ozlabs.org/api/1.1/patches/2230251/?format=json","web_url":"http://patchwork.ozlabs.org/project/buildroot/patch/20260429141129.248078-1-titouan.christophe@mind.be/","project":{"id":27,"url":"http://patchwork.ozlabs.org/api/1.1/projects/27/?format=json","name":"Buildroot development","link_name":"buildroot","list_id":"buildroot.buildroot.org","list_email":"buildroot@buildroot.org","web_url":"","scm_url":"","webscm_url":""},"msgid":"<20260429141129.248078-1-titouan.christophe@mind.be>","date":"2026-04-29T14:11:29","name":"[for,2025.02.x] package/libspdm: add patches for security issues fixed in libspdm 3.8.2","commit_ref":null,"pull_url":null,"state":"accepted","archived":false,"hash":"1e1b2e424e95dbc23011b84054f516b40650ba83","submitter":{"id":90763,"url":"http://patchwork.ozlabs.org/api/1.1/people/90763/?format=json","name":"Titouan Christophe","email":"titouan.christophe@mind.be"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/buildroot/patch/20260429141129.248078-1-titouan.christophe@mind.be/mbox/","series":[{"id":502076,"url":"http://patchwork.ozlabs.org/api/1.1/series/502076/?format=json","web_url":"http://patchwork.ozlabs.org/project/buildroot/list/?series=502076","date":"2026-04-29T14:11:29","name":"[for,2025.02.x] package/libspdm: add patches for security issues fixed in libspdm 3.8.2","version":1,"mbox":"http://patchwork.ozlabs.org/series/502076/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/2230251/comments/","check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/2230251/checks/","tags":{},"headers":{"Return-Path":"","X-Original-To":["incoming-buildroot@patchwork.ozlabs.org","buildroot@buildroot.org"],"Delivered-To":["patchwork-incoming-buildroot@legolas.ozlabs.org","buildroot@buildroot.org"],"Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=buildroot.org header.i=@buildroot.org\n header.a=rsa-sha256 header.s=default header.b=AtInnc3x;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org\n (client-ip=2605:bc80:3010::136; helo=smtp3.osuosl.org;\n envelope-from=buildroot-bounces@buildroot.org; receiver=patchwork.ozlabs.org)"],"Received":["from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g5K7t4jgzz1yHX\n\tfor ;\n Thu, 30 Apr 2026 00:15:04 +1000 (AEST)","from localhost (localhost [127.0.0.1])\n\tby smtp3.osuosl.org (Postfix) with ESMTP id B5E556158D;\n\tWed, 29 Apr 2026 14:15:01 +0000 (UTC)","from smtp3.osuosl.org ([127.0.0.1])\n by localhost (smtp3.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id V7SvY8efhNmZ; Wed, 29 Apr 2026 14:15:00 +0000 (UTC)","from lists1.osuosl.org (lists1.osuosl.org [140.211.166.142])\n\tby smtp3.osuosl.org (Postfix) with ESMTP id 9821A60FB2;\n\tWed, 29 Apr 2026 14:15:00 +0000 (UTC)","from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138])\n by lists1.osuosl.org (Postfix) with ESMTP id 34C8223D\n for ; Wed, 29 Apr 2026 14:14:59 +0000 (UTC)","from localhost (localhost [127.0.0.1])\n by smtp1.osuosl.org (Postfix) with ESMTP id 2624381416\n for ; Wed, 29 Apr 2026 14:14:59 +0000 (UTC)","from smtp1.osuosl.org ([127.0.0.1])\n by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id mMtroKaeTfb4 for ;\n Wed, 29 Apr 2026 14:14:56 +0000 (UTC)","from mail-wm1-x335.google.com (mail-wm1-x335.google.com\n [IPv6:2a00:1450:4864:20::335])\n by smtp1.osuosl.org (Postfix) with ESMTPS id DFA308120D\n for ; Wed, 29 Apr 2026 14:14:55 +0000 (UTC)","by mail-wm1-x335.google.com with SMTP id\n 5b1f17b1804b1-48a3e9862f0so6059975e9.1\n for ; Wed, 29 Apr 2026 07:14:55 -0700 (PDT)","from dragon (ip-94-140-185-241.reverse.destiny.be. [94.140.185.241])\n by smtp.gmail.com with ESMTPSA id\n 5b1f17b1804b1-48a7c57b5fcsm59207875e9.5.2026.04.29.07.14.52\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Wed, 29 Apr 2026 07:14:52 -0700 (PDT)"],"X-Virus-Scanned":["amavis at osuosl.org","amavis at osuosl.org"],"X-Comment":"SPF check N/A for local connections - client-ip=140.211.166.142;\n helo=lists1.osuosl.org; envelope-from=buildroot-bounces@buildroot.org;\n receiver= ","DKIM-Filter":["OpenDKIM Filter v2.11.0 smtp3.osuosl.org 9821A60FB2","OpenDKIM Filter v2.11.0 smtp1.osuosl.org DFA308120D"],"DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed; d=buildroot.org;\n\ts=default; t=1777472100;\n\tbh=pmasoNNS7WvpZdlcd/qnc8LN/DCGnH2lRbmEz4r9fP4=;\n\th=To:Cc:Date:Subject:List-Id:List-Unsubscribe:List-Archive:\n\t List-Post:List-Help:List-Subscribe:From:Reply-To:From;\n\tb=AtInnc3x09Q0DD6q5vQpmozTSEvsu4PANqQIxClDt1+eZYOtrJrRd2jkQWEPMI8+e\n\t zunQKCoVt1g/P1HNxiczuL3dBdqnjFnt4qc7ZU1pH3LuGgHLAcqIQFYWme3GWf/GDI\n\t TIRmKJ/YFSUHFRQEdpwMvpWFiA3hjFZtpWsPObla/5eSyVQiLtmQbggRPqufnnAAB3\n\t GgM2UjesTtwVeiJx8ZNS9UfeEce2cMmy18TP25dF+tCKHvSqm4UKj146zR3ibX5wEk\n\t xkUcALly8Zxa/ab8ALXVXTyZDx6cZhhJX6a1Ox/ugfnlIQYlVTl/weWgRTQBlIj230\n\t x08X+BMfX7JSQ==","Received-SPF":"Pass (mailfrom) identity=mailfrom;\n client-ip=2a00:1450:4864:20::335; helo=mail-wm1-x335.google.com;\n envelope-from=titouan.christophe@essensium.com; receiver=","DMARC-Filter":"OpenDMARC Filter v1.4.2 smtp1.osuosl.org DFA308120D","X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20251104; t=1777472093; x=1778076893;\n h=content-transfer-encoding:mime-version:message-id:date:subject:cc\n :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date\n :message-id:reply-to;\n bh=fTsu0SSTQskFh7ruVWS0jesOcgTzM7bwVjaJtaMIPM4=;\n b=RHg+RF4LTl8PCc0x9CCvpB9OlyBtf04qjV8ZB7vhbNCVi0+ZclBqPbmTgGP6jRVFRo\n R4MSZjfP/zI6Y+g5MJaG0LYlu8TkWvbPuEEE2RGJcP0J2IW0y3t3JFlXbvQsWD0UMNqo\n 7b8ZpuNR9oeW4eF7pWVQzl0B6Jr9r2IjoT5GXeffa/B+FcRmJfPFIMaqD2p36U//jbGf\n ZoQM6D51NPlqJvAPNLRz4PUQo7P9Uj45o6PZSm33/BU+UkbvnvzbhwfkdnUfXWjSpb4K\n Ds2wsFjIJiTRPZg0GQ2XN+kak+YMr6FnpUr5vkfvwwNWl6FVU1NCIVjm2HoeROD6ioJu\n 7NsA==","X-Gm-Message-State":"AOJu0YylfC1E2TamkdY1uKW8ANNNN0XOcEEqfC/qfjmlYTYEgAJtNOAc\n gVgV7s4GBYSm4ZCMs052pvR3RnQS3kMMEZmDDtyrkYu2z2Z1nNOpNVSGMJxckKVWJoCbh1AU+gW\n e5uJsRcs=","X-Gm-Gg":"AeBDievTH1BNrHEuzh/W46XSMUgpQAgDTIYofrT789BH5nBbYazm0lRcDDMaHiTW7fz\n jKDFoKyeOlx4LqJGZGby2piUSyJp9xrGnx40MNVxbpwgHXQbdzuZ48MewT8bam6wYTH9YzWxWVO\n 0Qqy82LT7468Q6H/VmtXQDtLiQW5QXqbmbaNSACXuEllc7ubgKU+esrJkSRjqy7T8Pon1bAgeyr\n s4QOH5T8TaUWkf3H5+usCTAdKjLtYaJbhBmYoNDUMbJiyEhucOfIVGUaQ401Id17bLoxOkEldtZ\n BZ0nzb1GKuHWLuhC7PQPp1XgqCZ6Sjnuhtywl+Jw192WkNQnMFKUy1wIqJo1NQEbZ+KJ0HeFJje\n 21vac0trqTVhWHLk7Ty1/sv2qXOA53mR6vj8Km7tD+bLNMWknDfhONsnMORhseVpNJGzuAZ76Ko\n Ttsiv984Snhd90wU2tImuLtkwJOm/R/d9hIxTstT+MbMRE8T4wWBNpk22TBktF0vfvQTQu5T9Ry\n PQO","X-Received":"by 2002:a05:600c:3e86:b0:48a:53cb:8604 with SMTP id\n 5b1f17b1804b1-48a7c1bcc18mr59495775e9.14.1777472093297;\n Wed, 29 Apr 2026 07:14:53 -0700 (PDT)","To":"buildroot@buildroot.org","Cc":"Alistair Francis ,\n\tthomas.perale@mind.be","Date":"Wed, 29 Apr 2026 16:11:29 +0200","Message-ID":"<20260429141129.248078-1-titouan.christophe@mind.be>","X-Mailer":"git-send-email 2.53.0","MIME-Version":"1.0","X-Mailman-Original-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=mind.be; s=google; t=1777472093; x=1778076893; darn=buildroot.org;\n h=content-transfer-encoding:mime-version:message-id:date:subject:cc\n :to:from:from:to:cc:subject:date:message-id:reply-to;\n bh=fTsu0SSTQskFh7ruVWS0jesOcgTzM7bwVjaJtaMIPM4=;\n b=cBIvyJ6l7HLLEUlHxMNTs2DTxVOrDY7zMHb6rzWx346kFhxFWPuTOqjNZMZ4lHaLG/\n MPvSFgNDIuQ/dlHnGEn2ZAeUmgOj5gVFqMr/U7m8fE0fjjXjK/CQoPSOZQpr4o79WQE4\n iPagGXK20MditJwCwZRE9S/4qaVgmzCz2oJSqni8lDCWi+2LUb9mXp1onqTLm/YL7Tni\n FCmfTrcMCeQ2eaGcmDeumF6CYNyBsjIFkC6GGAjoGHWgPVeP6wbXlBwg/GsxiZMdwYpg\n l4lYQjm4OrX1gTY6DKGase7us4igC6Q5KsG2FS6h0dvAEBmmafRQKwQYgX6j1xCAzlWQ\n Qpsg==","X-Mailman-Original-Authentication-Results":["smtp1.osuosl.org;\n dmarc=pass (p=quarantine dis=none)\n header.from=mind.be","smtp1.osuosl.org;\n dkim=pass (2048-bit key) header.d=mind.be header.i=@mind.be\n header.a=rsa-sha256 header.s=google header.b=cBIvyJ6l"],"Subject":"[Buildroot] [PATCH for 2025.02.x] package/libspdm: add patches for\n security issues fixed in libspdm 3.8.2","X-BeenThere":"buildroot@buildroot.org","X-Mailman-Version":"2.1.30","Precedence":"list","List-Id":"Discussion and development of buildroot ","List-Unsubscribe":",\n ","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n ","From":"Titouan Christophe via buildroot ","Reply-To":"Titouan Christophe ","Content-Type":"text/plain; charset=\"us-ascii\"","Content-Transfer-Encoding":"7bit","Errors-To":"buildroot-bounces@buildroot.org","Sender":"\"buildroot\" "},"content":"Signed-off-by: Titouan Christophe \n---\n ...ulnerability-in-GET_CSR-parsing-code.patch | 65 +++++++++++++++++++\n ...ibspdm_rsp_measurement_extension_log.patch | 29 +++++++++\n 2 files changed, 94 insertions(+)\n create mode 100644 package/libspdm/0002-Fix-security-vulnerability-in-GET_CSR-parsing-code.patch\n create mode 100644 package/libspdm/0003-Update-libspdm_rsp_measurement_extension_log.patch","diff":"diff --git a/package/libspdm/0002-Fix-security-vulnerability-in-GET_CSR-parsing-code.patch b/package/libspdm/0002-Fix-security-vulnerability-in-GET_CSR-parsing-code.patch\nnew file mode 100644\nindex 0000000000..6d10f33564\n--- /dev/null\n+++ b/package/libspdm/0002-Fix-security-vulnerability-in-GET_CSR-parsing-code.patch\n@@ -0,0 +1,65 @@\n+From 704bc9916ccd8c034f912f13b75fd890a19eb3f3 Mon Sep 17 00:00:00 2001\n+From: Steven Bellock \n+Date: Tue, 27 Jan 2026 12:02:37 -0800\n+Subject: [PATCH] Fix security vulnerability in GET_CSR parsing code\n+\n+Signed-off-by: Steven Bellock \n+Co-Authored-By: Nicholas Carlini \n+\n+Fixes: https://github.com/DMTF/libspdm/security/advisories/GHSA-j54w-759w-xj3m\n+Upstream: https://github.com/DMTF/libspdm/commit/704bc9916ccd8c034f912f13b75fd890a19eb3f3\n+Signed-off-by: Titouan Christophe \n+---\n+ os_stub/cryptlib_mbedtls/pk/x509.c | 25 +++++++++++++------------\n+ 1 file changed, 13 insertions(+), 12 deletions(-)\n+\n+diff --git a/os_stub/cryptlib_mbedtls/pk/x509.c b/os_stub/cryptlib_mbedtls/pk/x509.c\n+index 65eff62bfd5..1b5d60d4f92 100644\n+--- a/os_stub/cryptlib_mbedtls/pk/x509.c\n++++ b/os_stub/cryptlib_mbedtls/pk/x509.c\n+@@ -1768,6 +1768,19 @@ static bool libspdm_convert_subject_to_string(uint8_t *ptr, size_t obj_len,\n+ (libspdm_consttime_is_mem_equal(cur->oid, internal_p, obj_len))) {\n+ /*Concat subject string*/\n+ \n++ /*move to string*/\n++ internal_p += obj_len;\n++ ret = libspdm_asn1_get_tag(&internal_p, end, &obj_len, cur->default_tag);\n++ if (!ret) {\n++ return false;\n++ }\n++\n++ /*check total space needed: name + '=' + value + ',' + '\\0'*/\n++ if (buff_len < (int32_t)(cur->name_len + 1 + obj_len + 1 + 1)) {\n++ LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO,\"the buffer is too small\"));\n++ return false;\n++ }\n++\n+ /*for example: CN=*/\n+ libspdm_copy_mem(buffer, buff_len, cur->name, cur->name_len);\n+ buff_len = (int32_t)(buff_len - cur->name_len);\n+@@ -1776,13 +1789,6 @@ static bool libspdm_convert_subject_to_string(uint8_t *ptr, size_t obj_len,\n+ buff_len--;\n+ buffer++;\n+ \n+- /*move to string*/\n+- internal_p += obj_len;\n+- ret = libspdm_asn1_get_tag(&internal_p, end, &obj_len, cur->default_tag);\n+- if (!ret) {\n+- return false;\n+- }\n+-\n+ /*for example: AU,*/\n+ libspdm_copy_mem(buffer, buff_len, internal_p, obj_len);\n+ buff_len = (int32_t)(buff_len - obj_len);\n+@@ -1790,11 +1796,6 @@ static bool libspdm_convert_subject_to_string(uint8_t *ptr, size_t obj_len,\n+ *buffer = ',';\n+ buff_len--;\n+ buffer++;\n+-\n+- if (buff_len < 0) {\n+- LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO,\"the buffer is too small\"));\n+- return false;\n+- }\n+ break;\n+ }\n+ }\ndiff --git a/package/libspdm/0003-Update-libspdm_rsp_measurement_extension_log.patch b/package/libspdm/0003-Update-libspdm_rsp_measurement_extension_log.patch\nnew file mode 100644\nindex 0000000000..c1a0f7eefc\n--- /dev/null\n+++ b/package/libspdm/0003-Update-libspdm_rsp_measurement_extension_log.patch\n@@ -0,0 +1,29 @@\n+From f55cf6d48ec69b4ac60a63903e9c6a2cb0fd155d Mon Sep 17 00:00:00 2001\n+From: Steven Bellock \n+Date: Fri, 3 Apr 2026 11:00:07 -0700\n+Subject: [PATCH] Update libspdm_rsp_measurement_extension_log.c\n+\n+Fix #3584 in 3.8.\n+\n+Signed-off-by: Steven Bellock \n+\n+Fixes: https://github.com/DMTF/libspdm/security/advisories/GHSA-m4wc-xmvg-369f\n+Upstream: https://github.com/DMTF/libspdm/commit/f55cf6d48ec69b4ac60a63903e9c6a2cb0fd155d\n+Signed-off-by: Titouan Christophe \n+---\n+ .../spdm_responder_lib/libspdm_rsp_measurement_extension_log.c | 2 +-\n+ 1 file changed, 1 insertion(+), 1 deletion(-)\n+\n+diff --git a/library/spdm_responder_lib/libspdm_rsp_measurement_extension_log.c b/library/spdm_responder_lib/libspdm_rsp_measurement_extension_log.c\n+index 6dcb3a54bac..c5f2efa8c88 100644\n+--- a/library/spdm_responder_lib/libspdm_rsp_measurement_extension_log.c\n++++ b/library/spdm_responder_lib/libspdm_rsp_measurement_extension_log.c\n+@@ -125,7 +125,7 @@ libspdm_return_t libspdm_get_response_measurement_extension_log(libspdm_context_\n+ response_size, response);\n+ }\n+ \n+- if ((uint64_t)(offset + length) > spdm_mel_len) {\n++ if (((uint64_t)offset + length) > spdm_mel_len) {\n+ length = (uint32_t)(spdm_mel_len - offset);\n+ }\n+ remainder_length = spdm_mel_len - (length + offset);\n","prefixes":["for","2025.02.x"]}