From: Arnout Vandecappelle via buildroot <buildroot@buildroot.org>
To: Thomas Perale <thomas.perale@mind.be>
Cc: Arnout Vandecappelle <arnout@rnout.be>, buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH 11/14] package/sdl: add CVE trailer in patch
Date: Wed, 7 Jan 2026 18:51:58 +0100 [thread overview]
Message-ID: <20260107175158.228564-1-arnout@rnout.be> (raw)
In-Reply-To: <20251229090719.13291-11-thomas.perale@mind.be>
In reply of:
> Since Buildroot commit [1] the patches that fixes a security
> vulnerability needs to reference the fixed vulnerability.
>
> This patch adds the relevant information to the patch header.
>
> [1] 1167d0ff3d docs/manual: mention CVE trailer
>
> Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Applied to 2025.02.x and 2025.11.x. Thanks
> ---
> package/sdl/0002-SDL_x11yuv.c-fix-possible-use-after-free.patch | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/package/sdl/0002-SDL_x11yuv.c-fix-possible-use-after-free.patch b/package/sdl/0002-SDL_x11yuv.c-fix-possible-use-after-free.patch
> index 68e66bd5a2..3624c5341f 100644
> --- a/package/sdl/0002-SDL_x11yuv.c-fix-possible-use-after-free.patch
> +++ b/package/sdl/0002-SDL_x11yuv.c-fix-possible-use-after-free.patch
> @@ -3,6 +3,7 @@ From: Ozkan Sezer <sezeroz@gmail.com>
> Date: Sat, 18 Jun 2022 14:55:00 +0300
> Subject: [PATCH] SDL_x11yuv.c: fix possible use-after-free
>
> +CVE: CVE-2022-34568
> Fixes: https://github.com/libsdl-org/SDL-1.2/issues/863
> Upstream: d7e00208738a0bc6af302723fe64908ac35b777b
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
> --
> 2.52.0
>
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next prev parent reply other threads:[~2026-01-07 17:52 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-29 9:07 [Buildroot] [PATCH 01/14] package/sox: add CVE trailer in patches Thomas Perale via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 02/14] package/x11vnc: add CVE trailer in patch Thomas Perale via buildroot
2026-01-07 17:52 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 03/14] package/tinyxml: " Thomas Perale via buildroot
2026-01-07 17:52 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 04/14] package/opusfile: " Thomas Perale via buildroot
2026-01-07 17:51 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 05/14] package/lua-http: " Thomas Perale via buildroot
2026-01-07 17:51 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 06/14] package/dovecot: " Thomas Perale via buildroot
2026-01-07 17:51 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 07/14] package/avahi: " Thomas Perale via buildroot
2026-01-07 17:51 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 08/14] package/cups-filter: " Thomas Perale via buildroot
2026-01-07 17:51 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 09/14] package/libconfuse: " Thomas Perale via buildroot
2026-01-07 17:51 ` Arnout Vandecappelle via buildroot
2026-01-07 18:25 ` Baruch Siach via buildroot
2026-01-08 7:54 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 10/14] package/libtomcrypt: " Thomas Perale via buildroot
2026-01-07 17:51 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 11/14] package/sdl: " Thomas Perale via buildroot
2026-01-07 17:51 ` Arnout Vandecappelle via buildroot [this message]
2025-12-29 9:07 ` [Buildroot] [PATCH 12/14] package/sdl: fix patch reference in IGNORE_CVES Thomas Perale via buildroot
2026-01-07 17:52 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 13/14] package/pixman: " Thomas Perale via buildroot
2026-01-07 17:51 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 14/14] package/mupdf: add CVE-2024-2425{8, 9} to IGNORE_CVES Thomas Perale via buildroot
2026-01-07 17:56 ` Arnout Vandecappelle via buildroot
2025-12-29 14:12 ` [Buildroot] [PATCH 01/14] package/sox: add CVE trailer in patches Thomas Petazzoni via buildroot
2025-12-29 17:34 ` Thomas Perale via buildroot
2026-01-07 17:52 ` Arnout Vandecappelle via buildroot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260107175158.228564-1-arnout@rnout.be \
--to=buildroot@buildroot.org \
--cc=arnout@rnout.be \
--cc=thomas.perale@mind.be \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.