From: Arnout Vandecappelle via buildroot <buildroot@buildroot.org>
To: Thomas Perale <thomas.perale@mind.be>
Cc: Arnout Vandecappelle <arnout@rnout.be>, buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH 11/14] package/sdl: add CVE trailer in patch
Date: Wed, 7 Jan 2026 18:51:58 +0100 [thread overview]
Message-ID: <20260107175158.228564-1-arnout@rnout.be> (raw)
In-Reply-To: <20251229090719.13291-11-thomas.perale@mind.be>
In reply of:
> Since Buildroot commit [1] the patches that fixes a security
> vulnerability needs to reference the fixed vulnerability.
>
> This patch adds the relevant information to the patch header.
>
> [1] 1167d0ff3d docs/manual: mention CVE trailer
>
> Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Applied to 2025.02.x and 2025.11.x. Thanks
> ---
> package/sdl/0002-SDL_x11yuv.c-fix-possible-use-after-free.patch | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/package/sdl/0002-SDL_x11yuv.c-fix-possible-use-after-free.patch b/package/sdl/0002-SDL_x11yuv.c-fix-possible-use-after-free.patch
> index 68e66bd5a2..3624c5341f 100644
> --- a/package/sdl/0002-SDL_x11yuv.c-fix-possible-use-after-free.patch
> +++ b/package/sdl/0002-SDL_x11yuv.c-fix-possible-use-after-free.patch
> @@ -3,6 +3,7 @@ From: Ozkan Sezer <sezeroz@gmail.com>
> Date: Sat, 18 Jun 2022 14:55:00 +0300
> Subject: [PATCH] SDL_x11yuv.c: fix possible use-after-free
>
> +CVE: CVE-2022-34568
> Fixes: https://github.com/libsdl-org/SDL-1.2/issues/863
> Upstream: d7e00208738a0bc6af302723fe64908ac35b777b
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
> --
> 2.52.0
>
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next prev parent reply other threads:[~2026-01-07 17:52 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-29 9:07 [Buildroot] [PATCH 01/14] package/sox: add CVE trailer in patches Thomas Perale via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 02/14] package/x11vnc: add CVE trailer in patch Thomas Perale via buildroot
2026-01-07 17:52 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 03/14] package/tinyxml: " Thomas Perale via buildroot
2026-01-07 17:52 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 04/14] package/opusfile: " Thomas Perale via buildroot
2026-01-07 17:51 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 05/14] package/lua-http: " Thomas Perale via buildroot
2026-01-07 17:51 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 06/14] package/dovecot: " Thomas Perale via buildroot
2026-01-07 17:51 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 07/14] package/avahi: " Thomas Perale via buildroot
2026-01-07 17:51 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 08/14] package/cups-filter: " Thomas Perale via buildroot
2026-01-07 17:51 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 09/14] package/libconfuse: " Thomas Perale via buildroot
2026-01-07 17:51 ` Arnout Vandecappelle via buildroot
2026-01-07 18:25 ` Baruch Siach via buildroot
2026-01-08 7:54 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 10/14] package/libtomcrypt: " Thomas Perale via buildroot
2026-01-07 17:51 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 11/14] package/sdl: " Thomas Perale via buildroot
2026-01-07 17:51 ` Arnout Vandecappelle via buildroot [this message]
2025-12-29 9:07 ` [Buildroot] [PATCH 12/14] package/sdl: fix patch reference in IGNORE_CVES Thomas Perale via buildroot
2026-01-07 17:52 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 13/14] package/pixman: " Thomas Perale via buildroot
2026-01-07 17:51 ` Arnout Vandecappelle via buildroot
2025-12-29 9:07 ` [Buildroot] [PATCH 14/14] package/mupdf: add CVE-2024-2425{8, 9} to IGNORE_CVES Thomas Perale via buildroot
2026-01-07 17:56 ` Arnout Vandecappelle via buildroot
2025-12-29 14:12 ` [Buildroot] [PATCH 01/14] package/sox: add CVE trailer in patches Thomas Petazzoni via buildroot
2025-12-29 17:34 ` Thomas Perale via buildroot
2026-01-07 17:52 ` Arnout Vandecappelle via buildroot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260107175158.228564-1-arnout@rnout.be \
--to=buildroot@buildroot.org \
--cc=arnout@rnout.be \
--cc=thomas.perale@mind.be \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox