From: Thomas Perale via buildroot <buildroot@buildroot.org>
To: Adrian Perez de Castro <aperez@igalia.com>
Cc: Thomas Perale <thomas.perale@mind.be>, buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH] package/bubblewrap: security bump to version 0.11.2
Date: Fri, 15 May 2026 19:46:49 +0200 [thread overview]
Message-ID: <20260515174649.530857-1-thomas.perale@mind.be> (raw)
In-Reply-To: <20260507130813.67423-1-aperez@igalia.com>
In reply of:
> Fixes CVE-2026-41163, which affects any system using bubblewrap 0.11.x
> using a setuid bubblewrap.
>
> Release notes:
>
> https://github.com/containers/bubblewrap/releases/tag/v0.11.2
>
> Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Applied to 2025.02.x & 2026.02.x. Thanks
> ---
> package/bubblewrap/bubblewrap.hash | 5 ++---
> package/bubblewrap/bubblewrap.mk | 3 ++-
> 2 files changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/package/bubblewrap/bubblewrap.hash b/package/bubblewrap/bubblewrap.hash
> index 696c20ee07..e87d3c81cb 100644
> --- a/package/bubblewrap/bubblewrap.hash
> +++ b/package/bubblewrap/bubblewrap.hash
> @@ -1,6 +1,5 @@
> -# Also checked GPG signature from
> -# https://github.com/containers/bubblewrap/releases/tag/v0.11.1
> -sha256 c1b7455a1283b1295879a46d5f001dfd088c0bb0f238abb5e128b3583a246f71 bubblewrap-0.11.1.tar.xz
> +# From https://github.com/containers/bubblewrap/releases/download/v0.11.2/bubblewrap-0.11.2.tar.xz.sha256sum
> +sha256 69abc30005d2186baf7737feacd8da35633b93cf5af38838ecff17c5f8e924f6 bubblewrap-0.11.2.tar.xz
>
> # Hash for license files:
> sha256 b7993225104d90ddd8024fd838faf300bea5e83d91203eab98e29512acebd69c COPYING
> diff --git a/package/bubblewrap/bubblewrap.mk b/package/bubblewrap/bubblewrap.mk
> index afbb29eab9..7838ab90b3 100644
> --- a/package/bubblewrap/bubblewrap.mk
> +++ b/package/bubblewrap/bubblewrap.mk
> @@ -4,7 +4,7 @@
> #
> ################################################################################
>
> -BUBBLEWRAP_VERSION = 0.11.1
> +BUBBLEWRAP_VERSION = 0.11.2
> BUBBLEWRAP_SITE = https://github.com/containers/bubblewrap/releases/download/v$(BUBBLEWRAP_VERSION)
> BUBBLEWRAP_SOURCE = bubblewrap-$(BUBBLEWRAP_VERSION).tar.xz
> BUBBLEWRAP_DEPENDENCIES = host-pkgconf libcap
> @@ -18,6 +18,7 @@ BUBBLEWRAP_CONF_OPTS = \
> -Dman=disabled \
> -Dpython=$(HOST_DIR)/bin/python \
> -Drequire_userns=false \
> + -Dsupport_setuid=true \
> -Dtests=false
>
> ifeq ($(BR2_PACKAGE_BASH_COMPLETION),y)
> --
> 2.54.0
>
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
prev parent reply other threads:[~2026-05-15 17:47 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-07 13:08 [Buildroot] [PATCH] package/bubblewrap: security bump to version 0.11.2 Adrian Perez de Castro
2026-05-08 8:52 ` Julien Olivain via buildroot
2026-05-15 17:46 ` Thomas Perale via buildroot [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260515174649.530857-1-thomas.perale@mind.be \
--to=buildroot@buildroot.org \
--cc=aperez@igalia.com \
--cc=thomas.perale@mind.be \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox