[Buildroot] [PATCH 08/10] package/libsndfile: add CVE trailer in patch
Thomas Perale
thomas.perale at mind.be
Sun Dec 28 18:56:33 UTC 2025
Since Buildroot commit [1] the patches that fixes a security
vulnerability needs to reference the fixed vulnerability.
This patch adds the relevant information to the patch header.
[1] 1167d0ff3d docs/manual: mention CVE trailer
Signed-off-by: Thomas Perale <thomas.perale at mind.be>
---
...14-src-ogg-better-error-checking-for-vorbis.-Fixes-1035.patch | 1 +
1 file changed, 1 insertion(+)
diff --git a/package/libsndfile/0014-src-ogg-better-error-checking-for-vorbis.-Fixes-1035.patch b/package/libsndfile/0014-src-ogg-better-error-checking-for-vorbis.-Fixes-1035.patch
index dd9f157811..cb73d370bf 100644
--- a/package/libsndfile/0014-src-ogg-better-error-checking-for-vorbis.-Fixes-1035.patch
+++ b/package/libsndfile/0014-src-ogg-better-error-checking-for-vorbis.-Fixes-1035.patch
@@ -3,6 +3,7 @@ From: Arthur Taylor <art at ified.ca>
Date: Fri, 15 Nov 2024 19:46:53 -0800
Subject: [PATCH] src/ogg: better error checking for vorbis. Fixes #1035
+CVE: CVE-2024-50612
Upstream: https://github.com/libsndfile/libsndfile/commit/4755f5bd7854611d92ad0f1295587b439f9950ba
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
--
2.52.0
More information about the buildroot
mailing list