mbox series

[wrynose,v3,0/1] gnutls: fix CVE-2026-33846

Message ID 20260709125006.1802142-1-PritamSrichandan.Sahoo@windriver.com
Headers show
Series gnutls: fix CVE-2026-33846 | expand

Message

Pritam Srichandan Sahoo July 9, 2026, 12:50 p.m. UTC
Changes in v3:
- Squashed CVE fix and musl LDADD fix into a single commit to
  preserve bisectability as suggested by Yoann Congal.

Changes in v2:
- Added a separate commit to fix musl build failure for the
  mini-dtls-fragments test (missing LDADD for gnulib).

v1:
- Only contained the CVE fix. The musl build failed due to
  missing link to gnulib in the new test binary.

Tested with:
  echo 'MACHINE = "qemuarm64"' >> conf/local.conf
  echo 'TCLIBC = "musl"' >> conf/local.conf
  bitbake gnutls

Pritam Srichandan Sahoo (1):
  gnutls: fix CVE-2026-33846

 .../gnutls/gnutls/CVE-2026-33846.patch        | 864 ++++++++++++++++++
 meta/recipes-support/gnutls/gnutls_3.8.12.bb  |   1 +
 2 files changed, 865 insertions(+)
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2026-33846.patch