diff mbox series

[v3,2/4] libsoup: actually apply patches for CVE-2025-32049 and CVE-2026-1539

Message ID 20260416103100.3152304-2-ross.burton@arm.com
State New
Headers show
Series [v3,1/4] glib-networking: backport fix for CVE-2026-2574 | expand

Commit Message

Ross Burton April 16, 2026, 10:30 a.m. UTC 
The patches were added to SRC_URI before inheriting gnomebase, which
does SRC_URI = "...". This means the patches were never actually part of
SRC_URI, so never applied.

Signed-off-by: Ross Burton <ross.burton@arm.com>
---
 meta/recipes-support/libsoup/libsoup_3.6.6.bb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
diff mbox series

Patch

diff --git a/meta/recipes-support/libsoup/libsoup_3.6.6.bb b/meta/recipes-support/libsoup/libsoup_3.6.6.bb
index 981e74d8160..b51368adb64 100644
--- a/meta/recipes-support/libsoup/libsoup_3.6.6.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.6.6.bb
@@ -9,6 +9,8 @@  LIC_FILES_CHKSUM = "file://COPYING;md5=5f30f0716dfdd0d91eb439ebec522ec2"
 
 DEPENDS = "glib-2.0 glib-2.0-native libxml2 sqlite3 libpsl nghttp2"
 
+inherit gettext gnomebase upstream-version-is-even gobject-introspection gi-docgen vala
+
 SRC_URI[archive.sha256sum] = "51ed0ae06f9d5a40f401ff459e2e5f652f9a510b7730e1359ee66d14d4872740"
 
 SRC_URI += "file://CVE-2025-32049-1.patch \
@@ -20,8 +22,6 @@  SRC_URI += "file://CVE-2025-32049-1.patch \
 
 PROVIDES = "libsoup-3.0"
 
-inherit gettext gnomebase upstream-version-is-even gobject-introspection gi-docgen vala
-
 GIR_MESON_ENABLE_FLAG = 'enabled'
 GIR_MESON_DISABLE_FLAG = 'disabled'