| Message ID | 20260710-glib-2-0-cve-2026-58016-master-fix-v1-1-152006542891@bootlin.com |
|---|---|
| State | Accepted, archived |
| Commit | cddc75dcf041c0e1c86baa36840caf1a8073e40f |
| Headers | show |
| Series | glib-2.0: add back Signed-off-by in CVE-2026-58016 patch | expand |
diff --git a/meta/recipes-core/glib-2.0/files/CVE-2026-58016-1.patch b/meta/recipes-core/glib-2.0/files/CVE-2026-58016-1.patch index ee6321361455..2c4b248b97b7 100644 --- a/meta/recipes-core/glib-2.0/files/CVE-2026-58016-1.patch +++ b/meta/recipes-core/glib-2.0/files/CVE-2026-58016-1.patch @@ -13,6 +13,8 @@ Fix the check and add some unit tests for it. Spotted by linhlhq as #YWH-PGM9867-204. The fix is mine, and the unit test uses example XML strings adapted from their report. +Signed-off-by: Philip Withnall <pwithnall@gnome.org> + Fixes: #3932 CVE: CVE-2026-58016 diff --git a/meta/recipes-core/glib-2.0/files/CVE-2026-58016-2.patch b/meta/recipes-core/glib-2.0/files/CVE-2026-58016-2.patch index a24e54016177..a61e35ad8a7c 100644 --- a/meta/recipes-core/glib-2.0/files/CVE-2026-58016-2.patch +++ b/meta/recipes-core/glib-2.0/files/CVE-2026-58016-2.patch @@ -14,6 +14,8 @@ complicated, and it’s possible that these dereferences of the Make failures like that more debuggable by adding an assertion on the length beforehand. +Signed-off-by: Philip Withnall <pwithnall@gnome.org> + Helps: #3932 CVE: CVE-2026-58016
It had been deleted by mistake due to a lack of knowledge regarding how to handle it. Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com> --- meta/recipes-core/glib-2.0/files/CVE-2026-58016-1.patch | 2 ++ meta/recipes-core/glib-2.0/files/CVE-2026-58016-2.patch | 2 ++ 2 files changed, 4 insertions(+) --- base-commit: 5a5f2ec43cbb9096f1fc52ba4c2a4f94526f103d change-id: 20260710-glib-2-0-cve-2026-58016-master-fix-69d7e106d1b6 Best regards, -- Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>