package/avahi: add CVE trailer in patch

Since Buildroot commit [1] the patches that fixes a security vulnerability needs to reference the fixed vulnerability. This patch adds the relevant information to the patch header and adds the `Upstream` trailer. [1] 1167d0ff3d docs/manual: mention CVE trailer Signed-off-by: Thomas Perale <thomas.perale@mind.be> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit cef136b5f09827a8d1e98a0dce0380449ed61cd4) Signed-off-by: Thomas Perale <thomas.perale@mind.be>
2025-12-29 10:07:12 +01:00
parent f409cf2452
commit d7c3aa1413
2 changed files with 2 additions and 3 deletions
--- a/.checkpackageignore
+++ b/.checkpackageignore
@@ -218,7 +218,6 @@ package/attr/0001-build-with-older-GCCs.patch lib_patch.Upstream
 package/aumix/0001-fix-incorrect-makefile-am.patch lib_patch.Upstream
 package/autoconf/0001-dont-add-dirty-to-version.patch lib_patch.Upstream
 package/automake/0001-noman.patch lib_patch.Upstream
-package/avahi/0001-Fix-NULL-pointer-crashes-from-175.patch lib_patch.Upstream
 package/avahi/S05avahi-setup.sh lib_sysv.Indent lib_sysv.Variables
 package/avahi/S50avahi-daemon lib_sysv.Indent lib_sysv.Variables
 package/babeld/S50babeld Shellcheck lib_sysv.Indent lib_sysv.Variables
--- a/package/avahi/0001-Fix-NULL-pointer-crashes-from-175.patch
+++ b/package/avahi/0001-Fix-NULL-pointer-crashes-from-175.patch
@@ -9,8 +9,8 @@ Add missing NULL pointer checks to fix it.

 Introduced in #175 - merge commit 8f75a045709a780c8cf92a6a21e9d35b593bdecd

-[Retrieved from:
-https://github.com/lathiat/avahi/commit/9d31939e55280a733d930b15ac9e4dda4497680c]
+CVE: CVE-2021-36217
+Upstream: https://github.com/lathiat/avahi/commit/9d31939e55280a733d930b15ac9e4dda4497680c
 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
 ---
 avahi-core/browse-dns-server.c   | 5 ++++-