Document that 1454.patch fixes CVE-2023-43898

2023-10-25 11:01:11 -04:00 · 2023-10-25 11:01:11 -04:00 · 0af9698be6
parent 30227fed91
commit 0af9698be6
1 changed files with 7 additions and 0 deletions
--- a/stb.spec
+++ b/stb.spec
@ -65,6 +65,13 @@ Patch:          %{url}/pull/1236.patch

 # Fixes null pointer dereference in https://github.com/nothings/stb/issues/1452
 # https://github.com/nothings/stb/pull/1454
+#
+# Fixes:
+#
+# NULL pointer dereference in the stb_image.h
+# https://github.com/nothings/stb/issues/1452
+# NULL pointer derefence in PIC loading (CVE-2023-43898)
+# https://github.com/nothings/stb/issues/1521
 Patch:          %{url}/pull/1454.patch

 # Fixed asan error on tiny input images