From 0af9698be6526ecd5a12b0f59d43d1d19cf8e8f9 Mon Sep 17 00:00:00 2001
From: "Benjamin A. Beasley" <code@musicinmybrain.net>
Date: Wed, 25 Oct 2023 11:01:11 -0400
Subject: [PATCH] Document that 1454.patch fixes CVE-2023-43898

---
 stb.spec | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/stb.spec b/stb.spec
index 8aae758..a349ad6 100644
--- a/stb.spec
+++ b/stb.spec
@@ -65,6 +65,13 @@ Patch:          %{url}/pull/1236.patch
 
 # Fixes null pointer dereference in https://github.com/nothings/stb/issues/1452
 # https://github.com/nothings/stb/pull/1454
+#
+# Fixes:
+#
+# NULL pointer dereference in the stb_image.h
+# https://github.com/nothings/stb/issues/1452
+# NULL pointer derefence in PIC loading (CVE-2023-43898)
+# https://github.com/nothings/stb/issues/1521
 Patch:          %{url}/pull/1454.patch
 
 # Fixed asan error on tiny input images