Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/2225390/?format=api
{ "id": 2225390, "url": "http://patchwork.ozlabs.org/api/patches/2225390/?format=api", "web_url": "http://patchwork.ozlabs.org/project/buildroot/patch/20260420220839.1232620-3-fiona.klute@gmx.de/", "project": { "id": 27, "url": "http://patchwork.ozlabs.org/api/projects/27/?format=api", "name": "Buildroot development", "link_name": "buildroot", "list_id": "buildroot.buildroot.org", "list_email": "buildroot@buildroot.org", "web_url": "", "scm_url": "", "webscm_url": "", "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260420220839.1232620-3-fiona.klute@gmx.de>", "list_archive_url": null, "date": "2026-04-20T22:08:39", "name": "[2/2] package/musl: add upstream security patches for CVE-2026-40200", "commit_ref": null, "pull_url": null, "state": "accepted", "archived": false, "hash": "53b9bb0d8703db9fb3bed1677b8df8b16aec565c", "submitter": { "id": 88431, "url": "http://patchwork.ozlabs.org/api/people/88431/?format=api", "name": "Fiona Klute", "email": "fiona.klute@gmx.de" }, "delegate": { "id": 89618, "url": "http://patchwork.ozlabs.org/api/users/89618/?format=api", "username": "juju", "first_name": "Julien", "last_name": "Olivain", "email": "juju@cotds.org" }, "mbox": "http://patchwork.ozlabs.org/project/buildroot/patch/20260420220839.1232620-3-fiona.klute@gmx.de/mbox/", "series": [ { "id": 500694, "url": "http://patchwork.ozlabs.org/api/series/500694/?format=api", "web_url": "http://patchwork.ozlabs.org/project/buildroot/list/?series=500694", "date": "2026-04-20T22:08:37", "name": "Add upstream security patches for musl 1.2.6", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/500694/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2225390/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2225390/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<buildroot-bounces@buildroot.org>", "X-Original-To": [ "incoming-buildroot@patchwork.ozlabs.org", "buildroot@buildroot.org" ], "Delivered-To": [ "patchwork-incoming-buildroot@legolas.ozlabs.org", "buildroot@buildroot.org" ], "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=buildroot.org header.i=@buildroot.org\n header.a=rsa-sha256 header.s=default header.b=b4CLixBo;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org\n (client-ip=140.211.166.137; helo=smtp4.osuosl.org;\n envelope-from=buildroot-bounces@buildroot.org; receiver=patchwork.ozlabs.org)" ], "Received": [ "from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g00511HmJz1yCv\n\tfor <incoming-buildroot@patchwork.ozlabs.org>;\n Tue, 21 Apr 2026 08:09:09 +1000 (AEST)", "from localhost (localhost [127.0.0.1])\n\tby smtp4.osuosl.org (Postfix) with ESMTP id 01D8641104;\n\tMon, 20 Apr 2026 22:09:05 +0000 (UTC)", "from smtp4.osuosl.org ([127.0.0.1])\n by localhost (smtp4.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id C3XxXPsTHjlC; Mon, 20 Apr 2026 22:09:03 +0000 (UTC)", "from lists1.osuosl.org (lists1.osuosl.org [140.211.166.142])\n\tby smtp4.osuosl.org (Postfix) with ESMTP id C92244112A;\n\tMon, 20 Apr 2026 22:09:03 +0000 (UTC)", "from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137])\n by lists1.osuosl.org (Postfix) with ESMTP id A9E2524D\n for <buildroot@buildroot.org>; Mon, 20 Apr 2026 22:09:01 +0000 (UTC)", "from localhost (localhost [127.0.0.1])\n by smtp4.osuosl.org (Postfix) with ESMTP id 9BCFD41110\n for <buildroot@buildroot.org>; Mon, 20 Apr 2026 22:09:01 +0000 (UTC)", "from smtp4.osuosl.org ([127.0.0.1])\n by localhost (smtp4.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id Hbb0kKVJFqWE for <buildroot@buildroot.org>;\n Mon, 20 Apr 2026 22:09:00 +0000 (UTC)", "from mout.gmx.net (mout.gmx.net [212.227.15.15])\n by smtp4.osuosl.org (Postfix) with ESMTPS id 128C841104\n for <buildroot@buildroot.org>; Mon, 20 Apr 2026 22:08:59 +0000 (UTC)", "from client.hidden.invalid by mail.gmx.net (mrgmx005\n [212.227.17.190]) with ESMTPSA (Nemesis) id 1MCbEf-1w5pqK3f6Z-001S2C; Tue, 21\n Apr 2026 00:08:52 +0200" ], "X-Virus-Scanned": [ "amavis at osuosl.org", "amavis at osuosl.org" ], "X-Comment": "SPF check N/A for local connections - client-ip=140.211.166.142;\n helo=lists1.osuosl.org; envelope-from=buildroot-bounces@buildroot.org;\n receiver=<UNKNOWN> ", "DKIM-Filter": [ "OpenDKIM Filter v2.11.0 smtp4.osuosl.org C92244112A", "OpenDKIM Filter v2.11.0 smtp4.osuosl.org 128C841104" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=buildroot.org;\n\ts=default; t=1776722943;\n\tbh=XWqpd03l3dQXH3TZRCKrHdOCCVhvBtjh3G8wLKT4fgM=;\n\th=To:Cc:Date:In-Reply-To:References:Subject:List-Id:\n\t List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe:\n\t From:Reply-To:From;\n\tb=b4CLixBoOCV40itbG1vhP6XXGuhDlZCNLjViwGnmb4o8757lFJ9/GSJBlBwfObc0r\n\t 6xbaw7dhKoUBQesQXNskPOt8wAOercRiOPcZJl0GY0qo39cC6dBwIpWqHRHz2xNCX+\n\t Rb1Jw/2ygPepYHTOSIWb40a2e6d2pbEFcSuILhzzo6UUWc2USMr0I/DMH8pIkSZ2nL\n\t wSAloChIEKHwkBLpBXmvmXPFoPzdluXZ/fS/qBQYooyFI9LvB5hxWTG9ytokZEEZ0o\n\t EJSiyFI7XGYzd2ozmwg7YgMS1eFoo+AdGibVzfb6wFvXgTVyVyODN5zIN8worSAK01\n\t c51D3vQ8UgfLg==", "Received-SPF": "Pass (mailfrom) identity=mailfrom; client-ip=212.227.15.15;\n helo=mout.gmx.net; envelope-from=fiona.klute@gmx.de; receiver=<UNKNOWN>", "DMARC-Filter": "OpenDMARC Filter v1.4.2 smtp4.osuosl.org 128C841104", "X-UI-Sender-Class": "724b4f7f-cbec-4199-ad4e-598c01a50d3a", "To": "buildroot@buildroot.org", "Cc": "Thomas Petazzoni <thomas.petazzoni@bootlin.com>,\n Marcus Hoffmann <buildroot@bubu1.eu>, Fiona Klute <fiona.klute@gmx.de>", "Date": "Tue, 21 Apr 2026 00:08:39 +0200", "Message-ID": "<20260420220839.1232620-3-fiona.klute@gmx.de>", "X-Mailer": "git-send-email 2.53.0", "In-Reply-To": "<20260420220839.1232620-1-fiona.klute@gmx.de>", "References": "<20260420220839.1232620-1-fiona.klute@gmx.de>", "MIME-Version": "1.0", "X-Provags-ID": "V03:K1:2Yd4jlhMlGr45K9KCZgrXnzl13G8wLf2wDF0nQgfSz73TdhK5gd\n 7Mzzh01g48jXVjzXURXSqzyYvfXBvs8YUWIAJydEWiwsU92pL6JykI/ooykp6hNIiCLg3RF\n sp0mllCE277d/PX+XmoNLNQ2HxCceXau4ufIb8F+W+2IC+/nsnr0XS845Pkw4l1rMukFBNl\n s8AAwu5iHJtz0btAIF0Bg==", "UI-OutboundReport": "notjunk:1;M01:P0:PiRX5o9iIV8=;d3jDujMJw5O1nfi9s0mCfod16/Q\n WIulGg/w9AwxzZf+V0cKbU8ADD3Vfvd18fkpffZFaEDwSJgcv4WkJHijWnnL+I9pG5MLf8ZMq\n KdPEKBA9vaCX8UdFM5xO1JmS1bO7FtCKv1fATh8gVUGl6rmq/0422VESkT4afaGtmYn1OHyci\n 1ZSUwCcej0xCOwt+Pn/GBtNMOrADmS6gZvDkNZ8rPy+BJ3X6JZ39MGQSSfTESB3Oy6TDRgwNW\n qwunP1RMPaPNudJpJMzBMN4UVtUegYahXDmNbec0twsPJ4zOzOMpxRuiKrpyHldvb9uElf4rt\n DuUe/e/a6wxMLQNPPCD4CG95FwJI7WtWKB7E+SnKXkBqsRtAaTUl3lJL8jZMyVDfcWucRtLU8\n ClJxdif6gnma5QHYebGpUmgN+XL3AERbr8Osk0nUIwMIWnO0JwrGbU7hip7BH+Ape0nRXM2ZU\n WnDVVW8W+Wap7hFtqookJX9O0+JYbDk624JwtM6OHpIo+iE5rK2amh2lWEAwFrF3/VUkSP571\n uXVGIXaCNagtz6r63OgU8anZASAqyAbHr0OYbHVN+7lbDo4AtAaXwLGLajN0CEA7b5/WQ1Hnj\n y9Vrh6bWEF43uOSJ6I76GKQ/O+goKE4YfzhyBjq8rzF9i6+os0bHCsNGsfF9d1xMfmKNgMemb\n bhdHm4iRq1LDwX2IfGLLIEpSe8nLc0IAIpbEUBAtEvhVbMMKtze3RAQnq29DEDwt66i7dkk84\n 8r5lM3o66hGWn7q2qvjy4gBysfGPPRH+IyDckOkcWolH5muGSwDJ5SqXGDqioCU16o6fKfhxW\n HlTCyg15BVn9KSj4OMZKeDftnPcgyQvOGRgIOBFVTRT8ZVKHhfpaJotHnfQYCZ8SE63EPy4jd\n xCmu7YTb1zFFlsIc1J84T4joZ0Ya7x7uzHUXKcw4UkgdLpDoHqxVo+f8qv9Wqq2YSPblPLdjB\n Z8mBV8HrJe0gQ/wxi3pMC6eyXzwmZd7AaRFteuTXhdDsnliD8mE7Zww3pFFj7XGfHldBDTVby\n yd8CFed7duW3hmcLzUBTWBPpI4Y1avPeWBbA81Q4RLEAANqBTALOKAa4Ah4qadtBkOjIu9zQp\n wC+KOUHj2xAd7jrciTtqko1c77kx/OXVg2mbDTdwwRwJmJvn0PIl30X+lHUB0BPPlj3bh7e7H\n O5Y5LXtHNHPI5LYCMstEkRinx/YWOOLUtqs2kmg4cicScOrfBbZgtEwHrnHW5xj6WCOK/AoQf\n 04yZGlZ1yTmxeEpkQhtuVbMEjLU68lQVulbQDsil9mRQAFSD9oU8c71uze320WISjZtpkCli8\n DZChgv3LoSGQjR5c7Af2M7gkFkGely2xtxaQjqky9C7jT9b15qVwpqiWFFBnrINb5J1/jClVB\n uXWwhuUUvP9wVs7jIgUK8QR4P5ohHR+l7GWcPVLgDqEUqdfHxeipFwG/WcrmQqBDD+7on2Lc2\n pB53dRB2VkMxEk7PPizDZojKPL0Z2OBjWClN2exkAf/4Vu0lwoFumc2Lsj3FXsocTd/4FGNsM\n qYqTQ0zJF0GsZN3zjGCDQz3PyGTRTGPwA8B0Dtqg/VH4WoX/xltntTyoD9xxmYdMhGQa3HHXq\n Gf2un7COHF5KU4JZvfOrzr35NcKeQR2d+T4pBZFdmYQf/pjdnTme06y+9WcUB4vVvkxFvGSZh\n Yky6rJZLGKahIXmAtcvHDNxu2gz3xaRZsApd4hdPgBgeLBdu1pXrRttmeN/rySUKovvObPlse\n YSzua9s/bQwfic+ZdGowJYXQAHEfiRTe3mM9nfAOBoJbhVacD9RYAGlP+cCjzMhQvEtepLbko\n f++pEkkS8FpjDk7wAH19iD5J4ib+iMc0Gqc6vMg/nHsL8tYE1GEMF1R2cJYiKnZTl1ncA0+W3\n jbREsGvXpgNx8ANrFPnkQqydfiZ4IAhaGePCwMTa0Szjb6V10+3ldEEPSVidOV+hmo4MqciPm\n HORhxrWXd3NZcqJRlARRrmi0jmWctIjb6xS248t2SjmapDW7x/t/ex/jXVFAfNyNrq7ep6vUT\n /Lz8Yvuqf0YrbDcdGMkCmL7awXEtk8h9dlFOVy229jOxo3cleCv7jzgnwfoxmartX/ABO99vk\n BnBh4SBELCXgtmaF2kJavM0Lmi6PklEIa+DohTh9wWpj2A6n0qeeeqSDu9kiux3y1rZ+YhS38\n zhgv7Q60w9f1EPA132zKOIub7F/W7J9JSW0RSjRPNe+5KIWcPZdb0Dt7pIcjlbIX4LxfJDMQI\n IdGcqeXjcB1YvUdrLZJ59lqDmIFIRC5iyjMo4ED3/oaNd/MCTUZ6YkIqY8s51F79Zodqch86Q\n zW/ei+ucpuDj7wQ+RDM1E+wGs4YIFIXo1MgcwC0cbYqeGNdQqTV8uQPVdCi/OddsOWGugA43H\n YPM5OohKV+I9WjaDDTkQiCwK3FtF/KVVxYvufa2AFqMTAurb/zD5dYFnEc9zZBIo/rlKEv7Nc\n BmtrPlg3ZWpOCNW0a1NKdVRyq6uOWzAcZ4rF/DoBekZRg74eoUHMoyyL4D/AbhcF04vYm4FqF\n zSBaXHwXG+nWnzNZqSeyD6gEcMqrt+iFtaLAdLmuHR5TQJnIQhYNfn9LNnOVuk6F2dKkt7fSO\n RyVOVT2y9/3fXmM8NpDJanlAdT/cp54i1scgs1bKNdLBMo3ej6Lem4sRth3xGDDd+vMyFnMTl\n tY/hPZJgN6ozT5VOXWf+j4SW4JG/Q08tRcN0ToUZKg/NzQ0tPK4P6jprUXhLrBbPWH/lCrViL\n NLAg7jeX/EOMtHAWkULTL5MV5FVYfDHsB2ZNGKEJK7TSATMUBLv0691bgXpfnV4dL0BRCat5P\n aHhn/9Dj1tH4YZAraeFiVO8gMuocnHXXP7jA2erELpv2HAghsG1pOnbxWtcYN6vSYRZhSJwpq\n RAZa+FbsIAU3K/UtrEKFSG1FSn4l127VvwitMw2ohEC/ymO4g+xu1PJYIIHwcS3yAdJA4HF+z\n EeJ8bjqvHF4WeaX4b/dd8/Oymd7OKrD5tWKb+1u/0rp3KdhkOV1KZSqOS7JZniD+DDbpJEWNK\n Ia98TRUaq4rfOqGpMIJ6wKGIAGbTsmBM7UjOr2UWyyZbJMc4Nts09WPoFTfn5T8lyO0kHTEZt\n DfLBOlW3D5A6OVFaF0QJblR7mvSlm6nsr7E6mBZrqG2MSAC/Vfsrzy8Dh+96WGq8+dVKgOBGk\n 5ZG/tg9l5Hg/YiTeiXD3M9wbCnFDBss+SnHZnbaeASyEYOJPZYlAr6MLAL1tB9hYSsIS9s738\n v3DqMlhzGgTmvWLbAZGnsPNATxYaaDQYQqofv1Aw1aJQSjp3IHLmx+PNDFZ6kCXK25vOKQTw0\n rg1K41/PUG3Fvouk+wBR5XhUGR7oLJIZpuv9Xs3Bhg7V2d8nFBK0Rx3tldn85fELlnQBcxikU\n ogR0C13b6U4+yxMJCDOR+jSB1Zu/rIfeWgsB81vIzfM6IDCfHpfdd/gPi1RbpdSeqQZ6UdwS2\n zT2BG2bdVx40CLeLjp7mpSuZnfWxX7wSHdre/R2T/lT0GosSjbJCjy6v7SlNateN27ocpK4mN\n wdk86IKeLkhgF6zpW0B6A0PrQP8dONMJrEo9pzQ9pjlXPKa+8B2+hYjdFAyigTl5SBsHOR7TI\n 3gL3qo1rdyLGh69bdnf3ApXwwejZWFjbxwbLYcZEyCvBQbXwgIRGUIV6+7srXYYj2e625luTo\n zvQk62KJi9eQlLzkBAoaHaJYtLP3ecnxQ2OEwa3186DBoHvSyA1l8OzD5OShAOPQ973LhLAA2\n HlUCslIk80pt8y1AO47fGU/PjxUSArLrfHmMlnEm+71ov1jV1IugkDiiYynaPbWKrAo3EeSGb\n Qd78LoOuTvzWsk8QyvLY3QelfHHay0ztRneoIS08bBEu9/2BwGlVdg6E/OKC44cH5PMfrvmWm\n BYDqWPHOFhhHmG4nYWwhlwMddMYh/auGCNO+hHEU8Reerr8OjUiPUGPsshfb9Ina612OeSp21\n hC75smK1lLuVPELPZYX6FLD6daGX+sveWqda6dm1/uruXFMroiJMSUhtbntCVkH1JTE07+rdq\n jjBXxLcjS3zZlLQupfx9FDQ3a1Bc+QiaGwozP6tch6QXRvjYKzo+wBmVW0OH0FHU4JYbEAQuk\n 3caIuqwGa4lzv3n74QEGXuvjSyQS1Vf7KSoKxU9pEdXbe0e66nWun4Y0o5FuAaHECHJOn50R+\n RJ47xfDtPxhg2y/tjb3nR4xSAPFb9j/kQXOmS+mwHYx/1JabRK+s8rpB0e/tdKTdyg4zVfajY\n tmSvcIdFci2HatY5dUy3hbeifwvJkuY6h3BqhB1Xv/jk983SOUTX2e9h1Y6qSeyBiLQOYufs7\n oV/IaNqVz4f9m4kG2d9cbtRs35ilqg1OHQr+45d+8BY9xtUjj8sdb/fq55JCsj45pGiMOChmd\n nGr7c5yDSscQr/2gNloDoSfh2MnS3ZEt1yE5jbhUSBam0snpZXsRGunXYplOwmdCOcnpg9W5l\n zZZYlvcPrMaLn9doNwPk1CMUlwNo0J3KM3Z5HoSU9k0GBhbSO3guKttvnOlK1YN1ypqa5K1NE\n 72dK7RBh05BPF8xAS/0OfGXBpdqvQeSseiIYWma9gGRhF3vha0SFKqguVYqfb6MeuB6+2y9ee\n XGmo5iecVvfM740FKOKMi8LiMnAlqEZzK8bjdjF8UpEobb3r0WhMXEeyai9ymuuhIMWeT/a27\n PptlkEVLr6rXA98oUx/tck1kY03czLarpn5sVvSG+9mF3sKIEaPZM5iDTLLOK7hnQCz8gWmnE\n wozNxtSuWV6A6QwHyiavi6qcrWvWChgn6HO+YS5mEkOajNXUiapbbF+CyKEqm4vSSjuUW4REe\n 491yIsKt/gGt3qsVU12s51Sx1Hia7eLZt2lCoHx71E0/lLQSKHJtGQ2XrJ+zJ/YaKgOJkQZT2\n Yug5xcG2uPKYMAoGZ04Ky1ZoB5S63cDt0E83YSAQN071CyIp4zHSFFLFTFK/9NCucIgppp6g3\n HJh4RpntsZKL3IKS3o49nUsqz0yBiWApQeJXokyjz9N5wUp1Tl9RBz7+4hnVRKRjgzx0DbBkh\n Z7wi2uF22JRbDdmnwp2LQUcMuFlRlMW7jcfuuAUmRYS2O2/YAmoGEyEgRZ+/IhCnH8k9N/Nv/\n RKDQYL3X1ObyaS6uLimjbWGZ8eqcl+ab/TpGAXTxhfCJlxsO6R6dbGtOfmAZLmncAMOenvxEZ\n 1FaSd6b8wnctg/rqySt1B25KFKuKlt41A8xP5A1hc57r0Y+py7PJNx0J6T2SjrA7vG+DVHoRY\n P2r+WJgHvL0MtYVxOONW7ZmI85Z00Eb8736T+LnZZmJFeKy9aTcK5MmzCOzmWkP+UqQ6UPp79\n keKSsV9Xx0XZ2HEA+J//HFl6l2fWjt1bPUNiWaR2Tx2cWOtDroK7xAxYbh1G0VVqo9GstgPl1\n EBkHGXhdR0W1JYeCUwXBV6RAfBykjPmTziyBWAuisf+kz4dsWJZpW5Oo6vng1BGUrysOzRamf\n Y/9sm80DiNLQTOQ==", "X-Mailman-Original-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=gmx.de;\n s=s31663417; t=1776722932; x=1777327732; i=fiona.klute@gmx.de;\n bh=gCi2Kc1uLA9GFAKo/c1emGndQ0teTVqEQ3xqEj0NWe4=;\n h=X-UI-Sender-Class:From:To:Cc:Subject:Date:Message-ID:In-Reply-To:\n References:MIME-Version:Content-Transfer-Encoding:cc:\n content-transfer-encoding:content-type:date:from:message-id:\n mime-version:reply-to:subject:to;\n b=WYJOe4ID7RqVx/GGJrRl1HwCA9vQW1XtxjYU8ox+cREPcBtgITZF0gEZdCTccgxo\n fNguftxOPkkvIxdT+bLUsaZuGqHI/D0kHF0GmkvR8+IlqqR2iB2LKyZJmW45efcy0\n vrh1KO90UmGvcJ/4XjK2REQdjeGUmaIdnvlqdmNTKKiJ1r15D+Qdgh3tNlHI66gxr\n zFMoLdH83WoxLtnk+69ENc51wTbnO/FtmtETIbQ0wTyPw/N35xlIReiBvmLmVkIJ6\n hyI6XbKkyCBlzCCteJjYJctYM2Uw63f5EoZEyBit+M+gQK4lEp5cgEub+Z4Pccloa\n OzSwWnadbgsqp2nRXQ==", "X-Mailman-Original-Authentication-Results": [ "smtp4.osuosl.org;\n dmarc=pass (p=quarantine dis=none)\n header.from=gmx.de", "smtp4.osuosl.org;\n dkim=pass (2048-bit key) header.d=gmx.de header.i=fiona.klute@gmx.de\n header.a=rsa-sha256 header.s=s31663417 header.b=WYJOe4ID" ], "Subject": "[Buildroot] [PATCH 2/2] package/musl: add upstream security patches\n for CVE-2026-40200", "X-BeenThere": "buildroot@buildroot.org", "X-Mailman-Version": "2.1.30", "Precedence": "list", "List-Id": "Discussion and development of buildroot <buildroot.buildroot.org>", "List-Unsubscribe": "<https://lists.buildroot.org/mailman/options/buildroot>,\n <mailto:buildroot-request@buildroot.org?subject=unsubscribe>", "List-Archive": "<http://lists.buildroot.org/pipermail/buildroot/>", "List-Post": "<mailto:buildroot@buildroot.org>", "List-Help": "<mailto:buildroot-request@buildroot.org?subject=help>", "List-Subscribe": "<https://lists.buildroot.org/mailman/listinfo/buildroot>,\n <mailto:buildroot-request@buildroot.org?subject=subscribe>", "From": "Fiona Klute via buildroot <buildroot@buildroot.org>", "Reply-To": "Fiona Klute <fiona.klute@gmx.de>", "Content-Type": "text/plain; charset=\"us-ascii\"", "Content-Transfer-Encoding": "7bit", "Errors-To": "buildroot-bounces@buildroot.org", "Sender": "\"buildroot\" <buildroot-bounces@buildroot.org>" }, "content": "Fixes CVE-2026-40200: musl libc: stack corruption in qsort with\nsufficiently large inputs\nhttps://www.openwall.com/lists/musl/2026/04/10/3\n\nFixes: https://nvd.nist.gov/vuln/detail/CVE-2026-40200\n\nSigned-off-by: Fiona Klute <fiona.klute@gmx.de>\n---\n ...do-heap-corruption-from-bug-in-doubl.patch | 48 +++++++++\n ...ude-oob-array-writes-independent-of-.patch | 97 +++++++++++++++++++\n ...06-qsort-fix-shift-UB-in-shl-and-shr.patch | 43 ++++++++\n package/musl/musl.mk | 5 +\n 4 files changed, 193 insertions(+)\n create mode 100644 package/musl/0004-qsort-fix-leonardo-heap-corruption-from-bug-in-doubl.patch\n create mode 100644 package/musl/0005-qsort-hard-preclude-oob-array-writes-independent-of-.patch\n create mode 100644 package/musl/0006-qsort-fix-shift-UB-in-shl-and-shr.patch", "diff": "diff --git a/package/musl/0004-qsort-fix-leonardo-heap-corruption-from-bug-in-doubl.patch b/package/musl/0004-qsort-fix-leonardo-heap-corruption-from-bug-in-doubl.patch\nnew file mode 100644\nindex 0000000000..1f179552df\n--- /dev/null\n+++ b/package/musl/0004-qsort-fix-leonardo-heap-corruption-from-bug-in-doubl.patch\n@@ -0,0 +1,48 @@\n+From 228da39e38c1cae13cbe637e771412c1984dba5d Mon Sep 17 00:00:00 2001\n+From: Rich Felker <dalias@aerifal.cx>\n+Date: Thu, 9 Apr 2026 22:51:30 -0400\n+Subject: [PATCH] qsort: fix leonardo heap corruption from bug in doubleword\n+ ctz primitive\n+\n+the pntz function, implementing a \"count trailing zeros\" variant for a\n+bit vector consisting of two size_t words, erroneously returned zero\n+rather than the number of bits in the low word when the first bit set\n+was the low bit of the high word.\n+\n+as a result, a loop in the trinkle function which should have a\n+guaranteed small bound on the number of iterations, could run\n+unboundedly, thereby overflowing a stack-based working-space array\n+which was sized for the bound.\n+\n+CVE-2026-40200 has been assigned for this issue.\n+\n+CVE: CVE-2026-40200\n+Upstream: https://git.musl-libc.org/cgit/musl/commit/?id=228da39e38c1cae13cbe637e771412c1984dba5d\n+Signed-off-by: Fiona Klute <fiona.klute@gmx.de>\n+---\n+ src/stdlib/qsort.c | 8 ++++----\n+ 1 file changed, 4 insertions(+), 4 deletions(-)\n+\n+diff --git a/src/stdlib/qsort.c b/src/stdlib/qsort.c\n+index ab79dc6f..13219ab3 100644\n+--- a/src/stdlib/qsort.c\n++++ b/src/stdlib/qsort.c\n+@@ -34,11 +34,11 @@\n+ \n+ typedef int (*cmpfun)(const void *, const void *, void *);\n+ \n++/* returns index of first bit set, excluding the low bit assumed to always\n++ * be set, starting from low bit of p[0] up through high bit of p[1] */\n+ static inline int pntz(size_t p[2]) {\n+-\tint r = ntz(p[0] - 1);\n+-\tif(r != 0 || (r = 8*sizeof(size_t) + ntz(p[1])) != 8*sizeof(size_t)) {\n+-\t\treturn r;\n+-\t}\n++\tif (p[0] != 1) return ntz(p[0] - 1);\n++\tif (p[1]) return 8*sizeof(size_t) + ntz(p[1]);\n+ \treturn 0;\n+ }\n+ \n+-- \n+2.53.0\n+\ndiff --git a/package/musl/0005-qsort-hard-preclude-oob-array-writes-independent-of-.patch b/package/musl/0005-qsort-hard-preclude-oob-array-writes-independent-of-.patch\nnew file mode 100644\nindex 0000000000..1604ae9dc4\n--- /dev/null\n+++ b/package/musl/0005-qsort-hard-preclude-oob-array-writes-independent-of-.patch\n@@ -0,0 +1,97 @@\n+From b3291b9a9f77f1f993d2b4f8c68a26cf09221ae7 Mon Sep 17 00:00:00 2001\n+From: Rich Felker <dalias@aerifal.cx>\n+Date: Thu, 9 Apr 2026 23:40:53 -0400\n+Subject: [PATCH] qsort: hard-preclude oob array writes independent of any\n+ invariants\n+\n+while the root cause of CVE-2026-40200 was a faulty ctz primitive, the\n+fallout of the bug would have been limited to erroneous sorting or\n+infinite loop if not for the stores to a stack-based array that\n+depended on trusting invariants in order not to go out of bounds.\n+\n+increase the size of the array to a power of two so that we can mask\n+indices into it to force them into range. in the absence of any\n+further bug, the masking is a no-op, but it does not have any\n+measurable performance cost, and it makes spatial memory safety\n+trivial to prove (and for readers not familiar with the algorithms to\n+trust).\n+\n+CVE: CVE-2026-40200\n+Upstream: https://git.musl-libc.org/cgit/musl/commit/?id=b3291b9a9f77f1f993d2b4f8c68a26cf09221ae7\n+Signed-off-by: Fiona Klute <fiona.klute@gmx.de>\n+---\n+ src/stdlib/qsort.c | 20 +++++++++++++-------\n+ 1 file changed, 13 insertions(+), 7 deletions(-)\n+\n+diff --git a/src/stdlib/qsort.c b/src/stdlib/qsort.c\n+index 13219ab3..e4bce9f7 100644\n+--- a/src/stdlib/qsort.c\n++++ b/src/stdlib/qsort.c\n+@@ -89,10 +89,16 @@ static inline void shr(size_t p[2], int n)\n+ \tp[1] >>= n;\n+ }\n+ \n++/* power-of-two length for working array so that we can mask indices and\n++ * not depend on any invariant of the algorithm for spatial memory safety.\n++ * the original size was just 14*sizeof(size_t)+1 */\n++#define AR_LEN (16 * sizeof(size_t))\n++#define AR_MASK (AR_LEN - 1)\n++\n+ static void sift(unsigned char *head, size_t width, cmpfun cmp, void *arg, int pshift, size_t lp[])\n+ {\n+ \tunsigned char *rt, *lf;\n+-\tunsigned char *ar[14 * sizeof(size_t) + 1];\n++\tunsigned char *ar[AR_LEN];\n+ \tint i = 1;\n+ \n+ \tar[0] = head;\n+@@ -104,16 +110,16 @@ static void sift(unsigned char *head, size_t width, cmpfun cmp, void *arg, int p\n+ \t\t\tbreak;\n+ \t\t}\n+ \t\tif(cmp(lf, rt, arg) >= 0) {\n+-\t\t\tar[i++] = lf;\n++\t\t\tar[i++ & AR_MASK] = lf;\n+ \t\t\thead = lf;\n+ \t\t\tpshift -= 1;\n+ \t\t} else {\n+-\t\t\tar[i++] = rt;\n++\t\t\tar[i++ & AR_MASK] = rt;\n+ \t\t\thead = rt;\n+ \t\t\tpshift -= 2;\n+ \t\t}\n+ \t}\n+-\tcycle(width, ar, i);\n++\tcycle(width, ar, i & AR_MASK);\n+ }\n+ \n+ static void trinkle(unsigned char *head, size_t width, cmpfun cmp, void *arg, size_t pp[2], int pshift, int trusty, size_t lp[])\n+@@ -121,7 +127,7 @@ static void trinkle(unsigned char *head, size_t width, cmpfun cmp, void *arg, si\n+ \tunsigned char *stepson,\n+ \t *rt, *lf;\n+ \tsize_t p[2];\n+-\tunsigned char *ar[14 * sizeof(size_t) + 1];\n++\tunsigned char *ar[AR_LEN];\n+ \tint i = 1;\n+ \tint trail;\n+ \n+@@ -142,7 +148,7 @@ static void trinkle(unsigned char *head, size_t width, cmpfun cmp, void *arg, si\n+ \t\t\t}\n+ \t\t}\n+ \n+-\t\tar[i++] = stepson;\n++\t\tar[i++ & AR_MASK] = stepson;\n+ \t\thead = stepson;\n+ \t\ttrail = pntz(p);\n+ \t\tshr(p, trail);\n+@@ -150,7 +156,7 @@ static void trinkle(unsigned char *head, size_t width, cmpfun cmp, void *arg, si\n+ \t\ttrusty = 0;\n+ \t}\n+ \tif(!trusty) {\n+-\t\tcycle(width, ar, i);\n++\t\tcycle(width, ar, i & AR_MASK);\n+ \t\tsift(head, width, cmp, arg, pshift, lp);\n+ \t}\n+ }\n+-- \n+2.53.0\n+\ndiff --git a/package/musl/0006-qsort-fix-shift-UB-in-shl-and-shr.patch b/package/musl/0006-qsort-fix-shift-UB-in-shl-and-shr.patch\nnew file mode 100644\nindex 0000000000..455a0677e2\n--- /dev/null\n+++ b/package/musl/0006-qsort-fix-shift-UB-in-shl-and-shr.patch\n@@ -0,0 +1,43 @@\n+From 5122f9f3c99fee366167c5de98b31546312921ab Mon Sep 17 00:00:00 2001\n+From: Luca Kellermann <mailto.luca.kellermann@gmail.com>\n+Date: Fri, 10 Apr 2026 03:03:22 +0200\n+Subject: [PATCH] qsort: fix shift UB in shl and shr\n+\n+if shl() or shr() are called with n==8*sizeof(size_t), n is adjusted\n+to 0. the shift by (sizeof(size_t) * 8 - n) that then follows will\n+consequently shift by the width of size_t, which is UB and in practice\n+produces an incorrect result.\n+\n+return early in this case. the bitvector p was already shifted by the\n+required amount.\n+\n+CVE: CVE-2026-40200\n+Upstream: https://git.musl-libc.org/cgit/musl/commit/?id=5122f9f3c99fee366167c5de98b31546312921ab\n+Signed-off-by: Fiona Klute <fiona.klute@gmx.de>\n+---\n+ src/stdlib/qsort.c | 2 ++\n+ 1 file changed, 2 insertions(+)\n+\n+diff --git a/src/stdlib/qsort.c b/src/stdlib/qsort.c\n+index e4bce9f7..28607450 100644\n+--- a/src/stdlib/qsort.c\n++++ b/src/stdlib/qsort.c\n+@@ -71,6 +71,7 @@ static inline void shl(size_t p[2], int n)\n+ \t\tn -= 8 * sizeof(size_t);\n+ \t\tp[1] = p[0];\n+ \t\tp[0] = 0;\n++\t\tif (!n) return;\n+ \t}\n+ \tp[1] <<= n;\n+ \tp[1] |= p[0] >> (sizeof(size_t) * 8 - n);\n+@@ -83,6 +84,7 @@ static inline void shr(size_t p[2], int n)\n+ \t\tn -= 8 * sizeof(size_t);\n+ \t\tp[0] = p[1];\n+ \t\tp[1] = 0;\n++\t\tif (!n) return;\n+ \t}\n+ \tp[0] >>= n;\n+ \tp[0] |= p[1] << (sizeof(size_t) * 8 - n);\n+-- \n+2.53.0\n+\ndiff --git a/package/musl/musl.mk b/package/musl/musl.mk\nindex 29a9c90ce1..5384a08abf 100644\n--- a/package/musl/musl.mk\n+++ b/package/musl/musl.mk\n@@ -29,6 +29,11 @@ MUSL_INSTALL_STAGING = YES\n # 0003-fix-pathological-slowness-incorrect-mappings-in-icon.patch\n MUSL_IGNORE_CVES += CVE-2026-6042\n \n+# 0004-qsort-fix-leonardo-heap-corruption-from-bug-in-doubl.patch\n+# 0005-qsort-hard-preclude-oob-array-writes-independent-of-.patch\n+# 0006-qsort-fix-shift-UB-in-shl-and-shr.patch\n+MUSL_IGNORE_CVES += CVE-2026-40200\n+\n # musl does not build with LTO, so explicitly disable it\n # when using a compiler that may have support for LTO\n ifeq ($(BR2_TOOLCHAIN_GCC_AT_LEAST_4_7),y)\n", "prefixes": [ "2/2" ] }