From: Peter Marko <[email protected]> Description of CVE-2025-29087 and CVE-2025-3277 are very similar. There is no link from NVD, but [1] and [2] from Debian mark these two CVEs as duplicates with the same link for patch.
[1] https://security-tracker.debian.org/tracker/CVE-2025-29087 [2] https://security-tracker.debian.org/tracker/CVE-2025-3277 Signed-off-by: Peter Marko <[email protected]> --- meta/recipes-support/sqlite/files/CVE-2025-3277.patch | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-support/sqlite/files/CVE-2025-3277.patch b/meta/recipes-support/sqlite/files/CVE-2025-3277.patch index a3e28465f5..625cf29d3e 100644 --- a/meta/recipes-support/sqlite/files/CVE-2025-3277.patch +++ b/meta/recipes-support/sqlite/files/CVE-2025-3277.patch @@ -7,6 +7,7 @@ Subject: [PATCH] Add a typecast to avoid 32-bit integer overflow in the FossilOrigin-Name: 498e3f1cf57f164fbd8380e92bf91b9f26d6aa05d092fcd135d754abf1e5b1b5 CVE: CVE-2025-3277 +CVE: CVE-2025-29087 Upstream-Status: Backport [https://github.com/sqlite/sqlite/commit/f4fc2ee20311a0a5141726c71d318ab52001c974] Signed-off-by: Ankur Tyagi <[email protected]>
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#228838): https://lists.openembedded.org/g/openembedded-core/message/228838 Mute This Topic: https://lists.openembedded.org/mt/117039918/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
