From 157b2e377dcf86f5266947d7fd467727d832cd53 Mon Sep 17 00:00:00 2001
From: Gyorgy Sarvari <skandigraun@gmail.com>
Date: Mon, 26 Jan 2026 14:05:03 +0100
Subject: [PATCH] sox: mark CVE-2019-1010004 as patched

Details: https://nvd.nist.gov/vuln/detail/CVE-2019-1010004

The description mentions that this vulnerability overlaps with CVE-2017-18189,
and Debian's investigation[1] confirms that it is solved by the same commit.

Add the ID to the CVE tag of CVE-2017-18189.patch.

[1]: https://security-tracker.debian.org/tracker/CVE-2019-1010004

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
---
 meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-18189.patch | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-18189.patch b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-18189.patch
index 3ca829b230..20af7cdada 100644
--- a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-18189.patch
+++ b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-18189.patch
@@ -8,7 +8,7 @@ into an infinite loop.  Prevent this by sanity checking the channel
 count in open_read().  Also add an upper bound to prevent overflow
 in multiplication.
 
-CVE: CVE-2017-18189
+CVE: CVE-2017-18189 CVE-2019-1010004
 Upstream-Status: Backport [https://github.com/mansr/sox/commit/7a8ceb86212b28243bbb6d0de636f0dfbe833e53]
 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
 ---