diff options
| author | Gyorgy Sarvari <skandigraun@gmail.com> | 2026-02-23 20:18:46 +0100 |
|---|---|---|
| committer | Khem Raj <raj.khem@gmail.com> | 2026-02-24 22:30:28 -0800 |
| commit | 398fa05aa8bf7ce17dc40ed99edfc6a88feeb541 (patch) | |
| tree | 659f9e92e70fef2402865e86ddfdccc6e9bea9ff | |
| parent | 70a90d49b92bed8e1d146bdb66db029b197683d9 (diff) | |
| download | meta-openembedded-398fa05aa8bf7ce17dc40ed99edfc6a88feeb541.tar.gz | |
protobuf: ignore CVE-2026-0994
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-0994
The vulnerability impacts only the python bindings of protobuf, which
is in a separate recipe (python3-protobuf, where it is patched).
Ignore this CVE in this recipe due to this.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
| -rw-r--r-- | meta-oe/recipes-devtools/protobuf/protobuf_6.33.5.bb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/meta-oe/recipes-devtools/protobuf/protobuf_6.33.5.bb b/meta-oe/recipes-devtools/protobuf/protobuf_6.33.5.bb index 4f5f53d4e5..66c9c24473 100644 --- a/meta-oe/recipes-devtools/protobuf/protobuf_6.33.5.bb +++ b/meta-oe/recipes-devtools/protobuf/protobuf_6.33.5.bb | |||
| @@ -28,6 +28,8 @@ UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d\.\d+\.\d+)" | |||
| 28 | 28 | ||
| 29 | CVE_PRODUCT = "google:protobuf protobuf:protobuf google-protobuf protobuf-cpp" | 29 | CVE_PRODUCT = "google:protobuf protobuf:protobuf google-protobuf protobuf-cpp" |
| 30 | 30 | ||
| 31 | CVE_STATUS[CVE-2026-0994] = "cpe-incorrect: the vulnerability affects only python3-protobuf recipe" | ||
| 32 | |||
| 31 | inherit cmake pkgconfig ptest | 33 | inherit cmake pkgconfig ptest |
| 32 | 34 | ||
| 33 | PACKAGECONFIG ??= "" | 35 | PACKAGECONFIG ??= "" |