diff options
| author | Gyorgy Sarvari <skandigraun@gmail.com> | 2025-12-16 12:14:36 +0100 |
|---|---|---|
| committer | Khem Raj <raj.khem@gmail.com> | 2025-12-16 19:57:34 -0800 |
| commit | 598176e1cb6c928e322e26d358e8d01ba9d5af0a (patch) | |
| tree | 5b96e0993a88500887ab875fe5ddbaf23f1b1a99 /meta-networking/recipes-devtools | |
| parent | b91e86f73a0598f2154e57e5feedb62ddcbaea24 (diff) | |
| download | meta-openembedded-598176e1cb6c928e322e26d358e8d01ba9d5af0a.tar.gz | |
libcoap: ignore CVE-2025-50518
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-50518
The vulnerability is disputed by upstream, because the vulnerability
requires a user error, incorrect library usage. See also an upstream
discussion in a related (rejected) PR: https://github.com/obgm/libcoap/pull/1726
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-networking/recipes-devtools')
| -rw-r--r-- | meta-networking/recipes-devtools/libcoap/libcoap_4.3.5a.bb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5a.bb b/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5a.bb index 55c5ed8775..1a8d7ed725 100644 --- a/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5a.bb +++ b/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5a.bb | |||
| @@ -60,3 +60,5 @@ PACKAGE_BEFORE_PN += "\ | |||
| 60 | 60 | ||
| 61 | FILES:${PN}-bin = "${bindir}" | 61 | FILES:${PN}-bin = "${bindir}" |
| 62 | FILES:${PN}-dev += "${datadir}/${BPN}/examples" | 62 | FILES:${PN}-dev += "${datadir}/${BPN}/examples" |
| 63 | |||
| 64 | CVE_STATUS[CVE-2025-50518] = "disputed: happens only when library is used incorrectly" | ||