summaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-devtools
diff options
context:
space:
mode:
authorGyorgy Sarvari <skandigraun@gmail.com>2026-03-05 15:51:43 +0100
committerAnuj Mittal <anuj.mittal@oss.qualcomm.com>2026-03-24 08:52:02 +0530
commitc73a2a0435dc1073d555415cbd1723db267a9d01 (patch)
tree6127fafc417f21bc27f9df37254cf58efd8aa2e7 /meta-oe/recipes-devtools
parent24e8a09f65b28895e31283645700b1665d80f36d (diff)
downloadmeta-openembedded-c73a2a0435dc1073d555415cbd1723db267a9d01.tar.gz
protobuf: ignore CVE-2026-0994
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-0994 The vulnerability impacts only the python bindings of protobuf, which is in a separate recipe (python3-protobuf, where it is patched). Ignore this CVE in this recipe due to this. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 398fa05aa8bf7ce17dc40ed99edfc6a88feeb541) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Diffstat (limited to 'meta-oe/recipes-devtools')
-rw-r--r--meta-oe/recipes-devtools/protobuf/protobuf_4.25.8.bb2
1 files changed, 2 insertions, 0 deletions
diff --git a/meta-oe/recipes-devtools/protobuf/protobuf_4.25.8.bb b/meta-oe/recipes-devtools/protobuf/protobuf_4.25.8.bb
index e54dffd2cd..00c2360793 100644
--- a/meta-oe/recipes-devtools/protobuf/protobuf_4.25.8.bb
+++ b/meta-oe/recipes-devtools/protobuf/protobuf_4.25.8.bb
@@ -23,6 +23,8 @@ S = "${WORKDIR}/git"
23 23
24CVE_STATUS[CVE-2024-7254] = "fixed-version: The vulnerability has been addressed and the fix is included in version v4.25.8" 24CVE_STATUS[CVE-2024-7254] = "fixed-version: The vulnerability has been addressed and the fix is included in version v4.25.8"
25 25
26CVE_STATUS[CVE-2026-0994] = "cpe-incorrect: the vulnerability affects only python3-protobuf recipe"
27
26inherit cmake pkgconfig ptest 28inherit cmake pkgconfig ptest
27 29
28PACKAGECONFIG ??= "" 30PACKAGECONFIG ??= ""