summaryrefslogtreecommitdiffstats
path: root/meta-oe
diff options
context:
space:
mode:
authorGyorgy Sarvari <skandigraun@gmail.com>2026-04-07 11:19:13 +0200
committerAnuj Mittal <anuj.mittal@oss.qualcomm.com>2026-04-24 21:13:20 +0530
commit6c4868d3f7a9d60a1cc22a8a273ae5e5c59c199f (patch)
treefcbfdd45b23370abe7c82b1a7e568b89312c27af /meta-oe
parent2c70222d32886a2f8f6698c2a563e9ea61cd791b (diff)
downloadmeta-openembedded-6c4868d3f7a9d60a1cc22a8a273ae5e5c59c199f.tar.gz
nodejs: ignore fixed CVEs
All these CVEs are fixed in v22.22.2[1], except for CVE-2026-21712, which does not affect v22 series, because it was introduced in a later version[2]. All these CVEs are tracked without version info by NVD at the time of creating this patch. [1]: https://github.com/nodejs/node/blob/v22.x/doc/changelogs/CHANGELOG_V22.md [2]: https://nodejs.org/en/blog/vulnerability/march-2026-security-releases Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Diffstat (limited to 'meta-oe')
-rw-r--r--meta-oe/recipes-devtools/nodejs/nodejs_22.22.2.bb7
1 files changed, 7 insertions, 0 deletions
diff --git a/meta-oe/recipes-devtools/nodejs/nodejs_22.22.2.bb b/meta-oe/recipes-devtools/nodejs/nodejs_22.22.2.bb
index 2fad3f362d..c64cc5b7c2 100644
--- a/meta-oe/recipes-devtools/nodejs/nodejs_22.22.2.bb
+++ b/meta-oe/recipes-devtools/nodejs/nodejs_22.22.2.bb
@@ -217,3 +217,10 @@ python __anonymous () {
217} 217}
218 218
219BBCLASSEXTEND = "native" 219BBCLASSEXTEND = "native"
220
221CVE_STATUS[CVE-2026-21712] = "cpe-incorrect: only v24 and v25 are affected"
222CVE_STATUS[CVE-2026-21713] = "fixed-version: fixed since v22.22.2"
223CVE_STATUS[CVE-2026-21714] = "fixed-version: fixed since v22.22.2"
224CVE_STATUS[CVE-2026-21715] = "fixed-version: fixed since v22.22.2"
225CVE_STATUS[CVE-2026-21716] = "fixed-version: fixed since v22.22.2"
226CVE_STATUS[CVE-2026-21717] = "fixed-version: fixed since v22.22.2"