tigervnc: ignore CVE-2025-26594...26601 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Gyorgy Sarvari <skandigraun@gmail.com>	2025-12-25 17:35:11 +0100
committer	Khem Raj <raj.khem@gmail.com>	2025-12-25 11:25:58 -0800
commit	4924e89bb77fe5486063229c50039a458d60f8ea (patch)
tree	dfb6882047014cc9cf4f7a72e9d84522c4b3243c /meta-python/recipes-devtools/python
parent	62a78f8ba7c8bd229cc82cf81bcc6a6d8116ebca (diff)
download	meta-openembedded-4924e89bb77fe5486063229c50039a458d60f8ea.tar.gz

tigervnc: ignore CVE-2025-26594...26601

Ignore the following CVEs: CVE-2025-26594, CVE-2025-26595, CVE-2025-26596, CVE-2025-26597, CVE-2025-26598, CVE-2025-26599, CVE-2025-26600, CVE-2025-26601 Details: https://nvd.nist.gov/vuln/detail/CVE-2025-26594 https://nvd.nist.gov/vuln/detail/CVE-2025-26595 https://nvd.nist.gov/vuln/detail/CVE-2025-26596 https://nvd.nist.gov/vuln/detail/CVE-2025-26597 https://nvd.nist.gov/vuln/detail/CVE-2025-26598 https://nvd.nist.gov/vuln/detail/CVE-2025-26599 https://nvd.nist.gov/vuln/detail/CVE-2025-26600 https://nvd.nist.gov/vuln/detail/CVE-2025-26601 TigerVNC compiles its own xserver, this is why these CVEs are associated with it - despite the vulnerabilities being in xserver. All of these vulnerabilities were fixed by the same PR[1], which has been part of xserver since version 21.1.16 (the currently used xserver version in TigerVNC is 21.1.18). Due to this, ignore these vulnerabilities, and just mark them as patched. [1]: https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1830 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: