From c08c81ae29baf53b11caba0fc7015eeec3836f69 Mon Sep 17 00:00:00 2001
From: Gyorgy Sarvari <skandigraun@gmail.com>
Date: Mon, 2 Feb 2026 17:37:10 +0100
Subject: ndpi: ignore CVE-2025-25066

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-25066

The vulnerable code was introduced in version 4.12[1], and
the recipe version is not vulnerable yet. Due to this,
ignore this CVE for now, until the recipe is upgraded.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 meta-networking/recipes-support/ntopng/ndpi_4.2.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta-networking/recipes-support/ntopng/ndpi_4.2.bb b/meta-networking/recipes-support/ntopng/ndpi_4.2.bb
index f0175167a4..66d24e4cd8 100644
--- a/meta-networking/recipes-support/ntopng/ndpi_4.2.bb
+++ b/meta-networking/recipes-support/ntopng/ndpi_4.2.bb
@@ -25,3 +25,6 @@ do_configure:prepend() {
 EXTRA_OEMAKE = " \
     libdir=${libdir} \
 "
+
+# remove this CVE_STATUS, when the recipe is updated to 4.12 or newer
+CVE_STATUS[CVE-2025-25066] = "cpe-incorrect: Version 4.2 is not vulnerable yet"
-- 
cgit v1.2.3-54-g00ecf