From cc53827cc3f8df8daf0931edc8be2ac17c678e3e Mon Sep 17 00:00:00 2001
From: Gyorgy Sarvari <skandigraun@gmail.com>
Date: Mon, 5 Jan 2026 09:31:59 +0100
Subject: python3-cbor2: ignore CVE-2025-64076

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-64076

The vunerability was introduced in v5.6.0[1], the recipe version doesn't
contain the vulnerable piece of code.

[1]: https://github.com/agronholm/cbor2/commit/387755eacf0be35591a478d3c67fe10618a6d542

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-python/recipes-devtools/python/python3-cbor2_5.4.2.bb | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'meta-python/recipes-devtools/python/python3-cbor2_5.4.2.bb')

diff --git a/meta-python/recipes-devtools/python/python3-cbor2_5.4.2.bb b/meta-python/recipes-devtools/python/python3-cbor2_5.4.2.bb
index 0d0ab6af37..bbdeca7adb 100644
--- a/meta-python/recipes-devtools/python/python3-cbor2_5.4.2.bb
+++ b/meta-python/recipes-devtools/python/python3-cbor2_5.4.2.bb
@@ -12,6 +12,9 @@ SRC_URI += " \
         file://run-ptest \
 "
 
+# not vulnerable yet, vulnerability was introduced in v5.6.0
+CVE_CHECK_IGNORE = "CVE-2025-64076"
+
 RDEPENDS:${PN}-ptest += " \
        ${PYTHON_PN}-pytest \
        ${PYTHON_PN}-unixadmin \
-- 
cgit v1.2.3-54-g00ecf