From b964b9858b4b80da2b845cb626c729d1e7a157e7 Mon Sep 17 00:00:00 2001
From: Gyorgy Sarvari <skandigraun@gmail.com>
Date: Mon, 5 Jan 2026 11:02:35 +0100
Subject: python3-configobj: ignore CVE-2023-26112

Details: https://nvd.nist.gov/vuln/detail/CVE-2023-26112

The used version (5.0.9) contains the fix[1] already - ignore the CVE.

[1]: https://github.com/DiffSK/configobj/commit/7c618b0bbaff6ecaca51a6f05b29795d1377a4a5

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
---
 meta-python/recipes-devtools/python/python3-configobj_5.0.9.bb | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'meta-python/recipes-devtools/python')

diff --git a/meta-python/recipes-devtools/python/python3-configobj_5.0.9.bb b/meta-python/recipes-devtools/python/python3-configobj_5.0.9.bb
index bd4764f4de..4b9d4eae6d 100644
--- a/meta-python/recipes-devtools/python/python3-configobj_5.0.9.bb
+++ b/meta-python/recipes-devtools/python/python3-configobj_5.0.9.bb
@@ -13,3 +13,5 @@ RDEPENDS:${PN} += " \
 	python3-pprint \
 	python3-six \
 "
+
+CVE_STATUS[CVE-2023-26112] = "fixed-version: the recipe version (5.0.9) contains the fix already"
-- 
cgit v1.2.3-54-g00ecf