tiff: ignore CVE-2025-61143, CVE-2025-61144 and CVE-2025-61145

These CVEs are for tools which were removed in v4.6.0[1] [1]https://gitlab.com/libtiff/libtiff/-/commit/eab89a627f0a65e9a1a47c4b30b4802c80b1ac45 Details: https://nvd.nist.gov/vuln/detail/CVE-2025-61143 https://nvd.nist.gov/vuln/detail/CVE-2025-61144 https://nvd.nist.gov/vuln/detail/CVE-2025-61145 (From OE-Core rev: e5ec16fbe4ce402b92107d2491c4e08fa2432f1a) Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> [YC: NVD patches for these CVEs only modify the tools which are not in the tarball we use] Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Paul Barker <paul@pbarker.dev>
author: Ankur Tyagi <ankur.tyagi85@gmail.com> 2026-03-07 19:45:40 +1300
committer: Paul Barker <paul@pbarker.dev> 2026-03-25 17:34:13 +0000
commit: f7363369bf29891e6ca23a6cb22ac6d36820095b (patch)
tree: 4c9bf6cec5e44ca7f755c6f100040e319c872cd9 /meta
parent: eedd0439ba07094be3f72e5e60234586a1143858 (diff)
download: poky-f7363369bf29891e6ca23a6cb22ac6d36820095b.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.6.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.6.0.bb
index 777783d7cc..07540692fc 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.6.0.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.6.0.bb
@@ -29,7 +29,7 @@ CVE_STATUS[CVE-2015-7313] = "fixed-version: Tested with check from https://secur
 CVE_STATUS[CVE-2023-3164] = "cpe-incorrect: Issue only affects the tiffcrop tool not compiled by default since 4.6.0"
 CVE_STATUS_GROUPS += "CVE_STATUS_REMOVED_TOOLS"
-CVE_STATUS_REMOVED_TOOLS = "CVE-2024-13978 CVE-2025-8176 CVE-2025-8177 CVE-2025-8534 CVE-2025-8851 CVE-2025-8961"
+CVE_STATUS_REMOVED_TOOLS = "CVE-2024-13978 CVE-2025-8176 CVE-2025-8177 CVE-2025-8534 CVE-2025-8851 CVE-2025-8961 CVE-2025-61143 CVE-2025-61144 CVE-2025-61145"
 CVE_STATUS_REMOVED_TOOLS[status] = "cpe-incorrect: tools affected by these CVEs are not present in this release"
 inherit autotools multilib_header
author	Ankur Tyagi <ankur.tyagi85@gmail.com>	2026-03-07 19:45:40 +1300
committer	Paul Barker <paul@pbarker.dev>	2026-03-25 17:34:13 +0000
commit	f7363369bf29891e6ca23a6cb22ac6d36820095b (patch)
tree	4c9bf6cec5e44ca7f755c6f100040e319c872cd9 /meta
parent	eedd0439ba07094be3f72e5e60234586a1143858 (diff)
download	poky-f7363369bf29891e6ca23a6cb22ac6d36820095b.tar.gz

diff --git a/meta/recipes-multimedia/libtiff/tiff_4.6.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.6.0.bb index 777783d7cc..07540692fc 100644 --- a/meta/recipes-multimedia/libtiff/tiff_4.6.0.bb +++ b/meta/recipes-multimedia/libtiff/tiff_4.6.0.bb
@@ -29,7 +29,7 @@ CVE_STATUS[CVE-2015-7313] = "fixed-version: Tested with check from https://secur
29	CVE_STATUS[CVE-2023-3164] = "cpe-incorrect: Issue only affects the tiffcrop tool not compiled by default since 4.6.0"	29	CVE_STATUS[CVE-2023-3164] = "cpe-incorrect: Issue only affects the tiffcrop tool not compiled by default since 4.6.0"
30		30
31	CVE_STATUS_GROUPS += "CVE_STATUS_REMOVED_TOOLS"	31	CVE_STATUS_GROUPS += "CVE_STATUS_REMOVED_TOOLS"
32	CVE_STATUS_REMOVED_TOOLS = "CVE-2024-13978 CVE-2025-8176 CVE-2025-8177 CVE-2025-8534 CVE-2025-8851 CVE-2025-8961"	32	CVE_STATUS_REMOVED_TOOLS = "CVE-2024-13978 CVE-2025-8176 CVE-2025-8177 CVE-2025-8534 CVE-2025-8851 CVE-2025-8961 CVE-2025-61143 CVE-2025-61144 CVE-2025-61145"
33	CVE_STATUS_REMOVED_TOOLS[status] = "cpe-incorrect: tools affected by these CVEs are not present in this release"	33	CVE_STATUS_REMOVED_TOOLS[status] = "cpe-incorrect: tools affected by these CVEs are not present in this release"
34		34
35	inherit autotools multilib_header	35	inherit autotools multilib_header