diff mbox series

libssh2: mark CVE-2023-48795 as fixed

Message ID 20241124191126.24876-1-peter.marko@siemens.com
State New
Headers show
Series libssh2: mark CVE-2023-48795 as fixed | expand

Commit Message

Peter Marko Nov. 24, 2024, 7:11 p.m. UTC 
From: Peter Marko <peter.marko@siemens.com>

NVD DB has typo in version (1.11.10 instead of 1.11.1)
Version 1.11.1 is the currently the latest one, there is no .10

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
If someone wants, correction can be requested from NVD instead of this patch.
But in current NVD CVE enrichment situation that may be problematic.

 meta/recipes-support/libssh2/libssh2_1.11.1.bb | 3 +++
 1 file changed, 3 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-support/libssh2/libssh2_1.11.1.bb b/meta/recipes-support/libssh2/libssh2_1.11.1.bb
index 6d2580072b..c7013142c0 100644
--- a/meta/recipes-support/libssh2/libssh2_1.11.1.bb
+++ b/meta/recipes-support/libssh2/libssh2_1.11.1.bb
@@ -50,3 +50,6 @@  do_install_ptest() {
 	mkdir -p ${D}${PTEST_PATH}/docs
 	cp -r ${S}/docs/* ${D}${PTEST_PATH}/docs/
 }
+
+# should be removed when upgrading to 1.11.10 or higher
+CVE_STATUS[CVE-2023-48795] = "fixed-version: fixed since version 1.11.1"