diff mbox series

[3/3] libxml2: mark CVE-2025-6170 as fixed

Message ID 20250823204707.35257-4-peter.marko@siemens.com
State New
Headers show
Series Mark some CVEs as fixed | expand

Commit Message

Peter Marko Aug. 23, 2025, 8:47 p.m. UTC 
From: Peter Marko <peter.marko@siemens.com>

As shown in [1] when expanding tags including it.

NVD tracks this CVE as version-less.

[1] https://gitlab.gnome.org/GNOME/libxml2/-/commit/c340e419505cf4bf1d9ed7019a87cc00ec200434

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/recipes-core/libxml/libxml2_2.14.5.bb | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-core/libxml/libxml2_2.14.5.bb b/meta/recipes-core/libxml/libxml2_2.14.5.bb
index f60a46e187..0b5edcd7a3 100644
--- a/meta/recipes-core/libxml/libxml2_2.14.5.bb
+++ b/meta/recipes-core/libxml/libxml2_2.14.5.bb
@@ -27,6 +27,8 @@  SRC_URI[testtar.sha256sum] = "c6b2d42ee50b8b236e711a97d68e6c4b5c8d83e69a2be47223
 # Disputed as a security issue, but fixed in d39f780
 CVE_STATUS[CVE-2023-45322] = "disputed: issue requires memory allocation to fail"
 
+CVE_STATUS[CVE-2025-6170] = "fixed-version: fixed in version 2.14.5"
+
 BINCONFIG = "${bindir}/xml2-config"
 
 PACKAGECONFIG ??= "python"