| Message ID | 20260422085436.320259-1-adarsh.jagadish.kamini@est.tech |
|---|---|
| State | New |
| Headers | show |
| Series | [whinlatter] expat: mark CVE-2025-66382 as vulnerable-investigating | expand |
On Wed Apr 22, 2026 at 10:54 AM CEST, Adarsh Jagadish Kamini via lists.openembedded.org wrote: > From: Adarsh Jagadish Kamini <adarsh.jagadish.kamini@est.tech> > > No fix is available yet for CVE-2025-66382 [1]. > > CVE_STATUS[CVE-2025-66382] = "vulnerable-investigating: no fix available yet" > > [1] https://www.cve.org/CVERecord?id=CVE-2025-66382 > > Signed-off-by: Adarsh Jagadish Kamini <adarsh.jagadish.kamini@est.tech> > --- Sorry, but that will be too late for whinlatter. I finished reviewing the branch and will start the release build soon. Regards, > meta/recipes-core/expat/expat_2.7.4.bb | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/meta/recipes-core/expat/expat_2.7.4.bb b/meta/recipes-core/expat/expat_2.7.4.bb > index f1eff49688..65aee9d17f 100644 > --- a/meta/recipes-core/expat/expat_2.7.4.bb > +++ b/meta/recipes-core/expat/expat_2.7.4.bb > @@ -36,3 +36,4 @@ do_install_ptest:class-target() { > BBCLASSEXTEND += "native nativesdk" > > CVE_PRODUCT = "expat libexpat" > +CVE_STATUS[CVE-2025-66382] = "vulnerable-investigating: no fix available yet"
diff --git a/meta/recipes-core/expat/expat_2.7.4.bb b/meta/recipes-core/expat/expat_2.7.4.bb index f1eff49688..65aee9d17f 100644 --- a/meta/recipes-core/expat/expat_2.7.4.bb +++ b/meta/recipes-core/expat/expat_2.7.4.bb @@ -36,3 +36,4 @@ do_install_ptest:class-target() { BBCLASSEXTEND += "native nativesdk" CVE_PRODUCT = "expat libexpat" +CVE_STATUS[CVE-2025-66382] = "vulnerable-investigating: no fix available yet"