diff mbox series

[2/5] ruby: set status for CVE-2025-0306

Message ID 20260425222634.44171-2-peter.marko@siemens.com
State Under Review
Headers show
Series [1/5] shadow: set CVE_PRODUCT | expand

Commit Message

Peter Marko April 25, 2026, 10:26 p.m. UTC 
From: Peter Marko <peter.marko@siemens.com>

This is a version-less Redhat CVE, so explicit status is needed.
Per [1] the issue is mitigated by using openssl >= 3.2.0.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=2336100

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/recipes-devtools/ruby/ruby_4.0.2.bb | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-devtools/ruby/ruby_4.0.2.bb b/meta/recipes-devtools/ruby/ruby_4.0.2.bb
index ba24e8601c..f2076e0f2c 100644
--- a/meta/recipes-devtools/ruby/ruby_4.0.2.bb
+++ b/meta/recipes-devtools/ruby/ruby_4.0.2.bb
@@ -140,3 +140,5 @@  FILES:${PN}-ptest:append:class-target = "\
 "
 
 BBCLASSEXTEND = "native nativesdk"
+
+CVE_STATUS[CVE-2025-0306] = "not-applicable-config: issue does not occur with openssl >= 3.2.0"