diff mbox series

[3/4] libsoup: set status for CVE-2026-2436

Message ID 20260427215120.199335-3-peter.marko@siemens.com
State Accepted, archived
Commit 83d00b9b4f89ba30cbac167575ca1ab4ad142b5d
Headers show
Series [1/4] coreutils: set CVE_PRODUCT | expand

Commit Message

Peter Marko April 27, 2026, 9:51 p.m. UTC
From: Peter Marko <peter.marko@siemens.com>

Commit fixing this CVE is [2] (per [1]).
That was backported to 3.6.6 as [3].

[1] https://security-tracker.debian.org/tracker/CVE-2026-2436
[2] https://gitlab.gnome.org/GNOME/libsoup/-/commit/e9b681a5b23f8259a5e29c5351a5284ae5cd1189
[3] https://gitlab.gnome.org/GNOME/libsoup/-/commit/31052a2327c81fe3b7a3d4a66d8a7c9c1aaa47ca

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/recipes-support/libsoup/libsoup_3.6.6.bb | 1 +
 1 file changed, 1 insertion(+)
diff mbox series

Patch

diff --git a/meta/recipes-support/libsoup/libsoup_3.6.6.bb b/meta/recipes-support/libsoup/libsoup_3.6.6.bb
index 9bc3f2f86f..206daa091f 100644
--- a/meta/recipes-support/libsoup/libsoup_3.6.6.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.6.6.bb
@@ -62,4 +62,5 @@  BBCLASSEXTEND = "native nativesdk"
 CVE_STATUS[CVE-2026-1467] = "fixed-version: fixed in 3.6.6"
 CVE_STATUS[CVE-2026-1536] = "fixed-version: fixed in 3.6.6"
 CVE_STATUS[CVE-2026-1801] = "fixed-version: fixed in 3.6.6"
+CVE_STATUS[CVE-2026-2436] = "fixed-version: fixed in 3.6.6"
 CVE_STATUS[CVE-2026-2443] = "fixed-version: fixed in 3.6.6"