diff mbox series

[4/4] xserver-xorg: set status for CVE-2026-34000 and CVE-2026-34002

Message ID 20260509224536.27734-4-peter.marko@siemens.com
State Under Review
Headers show
Series [1/4] rpm-sequoia: set status for CVE-2026-2625 | expand

Commit Message

Peter Marko May 9, 2026, 10:45 p.m. UTC 
From: Peter Marko <peter.marko@siemens.com>

These are version-less RedHat CVEs.

[1] points to [2].
This was backported as [3 ]in v22.1.22.

[4] points to [5].
This was backported as [6] in v22.1.22.

[1] https://security-tracker.debian.org/tracker/CVE-2026-34000
[2] https://gitlab.freedesktop.org/xorg/xserver/-/commit/81b6a34f90b28c32ad499a78a4f391b7c06daea2
[3] https://gitlab.freedesktop.org/xorg/xserver/-/commit/a48d67f38753de551cd177e471b545bd8b9b1b64
[4] https://security-tracker.debian.org/tracker/CVE-2026-34002
[5] https://gitlab.freedesktop.org/xorg/xserver/-/commit/f056ce1cc96ed9261052c31524162c78e458f98c
[6] https://gitlab.freedesktop.org/xorg/xserver/-/commit/5328a544ba6c32ecdd1758283ee69058dec100f8

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/recipes-graphics/xorg-xserver/xserver-xorg.inc | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
index 0d8d782712..f720c9cef4 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
@@ -29,6 +29,8 @@  connection to the X server is lost, so a typical desktop session is either \
 impossible or difficult to exploit. There is currently no upstream patch \
 available for this flaw."
 CVE_STATUS[CVE-2022-3553] = "cpe-incorrect: This is specific to XQuartz, which is the macOS X server port"
+CVE_STATUS[CVE-2026-34000] = "fixed-version: fixed since v21.1.22"
+CVE_STATUS[CVE-2026-34002] = "fixed-version: fixed since v21.1.22"
 
 S = "${UNPACKDIR}/${XORG_PN}-${PV}"