deleted file mode 100644
@@ -1,13 +0,0 @@
-SUMMARY = "raw image decoder"
-LICENSE = "LGPL-2.1-only | CDDL-1.0"
-LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=1501ae0aa3c8544e63f08d6f7bf88a6f"
-
-SRC_URI = "git://github.com/LibRaw/LibRaw.git;branch=0.21-stable;protocol=https"
-SRCREV = "1ef70158d7fde1ced6aaddb0b9443c32a7121d3d"
-
-inherit autotools pkgconfig
-
-DEPENDS = "jpeg jasper lcms"
-
-CVE_STATUS[CVE-2020-22628] = "cpe-incorrect: The current version (0.21.2) is not affected by the CVE which affects versions earlier than 0.21.2"
-CVE_STATUS[CVE-2023-1729] = "cpe-incorrect: The current version (0.21.2) is not affected by the CVE which affects versions earlier than 0.21.2"
new file mode 100644
@@ -0,0 +1,10 @@
+SUMMARY = "raw image decoder"
+LICENSE = "LGPL-2.1-only | CDDL-1.0"
+LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=1501ae0aa3c8544e63f08d6f7bf88a6f"
+
+SRC_URI = "git://github.com/LibRaw/LibRaw.git;branch=0.21-stable;protocol=https;tag=${PV}"
+SRCREV = "9646d776c7c61976080a8f2be67928df0750493e"
+
+inherit autotools pkgconfig
+
+DEPENDS = "jpeg jasper lcms"
This upgrade contains fixes for the following vulnerabilities: CVE-2025-43961, CVE-2025-43962, CVE-2025-43963 and CVE-2025-43964 Also drop two old CVE_STATUS entries which are not needed anymore, because the database has been updated with correct info. Changelog: https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> --- meta-oe/recipes-support/libraw/libraw_0.21.2.bb | 13 ------------- meta-oe/recipes-support/libraw/libraw_0.21.4.bb | 10 ++++++++++ 2 files changed, 10 insertions(+), 13 deletions(-) delete mode 100644 meta-oe/recipes-support/libraw/libraw_0.21.2.bb create mode 100644 meta-oe/recipes-support/libraw/libraw_0.21.4.bb