diff mbox series

[meta-python,3/5] python3-configobj: ignore CVE-2023-26112

Message ID 20260105115346.3385811-3-skandigraun@gmail.com
State New
Headers show
Series [meta-oe,1/5] imagemagick: upgrade 7.1.2-11 -> 7.1.2-12 | expand

Commit Message

Gyorgy Sarvari Jan. 5, 2026, 11:53 a.m. UTC 
Details: https://nvd.nist.gov/vuln/detail/CVE-2023-26112

The fix[1] is already included in the recipe version (5.0.9),
the CVE can be marked as patched.

[1]: https://github.com/DiffSK/configobj/commit/7c618b0bbaff6ecaca51a6f05b29795d1377a4a5

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-python/recipes-devtools/python/python3-configobj_5.0.9.bb | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta-python/recipes-devtools/python/python3-configobj_5.0.9.bb b/meta-python/recipes-devtools/python/python3-configobj_5.0.9.bb
index bd4764f4de..b2fea46cd6 100644
--- a/meta-python/recipes-devtools/python/python3-configobj_5.0.9.bb
+++ b/meta-python/recipes-devtools/python/python3-configobj_5.0.9.bb
@@ -13,3 +13,5 @@  RDEPENDS:${PN} += " \
 	python3-pprint \
 	python3-six \
 "
+
+CVE_STATUS[CVE-2023-26112] = "fixed-version: the current version (5.0.9) is already fixed"