diff mbox series

[meta-oe,scarthgap,3/5] krb5: ignore CVE-2025-3576

Message ID 20260110103716.3470419-3-ankur.tyagi85@gmail.com
State New
Headers show
Series [meta-oe,scarthgap,1/5] freerdp3: ignore CVE-2025-68118 | expand

Commit Message

Ankur Tyagi Jan. 10, 2026, 10:37 a.m. UTC 
From: Ankur Tyagi <ankur.tyagi85@gmail.com>

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-3576

As mentioned[1], vulnerability is fixed since upstream 1.21

[1] https://security-tracker.debian.org/tracker/CVE-2025-3576

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
---
 meta-oe/recipes-connectivity/krb5/krb5_1.21.3.bb | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta-oe/recipes-connectivity/krb5/krb5_1.21.3.bb b/meta-oe/recipes-connectivity/krb5/krb5_1.21.3.bb
index b38a0768e1..572c33a271 100644
--- a/meta-oe/recipes-connectivity/krb5/krb5_1.21.3.bb
+++ b/meta-oe/recipes-connectivity/krb5/krb5_1.21.3.bb
@@ -38,6 +38,8 @@  SRC_URI[sha256sum] = "b7a4cd5ead67fb08b980b21abd150ff7217e85ea320c9ed0c6dadd3048
 CVE_PRODUCT = "kerberos"
 CVE_VERSION = "5-${PV}"
 
+CVE_STATUS[CVE-2025-3576] = "fixed-version: The vulnerability has been fixed in the current version (1.21.3)"
+
 S = "${WORKDIR}/${BP}/src"
 
 DEPENDS = "bison-native ncurses util-linux e2fsprogs e2fsprogs-native openssl"