diff mbox series

[meta-oe,kirkstone,4/4] openvpn: ignore CVE-2024-4877 and CVE-2025-13751

Message ID 20260117114815.782230-4-skandigraun@gmail.com
State New
Headers show
Series [meta-python,kirkstone,1/4] python3-croniter: upgrade 1.3.4 -> 1.3.5 | expand

Commit Message

Gyorgy Sarvari Jan. 17, 2026, 11:48 a.m. UTC 
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-4877
https://nvd.nist.gov/vuln/detail/CVE-2025-13751

The vulnerabilities are specific to Windows platform, not relevant to OE.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-networking/recipes-support/openvpn/openvpn_2.5.11.bb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
diff mbox series

Patch

diff --git a/meta-networking/recipes-support/openvpn/openvpn_2.5.11.bb b/meta-networking/recipes-support/openvpn/openvpn_2.5.11.bb
index 6aed4145ec..861f9e482f 100644
--- a/meta-networking/recipes-support/openvpn/openvpn_2.5.11.bb
+++ b/meta-networking/recipes-support/openvpn/openvpn_2.5.11.bb
@@ -21,8 +21,8 @@  SRC_URI[sha256sum] = "7e2672119bd4639819d560f332a8b9b7e28f562425c77899f36d419fe4
 # CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client, not for openvpn.
 CVE_CHECK_IGNORE += "CVE-2020-7224 CVE-2020-27569"
 
-# CVE-2023-7235 is specific to Windows platform
-CVE_CHECK_IGNORE += "CVE-2023-7235"
+# CVE-2023-7235 and CVE-2024-4877, CVE-2025-13751 are specific to Windows platform
+CVE_CHECK_IGNORE += "CVE-2023-7235 CVE-2024-4877 CVE-2025-13751"
 
 SYSTEMD_SERVICE:${PN} += "openvpn@loopback-server.service openvpn@loopback-client.service"
 SYSTEMD_AUTO_ENABLE = "disable"