[meta-python,4/4] python3-lief: mark CVE-2025-15504 patched

Message ID	20260119175505.777598-4-skandigraun@gmail.com
State	Under Review
Headers	show Return-Path: <skandigraun@gmail.com> ip: 209.85.128.52, mailfrom: skandigraun@gmail.com) From: Gyorgy Sarvari <skandigraun@gmail.com> To: openembedded-devel@lists.openembedded.org Subject: [meta-python][PATCH 4/4] python3-lief: mark CVE-2025-15504 patched Date: Mon, 19 Jan 2026 18:55:05 +0100 Message-ID: <20260119175505.777598-4-skandigraun@gmail.com> In-Reply-To: <20260119175505.777598-1-skandigraun@gmail.com> References: <20260119175505.777598-1-skandigraun@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[meta-python,1/4] python3-werkzeug: upgrade 3.1.4 -> 3.1.5 \| expand [meta-python,1/4] python3-werkzeug: upgrade 3.1.4 -> 3.1.5 [meta-python,2/4] python3-py: ignore CVE-2022-42969 [meta-python,3/4] python3-lief: upgrade 0.17.1 -> 0.17.2 [meta-python,4/4] python3-lief: mark CVE-2025-15504 patched

Message ID

20260119175505.777598-4-skandigraun@gmail.com

State

Under Review

Headers

From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-python][PATCH 4/4] python3-lief: mark CVE-2025-15504 patched
Date: Mon, 19 Jan 2026 18:55:05 +0100
Message-ID: <20260119175505.777598-4-skandigraun@gmail.com>
In-Reply-To: <20260119175505.777598-1-skandigraun@gmail.com>
References: <20260119175505.777598-1-skandigraun@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[meta-python,1/4] python3-werkzeug: upgrade 3.1.4 -> 3.1.5 | expand

Commit Message

Gyorgy Sarvari Jan. 19, 2026, 5:55 p.m. UTC

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-15504

The vulnerability is patched in v0.17.2, however NVD is currently tracking
the CVE without any version info (or more like with out any CPE info)

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-python/recipes-devtools/python/python3-lief_0.17.2.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta-python/recipes-devtools/python/python3-lief_0.17.2.bb b/meta-python/recipes-devtools/python/python3-lief_0.17.2.bb
index e7de6b6d3b..44b4976ab1 100644
--- a/meta-python/recipes-devtools/python/python3-lief_0.17.2.bb
+++ b/meta-python/recipes-devtools/python/python3-lief_0.17.2.bb
@@ -13,6 +13,7 @@  SRC_URI = " \
 "
 
 CVE_PRODUCT = "lief"
+CVE_STATUS[CVE-2025-15504] = "fixed-version: the vulnerability is fixed since v0.17.2"
 
 PEP517_SOURCE_PATH = "${S}/api/python"

[meta-python,4/4] python3-lief: mark CVE-2025-15504 patched

Commit Message

Patch