diff mbox series

[meta-oe,whinlatter,12/15] ndpi: ignore CVE-2025-25066

Message ID 20260202211401.1287664-12-skandigraun@gmail.com
State Under Review
Delegated to: Anuj Mittal
Headers show
Series [meta-oe,whinlatter,01/15] fontforge: patch CVE-2025-15279 | expand

Commit Message

Gyorgy Sarvari Feb. 2, 2026, 9:13 p.m. UTC 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-25066

The vulnerable code was introduced in version 4.12[1], and
the recipe version is not vulnerable yet. Due to this,
ignore this CVE.

[1]: https://github.com/ntop/nDPI/commit/b9348e9d6e0e754c4b17661c643ca258f1540ca1

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-networking/recipes-support/ntopng/ndpi_4.2.bb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/meta-networking/recipes-support/ntopng/ndpi_4.2.bb b/meta-networking/recipes-support/ntopng/ndpi_4.2.bb
index f0175167a4..ae6efa802e 100644
--- a/meta-networking/recipes-support/ntopng/ndpi_4.2.bb
+++ b/meta-networking/recipes-support/ntopng/ndpi_4.2.bb
@@ -13,7 +13,6 @@  SRC_URI = "git://github.com/ntop/nDPI.git;branch=4.2-stable;protocol=https \
            file://0001-autogen.sh-not-generate-configure.patch \
            "
 
-
 inherit autotools-brokensep pkgconfig
 
 CPPFLAGS += "${SELECTED_OPTIMIZATION}"
@@ -25,3 +24,5 @@  do_configure:prepend() {
 EXTRA_OEMAKE = " \
     libdir=${libdir} \
 "
+
+CVE_STATUS[CVE-2025-25066] = "cpe-incorrect: Version 4.2 is not vulnerable yet"