diff mbox series

[meta-oe,kirkstone,3/5] mercurial: ignore CVE-2022-43410

Message ID 20260213154229.1329476-3-skandigraun@gmail.com
State New
Headers show
Series [meta-networking,kirkstone,1/5] ez-ipupdate: patch CVE-2003-0887 | expand

Commit Message

Gyorgy Sarvari Feb. 13, 2026, 3:42 p.m. UTC 
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-43410

The vulnerability affects only the Mercurial Jenkins plugin, which
is a different project. This CVE can be ignored in this recipe.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-oe/recipes-devtools/mercurial/mercurial_6.1.bb | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta-oe/recipes-devtools/mercurial/mercurial_6.1.bb b/meta-oe/recipes-devtools/mercurial/mercurial_6.1.bb
index 3abecc3054..d118fed6ad 100644
--- a/meta-oe/recipes-devtools/mercurial/mercurial_6.1.bb
+++ b/meta-oe/recipes-devtools/mercurial/mercurial_6.1.bb
@@ -35,3 +35,5 @@  FILES:${PN} += "${PYTHON_SITEPACKAGES_DIR}"
 
 FILES:${PN}-python = "${nonarch_libdir}/${PYTHON_DIR}"
 
+# The CVE is for Jenkins plugin, not the SCM
+CVE_CHECK_IGNORE = "CVE-2022-43410"