diff mbox series

[meta-oe] libjxl: mark CVE-2025-12474 and CVE-2026-1837 patched

Message ID 20260309091753.189719-1-skandigraun@gmail.com
State New
Headers show
Series [meta-oe] libjxl: mark CVE-2025-12474 and CVE-2026-1837 patched | expand

Commit Message

Gyorgy Sarvari March 9, 2026, 9:17 a.m. UTC 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-12474
https://nvd.nist.gov/vuln/detail/CVE-2026-1837

Both CVEs have been fixed in v0.11.2, but NVD tracks these
vulnerabilities without version information.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-oe/recipes-multimedia/libjxl/libjxl_0.11.2.bb | 3 +++
 1 file changed, 3 insertions(+)
diff mbox series

Patch

diff --git a/meta-oe/recipes-multimedia/libjxl/libjxl_0.11.2.bb b/meta-oe/recipes-multimedia/libjxl/libjxl_0.11.2.bb
index 617d3bc502..f73fd314c2 100644
--- a/meta-oe/recipes-multimedia/libjxl/libjxl_0.11.2.bb
+++ b/meta-oe/recipes-multimedia/libjxl/libjxl_0.11.2.bb
@@ -53,3 +53,6 @@  CXXFLAGS:append:toolchain-clang:arm = " -fno-integrated-as"
 FILES:${PN} += "${libdir}/gdk-pixbuf-2.0 ${datadir}"
 
 BBCLASSEXTEND = "native"
+
+CVE_STATUS[CVE-2025-12474] = "fixed-version: fixed in v0.11.2"
+CVE_STATUS[CVE-2026-1837] = "fixed-version: fixed in v0.11.2"