diff mbox series

[meta-oe,whinlatter] libjxl: mark CVE-2025-12474 and CVE-2026-1837 patched

Message ID 20260309091955.189952-1-skandigraun@gmail.com
State New
Headers show
Series [meta-oe,whinlatter] libjxl: mark CVE-2025-12474 and CVE-2026-1837 patched | expand

Commit Message

Gyorgy Sarvari March 9, 2026, 9:19 a.m. UTC 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-12474
https://nvd.nist.gov/vuln/detail/CVE-2026-1837

Both CVEs have been fixed in v0.11.2, but NVD tracks these
vulnerabilities without version information.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-oe/recipes-multimedia/libjxl/libjxl_0.11.2.bb | 3 +++
 1 file changed, 3 insertions(+)
diff mbox series

Patch

diff --git a/meta-oe/recipes-multimedia/libjxl/libjxl_0.11.2.bb b/meta-oe/recipes-multimedia/libjxl/libjxl_0.11.2.bb
index 1157f07d84..0976987717 100644
--- a/meta-oe/recipes-multimedia/libjxl/libjxl_0.11.2.bb
+++ b/meta-oe/recipes-multimedia/libjxl/libjxl_0.11.2.bb
@@ -51,3 +51,6 @@  CFLAGS:append:toolchain-clang:arm = " -fno-integrated-as"
 CXXFLAGS:append:toolchain-clang:arm = " -fno-integrated-as"
 
 FILES:${PN} += "${libdir}/gdk-pixbuf-2.0 ${datadir}"
+
+CVE_STATUS[CVE-2025-12474] = "fixed-version: fixed in v0.11.2"
+CVE_STATUS[CVE-2026-1837] = "fixed-version: fixed in v0.11.2"