diff mbox series

[meta-oe,1/7] libsodium: mark CVE-2025-69277 patched

Message ID 20260317172346.2862459-1-skandigraun@gmail.com
State Under Review
Headers show
Series [meta-oe,1/7] libsodium: mark CVE-2025-69277 patched | expand

Commit Message

Gyorgy Sarvari March 17, 2026, 5:23 p.m. UTC 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-69277

The vulnerability has been fixed[1] since version 1.0.20, but NVD
tracks it without version info. Mark it patched explicitly.

[1]: https://github.com/jedisct1/libsodium/commit/f2da4cd8cb26599a0285a6ab0c02948e361a674a
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-oe/recipes-crypto/libsodium/libsodium_1.0.21.bb | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta-oe/recipes-crypto/libsodium/libsodium_1.0.21.bb b/meta-oe/recipes-crypto/libsodium/libsodium_1.0.21.bb
index 9f07634c41..a1647d2a30 100644
--- a/meta-oe/recipes-crypto/libsodium/libsodium_1.0.21.bb
+++ b/meta-oe/recipes-crypto/libsodium/libsodium_1.0.21.bb
@@ -13,3 +13,5 @@  SRC_URI[sha256sum] = "9e4285c7a419e82dedb0be63a72eea357d6943bc3e28e6735bf600dd48
 inherit autotools
 
 BBCLASSEXTEND = "native nativesdk"
+
+CVE_STATUS[CVE-2025-69277] = "fixed-version: fixed in 1.0.20"