| Message ID | 20260318193557.3163899-1-skandigraun@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | [meta-python,whinlatter] python3-marshmallow: mark CVE-2025-68480 patched | expand |
diff --git a/meta-python/recipes-devtools/python/python3-marshmallow_4.1.2.bb b/meta-python/recipes-devtools/python/python3-marshmallow_4.1.2.bb index f3a905a36c..f058bd7123 100644 --- a/meta-python/recipes-devtools/python/python3-marshmallow_4.1.2.bb +++ b/meta-python/recipes-devtools/python/python3-marshmallow_4.1.2.bb @@ -30,3 +30,5 @@ RDEPENDS:${PN} += " \ python3-pprint \ python3-packaging \ " + +CVE_STATUS[CVE-2025-68480] = "fixed-version: fixed in 4.1.2"
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-68480 The vulnerability has been fixed in version 4.1.2[1], however NVD tracks this CVE without version info. Mark it as patched explicitly. [1]: https://github.com/marshmallow-code/marshmallow/commit/d24a0c9df061c4daa92f71cf85aca25b83eee508 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> --- .../recipes-devtools/python/python3-marshmallow_4.1.2.bb | 2 ++ 1 file changed, 2 insertions(+)