diff mbox series

[meta-oe,scarthgap] libjxl: mark CVE-2025-12474 and CVE-2026-1837 patched

Message ID 20260321194856.175983-1-skandigraun@gmail.com
State New
Headers show
Series [meta-oe,scarthgap] libjxl: mark CVE-2025-12474 and CVE-2026-1837 patched | expand

Commit Message

Gyorgy Sarvari March 21, 2026, 7:48 p.m. UTC 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-12474
https://nvd.nist.gov/vuln/detail/CVE-2026-1837

Both vulnerabilities have been fixed in 0.10.5.

Relevant commits:
CVE-2025-12474: https://github.com/libjxl/libjxl/commit/5ce68976a5abfaea7b3086036ab9f6543ab5b29e
CVE-2026-1837: https://github.com/libjxl/libjxl/commit/36b0cecaa12f643d03c16bd32e5f83775c912b07

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-oe/recipes-multimedia/libjxl/libjxl_0.10.5.bb | 3 +++
 1 file changed, 3 insertions(+)
diff mbox series

Patch

diff --git a/meta-oe/recipes-multimedia/libjxl/libjxl_0.10.5.bb b/meta-oe/recipes-multimedia/libjxl/libjxl_0.10.5.bb
index de4aabee22..5a00f8343c 100644
--- a/meta-oe/recipes-multimedia/libjxl/libjxl_0.10.5.bb
+++ b/meta-oe/recipes-multimedia/libjxl/libjxl_0.10.5.bb
@@ -37,3 +37,6 @@  PACKAGECONFIG[gimp] = "-DJPEGXL_ENABLE_PLUGIN_GIMP210=ON,-DJPEGXL_ENABLE_PLUGIN_
 PACKAGECONFIG[mime] = "-DJPEGXL_ENABLE_PLUGIN_MIME=ON,-DJPEGXL_ENABLE_PLUGIN_MIME=OFF"
 
 FILES:${PN} += "${libdir}/gdk-pixbuf-2.0 ${datadir}"
+
+CVE_STATUS[CVE-2025-12474] = "fixed-version: fixed in 0.10.5"
+CVE_STATUS[CVE-2026-1837] = "fixed-version: fixed in 0.10.5"