diff mbox series

[meta-networking,2/2] wolfssl: ignore fixed CVEs

Message ID 20260406155044.3662500-2-skandigraun@gmail.com
State New
Headers show
Series [meta-networking,1/2] tinyproxy: patch CVE-2026-3945 | expand

Commit Message

Gyorgy Sarvari April 6, 2026, 3:50 p.m. UTC 
These CVEs are tracked without a version by NVD, but all of them
have been fixed in the current recipe version.

The relevant fixes (from the NVD reports):

CVE-2026-0819: https://github.com/wolfSSL/wolfssl/commit/2d3941056b6b961828947a2f159200df7f7d1cb2
CVE-2026-2646: https://github.com/wolfSSL/wolfssl/commit/7245ad02bb1a41235d923288fd640d40c1ecb2ea
  and https://github.com/wolfSSL/wolfssl/commit/67abcc6f2d0cc45f918325c4ae6fe2b8d5bc8f72
CVE-2026-3503: https://github.com/wolfSSL/wolfssl/commit/cc2fdda54cd6387e554b444eb2844fa840bd9d5d
CVE-2026-3548: https://github.com/wolfSSL/wolfssl/commit/84ca4a05fac9c6c055a514f05880c448ecbbed56
  and https://github.com/wolfSSL/wolfssl/commit/b3f08f33b845d2d6bb523f0f38d191ca25635e1c

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../recipes-connectivity/wolfssl/wolfssl_5.9.0.bb            | 5 +++++
 1 file changed, 5 insertions(+)
diff mbox series

Patch

diff --git a/meta-networking/recipes-connectivity/wolfssl/wolfssl_5.9.0.bb b/meta-networking/recipes-connectivity/wolfssl/wolfssl_5.9.0.bb
index a2d6455d93..7a481e7325 100644
--- a/meta-networking/recipes-connectivity/wolfssl/wolfssl_5.9.0.bb
+++ b/meta-networking/recipes-connectivity/wolfssl/wolfssl_5.9.0.bb
@@ -46,3 +46,8 @@  do_install_ptest() {
     cp -rf ${S}/certs  ${D}${PTEST_PATH}
     cp -rf ${S}/tests  ${D}${PTEST_PATH}
 }
+
+CVE_STATUS[CVE-2026-0819] = "fixed-version: fixed in 5.9.0"
+CVE_STATUS[CVE-2026-2646] = "fixed-version: fixed in 5.9.0"
+CVE_STATUS[CVE-2026-3503] = "fixed-version: fixed in 5.9.0"
+CVE_STATUS[CVE-2026-3548] = "fixed-version: fixed in 5.9.0"