diff mbox series

[meta-oe,scarthgap,22/22] libraw: ignore CVE-2026-5318

Message ID 20260409070919.3968586-22-ankur.tyagi85@gmail.com
State New
Headers show
Series [meta-oe,scarthgap,1/22] abseil-cpp: ignore CVE-2025-0838 | expand

Commit Message

Ankur Tyagi April 9, 2026, 7:09 a.m. UTC 
From: Ankur Tyagi <ankur.tyagi85@gmail.com>

Vulnerability exists in the function which was added in version 0.22.0[1]

Details: https://nvd.nist.gov/vuln/detail/CVE-2026-5318

[1] https://github.com/LibRaw/LibRaw/commit/12b0e5d60c57bb795382fda8494fc45f683550b8

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
---
 meta-oe/recipes-support/libraw/libraw_0.21.2.bb | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta-oe/recipes-support/libraw/libraw_0.21.2.bb b/meta-oe/recipes-support/libraw/libraw_0.21.2.bb
index 1303c0e8ac..d285dcefff 100644
--- a/meta-oe/recipes-support/libraw/libraw_0.21.2.bb
+++ b/meta-oe/recipes-support/libraw/libraw_0.21.2.bb
@@ -14,3 +14,5 @@  S = "${WORKDIR}/git"
 inherit autotools pkgconfig
 
 DEPENDS = "jpeg jasper lcms"
+
+CVE_STATUS[CVE-2026-5318] = "cpe-incorrect: The current version (0.21.2) is not affected."