diff mbox series

[meta-networking,6/8] wolfssl: mark fixed CVEs as patched

Message ID 20260420093323.357053-6-skandigraun@gmail.com
State Accepted
Headers show
Series [meta-networking,1/8] ngtcp2: upgrade 1.22.0 -> 1.22.1 | expand

Commit Message

Gyorgy Sarvari April 20, 2026, 9:33 a.m. UTC 
Details:  https://nvd.nist.gov/vuln/detail/CVE-2026-5188
https://nvd.nist.gov/vuln/detail/CVE-2026-5392
https://nvd.nist.gov/vuln/detail/CVE-2026-5393
https://nvd.nist.gov/vuln/detail/CVE-2026-5447
https://nvd.nist.gov/vuln/detail/CVE-2026-5448
https://nvd.nist.gov/vuln/detail/CVE-2026-5460
https://nvd.nist.gov/vuln/detail/CVE-2026-5466
https://nvd.nist.gov/vuln/detail/CVE-2026-5479
https://nvd.nist.gov/vuln/detail/CVE-2026-5500

All of these CVEs are fixed in the current recipe version, however
NVD tracks them without version. Each NVD advisory references the
corresponding fix, and each of them are contained in 5.9.1.

Mark all of them as patched explicitly.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../recipes-connectivity/wolfssl/wolfssl_5.9.1.bb        | 9 +++++++++
 1 file changed, 9 insertions(+)
diff mbox series

Patch

diff --git a/meta-networking/recipes-connectivity/wolfssl/wolfssl_5.9.1.bb b/meta-networking/recipes-connectivity/wolfssl/wolfssl_5.9.1.bb
index 22ab04a02c..2978ff1cc1 100644
--- a/meta-networking/recipes-connectivity/wolfssl/wolfssl_5.9.1.bb
+++ b/meta-networking/recipes-connectivity/wolfssl/wolfssl_5.9.1.bb
@@ -51,10 +51,19 @@  CVE_STATUS[CVE-2026-0819] = "fixed-version: fixed in 5.9.0"
 CVE_STATUS[CVE-2026-2646] = "fixed-version: fixed in 5.9.0"
 CVE_STATUS[CVE-2026-3503] = "fixed-version: fixed in 5.9.0"
 CVE_STATUS[CVE-2026-3548] = "fixed-version: fixed in 5.9.0"
+CVE_STATUS[CVE-2026-5188] = "fixed-version: fixed in 5.9.1"
 CVE_STATUS[CVE-2026-5194] = "fixed-version: fixed in 5.9.1"
 CVE_STATUS[CVE-2026-5263] = "fixed-version: fixed in 5.9.1"
 CVE_STATUS[CVE-2026-5264] = "fixed-version: fixed in 5.9.1"
+CVE_STATUS[CVE-2026-5392] = "fixed-version: fixed in 5.9.1"
+CVE_STATUS[CVE-2026-5393] = "fixed-version: fixed in 5.9.1"
 CVE_STATUS[CVE-2026-5446] = "fixed-version: fixed in 5.9.1"
+CVE_STATUS[CVE-2026-5447] = "fixed-version: fixed in 5.9.1"
+CVE_STATUS[CVE-2026-5448] = "fixed-version: fixed in 5.9.1"
+CVE_STATUS[CVE-2026-5460] = "fixed-version: fixed in 5.9.1"
+CVE_STATUS[CVE-2026-5466] = "fixed-version: fixed in 5.9.1"
+CVE_STATUS[CVE-2026-5479] = "fixed-version: fixed in 5.9.1"
+CVE_STATUS[CVE-2026-5500] = "fixed-version: fixed in 5.9.1"
 CVE_STATUS[CVE-2026-5503] = "fixed-version: fixed in 5.9.1"
 CVE_STATUS[CVE-2026-5504] = "fixed-version: fixed in 5.9.1"
 CVE_STATUS[CVE-2026-5507] = "fixed-version: fixed in 5.9.1"