diff mbox series

[meta-oe,scarthgap,1/8] exiftool: ignore CVE-2026-7580

Message ID 20260513050450.3515182-1-ankur.tyagi85@gmail.com
State New
Headers show
Series [meta-oe,scarthgap,1/8] exiftool: ignore CVE-2026-7580 | expand

Commit Message

Ankur Tyagi May 13, 2026, 5:04 a.m. UTC 
From: Ankur Tyagi <ankur.tyagi85@gmail.com>

The impacted function mentioned in the nvd[1] was introduced in v12.82[2],
hence we can ignore this CVE.

[1]https://nvd.nist.gov/vuln/detail/CVE-2026-7580
[2]https://github.com/exiftool/exiftool/commit/280a7f0db71b5887be492d57723723cb196ad2f9

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
---
 meta-oe/recipes-devtools/perl/exiftool_12.72.bb | 1 +
 1 file changed, 1 insertion(+)
diff mbox series

Patch

diff --git a/meta-oe/recipes-devtools/perl/exiftool_12.72.bb b/meta-oe/recipes-devtools/perl/exiftool_12.72.bb
index f1d17a6799..68e7a79436 100644
--- a/meta-oe/recipes-devtools/perl/exiftool_12.72.bb
+++ b/meta-oe/recipes-devtools/perl/exiftool_12.72.bb
@@ -22,3 +22,4 @@  RDEPENDS:${PN} = " \
 "
 
 CVE_STATUS[CVE-2026-3102] = "not-applicable-platform: affects only MacOS"
+CVE_STATUS[CVE-2026-7580] = "cpe-incorrect: The current version (12.72) is not affected."