diff mbox series

[meta-oe,scarthgap] libssh: set status for CVE-2025-14821

Message ID 20260514124823.2065721-1-sudumbha@cisco.com
State New
Headers show
Series [meta-oe,scarthgap] libssh: set status for CVE-2025-14821 | expand

Commit Message

Sudhir Dumbhare -X (sudumbha - E INFOCHIPS PRIVATE LIMITED at Cisco) May 14, 2026, 12:48 p.m. UTC 
From: Sudhir Dumbhare <sudumbha@cisco.com>

The vulnerability is Windows-specific and depends on loading
configuration from C:\etc, which does not apply to Linux/Yocto builds

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-14821
https://github.com/advisories/GHSA-5jf9-8f86-jhvw
https://www.libssh.org/security/advisories/CVE-2025-14821.txt

Signed-off-by: Sudhir Dumbhare <sudumbha@cisco.com>
---
 meta-oe/recipes-support/libssh/libssh_0.10.6.bb | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta-oe/recipes-support/libssh/libssh_0.10.6.bb b/meta-oe/recipes-support/libssh/libssh_0.10.6.bb
index 189305fd2e..20de046e58 100644
--- a/meta-oe/recipes-support/libssh/libssh_0.10.6.bb
+++ b/meta-oe/recipes-support/libssh/libssh_0.10.6.bb
@@ -68,3 +68,5 @@  do_install_ptest () {
 }
 
 BBCLASSEXTEND = "native nativesdk"
+
+CVE_STATUS[CVE-2025-14821] = "not-applicable-platform: only affects Windows due to loading configuration from C:\etc"