grpc: set status for CVE-2026-33186

CPE per NVD report is for "go", while this is C++ component: * cpe:2.3🅰️grpc:grpc:*:*:*:*:*:go:*:* Also the link to adisory within NVD report says "grpc-go": * https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3 Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-05-18 22:56:15 +00:00 · 2026-04-12 17:37:04 +02:00 · 2026-04-12 17:37:04 +02:00 · 0ef4a2ecee
commit 0ef4a2ecee
parent a1b14b7a3a
1 changed files with 2 additions and 0 deletions
--- a/meta-oe/recipes-devtools/grpc/grpc_1.60.1.bb
+++ b/meta-oe/recipes-devtools/grpc/grpc_1.60.1.bb
@ -67,3 +67,5 @@ FILES:${PN}-compiler += " \
    ${bindir} \
    ${libdir}/libgrpc_plugin_support${SOLIBS} \
    "
+
+CVE_STATUS[CVE-2026-33186] = "cpe-incorrect: this CVE is for golang version of grpc"