From 1cad6f53a40db5268ad0054b0526367b11a00bdf Mon Sep 17 00:00:00 2001
From: Gyorgy Sarvari <skandigraun@gmail.com>
Date: Tue, 17 Mar 2026 18:23:40 +0100
Subject: [PATCH] libsodium: mark CVE-2025-69277 patched

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-69277

The vulnerability has been fixed[1] since version 1.0.20, but NVD
tracks it without version info. Mark it patched explicitly.

[1]: https://github.com/jedisct1/libsodium/commit/f2da4cd8cb26599a0285a6ab0c02948e361a674a

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 meta-oe/recipes-crypto/libsodium/libsodium_1.0.21.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-oe/recipes-crypto/libsodium/libsodium_1.0.21.bb b/meta-oe/recipes-crypto/libsodium/libsodium_1.0.21.bb
index 9f07634c41..a1647d2a30 100644
--- a/meta-oe/recipes-crypto/libsodium/libsodium_1.0.21.bb
+++ b/meta-oe/recipes-crypto/libsodium/libsodium_1.0.21.bb
@@ -13,3 +13,5 @@ SRC_URI[sha256sum] = "9e4285c7a419e82dedb0be63a72eea357d6943bc3e28e6735bf600dd48
 inherit autotools
 
 BBCLASSEXTEND = "native nativesdk"
+
+CVE_STATUS[CVE-2025-69277] = "fixed-version: fixed in 1.0.20"