From 7cc6fe87bcbfec9e53f381fce1d5a73bd9495625 Mon Sep 17 00:00:00 2001
From: Ankur Tyagi <ankur.tyagi85@gmail.com>
Date: Thu, 9 Apr 2026 19:08:58 +1200
Subject: [PATCH] abseil-cpp: ignore CVE-2025-0838

The commit[1] mentioned in the NVD[2] is part of the current version[3].

[1] https://github.com/abseil/abseil-cpp/commit/5a0e2cb5e3958dd90bb8569a2766622cb74d90c1
[2] https://nvd.nist.gov/vuln/detail/CVE-2025-0838
[3] https://github.com/abseil/abseil-cpp/commit/54fac219c4ef0bc379dfffb0b8098725d77ac81b

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
---
 meta-oe/recipes-devtools/abseil-cpp/abseil-cpp_20240116.3.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp_20240116.3.bb b/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp_20240116.3.bb
index a11b5cbb53..ff5aedb9c3 100644
--- a/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp_20240116.3.bb
+++ b/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp_20240116.3.bb
@@ -53,3 +53,5 @@ python split_dynamic_packages() {
 ALLOW_EMPTY:${PN} = "1"
 
 BBCLASSEXTEND = "native nativesdk"
+
+CVE_STATUS[CVE-2025-0838] = "cpe-incorrect: The current version (20240116.3) is not affected."