helium-3rd-party/meta-openembedded
1
0
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-04-02 02:49:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

vlc: ignore CVE-2026-26227 and CVE-2026-26228

Browse Source 
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-26227
https://nvd.nist.gov/vuln/detail/CVE-2026-26228

Both vulnerabilities affect only the Android version of VLC, not
the other ones. Because of this, ignore these CVEs.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Gyorgy Sarvari 2026-03-08 20:05:38 +01:00 committed by Khem Raj
parent ec741a75f0
commit 81250fb6c3
No known key found for this signature in database
GPG Key ID: BB053355919D3314
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
meta-multimedia/recipes-multimedia/vlc/vlc_3.0.23.bb
View File

@ -134,3 +134,6 @@ FILES:${PN}-staticdev += "\
INSANE_SKIP:${PN} = "dev-so"
EXCLUDE_FROM_WORLD = "${@bb.utils.contains("LICENSE_FLAGS_ACCEPTED", "commercial", "0", "1", d)}"
CVE_STATUS[CVE-2026-26227] = "not-applicable-platform: the vulnerability is Android-specific"
CVE_STATUS[CVE-2026-26228] = "not-applicable-platform: the vulnerability is Android-specific"