helium-3rd-party/meta-openembedded
1
0
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-04-02 02:49:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

exiv2: mark CVE-2026-27631 patched

Browse Source 
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-27631

Though NVD indicates that 0.28.8 is still vulnerable, that does
not seem to be the case: the fix that is referenced by the advisory
has been backported[1] to this verison. Due to this, mark this
CVE as patched.

[1]: 21d129c842

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Gyorgy Sarvari 2026-03-17 18:23:42 +01:00 committed by Khem Raj
parent 1cad6f53a4
commit b81ba45156
No known key found for this signature in database
GPG Key ID: BB053355919D3314
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
meta-oe/recipes-support/exiv2/exiv2_0.28.8.bb
View File

@ -36,3 +36,5 @@ do_install_ptest(){
install -d ${D}${PTEST_PATH}/src
install ${S}/src/canonmn_int.cpp ${D}${PTEST_PATH}/src
}
CVE_STATUS[CVE-2026-27631] = "fixed-version: fixed in 0.28.8"