libjxl: mark CVE-2025-12474 and CVE-2026-1837 patched

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-12474 https://nvd.nist.gov/vuln/detail/CVE-2026-1837 Both CVEs have been fixed in v0.11.2, but NVD tracks these vulnerabilities without version information. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2026-04-02 02:49:12 +00:00 · 2026-03-09 10:17:53 +01:00 · 2026-03-09 10:17:53 +01:00 · eea3a14193
commit eea3a14193
parent 39318cebcb
1 changed files with 3 additions and 0 deletions
--- a/meta-oe/recipes-multimedia/libjxl/libjxl_0.11.2.bb
+++ b/meta-oe/recipes-multimedia/libjxl/libjxl_0.11.2.bb
@ -53,3 +53,6 @@ CXXFLAGS:append:toolchain-clang:arm = " -fno-integrated-as"
 FILES:${PN} += "${libdir}/gdk-pixbuf-2.0 ${datadir}"

 BBCLASSEXTEND = "native"
+
+CVE_STATUS[CVE-2025-12474] = "fixed-version: fixed in v0.11.2"
+CVE_STATUS[CVE-2026-1837] = "fixed-version: fixed in v0.11.2"