From f1cfd1ec5daa1148166fed8c8d83f0b731e18edd Mon Sep 17 00:00:00 2001
From: Gyorgy Sarvari <skandigraun@gmail.com>
Date: Sat, 17 Jan 2026 12:48:15 +0100
Subject: [PATCH] openvpn: ignore CVE-2024-4877 and CVE-2025-13751

Details: https://nvd.nist.gov/vuln/detail/CVE-2024-4877
https://nvd.nist.gov/vuln/detail/CVE-2025-13751

The vulnerabilities are specific to Windows platform, not relevant to OE.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-networking/recipes-support/openvpn/openvpn_2.5.11.bb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta-networking/recipes-support/openvpn/openvpn_2.5.11.bb b/meta-networking/recipes-support/openvpn/openvpn_2.5.11.bb
index 6aed4145ec..861f9e482f 100644
--- a/meta-networking/recipes-support/openvpn/openvpn_2.5.11.bb
+++ b/meta-networking/recipes-support/openvpn/openvpn_2.5.11.bb
@@ -21,8 +21,8 @@ SRC_URI[sha256sum] = "7e2672119bd4639819d560f332a8b9b7e28f562425c77899f36d419fe4
 # CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client, not for openvpn.
 CVE_CHECK_IGNORE += "CVE-2020-7224 CVE-2020-27569"
 
-# CVE-2023-7235 is specific to Windows platform
-CVE_CHECK_IGNORE += "CVE-2023-7235"
+# CVE-2023-7235 and CVE-2024-4877, CVE-2025-13751 are specific to Windows platform
+CVE_CHECK_IGNORE += "CVE-2023-7235 CVE-2024-4877 CVE-2025-13751"
 
 SYSTEMD_SERVICE:${PN} += "openvpn@loopback-server.service openvpn@loopback-client.service"
 SYSTEMD_AUTO_ENABLE = "disable"