freerdp3: ignore CVE-2026-24677 and CVE-2026-24678

Both vulnerabilities exists in the functions which were added in version 3.6.0[1] Details: https://nvd.nist.gov/vuln/detail/CVE-2026-24677 https://nvd.nist.gov/vuln/detail/CVE-2026-24678 [1] https://github.com/FreeRDP/FreeRDP/commit/a81d111ac4023d31e10ebf579fa34c93bf56bce5 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-06-14 05:49:57 +00:00 · 2026-04-09 19:09:05 +12:00
parent 8cc0cd3deb
commit 09cd8e482a
1 changed files with 2 additions and 0 deletions
@@ -81,3 +81,5 @@ do_configure:append() {
 FILES:${PN} += "${datadir}"

 CVE_STATUS[CVE-2025-68118] = "not-applicable-platform: only affects Windows"
+CVE_STATUS[CVE-2026-24677] = "cpe-incorrect: The current version (3.4.0) is not affected."
+CVE_STATUS[CVE-2026-24678] = "cpe-incorrect: The current version (3.4.0) is not affected."