From 6a15ff3e9eb6507555c66e013266aecd3e9d3212 Mon Sep 17 00:00:00 2001
From: Gyorgy Sarvari <skandigraun@gmail.com>
Date: Mon, 6 Apr 2026 17:50:44 +0200
Subject: [PATCH] wolfssl: ignore fixed CVEs

These CVEs are tracked without a version by NVD, but all of them
have been fixed in the current recipe version.

The relevant fixes (from the NVD reports):

CVE-2026-0819: https://github.com/wolfSSL/wolfssl/commit/2d3941056b6b961828947a2f159200df7f7d1cb2
CVE-2026-2646: https://github.com/wolfSSL/wolfssl/commit/7245ad02bb1a41235d923288fd640d40c1ecb2ea
  and https://github.com/wolfSSL/wolfssl/commit/67abcc6f2d0cc45f918325c4ae6fe2b8d5bc8f72
CVE-2026-3503: https://github.com/wolfSSL/wolfssl/commit/cc2fdda54cd6387e554b444eb2844fa840bd9d5d
CVE-2026-3548: https://github.com/wolfSSL/wolfssl/commit/84ca4a05fac9c6c055a514f05880c448ecbbed56
  and https://github.com/wolfSSL/wolfssl/commit/b3f08f33b845d2d6bb523f0f38d191ca25635e1c

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---
 .../recipes-connectivity/wolfssl/wolfssl_5.9.0.bb            | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/meta-networking/recipes-connectivity/wolfssl/wolfssl_5.9.0.bb b/meta-networking/recipes-connectivity/wolfssl/wolfssl_5.9.0.bb
index a2d6455d93..7a481e7325 100644
--- a/meta-networking/recipes-connectivity/wolfssl/wolfssl_5.9.0.bb
+++ b/meta-networking/recipes-connectivity/wolfssl/wolfssl_5.9.0.bb
@@ -46,3 +46,8 @@ do_install_ptest() {
     cp -rf ${S}/certs  ${D}${PTEST_PATH}
     cp -rf ${S}/tests  ${D}${PTEST_PATH}
 }
+
+CVE_STATUS[CVE-2026-0819] = "fixed-version: fixed in 5.9.0"
+CVE_STATUS[CVE-2026-2646] = "fixed-version: fixed in 5.9.0"
+CVE_STATUS[CVE-2026-3503] = "fixed-version: fixed in 5.9.0"
+CVE_STATUS[CVE-2026-3548] = "fixed-version: fixed in 5.9.0"