mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-02 13:59:59 +00:00
Code Issues Projects Releases Wiki Activity

zabbix: ignore multiple CVEs

Browse Source 
CVE-2026-23919: Has been fixed since version 7.0.19[1], mark it as patched
CVE-2026-23920: Has been fixed since version 7.0.22[2], mark it as patched
CVE-2026-23921: Has been fixed since version 7.0.22[3], mark it as patched
CVE-2026-23923: The vulnerable code isn't present in 7.0 yet, it is specific
to 7.4 versions. Compare the fix[4] in 7.4, which is changes code that doesn't
exist in the recipe version. Ignore this CVE due to this.

[1]: https://support.zabbix.com/browse/ZBX-27638
[2]: https://support.zabbix.com/browse/ZBX-27639
[3]: https://support.zabbix.com/browse/ZBX-27640
[4]: https://github.com/zabbix/zabbix/commit/043c28c2083bf8ea596966f2b6b51a26de7deca3

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
This commit is contained in:
Gyorgy Sarvari
2026-04-01 10:33:23 +02:00
committed by Khem Raj
parent e003ec73d9
commit a307e2fa5d
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-oe/recipes-connectivity/zabbix/zabbix_7.0.24.bb
+4
View File
@@ -78,3 +78,7 @@ FILES:${PN} += "${libdir}"
RDEPENDS:${PN} = "logrotate"
CVE_STATUS[CVE-2026-23925] = "fixed-version: fixed since 7.0.18"
CVE_STATUS[CVE-2026-23919] = "fixed-version: fixed since 7.0.19"
CVE_STATUS[CVE-2026-23920] = "fixed-version: fixed since 7.0.22"
CVE_STATUS[CVE-2026-23921] = "fixed-version: fixed since 7.0.22"
CVE_STATUS[CVE-2026-23923] = "cpe-incorrect: 7.0 versions don't have the vulnerable code"