From b54893d2268e54f5753861c0fee26385e0152e85 Mon Sep 17 00:00:00 2001
From: Gyorgy Sarvari <skandigraun@gmail.com>
Date: Fri, 13 Feb 2026 16:42:27 +0100
Subject: [PATCH] mercurial: ignore CVE-2022-43410

Details: https://nvd.nist.gov/vuln/detail/CVE-2022-43410

The vulnerability affects only the Mercurial Jenkins plugin, which
is a different project. This CVE can be ignored in this recipe.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-oe/recipes-devtools/mercurial/mercurial_6.1.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-oe/recipes-devtools/mercurial/mercurial_6.1.bb b/meta-oe/recipes-devtools/mercurial/mercurial_6.1.bb
index 3abecc3054..d118fed6ad 100644
--- a/meta-oe/recipes-devtools/mercurial/mercurial_6.1.bb
+++ b/meta-oe/recipes-devtools/mercurial/mercurial_6.1.bb
@@ -35,3 +35,5 @@ FILES:${PN} += "${PYTHON_SITEPACKAGES_DIR}"
 
 FILES:${PN}-python = "${nonarch_libdir}/${PYTHON_DIR}"
 
+# The CVE is for Jenkins plugin, not the SCM
+CVE_CHECK_IGNORE = "CVE-2022-43410"