From e434c0b06aac67c7ad8c241fc9180b8828bd00bf Mon Sep 17 00:00:00 2001
From: Ankur Tyagi <ankur.tyagi85@gmail.com>
Date: Sat, 10 Jan 2026 23:37:16 +1300
Subject: [PATCH] libwebsockets: ignore CVE-2025-1866

Only affects Windows and can be ignored.

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-1866
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
---
 .../recipes-connectivity/libwebsockets/libwebsockets_4.3.3.bb   | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.3.3.bb b/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.3.3.bb
index 90ac0c3eb3..413226ced2 100644
--- a/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.3.3.bb
+++ b/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.3.3.bb
@@ -68,3 +68,5 @@ RDEPENDS:${PN}-dev += " ${@bb.utils.contains('PACKAGECONFIG', 'static', '${PN}-s
 SSTATE_SCAN_FILES += "*.cmake"
 
 BBCLASSEXTEND = "native"
+
+CVE_STATUS[CVE-2025-1866] = "not-applicable-platform: only affects Windows"