mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity
Files
scarthgap
meta-openembedded/meta-oe/recipes-support/libraw/libraw_0.21.2.bb
T
Ankur Tyagi 964432f3af libraw: ignore CVE-2026-5318 
Vulnerability exists in the function which was added in version 0.22.0[1]

Details: https://nvd.nist.gov/vuln/detail/CVE-2026-5318

[1] https://github.com/LibRaw/LibRaw/commit/12b0e5d60c57bb795382fda8494fc45f683550b8

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-04-13 12:40:21 +05:30

19 lines
590 B
BlitzBasic
Raw Permalink Blame History

SUMMARY = "raw image decoder"
LICENSE = "LGPL-2.1-only | CDDL-1.0"
LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=1501ae0aa3c8544e63f08d6f7bf88a6f"
SRC_URI = " \
git://github.com/LibRaw/LibRaw.git;branch=0.21-stable;protocol=https \
file://0001-CVE-2025-43961-CVE-2025-43962.patch \
file://0002-CVE-2025-43963.patch \
file://0003-CVE-2025-43964.patch \
"
SRCREV = "1ef70158d7fde1ced6aaddb0b9443c32a7121d3d"
S = "${WORKDIR}/git"
inherit autotools pkgconfig
DEPENDS = "jpeg jasper lcms"
CVE_STATUS[CVE-2026-5318] = "cpe-incorrect: The current version (0.21.2) is not affected."
Reference in New Issue View Git Blame Copy Permalink