From 822c6db93eb51c58c9682975c0d2861c8e42e296 Mon Sep 17 00:00:00 2001
From: Peter Marko <peter.marko@siemens.com>
Date: Sun, 22 Feb 2026 22:28:07 +0100
Subject: [PATCH] harfbuzz: ignore CVE-2026-22693

Patch [1] linked in NVD report fixes issue in cache code introduced only
in v6.0.0 (as can be seen in tags containind that commit).

[1] https://github.com/harfbuzz/harfbuzz/commit/1265ff8d990284f04d8768f35b0e20ae5f60daae
[2] https://github.com/harfbuzz/harfbuzz/commit/7a004a7ac27da776b623c0892ebced3d12213c39

(From OE-Core rev: 1d7c87fa2e499927cb6a26e4b2ad99e6127b6e33)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
---
 meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb b/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb
index f7dc61ebd5..f4e9079922 100644
--- a/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb
+++ b/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb
@@ -50,3 +50,6 @@ FILES:${PN}-icu-dev = "${libdir}/libharfbuzz-icu.la \
 FILES:${PN}-subset = "${libdir}/libharfbuzz-subset.so.*"
 
 BBCLASSEXTEND = "native nativesdk"
+
+# fixed-version: vulnerability was introduced in v6.0.0
+CVE_CHECK_IGNORE += "CVE-2026-22693"