libxml2: mark CVE-2025-6170 as fixed

As shown in [1] when expanding tags including it. NVD tracks this CVE as version-less. [1] c340e41950 (From OE-Core rev: d8a9c190811ad9658a74502a371c110f4d24d68f) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-05-02 18:32:15 +02:00 · 2025-08-23 22:47:07 +02:00
parent 66e1a79063
commit e29b37130f
1 changed files with 2 additions and 0 deletions
--- a/meta/recipes-core/libxml/libxml2_2.14.5.bb
+++ b/meta/recipes-core/libxml/libxml2_2.14.5.bb
@@ -27,6 +27,8 @@ SRC_URI[testtar.sha256sum] = "c6b2d42ee50b8b236e711a97d68e6c4b5c8d83e69a2be47223
 # Disputed as a security issue, but fixed in d39f780
 CVE_STATUS[CVE-2023-45322] = "disputed: issue requires memory allocation to fail"

+CVE_STATUS[CVE-2025-6170] = "fixed-version: fixed in version 2.14.5"
+
 BINCONFIG = "${bindir}/xml2-config"

 PACKAGECONFIG ??= "python"