From: Peter Marko <[email protected]> Patch [1] linked in NVD report fixes issue in cache code introduced only in v6.0.0 (as can be seen in tags containind that commit).
[1] https://github.com/harfbuzz/harfbuzz/commit/1265ff8d990284f04d8768f35b0e20ae5f60daae [2] https://github.com/harfbuzz/harfbuzz/commit/7a004a7ac27da776b623c0892ebced3d12213c39 Signed-off-by: Peter Marko <[email protected]> --- meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb b/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb index f7dc61ebd56..f4e90799228 100644 --- a/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb +++ b/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb @@ -50,3 +50,6 @@ FILES:${PN}-icu-dev = "${libdir}/libharfbuzz-icu.la \ FILES:${PN}-subset = "${libdir}/libharfbuzz-subset.so.*" BBCLASSEXTEND = "native nativesdk" + +# fixed-version: vulnerability was introduced in v6.0.0 +CVE_CHECK_IGNORE += "CVE-2026-22693"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#231639): https://lists.openembedded.org/g/openembedded-core/message/231639 Mute This Topic: https://lists.openembedded.org/mt/117947269/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
