At this time this CVE is both ignored and patched[1] - I think the patch could be dropped.
[1]: https://git.openembedded.org/meta-openembedded-contrib/commit/?h=anujm/scarthgap&id=19d7eedf67ea1b8fe27790366d98a7e888cb839a On 1/10/26 11:37, Ankur Tyagi via lists.openembedded.org wrote: > From: Ankur Tyagi <[email protected]> > > Only affects Windows and can be ignored. > > Details: https://nvd.nist.gov/vuln/detail/CVE-2025-68118 > > Signed-off-by: Ankur Tyagi <[email protected]> > --- > meta-oe/recipes-support/freerdp/freerdp3_3.4.0.bb | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/meta-oe/recipes-support/freerdp/freerdp3_3.4.0.bb > b/meta-oe/recipes-support/freerdp/freerdp3_3.4.0.bb > index b9ec75236b..6e27efb5ce 100644 > --- a/meta-oe/recipes-support/freerdp/freerdp3_3.4.0.bb > +++ b/meta-oe/recipes-support/freerdp/freerdp3_3.4.0.bb > @@ -74,3 +74,5 @@ do_configure:append() { > } > > FILES:${PN} += "${datadir}" > + > +CVE_STATUS[CVE-2025-68118] = "not-applicable-platform: only affects Windows" > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123356): https://lists.openembedded.org/g/openembedded-devel/message/123356 Mute This Topic: https://lists.openembedded.org/mt/117189431/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
