From: Gyorgy Sarvari <[email protected]>

Details: https://nvd.nist.gov/vuln/detail/CVE-2026-29013

The current recipe version contains the fix referenced by the
NVD report. Mark the CVE as patched, because NVD tracks it without
version info.

Signed-off-by: Gyorgy Sarvari <[email protected]>
Signed-off-by: Khem Raj <[email protected]>
(cherry picked from commit 39e99ad532807f99eecb8f80fc3415ec5a9d773e)
Signed-off-by: Anuj Mittal <[email protected]>
---
 meta-networking/recipes-devtools/libcoap/libcoap_4.3.5b.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5b.bb 
b/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5b.bb
index e7279013ed..7ea3eba1b0 100644
--- a/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5b.bb
+++ b/meta-networking/recipes-devtools/libcoap/libcoap_4.3.5b.bb
@@ -64,3 +64,4 @@ FILES:${PN}-bin = "${bindir}"
 FILES:${PN}-dev += "${datadir}/${BPN}/examples"
 
 CVE_STATUS[CVE-2025-50518] = "disputed: happens only when library is used 
incorrectly"
+CVE_STATUS[CVE-2026-29013] = "fixed-version: fixed in 4.3.5b"
-- 
2.53.0

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#127014): 
https://lists.openembedded.org/g/openembedded-devel/message/127014
Mute This Topic: https://lists.openembedded.org/mt/119355182/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to