Remove the reference of 2 CVE identifiers in patch files, since the CVEs are rejected. Remove reference to CVE-2025-62813 and to CVE-2021-3502.
These 2 issues were found by using sbom-cve-check on the whole layer. Signed-off-by: Benjamin Robin (Schneider Electric) <[email protected]> --- Benjamin Robin (Schneider Electric) (2): meta: update avahi patch to remove ref to rejected CVE meta: in lz4 remove reference to rejected CVE-2025-62813 meta/recipes-connectivity/avahi/files/local-ping.patch | 1 - .../lz4/lz4/{CVE-2025-62813.patch => fix-null-error-handling.patch} | 1 - meta/recipes-support/lz4/lz4_1.10.0.bb | 2 +- 3 files changed, 1 insertion(+), 3 deletions(-) --- base-commit: 74ba238ff1ba1e9b612aece1989b828f3a8f8770 change-id: 20260220-update-patch-with-rejected-cve-13cd13bb3e4f Best regards, -- Benjamin Robin (Schneider Electric) <[email protected]>
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#231509): https://lists.openembedded.org/g/openembedded-core/message/231509 Mute This Topic: https://lists.openembedded.org/mt/117907955/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
