[OE-core] [PATCH scarthgap 2/3] lz4: Remove a reference to the rejected CVE-2025-62813

Tue, 03 Mar 2026 08:46:50 -0800 

The CVE-2025-62813 is rejected so do not reference it anymore.
So keep the patch but without referencing the CVE identifier.

The CVE database indicates the following reason:
  This candidate was withdrawn by its CNA. Further investigation
  showed that it was not a security issue.

Signed-off-by: Benjamin Robin (Schneider Electric) <[email protected]>
(cherry picked from commit 9c840a69b62a5fdffb3679a44d68dd5630b2916c)
---
 .../lz4/files/{CVE-2025-62813.patch => fix-null-error-handling.patch}   | 1 -
 meta/recipes-support/lz4/lz4_1.9.4.bb                                   | 2 +-
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/meta/recipes-support/lz4/files/CVE-2025-62813.patch 
b/meta/recipes-support/lz4/files/fix-null-error-handling.patch
similarity index 99%
rename from meta/recipes-support/lz4/files/CVE-2025-62813.patch
rename to meta/recipes-support/lz4/files/fix-null-error-handling.patch
index bbd0f74541a0..14019360343d 100644
--- a/meta/recipes-support/lz4/files/CVE-2025-62813.patch
+++ b/meta/recipes-support/lz4/files/fix-null-error-handling.patch
@@ -8,7 +8,6 @@ Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 
 Upstream-Status: Backport [Upstream commit 
https://github.com/lz4/lz4/commit/f64efec011c058bd70348576438abac222fe6c82]
-CVE: CVE-2025-62813
 
 Signed-off-by: David Nyström <[email protected]>
 ---
diff --git a/meta/recipes-support/lz4/lz4_1.9.4.bb 
b/meta/recipes-support/lz4/lz4_1.9.4.bb
index 8c96f9bab424..fdf0263080dc 100644
--- a/meta/recipes-support/lz4/lz4_1.9.4.bb
+++ b/meta/recipes-support/lz4/lz4_1.9.4.bb
@@ -14,7 +14,7 @@ SRCREV = "5ff839680134437dbf4678f3d0c7b371d84f4964"
 
 SRC_URI = "git://github.com/lz4/lz4.git;branch=release;protocol=https \
            file://run-ptest \
-           file://CVE-2025-62813.patch \
+           file://fix-null-error-handling.patch \
            "
 UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>.*)"
 

-- 
2.53.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#232327): 
https://lists.openembedded.org/g/openembedded-core/message/232327
Mute This Topic: https://lists.openembedded.org/mt/118116744/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to