From: "Marko, Peter" <Peter.Marko@siemens.com>
To: "ankur.tyagi85@gmail.com" <ankur.tyagi85@gmail.com>,
"openembedded-core@lists.openembedded.org"
<openembedded-core@lists.openembedded.org>
Subject: RE: [OE-core][PATCH 2/5] vim: ignore CVE-2025-66476
Date: Fri, 6 Feb 2026 10:49:01 +0000 [thread overview]
Message-ID: <AS1PR10MB56975AF8854ECD9772244297FD66A@AS1PR10MB5697.EURPRD10.PROD.OUTLOOK.COM> (raw)
In-Reply-To: <20260206104322.2604271-2-ankur.tyagi85@gmail.com>
This patch is not needed because vim was upgraded on master.
https://git.openembedded.org/openembedded-core/commit/?id=cf63518d20c3c4a61b0e726edf1df2201e88e8ab
Peter
> -----Original Message-----
> From: openembedded-core@lists.openembedded.org <openembedded-
> core@lists.openembedded.org> On Behalf Of Ankur Tyagi via
> lists.openembedded.org
> Sent: Friday, February 6, 2026 11:43
> To: openembedded-core@lists.openembedded.org
> Cc: Ankur Tyagi <ankur.tyagi85@gmail.com>
> Subject: [OE-core][PATCH 2/5] vim: ignore CVE-2025-66476
>
> From: Ankur Tyagi <ankur.tyagi85@gmail.com>
>
> Details https://nvd.nist.gov/vuln/detail/CVE-2025-66476
>
> Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
> ---
> meta/recipes-support/vim/vim_9.1.bb | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/meta/recipes-support/vim/vim_9.1.bb b/meta/recipes-
> support/vim/vim_9.1.bb
> index fee9f055e9..c492342ffb 100644
> --- a/meta/recipes-support/vim/vim_9.1.bb
> +++ b/meta/recipes-support/vim/vim_9.1.bb
> @@ -21,3 +21,5 @@ ALTERNATIVE_LINK_NAME[xxd] = "${bindir}/xxd"
> # in many places for _FORTIFY_SOURCE=2. Security flags become part of CC.
> #
> lcl_maybe_fortify = "${@oe.utils.conditional('DEBUG_BUILD','1','','-
> D_FORTIFY_SOURCE=1',d)}"
> +
> +CVE_STATUS[CVE-2025-66476] = "not-applicable-platform: Issue only applies on
> Windows"
next prev parent reply other threads:[~2026-02-06 10:49 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-06 10:43 [OE-core][PATCH 1/5] avahi: patch CVE-2026-24401 ankur.tyagi85
2026-02-06 10:43 ` [OE-core][PATCH 2/5] vim: ignore CVE-2025-66476 ankur.tyagi85
2026-02-06 10:49 ` Marko, Peter [this message]
2026-02-06 10:55 ` Ankur Tyagi
2026-02-06 10:43 ` [OE-core][PATCH 3/5] mpg123: upgrade 1.33.3 -> 1.33.4 ankur.tyagi85
2026-02-06 10:43 ` [OE-core][PATCH 4/5] utfcpp: upgrade 4.0.8 -> 4.0.9 ankur.tyagi85
2026-02-06 10:43 ` [OE-core][PATCH 5/5] harfbuzz: upgrade 12.3.1 -> 12.3.2 ankur.tyagi85
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=AS1PR10MB56975AF8854ECD9772244297FD66A@AS1PR10MB5697.EURPRD10.PROD.OUTLOOK.COM \
--to=peter.marko@siemens.com \
--cc=ankur.tyagi85@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox