libxml2: mark CVE-2025-6170 as fixed

As shown in [1] when expanding tags including it.

NVD tracks this CVE as version-less.

[1] https://gitlab.gnome.org/GNOME/libxml2/-/commit/c340e419505cf4bf1d9ed7019a87cc00ec200434

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>

diff --git a/meta/recipes-core/libxml/libxml2_2.14.5.bb b/meta/recipes-core/libxml/libxml2_2.14.5.bb
index f60a46e18762d6642a095ab2ef51f54b2eaf912f..0b5edcd7a356cb1ea5de35151d6e268723a4172a 100644 (file)
--- a/meta/recipes-core/libxml/libxml2_2.14.5.bb
+++ b/meta/recipes-core/libxml/libxml2_2.14.5.bb
@@ -27,6 +27,8 @@ SRC_URI[testtar.sha256sum] = "c6b2d42ee50b8b236e711a97d68e6c4b5c8d83e69a2be47223
 # Disputed as a security issue, but fixed in d39f780
 CVE_STATUS[CVE-2023-45322] = "disputed: issue requires memory allocation to fail"
 
+CVE_STATUS[CVE-2025-6170] = "fixed-version: fixed in version 2.14.5"
+
 BINCONFIG = "${bindir}/xml2-config"
 
 PACKAGECONFIG ??= "python"