From: Peter Marko <peter.marko@siemens.com>
Date: Sat, 23 Aug 2025 20:52:35 +0000 (+0200)
Subject: gnutls: mark CVE-2025-32989 and CVE-2025-32990 as fixed
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0c84e464d67df1111e62edc5d4f9ad398e19e40a;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git

gnutls: mark CVE-2025-32989 and CVE-2025-32990 as fixed

This is mentioned in [1].
NVD tracks this as version-less CVE.

[1] https://gitlab.com/gnutls/gnutls/-/blob/3.8.10/NEWS?ref_type=tags#L8

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---

diff --git a/meta/recipes-support/gnutls/gnutls_3.8.10.bb b/meta/recipes-support/gnutls/gnutls_3.8.10.bb
index 600f23683e..2ef71a1213 100644
--- a/meta/recipes-support/gnutls/gnutls_3.8.10.bb
+++ b/meta/recipes-support/gnutls/gnutls_3.8.10.bb
@@ -98,3 +98,6 @@ pkg_postinst_ontarget:${PN}-fips () {
         ${bindir}/fipshmac ${libdir}/libhogweed.so.6.* > ${libdir}/.libhogweed.so.6.hmac
     fi
 }
+
+CVE_STATUS[CVE-2025-32989] = "fixed-version: fixed in version 3.8.10"
+CVE_STATUS[CVE-2025-32990] = "fixed-version: fixed in version 3.8.10"