libsoup: set status for CVE-2026-2436

Commit fixing this CVE is [2] (per [1]).
That was backported to 3.6.6 as [3].

[1] https://security-tracker.debian.org/tracker/CVE-2026-2436
[2] https://gitlab.gnome.org/GNOME/libsoup/-/commit/e9b681a5b23f8259a5e29c5351a5284ae5cd1189
[3] https://gitlab.gnome.org/GNOME/libsoup/-/commit/31052a2327c81fe3b7a3d4a66d8a7c9c1aaa47ca

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

diff --git a/meta/recipes-support/libsoup/libsoup_3.6.6.bb b/meta/recipes-support/libsoup/libsoup_3.6.6.bb
index 9bc3f2f86fb1611e5a02aede1551df5549ca42f0..206daa091f2cafcb0f210e07e9c85b524b1a44e5 100644 (file)
--- a/meta/recipes-support/libsoup/libsoup_3.6.6.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.6.6.bb
@@ -62,4 +62,5 @@ BBCLASSEXTEND = "native nativesdk"
 CVE_STATUS[CVE-2026-1467] = "fixed-version: fixed in 3.6.6"
 CVE_STATUS[CVE-2026-1536] = "fixed-version: fixed in 3.6.6"
 CVE_STATUS[CVE-2026-1801] = "fixed-version: fixed in 3.6.6"
+CVE_STATUS[CVE-2026-2436] = "fixed-version: fixed in 3.6.6"
 CVE_STATUS[CVE-2026-2443] = "fixed-version: fixed in 3.6.6"