rpm-sequoia: set status for CVE-2026-2625

This is a version-less RedHat CVE.
[1] points to [2] included in v1.10.2.

[1] https://security-tracker.debian.org/tracker/CVE-2026-2625
[2] https://github.com/rpm-software-management/rpm-sequoia/commit/fa3c60094fa853ede6b4862e936f246412d700de

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

diff --git a/meta/recipes-devtools/rpm-sequoia/rpm-sequoia_1.10.2.bb b/meta/recipes-devtools/rpm-sequoia/rpm-sequoia_1.10.2.bb
index d190db88b6ddb10af193fa005b9a4a40c4d16a26..a6b32bb00774dd07b1aeef3f9d5f1976972eeff7 100644 (file)
--- a/meta/recipes-devtools/rpm-sequoia/rpm-sequoia_1.10.2.bb
+++ b/meta/recipes-devtools/rpm-sequoia/rpm-sequoia_1.10.2.bb
@@ -77,3 +77,5 @@ RDEPENDS:${PN} = "rpm-sequoia-crypto-policy"
 PACKAGE_WRITE_DEPS += "rpm-sequoia-crypto-policy-native"
 
 BBCLASSEXTEND = "native"
+
+CVE_STATUS[CVE-2026-2625] = "fixed-version: fixed since v1.10.2"