Mirrors/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2026-05-28 16:46:31 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'bugfix/openthread_exclude_cve' into 'master'

Browse Source 
fix(openthread): exclude CVE-2026-8369 from the list

See merge request espressif/esp-idf!48552
This commit is contained in:
Shu Chen
2026-05-19 12:26:13 +00:00
parent ee9e481ae4 f4fb9faebd
commit 61eea2fc4f
2 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
components/openthread/sbom.yml
View File

@@ -1,5 +1,5 @@
name: 'openthread component'
version: '2023-07-06'
version: '2025-06-12'
supplier: 'Organization: Espressif Systems (Shanghai) CO LTD'
description: Espressif fork of OpenThread project, used to maintain ESP-specific patches and release branches
manifests:

5
components/openthread/sbom_openthread.yml
View File

@@ -1,8 +1,11 @@
name: 'openthread'
version: '2023-07-06'
version: '2025-06-12'
cpe: cpe:2.3:o:google:openthread:{}:*:*:*:*:*:*:*
supplier: 'Organization: Espressif Systems (Shanghai) CO LTD'
originator: 'Organization: Google LLC'
description: OpenThread released by Google is an open-source implementation of the Thread networking
url: https://github.com/espressif/openthread
hash: a98813b30ae58f9a95ece680b9cc46c3874de6ea
cve-exclude-list:
- cve: CVE-2026-8369
reason: We use Espressifs NAT64 implementation and hence this CVE from the upstream NAT64 implementation is not applicable.