zlib: ignore CVE-2023-6992

This CVE is for iCPE cloudflare:zlib. Alternative to ignoring would be to limit CVE_PRODUCT, but historic CVEs already have two - gnu:zlib and zlib:zlib. So limiting it could miss future CVEs. (From OE-Core rev: f46c9105d4253153a5986f2b307273e43ee98c33) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Peter Marko <peter.marko@siemens.com> 2024-01-13 19:07:52 +0100
committer: Steve Sakoman <steve@sakoman.com> 2024-01-21 08:50:38 -1000
commit: 4289397aaf66de03f1c377b43cb0d848a15ded33 (patch)
tree: cea8ee4a3f862144d77e80250455be33b57534eb
parent: 76d570000e568e702cefcd5b5219f12883627200 (diff)
download: poky-4289397aaf66de03f1c377b43cb0d848a15ded33.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-core/zlib/zlib_1.2.11.bb b/meta/recipes-core/zlib/zlib_1.2.11.bb
index d75474dcb6..393ac61e3d 100644
--- a/meta/recipes-core/zlib/zlib_1.2.11.bb
+++ b/meta/recipes-core/zlib/zlib_1.2.11.bb
@@ -54,3 +54,6 @@ do_install:append:class-target() {
 }
 BBCLASSEXTEND = "native nativesdk"
+# this CVE is for cloudflare zlib
+CVE_CHECK_IGNORE += "CVE-2023-6992"
author	Peter Marko <peter.marko@siemens.com>	2024-01-13 19:07:52 +0100
committer	Steve Sakoman <steve@sakoman.com>	2024-01-21 08:50:38 -1000
commit	4289397aaf66de03f1c377b43cb0d848a15ded33 (patch)
tree	cea8ee4a3f862144d77e80250455be33b57534eb
parent	76d570000e568e702cefcd5b5219f12883627200 (diff)
download	poky-4289397aaf66de03f1c377b43cb0d848a15ded33.tar.gz

diff --git a/meta/recipes-core/zlib/zlib_1.2.11.bb b/meta/recipes-core/zlib/zlib_1.2.11.bb index d75474dcb6..393ac61e3d 100644 --- a/meta/recipes-core/zlib/zlib_1.2.11.bb +++ b/meta/recipes-core/zlib/zlib_1.2.11.bb
@@ -54,3 +54,6 @@ do_install:append:class-target() {
54	}	54	}
55		55
56	BBCLASSEXTEND = "native nativesdk"	56	BBCLASSEXTEND = "native nativesdk"
		57
		58	# this CVE is for cloudflare zlib
		59	CVE_CHECK_IGNORE += "CVE-2023-6992"