diff options
author | Peter Marko <peter.marko@siemens.com> | 2024-01-13 19:07:52 +0100 |
---|---|---|
committer | Steve Sakoman <steve@sakoman.com> | 2024-01-21 08:50:38 -1000 |
commit | 4289397aaf66de03f1c377b43cb0d848a15ded33 (patch) | |
tree | cea8ee4a3f862144d77e80250455be33b57534eb | |
parent | 76d570000e568e702cefcd5b5219f12883627200 (diff) | |
download | poky-4289397aaf66de03f1c377b43cb0d848a15ded33.tar.gz |
zlib: ignore CVE-2023-6992
This CVE is for iCPE cloudflare:zlib.
Alternative to ignoring would be to limit CVE_PRODUCT, but
historic CVEs already have two - gnu:zlib and zlib:zlib.
So limiting it could miss future CVEs.
(From OE-Core rev: f46c9105d4253153a5986f2b307273e43ee98c33)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
-rw-r--r-- | meta/recipes-core/zlib/zlib_1.2.11.bb | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-core/zlib/zlib_1.2.11.bb b/meta/recipes-core/zlib/zlib_1.2.11.bb index d75474dcb6..393ac61e3d 100644 --- a/meta/recipes-core/zlib/zlib_1.2.11.bb +++ b/meta/recipes-core/zlib/zlib_1.2.11.bb | |||
@@ -54,3 +54,6 @@ do_install:append:class-target() { | |||
54 | } | 54 | } |
55 | 55 | ||
56 | BBCLASSEXTEND = "native nativesdk" | 56 | BBCLASSEXTEND = "native nativesdk" |
57 | |||
58 | # this CVE is for cloudflare zlib | ||
59 | CVE_CHECK_IGNORE += "CVE-2023-6992" | ||