python3: ignore CVE-2023-36632

This CVE shouldn't have been filed as the "exploit" is described in the documentation as how the library behaves. (From OE-Core rev: b66a677b76c7f15eb5c426f8dc7ac42e1e2e3f40) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c652f094d86c4efb7ff99accba63b8169493ab18) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Peter Marko <peter.marko@siemens.com> 2023-07-23 11:17:18 +0200
committer: Steve Sakoman <steve@sakoman.com> 2023-08-16 03:55:12 -1000
commit: dcc4dbf46374d8acbd6aade1d338681b48f15d1f (patch)
tree: f96cadbfb4dfc815a93392e789f225ebf6343ce7
parent: 91feb9b975251a6110eebc88ab13775210477e72 (diff)
download: poky-dcc4dbf46374d8acbd6aade1d338681b48f15d1f.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python/python3_3.8.17.bb b/meta/recipes-devtools/python/python3_3.8.17.bb
index 8c00d65794..00c4ff497a 100644
--- a/meta/recipes-devtools/python/python3_3.8.17.bb
+++ b/meta/recipes-devtools/python/python3_3.8.17.bb
@@ -61,6 +61,8 @@ CVE_CHECK_WHITELIST += "CVE-2020-15523 CVE-2022-26488"
 # The mailcap module is insecure by design, so this can't be fixed in a meaningful way.
 # The module will be removed in the future and flaws documented.
 CVE_CHECK_WHITELIST += "CVE-2015-20107"
+# Not an issue, in fact expected behaviour
+CVE_CHECK_WHITELIST += "CVE-2023-36632"
 PYTHON_MAJMIN = "3.8"
author	Peter Marko <peter.marko@siemens.com>	2023-07-23 11:17:18 +0200
committer	Steve Sakoman <steve@sakoman.com>	2023-08-16 03:55:12 -1000
commit	dcc4dbf46374d8acbd6aade1d338681b48f15d1f (patch)
tree	f96cadbfb4dfc815a93392e789f225ebf6343ce7
parent	91feb9b975251a6110eebc88ab13775210477e72 (diff)
download	poky-dcc4dbf46374d8acbd6aade1d338681b48f15d1f.tar.gz

diff --git a/meta/recipes-devtools/python/python3_3.8.17.bb b/meta/recipes-devtools/python/python3_3.8.17.bb index 8c00d65794..00c4ff497a 100644 --- a/meta/recipes-devtools/python/python3_3.8.17.bb +++ b/meta/recipes-devtools/python/python3_3.8.17.bb
@@ -61,6 +61,8 @@ CVE_CHECK_WHITELIST += "CVE-2020-15523 CVE-2022-26488"
61	# The mailcap module is insecure by design, so this can't be fixed in a meaningful way.	61	# The mailcap module is insecure by design, so this can't be fixed in a meaningful way.
62	# The module will be removed in the future and flaws documented.	62	# The module will be removed in the future and flaws documented.
63	CVE_CHECK_WHITELIST += "CVE-2015-20107"	63	CVE_CHECK_WHITELIST += "CVE-2015-20107"
		64	# Not an issue, in fact expected behaviour
		65	CVE_CHECK_WHITELIST += "CVE-2023-36632"
64		66
65	PYTHON_MAJMIN = "3.8"	67	PYTHON_MAJMIN = "3.8"
66		68