libyaml: Amend CVE status as 'upstream-wontfix'

Use an existing defined CVE_CHECK_STATUSMAP key in meta/lib/oe/cve_check.py in order to avoid following complaint from BitBake: WARNING: libyaml-native-0.2.5-r0 do_create_spdx: Invalid detail "wontfix" for CVE_STATUS[CVE-2024-35328] = "wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302", fallback to Unpatched (From OE-Core rev: c66d9a2a0d197498fa21ee8ca51a4afb59f75473) Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Niko Mauno <niko.mauno@vaisala.com> 2024-08-01 13:17:19 +0300
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2024-08-01 14:32:22 +0100
commit: f3479f74c9b2bd0cf06440a795f8111b94930db2 (patch)
tree: 34ed80bac1ce580737a3d4cce3ca30379167f7a4 /meta
parent: 3ebb2ca832b91c84b712c2a9b063fc65be32a06d (diff)
download: poky-f3479f74c9b2bd0cf06440a795f8111b94930db2.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/meta/recipes-support/libyaml/libyaml_0.2.5.bb b/meta/recipes-support/libyaml/libyaml_0.2.5.bb
index 2154910d0c..1c6a5fcb45 100644
--- a/meta/recipes-support/libyaml/libyaml_0.2.5.bb
+++ b/meta/recipes-support/libyaml/libyaml_0.2.5.bb
@@ -18,6 +18,6 @@ inherit autotools
 DISABLE_STATIC:class-nativesdk = ""
 DISABLE_STATIC:class-native = ""
-CVE_STATUS[CVE-2024-35328] = "wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302"
+CVE_STATUS[CVE-2024-35328] = "upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302"
 BBCLASSEXTEND = "native nativesdk"
author	Niko Mauno <niko.mauno@vaisala.com>	2024-08-01 13:17:19 +0300
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2024-08-01 14:32:22 +0100
commit	f3479f74c9b2bd0cf06440a795f8111b94930db2 (patch)
tree	34ed80bac1ce580737a3d4cce3ca30379167f7a4 /meta
parent	3ebb2ca832b91c84b712c2a9b063fc65be32a06d (diff)
download	poky-f3479f74c9b2bd0cf06440a795f8111b94930db2.tar.gz

diff --git a/meta/recipes-support/libyaml/libyaml_0.2.5.bb b/meta/recipes-support/libyaml/libyaml_0.2.5.bb index 2154910d0c..1c6a5fcb45 100644 --- a/meta/recipes-support/libyaml/libyaml_0.2.5.bb +++ b/meta/recipes-support/libyaml/libyaml_0.2.5.bb
@@ -18,6 +18,6 @@ inherit autotools
18	DISABLE_STATIC:class-nativesdk = ""	18	DISABLE_STATIC:class-nativesdk = ""
19	DISABLE_STATIC:class-native = ""	19	DISABLE_STATIC:class-native = ""
20		20
21	CVE_STATUS[CVE-2024-35328] = "wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302"	21	CVE_STATUS[CVE-2024-35328] = "upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302"
22		22
23	BBCLASSEXTEND = "native nativesdk"	23	BBCLASSEXTEND = "native nativesdk"