From 7e3b27865d62ecf75ec3b374888d9bafd7e7f5fc Mon Sep 17 00:00:00 2001
From: Peter Marko <peter.marko@siemens.com>
Date: Sat, 13 Jan 2024 19:08:48 +0100
Subject: zlib: ignore CVE-2023-6992

This CVE is for iCPE cloudflare:zlib.

Alternative to ignoring would be to limit CVE_PRODUCT, but
historic CVEs already have two - gnu:zlib and zlib:zlib.
So limiting it could miss future CVEs.

(From OE-Core rev: 5dc87309639e78195eb1283afc193f6eac63b044)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/zlib/zlib_1.2.11.bb | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'meta/recipes-core')

diff --git a/meta/recipes-core/zlib/zlib_1.2.11.bb b/meta/recipes-core/zlib/zlib_1.2.11.bb
index 910fc2ec17..9355f0556e 100644
--- a/meta/recipes-core/zlib/zlib_1.2.11.bb
+++ b/meta/recipes-core/zlib/zlib_1.2.11.bb
@@ -53,3 +53,6 @@ do_install_append_class-target() {
 }
 
 BBCLASSEXTEND = "native nativesdk"
+
+# this CVE is for cloudflare zlib
+CVE_CHECK_WHITELIST += "CVE-2023-6992"
-- 
cgit v1.2.3-54-g00ecf