wireshark: ignore CVE-2024-24476, CVE-2024-24478 and CVE-2024-24479

Details: https://nvd.nist.gov/vuln/detail/CVE-2024-24476 https://nvd.nist.gov/vuln/detail/CVE-2024-24478 https://nvd.nist.gov/vuln/detail/CVE-2024-24479 Upstream disputes all three vulnerabilities[1]. Looking at the history, even though they were valid issues for some period of time, none of them made it to an actual stable release: the vulnerabilities were caused, caught and fixed in the same development cycle between two releases. CVE-2024-24476: vulnerability introduced with[2], fixed with[3] CVE-2024-24478: vulnerability introduced with[4], fixed with[5] CVE-2024-24479: vulnerability introduced with[6], fixed with[7] Ignore all three of these vulnerabilities, as they are not present in the used recipe version. [1]: https://www.wireshark.org/docs/relnotes/wireshark-4.2.4.html [2]: https://github.com/wireshark/wireshark/commit/395e3b6cb595bfc610f3c26e7e9eb1f8729fd952 [3]: https://github.com/wireshark/wireshark/commit/108217f4bb1afb8b25fc705c2722b3e328b1ad78 [4]: https://github.com/wireshark/wireshark/commit/a9a62ff576ae79e0d6afb3214a5d409ec4cdf9d7 [5]: https://github.com/wireshark/wireshark/commit/80a4dc55f4d2fa33c2b36a99406500726d3faaef [6]: https://github.com/wireshark/wireshark/commit/53ec634ac2bf5f87a594aa72f16ca21c25a146a9 [7]: https://github.com/wireshark/wireshark/commit/c3720cff158c265dec2a0c6104b1d65954ae6bfd Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
author: Gyorgy Sarvari <skandigraun@gmail.com> 2026-01-09 14:04:16 +0100
committer: Gyorgy Sarvari <skandigraun@gmail.com> 2026-01-09 14:18:22 +0100
commit: be0603971806ff2a6e7c7c331d8033e9a0a71c26 (patch)
tree: bfe36dc00f22ba6a5e83fef22cdc7b4ed65c4869 /meta-networking
parent: bca7f71ca2f6c3e803ea425d1189cc0bde9d1a82 (diff)
download: meta-openembedded-be0603971806ff2a6e7c7c331d8033e9a0a71c26.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.16.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.16.bb
index 4835a72d76..a8eafe4a05 100644
--- a/meta-networking/recipes-support/wireshark/wireshark_3.4.16.bb
+++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.16.bb
@@ -102,4 +102,7 @@ FILES:${PN} += "${datadir}*"
 RDEPENDS:tshark = "wireshark"
+# disputed, vulnerabilities didn't appear in any releases
+CVE_CHECK_IGNORE = "CVE-2024-24476 CVE-2024-24478 CVE-2024-24479"
 BBCLASSEXTEND = "native"
author	Gyorgy Sarvari <skandigraun@gmail.com>	2026-01-09 14:04:16 +0100
committer	Gyorgy Sarvari <skandigraun@gmail.com>	2026-01-09 14:18:22 +0100
commit	be0603971806ff2a6e7c7c331d8033e9a0a71c26 (patch)
tree	bfe36dc00f22ba6a5e83fef22cdc7b4ed65c4869 /meta-networking
parent	bca7f71ca2f6c3e803ea425d1189cc0bde9d1a82 (diff)
download	meta-openembedded-be0603971806ff2a6e7c7c331d8033e9a0a71c26.tar.gz

diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.16.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.16.bb index 4835a72d76..a8eafe4a05 100644 --- a/meta-networking/recipes-support/wireshark/wireshark_3.4.16.bb +++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.16.bb
@@ -102,4 +102,7 @@ FILES:${PN} += "${datadir}*"
102		102
103	RDEPENDS:tshark = "wireshark"	103	RDEPENDS:tshark = "wireshark"
104		104
		105	# disputed, vulnerabilities didn't appear in any releases
		106	CVE_CHECK_IGNORE = "CVE-2024-24476 CVE-2024-24478 CVE-2024-24479"
		107
105	BBCLASSEXTEND = "native"	108	BBCLASSEXTEND = "native"