tigervnc: ignore CVE-2023-6478 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Gyorgy Sarvari <skandigraun@gmail.com>	2025-12-29 15:51:51 +0100
committer	Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-01-06 18:07:50 +0530
commit	62a12a32a861590beebba36f29f1b89a296d667f (patch)
tree	beaf649f75af9c1cdfea965bed90354fcc1edf24 /meta-python/recipes-devtools/python/python3-oauthlib_3.3.1.bb
parent	dc575822b2b6c1c247d1ceeadad898a235230f59 (diff)
download	meta-openembedded-62a12a32a861590beebba36f29f1b89a296d667f.tar.gz

tigervnc: ignore CVE-2023-6478

Details: https://nvd.nist.gov/vuln/detail/CVE-2023-6478 TigerVNC compiles its own xserver, this is why this CVE is associated with it - despite the vulnerability being in xserver. The vulnerability was fixed by [1] (from the nvd report), which has been backported[2] to the xserver version used by the recipe - so ignore the CVE, since it's patched already. [1]: https://gitlab.freedesktop.org/xorg/xserver/-/commit/14f480010a93ff962fef66a16412fafff81ad632 [2]: https://gitlab.freedesktop.org/xorg/xserver/-/commit/58e83c683950ac9e253ab05dd7a13a8368b70a3c Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 62a78f8ba7c8bd229cc82cf81bcc6a6d8116ebca) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python3-oauthlib_3.3.1.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: