diff options
| author | Gyorgy Sarvari <skandigraun@gmail.com> | 2026-04-24 00:48:16 +1200 |
|---|---|---|
| committer | Anuj Mittal <anuj.mittal@oss.qualcomm.com> | 2026-05-08 07:22:44 +0530 |
| commit | 9f003507af4c56d52b378714c6614cfb0f656b9d (patch) | |
| tree | 970b54aca8d086a8e3b787f2ebdafd2dfd3a61f4 /meta-python/recipes-devtools/python | |
| parent | 850b7f6fd7a48186a4738d4e92907d6eb44f0aaa (diff) | |
| download | meta-openembedded-9f003507af4c56d52b378714c6614cfb0f656b9d.tar.gz | |
python3-grpcio: ignore CVE-2026-33186
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-33186
The vulnerability only affects the Go implememtation of the library,
not the Python one. Ignore this CVE due to this.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
(cherry picked from commit 468ee626f88272eedf275efe6f68640ee643c3f4)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Diffstat (limited to 'meta-python/recipes-devtools/python')
| -rw-r--r-- | meta-python/recipes-devtools/python/python3-grpcio_1.76.0.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta-python/recipes-devtools/python/python3-grpcio_1.76.0.bb b/meta-python/recipes-devtools/python/python3-grpcio_1.76.0.bb index 037614da3e..6dbffaf7b9 100644 --- a/meta-python/recipes-devtools/python/python3-grpcio_1.76.0.bb +++ b/meta-python/recipes-devtools/python/python3-grpcio_1.76.0.bb | |||
| @@ -44,3 +44,4 @@ BBCLASSEXTEND = "native nativesdk" | |||
| 44 | CCACHE_DISABLE = "1" | 44 | CCACHE_DISABLE = "1" |
| 45 | 45 | ||
| 46 | CVE_PRODUCT += "grpc:grpc" | 46 | CVE_PRODUCT += "grpc:grpc" |
| 47 | CVE_STATUS[CVE-2026-33186] = "cpe-incorrect: the vulnerabilty affects only the go implementation" | ||