diff options
| author | Peter Marko <peter.marko@siemens.com> | 2025-08-03 21:17:38 +0200 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2025-08-08 06:30:56 -0700 |
| commit | a7f2f317f558347a6210601ca047889c25608ab4 (patch) | |
| tree | 549d3c0f578a486bd7a5272dbbd757fd9f4bbd66 | |
| parent | bedacbb603d377c4b615fb86e3bcee2dac6ca117 (diff) | |
| download | poky-a7f2f317f558347a6210601ca047889c25608ab4.tar.gz | |
sqlite3: ignore CVE-2025-3277
The vulnerable code was introduced in 3.44.0 via [1].
(See fix commit [2])
Also Debian says "not vulnerabele yet for 3.40.1 in [3]
[1] https://github.com/sqlite/sqlite/commit/e1e67abc5cf67f931aab1e471eda23d73f51d456
[2] https://sqlite.org/src/info/498e3f1cf57f164f
[3] https://security-tracker.debian.org/tracker/CVE-2025-3277
(From OE-Core rev: ebacd5cd2827c1a9a45a92353518f9d976597526)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
| -rw-r--r-- | meta/recipes-support/sqlite/sqlite3_3.38.5.bb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-support/sqlite/sqlite3_3.38.5.bb b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb index 86d9b4b33b..280342204a 100644 --- a/meta/recipes-support/sqlite/sqlite3_3.38.5.bb +++ b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb | |||
| @@ -21,3 +21,5 @@ CVE_CHECK_IGNORE += "CVE-2019-19242" | |||
| 21 | CVE_CHECK_IGNORE += "CVE-2015-3717" | 21 | CVE_CHECK_IGNORE += "CVE-2015-3717" |
| 22 | # Issue in an experimental extension we don't have/use. Fixed by https://sqlite.org/src/info/b1e0c22ec981cf5f | 22 | # Issue in an experimental extension we don't have/use. Fixed by https://sqlite.org/src/info/b1e0c22ec981cf5f |
| 23 | CVE_CHECK_IGNORE += "CVE-2021-36690" | 23 | CVE_CHECK_IGNORE += "CVE-2021-36690" |
| 24 | # Issue was introduced in 3.44.0 | ||
| 25 | CVE_CHECK_IGNORE += "CVE-2025-3277" | ||