summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPeter Marko <peter.marko@siemens.com>2025-08-22 21:16:09 +0200
committerSteve Sakoman <steve@sakoman.com>2025-08-29 08:33:33 -0700
commitf8c794053b34c85ece6c5d1e6d6ffe47fc59173f (patch)
tree22d679f994eb83b88b6aac441a447737debb5351
parent37f7f262e8a1b71cfc0db3c4a427c3c85dc1f1a7 (diff)
downloadpoky-f8c794053b34c85ece6c5d1e6d6ffe47fc59173f.tar.gz
qemu: ignore CVE-2024-7730
This CVE is for virtio-snd which was introduced in 8.2.0. Therefore ignore this CVE for version 6.2.0. (From OE-Core rev: 93545ef00c4930dd297649934bee0e95c520ee16) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
-rw-r--r--meta/recipes-devtools/qemu/qemu.inc3
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index cae33459e6..1298514cd7 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -164,6 +164,9 @@ CVE_CHECK_IGNORE += "CVE-2022-36648"
164# disputed: not an issue as per https://bugzilla.redhat.com/show_bug.cgi?id=2223985 164# disputed: not an issue as per https://bugzilla.redhat.com/show_bug.cgi?id=2223985
165CVE_CHECK_IGNORE += "CVE-2023-1386" 165CVE_CHECK_IGNORE += "CVE-2023-1386"
166 166
167# virtio-snd was implemented in 8.2.0, so version 6.2.0 is not yet affected
168CVE_CHECK_IGNORE += "CVE-2024-7730"
169
167COMPATIBLE_HOST:mipsarchn32 = "null" 170COMPATIBLE_HOST:mipsarchn32 = "null"
168COMPATIBLE_HOST:mipsarchn64 = "null" 171COMPATIBLE_HOST:mipsarchn64 = "null"
169COMPATIBLE_HOST:riscv32 = "null" 172COMPATIBLE_HOST:riscv32 = "null"