diff options
| author | Peter Marko <peter.marko@siemens.com> | 2024-08-26 18:54:02 +0200 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2024-09-04 05:57:57 -0700 |
| commit | 1f5be803eeddc4e10a6fa82b32c314b5e239e0db (patch) | |
| tree | 691d6b207b5f8ad0b359c2708293d87930283977 | |
| parent | da07e6ee3464ce85595ccea9a3d1863b5cf446b3 (diff) | |
| download | poky-1f5be803eeddc4e10a6fa82b32c314b5e239e0db.tar.gz | |
curl: Ignore CVE-2024-32928
This CVE affects google cloud services that utilize libcurl wrongly.
(From OE-Core rev: 27ac7879711e7119b4ec8b190b0a9da5b3ede269)
Changed CVE ignore syntax
(From OE-Core rev: ad703de483258f459acc6a40385ad00a5182eb64)
Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
| -rw-r--r-- | meta/recipes-support/curl/curl_7.82.0.bb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl_7.82.0.bb b/meta/recipes-support/curl/curl_7.82.0.bb index 81a653b583..308b508072 100644 --- a/meta/recipes-support/curl/curl_7.82.0.bb +++ b/meta/recipes-support/curl/curl_7.82.0.bb | |||
| @@ -68,6 +68,8 @@ CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl dan | |||
| 68 | 68 | ||
| 69 | # This CVE reports that apple had to upgrade curl because of other already reported CVEs | 69 | # This CVE reports that apple had to upgrade curl because of other already reported CVEs |
| 70 | CVE_CHECK_IGNORE += "CVE-2023-42915" | 70 | CVE_CHECK_IGNORE += "CVE-2023-42915" |
| 71 | # ignored: CURLOPT_SSL_VERIFYPEER was disabled on google cloud services causing a potential man in the middle attack | ||
| 72 | CVE_CHECK_IGNORE += "CVE-2024-32928" | ||
| 71 | 73 | ||
| 72 | inherit autotools pkgconfig binconfig multilib_header | 74 | inherit autotools pkgconfig binconfig multilib_header |
| 73 | 75 | ||