diff options
| author | Peter Marko <peter.marko@siemens.com> | 2024-08-07 23:45:16 +0200 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2024-08-09 22:33:38 +0100 |
| commit | 06fa93620ee0afee28df8fc4d9bd17ff9ce55c18 (patch) | |
| tree | 3c2626dc148b840ba549694b508d88a464b930f0 | |
| parent | 478f44650a0a01b59d964a5aa7601027430b7648 (diff) | |
| download | poky-06fa93620ee0afee28df8fc4d9bd17ff9ce55c18.tar.gz | |
libyaml: ignore CVE-2024-35326
This is the same problem as already ignored CVE-2024-35328.
See laso this comment in addition:
https://github.com/yaml/libyaml/issues/298#issuecomment-2167684233
(From OE-Core rev: 0632d739fd6bae33f9e58681e117b906a947a307)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
| -rw-r--r-- | meta/recipes-support/libyaml/libyaml_0.2.5.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-support/libyaml/libyaml_0.2.5.bb b/meta/recipes-support/libyaml/libyaml_0.2.5.bb index 1c6a5fcb45..334d9113d2 100644 --- a/meta/recipes-support/libyaml/libyaml_0.2.5.bb +++ b/meta/recipes-support/libyaml/libyaml_0.2.5.bb | |||
| @@ -18,6 +18,7 @@ inherit autotools | |||
| 18 | DISABLE_STATIC:class-nativesdk = "" | 18 | DISABLE_STATIC:class-nativesdk = "" |
| 19 | DISABLE_STATIC:class-native = "" | 19 | DISABLE_STATIC:class-native = "" |
| 20 | 20 | ||
| 21 | CVE_STATUS[CVE-2024-35326] = "upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302" | ||
| 21 | CVE_STATUS[CVE-2024-35328] = "upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302" | 22 | CVE_STATUS[CVE-2024-35328] = "upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302" |
| 22 | 23 | ||
| 23 | BBCLASSEXTEND = "native nativesdk" | 24 | BBCLASSEXTEND = "native nativesdk" |