curl: ignore CVE-2023-42915

This CVE reports that apple had to upgrade curl because of other already reported CVEs: * CVE-2023-38039: not affected, introduced in 7.84.0 * CVE-2023-38545: patch already backported * CVE-2023-38546: patch already backported * CVE-2023-42915: reference to itself (From OE-Core rev: 2771a1248a251650f6e2e64731f56ed928c29ce5) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Peter Marko <peter.marko@siemens.com> 2024-02-01 23:50:17 +0100
committer: Steve Sakoman <steve@sakoman.com> 2024-02-09 03:46:50 -1000
commit: 817f0e1f8957d2b1db2a01e0fe1abab6ac4bb782 (patch)
tree: 062f7181c3ccc42cb46eeef0db5508887657599d
parent: 3975d9f2850d4acdb413fbaf2ac3b2414ed85dec (diff)
download: poky-817f0e1f8957d2b1db2a01e0fe1abab6ac4bb782.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl_7.82.0.bb b/meta/recipes-support/curl/curl_7.82.0.bb
index 9e9ff00bf7..965f05bc98 100644
--- a/meta/recipes-support/curl/curl_7.82.0.bb
+++ b/meta/recipes-support/curl/curl_7.82.0.bb
@@ -60,6 +60,9 @@ SRC_URI[sha256sum] = "0aaa12d7bd04b0966254f2703ce80dd5c38dbbd76af0297d3d690cdce5
 # Curl has used many names over the years...
 CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl daniel_stenberg:curl"
+# This CVE reports that apple had to upgrade curl because of other already reported CVEs
+CVE_CHECK_IGNORE += "CVE-2023-42915"
 inherit autotools pkgconfig binconfig multilib_header
 # Entropy source for random PACKAGECONFIG option
author	Peter Marko <peter.marko@siemens.com>	2024-02-01 23:50:17 +0100
committer	Steve Sakoman <steve@sakoman.com>	2024-02-09 03:46:50 -1000
commit	817f0e1f8957d2b1db2a01e0fe1abab6ac4bb782 (patch)
tree	062f7181c3ccc42cb46eeef0db5508887657599d
parent	3975d9f2850d4acdb413fbaf2ac3b2414ed85dec (diff)
download	poky-817f0e1f8957d2b1db2a01e0fe1abab6ac4bb782.tar.gz

diff --git a/meta/recipes-support/curl/curl_7.82.0.bb b/meta/recipes-support/curl/curl_7.82.0.bb index 9e9ff00bf7..965f05bc98 100644 --- a/meta/recipes-support/curl/curl_7.82.0.bb +++ b/meta/recipes-support/curl/curl_7.82.0.bb
@@ -60,6 +60,9 @@ SRC_URI[sha256sum] = "0aaa12d7bd04b0966254f2703ce80dd5c38dbbd76af0297d3d690cdce5
60	# Curl has used many names over the years...	60	# Curl has used many names over the years...
61	CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl daniel_stenberg:curl"	61	CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl daniel_stenberg:curl"
62		62
		63	# This CVE reports that apple had to upgrade curl because of other already reported CVEs
		64	CVE_CHECK_IGNORE += "CVE-2023-42915"
		65
63	inherit autotools pkgconfig binconfig multilib_header	66	inherit autotools pkgconfig binconfig multilib_header
64		67
65	# Entropy source for random PACKAGECONFIG option	68	# Entropy source for random PACKAGECONFIG option