summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPeter Marko <peter.marko@siemens.com>2024-02-01 23:50:17 +0100
committerSteve Sakoman <steve@sakoman.com>2024-02-09 03:46:50 -1000
commit817f0e1f8957d2b1db2a01e0fe1abab6ac4bb782 (patch)
tree062f7181c3ccc42cb46eeef0db5508887657599d
parent3975d9f2850d4acdb413fbaf2ac3b2414ed85dec (diff)
downloadpoky-817f0e1f8957d2b1db2a01e0fe1abab6ac4bb782.tar.gz
curl: ignore CVE-2023-42915
This CVE reports that apple had to upgrade curl because of other already reported CVEs: * CVE-2023-38039: not affected, introduced in 7.84.0 * CVE-2023-38545: patch already backported * CVE-2023-38546: patch already backported * CVE-2023-42915: reference to itself (From OE-Core rev: 2771a1248a251650f6e2e64731f56ed928c29ce5) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
-rw-r--r--meta/recipes-support/curl/curl_7.82.0.bb3
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl_7.82.0.bb b/meta/recipes-support/curl/curl_7.82.0.bb
index 9e9ff00bf7..965f05bc98 100644
--- a/meta/recipes-support/curl/curl_7.82.0.bb
+++ b/meta/recipes-support/curl/curl_7.82.0.bb
@@ -60,6 +60,9 @@ SRC_URI[sha256sum] = "0aaa12d7bd04b0966254f2703ce80dd5c38dbbd76af0297d3d690cdce5
60# Curl has used many names over the years... 60# Curl has used many names over the years...
61CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl daniel_stenberg:curl" 61CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl daniel_stenberg:curl"
62 62
63# This CVE reports that apple had to upgrade curl because of other already reported CVEs
64CVE_CHECK_IGNORE += "CVE-2023-42915"
65
63inherit autotools pkgconfig binconfig multilib_header 66inherit autotools pkgconfig binconfig multilib_header
64 67
65# Entropy source for random PACKAGECONFIG option 68# Entropy source for random PACKAGECONFIG option