curl: ignore CVE-2025-0725

CVE-2025-0725 can only trigger for curl when using a runtime zlib version 1.2.0.3 or older and kirkstone supports zlib 1.2.11 version, hence ignore cve for kirkstone. Reference: https://curl.se/docs/CVE-2025-0725.html https://git.openembedded.org/openembedded-core/commit/?h=scarthgap&id=8c3b4a604b40260e7ca9575715dd8017e17d35c0 (From OE-Core rev: 9077246122b1284e8b6430384cccaf6f0b6c80c3) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Yogita Urade <yogita.urade@windriver.com> 2025-04-02 08:20:01 +0000
committer: Steve Sakoman <steve@sakoman.com> 2025-04-11 08:36:02 -0700
commit: b5b884bc1aedd778fd152f077b3f229089f8760e (patch)
tree: ceaa6b38c068e6867e087cadd1e413b4ba98b27a
parent: d70d287a77d5026b698ac237ab865b2dafd36bb8 (diff)
download: poky-b5b884bc1aedd778fd152f077b3f229089f8760e.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl_7.82.0.bb b/meta/recipes-support/curl/curl_7.82.0.bb
index cda42da4d3..748afc1235 100644
--- a/meta/recipes-support/curl/curl_7.82.0.bb
+++ b/meta/recipes-support/curl/curl_7.82.0.bb
@@ -73,6 +73,8 @@ CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl dan
 CVE_CHECK_IGNORE += "CVE-2023-42915"
 # ignored: CURLOPT_SSL_VERIFYPEER was disabled on google cloud services causing a potential man in the middle attack
 CVE_CHECK_IGNORE += "CVE-2024-32928"
+# ignored: gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, using zlib 1.2.0.3 or older
+CVE_CHECK_IGNORE += "CVE-2025-0725"
 inherit autotools pkgconfig binconfig multilib_header
author	Yogita Urade <yogita.urade@windriver.com>	2025-04-02 08:20:01 +0000
committer	Steve Sakoman <steve@sakoman.com>	2025-04-11 08:36:02 -0700
commit	b5b884bc1aedd778fd152f077b3f229089f8760e (patch)
tree	ceaa6b38c068e6867e087cadd1e413b4ba98b27a
parent	d70d287a77d5026b698ac237ab865b2dafd36bb8 (diff)
download	poky-b5b884bc1aedd778fd152f077b3f229089f8760e.tar.gz

diff --git a/meta/recipes-support/curl/curl_7.82.0.bb b/meta/recipes-support/curl/curl_7.82.0.bb index cda42da4d3..748afc1235 100644 --- a/meta/recipes-support/curl/curl_7.82.0.bb +++ b/meta/recipes-support/curl/curl_7.82.0.bb
@@ -73,6 +73,8 @@ CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl dan
73	CVE_CHECK_IGNORE += "CVE-2023-42915"	73	CVE_CHECK_IGNORE += "CVE-2023-42915"
74	# ignored: CURLOPT_SSL_VERIFYPEER was disabled on google cloud services causing a potential man in the middle attack	74	# ignored: CURLOPT_SSL_VERIFYPEER was disabled on google cloud services causing a potential man in the middle attack
75	CVE_CHECK_IGNORE += "CVE-2024-32928"	75	CVE_CHECK_IGNORE += "CVE-2024-32928"
		76	# ignored: gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, using zlib 1.2.0.3 or older
		77	CVE_CHECK_IGNORE += "CVE-2025-0725"
76		78
77	inherit autotools pkgconfig binconfig multilib_header	79	inherit autotools pkgconfig binconfig multilib_header
78		80