flex: Add CVE-2019-6293 to exclusions for checks - linux/poky.git

diff options

author	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-09-06 13:49:26 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-09-17 21:31:37 +0100
commit	374cefda4ffb413e1656c8b48042a524b2fc3234 (patch)
tree	ac33c45329501ea64ea5180e6bf19b18afdfce46 /bitbake/lib/codegen.py
parent	65f30e522275a22928000bc2796c8f2c7064bbbc (diff)
download	poky-374cefda4ffb413e1656c8b48042a524b2fc3234.tar.gz

flex: Add CVE-2019-6293 to exclusions for checks

CVE is effectively disputed - yes there is stack exhaustion but no bug and it is building the parser, not running it, effectively similar to a compiler ICE. Upstream no plans to address and there is no security issue. https://github.com/westes/flex/issues/414 (From OE-Core rev: e2de2e5e977d84dab6cb1461800d4c29436da5c9) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0cae5d7a24bedf6784781b62cbb3795a44bab4d1) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'bitbake/lib/codegen.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: