libarchive: ignore CVE-2024-48615 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Peter Marko <peter.marko@siemens.com>	2025-04-25 18:28:25 +0200
committer	Steve Sakoman <steve@sakoman.com>	2025-05-02 08:12:41 -0700
commit	68f82bca137634f4ef7d71c91fbe7f9ed19d8464 (patch)
tree	6e6072bacb56088f18c172b6e0335157386d937e /scripts/lib/devtool/import.py
parent	f6bbf5dc3affaed1eaa001c5b3e1879b71c503e3 (diff)
download	poky-68f82bca137634f4ef7d71c91fbe7f9ed19d8464.tar.gz

libarchive: ignore CVE-2024-48615

Fix for this CVE [1] is patchong code introduced by [2] in v3.7.5. So v3.6.2 is not affected yet and the CVE can be safely ignored. Also Debian tracker [3] contains this statement. [1] https://github.com/libarchive/libarchive/commit/565b5aea491671ae33df1ca63697c10d54c00165 [2] https://github.com/libarchive/libarchive/commit/2d8a5760c5ec553283a95a1aaca746f6eb472d0f [3] https://security-tracker.debian.org/tracker/CVE-2024-48615 (From OE-Core rev: 60390a3a28242efba32360426b0a3be6af5fb54b) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'scripts/lib/devtool/import.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: