This CVE has been fixed in the 2.37 release branch (07b9521fc6) and we're now using a SHA that incorporates that commit, so manually mark it as ignored.
Signed-off-by: Ross Burton <[email protected]> --- meta/recipes-core/glibc/glibc_2.37.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-core/glibc/glibc_2.37.bb b/meta/recipes-core/glibc/glibc_2.37.bb index f299a3004a4..31c94929b93 100644 --- a/meta/recipes-core/glibc/glibc_2.37.bb +++ b/meta/recipes-core/glibc/glibc_2.37.bb @@ -19,6 +19,9 @@ CVE_CHECK_IGNORE += "CVE-2019-1010025" # This has been integrated into the 2.36 branch as of c399271 so is now fixed CVE_CHECK_IGNORE += "CVE-2022-39046" +# This is integrated into the 2.37 branch as of 07b9521fc6 +CVE_CHECK_IGNORE += "CVE-2023-25139" + DEPENDS += "gperf-native bison-native" NATIVESDKFIXES ?= "" -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#177800): https://lists.openembedded.org/g/openembedded-core/message/177800 Mute This Topic: https://lists.openembedded.org/mt/97269644/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
