please ignore this patch ________________________________ From: virendra thakur <[email protected]> Sent: Thursday, April 27, 2023 2:36 PM To: [email protected] <[email protected]> Cc: Virendra Kumar Thakur <[email protected]> Subject: [meta][kirkstone][PATCH] qemu: Whitelist CVE-2023-0664
Caution: This email originated from outside of the KPIT. Do not click links or open attachments unless you recognize the sender and know the content is safe. From: Virendra Thakur <[email protected]> This CVE is related to Windows. Link: https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnvd.nist.gov%2Fvuln%2Fdetail%2FCVE-2023-0664&data=05%7C01%7CVirendra.Thakur%40kpit.com%7C6a79de45761d49fb5d6608db46fecf4f%7C3539451eb46e4a26a242ff61502855c7%7C0%7C0%7C638181832489901831%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=xXSAxOehMYxawXB12m6bE%2BgZY5RO6U9ABlUSDhL%2BeRo%3D&reserved=0<https://nvd.nist.gov/vuln/detail/CVE-2023-0664> Signed-off-by: Virendra Thakur <[email protected]> --- meta/recipes-devtools/qemu/qemu.inc | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index a6ee958e4b..2517fccf93 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -112,8 +112,13 @@ CVE_CHECK_IGNORE += "CVE-2007-0998" # https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.redhat.com%2Fshow_bug.cgi%3Fid%3D1609015%23c11&data=05%7C01%7CVirendra.Thakur%40kpit.com%7C6a79de45761d49fb5d6608db46fecf4f%7C3539451eb46e4a26a242ff61502855c7%7C0%7C0%7C638181832489901831%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=H7T6fq5I5sFUvNSDuE9GTkAxontU9MO8O5m%2Bvoqjp1A%3D&reserved=0<https://bugzilla.redhat.com/show_bug.cgi?id=1609015#c11> CVE_CHECK_IGNORE += "CVE-2018-18438" -COMPATIBLE_HOST:mipsarchn32 = "null" -COMPATIBLE_HOST:mipsarchn64 = "null" +# As per https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnvd.nist.gov%2Fvuln%2Fdetail%2FCVE-2023-0664&data=05%7C01%7CVirendra.Thakur%40kpit.com%7C6a79de45761d49fb5d6608db46fecf4f%7C3539451eb46e4a26a242ff61502855c7%7C0%7C0%7C638181832490058063%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=rfqpcETziItn7gIUQX24YmfRaYDgdpjD79%2BXY8IKcOE%3D&reserved=0<https://nvd.nist.gov/vuln/detail/CVE-2023-0664> +# https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.redhat.com%2Fshow_bug.cgi%3Fid%3D2167423&data=05%7C01%7CVirendra.Thakur%40kpit.com%7C6a79de45761d49fb5d6608db46fecf4f%7C3539451eb46e4a26a242ff61502855c7%7C0%7C0%7C638181832490058063%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ik0WJ0BmNJFP5iid0HYWobhDvZLde0SA5sUSCdjAPCU%3D&reserved=0<https://bugzilla.redhat.com/show_bug.cgi?id=2167423> +# this bug related to windows specific. +CVE_CHECK_IGNORE += "CVE-2023-0664" + +COMPATIBLE_HOST_mipsarchn32 = "null" +COMPATIBLE_HOST_mipsarchn64 = "null" COMPATIBLE_HOST:riscv32 = "null" # Per https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.nongnu.org%2Farchive%2Fhtml%2Fqemu-devel%2F2020-09%2Fmsg03873.html&data=05%7C01%7CVirendra.Thakur%40kpit.com%7C6a79de45761d49fb5d6608db46fecf4f%7C3539451eb46e4a26a242ff61502855c7%7C0%7C0%7C638181832490058063%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=P667j7d18q0rpZfx6ojcRlyZxrtQ%2Ben0uX1D3TukZ1s%3D&reserved=0<https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg03873.html> -- 2.25.1 This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. KPIT Technologies Ltd. does not accept any liability for virus infected mails.
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#180490): https://lists.openembedded.org/g/openembedded-core/message/180490 Mute This Topic: https://lists.openembedded.org/mt/98533138/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
