Hi @Steve Sakoman @[email protected], Kindly consider this patch for "master" branch. Apologies for the error.
> -----Original Message----- > From: [email protected] <openembedded- > [email protected]> On Behalf Of Dhairya Nagodra via > lists.openembedded.org > Sent: Friday, September 1, 2023 9:38 AM > To: [email protected] > Cc: [email protected]; xe-linux-external(mailer list) <xe-linux- > [email protected]>; Dhairya Nagodra -X (dnagodra - E-INFO CHIPS INC at > Cisco) <[email protected]> > Subject: [OE-core] [dunfell] [PATCH] flex: Exclude CVE-2015-1773 from cve- > check. > > Issue only affects Apache. > > Signed-off-by: Dhairya Nagodra <[email protected]> > --- > meta/recipes-devtools/flex/flex_2.6.4.bb | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/meta/recipes-devtools/flex/flex_2.6.4.bb b/meta/recipes- > devtools/flex/flex_2.6.4.bb > index 1ac88d65ef..5be7351f4c 100644 > --- a/meta/recipes-devtools/flex/flex_2.6.4.bb > +++ b/meta/recipes-devtools/flex/flex_2.6.4.bb > @@ -31,6 +31,8 @@ CVE_STATUS[CVE-2019-6293] = "upstream-wontfix: \ > there is stack exhaustion but no bug and it is building the \ parser, not > running it, effectively similar to a compiler ICE. Upstream no plans to > address > this." > > +CVE_STATUS[CVE-2015-1773] = "not-applicable-platform: Issue only affects > Apache." > + > inherit autotools gettext texinfo ptest github-releases > > M4 = "${bindir}/m4" > -- > 2.35.6
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#186990): https://lists.openembedded.org/g/openembedded-core/message/186990 Mute This Topic: https://lists.openembedded.org/mt/101088488/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
