From: Peter Marko <[email protected]> This CVE is for iCPE cloudflare:zlib.
Alternative to ignoring would be to limit CVE_PRODUCT, but historic CVEs already have two - gnu:zlib and zlib:zlib. So limiting it could miss future CVEs. Signed-off-by: Peter Marko <[email protected]> --- meta/recipes-core/zlib/zlib_1.2.11.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-core/zlib/zlib_1.2.11.bb b/meta/recipes-core/zlib/zlib_1.2.11.bb index 910fc2ec17..9355f0556e 100644 --- a/meta/recipes-core/zlib/zlib_1.2.11.bb +++ b/meta/recipes-core/zlib/zlib_1.2.11.bb @@ -53,3 +53,6 @@ do_install_append_class-target() { } BBCLASSEXTEND = "native nativesdk" + +# this CVE is for cloudflare zlib +CVE_CHECK_WHITELIST += "CVE-2023-6992" -- 2.30.2
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#193605): https://lists.openembedded.org/g/openembedded-core/message/193605 Mute This Topic: https://lists.openembedded.org/mt/103706225/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
