From: Peter Marko <peter.ma...@siemens.com>
This CVE is for iCPE cloudflare:zlib.
Alternative to ignoring would be to limit CVE_PRODUCT, but
historic CVEs already have two - gnu:zlib and zlib:zlib.
So limiting it could miss future CVEs.
Signed-off-by: Peter Marko <peter.ma...@siemens.com>
Signed-off-by: Steve Sakoman <st...@sakoman.com>
---
meta/recipes-core/zlib/zlib_1.2.11.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-core/zlib/zlib_1.2.11.bb
b/meta/recipes-core/zlib/zlib_1.2.11.bb
index d75474dcb6..393ac61e3d 100644
--- a/meta/recipes-core/zlib/zlib_1.2.11.bb
+++ b/meta/recipes-core/zlib/zlib_1.2.11.bb
@@ -54,3 +54,6 @@ do_install:append:class-target() {
}
BBCLASSEXTEND = "native nativesdk"
+
+# this CVE is for cloudflare zlib
+CVE_CHECK_IGNORE += "CVE-2023-6992"
--
2.34.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#193928):
https://lists.openembedded.org/g/openembedded-core/message/193928
Mute This Topic: https://lists.openembedded.org/mt/103788767/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
