From: Peter Marko <peter.ma...@siemens.com> This CVE is for iCPE cloudflare:zlib.
Alternative to ignoring would be to limit CVE_PRODUCT, but historic CVEs already have two - gnu:zlib and zlib:zlib. So limiting it could miss future CVEs. Signed-off-by: Peter Marko <peter.ma...@siemens.com> Signed-off-by: Steve Sakoman <st...@sakoman.com> --- meta/recipes-core/zlib/zlib_1.2.11.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-core/zlib/zlib_1.2.11.bb b/meta/recipes-core/zlib/zlib_1.2.11.bb index d75474dcb6..393ac61e3d 100644 --- a/meta/recipes-core/zlib/zlib_1.2.11.bb +++ b/meta/recipes-core/zlib/zlib_1.2.11.bb @@ -54,3 +54,6 @@ do_install:append:class-target() { } BBCLASSEXTEND = "native nativesdk" + +# this CVE is for cloudflare zlib +CVE_CHECK_IGNORE += "CVE-2023-6992" -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#193928): https://lists.openembedded.org/g/openembedded-core/message/193928 Mute This Topic: https://lists.openembedded.org/mt/103788767/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-