From: Harish Sadineni <[email protected]> CVE-2024-24576 only applies when invoking batch files (with the `bat` and `cmd` extensions) on Windows & No other platform or use is affected. More details about CVE is here: https://nvd.nist.gov/vuln/detail/CVE-2024-24576
Signed-off-by: Harish Sadineni <[email protected]> --- meta/recipes-devtools/rust/rust-source.inc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-devtools/rust/rust-source.inc b/meta/recipes-devtools/rust/rust-source.inc index ea70ad786f..b8dcc56482 100644 --- a/meta/recipes-devtools/rust/rust-source.inc +++ b/meta/recipes-devtools/rust/rust-source.inc @@ -5,3 +5,5 @@ RUSTSRC = "${WORKDIR}/rustc-${PV}-src" UPSTREAM_CHECK_URI = "https://forge.rust-lang.org/infra/other-installation-methods.html"; UPSTREAM_CHECK_REGEX = "rustc-(?P<pver>\d+(\.\d+)+)-src" + +CVE_STATUS[CVE-2024-24576] = "not-applicable-platform: Issue only applies on Windows" -- 2.43.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198234): https://lists.openembedded.org/g/openembedded-core/message/198234 Mute This Topic: https://lists.openembedded.org/mt/105534166/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
