CVE_STATUS is not supported in kirkstone, you should use CVE_CHECK_IGNORE Steve
On Mon, Apr 15, 2024 at 5:01 AM Sadineni, Harish via lists.openembedded.org <[email protected]> wrote: > > From: Harish Sadineni <[email protected]> > > CVE-2024-24576 only applies when invoking batch files (with the `bat` and > `cmd` extensions) on Windows & No other platform or use is affected. > More details about CVE is here: > https://nvd.nist.gov/vuln/detail/CVE-2024-24576 > > Signed-off-by: Harish Sadineni <[email protected]> > --- > meta/recipes-devtools/rust/rust-source.inc | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/meta/recipes-devtools/rust/rust-source.inc > b/meta/recipes-devtools/rust/rust-source.inc > index ea70ad786f..b8dcc56482 100644 > --- a/meta/recipes-devtools/rust/rust-source.inc > +++ b/meta/recipes-devtools/rust/rust-source.inc > @@ -5,3 +5,5 @@ RUSTSRC = "${WORKDIR}/rustc-${PV}-src" > > UPSTREAM_CHECK_URI = > "https://forge.rust-lang.org/infra/other-installation-methods.html"; > UPSTREAM_CHECK_REGEX = "rustc-(?P<pver>\d+(\.\d+)+)-src" > + > +CVE_STATUS[CVE-2024-24576] = "not-applicable-platform: Issue only applies on > Windows" > -- > 2.43.0 > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198238): https://lists.openembedded.org/g/openembedded-core/message/198238 Mute This Topic: https://lists.openembedded.org/mt/105534166/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
