From: Alex Stewart <[email protected]> CVE-2023-47100 is a duplicate of CVE-2023-47038. They have the same advertised fix commit, which has already been merged into the perl_5.34.3 sources used in kirkstone.
Signed-off-by: Alex Stewart <[email protected]> Signed-off-by: Steve Sakoman <[email protected]> --- meta/recipes-devtools/perl/perl_5.34.3.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-devtools/perl/perl_5.34.3.bb b/meta/recipes-devtools/perl/perl_5.34.3.bb index e8b518adc9..215990c8fa 100644 --- a/meta/recipes-devtools/perl/perl_5.34.3.bb +++ b/meta/recipes-devtools/perl/perl_5.34.3.bb @@ -48,6 +48,9 @@ PACKAGECONFIG[gdbm] = ",-Ui_gdbm,gdbm" # Don't generate comments in enc2xs output files. They are not reproducible export ENC2XS_NO_COMMENTS = "1" +# Duplicate of CVE-2023-47038, which has already been patched as of perl_5.34.3 +CVE_CHECK_IGNORE:append = " CVE-2023-47100" + do_configure:prepend() { cp -rfp ${STAGING_DATADIR_NATIVE}/perl-cross/* ${S} } -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198439): https://lists.openembedded.org/g/openembedded-core/message/198439 Mute This Topic: https://lists.openembedded.org/mt/105554912/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
