From: Sudhir Dumbhare <[email protected]> The vulnerability is Windows-specific and depends on command-line handling through CreateProcess, which does not apply to Linux/Yocto builds.
Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-3566 Signed-off-by: Sudhir Dumbhare <[email protected]> Signed-off-by: Yoann Congal <[email protected]> --- meta/recipes-devtools/rust/rust-source.inc | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-devtools/rust/rust-source.inc b/meta/recipes-devtools/rust/rust-source.inc index 5b433ceae78..318c7f0e293 100644 --- a/meta/recipes-devtools/rust/rust-source.inc +++ b/meta/recipes-devtools/rust/rust-source.inc @@ -23,3 +23,4 @@ UPSTREAM_CHECK_REGEX = "rustc-(?P<pver>\d+(\.\d+)+)-src" CVE_STATUS[CVE-2024-24576] = "not-applicable-platform: Issue only applies on Windows" CVE_STATUS[CVE-2024-43402] = "not-applicable-platform: Issue only applies on Windows" +CVE_STATUS[CVE-2024-3566] = "not-applicable-platform: Issue only applies on Windows"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#239448): https://lists.openembedded.org/g/openembedded-core/message/239448 Mute This Topic: https://lists.openembedded.org/mt/119949405/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
