This is not correct. The patch CVE-2024-3596_00 does not fix any part of that CVE. As the commit message says, it's a style commit so that real CVE patches apply cleanly. If it bothers you that it has CVE in filename but no CVE, maybe rename it instead adding incorrect tag?
Peter > -----Original Message----- > From: [email protected] <openembedded- > [email protected]> On Behalf Of Robert Yang via > lists.openembedded.org > Sent: Monday, January 20, 2025 7:03 > To: [email protected] > Subject: [oe] [meta-oe][scarthgap][PATCH] hostapd: Add CVE id to CVE-2024- > 3596_00.patch > > From: Robert Yang <[email protected]> > > Signed-off-by: Robert Yang <[email protected]> > --- > .../recipes-connectivity/hostapd/hostapd/CVE-2024-3596_00.patch | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/meta-oe/recipes-connectivity/hostapd/hostapd/CVE-2024- > 3596_00.patch b/meta-oe/recipes-connectivity/hostapd/hostapd/CVE-2024- > 3596_00.patch > index 7a8197d2b4..58e1327f2b 100644 > --- a/meta-oe/recipes-connectivity/hostapd/hostapd/CVE-2024-3596_00.patch > +++ b/meta-oe/recipes-connectivity/hostapd/hostapd/CVE-2024-3596_00.patch > @@ -6,6 +6,7 @@ Subject: [PATCH 1/9] ieee802_11_auth: Coding style cleanup - > no string > > Signed-off-by: Jouni Malinen <[email protected]> > > +CVE: CVE-2024-3596 > Upstream-Status: Backport > [https://w1.fi/cgit/hostap/commit/?id=945acf3ef06a6c312927da4fa055693dbac > 432d1] > Signed-off-by: Peter Marko <[email protected]> > --- > -- > 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#115005): https://lists.openembedded.org/g/openembedded-devel/message/115005 Mute This Topic: https://lists.openembedded.org/mt/110710936/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
