Details: https://nvd.nist.gov/vuln/detail/CVE-2023-26112
The fix[1] is already included in the recipe version (5.0.9), the CVE can be marked as patched. [1]: https://github.com/DiffSK/configobj/commit/7c618b0bbaff6ecaca51a6f05b29795d1377a4a5 Signed-off-by: Gyorgy Sarvari <[email protected]> --- meta-python/recipes-devtools/python/python3-configobj_5.0.9.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-python/recipes-devtools/python/python3-configobj_5.0.9.bb b/meta-python/recipes-devtools/python/python3-configobj_5.0.9.bb index bd4764f4de..b2fea46cd6 100644 --- a/meta-python/recipes-devtools/python/python3-configobj_5.0.9.bb +++ b/meta-python/recipes-devtools/python/python3-configobj_5.0.9.bb @@ -13,3 +13,5 @@ RDEPENDS:${PN} += " \ python3-pprint \ python3-six \ " + +CVE_STATUS[CVE-2023-26112] = "fixed-version: the current version (5.0.9) is already fixed"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123154): https://lists.openembedded.org/g/openembedded-devel/message/123154 Mute This Topic: https://lists.openembedded.org/mt/117084639/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
