Details: https://nvd.nist.gov/vuln/detail/CVE-2024-23342
The issue won't be fixed, because it is not in the scope of the project. See also the discussion in the relevant Github issue[1]. [1]: https://github.com/tlsfuzzer/python-ecdsa/issues/330 Signed-off-by: Gyorgy Sarvari <[email protected]> --- meta-python/recipes-devtools/python/python3-ecdsa_0.17.0.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-python/recipes-devtools/python/python3-ecdsa_0.17.0.bb b/meta-python/recipes-devtools/python/python3-ecdsa_0.17.0.bb index 177019ccc2..9ce63c24b4 100644 --- a/meta-python/recipes-devtools/python/python3-ecdsa_0.17.0.bb +++ b/meta-python/recipes-devtools/python/python3-ecdsa_0.17.0.bb @@ -13,3 +13,6 @@ inherit pypi setuptools3 python3native RDEPENDS:${PN} += "python3-six python3-gmpy2 python3-pbr" BBCLASSEXTEND = "native nativesdk" + +# won't fix: https://github.com/tlsfuzzer/python-ecdsa/issues/330 +CVE_CHECK_IGNORE = "CVE-2024-23342"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123999): https://lists.openembedded.org/g/openembedded-devel/message/123999 Mute This Topic: https://lists.openembedded.org/mt/117540992/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
