[oe] [meta-multimedia][kirkstone][PATCH 1/4] streamripper: ignore CVE-2020-37065

Gyorgy Sarvari via lists.openembedded.org Fri, 27 Feb 2026 07:40:41 -0800

Details: https://nvd.nist.gov/vuln/detail/CVE-2020-37065


The vulnerability is about a 3rd party Windows-only GUI frontend for
the streamripper library, and not for the CLI application that the
recipe builds. Due to this ignore this CVE.

Signed-off-by: Gyorgy Sarvari <[email protected]>
---
 .../recipes-multimedia/streamripper/streamripper_1.64.6.bb     | 3 +++
 1 file changed, 3 insertions(+)

diff --git 
a/meta-multimedia/recipes-multimedia/streamripper/streamripper_1.64.6.bb 
b/meta-multimedia/recipes-multimedia/streamripper/streamripper_1.64.6.bb
index 6014326826..beea0c5795 100644
--- a/meta-multimedia/recipes-multimedia/streamripper/streamripper_1.64.6.bb
+++ b/meta-multimedia/recipes-multimedia/streamripper/streamripper_1.64.6.bb
@@ -30,3 +30,6 @@ EXTRA_OECONF += "\
 
 # the included argv library needs this
 CPPFLAGS:append = " -DANSI_PROTOTYPES"
+
+# cpe-incorrect: the vulnerability is about a Windows frontend, not the CLI
+CVE_CHECK_IGNORE = "CVE-2020-37065"

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#124758): 
https://lists.openembedded.org/g/openembedded-devel/message/124758
Mute This Topic: https://lists.openembedded.org/mt/118031972/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

[oe] [meta-multimedia][kirkstone][PATCH 1/4] streamripper: ignore CVE-2020-37065

Reply via email to