CVE-2020-35864 is for the rust crate for flatbuffers, not flatbuffers itself.
https://security-tracker.debian.org/tracker/CVE-2020-35864 "NOT-FOR-US: flatbuffers rust crate" Signed-off-by: Mikko Rapeli <[email protected]> --- meta-oe/recipes-devtools/flatbuffers/flatbuffers_1.12.0.bb | 3 +++ 1 file changed, 3 insertions(+) v2: added comment to recipe too diff --git a/meta-oe/recipes-devtools/flatbuffers/flatbuffers_1.12.0.bb b/meta-oe/recipes-devtools/flatbuffers/flatbuffers_1.12.0.bb index 1abfc8819..b9562f06e 100644 --- a/meta-oe/recipes-devtools/flatbuffers/flatbuffers_1.12.0.bb +++ b/meta-oe/recipes-devtools/flatbuffers/flatbuffers_1.12.0.bb @@ -14,6 +14,9 @@ SRCREV = "6df40a2471737b27271bdd9b900ab5f3aec746c7" SRC_URI = "git://github.com/google/flatbuffers.git" +# affects only flatbuffers rust crate +CVE_CHECK_WHITELIST += "CVE-2020-35864" + CXXFLAGS += "-fPIC" BUILD_CXXFLAGS += "-fPIC" -- 2.20.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#88791): https://lists.openembedded.org/g/openembedded-devel/message/88791 Mute This Topic: https://lists.openembedded.org/mt/79707632/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
