The recipe used in the meta-openembedded is a different st package compared to the one which has the CVE issue. Package used in meta-embedded: https://st.suckless.org/ Package with CVE issue: https://www.npmjs.com/package/st No action required.
Signed-off-by: Ninette Adhikari <[email protected]> --- meta-oe/recipes-graphics/suckless/st_0.9.2.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-oe/recipes-graphics/suckless/st_0.9.2.bb b/meta-oe/recipes-graphics/suckless/st_0.9.2.bb index 5e0f2e71c..22ad0211b 100644 --- a/meta-oe/recipes-graphics/suckless/st_0.9.2.bb +++ b/meta-oe/recipes-graphics/suckless/st_0.9.2.bb @@ -33,3 +33,5 @@ ALTERNATIVE:${PN} = "st st-256color" ALTERNATIVE_LINK_NAME[st] = "${datadir}/terminfo/s/st" ALTERNATIVE_LINK_NAME[st-256color] = "${datadir}/terminfo/s/st-256color" + +CVE_STATUS[CVE-2017-16224] = "cpe-incorrect: The recipe used in the meta-openembedded is a different st package compared to the one which has the CVE issue." -- 2.44.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#110185): https://lists.openembedded.org/g/openembedded-devel/message/110185 Mute This Topic: https://lists.openembedded.org/mt/105801716/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
