From: Harish Sadineni <harish.sadin...@windriver.com>
CVE-2024-24576 only applies when invoking batch files (with the `bat` and `cmd`
extensions) on Windows & No other platform or use is affected.
More details about CVE is here: https://nvd.nist.gov/vuln/detail/CVE-2024-24576
Signed-off-by: Harish Sadineni <harish.sadin...@windriver.com>
---
meta/recipes-devtools/rust/rust-source.inc | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-devtools/rust/rust-source.inc
b/meta/recipes-devtools/rust/rust-source.inc
index ea70ad786f..c377a680a7 100644
--- a/meta/recipes-devtools/rust/rust-source.inc
+++ b/meta/recipes-devtools/rust/rust-source.inc
@@ -5,3 +5,6 @@ RUSTSRC = "${WORKDIR}/rustc-${PV}-src"
UPSTREAM_CHECK_URI =
"https://forge.rust-lang.org/infra/other-installation-methods.html";
UPSTREAM_CHECK_REGEX = "rustc-(?P<pver>\d+(\.\d+)+)-src"
+
+#CVE-2024-24576 is specific to Microsoft Windows
+CVE_CHECK_IGNORE += "CVE-2024-24576"
--
2.43.0
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#198436):
https://lists.openembedded.org/g/openembedded-core/message/198436
Mute This Topic: https://lists.openembedded.org/mt/105554720/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
