From: Harish Sadineni <harish.sadin...@windriver.com> CVE-2024-24576 only applies when invoking batch files (with the `bat` and `cmd` extensions) on Windows & No other platform or use is affected. More details about CVE is here: https://nvd.nist.gov/vuln/detail/CVE-2024-24576
Signed-off-by: Harish Sadineni <harish.sadin...@windriver.com> --- meta/recipes-devtools/rust/rust-source.inc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-devtools/rust/rust-source.inc b/meta/recipes-devtools/rust/rust-source.inc index ea70ad786f..c377a680a7 100644 --- a/meta/recipes-devtools/rust/rust-source.inc +++ b/meta/recipes-devtools/rust/rust-source.inc @@ -5,3 +5,6 @@ RUSTSRC = "${WORKDIR}/rustc-${PV}-src" UPSTREAM_CHECK_URI = "https://forge.rust-lang.org/infra/other-installation-methods.html" UPSTREAM_CHECK_REGEX = "rustc-(?P<pver>\d+(\.\d+)+)-src" + +#CVE-2024-24576 is specific to Microsoft Windows +CVE_CHECK_IGNORE += "CVE-2024-24576" -- 2.43.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198436): https://lists.openembedded.org/g/openembedded-core/message/198436 Mute This Topic: https://lists.openembedded.org/mt/105554720/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-