diff mbox series

[kirkstone] zlib: ignore CVE-2023-6992

Message ID 20240113180752.813855-1-peter.marko@siemens.com
State Accepted, archived
Commit f46c9105d4253153a5986f2b307273e43ee98c33
Headers show
Series [kirkstone] zlib: ignore CVE-2023-6992 | expand

Commit Message

Peter Marko Jan. 13, 2024, 6:07 p.m. UTC 
From: Peter Marko <peter.marko@siemens.com>

This CVE is for iCPE cloudflare:zlib.

Alternative to ignoring would be to limit CVE_PRODUCT, but
historic CVEs already have two - gnu:zlib and zlib:zlib.
So limiting it could miss future CVEs.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/recipes-core/zlib/zlib_1.2.11.bb | 3 +++
 1 file changed, 3 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-core/zlib/zlib_1.2.11.bb b/meta/recipes-core/zlib/zlib_1.2.11.bb
index d75474dcb6..393ac61e3d 100644
--- a/meta/recipes-core/zlib/zlib_1.2.11.bb
+++ b/meta/recipes-core/zlib/zlib_1.2.11.bb
@@ -54,3 +54,6 @@  do_install:append:class-target() {
 }
 
 BBCLASSEXTEND = "native nativesdk"
+
+# this CVE is for cloudflare zlib
+CVE_CHECK_IGNORE += "CVE-2023-6992"