[mickledore,02/27] python3: ignore CVE-2023-36632

Message ID	3e7f736fa07a132d4fe42a59baaabe565238da21.1690486929.git.steve@sakoman.com
State	New
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.215.175, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 02/27] python3: ignore CVE-2023-36632 Date: Thu, 27 Jul 2023 09:43:20 -1000 Message-Id: <3e7f736fa07a132d4fe42a59baaabe565238da21.1690486929.git.steve@sakoman.com> In-Reply-To: <cover.1690486929.git.steve@sakoman.com> References: <cover.1690486929.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[mickledore,01/27] libjpeg-turbo: patch CVE-2023-2804 \| expand [mickledore,01/27] libjpeg-turbo: patch CVE-2023-2804 [mickledore,02/27] python3: ignore CVE-2023-36632 [mickledore,03/27] cups: Fix CVE-2023-34241 [mickledore,04/27] ruby: Fix CVE-2023-36617 [mickledore,05/27] linux-yocto/6.1: update to v6.1.36 [mickledore,06/27] linux-yocto/6.1: update to v6.1.37 [mickledore,07/27] linux-yocto/6.1: update to v6.1.38 [mickledore,08/27] taglib: upgrade 1.13 -> 1.13.1 [mickledore,09/27] libwebp: upgrade 1.3.0 -> 1.3.1 [mickledore,10/27] scripts/oe-setup-builddir: copy conf-notes.txt to build dir [mickledore,11/27] pkgconf: update SRC_URI [mickledore,12/27] kernel-module-split add systemd modulesloaddir and modprobedir config [mickledore,13/27] uboot-extlinux-config.bbclass: fix old override syntax in comment [mickledore,14/27] mdadm: fix util-linux ptest dependency [mickledore,15/27] mdadm: fix 07revert-inplace ptest [mickledore,16/27] mdadm: fix segfaults when running ptests [mickledore,17/27] mdadm: skip running known broken ptests [mickledore,18/27] mdadm: re-add mdadm-ptest to PTESTS_SLOW [mickledore,19/27] python3: fix missing comma in get_module_deps3.py [mickledore,20/27] meson.bbclass: Point to llvm-config from native sysroot [mickledore,21/27] systemd-systemctl: fix errors in instance name expansion [mickledore,22/27] oeqa/runtime/cases/rpm: fix wait_for_no_process_for_user failure case [mickledore,23/27] rootfs_rpm: don't depend on opkg-native for update-alternatives [mickledore,24/27] oeqa/selftest/devtool: add unit test for "devtool add -b" [mickledore,25/27] openssl: add PERLEXTERNAL path to test its existence [mickledore,26/27] openssl: use a glob on the PERLEXTERNAL to track updates on the path [mickledore,27/27] util-linux: add alternative links for ipcs,ipcrm

Message ID

3e7f736fa07a132d4fe42a59baaabe565238da21.1690486929.git.steve@sakoman.com

State

New

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][mickledore 02/27] python3: ignore CVE-2023-36632
Date: Thu, 27 Jul 2023 09:43:20 -1000
Message-Id: 
 <3e7f736fa07a132d4fe42a59baaabe565238da21.1690486929.git.steve@sakoman.com>
In-Reply-To: <cover.1690486929.git.steve@sakoman.com>
References: <cover.1690486929.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[mickledore,01/27] libjpeg-turbo: patch CVE-2023-2804 | expand

Commit Message

Steve Sakoman July 27, 2023, 7:43 p.m. UTC

From: Peter Marko <peter.marko@siemens.com>

This CVE shouldn't have been filed as the "exploit" is described in the
documentation as how the library behaves.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c652f094d86c4efb7ff99accba63b8169493ab18)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/python/python3_3.11.2.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-devtools/python/python3_3.11.2.bb b/meta/recipes-devtools/python/python3_3.11.2.bb
index 5bd8d32b14..f3be9768bf 100644
--- a/meta/recipes-devtools/python/python3_3.11.2.bb
+++ b/meta/recipes-devtools/python/python3_3.11.2.bb
@@ -56,6 +56,8 @@  CVE_CHECK_IGNORE += "CVE-2020-15523 CVE-2022-26488"
 # The mailcap module is insecure by design, so this can't be fixed in a meaningful way.
 # The module will be removed in the future and flaws documented.
 CVE_CHECK_IGNORE += "CVE-2015-20107"
+# Not an issue, in fact expected behaviour
+CVE_CHECK_IGNORE += "CVE-2023-36632"
 
 PYTHON_MAJMIN = "3.11"

[mickledore,02/27] python3: ignore CVE-2023-36632

Commit Message

Patch