diff mbox series

[V2] sqlite3: set CVE_STATUS for CVE-2023-36191

Message ID 20230904020947.3514353-1-changqing.li@windriver.com
State Accepted, archived
Commit 34874433c1e6c9e21d45d9ba686e4bb15479659d
Headers show
Series [V2] sqlite3: set CVE_STATUS for CVE-2023-36191 | expand

Commit Message

Changqing Li Sept. 4, 2023, 2:09 a.m. UTC 
From: Changqing Li <changqing.li@windriver.com>

The error is a bug. It has been fixed upstream. But it is not a
vulnerability. You may safely ignore the CVE.

Refer:
[1] https://www.sqlite.org/forum/forumpost/19f55ef73b

Signed-off-by: Changqing Li <changqing.li@windriver.com>
---
 meta/recipes-support/sqlite/sqlite3_3.42.0.bb | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-support/sqlite/sqlite3_3.42.0.bb b/meta/recipes-support/sqlite/sqlite3_3.42.0.bb
index 8783f620f4..0ad406209b 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.42.0.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.42.0.bb
@@ -6,3 +6,5 @@  LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed0
 SRC_URI = "http://www.sqlite.org/2023/sqlite-autoconf-${SQLITE_PV}.tar.gz"
 SRC_URI[sha256sum] = "7abcfd161c6e2742ca5c6c0895d1f853c940f203304a0b49da4e1eca5d088ca6"
 
+CVE_STATUS[CVE-2023-36191] = "disputed: The error is a bug. It has been fixed upstream. But it is not a vulnerability"
+