[kirkstone,05/13] qemu: Whitelist CVE-2023-0664

Message ID	c812189760292ae39f7c10cfbde8f11130cce085.1682788726.git.steve@sakoman.com
State	Accepted, archived
Commit	c812189760292ae39f7c10cfbde8f11130cce085
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.214.171, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 05/13] qemu: Whitelist CVE-2023-0664 Date: Sat, 29 Apr 2023 07:20:25 -1000 Message-Id: <c812189760292ae39f7c10cfbde8f11130cce085.1682788726.git.steve@sakoman.com> In-Reply-To: <cover.1682788726.git.steve@sakoman.com> References: <cover.1682788726.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[kirkstone,01/13] ruby: Fix CVE-2023-28755 \| expand [kirkstone,01/13] ruby: Fix CVE-2023-28755 [kirkstone,02/13] ghostscript: fix CVE-2023-29979 [kirkstone,03/13] xserver-xorg: backport fix for CVE-2023-1393 [kirkstone,04/13] nasm: fix CVE-2022-44370 [kirkstone,05/13] qemu: Whitelist CVE-2023-0664 [kirkstone,06/13] linux-yocto/5.15: update to v5.15.106 [kirkstone,07/13] linux-yocto/5.15: update to v5.15.107 [kirkstone,08/13] linux-yocto/5.15: update to v5.15.108 [kirkstone,09/13] xorg-lib-common: Add variable to set tarball type [kirkstone,10/13] libxpm: upgrade 3.5.13 -> 3.5.15 [kirkstone,11/13] cmake: add CMAKE_SYSROOT to generated toolchain file [kirkstone,12/13] populate_sdk_base: add zip options [kirkstone,13/13] glibc: stable 2.35 branch updates.

Message ID

c812189760292ae39f7c10cfbde8f11130cce085.1682788726.git.steve@sakoman.com

State

Accepted, archived

Commit

c812189760292ae39f7c10cfbde8f11130cce085

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 05/13] qemu: Whitelist CVE-2023-0664
Date: Sat, 29 Apr 2023 07:20:25 -1000
Message-Id: 
 <c812189760292ae39f7c10cfbde8f11130cce085.1682788726.git.steve@sakoman.com>
In-Reply-To: <cover.1682788726.git.steve@sakoman.com>
References: <cover.1682788726.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[kirkstone,01/13] ruby: Fix CVE-2023-28755 | expand

Commit Message

Steve Sakoman April 29, 2023, 5:20 p.m. UTC

From: Virendra Thakur <virendrak@kpit.com>

This CVE is related to Windows.

Link: https://nvd.nist.gov/vuln/detail/CVE-2023-0664

Signed-off-by: Virendra Thakur <virendrak@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/qemu/qemu.inc | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index a6ee958e4b..7f2b52fa88 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -112,6 +112,11 @@  CVE_CHECK_IGNORE += "CVE-2007-0998"
 # https://bugzilla.redhat.com/show_bug.cgi?id=1609015#c11
 CVE_CHECK_IGNORE += "CVE-2018-18438"
 
+# As per https://nvd.nist.gov/vuln/detail/CVE-2023-0664
+# https://bugzilla.redhat.com/show_bug.cgi?id=2167423
+# this bug related to windows specific.
+CVE_CHECK_IGNORE += "CVE-2023-0664"
+
 COMPATIBLE_HOST:mipsarchn32 = "null"
 COMPATIBLE_HOST:mipsarchn64 = "null"
 COMPATIBLE_HOST:riscv32 = "null"

[kirkstone,05/13] qemu: Whitelist CVE-2023-0664

Commit Message

Patch