libyaml: Change CVE status to wontfix

author Khem Raj <raj.khem@gmail.com>

Wed, 31 Jul 2024 15:53:11 +0000 (08:53 -0700)

committer Richard Purdie <richard.purdie@linuxfoundation.org>

Thu, 1 Aug 2024 08:20:22 +0000 (09:20 +0100)
author Khem Raj <raj.khem@gmail.com>
Wed, 31 Jul 2024 15:53:11 +0000 (08:53 -0700)
committer Richard Purdie <richard.purdie@linuxfoundation.org>
Thu, 1 Aug 2024 08:20:22 +0000 (09:20 +0100)
diff --git a/meta/recipes-support/libyaml/libyaml_0.2.5.bb b/meta/recipes-support/libyaml/libyaml_0.2.5.bb

index 2d6f27af1fcc07a2e0ccb377bfd4f19cc7298308..2154910d0cafc51a32b524db086e05e81945714f 100644 (file)
--- a/meta/recipes-support/libyaml/libyaml_0.2.5.bb
+++ b/meta/recipes-support/libyaml/libyaml_0.2.5.bb
@@ -18,6 +18,6 @@ inherit autotools
  DISABLE_STATIC:class-nativesdk = ""
  DISABLE_STATIC:class-native = ""
  
-CVE_STATUS[CVE-2024-35328] = "disputed: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302"
+CVE_STATUS[CVE-2024-35328] = "wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302"
  
  BBCLASSEXTEND = "native nativesdk"
author	Khem Raj <raj.khem@gmail.com>
	Wed, 31 Jul 2024 15:53:11 +0000 (08:53 -0700)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Thu, 1 Aug 2024 08:20:22 +0000 (09:20 +0100)