rust-cross-canadian: Set CVE_STATUS ignore for CVE-2024-43402

This CVE was created because fix for CVE-2024-24576 was incomplete.
Ignore the new CVE in the same way as the old one.

See https://nvd.nist.gov/vuln/detail/CVE-2024-43402

As per NVD, this CVE only affects to Windows platform

Reference: https://git.yoctoproject.org/meta-lts-mixins/commit/?h=scarthgap/rust&id=13f045acf6388d1e320fd4c0f3ca19ca7a75ef44

Signed-off-by: Virendra Thakur <virendra.thakur@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

diff --git a/meta/recipes-devtools/rust/rust-cross-canadian.inc b/meta/recipes-devtools/rust/rust-cross-canadian.inc
index dbf997560bb83d16d414ca3ee44c72569bd19fc6..ac5f6bd57c9434b6d0a83106271dbc682729e5ed 100644 (file)
--- a/meta/recipes-devtools/rust/rust-cross-canadian.inc
+++ b/meta/recipes-devtools/rust/rust-cross-canadian.inc
@@ -15,6 +15,10 @@ SRC_URI += "file://target-rust-ccld.c"
 LIC_FILES_CHKSUM = "file://target-rust-ccld.c;md5=af4e0e29f81a34cffe05aa07c89e93e9;endline=7"
 S = "${WORKDIR}"
 
+# As per NVD, this CVE only affects to Windows platform
+# Link: https://nvd.nist.gov/vuln/detail/CVE-2024-43402
+CVE_STATUS[CVE-2024-43402] = "not-applicable-platform: Issue only applies on Windows"
+
 # Need to use our SDK's sh here, see #14878
 create_sdk_wrapper () {
         file="$1"