From: Ross Burton <ross.burton@arm.com>
Date: Tue, 9 Sep 2025 12:57:59 +0000 (+0100)
Subject: pulseaudio: ignore CVE-2024-11586
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=dc81fdc6bdf8ab39b7f2fd994d50256430c36558;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git

pulseaudio: ignore CVE-2024-11586

As per the linked ticket, this issue is related to an Ubuntu-specific
patch that we don't have.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---

diff --git a/meta/recipes-multimedia/pulseaudio/pulseaudio.inc b/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
index 16c142130b..246d3363eb 100644
--- a/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
+++ b/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
@@ -290,3 +290,5 @@ RDEPENDS:pulseaudio-server += "\
 RDEPENDS:pulseaudio-server += "${@bb.utils.contains('DISTRO_FEATURES', 'x11', \
                                   bb.utils.contains('DISTRO_FEATURES', 'systemd', 'pulseaudio-module-systemd-login', 'pulseaudio-module-console-kit', d), \
                                   '', d)}"
+
+CVE_STATUS[CVE-2024-11586] = "not-applicable-platform: specific to Ubuntu 16.04"