]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
git: Ignore CVE-2022-24975
authorRichard Purdie <richard.purdie@linuxfoundation.org>
Tue, 12 Apr 2022 10:21:13 +0000 (11:21 +0100)
committerSteve Sakoman <steve@sakoman.com>
Thu, 14 Apr 2022 17:19:24 +0000 (07:19 -1000)
commitf35500a442d6a4564d52e23f9602a3f90a4ceee5
tree2b1b6a6b97286fd101375077c17693e548ce0dea
parentda4180062f12aa855a0dd2c0dbe4f0721df67055
git: Ignore CVE-2022-24975

Everyone I've talked to doesn't see this as a major issue. The CVE
asks for a documentation improvement on the --mirror option to
git clone as deleted content could be leaked into a mirror. For OE's
general users/use cases, we wouldn't build or ship docs so this wouldn't
affect us.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5dfe2dd5482c9a446f8e722fe51903d205e6770d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-devtools/git/git.inc