]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commitdiff
projects / thirdparty / openembedded / openembedded-core-contrib.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 128cfc5)
gcc: Update status of CVE-2023-4039
authorSimone Weiß <simone.p.weiss@posteo.com>
Mon, 22 Jan 2024 16:41:32 +0000 (16:41 +0000)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Fri, 26 Jan 2024 14:56:41 +0000 (14:56 +0000)
This is fixed via a patch added in gcc-13.2.inc already, but still
reported e.g. for libgcc as it is not defining an own source but use the
shared gcc-source.

Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-devtools/gcc/gcc-13.2.inc patch | blob | blame | history

diff --git a/meta/recipes-devtools/gcc/gcc-13.2.inc b/meta/recipes-devtools/gcc/gcc-13.2.inc
index 359db1e2781a810d0572b6df0b21f0b3e2b8e8de..32fddd11c238db0d9dfeb242d3fa267bddb3c6a5 100644 (file)
--- a/meta/recipes-devtools/gcc/gcc-13.2.inc
+++ b/meta/recipes-devtools/gcc/gcc-13.2.inc
@@ -115,3 +115,4 @@ EXTRA_OECONF_PATHS = "\
 "
 
 CVE_STATUS[CVE-2021-37322] = "cpe-incorrect: Is a binutils 2.26 issue, not gcc"
+CVE_STATUS[CVE-2023-4039] = "fixed-version: Fixed via CVE-2023-4039.patch included here. Set the status explictly to deal with all recipes that share the gcc-source"
Mirror of git://git.openembedded.org/openembedded-core-contrib