]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commitdiff
projects / thirdparty / openembedded / openembedded-core-contrib.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3809e82)
gnupg: Document CVE-2022-3219 and mark wontfix
authorKhem Raj <raj.khem@gmail.com>
Sun, 11 Aug 2024 15:55:15 +0000 (08:55 -0700)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 15 Aug 2024 13:51:52 +0000 (14:51 +0100)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-support/gnupg/gnupg_2.4.5.bb patch | blob | blame | history

diff --git a/meta/recipes-support/gnupg/gnupg_2.4.5.bb b/meta/recipes-support/gnupg/gnupg_2.4.5.bb
index 99996968b1a22eabc229d0c3536ccac1eb062b73..97b5d8856c091cdcdf4c3ab3e298cdf2c6feebe8 100644 (file)
--- a/meta/recipes-support/gnupg/gnupg_2.4.5.bb
+++ b/meta/recipes-support/gnupg/gnupg_2.4.5.bb
@@ -88,3 +88,4 @@ BBCLASSEXTEND = "native nativesdk"
 
 lcl_maybe_fortify:mipsarch = ""
 
+CVE_STATUS[CVE-2022-3219] = "upstream-wontfix: Upstream doesn't seem to be keen on merging the proposed commit - https://dev.gnupg.org/T5993"
Mirror of git://git.openembedded.org/openembedded-core-contrib