]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commitdiff
projects / thirdparty / openembedded / openembedded-core-contrib.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 25ba989)
ghostscript: ignore CVE-2025-27837
authorPeter Marko <peter.marko@siemens.com>
Sat, 3 May 2025 18:56:34 +0000 (20:56 +0200)
committerSteve Sakoman <steve@sakoman.com>
Tue, 6 May 2025 16:09:30 +0000 (09:09 -0700)
This CVE only impacts codepaths relevant for Windows builds.
Se [1] from Debian which marks it as not applicable.

[1] https://security-tracker.debian.org/tracker/CVE-2025-27837

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb patch | blob | blame | history

diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb b/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
index 3d4ac77cfad2297555ceeb8d86e530ee8de622a0..fd0506f438c02f3b293a173977c084e488e3fcd7 100644 (file)
--- a/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
+++ b/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
@@ -26,6 +26,8 @@ CVE_CHECK_IGNORE += "CVE-2013-6629"
 CVE_CHECK_IGNORE += "CVE-2023-38560 CVE-2024-46954"
 # Vulnerable code was introduced in 9.56.0, so 9.55.0 is not affected yet
 CVE_CHECK_IGNORE += "CVE-2025-27833"
+# Only impacts codepaths relevant for Windows builds
+CVE_CHECK_IGNORE += "CVE-2025-27837"
 
 def gs_verdir(v):
     return "".join(v.split("."))
Mirror of git://git.openembedded.org/openembedded-core-contrib