From: Ross Burton <ross.burton@arm.com>
Date: Mon, 30 Jan 2023 12:07:08 +0000 (+0000)
Subject: git: ignore CVE-2022-41953
X-Git-Tag: 2022-10.3-langdale~78
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e06bed59b2ad4f6ac152c50b445092a208c43ee5;p=thirdparty%2Fopenembedded%2Fopenembedded-core.git

git: ignore CVE-2022-41953

This is specific to Git-for-Windows.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c8849af809e0213d43e18e5d01067eeeb61b330d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---

diff --git a/meta/recipes-devtools/git/git_2.37.4.bb b/meta/recipes-devtools/git/git_2.37.4.bb
index 2205a50d160..8342b383137 100644
--- a/meta/recipes-devtools/git/git_2.37.4.bb
+++ b/meta/recipes-devtools/git/git_2.37.4.bb
@@ -31,6 +31,8 @@ CVE_PRODUCT = "git-scm:git"
 # in mirrored git repos. Most OE users wouldn't build the docs and
 # we don't see this as a major issue for our general users/usecases.
 CVE_CHECK_IGNORE += "CVE-2022-24975"
+# This is specific to Git-for-Windows
+CVE_CHECK_IGNORE += "CVE-2022-41953"
 
 PACKAGECONFIG ??= "expat curl"
 PACKAGECONFIG[cvsserver] = ""