]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commitdiff
projects / thirdparty / openembedded / openembedded-core-contrib.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b93dd88)
zlib: ignore CVE-2023-45853
authorRoss Burton <ross.burton@arm.com>
Mon, 23 Oct 2023 17:38:20 +0000 (18:38 +0100)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 26 Oct 2023 14:28:23 +0000 (15:28 +0100)
This CVE relates to a bug in the minizip tool, but we don't build that.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-core/zlib/zlib_1.3.bb patch | blob | blame | history

diff --git a/meta/recipes-core/zlib/zlib_1.3.bb b/meta/recipes-core/zlib/zlib_1.3.bb
index c8fd855ee67c55543142936f07a71c5f02ae347b..1ed18172faa5ddcf4fe198d94690235863f17f6a 100644 (file)
--- a/meta/recipes-core/zlib/zlib_1.3.bb
+++ b/meta/recipes-core/zlib/zlib_1.3.bb
@@ -45,3 +45,5 @@ do_install_ptest() {
 }
 
 BBCLASSEXTEND = "native nativesdk"
+
+CVE_STATUS[CVE-2023-45853] = "not-applicable-config: we don't build minizip"
Mirror of git://git.openembedded.org/openembedded-core-contrib