From a32f285501b459cfe18e3135a3c531b63f58034c Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@arm.com>
Date: Mon, 23 Oct 2023 18:38:20 +0100
Subject: [PATCH] zlib: ignore CVE-2023-45853

This CVE relates to a bug in the minizip tool, but we don't build that.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-core/zlib/zlib_1.3.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-core/zlib/zlib_1.3.bb b/meta/recipes-core/zlib/zlib_1.3.bb
index c8fd855ee67..1ed18172faa 100644
--- a/meta/recipes-core/zlib/zlib_1.3.bb
+++ b/meta/recipes-core/zlib/zlib_1.3.bb
@@ -45,3 +45,5 @@ do_install_ptest() {
 }
 
 BBCLASSEXTEND = "native nativesdk"
+
+CVE_STATUS[CVE-2023-45853] = "not-applicable-config: we don't build minizip"
-- 
2.47.3