mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-16 16:27:27 +00:00
python3-grpcio-tools: set status for CVE-2026-33186
The vulnerability only affects the Go implementation of the library, not the Python one. Ignore this CVE due to this. Reference: https://nvd.nist.gov/vuln/detail/CVE-2026-33186 https://github.com/advisories/GHSA-p77j-4mvh-x3m3 Signed-off-by: Sudhir Dumbhare <sudumbha@cisco.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
This commit is contained in:
committed by
Anuj Mittal
parent
a742dae3f2
commit
483bf9ea00
@@ -23,3 +23,5 @@ do_compile:prepend() {
|
|||||||
BBCLASSEXTEND = "native nativesdk"
|
BBCLASSEXTEND = "native nativesdk"
|
||||||
|
|
||||||
CVE_PRODUCT += "grpc:grpc"
|
CVE_PRODUCT += "grpc:grpc"
|
||||||
|
|
||||||
|
CVE_STATUS[CVE-2026-33186] = "cpe-incorrect: this CVE is for golang version of grpc"
|
||||||
|
|||||||
Reference in New Issue
Block a user