From 1ab33843ef7bc19b6648cf8757b23f4cf434cca1 Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@arm.com>
Date: Fri, 3 Nov 2023 13:28:07 +0000
Subject: [PATCH] zlib: ignore CVE-2023-45853

This CVE relates to a bug in the minizip tool, but we don't build that.

(From OE-Core rev: 5b06913e5883c35390c87f6660a0578c73ff4ddd)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-core/zlib/zlib_1.3.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-core/zlib/zlib_1.3.bb b/meta/recipes-core/zlib/zlib_1.3.bb
index c8fd855ee6..1ed18172fa 100644
--- a/meta/recipes-core/zlib/zlib_1.3.bb
+++ b/meta/recipes-core/zlib/zlib_1.3.bb
@@ -45,3 +45,5 @@ do_install_ptest() {
 }
 
 BBCLASSEXTEND = "native nativesdk"
+
+CVE_STATUS[CVE-2023-45853] = "not-applicable-config: we don't build minizip"