mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-08 05:09:24 +00:00
Code Issues Projects Releases Wiki Activity

libarchive: ignore CVE-2024-37407

Browse Source 
History of code changes:
* introduced: https://github.com/ilibarchive/libarchive/commit/390d83012fdba8c8db7fc9915338805882b0597a (v3.7.2-52-g390d8301)
* reverted: 6https://github.com/libarchive/libarchive/commit/2c8caf6611a7d0662d80176c4fdb40f85794699 (v3.7.2-53-g62c8caf6)
* re-introduced: 9https://github.com/libarchive/libarchive/commit/1f27004a5c88589658e38d68e46d223da6b75ca (v3.7.3-14-g91f27004)
* fixed: bhttps://github.com/libarchive/libarchive/commit/6a979481b7d77c12fa17bbed94576b63bbcb0c0 (v3.7.3-24-gb6a97948)

Since there is no release where this CVE was present, we can safely
ignore it.

(From OE-Core rev: 2b407f34df5a768c271fc7049e7272d1a79c04a0)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Peter Marko
2024-07-18 18:42:19 +02:00
committed by Steve Sakoman
parent 3242d8234d
commit 67e1f5404c
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/recipes-extended/libarchive/libarchive_3.6.2.bb
+2
View File
@@ -38,6 +38,8 @@ SRC_URI[sha256sum] = "ba6d02f15ba04aba9c23fd5f236bb234eab9d5209e95d1c4df85c44d5f
# upstream-wontfix: upstream has documented that reported function is not thread-safe
CVE_CHECK_IGNORE += "CVE-2023-30571"
# cpe-incorrect: this vulnerability was not in any release; introduced in v3.7.3-14-g91f27004; fixed in b6a97948
CVE_CHECK_IGNORE += "CVE-2024-37407"
inherit autotools update-alternatives pkgconfig