mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-30 00:20:08 +00:00
Code Issues Projects Releases Wiki Activity

glib-2.0: ignore CVE-2025-4056

Browse Source 
NVD report [1] says:
A flaw was found in GLib. A denial of service on **Windows platforms**
may occur if an application attempts to spawn a program using long
command lines.

The fix [3] (linked from [2]) also changes only files
glib/gspawn-win32-helper.c
glib/gspawn-win32.c

[1] https://nvd.nist.gov/vuln/detail/CVE-2025-4056
[2] https://gitlab.gnome.org/GNOME/glib/-/issues/3668
[3] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4570

(From OE-Core rev: 5858567a9222d9fff6f0a282cf7c7bda4e19af57)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Peter Marko
2025-08-18 20:10:48 +02:00
committed by Steve Sakoman
parent 819f151bed
commit 9c4fe6dac5
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb
+2
View File
@@ -66,3 +66,5 @@ def find_meson_cross_files(d):
python () {
find_meson_cross_files(d)
}
CVE_STATUS[CVE-2025-4056] = "not-applicable-platform: Issue only applies on Windows"