From af76dc34374926a3bd2872854224124fe2686c61 Mon Sep 17 00:00:00 2001 From: Sudhir Dumbhare Date: Mon, 1 Jun 2026 10:44:25 -0700 Subject: [PATCH] rust,libstd-rs: set status for CVE-2024-3566 The vulnerability is Windows-specific and depends on command-line handling through CreateProcess, which does not apply to Linux/Yocto builds. Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-3566 (From OE-Core rev: 8c56e85dd02063da5630c9b73fb242686a970e20) Signed-off-by: Sudhir Dumbhare Signed-off-by: Yoann Congal Signed-off-by: Paul Barker --- meta/recipes-devtools/rust/rust-source.inc | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-devtools/rust/rust-source.inc b/meta/recipes-devtools/rust/rust-source.inc index 5b433ceae7..318c7f0e29 100644 --- a/meta/recipes-devtools/rust/rust-source.inc +++ b/meta/recipes-devtools/rust/rust-source.inc @@ -23,3 +23,4 @@ UPSTREAM_CHECK_REGEX = "rustc-(?P\d+(\.\d+)+)-src" CVE_STATUS[CVE-2024-24576] = "not-applicable-platform: Issue only applies on Windows" CVE_STATUS[CVE-2024-43402] = "not-applicable-platform: Issue only applies on Windows" +CVE_STATUS[CVE-2024-3566] = "not-applicable-platform: Issue only applies on Windows"