mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-30 12:29:55 +00:00
Code Issues Projects Releases Wiki Activity

coreutils: set CVE_PRODUCT

Browse Source 
This removes rust uutils coreutils CVEs from reports.
Comparing sbom-cve-check shows that only
CVE-2026-35338..CVE-2026-35381 are removed and all of them contained
reference to uutils.

(From OE-Core rev: 348391ccf91ac474252f75a5679fc42505faa54d)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

(From OE-Core rev: 5c39687f62e5864ea783cbed497c2eb5387dcf96)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
This commit is contained in:
Peter Marko
2026-05-05 22:52:01 +02:00
committed by Paul Barker
parent 9ed096d15f
commit b51cc59362
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/recipes-core/coreutils/coreutils_9.4.bb
+2
View File
@@ -23,6 +23,8 @@ SRC_URI = "${GNU_MIRROR}/coreutils/${BP}.tar.xz \
"
SRC_URI[sha256sum] = "ea613a4cf44612326e917201bbbcdfbd301de21ffc3b59b6e5c07e040b275e52"
CVE_PRODUCT = "gnu:coreutils"
# http://git.savannah.gnu.org/cgit/coreutils.git/commit/?id=v8.27-101-gf5d7c0842
#
CVE_STATUS[CVE-2016-2781] = "disputed: runcon is not really a sandbox command, use `runcon ... setsid ...` to avoid this particular issue."