mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-06-02 13:29:49 +00:00
Code Issues Projects Releases Wiki Activity

libyaml: ignore CVE-2024-35326

Browse Source 
This is the same problem as already ignored CVE-2024-35328.
See laso this comment in addition:
https://github.com/yaml/libyaml/issues/298#issuecomment-2167684233

(From OE-Core rev: 2b6391599a621e59d48da213f18bbef9b44bec58)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Peter Marko
2024-08-07 23:46:46 +02:00
committed by Steve Sakoman
parent 0b37512fb4
commit b84f6ed421
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/recipes-support/libyaml/libyaml_0.2.5.bb
+1
View File
@@ -18,6 +18,7 @@ inherit autotools
DISABLE_STATIC:class-nativesdk = "" DISABLE_STATIC:class-nativesdk = ""
DISABLE_STATIC:class-native = "" DISABLE_STATIC:class-native = ""
CVE_STATUS[CVE-2024-35326] = "upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302"
CVE_STATUS[CVE-2024-35328] = "upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302" CVE_STATUS[CVE-2024-35328] = "upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302"
BBCLASSEXTEND = "native nativesdk" BBCLASSEXTEND = "native nativesdk"