mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-04 23:02:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

libyaml: ignore CVE-2024-35326

Browse Source 
This is the same problem as already ignored CVE-2024-35328.
See laso this comment in addition:
https://github.com/yaml/libyaml/issues/298#issuecomment-2167684233

(From OE-Core rev: 0632d739fd6bae33f9e58681e117b906a947a307)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Peter Marko
2024-08-07 23:45:16 +02:00
committed by Richard Purdie
parent 478f44650a
commit 06fa93620e
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
meta/recipes-support/libyaml/libyaml_0.2.5.bb
View File

@@ -18,6 +18,7 @@ inherit autotools
DISABLE_STATIC:class-nativesdk = ""
DISABLE_STATIC:class-native = ""
CVE_STATUS[CVE-2024-35326] = "upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302"
CVE_STATUS[CVE-2024-35328] = "upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302"
BBCLASSEXTEND = "native nativesdk"