mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-01-29 21:08:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

cpio: mark CVE-2023-7216 as disputed

Browse Source 
Upstream consider the behaviour described in this CVE as intentional,
and provide an option to stop it.

(From OE-Core rev: 0f2cd2bbaddba3b8c80d71db274bbcd941d0e60e)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6c99147037ba8ca424ee42520183bd2bd55c7056)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Ross Burton
2024-05-13 15:21:30 +00:00
committed by Steve Sakoman
parent a725df1839
commit 3c430b70b7
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
meta/recipes-extended/cpio/cpio_2.15.bb
View File

@@ -16,6 +16,7 @@ SRC_URI[sha256sum] = "efa50ef983137eefc0a02fdb51509d624b5e3295c980aa127ceee41834
inherit autotools gettext texinfo ptest
CVE_STATUS[CVE-2010-4226] = "not-applicable-platform: Issue applies to use of cpio in SUSE/OBS"
CVE_STATUS[CVE-2023-7216] = "disputed: intended behaviour, see https://lists.gnu.org/archive/html/bug-cpio/2024-03/msg00000.html"
EXTRA_OECONF += "DEFAULT_RMT_DIR=${sbindir}"