glib-2.0: ignore CVE-2025-4056

NVD report [1] says: A flaw was found in GLib. A denial of service on **Windows platforms** may occur if an application attempts to spawn a program using long command lines. The fix [3] (linked from [2]) also changes only files glib/gspawn-win32-helper.c glib/gspawn-win32.c [1] https://nvd.nist.gov/vuln/detail/CVE-2025-4056 [2] https://gitlab.gnome.org/GNOME/glib/-/issues/3668 [3] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4570 (From OE-Core rev: 8c69793deb78cf9718801825477938c22e229eca) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2026-01-29 21:08:42 +01:00 · 2025-08-18 20:10:37 +02:00
parent 6a6d768268
commit bedb86690f
1 changed files with 3 additions and 0 deletions
--- a/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb
+++ b/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb
@@ -97,3 +97,6 @@ def find_meson_cross_files(d):
 python () {
    find_meson_cross_files(d)
 }
+
+# not-applicable-platform: Issue only applies on Windows
+CVE_CHECK_IGNORE += "CVE-2025-4056"