rust-cross-canadian: Set CVE_STATUS ignore for CVE-2024-43402

This CVE was created because fix for CVE-2024-24576 was incomplete. Ignore the new CVE in the same way as the old one. See https://nvd.nist.gov/vuln/detail/CVE-2024-43402 As per NVD, this CVE only affects to Windows platform Reference: https://git.yoctoproject.org/meta-lts-mixins/commit/?h=scarthgap/rust&id=13f045acf6388d1e320fd4c0f3ca19ca7a75ef44 (From OE-Core rev: ef2ba1f04f6f21530dc4efe5c4f61cbb0c76c032) Signed-off-by: Virendra Thakur <virendra.thakur@kpit.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2026-01-29 21:08:42 +01:00 · 2025-04-01 13:57:45 +05:30
parent 24d8cf6f9f
commit dc767c786b
1 changed files with 4 additions and 0 deletions
--- a/meta/recipes-devtools/rust/rust-cross-canadian.inc
+++ b/meta/recipes-devtools/rust/rust-cross-canadian.inc
@@ -15,6 +15,10 @@ SRC_URI += "file://target-rust-ccld.c"
 LIC_FILES_CHKSUM = "file://target-rust-ccld.c;md5=af4e0e29f81a34cffe05aa07c89e93e9;endline=7"
 S = "${WORKDIR}"

+# As per NVD, this CVE only affects to Windows platform
+# Link: https://nvd.nist.gov/vuln/detail/CVE-2024-43402
+CVE_STATUS[CVE-2024-43402] = "not-applicable-platform: Issue only applies on Windows"
+
 # Need to use our SDK's sh here, see #14878
 create_sdk_wrapper () {
        file="$1"