glibc: add ignore for CVE-2023-25139

This CVE has been fixed in the 2.37 release branch (07b9521fc6) and we're now using a SHA that incorporates that commit, so manually mark it as ignored. (From OE-Core rev: b143e355ef362dac89f8b125904d2e47c74e597e) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-01-29 21:08:42 +01:00 · 2023-02-27 16:21:28 +00:00
parent 6bdd652fb6
commit fcb643cd99
1 changed files with 3 additions and 0 deletions
--- a/meta/recipes-core/glibc/glibc_2.37.bb
+++ b/meta/recipes-core/glibc/glibc_2.37.bb
@@ -19,6 +19,9 @@ CVE_CHECK_IGNORE += "CVE-2019-1010025"
 # This has been integrated into the 2.36 branch as of c399271 so is now fixed
 CVE_CHECK_IGNORE += "CVE-2022-39046"

+# This is integrated into the 2.37 branch as of 07b9521fc6
+CVE_CHECK_IGNORE += "CVE-2023-25139"
+
 DEPENDS += "gperf-native bison-native"

 NATIVESDKFIXES ?= ""