mirror of
https://git.yoctoproject.org/poky
synced 2026-06-12 13:53:48 +02:00
4e2dac74d5
The perl module Compress-Raw-Zlib defaults to using a vendored copy of the zlib sources which has a number of CVEs. A newer version of perl updates this to zlib 1.3.2 to resolve them, but we should be linking to our zlib recipe instead of the vendored code. This mitigates CVE-2026-4176 so mark it as not appropriate. (From OE-Core rev: 6e83e5520f415fc6ca9029a8aaa0af31cd832a90) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit bf515229043685d4f00c965eb3e0236c37b6b403) Signed-off-by: Sudhir Dumbhare <sudumbha@cisco.com> Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Paul Barker <paul@pbarker.dev>