mirror of
https://git.yoctoproject.org/poky
synced 2026-02-07 09:16:36 +01:00
6aa55dd279
CVE is effectively disputed - yes there is stack exhaustion but no bug and it is building the parser, not running it, effectively similar to a compiler ICE. Upstream no plans to address and there is no security issue. https://github.com/westes/flex/issues/414 (From OE-Core rev: b939b005b06be58a276d565f755ee2d8f3e5dfc1) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0cae5d7a24bedf6784781b62cbb3795a44bab4d1) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>