mirror of
https://git.yoctoproject.org/poky
synced 2026-01-29 21:08:42 +01:00
8632de2d7a
CVE is effectively disputed - yes there is stack exhaustion but no bug and it is building the parser, not running it, effectively similar to a compiler ICE. Upstream no plans to address and there is no security issue. https://github.com/westes/flex/issues/414 (From OE-Core rev: 0cae5d7a24bedf6784781b62cbb3795a44bab4d1) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>