mirror of
https://git.yoctoproject.org/poky
synced 2026-04-27 21:32:13 +02:00
d8ff3c3fb3
This cve (https://nvd.nist.gov/vuln/detail/CVE-2022-46176) is a security vulnirability when using cargo ssh. Kirkstone doesn't support rust on-target images and the bitbake using the 'wget' (which uses 'https') for fetching the sources instead of ssh. So, cargo-native also not vulnerable to this cve and so added to excluded list. (From OE-Core rev: 7e4037fd0a66a860b4809be72a89e2de97960a17) Signed-off-by: Sundeep KOKKONDA <sundeep.kokkonda@windriver.com> Acked-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>