Página Principal Explorar Ajuda
Iniciar Sessão
crispAudio
/
poky
mirror de git://git.yoctoproject.org/poky
5
0
Fork 0
Ficheiros Problemas 0 Wiki
Ver Fonte

libyaml: Ignore CVE-2024-35325

This is similar CVE as the previous ones from the same author.
https://github.com/yaml/libyaml/issues/303 explain why this is misuse
(or wrong use) of libyaml.

(From OE-Core rev: c97f00d122f60501751625e27b9c70166396d754)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko há 9 meses atrás
pai
e91fe496fe
commit
cd25fc78d8
1 ficheiros alterados com 1 adições e 0 exclusões
Visão Dividida Mostrar Estatísticas Diff
  1. 1 0
      meta/recipes-support/libyaml/libyaml_0.2.5.bb

+ 1 - 0
meta/recipes-support/libyaml/libyaml_0.2.5.bb
Ver Ficheiro 

@@ -18,6 +18,7 @@ inherit autotools
 
 DISABLE_STATIC:class-nativesdk = ""
 
 DISABLE_STATIC:class-native = ""
 
 
+CVE_STATUS[CVE-2024-35325] = "upstream-wontfix: Upstream thinks this is a misuse (or wrong use) of the libyaml API - https://github.com/yaml/libyaml/issues/303"
 
 CVE_STATUS[CVE-2024-35326] = "upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302"
 
 CVE_STATUS[CVE-2024-35328] = "upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302"