From: Peter Marko <peter.ma...@siemens.com> This CVE shouldn't have been filed as the "exploit" is described in the documentation as how the library behaves.
Signed-off-by: Ross Burton <ross.bur...@arm.com> Signed-off-by: Alexandre Belloni <alexandre.bell...@bootlin.com> Signed-off-by: Richard Purdie <richard.pur...@linuxfoundation.org> (cherry picked from commit c652f094d86c4efb7ff99accba63b8169493ab18) Signed-off-by: Peter Marko <peter.ma...@siemens.com> Signed-off-by: Steve Sakoman <st...@sakoman.com> --- meta/recipes-devtools/python/python3_3.8.17.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-devtools/python/python3_3.8.17.bb b/meta/recipes-devtools/python/python3_3.8.17.bb index 8c00d65794..00c4ff497a 100644 --- a/meta/recipes-devtools/python/python3_3.8.17.bb +++ b/meta/recipes-devtools/python/python3_3.8.17.bb @@ -61,6 +61,8 @@ CVE_CHECK_WHITELIST += "CVE-2020-15523 CVE-2022-26488" # The mailcap module is insecure by design, so this can't be fixed in a meaningful way. # The module will be removed in the future and flaws documented. CVE_CHECK_WHITELIST += "CVE-2015-20107" +# Not an issue, in fact expected behaviour +CVE_CHECK_WHITELIST += "CVE-2023-36632" PYTHON_MAJMIN = "3.8" -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#185893): https://lists.openembedded.org/g/openembedded-core/message/185893 Mute This Topic: https://lists.openembedded.org/mt/100725527/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-