Re: [OE-core] [PATCH] libyaml: Amend CVE status as 'upstream-wontfix'

Niko Mauno Sat, 03 Aug 2024 03:56:12 -0700

On 8/2/24 17:25, Guðni Már Gilbert wrote:

I wonder if it would be good to backport this to Scarthgap. I'm gettingthe following warning for unpatched CVE on latest scarthgap:WARNING: libyaml-0.2.5-r0 do_cve_check: Found unpatched CVE(CVE-2024-35328), for more information check/home/builder/yocto/build/tmp/work/cortexa9t2hf-neon-tdx-linux-gnueabi/libyaml/0.2.5/temp/cve.log
Would this patch silence it?

Thanks, I've submittedhttps://lists.openembedded.org/g/openembedded-core/message/202933 whichshould fix the issue if it gets incorporated.

-Niko

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#202934): 
https://lists.openembedded.org/g/openembedded-core/message/202934
Mute This Topic: https://lists.openembedded.org/mt/107662504/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] libyaml: Amend CVE status as 'upstream-wontfix'

Reply via email to