From: Peter Marko <[email protected]> NVD DB has this CVE as version-less (with "-").
Patch [3] is linked from [1] via [2]. [1] https://nvd.nist.gov/vuln/detail/CVE-2024-6505 [2] https://bugzilla.redhat.com/show_bug.cgi?id=2295760 [3] https://gitlab.com/qemu-project/qemu/-/commit/f1595ceb $ git describe f1595ceb v9.1.0-rc0-38-gf1595ceb9a $ git tag --contains f1595ceb | grep -v -- -rc.$ v9.1.0 v9.1.1 v9.1.2 Signed-off-by: Peter Marko <[email protected]> --- meta/recipes-devtools/qemu/qemu.inc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index 77b879fea9..d4693fe8b0 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -49,6 +49,9 @@ CVE_STATUS[CVE-2018-18438] = "disputed: The issues identified by this CVE were d # As per https://bugzilla.redhat.com/show_bug.cgi?id=2203387 CVE_STATUS[CVE-2023-2680] = "not-applicable-platform: RHEL specific issue." +# NVD DB has this CVE as version-less (with "-") +CVE_STATUS[CVE-2024-6505] = "fixed-version: this CVE is fixed since 9.1.0" + COMPATIBLE_HOST:mipsarchn32 = "null" COMPATIBLE_HOST:mipsarchn64 = "null" COMPATIBLE_HOST:riscv32 = "null" -- 2.30.2
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#208165): https://lists.openembedded.org/g/openembedded-core/message/208165 Mute This Topic: https://lists.openembedded.org/mt/109891422/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
