This is not correct. The patch CVE-2024-3596_00 does not fix any part of that CVE. As the commit message says, it's a style commit so that real CVE patches apply cleanly. If it bothers you that it has CVE in filename but no CVE, maybe rename it instead adding incorrect tag?
Peter > -----Original Message----- > From: [email protected] <openembedded- > [email protected]> On Behalf Of Robert Yang via > lists.openembedded.org > Sent: Monday, January 20, 2025 7:01 > To: [email protected] > Subject: [OE-core] [scarthgap][PATCH 1/1] wpa-supplicant: Add CVE id to CVE- > 2024-3596_00.patch > > From: Robert Yang <[email protected]> > > Signed-off-by: Robert Yang <[email protected]> > --- > .../wpa-supplicant/wpa-supplicant/CVE-2024-3596_00.patch | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2024- > 3596_00.patch b/meta/recipes-connectivity/wpa-supplicant/wpa- > supplicant/CVE-2024-3596_00.patch > index 7a8197d2b4..58e1327f2b 100644 > --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2024- > 3596_00.patch > +++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2024- > 3596_00.patch > @@ -6,6 +6,7 @@ Subject: [PATCH 1/9] ieee802_11_auth: Coding style cleanup - > no string > > Signed-off-by: Jouni Malinen <[email protected]> > > +CVE: CVE-2024-3596 > Upstream-Status: Backport > [https://w1.fi/cgit/hostap/commit/?id=945acf3ef06a6c312927da4fa055693dbac > 432d1] > Signed-off-by: Peter Marko <[email protected]> > --- > -- > 2.44.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#210105): https://lists.openembedded.org/g/openembedded-core/message/210105 Mute This Topic: https://lists.openembedded.org/mt/110710911/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
