On Wed, Feb 19, 2025 at 12:33 AM Yoann Congal <[email protected]> wrote:
>
>
>
> Le mar. 18 févr. 2025 à 22:15, Steve Sakoman via lists.openembedded.org
> <[email protected]> a écrit :
>>
>> From: Peter Marko <[email protected]>
>>
>> Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-45720
>>
>> This CVE is relevant only for subversion running on Windows.
>>
>> Signed-off-by: Peter Marko <[email protected]>
>> Signed-off-by: Steve Sakoman <[email protected]>
>
>
> Hi Steve,
>
> Sorry to bother you with this but Sofiane Hamam gave its Reviewed-by here:
> https://lists.openembedded.org/g/openembedded-core/topic/111147177#msg211378
>
> He worked on fixing the CVE but Peter was faster so he gave its reviewed-by.
> It would be nice if that ended up in the repository.
OK, I'll make it so!
Steve
>> meta/recipes-devtools/subversion/subversion_1.14.3.bb | 2 ++
>> 1 file changed, 2 insertions(+)
>>
>> diff --git a/meta/recipes-devtools/subversion/subversion_1.14.3.bb
>> b/meta/recipes-devtools/subversion/subversion_1.14.3.bb
>> index 1ef3d498a5..679228cbb8 100644
>> --- a/meta/recipes-devtools/subversion/subversion_1.14.3.bb
>> +++ b/meta/recipes-devtools/subversion/subversion_1.14.3.bb
>> @@ -19,6 +19,8 @@ inherit autotools pkgconfig gettext python3native
>>
>> CVE_PRODUCT = "apache:subversion"
>>
>> +CVE_STATUS[CVE-2024-45720] = "not-applicable-platform: Issue only applies
>> on Windows"
>> +
>> PACKAGECONFIG ?= ""
>>
>> PACKAGECONFIG[boost] =
>> "--with-boost=${RECIPE_SYSROOT}${exec_prefix},--without-boost,boost"
>> --
>> 2.43.0
>>
>>
>>
>>
>
>
> --
> Yoann Congal
> Smile ECS - Tech expert
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#211709):
https://lists.openembedded.org/g/openembedded-core/message/211709
Mute This Topic: https://lists.openembedded.org/mt/111258880/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
