From: Ross Burton <ross.bur...@arm.com> This CVE relates to a bug in the minizip tool, but we don't build that.
Signed-off-by: Ross Burton <ross.bur...@arm.com> --- meta/recipes-core/zlib/zlib_1.3.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-core/zlib/zlib_1.3.bb b/meta/recipes-core/zlib/zlib_1.3.bb index c8fd855ee67..1ed18172faa 100644 --- a/meta/recipes-core/zlib/zlib_1.3.bb +++ b/meta/recipes-core/zlib/zlib_1.3.bb @@ -45,3 +45,5 @@ do_install_ptest() { } BBCLASSEXTEND = "native nativesdk" + +CVE_STATUS[CVE-2023-45853] = "not-applicable-config: we don't build minizip" -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#190156): https://lists.openembedded.org/g/openembedded-core/message/190156 Mute This Topic: https://lists.openembedded.org/mt/102363592/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-