From: Ross Burton <ross.bur...@arm.com>
This CVE relates to a bug in the minizip tool, but we don't build that.
Signed-off-by: Ross Burton <ross.bur...@arm.com>
---
meta/recipes-core/zlib/zlib_1.3.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-core/zlib/zlib_1.3.bb
b/meta/recipes-core/zlib/zlib_1.3.bb
index c8fd855ee67..1ed18172faa 100644
--- a/meta/recipes-core/zlib/zlib_1.3.bb
+++ b/meta/recipes-core/zlib/zlib_1.3.bb
@@ -45,3 +45,5 @@ do_install_ptest() {
}
BBCLASSEXTEND = "native nativesdk"
+
+CVE_STATUS[CVE-2023-45853] = "not-applicable-config: we don't build minizip"
--
2.34.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#190156):
https://lists.openembedded.org/g/openembedded-core/message/190156
Mute This Topic: https://lists.openembedded.org/mt/102363592/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
