CaROS/poky
3
1
Fork 0
mirror of https://git.yoctoproject.org/git/poky synced 2026-01-04 16:10:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

libyaml: Ignore CVE-2024-35325

Browse Source 
This is similar CVE as the previous ones from the same author.
https://github.com/yaml/libyaml/issues/303 explain why this is misuse
(or wrong use) of libyaml.

(From OE-Core rev: a28240d49c111050e253e373507ac3094b74f6e1)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Peter Marko 2024-08-25 23:44:13 +02:00 committed by Steve Sakoman
parent 2b5ca6638e
commit da07e6ee34
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
meta/recipes-support/libyaml/libyaml_0.2.5.bb
View File

@ -20,5 +20,7 @@ DISABLE_STATIC:class-native = ""
# upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302
CVE_CHECK_IGNORE += "CVE-2024-35326 CVE-2024-35328"
# upstream-wontfix: Upstream thinks this is a misuse (or wrong use) of the libyaml API - https://github.com/yaml/libyaml/issues/303
CVE_CHECK_IGNORE += "CVE-2024-35325"
BBCLASSEXTEND = "native nativesdk"