Message ID | 20220528101657.508831-1-richard.purdie@linuxfoundation.org |
---|---|
State | Accepted, archived |
Commit | c6315d8a2a1429a0fb7563b1d6352ceee7bc222c |
Headers | show |
Series | libxslt: Mark CVE-2022-29824 as not applying | expand |
diff --git a/meta/recipes-support/libxslt/libxslt_1.1.35.bb b/meta/recipes-support/libxslt/libxslt_1.1.35.bb index 51cfb2e2811..2fd777766cc 100644 --- a/meta/recipes-support/libxslt/libxslt_1.1.35.bb +++ b/meta/recipes-support/libxslt/libxslt_1.1.35.bb @@ -19,6 +19,10 @@ SRC_URI[sha256sum] = "8247f33e9a872c6ac859aa45018bc4c4d00b97e2feac9eebc10c93ce1f UPSTREAM_CHECK_REGEX = "libxslt-(?P<pver>\d+(\.\d+)+)\.tar" +# We have libxml2 2.9.14 and we don't link statically with it anyway +# so this isn't an issue. +CVE_CHECK_IGNORE += "CVE-2022-29824" + S = "${WORKDIR}/libxslt-${PV}" BINCONFIG = "${bindir}/xslt-config"
We have libxml2 2.9.14 and we don't link statically against libxml2 anyway so the CVE doesn't apply to libxslt. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> --- meta/recipes-support/libxslt/libxslt_1.1.35.bb | 4 ++++ 1 file changed, 4 insertions(+)