diff mbox series

qemu: set CVE-2024-6505 to fixed

Message ID 20241202233941.2808729-1-peter.marko@siemens.com
State New
Headers show
Series qemu: set CVE-2024-6505 to fixed | expand

Commit Message

Marko, Peter Dec. 2, 2024, 11:39 p.m. UTC 
From: Peter Marko <peter.marko@siemens.com>

NVD DB has this CVE as version-less (with "-").

Patch [3] is linked from [1] via [2].
[1] https://nvd.nist.gov/vuln/detail/CVE-2024-6505
[2] https://bugzilla.redhat.com/show_bug.cgi?id=2295760
[3] https://gitlab.com/qemu-project/qemu/-/commit/f1595ceb

$ git describe f1595ceb
v9.1.0-rc0-38-gf1595ceb9a
$ git tag --contains f1595ceb | grep -v -- -rc.$
v9.1.0
v9.1.1
v9.1.2

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/recipes-devtools/qemu/qemu.inc | 3 +++
 1 file changed, 3 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index 77b879fea9..d4693fe8b0 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -49,6 +49,9 @@  CVE_STATUS[CVE-2018-18438] = "disputed: The issues identified by this CVE were d
 # As per https://bugzilla.redhat.com/show_bug.cgi?id=2203387
 CVE_STATUS[CVE-2023-2680] = "not-applicable-platform: RHEL specific issue."
 
+# NVD DB has this CVE as version-less (with "-")
+CVE_STATUS[CVE-2024-6505] = "fixed-version: this CVE is fixed since 9.1.0"
+
 COMPATIBLE_HOST:mipsarchn32 = "null"
 COMPATIBLE_HOST:mipsarchn64 = "null"
 COMPATIBLE_HOST:riscv32 = "null"