[kirkstone] qemu: set ststus of CVE-2024-7730 to fixed

From: Peter Marko <peter.marko@siemens.com>

This was backported to v8.2.7 and also it is mentioned in commit
upgrading qemu in oe-core.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/recipes-devtools/qemu/qemu.inc | 2 ++
 1 file changed, 2 insertions(+)

On 8/24/25 15:05, Peter Marko via lists.openembedded.org wrote:
> From: Peter Marko <peter.marko@siemens.com>
>
> This was backported to v8.2.7 and also it is mentioned in commit
> upgrading qemu in oe-core.

Scarthgap has 8.2.7, but Kirkstone is on 6.2.0. Is it a typo in the
commit message, or in the target branch? (Or is the user error on my end?)

>
> Signed-off-by: Peter Marko <peter.marko@siemens.com>
> ---
>  meta/recipes-devtools/qemu/qemu.inc | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
> index 38ed637b93..220f0a161c 100644
> --- a/meta/recipes-devtools/qemu/qemu.inc
> +++ b/meta/recipes-devtools/qemu/qemu.inc
> @@ -84,6 +84,8 @@ CVE_STATUS[CVE-2024-6505] = "fixed-version: this CVE is fixed since 9.1.0"
>  
>  CVE_STATUS[CVE-2023-1386] = "disputed: not an issue as per https://bugzilla.redhat.com/show_bug.cgi?id=2223985"
>  
> +CVE_STATUS[CVE-2024-7730] = "fixed-version: this is fixed in v8.2.7"
> +
>  COMPATIBLE_HOST:mipsarchn32 = "null"
>  COMPATIBLE_HOST:mipsarchn64 = "null"
>  COMPATIBLE_HOST:riscv32 = "null"
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#222372): https://lists.openembedded.org/g/openembedded-core/message/222372
> Mute This Topic: https://lists.openembedded.org/mt/114864701/6084445
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [skandigraun@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>

> -----Original Message-----
> From: Gyorgy Sarvari <skandigraun@gmail.com>
> Sent: Sunday, August 24, 2025 15:14
> To: Marko, Peter (FT D EU SK BFS1) <Peter.Marko@siemens.com>;
> openembedded-core@lists.openembedded.org
> Subject: Re: [OE-core][kirkstone][PATCH] qemu: set ststus of CVE-2024-7730 to
> fixed
> 
> On 8/24/25 15:05, Peter Marko via lists.openembedded.org wrote:
> > From: Peter Marko <peter.marko@siemens.com>
> >
> > This was backported to v8.2.7 and also it is mentioned in commit
> > upgrading qemu in oe-core.
> 
> Scarthgap has 8.2.7, but Kirkstone is on 6.2.0. Is it a typo in the
> commit message, or in the target branch? (Or is the user error on my end?)

Thanks for spotting, this was for scarthgap, not kirkstone.
I'll resend

> 
> >
> > Signed-off-by: Peter Marko <peter.marko@siemens.com>
> > ---
> >  meta/recipes-devtools/qemu/qemu.inc | 2 ++
> >  1 file changed, 2 insertions(+)
> >
> > diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-
> devtools/qemu/qemu.inc
> > index 38ed637b93..220f0a161c 100644
> > --- a/meta/recipes-devtools/qemu/qemu.inc
> > +++ b/meta/recipes-devtools/qemu/qemu.inc
> > @@ -84,6 +84,8 @@ CVE_STATUS[CVE-2024-6505] = "fixed-version: this
> CVE is fixed since 9.1.0"
> >
> >  CVE_STATUS[CVE-2023-1386] = "disputed: not an issue as per
> https://bugzilla.redhat.com/show_bug.cgi?id=2223985"
> >
> > +CVE_STATUS[CVE-2024-7730] = "fixed-version: this is fixed in v8.2.7"
> > +
> >  COMPATIBLE_HOST:mipsarchn32 = "null"
> >  COMPATIBLE_HOST:mipsarchn64 = "null"
> >  COMPATIBLE_HOST:riscv32 = "null"
> >
> > -=-=-=-=-=-=-=-=-=-=-=-
> > Links: You receive all messages sent to this group.
> > View/Reply Online (#222372): https://lists.openembedded.org/g/openembedded-
> core/message/222372
> > Mute This Topic: https://lists.openembedded.org/mt/114864701/6084445
> > Group Owner: openembedded-core+owner@lists.openembedded.org
> > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
> [skandigraun@gmail.com]
> > -=-=-=-=-=-=-=-=-=-=-=-
> >