[mickledore,02/13] qemu: Whitelist CVE-2023-0664

Message ID	5474b4d8c5df31abb69e1a5be01cd089405d1cce.1684291329.git.steve@sakoman.com
State	New
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.215.172, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 02/13] qemu: Whitelist CVE-2023-0664 Date: Tue, 16 May 2023 16:44:25 -1000 Message-Id: <5474b4d8c5df31abb69e1a5be01cd089405d1cce.1684291329.git.steve@sakoman.com> In-Reply-To: <cover.1684291329.git.steve@sakoman.com> References: <cover.1684291329.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[mickledore,01/13] ghostscript: fix CVE-2023-28879 \| expand [mickledore,01/13] ghostscript: fix CVE-2023-28879 [mickledore,02/13] qemu: Whitelist CVE-2023-0664 [mickledore,03/13] gtk4: update 4.10.0 -> 4.10.3 [mickledore,04/13] recipes: Default to https git protocol where possible [mickledore,05/13] unfs3: fix symlink time setting issue [mickledore,06/13] quilt: Fix merge.test race condition [mickledore,07/13] python3targetconfig.bbclass: Extend PYTHONPATH instead of overwriting [mickledore,08/13] package_manager/ipk: fix config path generation in _create_custom_config() [mickledore,09/13] selftest/distrodata: clean up exception lists in recipe maintainers test [mickledore,10/13] dhcpcd: use git instead of tarballs [mickledore,11/13] perl: patch out build paths from native binaries [mickledore,12/13] license.bbclass: Include LICENSE in the output when it fails to parse [mickledore,13/13] weston: add xwayland to DEPENDS for PACKAGECONFIG xwayland

Message ID

5474b4d8c5df31abb69e1a5be01cd089405d1cce.1684291329.git.steve@sakoman.com

State

New

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][mickledore 02/13] qemu: Whitelist CVE-2023-0664
Date: Tue, 16 May 2023 16:44:25 -1000
Message-Id: 
 <5474b4d8c5df31abb69e1a5be01cd089405d1cce.1684291329.git.steve@sakoman.com>
In-Reply-To: <cover.1684291329.git.steve@sakoman.com>
References: <cover.1684291329.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[mickledore,01/13] ghostscript: fix CVE-2023-28879 | expand

Commit Message

Steve Sakoman May 17, 2023, 2:44 a.m. UTC

From: Virendra Thakur <virendrak@kpit.com>

This CVE is related to Windows.

Link: https://nvd.nist.gov/vuln/detail/CVE-2023-0664

Signed-off-by: Virendra Thakur <virendrak@kpit.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d5ce88c15183c2bf887543c8c31e9c31aaa56a1a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/qemu/qemu.inc | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index 29bc34d743..4c9be91cb0 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -55,6 +55,11 @@  CVE_CHECK_IGNORE += "CVE-2007-0998"
 # https://bugzilla.redhat.com/show_bug.cgi?id=1609015#c11
 CVE_CHECK_IGNORE += "CVE-2018-18438"
 
+# As per https://nvd.nist.gov/vuln/detail/CVE-2023-0664
+# https://bugzilla.redhat.com/show_bug.cgi?id=2167423
+# this bug related to windows specific.
+CVE_CHECK_IGNORE += "CVE-2023-0664"
+
 COMPATIBLE_HOST:mipsarchn32 = "null"
 COMPATIBLE_HOST:mipsarchn64 = "null"
 COMPATIBLE_HOST:riscv32 = "null"

[mickledore,02/13] qemu: Whitelist CVE-2023-0664

Commit Message

Patch