diff mbox series

[kirkstone,1/6] ghostscript: ignore CVE-2025-27837

Message ID fb5dc4a476bc4054493d6a7eb64a423e3665afb9.1746806788.git.steve@sakoman.com
State RFC
Delegated to: Steve Sakoman
Headers show
Series [kirkstone,1/6] ghostscript: ignore CVE-2025-27837 | expand

Commit Message

Steve Sakoman May 9, 2025, 4:16 p.m. UTC 
From: Peter Marko <peter.marko@siemens.com>

This CVE only impacts codepaths relevant for Windows builds.
Se [1] from Debian which marks it as not applicable.

[1] https://security-tracker.debian.org/tracker/CVE-2025-27837

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb b/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
index 3d4ac77cfa..fd0506f438 100644
--- a/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
+++ b/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
@@ -26,6 +26,8 @@  CVE_CHECK_IGNORE += "CVE-2013-6629"
 CVE_CHECK_IGNORE += "CVE-2023-38560 CVE-2024-46954"
 # Vulnerable code was introduced in 9.56.0, so 9.55.0 is not affected yet
 CVE_CHECK_IGNORE += "CVE-2025-27833"
+# Only impacts codepaths relevant for Windows builds
+CVE_CHECK_IGNORE += "CVE-2025-27837"
 
 def gs_verdir(v):
     return "".join(v.split("."))