Message ID | 20240626142109.61310-2-ninette@thehoodiefirm.com |
---|---|
State | Accepted |
Headers | show |
Series | mercurial: Update CVE status for CVE-2022-43410 | expand |
diff --git a/meta-oe/recipes-devtools/mercurial/mercurial_6.6.3.bb b/meta-oe/recipes-devtools/mercurial/mercurial_6.6.3.bb index 89e6744dc..395a33079 100644 --- a/meta-oe/recipes-devtools/mercurial/mercurial_6.6.3.bb +++ b/meta-oe/recipes-devtools/mercurial/mercurial_6.6.3.bb @@ -34,3 +34,4 @@ PACKAGES =+ "${PN}-python" FILES:${PN} += "${PYTHON_SITEPACKAGES_DIR} ${datadir}" FILES:${PN}-python = "${nonarch_libdir}/${PYTHON_DIR}" +CVE_STATUS[CVE-2022-43410] = "cpe-incorrect: The recipe used in the `meta-openembedded` is a different mercurial package compared to the one which has the CVE issue."
The recipe used in the `meta-openembedded` is a different mercurial package compared to the one which has the CVE issue. Package used in `meta-embedded`: https://www.mercurial-scm.org/ Package with CVE issue is a Jenkins plugin: https://plugins.jenkins.io/mercurial/ (This is reflected in the CPE) Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com> --- meta-oe/recipes-devtools/mercurial/mercurial_6.6.3.bb | 1 + 1 file changed, 1 insertion(+)