diff mbox series

[meta-oe,kirkstone] st: Update status for CVE-2017-16224

Message ID 20251014134032.1053852-1-skandigraun@gmail.com
State New
Headers show
Series [meta-oe,kirkstone] st: Update status for CVE-2017-16224 | expand

Commit Message

Gyorgy Sarvari Oct. 14, 2025, 1:40 p.m. UTC 
From: Ninette Adhikari <ninette@thehoodiefirm.com>

The recipe used in the meta-openembedded is a different st package compared to the one which has the CVE issue.
Package used in meta-embedded: https://st.suckless.org/
Package with CVE issue: https://www.npmjs.com/package/st
No action required.

Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit eb9c7bb5645b6a3bcf7c40e1a83c8f4c3b020fa5)

Reworked for Kirkstone (CVE_STATUS -> CVE_CHECK_IGNORE)

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-oe/recipes-graphics/suckless/st_0.8.5.bb | 3 +++
 1 file changed, 3 insertions(+)
diff mbox series

Patch

diff --git a/meta-oe/recipes-graphics/suckless/st_0.8.5.bb b/meta-oe/recipes-graphics/suckless/st_0.8.5.bb
index e88c2c0f09..beb7ed6fd8 100644
--- a/meta-oe/recipes-graphics/suckless/st_0.8.5.bb
+++ b/meta-oe/recipes-graphics/suckless/st_0.8.5.bb
@@ -33,3 +33,6 @@  ALTERNATIVE:${PN} = "st st-256color"
 ALTERNATIVE_LINK_NAME[st] = "${datadir}/terminfo/s/st"
 
 ALTERNATIVE_LINK_NAME[st-256color] = "${datadir}/terminfo/s/st-256color"
+
+#cpe-incorrect: The recipe used in the meta-openembedded is a different st package compared to the one which has the CVE issue.
+CVE_CHECK_IGNORE += "CVE-2017-16224"