| Message ID | 20260223195128.1075389-1-skandigraun@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | [meta-multimedia] streamripper: ignore CVE-2020-37065 | expand |
diff --git a/meta-multimedia/recipes-multimedia/streamripper/streamripper_1.64.6.bb b/meta-multimedia/recipes-multimedia/streamripper/streamripper_1.64.6.bb index 6014326826..1600d9d3ef 100644 --- a/meta-multimedia/recipes-multimedia/streamripper/streamripper_1.64.6.bb +++ b/meta-multimedia/recipes-multimedia/streamripper/streamripper_1.64.6.bb @@ -30,3 +30,5 @@ EXTRA_OECONF += "\ # the included argv library needs this CPPFLAGS:append = " -DANSI_PROTOTYPES" + +CVE_STATUS[CVE-2020-37065] = "cpe-incorrect: the vulnerability is about a Windows frontend, not the CLI"
Details: https://nvd.nist.gov/vuln/detail/CVE-2020-37065 The vulnerability is about a 3rd party Windows-only GUI frontend for the streamripper library, and not for the CLI application that the recipe builds. Due to this ignore this CVE. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> --- .../recipes-multimedia/streamripper/streamripper_1.64.6.bb | 2 ++ 1 file changed, 2 insertions(+)