| Message ID | 20260227154032.499047-1-skandigraun@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | [meta-multimedia,kirkstone,1/4] streamripper: ignore CVE-2020-37065 | expand |
diff --git a/meta-multimedia/recipes-multimedia/streamripper/streamripper_1.64.6.bb b/meta-multimedia/recipes-multimedia/streamripper/streamripper_1.64.6.bb index 6014326826..beea0c5795 100644 --- a/meta-multimedia/recipes-multimedia/streamripper/streamripper_1.64.6.bb +++ b/meta-multimedia/recipes-multimedia/streamripper/streamripper_1.64.6.bb @@ -30,3 +30,6 @@ EXTRA_OECONF += "\ # the included argv library needs this CPPFLAGS:append = " -DANSI_PROTOTYPES" + +# cpe-incorrect: the vulnerability is about a Windows frontend, not the CLI +CVE_CHECK_IGNORE = "CVE-2020-37065"
Details: https://nvd.nist.gov/vuln/detail/CVE-2020-37065 The vulnerability is about a 3rd party Windows-only GUI frontend for the streamripper library, and not for the CLI application that the recipe builds. Due to this ignore this CVE. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> --- .../recipes-multimedia/streamripper/streamripper_1.64.6.bb | 3 +++ 1 file changed, 3 insertions(+)