From: Peter Marko <peter.ma...@siemens.com> This CVE reports bug which was fixed in 3.43.2 by [1]. Code analysis shows that it is fixing caching issue and this cache was introduced by [2]. This landed only in 3.43.0 so 3.85.5 is not affected.
[1] https://sqlite.org/src/info/5b09212ac05615fc [2] https://sqlite.org/src/info/2dbb22c75e86f2e3 Signed-off-by: Peter Marko <peter.ma...@siemens.com> --- meta/recipes-support/sqlite/sqlite3_3.31.1.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-support/sqlite/sqlite3_3.31.1.bb b/meta/recipes-support/sqlite/sqlite3_3.31.1.bb index ef12ef0db2..b2d8f9f1dd 100644 --- a/meta/recipes-support/sqlite/sqlite3_3.31.1.bb +++ b/meta/recipes-support/sqlite/sqlite3_3.31.1.bb @@ -25,3 +25,5 @@ SRC_URI[sha256sum] = "62284efebc05a76f909c580ffa5c008a7d22a1287285d68b7825a2b6b5 CVE_CHECK_WHITELIST += "CVE-2019-19242" # This is believed to be iOS specific (https://groups.google.com/g/sqlite-dev/c/U7OjAbZO6LA) CVE_CHECK_WHITELIST += "CVE-2015-3717" +# This was introduced in 3.43.0, 3.31.1 is not yet affected +CVE_CHECK_WHITELIST += "CVE-2024-0232" -- 2.30.2
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#194444): https://lists.openembedded.org/g/openembedded-core/message/194444 Mute This Topic: https://lists.openembedded.org/mt/104014792/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
