From: Ross Burton <ross.bur...@arm.com> Upstream consider the behaviour described in this CVE as intentional, and provide an option to stop it.
Signed-off-by: Ross Burton <ross.bur...@arm.com> Signed-off-by: Richard Purdie <richard.pur...@linuxfoundation.org> (cherry picked from commit 6c99147037ba8ca424ee42520183bd2bd55c7056) Signed-off-by: Steve Sakoman <st...@sakoman.com> --- meta/recipes-extended/cpio/cpio_2.15.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-extended/cpio/cpio_2.15.bb b/meta/recipes-extended/cpio/cpio_2.15.bb index 52070f59a2..95f82cdf3a 100644 --- a/meta/recipes-extended/cpio/cpio_2.15.bb +++ b/meta/recipes-extended/cpio/cpio_2.15.bb @@ -16,6 +16,7 @@ SRC_URI[sha256sum] = "efa50ef983137eefc0a02fdb51509d624b5e3295c980aa127ceee41834 inherit autotools gettext texinfo ptest CVE_STATUS[CVE-2010-4226] = "not-applicable-platform: Issue applies to use of cpio in SUSE/OBS" +CVE_STATUS[CVE-2023-7216] = "disputed: intended behaviour, see https://lists.gnu.org/archive/html/bug-cpio/2024-03/msg00000.html"; EXTRA_OECONF += "DEFAULT_RMT_DIR=${sbindir}" -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#201860): https://lists.openembedded.org/g/openembedded-core/message/201860 Mute This Topic: https://lists.openembedded.org/mt/107213084/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
