From: Sudhir Dumbhare <[email protected]> The vulnerability is Windows-specific and depends on command-line handling through CreateProcess, which does not apply to Linux/Yocto builds.
Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-3566 Signed-off-by: Sudhir Dumbhare <[email protected]> --- meta/recipes-devtools/rust/rust-source.inc | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-devtools/rust/rust-source.inc b/meta/recipes-devtools/rust/rust-source.inc index 5b433ceae7..318c7f0e29 100644 --- a/meta/recipes-devtools/rust/rust-source.inc +++ b/meta/recipes-devtools/rust/rust-source.inc @@ -23,3 +23,4 @@ UPSTREAM_CHECK_REGEX = "rustc-(?P<pver>\d+(\.\d+)+)-src" CVE_STATUS[CVE-2024-24576] = "not-applicable-platform: Issue only applies on Windows" CVE_STATUS[CVE-2024-43402] = "not-applicable-platform: Issue only applies on Windows" +CVE_STATUS[CVE-2024-3566] = "not-applicable-platform: Issue only applies on Windows" -- 2.35.6
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#237974): https://lists.openembedded.org/g/openembedded-core/message/237974 Mute This Topic: https://lists.openembedded.org/mt/119597324/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
