Openembedded Core Discussions
 help / color / mirror / Atom feed
* [OE-core][dunfell][PATCH] git: Whitelist CVE-2022-41953
@ 2023-02-13 10:01 Bhabu Bindu
  0 siblings, 0 replies; 2+ messages in thread
From: Bhabu Bindu @ 2023-02-13 10:01 UTC (permalink / raw)
  To: openembedded-core, virendrak; +Cc: akash.hadke

From: Virendra Thakur <virendrak@kpit.com>

Whitelist CVE-2022-41953 as its specific to Git-for-Windows

Link: https://github.com/git-for-windows/git/security/advisories/GHSA-v4px-mx59-w99c

Upstream-Status: Pending

Issue: MGUBSYS-6605

Change-Id: Id9dde20c1c1b8244a7dc11e3eae0927d1604e7fd
Signed-off-by: Virendra Thakur <virendrak@kpit.com>
---
 meta/recipes-devtools/git/git.inc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/recipes-devtools/git/git.inc b/meta/recipes-devtools/git/git.inc
index b5d0004712..9cc4092e17 100644
--- a/meta/recipes-devtools/git/git.inc
+++ b/meta/recipes-devtools/git/git.inc
@@ -24,6 +24,9 @@ CVE_PRODUCT = "git-scm:git"
 # we don't see this as a major issue for our general users/usecases.
 CVE_CHECK_WHITELIST += "CVE-2022-24975"
 
+# This is specific to Git-for-Windows
+CVE_CHECK_WHITELIST += "CVE-2022-41953"
+
 PACKAGECONFIG ??= ""
 PACKAGECONFIG[cvsserver] = ""
 PACKAGECONFIG[svn] = ""
-- 
2.17.1



^ permalink raw reply related	[flat|nested] 2+ messages in thread
* [OE-core][dunfell][PATCH] git: Whitelist CVE-2022-41953
@ 2023-02-20  5:58 Bhabu Bindu
  0 siblings, 0 replies; 2+ messages in thread
From: Bhabu Bindu @ 2023-02-20  5:58 UTC (permalink / raw)
  To: openembedded-core, virendrak; +Cc: akash.hadke

From: Virendra Thakur <virendrak@kpit.com>

Whitelist CVE-2022-41953 as its specific to Git-for-Windows

Link: https://github.com/git-for-windows/git/security/advisories/GHSA-v4px-mx59-w99c

Signed-off-by: Virendra Thakur <virendrak@kpit.com>
---
 meta/recipes-devtools/git/git.inc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/recipes-devtools/git/git.inc b/meta/recipes-devtools/git/git.inc
index b5d0004712..9cc4092e17 100644
--- a/meta/recipes-devtools/git/git.inc
+++ b/meta/recipes-devtools/git/git.inc
@@ -24,6 +24,9 @@ CVE_PRODUCT = "git-scm:git"
 # we don't see this as a major issue for our general users/usecases.
 CVE_CHECK_WHITELIST += "CVE-2022-24975"
 
+# This is specific to Git-for-Windows
+CVE_CHECK_WHITELIST += "CVE-2022-41953"
+
 PACKAGECONFIG ??= ""
 PACKAGECONFIG[cvsserver] = ""
 PACKAGECONFIG[svn] = ""
-- 
2.17.1



^ permalink raw reply related	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-02-20  5:59 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-02-13 10:01 [OE-core][dunfell][PATCH] git: Whitelist CVE-2022-41953 Bhabu Bindu
  -- strict thread matches above, loose matches on Subject: below --
2023-02-20  5:58 Bhabu Bindu

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox