I wonder if it would be good to backport this to Scarthgap. I'm getting the following warning for unpatched CVE on latest scarthgap:

 

WARNING: libyaml-0.2.5-r0 do_cve_check: Found unpatched CVE (CVE-2024-35328), for more information check /home/builder/yocto/build/tmp/work/cortexa9t2hf-neon-tdx-linux-gnueabi/libyaml/0.2.5/temp/cve.log

 

Would this patch silence it?