From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 08/16] git: ignore CVE-2022-41953
Date: Mon, 20 Feb 2023 12:20:15 -1000 [thread overview]
Message-ID: <dfb042a6159d128aa4ee8d899c447cf33a2be7ae.1676931497.git.steve@sakoman.com> (raw)
In-Reply-To: <cover.1676931497.git.steve@sakoman.com>
From: Ross Burton <ross.burton@arm.com>
This is specific to Git-for-Windows.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c8849af809e0213d43e18e5d01067eeeb61b330d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/git/git.inc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-devtools/git/git.inc b/meta/recipes-devtools/git/git.inc
index d707f25456..ed6308ea2d 100644
--- a/meta/recipes-devtools/git/git.inc
+++ b/meta/recipes-devtools/git/git.inc
@@ -23,6 +23,8 @@ CVE_PRODUCT = "git-scm:git"
# in mirrored git repos. Most OE users wouldn't build the docs and
# we don't see this as a major issue for our general users/usecases.
CVE_CHECK_WHITELIST += "CVE-2022-24975"
+# This is specific to Git-for-Windows
+CVE_CHECK_WHITELIST += "CVE-2022-41953"
PACKAGECONFIG ??= ""
PACKAGECONFIG[cvsserver] = ""
--
2.34.1
next prev parent reply other threads:[~2023-02-20 22:20 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-20 22:20 [OE-core][dunfell 00/16] Patch review Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 01/16] qemu: Fix slirp determinism issue Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 02/16] qemu: fix CVE-2021-3929 nvme DMA reentrancy issue leads to use-after-free Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 03/16] sudo: Fix CVE-2023-22809 Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 04/16] git: CVE-2022-23521 gitattributes parsing integer overflow Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 05/16] nativesdk: Handle chown/chgrp calls in nativesdk do_install tasks Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 06/16] quilt: fix intermittent failure in faildiff.test Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 07/16] quilt: use upstreamed faildiff.test fix Steve Sakoman
2023-02-20 22:20 ` Steve Sakoman [this message]
2023-02-20 22:20 ` [OE-core][dunfell 09/16] classes/fs-uuid: Fix command output decoding issue Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 10/16] make-mod-scripts: Ensure kernel build output is deterministic Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 11/16] oeqa/qemurunner: do not use Popen.poll() when terminating runqemu with a signal Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 12/16] meta: remove True option to getVar and getVarFlag calls (again) Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 13/16] libc-locale: Fix on target locale generation Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 14/16] oeqa context.py: fix --target-ip comment to include ssh port number Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 15/16] busybox: always start do_compile with orig config files Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 16/16] busybox: rm temporary files if do_compile was interrupted Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=dfb042a6159d128aa4ee8d899c447cf33a2be7ae.1676931497.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox