libxslt: Mark CVE-2022-29824 as not applying

We have libxml2 2.9.14 and we don't link statically against libxml2 anyway so the CVE doesn't apply to libxslt. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-05-28 11:15:29 +0100
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-05-28 18:37:01 +0100
commit: c6315d8a2a1429a0fb7563b1d6352ceee7bc222c (patch)
tree: 477807cda386877fb4be44801ef1ac52df89a93b /meta/recipes-support/libxslt
parent: 34e6a19f2430ee2fd0fec4bec1891e898a0d9766 (diff)
download: openembedded-core-c6315d8a2a1429a0fb7563b1d6352ceee7bc222c.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-support/libxslt/libxslt_1.1.35.bb b/meta/recipes-support/libxslt/libxslt_1.1.35.bb
index 51cfb2e281..2fd777766c 100644
--- a/meta/recipes-support/libxslt/libxslt_1.1.35.bb
+++ b/meta/recipes-support/libxslt/libxslt_1.1.35.bb
@@ -19,6 +19,10 @@ SRC_URI[sha256sum] = "8247f33e9a872c6ac859aa45018bc4c4d00b97e2feac9eebc10c93ce1f
 
 UPSTREAM_CHECK_REGEX = "libxslt-(?P<pver>\d+(\.\d+)+)\.tar"
 
+# We have libxml2 2.9.14 and we don't link statically with it anyway
+# so this isn't an issue.
+CVE_CHECK_IGNORE += "CVE-2022-29824"
+
 S = "${WORKDIR}/libxslt-${PV}"
 
 BINCONFIG = "${bindir}/xslt-config"
author	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-05-28 11:15:29 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-05-28 18:37:01 +0100
commit	c6315d8a2a1429a0fb7563b1d6352ceee7bc222c (patch)
tree	477807cda386877fb4be44801ef1ac52df89a93b /meta/recipes-support/libxslt
parent	34e6a19f2430ee2fd0fec4bec1891e898a0d9766 (diff)
download	openembedded-core-c6315d8a2a1429a0fb7563b1d6352ceee7bc222c.tar.gz