perl: ignore CVE-2023-47100

CVE-2023-47100 is a duplicate of CVE-2023-47038. They have the same advertised fix commit, which has already been merged into the perl_5.34.3 sources used in kirkstone. Signed-off-by: Alex Stewart <alex.stewart@ni.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Alex Stewart <alex.stewart@ni.com> 2024-04-03 15:32:04 -0400
committer: Steve Sakoman <steve@sakoman.com> 2024-04-05 07:37:39 -0700
commit: 8df158f39f1eed1e3ae88ddf935c67e067b72525 (patch)
tree: 7af058f28b3a2aeb25bcbc67badea8dd9403195d
parent: eab100205bc5cdffc5ccc7752e1ee5abd9ebb58a (diff)
download: openembedded-core-contrib-8df158f39f1eed1e3ae88ddf935c67e067b72525.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-devtools/perl/perl_5.34.3.bb b/meta/recipes-devtools/perl/perl_5.34.3.bb
index e8b518adc9..215990c8fa 100644
--- a/meta/recipes-devtools/perl/perl_5.34.3.bb
+++ b/meta/recipes-devtools/perl/perl_5.34.3.bb
@@ -48,6 +48,9 @@ PACKAGECONFIG[gdbm] = ",-Ui_gdbm,gdbm"
 # Don't generate comments in enc2xs output files. They are not reproducible
 export ENC2XS_NO_COMMENTS = "1"
 
+# Duplicate of CVE-2023-47038, which has already been patched as of perl_5.34.3
+CVE_CHECK_IGNORE:append = " CVE-2023-47100"
+
 do_configure:prepend() {
     cp -rfp ${STAGING_DATADIR_NATIVE}/perl-cross/* ${S}
 }
author	Alex Stewart <alex.stewart@ni.com>	2024-04-03 15:32:04 -0400
committer	Steve Sakoman <steve@sakoman.com>	2024-04-05 07:37:39 -0700
commit	8df158f39f1eed1e3ae88ddf935c67e067b72525 (patch)
tree	7af058f28b3a2aeb25bcbc67badea8dd9403195d
parent	eab100205bc5cdffc5ccc7752e1ee5abd9ebb58a (diff)
download	openembedded-core-contrib-8df158f39f1eed1e3ae88ddf935c67e067b72525.tar.gz