flex: Add CVE-2019-6293 to exclusions for checks - openembedded-core

diff options

author	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-09-06 13:49:26 +0100
committer	Anuj Mittal <anuj.mittal@intel.com>	2021-09-15 10:19:46 +0800
commit	e2de2e5e977d84dab6cb1461800d4c29436da5c9 (patch)
tree	eae05496c863242f60cf5962ca07848c4f5fcbbf /meta/recipes-devtools/squashfs-tools
parent	d0ff86bccdbcd91e8760001037168043725ef8f4 (diff)
download	openembedded-core-e2de2e5e977d84dab6cb1461800d4c29436da5c9.tar.gz

flex: Add CVE-2019-6293 to exclusions for checks

CVE is effectively disputed - yes there is stack exhaustion but no bug and it is building the parser, not running it, effectively similar to a compiler ICE. Upstream no plans to address and there is no security issue. https://github.com/westes/flex/issues/414 Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0cae5d7a24bedf6784781b62cbb3795a44bab4d1) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>

Diffstat (limited to 'meta/recipes-devtools/squashfs-tools')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: