poky/libarchive at yocto-4.0.28 - poky

mirror of git://git.yoctoproject.org/poky.git synced 2025-08-22 00:42:05 +02:00

History

Peter Marko 68f82bca13 libarchive: ignore CVE-2024-48615 Fix for this CVE [1] is patchong code introduced by [2] in v3.7.5. So v3.6.2 is not affected yet and the CVE can be safely ignored. Also Debian tracker [3] contains this statement. [1] `565b5aea49` [2] `2d8a5760c5` [3] https://security-tracker.debian.org/tracker/CVE-2024-48615 (From OE-Core rev: 60390a3a28242efba32360426b0a3be6af5fb54b) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>	2025-05-02 08:12:41 -07:00
..
libarchive	libarchive: patch CVE-2025-25724	2025-03-19 07:13:17 -07:00
libarchive_3.6.2.bb	libarchive: ignore CVE-2024-48615	2025-05-02 08:12:41 -07:00

Peter Marko 68f82bca13 libarchive: ignore CVE-2024-48615

Fix for this CVE [1] is patchong code introduced by [2] in v3.7.5.
So v3.6.2 is not affected yet and the CVE can be safely ignored.
Also Debian tracker [3] contains this statement.

[1] 565b5aea49
[2] 2d8a5760c5
[3] https://security-tracker.debian.org/tracker/CVE-2024-48615

(From OE-Core rev: 60390a3a28242efba32360426b0a3be6af5fb54b)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2025-05-02 08:12:41 -07:00

libarchive libarchive: patch CVE-2025-25724 2025-03-19 07:13:17 -07:00

libarchive_3.6.2.bb libarchive: ignore CVE-2024-48615 2025-05-02 08:12:41 -07:00