Skip to content

Commit

Permalink
grpc: ignore CVE-2023-32732
Browse files Browse the repository at this point in the history 
Source: meta-openembedded
MR: 126092
Type: Integration
Disposition: Merged from meta-openembedded
ChangeID: d7ece8b
Description:

It was introduced in in v1.53.0 and not backported to v1.46.x branch.
NVD references PR which intrioduces the vulnerability:
  grpc/grpc#32309 (comment)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
  • Loading branch information
@petermarko @jpuhlman
petermarko authored and jpuhlman committed Jul 24, 2023
1 parent 37058ed commit affcaa6
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions meta-oe/recipes-devtools/grpc/grpc_1.46.7.bb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,3 +66,6 @@ FILES:${PN}-compiler += " \
${bindir} \
${libdir}/libgrpc_plugin_support${SOLIBS} \
"

# this CVE was introduced in v1.53.0 and not backported to v1.46.x branch
CVE_CHECK_IGNORE += "CVE-2023-32732"

0 comments on commit affcaa6

Please sign in to comment.