Skip to content

Commit

Permalink
src/meta-openembedded:sassc: ignore CVE-2022-43357
Browse files Browse the repository at this point in the history 
This CVE is fixed in current libsass recipe version.
So wrapper around it will also not show this problem.
It's usual usecase is to be statically linked with libsass which is
probably the reason why this is listed as vulnerable component.

[1] links [2] as issue tracker which points to [3] as fix.
[4] as base repository for the recipe is not involved and files from [3]
    are not present in this repository.

[1] https://nvd.nist.gov/vuln/detail/CVE-2022-43357
[2] sass/libsass#3177
[3] sass/libsass#3184
[4] https://github.com/sass/sassc/

Signed-off-by: Peter Marko <peter.markosiemens.com>
Signed-off-by: Khem Raj <raj.khemgmail.com>
  • Loading branch information
@petermarko @kraj
petermarko authored and kraj committed Dec 21, 2024
1 parent a74ecc7 commit 7507b94
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/meta-openembedded
Submodule meta-openembedded updated from 607a44 to 576b84

0 comments on commit 7507b94

Please sign in to comment.