ghostscript: ignore CVE-2023-38560

The ghostscript recipe isn't vulnerable to CVE-2023-38560, as this is an issue in the GhostPCL release, whereas this recipe is the Ghostscript release. Signed-off-by: Ross Burton <ross.burton@arm.com>
author: Ross Burton <ross.burton@arm.com> 2023-08-07 17:56:56 +0100
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-08-09 21:45:54 +0100
commit: f82a13beabc784da1455f86064ce9f0f225b6e5a (patch)
tree: e3731463d8e5cb04381d6182fbc138fa7ee6ec53
parent: 38478a82598260e5e0616598e8cf78416dac1867 (diff)
download: openembedded-core-contrib-f82a13beabc784da1455f86064ce9f0f225b6e5a.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-extended/ghostscript/ghostscript_10.01.2.bb b/meta/recipes-extended/ghostscript/ghostscript_10.01.2.bb
index 6b5f443db0..0ddf708f93 100644
--- a/meta/recipes-extended/ghostscript/ghostscript_10.01.2.bb
+++ b/meta/recipes-extended/ghostscript/ghostscript_10.01.2.bb
@@ -67,3 +67,5 @@ COMPATIBLE_HOST = "^(?!arc).*"
 
 # some entries in NVD uses gpl_ghostscript
 CVE_PRODUCT = "ghostscript gpl_ghostscript"
+
+CVE_STATUS[CVE-2023-38560] = "not-applicable-config: PCL isn't part of the Ghostscript release"
author	Ross Burton <ross.burton@arm.com>	2023-08-07 17:56:56 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-08-09 21:45:54 +0100
commit	f82a13beabc784da1455f86064ce9f0f225b6e5a (patch)
tree	e3731463d8e5cb04381d6182fbc138fa7ee6ec53
parent	38478a82598260e5e0616598e8cf78416dac1867 (diff)
download	openembedded-core-contrib-f82a13beabc784da1455f86064ce9f0f225b6e5a.tar.gz