From e7fdb6c5b218a9c300ed566269666870c5bc7043 Mon Sep 17 00:00:00 2001
From: Ninette Adhikari <ninette@thehoodiefirm.com>
Date: Mon, 29 Apr 2024 16:31:17 +0200
Subject: st: Update status for CVE-2017-16224

The recipe used in the meta-openembedded is a different st package compared to the one which has the CVE issue.
Package used in meta-embedded: https://st.suckless.org/
Package with CVE issue: https://www.npmjs.com/package/st
No action required.

Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 meta-oe/recipes-graphics/suckless/st_0.9.2.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-oe/recipes-graphics/suckless/st_0.9.2.bb b/meta-oe/recipes-graphics/suckless/st_0.9.2.bb
index 5e0f2e71cc..22ad0211b6 100644
--- a/meta-oe/recipes-graphics/suckless/st_0.9.2.bb
+++ b/meta-oe/recipes-graphics/suckless/st_0.9.2.bb
@@ -33,3 +33,5 @@ ALTERNATIVE:${PN} = "st st-256color"
 ALTERNATIVE_LINK_NAME[st] = "${datadir}/terminfo/s/st"
 
 ALTERNATIVE_LINK_NAME[st-256color] = "${datadir}/terminfo/s/st-256color"
+
+CVE_STATUS[CVE-2017-16224] = "cpe-incorrect: The recipe used in the meta-openembedded is a different st package compared to the one which has the CVE issue."
-- 
cgit v1.2.3-54-g00ecf