gnome-settings-daemon: ignore CVE-2024-38394

Details: https://nvd.nist.gov/vuln/detail/CVE-2024-38394 The CVE has the disputed flag. The project maintainers claim that the issue is not in gnome-setttings-daemon. If the vulnerability needs to be handled in gnome-settings-daemon, than it is a new feature rather than a vulnerability fix. Due to this, ignore this CVE. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2026-04-02 02:49:12 +00:00 · 2026-01-29 07:31:27 +01:00 · 2026-01-29 07:31:27 +01:00 · 702efc091e
commit 702efc091e
parent bcac2eef54
1 changed files with 3 additions and 0 deletions
--- a/meta-gnome/recipes-gnome/gnome-settings-daemon/gnome-settings-daemon_42.2.bb
+++ b/meta-gnome/recipes-gnome/gnome-settings-daemon/gnome-settings-daemon_42.2.bb
@ -44,3 +44,6 @@ FILES:${PN} += " \
    ${systemd_user_unitdir} \
    ${libdir}/gnome-settings-daemon-42/libgsd.so \
 "
+
+# mitigation would be a new feature, not a CVE
+CVE_CHECK_IGNORE += "CVE-2024-38394"