From affcaa6f5a1d0e2dbcb555bf77e988610597f0f5 Mon Sep 17 00:00:00 2001
From: Peter Marko <peter.marko@siemens.com>
Date: Wed, 28 Jun 2023 11:49:37 +0200
Subject: [PATCH] grpc: ignore CVE-2023-32732

Source: meta-openembedded
MR: 126092
Type: Integration
Disposition: Merged from meta-openembedded
ChangeID: d7ece8be99df9a650fa85015e068514dd09c560c
Description:

It was introduced in in v1.53.0 and not backported to v1.46.x branch.
NVD references PR which intrioduces the vulnerability:
  https://github.com/grpc/grpc/pull/32309#issuecomment-1589561295

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
---
 meta-oe/recipes-devtools/grpc/grpc_1.46.7.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta-oe/recipes-devtools/grpc/grpc_1.46.7.bb b/meta-oe/recipes-devtools/grpc/grpc_1.46.7.bb
index 15bf05919b3..ab6f6e46cd2 100644
--- a/meta-oe/recipes-devtools/grpc/grpc_1.46.7.bb
+++ b/meta-oe/recipes-devtools/grpc/grpc_1.46.7.bb
@@ -66,3 +66,6 @@ FILES:${PN}-compiler += " \
     ${bindir} \
     ${libdir}/libgrpc_plugin_support${SOLIBS} \
     "
+
+# this CVE was introduced in v1.53.0 and not backported to v1.46.x branch
+CVE_CHECK_IGNORE += "CVE-2023-32732"