CERBERUS/kitty
1
0
Fork 0
mirror of https://github.com/kovidgoyal/kitty.git synced 2026-05-13 16:37:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Ignore a bunch of CVes in python that havent actually had their fixes released yet.

Browse source
This commit is contained in:
Kovid Goyal 2026-01-23 19:07:02 +05:30
parent aa1267486d
commit ae36822837
No known key found for this signature in database
GPG key ID: 06BC317B515ACE7C
1 changed files with 9 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

9
.github/workflows/ci.py vendored
View file

@ -213,6 +213,15 @@ IGNORED_DEPENDENCY_CVES = [
'CVE-2025-13836', # DoS in http client reading from malicious server
'CVE-2025-12084', # DoS in xml.dom.minidom unused in kitty
'CVE-2025-13837', # DoS in plistlib reading plist. We only use plistlib for writing
# python stdlib all these are erroneously marked as fixed in python 3.15
# when it hasnt even been released. Sigh.
'CVE-2026-0865',
'CVE-2025-15282',
'CVE-2026-0672',
'CVE-2025-15366',
'CVE-2025-15367',
'CVE-2025-12781',
'CVE-2025-11468',
# glib
'CVE-2025-4056', # Only affects Windows, on which we dont run
# github.com/nwaples/rardecode/v2