diff options
Diffstat (limited to 'meta/recipes-extended/libarchive/libarchive_3.4.2.bb')
-rw-r--r-- | meta/recipes-extended/libarchive/libarchive_3.4.2.bb | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/meta/recipes-extended/libarchive/libarchive_3.4.2.bb b/meta/recipes-extended/libarchive/libarchive_3.4.2.bb index 0ab40fc096..728eedc401 100644 --- a/meta/recipes-extended/libarchive/libarchive_3.4.2.bb +++ b/meta/recipes-extended/libarchive/libarchive_3.4.2.bb @@ -32,11 +32,23 @@ PACKAGECONFIG[mbedtls] = "--with-mbedtls,--without-mbedtls,mbedtls," EXTRA_OECONF += "--enable-largefile" -SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz" +SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz \ + file://CVE-2021-36976-1.patch \ + file://CVE-2021-36976-2.patch \ + file://CVE-2021-36976-3.patch \ + file://CVE-2021-23177.patch \ + file://CVE-2021-31566-01.patch \ + file://CVE-2021-31566-02.patch \ + file://CVE-2022-26280.patch \ + file://CVE-2022-36227.patch \ +" SRC_URI[md5sum] = "d953ed6b47694dadf0e6042f8f9ff451" SRC_URI[sha256sum] = "b60d58d12632ecf1e8fad7316dc82c6b9738a35625746b47ecdcaf4aed176176" +# upstream-wontfix: upstream has documented that reported function is not thread-safe +CVE_CHECK_WHITELIST += "CVE-2023-30571" + inherit autotools update-alternatives pkgconfig CPPFLAGS += "-I${WORKDIR}/extra-includes" |