tiff: Exclude CVE-2015-7313 from cve-check

Some fix upstream addresses the issue, it isn't clear which change this was. Our current version doesn't have issues with the test image though so we can exclude. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Richard Purdie <richard.purdie@linuxfoundation.org> 2021-05-11 14:13:08 +0100
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2021-05-12 23:05:17 +0100
commit: 3874da694ae1d9de06dd003bd80705205e2b033b (patch)
tree: d2f244a0d60bba94b93111194806508b238c87ef /meta/recipes-multimedia
parent: 658902477840ea34d414083c4c79616bf5e999a2 (diff)
download: openembedded-core-3874da694ae1d9de06dd003bd80705205e2b033b.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
index abf0a67740..8f929ffb55 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
@@ -15,6 +15,10 @@ SRC_URI[sha256sum] = "0e46e5acb087ce7d1ac53cf4f56a09b221537fc86dfc5daaad1c2e89e1
 # exclude betas
 UPSTREAM_CHECK_REGEX = "tiff-(?P<pver>\d+(\.\d+)+).tar"
 
+# Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313
+# and 4.3.0 doesn't have the issue
+CVE_CHECK_WHITELIST += "CVE-2015-7313"
+
 inherit autotools multilib_header
 
 CACHED_CONFIGUREVARS = "ax_cv_check_gl_libgl=no"
author	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-05-11 14:13:08 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-05-12 23:05:17 +0100
commit	3874da694ae1d9de06dd003bd80705205e2b033b (patch)
tree	d2f244a0d60bba94b93111194806508b238c87ef /meta/recipes-multimedia
parent	658902477840ea34d414083c4c79616bf5e999a2 (diff)
download	openembedded-core-3874da694ae1d9de06dd003bd80705205e2b033b.tar.gz