aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSaloni Jain <Saloni.Jain@kpit.com>2021-05-01 21:23:36 -0400
committerArmin Kuster <akuster808@gmail.com>2021-05-14 10:03:51 -0700
commitf81318a4f87dbb9c9f9e0e24e68163fb797930bb (patch)
treecfaec38b6b4626381c477ee92364a0e1e140cc3e
parentd460525cd5f5bd7bd0ea9456600d279151cf040e (diff)
downloadmeta-openembedded-f81318a4f87dbb9c9f9e0e24e68163fb797930bb.tar.gz
meta-openembedded-f81318a4f87dbb9c9f9e0e24e68163fb797930bb.tar.bz2
meta-openembedded-f81318a4f87dbb9c9f9e0e24e68163fb797930bb.zip
fuse: Whitelisted CVE-2019-14860
CVE-2019-14860 is a REDHAT specific issue and was addressed for REDHAT Fuse products on Red Hat Fuse 7.4.1 and Red Hat Fuse 7.5.0. REDHAT has also released the fix and updated their security advisories after significant releases. Hence, whitelisted the CVE-2019-14860. Link: https://access.redhat.com/security/cve/cve-2019-14860 Link: https://access.redhat.com/errata/RHSA-2019:3244 Link: https://access.redhat.com/errata/RHSA-2019:3892 Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r--meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb5
1 files changed, 5 insertions, 0 deletions
diff --git a/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb b/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb
index 95e870691..49682b3cd 100644
--- a/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb
+++ b/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb
@@ -19,6 +19,11 @@ SRC_URI = "https://github.com/libfuse/libfuse/releases/download/${BP}/${BP}.tar.
SRC_URI[md5sum] = "8000410aadc9231fd48495f7642f3312"
SRC_URI[sha256sum] = "d0e69d5d608cc22ff4843791ad097f554dd32540ddc9bed7638cc6fea7c1b4b5"
+# CVE-2019-14860 is a REDHAT specific issue and was addressed for REDHAT Fuse products on Red Hat Fuse 7.4.1 and Red Hat Fuse 7.5.0.
+# REDHAT has also released the fix and updated their security advisories after significant releases.
+CVE_PRODUCT = "fuse"
+CVE_CHECK_WHITELIST += "CVE-2019-14860"
+
UPSTREAM_CHECK_URI = "https://github.com/libfuse/libfuse/releases"
UPSTREAM_CHECK_REGEX = "fuse\-(?P<pver>2(\.\d+)+).tar.gz"