summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRichard Purdie <richard.purdie@linuxfoundation.org>2021-05-10 16:30:56 +0100
committerSteve Sakoman <steve@sakoman.com>2021-05-14 07:16:37 -1000
commitd18ba3735ff3438ebd60b680e6bae5227c85bccb (patch)
tree27c2fbcb7f7174d845ede257ae61c9b3dd7da0da
parent05f39301ab19a968916163b2d8f65beda7c09852 (diff)
downloadopenembedded-core-d18ba3735ff3438ebd60b680e6bae5227c85bccb.tar.gz
jquery: Exclude CVE-2007-2379 from cve-check
The CVE is non-specific and depends on the users of jquery, doesn't make sense to have this flagged against jquery as there is nothing we can do about it. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 1f82843584f6d2843c5bbd2fe5dcbc654a0fbcfb) Signed-off-by: Steve Sakoman <steve@sakoman.com>
-rw-r--r--meta/recipes-devtools/jquery/jquery_3.5.0.bb5
1 files changed, 5 insertions, 0 deletions
diff --git a/meta/recipes-devtools/jquery/jquery_3.5.0.bb b/meta/recipes-devtools/jquery/jquery_3.5.0.bb
index 35ce14e152..efffe05fd2 100644
--- a/meta/recipes-devtools/jquery/jquery_3.5.0.bb
+++ b/meta/recipes-devtools/jquery/jquery_3.5.0.bb
@@ -17,6 +17,11 @@ SRC_URI[map.sha256sum] = "3149351c8cbc3fb230bbf6188617c7ffda77d9e14333f4f5f0aa1a
UPSTREAM_CHECK_REGEX = "jquery-(?P<pver>\d+(\.\d+)+)\.js"
+# https://github.com/jquery/jquery/issues/3927
+# There are ways jquery can expose security issues but any issues are in the apps exposing them
+# and there is little we can directly do
+CVE_CHECK_WHITELIST += "CVE-2007-2379"
+
inherit allarch
do_install() {