openssh: Exclude CVE-2007-2768 from cve-check

We don't build/use the OPIE PAM module, exclude the CVE from this recipe. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 3670be602f2ace24dc49e196407efec577164050) Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Richard Purdie <richard.purdie@linuxfoundation.org> 2021-05-10 16:55:50 +0100
committer: Steve Sakoman <steve@sakoman.com> 2021-05-14 07:16:37 -1000
commit: d55474025a4518c674d9781c4c3b1ce5d6389466 (patch)
tree: 6f3c0a72e50f013ffc5450d8f6085b5eba36ae9f
parent: 99cb9534902717e637f1460c1d1c10d290bbebf2 (diff)
download: openembedded-core-d55474025a4518c674d9781c4c3b1ce5d6389466.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb
index fe94f30503..b429fbe96d 100644
--- a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb
@@ -28,6 +28,9 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
 SRC_URI[md5sum] = "3076e6413e8dbe56d33848c1054ac091"
 SRC_URI[sha256sum] = "43925151e6cf6cee1450190c0e9af4dc36b41c12737619edff8bcebdff64e671"
 
+# This CVE is specific to OpenSSH with the pam opie which we don't build/use here
+CVE_CHECK_WHITELIST += "CVE-2007-2768"
+
 # This CVE is specific to OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7
 # and when running in a Kerberos environment. As such it is not relevant to OpenEmbedded
 CVE_CHECK_WHITELIST += "CVE-2014-9278"
author	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-05-10 16:55:50 +0100
committer	Steve Sakoman <steve@sakoman.com>	2021-05-14 07:16:37 -1000
commit	d55474025a4518c674d9781c4c3b1ce5d6389466 (patch)
tree	6f3c0a72e50f013ffc5450d8f6085b5eba36ae9f
parent	99cb9534902717e637f1460c1d1c10d290bbebf2 (diff)
download	openembedded-core-d55474025a4518c674d9781c4c3b1ce5d6389466.tar.gz