aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRichard Purdie <richard.purdie@linuxfoundation.org>2021-05-11 14:13:08 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2021-05-22 10:00:45 +0100
commit65124cac1ac1d0b746eacfe128da19c353f07eb0 (patch)
tree0688bb90125c1445f47d4703b44ee1cd86c506a1
parent21b6975cc6c785aa3bf7f7d4ea2400e11f1800bd (diff)
downloadopenembedded-core-65124cac1ac1d0b746eacfe128da19c353f07eb0.tar.gz
openembedded-core-65124cac1ac1d0b746eacfe128da19c353f07eb0.tar.bz2
openembedded-core-65124cac1ac1d0b746eacfe128da19c353f07eb0.zip
tiff: Exclude CVE-2015-7313 from cve-check
Some fix upstream addresses the issue, it isn't clear which change this was. Our current version doesn't have issues with the test image though so we can exclude. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-multimedia/libtiff/tiff_4.2.0.bb4
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.2.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.2.0.bb
index ea8580a25e..6ca01af2fa 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.2.0.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.2.0.bb
@@ -15,6 +15,10 @@ SRC_URI[sha256sum] = "eb0484e568ead8fa23b513e9b0041df7e327f4ee2d22db5a533929dfc1
# exclude betas
UPSTREAM_CHECK_REGEX = "tiff-(?P<pver>\d+(\.\d+)+).tar"
+# Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313
+# and 4.3.0 doesn't have the issue
+CVE_CHECK_WHITELIST += "CVE-2015-7313"
+
inherit autotools multilib_header
CACHED_CONFIGUREVARS = "ax_cv_check_gl_libgl=no"