python3: whitelist CVE-2020-15523

This CVE is issue on _Py_CheckPython3 uses uninitialized dllpath when embedder sets module path with Py_SetPath. Since it is .dll issue (on windows only), hence whitelist it. https://bugs.python.org/issue29778 Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Lee Chee Yang <chee.yang.lee@intel.com> 2020-11-19 19:00:33 +0800
committer: Steve Sakoman <steve@sakoman.com> 2020-11-19 10:02:23 -1000
commit: c216431d0704bd8be237e860bbdc32be34a82aee (patch)
tree: 2621dfa33af21c460c4a49f1b4590c3dbbdac60e /meta/recipes-devtools/python/python3_3.8.2.bb
parent: 6e1647fe60004bd4989a65824f0bf02d37f5aeba (diff)
download: openembedded-core-c216431d0704bd8be237e860bbdc32be34a82aee.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python/python3_3.8.2.bb b/meta/recipes-devtools/python/python3_3.8.2.bb
index 758ed87546..5f7901dbf2 100644
--- a/meta/recipes-devtools/python/python3_3.8.2.bb
+++ b/meta/recipes-devtools/python/python3_3.8.2.bb
@@ -54,6 +54,9 @@ CVE_PRODUCT = "python"
 # This is not exploitable when glibc has CVE-2016-10739 fixed.
 CVE_CHECK_WHITELIST += "CVE-2019-18348"
 
+# This is windows only issue.
+CVE_CHECK_WHITELIST += "CVE-2020-15523"
+
 PYTHON_MAJMIN = "3.8"
 
 S = "${WORKDIR}/Python-${PV}"
author	Lee Chee Yang <chee.yang.lee@intel.com>	2020-11-19 19:00:33 +0800
committer	Steve Sakoman <steve@sakoman.com>	2020-11-19 10:02:23 -1000
commit	c216431d0704bd8be237e860bbdc32be34a82aee (patch)
tree	2621dfa33af21c460c4a49f1b4590c3dbbdac60e /meta/recipes-devtools/python/python3_3.8.2.bb
parent	6e1647fe60004bd4989a65824f0bf02d37f5aeba (diff)
download	openembedded-core-c216431d0704bd8be237e860bbdc32be34a82aee.tar.gz