From 65124cac1ac1d0b746eacfe128da19c353f07eb0 Mon Sep 17 00:00:00 2001 From: Richard Purdie Date: Tue, 11 May 2021 14:13:08 +0100 Subject: tiff: Exclude CVE-2015-7313 from cve-check Some fix upstream addresses the issue, it isn't clear which change this was. Our current version doesn't have issues with the test image though so we can exclude. Signed-off-by: Richard Purdie --- meta/recipes-multimedia/libtiff/tiff_4.2.0.bb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/meta/recipes-multimedia/libtiff/tiff_4.2.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.2.0.bb index ea8580a25e..6ca01af2fa 100644 --- a/meta/recipes-multimedia/libtiff/tiff_4.2.0.bb +++ b/meta/recipes-multimedia/libtiff/tiff_4.2.0.bb @@ -15,6 +15,10 @@ SRC_URI[sha256sum] = "eb0484e568ead8fa23b513e9b0041df7e327f4ee2d22db5a533929dfc1 # exclude betas UPSTREAM_CHECK_REGEX = "tiff-(?P\d+(\.\d+)+).tar" +# Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313 +# and 4.3.0 doesn't have the issue +CVE_CHECK_WHITELIST += "CVE-2015-7313" + inherit autotools multilib_header CACHED_CONFIGUREVARS = "ax_cv_check_gl_libgl=no" -- cgit 1.2.3-korg