diff options
Diffstat (limited to 'meta/recipes-extended/tar/tar_1.32.bb')
-rw-r--r-- | meta/recipes-extended/tar/tar_1.32.bb | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/meta/recipes-extended/tar/tar_1.32.bb b/meta/recipes-extended/tar/tar_1.32.bb index ebe6cb0dbd..9297480e85 100644 --- a/meta/recipes-extended/tar/tar_1.32.bb +++ b/meta/recipes-extended/tar/tar_1.32.bb @@ -6,8 +6,13 @@ SECTION = "base" LICENSE = "GPLv3" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" +PR = "r1" + SRC_URI = "${GNU_MIRROR}/tar/tar-${PV}.tar.bz2 \ file://musl_dirent.patch \ + file://CVE-2021-20193.patch \ + file://CVE-2022-48303.patch \ + file://CVE-2023-39804.patch \ " SRC_URI[md5sum] = "17917356fff5cb4bd3cd5a6c3e727b05" @@ -64,3 +69,7 @@ PROVIDES_append_class-native = " tar-replacement-native" NATIVE_PACKAGE_PATH_SUFFIX = "/${PN}" BBCLASSEXTEND = "native nativesdk" + +# Avoid false positives from CVEs in node-tar package +# For example CVE-2021-{32803,32804,37701,37712,37713} +CVE_PRODUCT = "gnu:tar" |