aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRichard Purdie <richard.purdie@linuxfoundation.org>2021-05-10 16:30:56 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2021-05-22 10:01:02 +0100
commita6f2df83b9c298c5c3e34ede1012558f28917c31 (patch)
tree88f57de69dcd80958abf55711169d8327a06e91c
parent0501beda3dd3b5e3e55922996444d37f7bb8754d (diff)
downloadpoky-a6f2df83b9c298c5c3e34ede1012558f28917c31.tar.gz
poky-a6f2df83b9c298c5c3e34ede1012558f28917c31.tar.bz2
poky-a6f2df83b9c298c5c3e34ede1012558f28917c31.zip
jquery: Exclude CVE-2007-2379 from cve-check
The CVE is non-specific and depends on the users of jquery, doesn't make sense to have this flagged against jquery as there is nothing we can do about it. (From OE-Core rev: 6f422e966fdc1e62ff0e48d3382ec246ff8bd998) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-devtools/jquery/jquery_3.6.0.bb5
1 files changed, 5 insertions, 0 deletions
diff --git a/meta/recipes-devtools/jquery/jquery_3.6.0.bb b/meta/recipes-devtools/jquery/jquery_3.6.0.bb
index 65905966c1..03792730fd 100644
--- a/meta/recipes-devtools/jquery/jquery_3.6.0.bb
+++ b/meta/recipes-devtools/jquery/jquery_3.6.0.bb
@@ -19,6 +19,11 @@ SRC_URI[map.sha256sum] = "399548fb0e7b146c12f5ba18099a47d594a970fee96212eee0ab48
UPSTREAM_CHECK_REGEX = "jquery-(?P<pver>\d+(\.\d+)+)\.js"
+# https://github.com/jquery/jquery/issues/3927
+# There are ways jquery can expose security issues but any issues are in the apps exposing them
+# and there is little we can directly do
+CVE_CHECK_WHITELIST += "CVE-2007-2379"
+
inherit allarch
do_install() {