summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRichard Purdie <richard.purdie@linuxfoundation.org>2021-05-11 14:13:08 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2021-05-22 10:01:03 +0100
commitb1bdeda784574bf2b20862b71e5ff75897e0079a (patch)
tree902f6328b5b43dde104c24eee18159c421a81dee
parent6f647a9e06c4ea063ef3adb9600e0590aa908267 (diff)
downloadpoky-b1bdeda784574bf2b20862b71e5ff75897e0079a.tar.gz
poky-b1bdeda784574bf2b20862b71e5ff75897e0079a.tar.bz2
poky-b1bdeda784574bf2b20862b71e5ff75897e0079a.zip
tiff: Exclude CVE-2015-7313 from cve-check
Some fix upstream addresses the issue, it isn't clear which change this was. Our current version doesn't have issues with the test image though so we can exclude. (From OE-Core rev: 65124cac1ac1d0b746eacfe128da19c353f07eb0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-multimedia/libtiff/tiff_4.2.0.bb4
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.2.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.2.0.bb
index ea8580a25e..6ca01af2fa 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.2.0.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.2.0.bb
@@ -15,6 +15,10 @@ SRC_URI[sha256sum] = "eb0484e568ead8fa23b513e9b0041df7e327f4ee2d22db5a533929dfc1
# exclude betas
UPSTREAM_CHECK_REGEX = "tiff-(?P<pver>\d+(\.\d+)+).tar"
+# Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313
+# and 4.3.0 doesn't have the issue
+CVE_CHECK_WHITELIST += "CVE-2015-7313"
+
inherit autotools multilib_header
CACHED_CONFIGUREVARS = "ax_cv_check_gl_libgl=no"