diff options
| author | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-05-11 13:44:09 +0100 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-05-22 10:01:03 +0100 |
| commit | 14a4513aff970a74bc7b928bb13ad0d6a3f5612b (patch) | |
| tree | 12ecc85904bae03d89ac9263bd6370853b8da100 | |
| parent | 05a498a993b73c03201e37387aeeecd056c0c55e (diff) | |
| download | poky-14a4513aff970a74bc7b928bb13ad0d6a3f5612b.tar.gz | |
ghostscript: Exclude CVE-2013-6629 from cve-check
The CVE is in the jpeg sources included with ghostscript. We use our own
external jpeg library so this doesn't affect us.
(From OE-Core rev: e19caff111bcbd70e5e7507388a4aaea2d10f7e0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
| -rw-r--r-- | meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb b/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb index cbf60c8c85..35826c2549 100644 --- a/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb +++ b/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb | |||
| @@ -19,6 +19,10 @@ DEPENDS_class-native = "libpng-native" | |||
| 19 | UPSTREAM_CHECK_URI = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases" | 19 | UPSTREAM_CHECK_URI = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases" |
| 20 | UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.tar" | 20 | UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.tar" |
| 21 | 21 | ||
| 22 | # As of ghostscript 9.54.0 the jpeg issue in the CVE is present in the gs jpeg sources | ||
| 23 | # however we use an external jpeg which doesn't have the issue. | ||
| 24 | CVE_CHECK_WHITELIST += "CVE-2013-6629" | ||
| 25 | |||
| 22 | def gs_verdir(v): | 26 | def gs_verdir(v): |
| 23 | return "".join(v.split(".")) | 27 | return "".join(v.split(".")) |
| 24 | 28 | ||