summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRichard Purdie <richard.purdie@linuxfoundation.org>2021-05-10 12:42:25 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2021-05-22 10:01:02 +0100
commit228acdd221374aa6597cf92c2a6211c06cb3a0db (patch)
treefdcc5cde8692eed0a2a7ea98b5b1ad79b3279299
parentd6573b33aaa6cb31c9dafb64a26cc44261d367cc (diff)
downloadpoky-228acdd221374aa6597cf92c2a6211c06cb3a0db.tar.gz
qemu: Exclude CVE-2007-0998 from cve-check
The CVE applies to the built-in VNC server but we don't enable this by default. (From OE-Core rev: 9ac9f2709a45fc7ce5b3b9a1a5e4f2e116ec2bb7) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-devtools/qemu/qemu.inc4
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index e1c1bfdbfe..c56f341a5e 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -68,6 +68,10 @@ SRC_URI_append_class-nativesdk = " file://cross.patch"
68# Applies against virglrender < 0.6.0 and not qemu itself 68# Applies against virglrender < 0.6.0 and not qemu itself
69CVE_CHECK_WHITELIST += "CVE-2017-5957" 69CVE_CHECK_WHITELIST += "CVE-2017-5957"
70 70
71# The VNC server can expose host files uder some circumstances. We don't
72# enable it by default.
73CVE_CHECK_WHITELIST += "CVE-2007-0998"
74
71COMPATIBLE_HOST_mipsarchn32 = "null" 75COMPATIBLE_HOST_mipsarchn32 = "null"
72COMPATIBLE_HOST_mipsarchn64 = "null" 76COMPATIBLE_HOST_mipsarchn64 = "null"
73 77