diff options
author | Ross Burton <ross.burton@intel.com> | 2019-11-06 17:37:28 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-11-07 19:47:26 +0000 |
commit | ee44763ef5922e6d5a4097327ced1b76d090b2a5 (patch) | |
tree | 4067ac02badbd6e8931290346e74d15083c37691 | |
parent | 74b562e1cedc484cf417b98d67a5ee37a340dc3b (diff) | |
download | poky-ee44763ef5922e6d5a4097327ced1b76d090b2a5.tar.gz |
cve-check: remove redundant readline CVE whitelisting
CVE-2014-2524 is a readline CVE that was fixed in 6.3patch3 onwards, but the
tooling wasn't able to detect this version. As we now ship readline 8 we don't
need to manually whitelist it, and if we did then the whitelisting should be in
the readline recipe.
(From OE-Core rev: 07bb8b25e172aa5c8ae96b6e8eb4ac901b835219)
(From OE-Core rev: c7f23d4e53d039838536f71996ad896c977cf138)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/classes/cve-check.bbclass | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index ffd624333f..5979edf3d1 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass | |||
@@ -41,10 +41,15 @@ CVE_CHECK_PN_WHITELIST = "\ | |||
41 | glibc-locale \ | 41 | glibc-locale \ |
42 | " | 42 | " |
43 | 43 | ||
44 | # Whitelist for CVE and version of package | 44 | # Whitelist for CVE and version of package. If a CVE is found then the PV is |
45 | CVE_CHECK_CVE_WHITELIST = "{\ | 45 | # compared with the version list, and if found the CVE is considered |
46 | 'CVE-2014-2524': ('6.3','5.2',), \ | 46 | # patched. |
47 | }" | 47 | # |
48 | # The value should be valid Python in this format: | ||
49 | # { | ||
50 | # 'CVE-2014-2524': ('6.3','5.2') | ||
51 | # } | ||
52 | CVE_CHECK_CVE_WHITELIST ?= "{}" | ||
48 | 53 | ||
49 | python do_cve_check () { | 54 | python do_cve_check () { |
50 | """ | 55 | """ |