procps: whitelist CVE-2018-1121

This CVE is about race conditions in 'ps' which make it unsuitable for security audits. As these race conditions are unavoidable ps shouldn't be used for security auditing, so this isn't a valid CVE. (From OE-Core rev: b3fa0654abf9ac32f683ac174e453ea5e64b6cb8) (From OE-Core rev: 618a3203d53d33e6403386f1204bcaf327b68f37) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Conflicts: meta/recipes-extended/procps/procps_3.3.15.bb
author: Ross Burton <ross.burton@intel.com> 2019-11-06 17:37:55 +0200
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-11-07 19:47:27 +0000
commit: 26e1179507275a2440593bbf5ad2110175ab83a1 (patch)
tree: b3316f8da7fbfdd50c7783f5e6d6c6db7209d6af
parent: 5dea226778613329c79109c8dfa77c5211a83085 (diff)
download: poky-26e1179507275a2440593bbf5ad2110175ab83a1.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-extended/procps/procps_3.3.12.bb b/meta/recipes-extended/procps/procps_3.3.12.bb
index 6e15b0a5a0..d4ebaf9db0 100644
--- a/meta/recipes-extended/procps/procps_3.3.12.bb
+++ b/meta/recipes-extended/procps/procps_3.3.12.bb
@@ -64,3 +64,6 @@ python __anonymous() {
        d.setVarFlag('ALTERNATIVE_LINK_NAME', prog, '%s/%s' % (d.getVar('base_sbindir'), prog))
 }
+# 'ps' isn't suitable for use as a security tool so whitelist this CVE.
+# https://bugzilla.redhat.com/show_bug.cgi?id=1575473#c3
+CVE_CHECK_WHITELIST += "CVE-2018-1121"
author	Ross Burton <ross.burton@intel.com>	2019-11-06 17:37:55 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2019-11-07 19:47:27 +0000
commit	26e1179507275a2440593bbf5ad2110175ab83a1 (patch)
tree	b3316f8da7fbfdd50c7783f5e6d6c6db7209d6af
parent	5dea226778613329c79109c8dfa77c5211a83085 (diff)
download	poky-26e1179507275a2440593bbf5ad2110175ab83a1.tar.gz

diff --git a/meta/recipes-extended/procps/procps_3.3.12.bb b/meta/recipes-extended/procps/procps_3.3.12.bb index 6e15b0a5a0..d4ebaf9db0 100644 --- a/meta/recipes-extended/procps/procps_3.3.12.bb +++ b/meta/recipes-extended/procps/procps_3.3.12.bb
@@ -64,3 +64,6 @@ python __anonymous() {
64	d.setVarFlag('ALTERNATIVE_LINK_NAME', prog, '%s/%s' % (d.getVar('base_sbindir'), prog))	64	d.setVarFlag('ALTERNATIVE_LINK_NAME', prog, '%s/%s' % (d.getVar('base_sbindir'), prog))
65	}	65	}
66		66
		67	# 'ps' isn't suitable for use as a security tool so whitelist this CVE.
		68	# https://bugzilla.redhat.com/show_bug.cgi?id=1575473#c3
		69	CVE_CHECK_WHITELIST += "CVE-2018-1121"