summaryrefslogtreecommitdiffstats
path: root/meta/classes/cve-check.bbclass
diff options
context:
space:
mode:
authorRoss Burton <ross.burton@intel.com>2019-07-16 13:46:43 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2019-07-17 09:36:35 +0100
commit91f6c9f3ee51f3dd290993748cda9da5b53cb834 (patch)
treea95ed616f50dbdee8cfc4c6b94f3ca54b8a68121 /meta/classes/cve-check.bbclass
parent6726c663fd33dc412a6c6dbcfd36b0f9d5c6d010 (diff)
downloadpoky-91f6c9f3ee51f3dd290993748cda9da5b53cb834.tar.gz
cve-check: remove redundant readline CVE whitelisting
CVE-2014-2524 is a readline CVE that was fixed in 6.3patch3 onwards, but the tooling wasn't able to detect this version. As we now ship readline 8 we don't need to manually whitelist it, and if we did then the whitelisting should be in the readline recipe. (From OE-Core rev: 07bb8b25e172aa5c8ae96b6e8eb4ac901b835219) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/classes/cve-check.bbclass')
-rw-r--r--meta/classes/cve-check.bbclass13
1 files changed, 9 insertions, 4 deletions
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index ffd624333f..5979edf3d1 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -41,10 +41,15 @@ CVE_CHECK_PN_WHITELIST = "\
41 glibc-locale \ 41 glibc-locale \
42" 42"
43 43
44# Whitelist for CVE and version of package 44# Whitelist for CVE and version of package. If a CVE is found then the PV is
45CVE_CHECK_CVE_WHITELIST = "{\ 45# compared with the version list, and if found the CVE is considered
46 'CVE-2014-2524': ('6.3','5.2',), \ 46# patched.
47}" 47#
48# The value should be valid Python in this format:
49# {
50# 'CVE-2014-2524': ('6.3','5.2')
51# }
52CVE_CHECK_CVE_WHITELIST ?= "{}"
48 53
49python do_cve_check () { 54python do_cve_check () {
50 """ 55 """