openssl: Whitelist CVE-2019-0190

This is only a problem with older Apache versions. (From OE-Core rev: 492d43296b15514ec72dfb15f37c6d2ab1fbbae3) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Adrian Bunk <bunk@stusta.de> 2019-12-05 23:42:27 +0200
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-12-09 12:00:43 +0000
commit: 2006a4723269e69004959bc00b22519b9b08617b (patch)
tree: e046a49c7ede952235f1e42345fd57a88522a227 /meta/recipes-connectivity
parent: fa60a9a52675ee7e532af1406695ea8cb6c9aec1 (diff)
download: poky-2006a4723269e69004959bc00b22519b9b08617b.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb
index 8819e19ec4..f653e05acc 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb
@@ -202,3 +202,7 @@ RDEPENDS_${PN}-ptest += "openssl-bin perl perl-modules bash"
 BBCLASSEXTEND = "native nativesdk"
 CVE_PRODUCT = "openssl:openssl"
+# Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37
+# Apache in meta-webserver is already recent enough
+CVE_CHECK_WHITELIST += "CVE-2019-0190"
author	Adrian Bunk <bunk@stusta.de>	2019-12-05 23:42:27 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2019-12-09 12:00:43 +0000
commit	2006a4723269e69004959bc00b22519b9b08617b (patch)
tree	e046a49c7ede952235f1e42345fd57a88522a227 /meta/recipes-connectivity
parent	fa60a9a52675ee7e532af1406695ea8cb6c9aec1 (diff)
download	poky-2006a4723269e69004959bc00b22519b9b08617b.tar.gz

diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb index 8819e19ec4..f653e05acc 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb
@@ -202,3 +202,7 @@ RDEPENDS_${PN}-ptest += "openssl-bin perl perl-modules bash"
202	BBCLASSEXTEND = "native nativesdk"	202	BBCLASSEXTEND = "native nativesdk"
203		203
204	CVE_PRODUCT = "openssl:openssl"	204	CVE_PRODUCT = "openssl:openssl"
		205
		206	# Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37
		207	# Apache in meta-webserver is already recent enough
		208	CVE_CHECK_WHITELIST += "CVE-2019-0190"