summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/cronie
diff options
context:
space:
mode:
authorsaloni <saloni.jain@kpit.com>2021-02-05 21:07:12 +0530
committerRichard Purdie <richard.purdie@linuxfoundation.org>2021-02-18 16:48:28 +0000
commit416cd6f48b9f950163571aaf74808ada28604208 (patch)
tree874fe3f11294163405b8e0c8d51267f42b756172 /meta/recipes-extended/cronie
parentdf4d2a6a8c985c8da1329daa2e609e5438ba802a (diff)
downloadpoky-416cd6f48b9f950163571aaf74808ada28604208.tar.gz
libgcrypt: Whitelisted CVEs
Whitelisted below CVEs: 1. CVE-2018-12433 Link: https://security-tracker.debian.org/tracker/CVE-2018-12433 Link: https://nvd.nist.gov/vuln/detail/CVE-2018-12433 CVE-2018-12433 is marked disputed and ignored by NVD as it does not impact crypt libraries for any distros and hence, can be safely marked whitelisted. 2. CVE-2018-12438 Link: https://security-tracker.debian.org/tracker/CVE-2018-12438 Link: https://ubuntu.com/security/CVE-2018-12438 CVE-2018-12438 was reported for affecting openjdk crypt libraries but there are no details available on which openjdk versions are affected and does not directly affect libgcrypt or any specific yocto distributions, hence, can be whitelisted. (From OE-Core rev: 2ebd235bc86032e388fb7e565834f3200e09d081) Signed-off-by: Saloni Jain <Saloni.Jain@kpit.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2943efe3f56d394308f9364b439c25f6a7613288) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/cronie')
0 files changed, 0 insertions, 0 deletions