diff options
author | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-05-11 13:44:09 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-05-12 23:06:05 +0100 |
commit | 409df4552271f5bebef2463315f01530519d61b0 (patch) | |
tree | 859987cc5143f5047be38b06494dabac58df9f1e /meta/recipes-extended/ghostscript | |
parent | 4b7fae138cb03bb8b1127c9a08639bd394517232 (diff) | |
download | poky-409df4552271f5bebef2463315f01530519d61b0.tar.gz |
ghostscript: Exclude CVE-2013-6629 from cve-check
The CVE is in the jpeg sources included with ghostscript. We use our own
external jpeg library so this doesn't affect us.
(From OE-Core rev: 8556d6a6722f21af5e6f97589bec3cbd31da206c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/ghostscript')
-rw-r--r-- | meta/recipes-extended/ghostscript/ghostscript_9.54.0.bb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.54.0.bb b/meta/recipes-extended/ghostscript/ghostscript_9.54.0.bb index 9ace037aa9..81f8d615ae 100644 --- a/meta/recipes-extended/ghostscript/ghostscript_9.54.0.bb +++ b/meta/recipes-extended/ghostscript/ghostscript_9.54.0.bb | |||
@@ -19,6 +19,10 @@ DEPENDS_class-native = "libpng-native" | |||
19 | UPSTREAM_CHECK_URI = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases" | 19 | UPSTREAM_CHECK_URI = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases" |
20 | UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.tar" | 20 | UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.tar" |
21 | 21 | ||
22 | # As of ghostscript 9.54.0 the jpeg issue in the CVE is present in the gs jpeg sources | ||
23 | # however we use an external jpeg which doesn't have the issue. | ||
24 | CVE_CHECK_WHITELIST += "CVE-2013-6629" | ||
25 | |||
22 | def gs_verdir(v): | 26 | def gs_verdir(v): |
23 | return "".join(v.split(".")) | 27 | return "".join(v.split(".")) |
24 | 28 | ||