summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended
diff options
context:
space:
mode:
authorRoss Burton <ross.burton@intel.com>2019-11-04 14:26:53 +0000
committerRichard Purdie <richard.purdie@linuxfoundation.org>2019-11-05 10:37:11 +0000
commit50423a7896ae223ec97e60a3c958c45c20a12a36 (patch)
treedc2ee24f34ea049f1d0bdf3e06ed6c00dd192c7f /meta/recipes-extended
parenta18b7d6add9232a5d620aa01265c4321043395a8 (diff)
downloadpoky-50423a7896ae223ec97e60a3c958c45c20a12a36.tar.gz
procps: whitelist CVE-2018-1121
This CVE is about race conditions in 'ps' which make it unsuitable for security audits. As these race conditions are unavoidable ps shouldn't be used for security auditing, so this isn't a valid CVE. (From OE-Core rev: b3fa0654abf9ac32f683ac174e453ea5e64b6cb8) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended')
-rw-r--r--meta/recipes-extended/procps/procps_3.3.15.bb9
1 files changed, 6 insertions, 3 deletions
diff --git a/meta/recipes-extended/procps/procps_3.3.15.bb b/meta/recipes-extended/procps/procps_3.3.15.bb
index 9756db0e7b..f240e54fd8 100644
--- a/meta/recipes-extended/procps/procps_3.3.15.bb
+++ b/meta/recipes-extended/procps/procps_3.3.15.bb
@@ -4,9 +4,9 @@ the /proc filesystem. The package includes the programs ps, top, vmstat, w, kill
4HOMEPAGE = "https://gitlab.com/procps-ng/procps" 4HOMEPAGE = "https://gitlab.com/procps-ng/procps"
5SECTION = "base" 5SECTION = "base"
6LICENSE = "GPLv2+ & LGPLv2+" 6LICENSE = "GPLv2+ & LGPLv2+"
7LIC_FILES_CHKSUM="file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ 7LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
8 file://COPYING.LIB;md5=4cf66a4984120007c9881cc871cf49db \ 8 file://COPYING.LIB;md5=4cf66a4984120007c9881cc871cf49db \
9 " 9 "
10 10
11DEPENDS = "ncurses" 11DEPENDS = "ncurses"
12 12
@@ -64,3 +64,6 @@ python __anonymous() {
64 d.setVarFlag('ALTERNATIVE_LINK_NAME', prog, '%s/%s' % (d.getVar('base_sbindir'), prog)) 64 d.setVarFlag('ALTERNATIVE_LINK_NAME', prog, '%s/%s' % (d.getVar('base_sbindir'), prog))
65} 65}
66 66
67# 'ps' isn't suitable for use as a security tool so whitelist this CVE.
68# https://bugzilla.redhat.com/show_bug.cgi?id=1575473#c3
69CVE_CHECK_WHITELIST += "CVE-2018-1121"