libgcrypt: Whitelisted CVEs

Whitelisted below CVEs: 1. CVE-2018-12433 Link: https://security-tracker.debian.org/tracker/CVE-2018-12433 Link: https://nvd.nist.gov/vuln/detail/CVE-2018-12433 CVE-2018-12433 is marked disputed and ignored by NVD as it does not impact crypt libraries for any distros and hence, can be safely marked whitelisted. 2. CVE-2018-12438 Link: https://security-tracker.debian.org/tracker/CVE-2018-12438 Link: https://ubuntu.com/security/CVE-2018-12438 CVE-2018-12438 was reported for affecting openjdk crypt libraries but there are no details available on which openjdk versions are affected and does not directly affect libgcrypt or any specific yocto distributions, hence, can be whitelisted. (From OE-Core rev: 2943efe3f56d394308f9364b439c25f6a7613288) Signed-off-by: Saloni Jain <Saloni.Jain@kpit.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: saloni <saloni.jain@kpit.com> 2021-02-05 21:07:12 +0530
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2021-02-06 09:03:00 +0000
commit: 51b95cf1e7e613043795b564311971450b14fd8e (patch)
tree: a57112b3f045d4204c8287a7e83003e6da47adff /meta/recipes-support/libgcrypt
parent: b5356165861505e415ec424cef71a536053c870d (diff)
download: poky-51b95cf1e7e613043795b564311971450b14fd8e.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-support/libgcrypt/libgcrypt_1.8.7.bb b/meta/recipes-support/libgcrypt/libgcrypt_1.8.7.bb
index 0cad41dfa9..7db624a09b 100644
--- a/meta/recipes-support/libgcrypt/libgcrypt_1.8.7.bb
+++ b/meta/recipes-support/libgcrypt/libgcrypt_1.8.7.bb
@@ -28,6 +28,9 @@ SRC_URI = "${GNUPG_MIRROR}/libgcrypt/libgcrypt-${PV}.tar.bz2 \
 "
 SRC_URI[sha256sum] = "03b70f028299561b7034b8966d7dd77ef16ed139c43440925fe8782561974748"
+# Below whitelisted CVEs are disputed and not affecting crypto libraries for any distro.
+CVE_CHECK_WHITELIST += "CVE-2018-12433 CVE-2018-12438"
 BINCONFIG = "${bindir}/libgcrypt-config"
 inherit autotools texinfo binconfig-disabled pkgconfig
author	saloni <saloni.jain@kpit.com>	2021-02-05 21:07:12 +0530
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-02-06 09:03:00 +0000
commit	51b95cf1e7e613043795b564311971450b14fd8e (patch)
tree	a57112b3f045d4204c8287a7e83003e6da47adff /meta/recipes-support/libgcrypt
parent	b5356165861505e415ec424cef71a536053c870d (diff)
download	poky-51b95cf1e7e613043795b564311971450b14fd8e.tar.gz

diff --git a/meta/recipes-support/libgcrypt/libgcrypt_1.8.7.bb b/meta/recipes-support/libgcrypt/libgcrypt_1.8.7.bb index 0cad41dfa9..7db624a09b 100644 --- a/meta/recipes-support/libgcrypt/libgcrypt_1.8.7.bb +++ b/meta/recipes-support/libgcrypt/libgcrypt_1.8.7.bb
@@ -28,6 +28,9 @@ SRC_URI = "${GNUPG_MIRROR}/libgcrypt/libgcrypt-${PV}.tar.bz2 \
28	"	28	"
29	SRC_URI[sha256sum] = "03b70f028299561b7034b8966d7dd77ef16ed139c43440925fe8782561974748"	29	SRC_URI[sha256sum] = "03b70f028299561b7034b8966d7dd77ef16ed139c43440925fe8782561974748"
30		30
		31	# Below whitelisted CVEs are disputed and not affecting crypto libraries for any distro.
		32	CVE_CHECK_WHITELIST += "CVE-2018-12433 CVE-2018-12438"
		33
31	BINCONFIG = "${bindir}/libgcrypt-config"	34	BINCONFIG = "${bindir}/libgcrypt-config"
32		35
33	inherit autotools texinfo binconfig-disabled pkgconfig	36	inherit autotools texinfo binconfig-disabled pkgconfig