diff options
-rw-r--r-- | meta/recipes-core/glibc/glibc_2.33.bb | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc_2.33.bb b/meta/recipes-core/glibc/glibc_2.33.bb index 5e0baa53e8..75a1f36d6b 100644 --- a/meta/recipes-core/glibc/glibc_2.33.bb +++ b/meta/recipes-core/glibc/glibc_2.33.bb | |||
@@ -3,6 +3,19 @@ require glibc-version.inc | |||
3 | 3 | ||
4 | CVE_CHECK_WHITELIST += "CVE-2020-10029" | 4 | CVE_CHECK_WHITELIST += "CVE-2020-10029" |
5 | 5 | ||
6 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010022 | ||
7 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010023 | ||
8 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010024 | ||
9 | # Upstream glibc maintainers dispute there is any issue and have no plans to address it further. | ||
10 | # "this is being treated as a non-security bug and no real threat." | ||
11 | CVE_CHECK_WHITELIST += "CVE-2019-1010022 CVE-2019-1010023 CVE-2019-1010024" | ||
12 | |||
13 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010025 | ||
14 | # Allows for ASLR bypass so can bypass some hardening, not an exploit in itself, may allow | ||
15 | # easier access for another. "ASLR bypass itself is not a vulnerability." | ||
16 | # Potential patch at https://sourceware.org/bugzilla/show_bug.cgi?id=22853 | ||
17 | CVE_CHECK_WHITELIST += "CVE-2019-1010025" | ||
18 | |||
6 | DEPENDS += "gperf-native bison-native make-native" | 19 | DEPENDS += "gperf-native bison-native make-native" |
7 | 20 | ||
8 | NATIVESDKFIXES ?= "" | 21 | NATIVESDKFIXES ?= "" |