diff options
Diffstat (limited to 'meta/recipes-core/glibc')
-rw-r--r-- | meta/recipes-core/glibc/glibc_2.35.bb | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/meta/recipes-core/glibc/glibc_2.35.bb b/meta/recipes-core/glibc/glibc_2.35.bb index b785b61154..6ea5b1efb5 100644 --- a/meta/recipes-core/glibc/glibc_2.35.bb +++ b/meta/recipes-core/glibc/glibc_2.35.bb | |||
@@ -1,20 +1,20 @@ | |||
1 | require glibc.inc | 1 | require glibc.inc |
2 | require glibc-version.inc | 2 | require glibc-version.inc |
3 | 3 | ||
4 | CVE_CHECK_WHITELIST += "CVE-2020-10029 CVE-2021-27645" | 4 | CVE_CHECK_IGNORE += "CVE-2020-10029 CVE-2021-27645" |
5 | 5 | ||
6 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010022 | 6 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010022 |
7 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010023 | 7 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010023 |
8 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010024 | 8 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010024 |
9 | # Upstream glibc maintainers dispute there is any issue and have no plans to address it further. | 9 | # Upstream glibc maintainers dispute there is any issue and have no plans to address it further. |
10 | # "this is being treated as a non-security bug and no real threat." | 10 | # "this is being treated as a non-security bug and no real threat." |
11 | CVE_CHECK_WHITELIST += "CVE-2019-1010022 CVE-2019-1010023 CVE-2019-1010024" | 11 | CVE_CHECK_IGNORE += "CVE-2019-1010022 CVE-2019-1010023 CVE-2019-1010024" |
12 | 12 | ||
13 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010025 | 13 | # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010025 |
14 | # Allows for ASLR bypass so can bypass some hardening, not an exploit in itself, may allow | 14 | # Allows for ASLR bypass so can bypass some hardening, not an exploit in itself, may allow |
15 | # easier access for another. "ASLR bypass itself is not a vulnerability." | 15 | # easier access for another. "ASLR bypass itself is not a vulnerability." |
16 | # Potential patch at https://sourceware.org/bugzilla/show_bug.cgi?id=22853 | 16 | # Potential patch at https://sourceware.org/bugzilla/show_bug.cgi?id=22853 |
17 | CVE_CHECK_WHITELIST += "CVE-2019-1010025" | 17 | CVE_CHECK_IGNORE += "CVE-2019-1010025" |
18 | 18 | ||
19 | DEPENDS += "gperf-native bison-native make-native" | 19 | DEPENDS += "gperf-native bison-native make-native" |
20 | 20 | ||