1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.54.0.bb b/meta/recipes-extended/ghostscript/ghostscript_9.54.0.bb
index 9ace037aa9..81f8d615ae 100644
--- a/meta/recipes-extended/ghostscript/ghostscript_9.54.0.bb
+++ b/meta/recipes-extended/ghostscript/ghostscript_9.54.0.bb
@@ -19,6 +19,10 @@ DEPENDS_class-native = "libpng-native"
 UPSTREAM_CHECK_URI = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases"
 UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.tar"
+# As of ghostscript 9.54.0 the jpeg issue in the CVE is present in the gs jpeg sources
+# however we use an external jpeg which doesn't have the issue.
+CVE_CHECK_WHITELIST += "CVE-2013-6629"
 def gs_verdir(v):
    return "".join(v.split("."))

diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.54.0.bb b/meta/recipes-extended/ghostscript/ghostscript_9.54.0.bb index 9ace037aa9..81f8d615ae 100644 --- a/meta/recipes-extended/ghostscript/ghostscript_9.54.0.bb +++ b/meta/recipes-extended/ghostscript/ghostscript_9.54.0.bb
@@ -19,6 +19,10 @@ DEPENDS_class-native = "libpng-native"
19	UPSTREAM_CHECK_URI = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases"	19	UPSTREAM_CHECK_URI = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases"
20	UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.tar"	20	UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.tar"
21		21
		22	# As of ghostscript 9.54.0 the jpeg issue in the CVE is present in the gs jpeg sources
		23	# however we use an external jpeg which doesn't have the issue.
		24	CVE_CHECK_WHITELIST += "CVE-2013-6629"
		25
22	def gs_verdir(v):	26	def gs_verdir(v):
23	return "".join(v.split("."))	27	return "".join(v.split("."))
24		28