diff options
Diffstat (limited to 'meta/recipes-extended/tar/tar_1.32.bb')
-rw-r--r-- | meta/recipes-extended/tar/tar_1.32.bb | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/meta/recipes-extended/tar/tar_1.32.bb b/meta/recipes-extended/tar/tar_1.32.bb index ebe6cb0dbd..9297480e85 100644 --- a/meta/recipes-extended/tar/tar_1.32.bb +++ b/meta/recipes-extended/tar/tar_1.32.bb | |||
@@ -6,8 +6,13 @@ SECTION = "base" | |||
6 | LICENSE = "GPLv3" | 6 | LICENSE = "GPLv3" |
7 | LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" | 7 | LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" |
8 | 8 | ||
9 | PR = "r1" | ||
10 | |||
9 | SRC_URI = "${GNU_MIRROR}/tar/tar-${PV}.tar.bz2 \ | 11 | SRC_URI = "${GNU_MIRROR}/tar/tar-${PV}.tar.bz2 \ |
10 | file://musl_dirent.patch \ | 12 | file://musl_dirent.patch \ |
13 | file://CVE-2021-20193.patch \ | ||
14 | file://CVE-2022-48303.patch \ | ||
15 | file://CVE-2023-39804.patch \ | ||
11 | " | 16 | " |
12 | 17 | ||
13 | SRC_URI[md5sum] = "17917356fff5cb4bd3cd5a6c3e727b05" | 18 | SRC_URI[md5sum] = "17917356fff5cb4bd3cd5a6c3e727b05" |
@@ -64,3 +69,7 @@ PROVIDES_append_class-native = " tar-replacement-native" | |||
64 | NATIVE_PACKAGE_PATH_SUFFIX = "/${PN}" | 69 | NATIVE_PACKAGE_PATH_SUFFIX = "/${PN}" |
65 | 70 | ||
66 | BBCLASSEXTEND = "native nativesdk" | 71 | BBCLASSEXTEND = "native nativesdk" |
72 | |||
73 | # Avoid false positives from CVEs in node-tar package | ||
74 | # For example CVE-2021-{32803,32804,37701,37712,37713} | ||
75 | CVE_PRODUCT = "gnu:tar" | ||